$font Level:
$font Color:
 
"; } function aform($level,$color){ global $font; echo "
 
$font Level:
$font Color:
 
"; } include 'config.php'; include 'functions.php'; require_once 'db.php'; // make sure user has removed index.php from the admin dir. if (file_exists("admin/index.php")) { print "
$font ".SECURITY."
"; } else { header("Cache-control: private"); head(); $login = $_COOKIE['PHPCookie']; $userdetail = explode("&", $login); $username = $userdetail[0]; $passdetail = explode("=", $login); $password = $passdetail[1]; if (!$username && !$password) { echo "$font ".LOGIN_TITLE." "; loginf(); } else { // start of getting user data $d = new dbC(); $d->connect($db_host, $db_username, $db_password, $db); $sql_result = $d->query("select * from $db_prefix"."users where username='$username' and password='$password'"); if($sql_result) { while ($r = $d->fetch_array($sql_result)) { $userid = $r["id"]; $name = $r["name"]; $email = $r["email"]; $groupid = $r["group_id"]; $adminis = $r["admin"]; $level = $r["level"]; } } // end of getting user information // start of header data // static html $username=strtolower($username); $admin=strtolower($admin); if($username != "$admin" && !empty($admin)){ echo "$font


".ERRORADMIN."

"; } else { echo "
 
  "; echo "
$font $font "; echo "$font ".C_USER." - ".MOD_USER." | ".MAN_GROUP." | ".OPTIONS." | ".REPORTS.""; echo "
$font $name ($username) UID: $userid | ".LOGOUT." | ".EDIT_A." | "; if($allowmsg == "1"){ echo "".MESS_C.""; $d->connect($db_host, $db_username, $db_password, $db); $getpm1=$d->query("select * from $db_prefix"."privatemessage where to_userid='$userid'"); $getnum1=$d->numrows($getpm1); if($getnum1 == "0" || $getnum1 == ""){ echo " (0)"; } else { echo " ($getnum1)"; } } echo "
"; echo "
 
 
"; echo "$font $back

"; if($_GET['c'] == "severity" && empty($_GET['action']) && empty($_POST['c'])){ echo "$font Current Severity Configuration.

"; echo "$font Add New Level


"; $getCurrent=$d->query("select level,color,id from $db_prefix"."severity order by id"); while($List=$d->fetch_array($getCurrent)){ echo "$font ID: (".$List['id'].") | Delete | Modify
Level: ".$List['level']."
Color: ".$List['color']."

"; } } if($_GET['c'] == "severity" && $_GET['action'] == "add"){ echo "$font Add new level.


"; aform($slevel,$scolor); } if($_GET['c'] == "severity" && $_GET['action'] == "modify"){ $id=$_GET['id']; if(empty($_GET['id'])){ echo "$font
Sorry, Severity ID is required.

Return Back
"; } else { echo "
Modify Level ID: ($id)


"; $getData=$d->query("select * from $db_prefix"."severity where id='$id'"); $InFo=$d->fetch_array($getData); $slevels=$InFo['level']; $scolors=$InFo['color']; mform($slevels,$scolors,$id); } } if($_GET['c'] == "severity" && $_GET['action'] == "delete"){ $id=$_GET['id']; if(empty($_GET['id'])){ echo "$font
Sorry, Severity ID is required.

Return Back
"; } else { $check=$d->query("select id from $db_prefix"."severity"); $rows=$d->numrows($check); if($rows == "1"){ echo "

$font Sorry, If you remove this severity level, you will have no levels. Please add another than delete this one.

Return Back
"; } else { $delete=$d->query("delete from $db_prefix"."severity where id='$id'"); echo "
Level ID: $id has been deleted.

Return Back
"; } } } if($_POST['c'] == "severity" && $_POST['action'] == "modifynow"){ $slevel=$_POST['slevel']; $scolor=$_POST['scolor']; if(empty($_POST['id'])){ echo "$font
Sorry, Severity ID is required.

Return Back
"; } else { if(empty($_POST['scolor'])){ echo "
$font Color is required.

"; aform($slevel,$scolor); } elseif(empty($_POST['slevel'])){ echo "
$font Level is required.

"; aform($slevel,$scolor); } elseif(eregi("href|img|src|script|drop|insert|create|java", $_POST['slevel'])) { echo "
$font Invalid level.

"; aform($slevel,$scolor); } elseif(eregi("href|img|src|script|drop|insert|create|java", $_POST['scolor'])) { echo "
$font Invalid color.

"; aform($slevel,$scolor); } else { $id=$_POST['id']; $scolor=safeHTML($scolor); $slevel=safeHTML($slevel); $insert=$d->query("update $db_prefix"."severity set color='$scolor',level='$slevel' where id='$id'"); echo "
$fontLevel: $slevel has been modified. Return Back

"; } } } if($_POST['c'] == "severity" && $_POST['action'] == "addnow"){ $slevel=$_POST['slevel']; $scolor=$_POST['scolor']; $scolor=safeHTML($scolor); $slevel=safeHTML($slevel); if(empty($_POST['scolor'])){ echo "
$font Color is required.

"; aform($slevel,$scolor); } elseif(empty($_POST['slevel'])){ echo "
$font Level is required.

"; aform($slevel,$scolor); } elseif(eregi("href|img|src|script|drop|insert|create|java", $_POST['slevel'])) { echo "
$font Invalid level.

"; aform($slevel,$scolor); } elseif(eregi("href|img|src|script|drop|insert|create|java", $_POST['scolor'])) { echo "
$font Invalid color.

"; aform($slevel,$scolor); } else { $insert=$d->query("insert into $db_prefix"."severity values(NULL,'$scolor','$slevel')"); echo "
$fontLevel: $slevel has been created. Return Back

"; } } } } // end of logged in user check } // end of admin file check foot(); ?>