exec("INSERT INTO `$dbname`.`csrf_token` (`token`,`timestamp`,`sessionid`) VALUES ('$csrf_token','".time()."','".session_id()."')") === false) { $err_msg = print_r($mysqlcon->errorInfo(), true); $err_lvl = 3; } if (($db_csrf = $mysqlcon->query("SELECT * FROM `$dbname`.`csrf_token` WHERE `sessionid`='".session_id()."'")->fetchALL(PDO::FETCH_UNIQUE|PDO::FETCH_ASSOC)) === false) { $err_msg = print_r($mysqlcon->errorInfo(), true); $err_lvl = 3; } if(($groupslist = $mysqlcon->query("SELECT * FROM `$dbname`.`groups` ORDER BY `sortid`,`sgidname` ASC")->fetchAll(PDO::FETCH_UNIQUE|PDO::FETCH_ASSOC)) === false) { $err_msg = print_r($mysqlcon->errorInfo(), true); $err_lvl = 3; } if(($user_arr = $mysqlcon->query("SELECT `uuid`,`cldbid`,`name` FROM `$dbname`.`user` ORDER BY `name` ASC")->fetchAll(PDO::FETCH_ASSOC)) === false) { $err_msg = "DB Error1: ".print_r($mysqlcon->errorInfo(), true); $err_lvl = 3; } if (isset($_POST['update']) && isset($db_csrf[$_POST['csrf_token']])) { $err_msg = $cfg['rankup_excepted_group_id_list'] = $cfg['rankup_excepted_unique_client_id_list'] = ''; $errcnf = 0; $cfg['rankup_excepted_mode'] = $_POST['rankup_excepted_mode']; if (isset($_POST['rankup_excepted_unique_client_id_list']) && $_POST['rankup_excepted_unique_client_id_list'] != NULL) { $cfg['rankup_excepted_unique_client_id_list'] = implode(',',$_POST['rankup_excepted_unique_client_id_list']); } if (isset($_POST['rankup_excepted_group_id_list']) && $_POST['rankup_excepted_group_id_list'] != NULL) { $cfg['rankup_excepted_group_id_list'] = implode(',',$_POST['rankup_excepted_group_id_list']); } $cfg['rankup_excepted_channel_id_list'] = $_POST['rankup_excepted_channel_id_list']; if($errcnf == 0) { if ($mysqlcon->exec("INSERT INTO `$dbname`.`cfg_params` (`param`,`value`) VALUES ('rankup_excepted_mode','{$cfg['rankup_excepted_mode']}'),('rankup_excepted_unique_client_id_list','{$cfg['rankup_excepted_unique_client_id_list']}'),('rankup_excepted_group_id_list','{$cfg['rankup_excepted_group_id_list']}'),('rankup_excepted_channel_id_list','{$cfg['rankup_excepted_channel_id_list']}') ON DUPLICATE KEY UPDATE `value`=VALUES(`value`); DELETE FROM `$dbname`.`csrf_token` WHERE `token`='{$_POST['csrf_token']}'") === false) { $err_msg = print_r($mysqlcon->errorInfo(), true); $err_lvl = 3; } else { $err_msg = $lang['wisvsuc']." ".sprintf($lang['wisvres'], ' '); $err_lvl = NULL; } } else { $err_msg .= "
".$lang['errgrpid']; } if (isset($_POST['rankup_excepted_unique_client_id_list']) && $_POST['rankup_excepted_unique_client_id_list'] != NULL) { $cfg['rankup_excepted_unique_client_id_list'] = array_flip($_POST['rankup_excepted_unique_client_id_list']); } if (isset($_POST['rankup_excepted_group_id_list']) && $_POST['rankup_excepted_group_id_list'] != NULL) { $cfg['rankup_excepted_group_id_list'] = array_flip($_POST['rankup_excepted_group_id_list']); } $cfg['rankup_excepted_channel_id_list'] = array_flip(explode(',', $cfg['rankup_excepted_channel_id_list'])); } elseif(isset($_POST['update'])) { echo '

',$lang['errcsrf'],'

'; rem_session_ts3(); exit; } ?>