exec("INSERT INTO `$dbname`.`csrf_token` (`token`,`timestamp`,`sessionid`) VALUES ('$csrf_token','".time()."','".session_id()."')") === false) { $err_msg = print_r($mysqlcon->errorInfo(), true); $err_lvl = 3; } if (($db_csrf = $mysqlcon->query("SELECT * FROM `$dbname`.`csrf_token` WHERE `sessionid`='".session_id()."'")->fetchALL(PDO::FETCH_UNIQUE|PDO::FETCH_ASSOC)) === false) { $err_msg = print_r($mysqlcon->errorInfo(), true); $err_lvl = 3; } if (isset($_POST['update']) && isset($db_csrf[$_POST['csrf_token']])) { $cfg['rankup_message_to_user'] = addslashes($_POST['rankup_message_to_user']); $cfg['rankup_next_message_1'] = addslashes($_POST['rankup_next_message_1']); $cfg['rankup_next_message_2'] = addslashes($_POST['rankup_next_message_2']); $cfg['rankup_next_message_3'] = addslashes($_POST['rankup_next_message_3']); $cfg['rankup_next_message_mode'] = $_POST['rankup_next_message_mode']; if (isset($_POST['rankup_message_to_user_switch'])) $cfg['rankup_message_to_user_switch'] = 1; else $cfg['rankup_message_to_user_switch'] = 0; if ($mysqlcon->exec("INSERT INTO `$dbname`.`cfg_params` (`param`,`value`) VALUES ('rankup_message_to_user_switch','{$cfg['rankup_message_to_user_switch']}'),('rankup_message_to_user','{$cfg['rankup_message_to_user']}'),('rankup_next_message_mode','{$cfg['rankup_next_message_mode']}'),('rankup_next_message_1','{$cfg['rankup_next_message_1']}'),('rankup_next_message_2','{$cfg['rankup_next_message_2']}'),('rankup_next_message_3','{$cfg['rankup_next_message_3']}') ON DUPLICATE KEY UPDATE `value`=VALUES(`value`); DELETE FROM `$dbname`.`csrf_token` WHERE `token`='{$_POST['csrf_token']}'") === false) { $err_msg = print_r($mysqlcon->errorInfo(), true); $err_lvl = 3; } else { $err_msg = $lang['wisvsuc']." ".sprintf($lang['wisvres'], ' '); $err_lvl = NULL; } $cfg['rankup_message_to_user'] = $_POST['rankup_message_to_user']; $cfg['rankup_next_message_1'] = $_POST['rankup_next_message_1']; $cfg['rankup_next_message_2'] = $_POST['rankup_next_message_2']; $cfg['rankup_next_message_3'] = $_POST['rankup_next_message_3']; } elseif(isset($_POST['update'])) { echo '

',$lang['errcsrf'],'

'; rem_session_ts3(); exit; } ?>

'; } else { echo ''; } ?>