exec("INSERT INTO `$dbname`.`csrf_token` (`token`,`timestamp`,`sessionid`) VALUES ('$csrf_token','".time()."','".session_id()."')") === false) { $err_msg = print_r($mysqlcon->errorInfo(), true); $err_lvl = 3; } if (($db_csrf = $mysqlcon->query("SELECT * FROM `$dbname`.`csrf_token` WHERE `sessionid`='".session_id()."'")->fetchALL(PDO::FETCH_UNIQUE|PDO::FETCH_ASSOC)) === false) { $err_msg = print_r($mysqlcon->errorInfo(), true); $err_lvl = 3; } if (isset($_POST['update']) && isset($db_csrf[$_POST['csrf_token']])) { $rankupmsg = addslashes($_POST['rankupmsg']); $servernews = addslashes($_POST['servernews']); $nextupinfomsg1 = addslashes($_POST['nextupinfomsg1']); $nextupinfomsg2 = addslashes($_POST['nextupinfomsg2']); $nextupinfomsg3 = addslashes($_POST['nextupinfomsg3']); $nextupinfo = $_POST['nextupinfo']; if (isset($_POST['msgtouser'])) $msgtouser = 1; else $msgtouser = 0; if ($mysqlcon->exec("UPDATE `$dbname`.`config` SET `msgtouser`='$msgtouser',`rankupmsg`='$rankupmsg',`servernews`='$servernews',`nextupinfo`='$nextupinfo',`nextupinfomsg1`='$nextupinfomsg1',`nextupinfomsg2`='$nextupinfomsg2',`nextupinfomsg3`='$nextupinfomsg3'") === false) { $err_msg = print_r($mysqlcon->errorInfo(), true); $err_lvl = 3; } else { $err_msg = $lang['wisvsuc']." ".sprintf($lang['wisvres'], ' '); $err_lvl = NULL; } $rankupmsg = $_POST['rankupmsg']; $servernews = $_POST['servernews']; $nextupinfomsg1 = $_POST['nextupinfomsg1']; $nextupinfomsg2 = $_POST['nextupinfomsg2']; $nextupinfomsg3 = $_POST['nextupinfomsg3']; } elseif(isset($_POST['update'])) { echo '

',$lang['errcsrf'],'

'; rem_session_ts3($rspathhex); exit; } ?>

'; } else { echo ''; } ?>