<?php


/************************************************************************/


/* PHP-NUKE: Web Portal System                                          */


/* ===========================                                          */


/*                                                                      */


/* Copyright (c) 2002 by Francisco Burzi                                */


/* http://phpnuke.org                                                   */


/*                                                                      */


/* This program is free software. You can redistribute it and/or modify */


/* it under the terms of the GNU General Public License as published by */


/* the Free Software Foundation; either version 2 of the License.       */


/************************************************************************/


/* Heavily Modified by Gaylen Fraley (aka Raven)                        */


/* Support and Only Authorized Download Site: http://ravenphpscripts.com*/


/* Version: 2.1.0                                                       */


/* Change History: See File CHANGES                                     */


/* (C) 2002-2005 RavenWebServices                                       */


/* All rights beyond the GPL are reserved                               */


/*                                                                      */


/* Please give a link back to my site somewhere in your own             */


/************************************************************************/


/* 2.1.0:                                                               */


/*  Because of all the changes since v2.0, I bumped the version to 2.1.0*/


/*  Modified code to always show the IP of who's visiting.              */


/*  Added title property for the admin to show IP when mouseing over the*/


/*    index number of the people online now.                            */


/*  Modified the member online number to not include hidden when logged */


/*    in as admin.  Hidden should be a separate total.                  */


/*  Fixed the bug that was dropping the first guest IP from the list.   */


/************************************************************************/





/*********************************************************************************************************/


/* Setup - Use these settings to control how some of the user info block displays to users/admins.       */


/*********************************************************************************************************/


$showGuests              = TRUE; //Allow/notAllow displaying of guest ip's partial or otherwise.


$showGuestsAdmin         = TRUE; //Allow/notAllow displaying of guest ip's partial or otherwise to Admins.


$showServerDateTime      = TRUE; //Allow/notAllow displaying of Server Date/Time.


$showServerDateTimeAdmin = TRUE; //Allow/notAllow displaying of Server Date/Time to Admins.


$whoisServerString       = "dnsstuff.com/tools/whois.ch?ip=";


$nameMaxLength           = 13; //Max length for username display.  Will truncate with ....


$patchLevelGE29          = TRUE; //Are you using Chatserv's patch level Greater Than or Equal To 2.9?


/*********************************************************************************************************/


/* You should not need to modify anything below this line                                                */


/*********************************************************************************************************/





if ( ($patchLevelGE29 AND !defined('BLOCK_FILE')) OR (!$patchLevelGE29 AND eregi("$blockfile",$_SERVER['PHP_SELF'])) ) {


   $redirectURL = '/'.str_replace('http://','',$nukeurl);


    Header("Location: $redirectURL");


    die();


}





function convertIP ($xip) {


   global $admin;


   if (is_admin($admin)) return $xip;


   $xipx = explode('.',$xip);


   for ($i=2;$i<count($xipx);$i++) {


      $xipx[$i] = preg_replace ('/(0|1|2|3|4|5|6|7|8|9)/', "x", $xipx[$i]);


   }


   return implode('.',$xipx);


}





$content = "";





global $db, $nukeurl, $startdate, $user, $cookie, $user_prefix, $anonymous, $mode, $t, $f, $redirect, $random_num, $admin, $gfx_chk;


mt_srand ((double)microtime()*1000000);


$maxran = 1000000;


$random_num = mt_rand(0, $maxran);


$datekey = date("F j");


$rcode = hexdec(md5($_SERVER['HTTP_USER_AGENT'] . $sitekey . $random_num . $datekey));


$code = substr($rcode, 2, 10);


cookiedecode($user);


$uname = $cookie[1];





// Get the last user added to the database and the total users, minus anonymous


$sql = "SELECT username,user_id FROM $user_prefix"._users." ORDER BY user_id DESC LIMIT 0,1";


$result = $db->sql_query($sql);


$row = $db->sql_fetchrow($result);


$lastusername = $row['username'];


$lastuser = $row['user_id'];


$numrows = $db->sql_fetchrow($db->sql_query("SELECT count(user_id) user_id FROM $user_prefix"._users.""));


$numrows = $numrows['user_id'];


$numrows1 = $numrows-1;





$sql = "SELECT SQL_NO_CACHE s.host_addr, u.user_id, u.username, u.user_allow_viewonline FROM $user_prefix"._session." s,".$user_prefix."_users u WHERE s.guest=0 AND u.username=s.uname ORDER BY u.username";


$result = $db->sql_query($sql);


$member_online_num = $db->sql_numrows($result);


$who_online_now = "";


$i = 1;


$hiddenTotal = 0;


while ($member_result = $db->sql_fetchrow($result)) {


    if ($i < 10) $zi = "0$i";


    else $zi = $i;


    if (is_admin($admin)) {


      $zi = "<a href=\"http://$whoisServerString".$member_result['host_addr']."\" title=\"".$member_result['host_addr']."\" target=\"_blank\">".$zi."</a>";


   }


   $sessionNameModified = strlen($member_result['username'])<$nameMaxLength?$member_result['username']:substr($member_result['username'],0,10)."...";


    if (!$member_result['user_allow_viewonline']&&!is_admin($admin)) {


      $hiddenTotal++;


   }


    elseif (!$member_result['user_allow_viewonline']&&is_admin($admin)) {


      $hiddenTotal++;


      $who_online_now .= "$zi:&nbsp;<a href=\"modules.php?name=Your_Account&amp;op=userinfo&amp;username=".$member_result['username']."\"><img src=\"images/blocks/icon_mini_profile.gif\" border=\"0\" alt=\""._ALT_CHKPROFILE.$member_result['username']."\" title=\""._ALT_CHKPROFILE.$member_result['username']."\"></a>&nbsp;<a href=\"modules.php?name=Private_Messages&amp;mode=post&amp;u=".$member_result['user_id']."\"><img src=\"images/blocks/nopm.gif\" border=\"0\" alt=\""._ALT_SEND.$member_result['username']."\" title=\""._ALT_SEND.$member_result['username']."\"></a>&nbsp;<a title=\""._ALT_CHKPROFILE.$member_result['username']."\" href=\"forums.html?amp;file=profile&amp;mode=viewprofile&amp;u=".$member_result['user_id']."\">".$sessionNameModified."</a>"._HIDDEN_ABBREV."<br />\n";


       $who_online_now .= ($i != $member_online_num ? "  " : "");


       $i++;


   }


    else {


      $who_online_now .= "$zi:&nbsp;<a href=\"modules.php?name=Your_Account&amp;op=userinfo&amp;username=".$member_result['username']."\"><img src=\"images/blocks/icon_mini_profile.gif\" border=\"0\" alt=\""._ALT_CHKPROFILE.$member_result['username']."\" title=\""._ALT_CHKPROFILE.$member_result['username']."\"></a>&nbsp;<a href=\"modules.php?name=Private_Messages&amp;mode=post&amp;u=".$member_result['user_id']."\"><img src=\"images/blocks/nopm.gif\" border=\"0\" alt=\""._ALT_SEND.$member_result['username']."\" title=\""._ALT_SEND.$member_result['username']."\"></a>&nbsp;<a title=\""._ALT_CHKPROFILE.$member_result['username']."\" href=\"forums.html?amp;file=profile&amp;mode=viewprofile&amp;u=".$member_result['user_id']."\">".$sessionNameModified."</a><br />\n";


       $who_online_now .= ($i != $member_online_num ? "  " : "");


       $i++;


   }


}


$member_online_num = $member_online_num - $hiddenTotal;


$sql = "SELECT SQL_NO_CACHE uname, guest FROM $user_prefix"._session." WHERE guest=1";


$result = $db->sql_query($sql);


$guest_online_num = $db->sql_numrows($result);


$gwho_online_now = "";


$gArray = Array();


while ($session = $db->sql_fetchrow($result)) {


//    if (isset($session['guest']) and $session['guest'] == 1) {


      $gArray[] = convertIP($session['uname']);


//   }


}


sort($gArray,SORT_NUMERIC);





for ($j=0;$j<count($gArray);$j++) {


   if ($i < 10) $zi = "0$i";


   else $zi = $i;


   if ($j==0) $gwho_online_now .= "<option selected>"._GUESTIPS_OPTION."</option>\n";


   $gwho_online_now .= "<option value=\"http://$whoisServerString".$gArray[$j]."\">$zi: ".$gArray[$j]."</option>\n";


   $i++;


}





//Executing SQL For Today and Yesterday


$userCount  = 0;


$userCount2 = 0;


$Today = date('M d, Y',time());


$Yesterday = date('M d, Y',time()-86400);


$sql = "SELECT user_regdate, COUNT(user_regdate) FROM ".$user_prefix."_users where user_regdate IN('$Today', '$Yesterday') GROUP BY user_regdate LIMIT 0,2";


$result = $db->sql_query($sql);


while ($row = $db->sql_fetchrow($result)) {


   if ($row[0]==$Today) $userCount = $row[1];


   else $userCount2 = $row[1];


}





$who_online_num = $guest_online_num + $member_online_num;


if (is_admin($admin)) $who_online_num = $who_online_num + $hiddenTotal;





$sql = "SELECT username FROM ".$user_prefix."_users_temp";


$result = $db->sql_query($sql);


$waiting = $db->sql_numrows($result);





$content .= "<form action=\"account.html\" method=\"post\">";


if (getenv('HTTP_X_FORWARDED_FOR')) {


   $onlyip=getenv('HTTP_X_FORWARDED_FOR');


}


else $onlyip=getenv('REMOTE_ADDR');


if (is_user($user)) {


   $sqlp = "SELECT user_avatar, user_avatar_type, user_id AS uid, user_posts AS posts FROM ".$user_prefix."_users WHERE username = '$uname'";


   $result = $db->sql_query($sqlp);


   $row = $db->sql_fetchrow($result);


   $posts = $row['posts'];


   $uid = $row['uid'];


   $user_avatar = $row['user_avatar'];


   $user_avatar_type = $row['user_avatar_type']; //Add by Qdog to support different avatar paths


   $content .= '<center><b>'._YOURIP.$onlyip.'</b></center>';


   if ($result) {


////////////////Add by Qdog to support different avatar paths/////////


////////////////SQL & code modified by Raven for efficiency  /////////


      $sql = "SELECT config_name, config_value FROM ".$user_prefix."_bbconfig WHERE config_name IN('avatar_path','avatar_gallery_path') LIMIT 0,2";


      $result = $db->sql_query($sql);


      while ( $row = $db->sql_fetchrow($result) ) {


         $board_config[$row['config_name']] = $row['config_value'];


      }


      if     ($user_avatar_type == 1) $user_avatar = $board_config['avatar_path']."/".$user_avatar;


      elseif ($user_avatar_type != 2) $user_avatar = $board_config['avatar_gallery_path']."/".$user_avatar;


      $content .= "<center><img alt=\"\" src=\"$user_avatar\" /></center>";


////////////////End Avatar Path Mod/////////////////////////////////////


   }


   if ($posts>0) $content .= "<br /><center>$posts post(s)</center>\n";


    $content .= "<br /><img src=\"images/blocks/group-4.gif\" height=\"14\" width=\"17\" alt=\"\" /> "._BWEL.", <b>$uname</b>.<br />\n\n";


    $content .= "<a href=\"modules.php?name=Your_Account&amp;op=logout\"><img src=\"images/blocks/arrow-blk.gif\" width=\"17\" border=\"0\" alt=\"\" />&nbsp;"._LOGOUT."</a>\n<hr>\n";


   $sql = 'SELECT privmsgs_type pmType, count(privmsgs_type) pmCount'


        . ' FROM '.$user_prefix.'_bbprivmsgs'


        . " WHERE privmsgs_to_userid='".$uid."'"


        . ' AND privmsgs_type IN(0,1,5)'


        . ' GROUP BY privmsgs_type'


        . ' LIMIT 0 , 3';


   $result = $db->sql_query($sql);


   $newpms = 0;


   $oldpms = 0;


   while ($row = $db->sql_fetchrow($result)) {


      if ($row[0]==0) $oldpms += $row[1];


      else $newpms += $row[1];


   }


   $content .= "<img src=\"images/blocks/email-y.gif\" height=\"10\" width=\"14\" alt=\"\" /> <a href=\"messages.html\"><b>"._BPM."</b></a><br />\n";


    $content .= "<img src=\"images/blocks/email-r.gif\" height=\"10\" width=\"14\" alt=\"\" /> "._BUNREAD.": <b>$newpms</b><br />\n";


    $content .= "<img src=\"images/blocks/email-g.gif\" height=\"10\" width=\"14\" alt=\"\" /> "._BREAD.": <b>$oldpms</b><br />\n<hr>\n";


} else {


    $content .= '<center><b>'._YOURIP.$onlyip.'</b></center><br />';


    $content .= "<img src=\"images/blocks/group-4.gif\" height=\"14\" width=\"17\" alt=\"\" /> "._BWEL.", <b>$anonymous</b>\n<hr>";


    $content .= "<table><tr><td>"._NICKNAME."</td><td><input type=\"text\" name=\"username\" size=\"10\" maxlength=\"25\"></td></tr>";


    $content .= "<tr><td>"._PASSWORD."</td><td><input type=\"password\" name=\"user_password\" size=\"10\" maxlength=\"20\"></td></tr></table>";


    if (extension_loaded("gd") AND ($gfx_chk == 2 OR $gfx_chk == 4 OR $gfx_chk == 5 OR $gfx_chk == 7)) {


      $sql    = "SELECT version_num FROM ".$user_prefix."_config";


      $result = $db->sql_query($sql);


      $row    = $db->sql_fetchrow($result);


      $vn     = doubleval($row[0]);


      if ($vn<7.5) $gfxOp = 'op';


      else         $gfxOp = 'gfx';


      mt_srand ((double)microtime()*1000000);


      $maxran = 1000000;


      $random_num = mt_rand(0, $maxran);


      $content .= ""._SECURITYCODE.":<br /><img src='modules.php?name=Your_Account&amp;$gfxOp=gfx&amp;random_num=$random_num' border='1' alt='"._SECURITYCODE."' title='"._SECURITYCODE."'>\n";


      $content .= "<br />"._TYPESECCODE.": <input type=\"text\" name=\"gfx_check\" size=\"12\" maxlength=\"8\"><br>\n";


      $content .= "<input type=\"hidden\" name=\"random_num\" value=\"$random_num\">\n";


    }


   $content .="<input type=\"hidden\" name=\"redirect\" value=\"$redirect\">\n";


   $content .="<input type=\"hidden\" name=\"mode\" value=\"$mode\">\n";


   $content .="<input type=\"hidden\" name=\"f\" value=\"$f\">\n";


   $content .="<input type=\"hidden\" name=\"t\" value=\"$t\">\n";


    $content .= "<input type=\"hidden\" name=\"op\" value=\"login\">";


    $content .= "<input type=\"submit\" value=\""._LOGIN."\">\n<br /><a href=\"modules.php?name=Your_Account&amp;op=new_user\">&middot;&nbsp;"._BREG."</a><br>";


    $content .= "<a href=\"modules.php?name=Your_Account&amp;op=pass_lost\">&middot;&nbsp;"._PASSWORDLOST."</a><hr>";


}


if (is_user($user)||is_admin($admin)) {


   $content .= "<img src=\"images/blocks/group-2.gif\" height=\"14\" width=\"17\" alt=\"\" /> <b><u>"._BMEMP.":</u></b><br />\n";


   $content .= "<img src=\"images/blocks/ur-moderator.gif\" height=\"14\" width=\"17\" alt=\"\" /> "._BLATEST.": <a href=\"modules.php?name=Your_Account&amp;op=userinfo&amp;username=$lastusername\"><img src=\"images/blocks/icon_mini_profile.gif\" border=\"0\" title=\""._ALT_CHKPROFILE."\" alt=\""._ALT_CHKPROFILE."\"></a>&nbsp;<a href=\"forums.html?amp;file=profile&amp;mode=viewprofile&amp;u=$lastuser\"><b>$lastusername</b></a><br />\n";


   if (is_admin($admin) AND @file_exists("modules/UserInfoAddons/index.php")) {


      $btdLink = "<a href=\"modules.php?name=UserInfoAddons&amp;timespan=today&amp;pl=$patchLevelGE29\">"._BTD."</a>";


      $bydLink = "<a href=\"modules.php?name=UserInfoAddons&amp;timespan=yest&amp;pl=$patchLevelGE29\">"._BYD."</a>";


   }


   else {


      $btdLink = _BTD;


      $bydLink = _BYD;


   }


   $content .= "<img src=\"images/blocks/ur-author.gif\" height=\"14\" width=\"17\" alt=\"\" /> ".$btdLink.": <b>$userCount</b><br />\n";


   $content .= "<img src=\"images/blocks/ur-admin.gif\" height=\"14\" width=\"17\" alt=\"\" /> ".$bydLink.": <b>$userCount2</b><br />\n";


   if (is_admin($admin) AND @file_exists("modules/Resend_Email/index.php")) $waitLink = "<a href=\"modules.php?name=Resend_Email\" title=\""._TTL_RESENDEMAIL."\">"._WAITLINK."</a>";


   else $waitLink = _WAITLINK;


   $content .= "<img src=\"images/blocks/ur-member.gif\" height=\"14\" width=\"17\" alt=\"\" /> ".$waitLink.": <b>$waiting</b><br />\n";


   $content .= "<img src=\"images/blocks/ur-guest.gif\" height=\"14\" width=\"17\" alt=\"\" /> "._BOVER.": <b>$numrows1</b><br />\n<hr>\n";


}


$content .= "<img src=\"images/blocks/group-3.gif\" height=\"14\" width=\"17\" alt=\"\" /> <b><u>"._BVISIT.":</u></b>\n<br />\n";


$content .= "<img src=\"images/blocks/ur-anony.gif\" height=\"14\" width=\"17\" alt=\"\" /> "._BVIS.": <b>$guest_online_num</b><br />\n";


$content .= "<img src=\"images/blocks/ur-member.gif\" height=\"14\" width=\"17\" alt=\"\" /> "._BMEM.": <b>$member_online_num</b><br />\n";


if (is_user($user)||is_admin($admin)) {


   if (is_admin($admin)) {


      $content .= "<img src=\"images/blocks/ur-hiddenmember.gif\" height=\"14\" width=\"17\" alt=\"\" /> "._HIDDEN.": <b>$hiddenTotal</b><br />\n";


   }


   $content .= "<img src=\"images/blocks/ur-registered.gif\" height=\"14\" width=\"17\" alt=\"\" /> "._BTT.": <b>$who_online_num</b><br />\n<hr noshade>\n";


   if ($member_online_num > 0 || is_admin($admin)) {


      $content .= "<img src=\"images/blocks/group-1.gif\" height=\"14\" width=\"17\" align=\"middle\" alt=\"\" /> <b><u>"._BON.":</u></b><br />$who_online_now";


      $hr = "\n<hr noshade>\n";


   }


   if ($guest_online_num > 0 && ($showGuests||($showGuestsAdmin&&is_admin($admin)))) {


      $content .= "<br /><select style=\"width:140px\" name=\"name1\" onChange=\"gotoURL(this)\">\n$gwho_online_now\n</select>";


      $hr = "\n<hr noshade>\n";


   }


   $content .= $hr;





   /* Hits for Today */


   $t_time = time();


   $t_year = date("Y", $t_time);


   $t_month = date("n", $t_time);


   $t_date = date("j", $t_time);


   $result = $db->sql_query("SELECT hits FROM $user_prefix"._stats_date." WHERE year='$t_year' AND month='$t_month' AND date='$t_date'");


   list($today) = $db->sql_fetchrow($result);


   if (is_admin($admin)) {


      /* Hits for Yesterday */


      $y_time = $t_time - 86400;


      $y_year = date("Y", $y_time);


      $y_month = date("n", $y_time);


      $y_date = date("j", $y_time);


      $result = $db->sql_query("SELECT hits FROM $user_prefix"._stats_date." WHERE year='$y_year' AND month='$y_month' AND date='$y_date'");


      list($yesterday) = $db->sql_fetchrow($result);


   }


}


else {


   $hr = "\n<hr noshade>\n";


   $content .= $hr;


}


   /* Hits in Total */


   $totalhits = 0;


   $result = $db->sql_query("SELECT sum(hits) FROM $user_prefix"._stats_year."");


   list($totalhits) = $db->sql_fetchrow($result);


   $content .= "<center><small>"._WERECEIVED."</small><br />\n";


   $content .= "<b>$totalhits</b><br />\n";


   $content .= "<small>"._PAGESVIEWS."<br />$startdate</small></center>";


   $content .= "<hr noshade>";


if (is_user($user)||is_admin($admin)) {


   $content .= "<center>"._BHITS." "._BTD.": <b>$today</b><br />";


   if (is_admin($admin)) {


      $content .= ""._BHITS." "._BYD.": <b>$yesterday</b><br /></center>";


   }


   else $content .= "</center>";


}


if ($showServerDateTime || ($showServerDateTimeAdmin&&is_admin($admin))) {


if (is_user($user)||is_admin($admin)) {


   $content .= "<hr noshade>";


}


   $sdt = date("j F Y\nH:i:s T");


   $zone = date("Z")/3600;


   if ($zone >= 0) {


      $zone = "+".$zone;


   }


   $content .= "<center>"._SERDT."<br />$sdt (GMT $zone)</center>";


}


$content .= "</form>";





?>

if (extension_loaded("gd") AND ($gfx_chk == 3 OR $gfx_chk == 4 OR $gfx_chk == 6 OR $gfx_chk == 7)) {


$content .="<img src=images/blocks/spacer.gif border=0><br>Code<br><img src='modules.php?name=Your_Account&op=gfx&random_num=$random_num' border='1' align='center' alt='Enter Code' title='Enter Code'>\n";


$content .="<br><img src=images/blocks/spacer.gif border=0><br>Enter Code<br><input type=\"text\" NAME=\"gfx_check\" SIZE=\"8\" MAXLENGTH=\"10\">";


$content .="<input type=\"hidden\" name=\"random_num\" value=\"$random_num\">";

if (extension_loaded('gd') AND ($gfx_chk == 2 OR $gfx_chk == 4 OR $gfx_chk == 5 OR $gfx_chk == 7)) {


    $content .= _SECURITYCODE.": <img src='?gfx=gfx&random_num=$random_num' border='1' alt='"._SECURITYCODE."' title='"._SECURITYCODE."' /><br />\n";


    $content .= _TYPESECCODE."<br /><input type=\"text\" name=\"gfx_check\" size=\"7\" maxlength=\"6\" />\n";


    $content .= "<input type=\"hidden\" name=\"random_num\" value=\"$random_num\" /><br />\n";