1 files changed, 9 insertions, 9 deletions
diff --git a/pages/admin.php b/pages/admin.php
index a3b1783..60bc73d 100755
--- a/pages/admin.php
+++ b/pages/admin.php

@@ -26,7 +26,7 @@ $pageCategory = 'panel';
 if (isLoggedIn())
 {
-        if (getUserlevel() == 1)
+        if (isAdmin())
        {
                if (!isset($_GET['page']))
                {
@@ -41,7 +41,7 @@ if (isLoggedIn())
                                if ($_POST['type'] == 'draft')
                                {
-                                        $insdraft = "INSERT INTO drafts (title,author,text,slug) VALUES (\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . sess_get('uname') . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";
+                                        $insdraft = "INSERT INTO drafts (title,author,text,slug) VALUES (\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";
                                        $insdraft2 = mysql_query($insdraft);
                                        $id = mysql_insert_id();
@@ -51,7 +51,7 @@ if (isLoggedIn())
                                        $template->add('ID', $id);
                                } else if ($_POST['type'] == 'instant')
                                {
-                                        $id = postBlogPost($_POST['title'], sess_get('uname'), $tags, $_POST['text']);
+                                        $id = postBlogPost($_POST['title'], getSessionUsername(), $tags, $_POST['text']);
                                        $getpost = "SELECT * FROM updates WHERE id = " . $id;
                                        $getpost2 = mysql_query($getpost);
@@ -87,7 +87,7 @@ if (isLoggedIn())
                                                generateError(404);
                                        }
-                                        $inspending = "INSERT INTO pending (id,title,author,text,slug) VALUES (" . $id . ",\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . sess_get('uname') . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";
+                                        $inspending = "INSERT INTO pending (id,title,author,text,slug) VALUES (" . $id . ",\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";
                                        $inspending2 = mysql_query($inspending);
                                        addTags($id, $tags, 'pending');
@@ -140,7 +140,7 @@ if (isLoggedIn())
                                                $template->add('ID', $_GET['id']);
                                        } else if ($_POST['type'] == 'instant')
                                        {
-                                                $id = postBlogPost($_POST['title'], sess_get('uname'), $tags, $_POST['text']);
+                                                $id = postBlogPost($_POST['title'], getSessionUsername(), $tags, $_POST['text']);
                                                $deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id'];
                                                $deldraft2 = mysql_query($deldraft);
@@ -179,7 +179,7 @@ if (isLoggedIn())
                                                        generateError(404);
                                                }
-                                                $inspending = "INSERT INTO pending (id,title,author,text,slug) VALUES (" . $id . ",\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . sess_get('uname') . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";
+                                                $inspending = "INSERT INTO pending (id,title,author,text,slug) VALUES (" . $id . ",\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";
                                                $inspending2 = mysql_query($inspending);
                                                addTags($id, $tags, 'pending');
@@ -539,14 +539,14 @@ if (isLoggedIn())
                        if ($getcomment3['id'] == $_GET['id'])
                        {
-                                $getuser = "SELECT * FROM users WHERE username = \"" . $getcomment3['author'] . "\"";
+                                $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getcomment3['author'] . "\"";
                                $getuser2 = mysql_query($getuser);
                                $getuser3 = mysql_fetch_array($getuser2);
                                $template = new FITemplate('admin/viewComment');
                                $template->add('ID', $_GET['id']);
                                $template->add('USERNAME', $getcomment3['author']);
-                                $template->add('CODEDEMAIL', md5(strtolower($getuser3['email'])));
+                                $template->add('CODEDEMAIL', md5(strtolower($getuser3['user_email'])));
                                $template->add('TEXT', parseText($getcomment3['comment']));
                                $template->add('DATE', date("F dS Y \a\\t g:i:s a",strtotime($getcomment3['pubDate'])));
                        } else {
@@ -601,7 +601,7 @@ if (isLoggedIn())
                                $template = new FITemplate('admin/pollrss');
                        } else if ($_GET['step'] == 2)
                        {
-                                $insrss = "INSERT INTO pollrss (author,rss) VALUES (\"" . sess_get('uname') . "\",\"" . mysql_real_escape_string($_POST['text']) . "\")";
+                                $insrss = "INSERT INTO pollrss (author,rss) VALUES (\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\")";
                                $insrss2 = mysql_query($insrss);
                                $template = new FITemplate('admin/newPoll');

diff --git a/pages/admin.php b/pages/admin.php index a3b1783..60bc73d 100755 --- a/pages/admin.php +++ b/pages/admin.php
@@ -26,7 +26,7 @@ $pageCategory = 'panel';
26		26
27	if (isLoggedIn())	27	if (isLoggedIn())
28	{	28	{
29	if (getUserlevel() == 1)	29	if (isAdmin())
30	{	30	{
31	if (!isset($_GET['page']))	31	if (!isset($_GET['page']))
32	{	32	{
@@ -41,7 +41,7 @@ if (isLoggedIn())
41		41
42	if ($_POST['type'] == 'draft')	42	if ($_POST['type'] == 'draft')
43	{	43	{
44	$insdraft = "INSERT INTO drafts (title,author,text,slug) VALUES (\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . sess_get('uname') . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";	44	$insdraft = "INSERT INTO drafts (title,author,text,slug) VALUES (\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";
45	$insdraft2 = mysql_query($insdraft);	45	$insdraft2 = mysql_query($insdraft);
46		46
47	$id = mysql_insert_id();	47	$id = mysql_insert_id();
@@ -51,7 +51,7 @@ if (isLoggedIn())
51	$template->add('ID', $id);	51	$template->add('ID', $id);
52	} else if ($_POST['type'] == 'instant')	52	} else if ($_POST['type'] == 'instant')
53	{	53	{
54	$id = postBlogPost($_POST['title'], sess_get('uname'), $tags, $_POST['text']);	54	$id = postBlogPost($_POST['title'], getSessionUsername(), $tags, $_POST['text']);
55		55
56	$getpost = "SELECT * FROM updates WHERE id = " . $id;	56	$getpost = "SELECT * FROM updates WHERE id = " . $id;
57	$getpost2 = mysql_query($getpost);	57	$getpost2 = mysql_query($getpost);
@@ -87,7 +87,7 @@ if (isLoggedIn())
87	generateError(404);	87	generateError(404);
88	}	88	}
89		89
90	$inspending = "INSERT INTO pending (id,title,author,text,slug) VALUES (" . $id . ",\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . sess_get('uname') . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";	90	$inspending = "INSERT INTO pending (id,title,author,text,slug) VALUES (" . $id . ",\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";
91	$inspending2 = mysql_query($inspending);	91	$inspending2 = mysql_query($inspending);
92		92
93	addTags($id, $tags, 'pending');	93	addTags($id, $tags, 'pending');
@@ -140,7 +140,7 @@ if (isLoggedIn())
140	$template->add('ID', $_GET['id']);	140	$template->add('ID', $_GET['id']);
141	} else if ($_POST['type'] == 'instant')	141	} else if ($_POST['type'] == 'instant')
142	{	142	{
143	$id = postBlogPost($_POST['title'], sess_get('uname'), $tags, $_POST['text']);	143	$id = postBlogPost($_POST['title'], getSessionUsername(), $tags, $_POST['text']);
144		144
145	$deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id'];	145	$deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id'];
146	$deldraft2 = mysql_query($deldraft);	146	$deldraft2 = mysql_query($deldraft);
@@ -179,7 +179,7 @@ if (isLoggedIn())
179	generateError(404);	179	generateError(404);
180	}	180	}
181		181
182	$inspending = "INSERT INTO pending (id,title,author,text,slug) VALUES (" . $id . ",\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . sess_get('uname') . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";	182	$inspending = "INSERT INTO pending (id,title,author,text,slug) VALUES (" . $id . ",\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";
183	$inspending2 = mysql_query($inspending);	183	$inspending2 = mysql_query($inspending);
184		184
185	addTags($id, $tags, 'pending');	185	addTags($id, $tags, 'pending');
@@ -539,14 +539,14 @@ if (isLoggedIn())
539		539
540	if ($getcomment3['id'] == $_GET['id'])	540	if ($getcomment3['id'] == $_GET['id'])
541	{	541	{
542	$getuser = "SELECT * FROM users WHERE username = \"" . $getcomment3['author'] . "\"";	542	$getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getcomment3['author'] . "\"";
543	$getuser2 = mysql_query($getuser);	543	$getuser2 = mysql_query($getuser);
544	$getuser3 = mysql_fetch_array($getuser2);	544	$getuser3 = mysql_fetch_array($getuser2);
545		545
546	$template = new FITemplate('admin/viewComment');	546	$template = new FITemplate('admin/viewComment');
547	$template->add('ID', $_GET['id']);	547	$template->add('ID', $_GET['id']);
548	$template->add('USERNAME', $getcomment3['author']);	548	$template->add('USERNAME', $getcomment3['author']);
549	$template->add('CODEDEMAIL', md5(strtolower($getuser3['email'])));	549	$template->add('CODEDEMAIL', md5(strtolower($getuser3['user_email'])));
550	$template->add('TEXT', parseText($getcomment3['comment']));	550	$template->add('TEXT', parseText($getcomment3['comment']));
551	$template->add('DATE', date("F dS Y \a\\t g:i:s a",strtotime($getcomment3['pubDate'])));	551	$template->add('DATE', date("F dS Y \a\\t g:i:s a",strtotime($getcomment3['pubDate'])));
552	} else {	552	} else {
@@ -601,7 +601,7 @@ if (isLoggedIn())
601	$template = new FITemplate('admin/pollrss');	601	$template = new FITemplate('admin/pollrss');
602	} else if ($_GET['step'] == 2)	602	} else if ($_GET['step'] == 2)
603	{	603	{
604	$insrss = "INSERT INTO pollrss (author,rss) VALUES (\"" . sess_get('uname') . "\",\"" . mysql_real_escape_string($_POST['text']) . "\")";	604	$insrss = "INSERT INTO pollrss (author,rss) VALUES (\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\")";
605	$insrss2 = mysql_query($insrss);	605	$insrss2 = mysql_query($insrss);
606		606
607	$template = new FITemplate('admin/newPoll');	607	$template = new FITemplate('admin/newPoll');