echo '<b>Auto-ban IP Admin</b><br><br>';	echo '<blockquote>The Auto-Ban feature automatically bans IPs that entered domains resolve to. This is designed to be used for domains that resolve to (typically) 5 different IPs (presumably zombie machines) every lookup.  Use with caution.</blockquote>';	echo '<form action="'.$_SERVER['PHP_SELF'].'" method="post">';	echo '<input type="hidden" name="autobandomains" value="'.htmlentities(@$_REQUEST['autobandomains'], ENT_QUOTES).'">';	echo 'Add auto-ban domain: <input type="text" name="add" value="" size="20">';	echo '<input type="submit" value="Add">';	echo '</form>';	$sortkeys = array('domain'=>0, 'lasthit'=>1, 'added'=>1, 'hitcount'=>1);	$_REQUEST['orderby'] = ((isset($_REQUEST['orderby']) && isset($sortkeys[$_REQUEST['orderby']])) ? $_REQUEST['orderby'] : 'domain');	$_REQUEST['order']   = ((isset($_REQUEST['order']) && $_REQUEST['order']) ? 1 : 0);	$SQLquery  = 'SELECT * FROM `'.PHPOP3CLEAN_TABLE_PREFIX.'domains_autoban`';	$SQLquery .= ' ORDER BY `'.mysql_escape_string($_REQUEST['orderby']).'` '.($_REQUEST['order'] ? 'DESC' : 'ASC');	$result = mysql_query_safe($SQLquery);	echo '<table border="1" cellspacing="0" cellpadding="3"><tr>';	foreach ($sortkeys as $sortkey => $defaultsortdirection) {		echo '<th'.(($sortkey === $_REQUEST['orderby']) ? ' bgcolor="yellow"' : '').'><a href="'.$_SERVER['PHP_SELF'].'?autobandomains=1&orderby='.urlencode($sortkey).'&order=';		if ($sortkey === $_REQUEST['orderby']) {			echo (@$_REQUEST['order'] ? '0"><span style="font-size: 18pt;">&#8679;</span>' : '1"><span style="font-size: 18pt;">&#8681;</span>');		} else {			echo $defaultsortdirection.'"><span style="font-size: 18pt;">&#8681;</span>';		}		echo $sortkey.'</a></th>';	}	echo '<th>&nbsp;</th></tr>';	while ($row = mysql_fetch_array($result)) {		echo '<tr>';		echo '<td align="right"><tt>'.htmlentities($row['domain']).'</tt></td>';			if ($row['lasthit']) {				echo '<td align="right" bgcolor="#'.LastHit2bgcolor($row['lasthit']).'">'.date('M-d-Y', $row['lasthit']).'</td>';				echo '<td align="right">'.($row['added'] ? date('M-d-Y', $row['added']) : '-').'</td>';			} else {				echo '<td align="center">-</td>';				echo '<td align="right" bgcolor="#'.LastHit2bgcolor($row['added']).'">'.date('M-d-Y', $row['added']).'</td>';			}		echo '<td align="right"><tt>'.number_format($row['hitcount']).'</tt></td>';		echo '<td><a href="'.htmlspecialchars(linkencode($_SERVER['PHP_SELF'].'?autobandomains=1&delete='.$row['domain']), ENT_QUOTES).'" onClick="return confirm(\'Are you SURE you want to delete this?\');">delete</a></td>';		echo '</tr>';	}	echo '</table>';} elseif (IsAdminUser() && @$_REQUEST['databaseupdate']) {	echo '<b>Database update</b><br><br>';	echo '<a href="http://sourceforge.net/project/showfiles.php?group_id=131372&package_id=146813"><b>Download the latest SQL updates</a></b><br><br>';	if (is_uploaded_file(@$_FILES['uploaded_sql']['tmp_name'])) {		$lines = file($_FILES['uploaded_sql']['tmp_name']);		$ignoredlines   = 0;		$processedlines = 0;		foreach ($lines as $line) {			$line = trim($line);			if (preg_match('/^REPLACE INTO `phpop3clean_([a-z_]+)` \([a-z0-9_`, ]+\) VALUES \(.*\);$/i', $line, $matches)) {				$SQLquery = str_replace('REPLACE INTO `phpop3clean_', 'REPLACE INTO `'.PHPOP3CLEAN_TABLE_PREFIX, $line);				$result = mysql_query_safe($SQLquery);				$processedlines++;			} elseif ($line) {				$ignoredlines++;			}		}		echo 'Ignored <b>'.number_format($ignoredlines).'</b> lines (they did not appear to be REPLACE INTO queries)<br>';		echo 'Processed <b>'.number_format($processedlines).'</b> lines<br>';	} else {		echo '<form action="'.$_SERVER['PHP_SELF'].'" method="post" enctype="multipart/form-data">';		echo '<input type="hidden" name="databaseupdate" value="insert">';		echo 'Upload the "REPLACE INTO" SQL file here (one statement per line):<br>';		if (PHPOP3CLEAN_TABLE_PREFIX != 'phpop3clean_') {			echo '<i>Note: The table name prefix can be left as "phpop3clean_", it will be auto-replaced with "'.PHPOP3CLEAN_TABLE_PREFIX.'"</i><br>';		}		echo '<input type="file" name="uploaded_sql"><br>';		echo '<input type="submit" value="Upload &amp; Process">';		echo '</form>';	}} elseif (@$_REQUEST['useradmin']) {	if ($_REQUEST['useradmin'] == 'edit') {		if (IsAdminUser() && ($_REQUEST['account'] == 'new')) {			$row = array(				'account'       => 'user@example.com',				'password'      => '',				'hostname'      => '',				'port'          => 110,				'active'        => 0,				'full_login'    => 1,				'use_retr'      => 0,				'scan_interval' => 5,				'last_scanned'  => 0,			);		} else {			$SQLquery  = 'SELECT * FROM `'.PHPOP3CLEAN_TABLE_PREFIX.'accounts`';			$SQLquery .= ' WHERE (`account` = "'.mysql_escape_string(IsAdminUser() ? $_REQUEST['account'] : $_COOKIE['phPOP3cleanUSER']).'")';			$result = mysql_query_safe($SQLquery);			$row = mysql_fetch_array($result);		}		echo '<form action="'.$_SERVER['PHP_SELF'].'" method="post">';		echo '<table border="0">';		if (IsAdminUser()) {			echo '<tr><td>Email:</td><td><input type="text" name="account" value="'.htmlentities($row['account'], ENT_QUOTES).'" size="40"></td></tr>';		} else {			echo '<tr><td>Email:</td><td><b>'.htmlentities($row['account'], ENT_QUOTES).'</b></td></tr>';		}		echo '<tr><td>Password:</td><td><input type="text" name="password" value="'.htmlentities($row['password'], ENT_QUOTES).'" size="10"></td></tr>';		echo '<tr><td>Hostname:</td><td><input type="text" name="hostname" value="'.htmlentities($row['hostname'], ENT_QUOTES).'" size="30"></td></tr>';		echo '<tr><td>Port:</td><td><input type="text" name="port" value="'.htmlentities($row['port'], ENT_QUOTES).'" size="4"> (default: <b>110</b>)</td></tr>';		$ActiveStates = array(0=>'disabled', 1=>'active');		echo '<tr><td>Status:</td><td><select name="active">';		echo '<option value="0"'.(($row['active'] == '0') ? ' selected' : '').' style="color: red;">disabled</option>';		echo '<option value="1"'.(($row['active'] == '1') ? ' selected' : '').' style="color: green;">active</option>';		echo '</select></td></tr>';		list($user, $domain) = explode('@', $row['account']);		$LoginStates = array(0=>$user, 1=>$row['account']);		echo '<tr><td>Login:</td><td><select name="full_login">';		foreach ($LoginStates as $key => $value) {			echo '<option value="'.$key.'"';			if ($row['full_login'] == $key) {				echo ' selected';			}			echo '>'.$value.'</option>';		}		echo '</select></td></tr>';		echo '<tr><td>Use:</td><td><select name="use_retr">';		$UseRETR = array(0=>'TOP x 99999', 1=>'RETR x');		foreach ($UseRETR as $key => $value) {			echo '<option value="'.$key.'"';			if ($row['use_retr'] == $key) {				echo ' selected';			}			echo '>'.$value.'</option>';		}		echo '</select> to retrieve messages (compatability setting)</td></tr>';		echo '<tr><td>Scan Interval:</td><td><select name="scan_interval">';		for ($i = 1; $i <= 180; $i++) {			echo '<option value="'.$i.'"';			if ($row['scan_interval'] == $i) {				echo ' selected';			}			echo '>'.$i.'</option>';		}		echo '</select> minutes</td></tr>';		echo '<tr><td>Last scanned:</td><td>'.htmlentities(date('M j Y, g:i:sa', $row['last_scanned'])).'</td></tr>';		echo '</table>';		echo '<input type="hidden" name="oldaccount" value="'.htmlentities($row['account'], ENT_QUOTES).'">';		echo '<input type="hidden" name="useradmin" value="update">';		echo '<input type="submit" value="save">';		echo '</form>';	} elseif (@$_POST['useradmin'] == 'update') {		if (IsAdminUser() && ($_POST['oldaccount'] == 'user@example.com')) {			$SQLquery  = 'INSERT IGNORE INTO `'.PHPOP3CLEAN_TABLE_PREFIX.'accounts` (`account`, `password`, `hostname`, `port`, `active`, `full_login`, `use_retr`, `scan_interval`) VALUES (';			$SQLquery .= '"'.mysql_escape_string($_POST['account']).'"';			$SQLquery .= ', "'.mysql_escape_string($_POST['password']).'"';			$SQLquery .= ', "'.mysql_escape_string($_POST['hostname']).'"';			$SQLquery .= ', "'.mysql_escape_string($_POST['port']).'"';			$SQLquery .= ', "'.mysql_escape_string($_POST['active']).'"';			$SQLquery .= ', "'.mysql_escape_string($_POST['full_login']).'"';			$SQLquery .= ', "'.mysql_escape_string($_POST['use_retr']).'"';			$SQLquery .= ', "'.mysql_escape_string($_POST['scan_interval']).'")';		} else {			$SQLquery  = 'UPDATE `'.PHPOP3CLEAN_TABLE_PREFIX.'accounts` SET';			$SQLquery .= ' `password` = "'.mysql_escape_string($_POST['password']).'"';			if (IsAdminUser()) {				$SQLquery .= ', `account` = "'.mysql_escape_string($_POST['account']).'"';			}			$SQLquery .= ', `hostname` = "'.mysql_escape_string($_POST['hostname']).'"';			$SQLquery .= ', `port` = "'.mysql_escape_string($_POST['port']).'"';			$SQLquery .= ', `active` = "'.mysql_escape_string($_POST['active']).'"';			$SQLquery .= ', `full_login` = "'.mysql_escape_string($_POST['full_login']).'"';			$SQLquery .= ', `use_retr` = "'.mysql_escape_string($_POST['use_retr']).'"';			$SQLquery .= ', `scan_interval` = "'.mysql_escape_string($_POST['scan_interval']).'"';			$SQLquery .= ' WHERE (`account` = "'.mysql_escape_string(IsAdminUser() ? $_POST['oldaccount'] : $_COOKIE['phPOP3cleanUSER']).'")';		}		mysql_query_safe($SQLquery);		echo 'Record updated<br>';		echo '<script>location = "'.$_SERVER['PHP_SELF'].'?useradmin='.__LINE__.'&orderby='.urlencode(@$_POST['orderby']).'";</script>';	} elseif (IsAdminUser() && ($_REQUEST['useradmin'] == 'delete')) {		$SQLquery  = 'DELETE FROM `'.PHPOP3CLEAN_TABLE_PREFIX.'accounts`';		$SQLquery .= ' WHERE (`account` = "'.mysql_escape_string($_REQUEST['account']).'")';		mysql_query_safe($SQLquery);		echo 'Record deleted<br>';		echo '<script>location = "'.$_SERVER['PHP_SELF'].'?useradmin='.__LINE__.'&orderby='.urlencode(@$_GET['orderby']).'";</script>';	} else {		$SQLquery  = 'SELECT * FROM `'.PHPOP3CLEAN_TABLE_PREFIX.'accounts`';		if (!IsAdminUser()) {			$SQLquery .= ' WHERE (`account` = "'.mysql_escape_string($_COOKIE['phPOP3cleanUSER']).'")';		}		$SQLquery .= ' ORDER BY (`active` = "1") DESC';		$SQLquery .= ', `account` ASC';		$result = mysql_query_safe($SQLquery);		echo '<a href="'.htmlspecialchars(linkencode($_SERVER['PHP_SELF'].'?useradmin=edit&account=new'), ENT_QUOTES).'">Create new</a><br>';		echo '<table border="1" cellspacing="0" cellpadding="3">';		echo '<tr><th>&nbsp;</th><th>Account</th><th>Password</th><th>Full Login</th><th>RETR / TOP</th><th>Interval</th><th>Status</th><th>Last Scan</th>'.(IsAdminUser() ? '<th>&nbsp;</th>' : '').'</tr>';		while ($row = mysql_fetch_array($result)) {			echo '<tr>';			echo '<td><a href="'.htmlspecialchars(linkencode($_SERVER['PHP_SELF'].'?useradmin=edit&account='.$row['account']), ENT_QUOTES).'">edit</td>';			echo '<td>'.htmlentities($row['account']).'</td>';			echo '<td>'.htmlentities($row['password']).'</td>';			echo '<td '.($row['full_login'] ? 'align="left">full' : 'align="right">simple').'</td>';			echo '<td>'.($row['use_retr'] ? 'RETR x' : 'TOP x 99999').'</td>';			echo '<td>'.$row['scan_interval'].'</td>';			if ($row['active'] == 1) {				echo '<td bgcolor="#00FF00">active</td>';			} else {				echo '<td bgcolor="#FF0000">disabled</td>';			}			echo '<td><a href="#" title="'.FormatTimeInterval(time() - $row['last_scanned']).' ago" style="text-decoration: none; cursor: help; border-bottom: 1px dashed green;">'.htmlentities(date('M j Y g:i:sa', $row['last_scanned'])).'</a></td>';			if (IsAdminUser()) {				echo '<td><a href="'.htmlspecialchars(linkencode($_SERVER['PHP_SELF'].'?useradmin=delete&account='.$row['account']), ENT_QUOTES).'" onClick="return confirm(\'Are you SURE you want to delete this account?\');">delete</td>';			}			echo '</tr>';		}		echo '</table>';	}