sql_query($sql) ) { if ( $row = $db->sql_fetchrow($result) ) { $last_session_time = $row['session_start']; if ( $current_time <= $last_session_time + $board_config['flood_interval'] ) { $flood_attempt = true; } else { $sql = 'UPDATE ' . SESSIONS_TABLE . " SET session_start = $current_time, session_time = $current_time WHERE session_id = '$session_id'"; if ( !$db->sql_query($sql) ) { message_die(CRITICAL_ERROR, 'Error updating newsfeed session', '', __LINE__, __FILE__, $sql); } } } else { $sql = 'INSERT INTO ' . SESSIONS_TABLE . " (session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in) VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, 0)"; if ( !$db->sql_query($sql) ) { message_die(CRITICAL_ERROR, 'Error updating newsfeed session', '', __LINE__, __FILE__, $sql); } } } } else { // if the request is not coming from this server, // then check to see if it's being executed by a logged in admin uer $userdata = session_pagestart($user_ip, PAGE_INDEX); init_userprefs($userdata); $secure_check = ($userdata['user_level'] == ADMIN); } if ( $secure_check && !$flood_attempt ) { // do the news insert $feeds = ( isset($HTTP_GET_VARS[POST_NEWSFEED_URL]) ) ? $HTTP_GET_VARS[POST_NEWSFEED_URL] : ''; $msg = retrieve_rss_content($feeds); die($msg); } else { die('Hacking attempt'); } ?>