function sendNotify($userid, $msg, $link, $subject = null)
{
$umail = "*****@*****.**";
$ufname = "eDart";
$ulname = "User";
$domail = 1;
//PART I: Write to the database
$con = mysqli_connect(host(), username(), password(), mainDb());
$q = "INSERT INTO notify(`usr`,`date`,`message`,`link`) VALUES('" . mysqli_real_escape_string($con, $userid) . "','" . mysqli_real_escape_string($con, time()) . "','" . mysqli_real_escape_string($con, $msg) . "','" . mysqli_real_escape_string($con, $link) . "')";
//Insert a new row into the author's notifications
mysqli_query($con, $q);
//Execute
$user_call = new User(array("action" => "get", "id" => $userid));
$user_info = $user_call->run(true);
if (count($user_info) != 0) {
$user_info = $user_info[0];
$umail = $user_info["email"];
$ufname = ucwords($user_info["fname"]);
$ulname = ucwords($user_info["lname"]);
$domail = $user_info["do_mail"];
}
$greetings = array("Just wanted to let you know that:<br><br> %s. <br><br>That is all. Have a good rest of your day!", "In case you didn't know: <br><br>%s<br><br> Better go check it out.", "We hope you're having a good day! Just thought you might you want to know:<br><br> %s. <br><br>That is all. Carry on!", "Don't mean to break your flow, but we just thought you might want to know that<br><br> %s. <br><br>If you get the chance, you can check it out back at eDart. For now, live long and prosper!", "Hope your day is going splendidly! Just thought we'd let you know that:<br><br> %s. <br><br>When you have the time, check it out on eDart. Cool. For now, bye.");
$fullmsg = sprintf($greetings[rand(0, count($greetings) - 1)], $msg);
if ($subject == null) {
$subject = $msg;
}
//PART II: Send them an email
if ($domail == 1) {
sendMail($umail, $ufname, $ulname, $subject, $fullmsg, $link, "View on eDart");
}
}
public function output()
{
global $id;
$ten_bars = "";
for ($i = 0; $i <= 9; $i++) {
$ten_bars .= "<td data-index=\"" . $i . "\" class=\"bar\"></td>";
}
$otherUser = new User(array("action" => "get", "id" => $id));
$otherInfo = $otherUser->run(true);
$fname = $otherInfo[0]["fname"];
$query_str = $_SERVER["QUERY_STRING"];
$html = <<<EOD
\t\t\t\t\t<div class="hdr btxt">Rate {$fname} <div style="font-size:18px;display:inline-block;">(anonymously)</div></div>
\t\t\t\t\t\t<form method="post" id="rate_form" action="./exchange.php?{$query_str}" >
\t\t\t\t\t\t\t<table id="ratetable">
EOD;
$qualities_array = array("Reliability", "Friendliness", "Consistency", "Overall Experience");
for ($i = 0; $i < count($qualities_array); $i++) {
$q = $qualities_array[$i];
$html .= <<<EOF
\t\t\t\t\t\t\t<tr class="rankrow">
\t\t\t\t\t\t\t\t<td class="ltxt">{$q}</td>
\t\t\t\t\t\t\t\t<td>
\t\t\t\t\t\t\t\t\t<table class="ranktbl">
\t\t\t\t\t\t\t\t\t\t<tr>
\t\t\t\t\t\t\t\t\t\t\t{$ten_bars}
\t\t\t\t\t\t\t\t\t\t</tr>
\t\t\t\t\t\t\t\t\t\t<input type="hidden" name="rank_{$i}" id="rank_val" value="9">
\t\t\t\t\t\t\t\t\t</table>
\t\t\t\t\t\t\t\t</td>
\t\t\t\t\t\t\t\t<td id="rtstat">
\t\t\t\t\t\t\t\t</td>
\t\t\t\t\t\t\t</tr>
EOF;
}
$html .= <<<EOA
\t\t\t\t\t\t<tr>
\t\t\t\t\t\t\t<td colspan="2">
\t\t\t\t\t\t\t\t<textarea id="moreinfo" style="" name="rate_desc" placeholder="Write about your experience here"></textarea>
\t\t\t\t\t\t\t</td>
\t\t\t\t\t\t\t<td style="vertical-align:bottom;">
\t\t\t\t\t\t\t\t<input type="button"
\t\t\t\t\t\t\t\t\t\tclass="button_primary blue"
\t\t\t\t\t\t\t\t\t\tstyle="margin-left:10px;width:100%;"
\t\t\t\t\t\t\t\t\t\tonclick="show_rank_thanks();"
\t\t\t\t\t\t\t\t\t\tvalue="Send Rating"
\t\t\t\t\t\t\t\t/>
\t\t\t\t\t\t\t\t<div id="skiptext">Or skip this step</div>
\t\t\t\t\t\t</tr>
\t\t\t\t\t</table>
\t\t\t\t</form>
EOA;
echo $html;
}
private function logout()
{
//Deactivate the user
$userUpdate = new User(array("action" => "update", "fields" => array("active" => "0")));
$userUpdate->run(true);
//Unset the global variable
unset($_SESSION["userid"]);
//Return success
return 200;
}
<?php
include_once $_SERVER["DOC_ROOT"] . "/scripts/php/core.php";
//Get info about the given user
$newPerson = new User(array("action" => "get", "id" => $_GET["id"]));
$personInfo = $newPerson->run(true);
try {
//We're using 'r' for compatibility purposes
//Get the first user's info
$r = $personInfo[0];
$fname = $r["fname"];
//First Name
$lname = $r["lname"];
//Last Name
$dob = $r["dob"];
//Date of Birth
$domail = $r["do_mail"];
//Can we email them?
$gender_index = $r["gender"];
//Gender
$bio = $r["bio"];
//Biography
$gender = Lookup::Gender($gender_index);
//Gender string
$pronoun = Lookup::Pronoun($gender_index);
//Pronoun to describe user's gender
$privacy = json_decode($r["privacy"], true);
//The privacy array
$privacy = !$privacy ? array() : $privacy;
$rank = json_decode($r["rank"], true);
//The user's rankings
//Print out the chat head
//Get all the messages from the server and break it down into an array
$msg_br = json_decode($msgarr, true);
//Loop through them all backwards
for ($i = count($msg_br) - 1; $i >= 0; $i--) {
$value = $msg_br[$i];
//Get each message as its own array
$msg = trim($value["message"]);
//Message content
$aus = trim($value["user"]);
//User ID
$ts = trim($value["timestamp"]);
//Timestamp
//Get the user's info
$authUser = new User(array("action" => "get", "id" => $aus));
$auInfo = $authUser->run(true);
//Load their display name into one string
$userDName = $auInfo[0]["fname"] . " " . $auInfo[0]["lname"];
//Get the relative time the message was posted
$relDt = getRelativeDT(time(), $ts) . " ago";
//Get the HTML for the message
$html = <<<EOD
\t\t\t\t\t\t\t<div class="msg">
\t\t\t\t\t\t\t\t<div class="inner">
\t\t\t\t\t\t\t\t\t<div class="img_wrap"><a href="/profile.php?id={$aus}"><img class="pic" src="/profile.php?id={$aus}&load=image&size=small"></a></div>
\t\t\t\t\t\t\t\t\t<div class="holder">
\t\t\t\t\t\t\t\t\t\t<div class="title"><a href="/profile.php?id={$aus}">{$userDName}</a></div>
\t\t\t\t\t\t\t\t\t\t<div class="body">{$msg}</div>
\t\t\t\t\t\t\t\t\t</div>
function get_profile_box($user_id)
{
//Get the info on the given user
$newUser = new User(array("action" => "get", "id" => $user_id));
$userArray = $newUser->run(true);
/* <div id="tmenu">
<div onclick="$('#postbox').modal();" class="ticon glyphicon glyphicon glyphicon-plus"></div>
</div>*/
//Create the user box
$user_box = <<<UBOX
\t\t\t<a href="/me">
\t\t\t\t<div id="minippic" >
\t\t\t\t\t<img src="/me/picture/?size=small" style="width:50px;height:50px;">
\t\t\t\t</div>
\t\t\t</a>
\t\t\t<div id='infobox'>
\t\t\t\t<a href="/me">
\t\t\t\t\t{$userArray[0]["fname"]} {$userArray[0]["lname"]}
\t\t\t\t</a>
\t\t\t\t<br/>
\t\t\t\t<div id="lgotxt" onclick="displayMenu();">Options</div>
\t\t\t</div>
\t\t\t<script type="text/javascript">
\t\t\t\tfunction displayMenu()
\t\t\t\t{
\t\t\t\t\tvar menu = document.getElementById('usermenu');
\t\t\t\t\tvar optxt = document.getElementById('lgotxt');
\t\t\t\t\tif(menu.style.display=='block')
\t\t\t\t\t{
\t\t\t\t\t\toptxt.style.color='';
\t\t\t\t\t\tmenu.style.display='none';
\t\t\t\t\t}
\t\t\t\t\telse
\t\t\t\t\t{
\t\t\t\t\t\toptxt.style.color='white';
\t\t\t\t\t\tmenu.style.display='block';
\t\t\t\t\t}
\t\t\t\t}
\t\t\t</script>
UBOX;
return $user_box;
}
if (trim($_POST[$f]) == "" || !isset($_POST[$f])) {
//Throw an error
header("Location:/signup/?error=401");
exit;
}
}
//If the passwords don't match...
if ($_POST["pword"] != $_POST["rpword"]) {
//Throw an error
header("Location:/signup/?error=105");
exit;
}
//If everything is going as planned, used the API to create a new user
$new_user = new User(array("action" => "create", "fields" => array("fname" => $_POST["fname"], "lname" => $_POST["lname"], "email" => $_POST["eaddr"], "password" => $_POST["pword"])));
//Get the response from the server
$response = $new_user->run(true);
//If the signup STILL wasn't successful...
if ($response != 200) {
//Throw a custom error
header("Location:/signup/?error=" . $response);
} else {
//...log them in with their new credentials
$login = new Login(array("action" => "login", "email" => $_POST["eaddr"], "password" => $_POST["pword"]));
$login->run();
//Navigate to the email validator
header("Location:/signup/email_sent.php");
exit;
//Exit
}
/* * * * * * * * * * * * * * * * *
* Available for debugging: *
private function set($id, $timestamp)
{
global $con;
$exchangeInfo = $this->get($id);
if (!isset($id) || !isset($timestamp)) {
return 401;
} else {
if (is_array($exchangeInfo) && count($exchangeInfo) > 0) {
$exchangeInfo = $exchangeInfo[0];
$availability_array = json_decode($exchangeInfo["availability"], true);
$date_array = array();
if (is_array($availability_array) && count($availability_array) > 0) {
foreach ($availability_array as $user => $dates) {
foreach ($dates as $d) {
if (in_array($timestamp, $date_array)) {
$item1 = new Item(array("action" => "get", "filter" => array("id" => $exchangeInfo["item1"])));
$item1_info = $item1->run();
$item1_info = $item1_info[0];
$item2 = new Item(array("action" => "get", "filter" => array("id" => $exchangeInfo["item2"])));
$item2_info = $item2->run();
$item2_info = $item2_info[0];
if ($item1_info["usr"] == $_SESSION["userid"] || $item2_info["usr"] == $_SESSION["userid"]) {
$other_usr = $item1_info["usr"] == $_SESSION["userid"] ? $item2_info["usr"] : $item1_info["usr"];
$other_item = $item1_info["usr"] == $_SESSION["userid"] ? $item2_info : $item1_info;
$my_item = $item1_info["usr"] == $_SESSION["userid"] ? $item1_info : $item2_info;
$meUser = new User(array("action" => "get", "id" => $_SESSION["userid"]));
$myInfo = $meUser->run(true);
$myInfo = $myInfo[0];
$oUser = new User(array("action" => "get", "id" => $other_usr));
$oInfo = $oUser->run(true);
$oInfo = $oInfo[0];
mysqli_query($con, "UPDATE `exchange` SET `date`='" . mysqli_real_escape_string($con, $timestamp) . "'");
sendNotify($other_usr, $myInfo["fname"] . " selected a date for you to exchange your " . $other_item["name"] . " for a " . $my_item["name"], "exchange.php?offerid=" . $id, "Meeting date selected!");
return 200;
} else {
return 406;
}
} else {
array_push($date_array, $d);
}
}
}
}
}
}
return 400;
}
Head::make("Validate Email");
Body::begin();
//Connect to MySQL
$con = mysqli_connect(host(), username(), password(), mainDb());
//Delete any previous validation keys from the server
mysqli_query($con, "DELETE FROM validate WHERE `id`='" . mysqli_real_escape_string($con, $_SESSION["userid"]) . "'");
//Generate a 256 character validation key
$ukey = random_key(256);
//Put the key in the table with the user ID attached
$set_key = "INSERT INTO validate(`id`, `key`) VALUES ('" . mysqli_real_escape_string($con, $_SESSION["userid"]) . "', '" . mysqli_real_escape_string($con, $ukey) . "')";
mysqli_query($con, $set_key);
//Close the connection
mysqli_close($con);
//Get info about the current user
$curuser = new User(array("action" => "get", "id" => $_SESSION["userid"]));
$uinfo = $curuser->run(true);
$uinfo = $uinfo[0];
//Send an email to the user
sendMail($uinfo["email"], $uinfo["fname"], $uinfo["lname"], "Validate Your Email", "Click the button below to validate your email.", "signup/continue.php?auth=" . urlencode($ukey), "Validate Email");
?>
<div class="layout-1200 uk-container-center">
<div class="uk-width-1-3 uk-align-center">
<h1>Validation Email Sent</h1>
<div class="text_small uk-text-center">to <?php
echo $uinfo["email"];
?>
<br/>
<input style="margin-top:1.5em;" type="button" class="button_primary text_medium green uk-align-center" onclick="location.reload(true);" value="Resend" />
</div>
</div>
/*
* Page Name: Picture
* Purpose: Print current user's profile picture
* Last Updated: 6/5/2014
* Signature: Tyler Nickerson
* Copyright 2014 eDart
*
* [Do not remove this header. One MUST be included at the start of every page/script]
*
*/
header("Content-type: image/jpg");
include_once $_SERVER["DOC_ROOT"] . "/scripts/php/core.php";
//Import core functionality
//Get current user's info
$thisUser = new User(array("action" => "get", "id" => $_SESSION["userid"]));
$userInfo = $thisUser->run(true);
//Get the current user's profile picture
$contents = $userInfo[0]["profile_pic"];
//If it isn't set...
if (trim($contents) == "") {
//...use the default image
$contents = file_get_contents($_SERVER["DOC_ROOT"] . "/img/user_icon_200.png");
}
//If a size is specified...
if (isset($_GET["size"])) {
switch (strtolower($_GET["size"])) {
//Change the image accordingly
case "small":
$contents = WideImage::loadFromString($contents)->resize(50)->asString('jpg');
break;
}
<input type="hidden" value="" name="withdraw" id="withdraw_item" />
</form>
<?php
if (count($offers) == 0) {
?>
<h6>No offers yet!</h6>
<?php
} else {
if (is_array($offers)) {
foreach ($offers as $offer) {
$item_call = new Item(array("action" => "get", "filter" => array("id" => $offer["id"])));
$item_info = $item_call->run(true);
$item_info = $item_info[0];
$owner_call = new User(array("action" => "get", "id" => $item_info["usr"]));
$owner_info = $owner_call->run(true);
$owner_info = $owner_info[0];
?>
<div class="offer" >
<div class="uk-grid uk_grid_preserve reset_padding">
<div onclick="window.location='./view.php?itemid=<?php
echo $offer["id"];
?>
&userid=<?php
echo $item_info["usr"];
?>
';"
class="uk-width-2-10 picture"
style="background-image:url('/imageviewer/?id=<?php
echo $offer["id"];
function printItem($itemid)
{
//Get the item info
$item = new Item(array("action" => "get", "filter" => array("id" => $itemid)));
$item_info = $item->run(true);
//Load them into variables
$item_img_url = "/imageviewer/?id=" . $itemid;
$item_name = $item_info[0]["name"];
$item_desc = $item_info[0]["description"];
$item_price = $item_info[0]["emv"];
$item_adddate = $item_info[0]["adddate"];
$item_duedate = $item_info[0]["duedate"];
$item_dodue = $item_duedate != 0;
$item_expires = $item_info[0]["expiration"];
$item_owner = $item_info[0]["usr"];
//Format the due date
//If the due date isn't this year, include the year
if (date("Y", $item_duedate) == date("Y")) {
$item_duedate = date("F jS", $item_duedate);
} else {
$item_duedate = date("n/j/Y", $item_duedate);
}
//Format the add date
//Follow the same year rule as the due date
if (date("Y", $item_adddate) == date("Y")) {
$item_adddate = date("F jS", $item_adddate);
} else {
$item_adddate = date("n/j/Y", $item_adddate);
}
//Format the expiration date
//Again, follow the year rule
if (date("Y", $item_expires) == date("Y")) {
$item_expires = date("F jS", $item_expires);
} else {
$item_expires = date("n/j/Y", $item_expires);
}
//Get the owner's info
$owner = new User(array("action" => "get", "id" => $item_owner));
$owner_info = $owner->run(true);
$owner_name = $owner_info[0]["fname"] . " " . $owner_info[0]["lname"];
$item_offer_count = is_array(json_encode($item_info[0]["offers"], true)) ? count(json_encode($item_info[0]["offers"])) : 0;
$item_emv = strlen($item_info[0]["emv"]) != 0 ? $item_info[0]["emv"] : 0;
$item_html = <<<ITEM1
\t\t\t\t\t\t\t \t\t<div class="uk-width-1-1 uk-align-center">
\t\t\t\t\t\t\t\t\t\t<div class="item" onclick="window.location='/view.php?itemid={$itemid}&userid={$item_owner}';">
\t\t\t\t\t\t\t\t\t\t\t<div class="uk-grid uk-grid-preserve reset_padding">
\t\t\t\t\t\t\t\t\t\t\t\t<div class="uk-width-4-6 info">
\t\t\t\t\t\t\t\t\t\t\t\t\t<div class="header">{$item_name} </div>
\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class="description">{$item_desc}</div>
\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class="overview uk-grid">
\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class="uk-width-1-3" title="Number of Offers">
\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class="uk-icon-cube"></span> {$item_offer_count}
\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class="uk-width-1-3" title="View Count">
\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class="uk-icon-eye"></span> {$item_info[0]["views"]}
\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class="uk-width-1-3" title="Estimated Market Value (EMV)">
\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<span class="uk-icon-usd"></span> {$item_emv}
\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t\t\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t\t\t\t\t\t\t<div class="uk-width-2-6">
\t\t\t\t\t\t\t\t\t\t\t\t\t<div style="background:url('/imageviewer/?id={$itemid}&size=medium') no-repeat center center;" class="thumbnail">
\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class="gradient"></div>
\t\t\t\t\t\t\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t\t\t\t</div>\t\t\t\t\t
ITEM1;
//Print the HTML
echo $item_html;
}
<?php
include_once $_SERVER["DOC_ROOT"] . "/api/api_lib/call.php";
$lib = strtolower(trim($_GET["lib"]));
$library;
$return;
switch ($lib) {
case "item":
$library = new Item($_GET);
$return = $library->run();
break;
case "user":
$library = new User($_GET);
$return = $library->run(false);
break;
case "login":
$library = new Login($_GET);
$return = $library->run();
break;
case "listener":
$library = new Listener($_GET);
$return = $library->listen();
break;
case "messenger":
$library = new Messenger($_GET);
$return = $library->run();
break;
case "exchange":
$library = new Exchange($_GET);
$return = $library->run();
break;
public function get($id)
{
global $con;
$post_html = "";
$query = mysqli_query($con, "SELECT * FROM `feed` ORDER BY `date` DESC");
while ($post = mysqli_fetch_array($query)) {
$getUser = new User(array("action" => "get", "id" => $post["usr"]));
$userInfo = $getUser->run(true);
$date_relative = getRelativeDT(time(), $post["date"]);
if ($userInfo != 404) {
$post_html .= <<<POST
\t\t\t\t\t<div class="post hidden">
\t\t\t\t\t\t<div class="img">
\t\t\t\t\t\t\t<a href="/profile.php?id={$post["usr"]}">
\t\t\t\t\t\t\t\t<img alt="Profile Picture" src="/profile.php?id={$post["usr"]}&load=image&size=small" style="cursor:pointer;">
\t\t\t\t\t\t\t</a>
\t\t\t\t\t\t</div>
\t\t\t\t\t\t<div class="cocnt">
\t\t\t\t\t\t\t<div style="cursor:pointer;" class="hdr">
\t\t\t\t\t\t\t\t<a href="/profile.php?id={$post["usr"]}">
\t\t\t\t\t\t\t\t\t{$userInfo[0]["fname"]} {$userInfo[0]["lname"]}
\t\t\t\t\t\t\t\t</a>
\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t\t<div class="txt">
\t\t\t\t\t\t\t\t<a href="{$post["link"]}">
\t\t\t\t\t\t\t\t\t{$post["string"]}
\t\t\t\t\t\t\t\t</a>
\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t</div>
\t\t\t\t\t\t<div class="date">
\t\t\t\t\t\t\t{$date_relative} ago
\t\t\t\t\t\t</div>
\t\t\t\t\t</div>
POST;
}
}
return str_replace("\t", "", str_replace("\n", "", $post_html));
}
private function create($fields, $requiredFields, $forbidden)
{
global $con, $available_condition, $available_category;
$fields["citytown"] = "Worcester";
$fields["state"] = "MA";
$fields["stadd2"] = "100 Institute Road";
$pass = true;
$hasforbidden = false;
foreach ($requiredFields as $v) {
if (!array_key_exists($v, $fields)) {
return 401;
} else {
if (trim($fields[$v]) == "") {
return 401;
}
}
}
foreach ($forbidden as $v) {
if (array_key_exists($v, $fields)) {
return 402;
}
}
$userInfo = array();
if (!isset($_SESSION["userid"])) {
return 403;
} else {
$curUser = new User(array("action" => "get", "id" => $_SESSION["userid"]));
$userInfo = $curUser->run(true);
}
if ($userInfo[0]["status"] != "2") {
return 403;
} else {
$itemid = random_key(256);
$fields["adddate"] = time();
$emv = $this->calculateEMV($fields["name"]);
$fields["emv"] = $emv;
$base_array = array("usr" => trim($_SESSION["userid"]), "id" => $itemid);
if (isset($fields) && is_array($fields)) {
$item_fields = array_merge($base_array, $fields);
} else {
$item_fields = $base_array;
}
addRow($con, "item", $item_fields);
$pronoun = "his/her";
switch (intval($userInfo[0]["gender"])) {
case 1:
$pronoun = "his";
break;
case 2:
$pronoun = "her";
break;
}
$feed = new Feed();
$feed->add($_SESSION["userid"], "posted {$pronoun} item: {$item_fields["name"]}", time(), "/view.php?itemid={$itemid}&userid={$_SESSION["userid"]}");
return $itemid;
}
}
"></div>
</div>
</div>
<?php
}
?>
<?php
}
?>
</div>
</div>
</div>
<?php
$user_obj = new User(array("action" => "get", "id" => $_SESSION["userid"]));
$user_info = $user_obj->run(true);
$user_info = $user_info[0];
$notifications = $user_info["notify"];
//Unread message count
$new_count = 0;
foreach ($notifications as $notification) {
if ($notification["read"] != 1) {
$new_count++;
}
}
?>
<div onclick="display_menu('#notification_menu', this);" id="notify_icon" class="<?php
if ($new_count != 0) {
?>
static_active <?php
}
$uid = $uid[0];
$name = "User";
if ($uid) {
$user_info = new User(array("action" => "get", "id" => $uid));
$user_array = $user_info->run(true);
$user_array = $user_array[0];
$name = $user_array["fname"];
if (isset($_POST["npwd"]) && isset($_POST["rnpwd"])) {
if (empty($_POST["npwd"]) || empty($_POST["rnpwd"])) {
header("Location:./?auth={$_GET["auth"]}&error=107");
} else {
if ($_POST["npwd"] == $_POST["rnpwd"]) {
$_SESSION["userid"] = $uid;
//Set the user temporarily logged in
$change_user = new User(array("action" => "update", "fields" => array("password" => $_POST["npwd"])));
$back = $change_user->run(true);
//Make the password change
unset($_SESSION["userid"]);
//Log them out
mysqli_query($con, "DELETE FROM `pass_reset` WHERE `key`='" . mysqli_real_escape_string($con, $_GET["auth"]) . "'");
$complete = true;
} else {
header("Location:./?auth={$_GET["auth"]}&error=105");
}
}
}
} else {
header("Location:/");
}
} else {
header("Location:/");
function getRecentActivity($uid)
{
//Declare the primary log for this user
$log = array();
$posse = "his/her";
//User possessive
$prono = "he/she";
//User pronoun
/* * * * * * * * * * * * * * * * *
* CHECK #1 *
* Join date of user *
* * * * * * * * * * * * * * * * */
// 1) Pull the user info from the database
$curUser = new User(array("action" => "get", "id" => $uid));
$userInfo = $curUser->run(true);
//The 'true' gives us extra permissions
// 2) If the user doesn't exists...
if (count($userInfo) == 0) {
return array();
//Exit
}
// 3) But if they do, add them to the log
//Get the first and last name of the user
$fname = $userInfo[0]["fname"];
$lname = $userInfo[0]["lname"];
$ulog_str = "{$fname} joined eDart";
//User log string
$ulog_dte = $userInfo[0]["join_date"];
//User log date
$ulog_lnk = "/profile.php?id=" . $uid;
//User log link
//Create a log to append
$user_log = array("id" => $uid, "name" => "{$fname} {$lname}", "string" => $ulog_str, "date" => $ulog_dte, "link" => $ulog_lnk);
//Append the log
array_push($log, $user_log);
//Set the pronoun different if it's a girl
if (intval($userInfo[0]["gender"]) == 2) {
$posse = "her";
$prono = "she";
} else {
if (intval($userInfo[0]["gender"]) == 1) {
$posse = "his";
$prono = "he";
}
}
/* * * * * * * * * * * * * * * * *
* CHECK #2 *
* Any added items *
* * * * * * * * * * * * * * * * */
// 1) Return an array of every item in the database
$itemsCall = new Item(array("action" => "get"));
$allItems = $itemsCall->run(true);
foreach ($allItems as $item) {
// 2) Check to see if the user posted the item
if ($item["usr"] == $uid) {
//If they did, add it to the log
$plog_str = "{$fname} posted {$posse} item: " . $item["name"];
$plog_dte = $item["adddate"];
$plog_lnk = "/view.php?itemid=" . $item["id"] . "&userid=" . $item["usr"];
$post_log = array("id" => $uid, "name" => "{$fname} {$lname}", "string" => $plog_str, "date" => $plog_dte, "link" => $plog_lnk);
array_push($log, $post_log);
} else {
//If they didn't, see if they made an offer on it
$offers = json_decode($item["offers"], true);
if (is_array($offers)) {
foreach ($offers as $user => $offer) {
if (trim($user) == trim($uid)) {
//Turns 'a' to 'an' if item starts with a vowel
$vowarr = array('a', 'e', 'i', 'o', 'u');
$name = $item["name"];
$itemname_start = $name[0];
$a = "a";
if (in_array(strtolower($itemname_start), $vowarr)) {
$a .= "n";
}
//Get info about the item
$offer_item = new Item(array("action" => "get", "filter" => array("id" => $offer[0])));
$offer_info = $offer_item->run(true);
//Add it to the log
$olog_str = "{$fname} offered {$posse} {$offer_info[0]["name"]} for {$a} {$name}";
$olog_dte = $offer[1];
$olog_lnk = "/view.php?itemid=" . $item["id"] . "&userid=" . $item["usr"];
$offer_log = array("id" => $uid, "name" => "{$fname} {$lname}", "string" => $olog_str, "date" => $olog_dte, "link" => $olog_lnk);
array_push($log, $offer_log);
}
}
}
}
}
//Now sort it
usort($log, "syncedSort");
//Return it
return $log;
}
<?php
/**
* Jcrop image cropping plugin for jQuery
* Example cropping script
* @copyright 2008-2009 Kelly Hallman
* More info: http://deepliquid.com/content/Jcrop_Implementation_Theory.html
*/
include_once $_SERVER["DOC_ROOT"] . "/scripts/php/core.php";
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$targ_w = $_POST['w'];
$targ_h = $_POST['h'];
$jpeg_quality = 100;
$src = base64_decode($_POST["img"]);
$img_r = imagecreatefromstring($src);
$dst_r = ImageCreateTrueColor($targ_w, $targ_h);
imagecopyresampled($dst_r, $img_r, 0, 0, $_POST['x'], $_POST['y'], $targ_w, $targ_h, $_POST['w'], $_POST['h']);
$img_data = WideImage::load($dst_r)->resize(200)->asString('jpg');
$thisUser = new User(array("action" => "update", "fields" => array("profile_pic" => $img_data)));
$thisUser->run(true);
header('Location: /me');
exit;
}
<?php
include_once $_SERVER["DOC_ROOT"] . "/scripts/php/core.php";
if (isset($_SESSION["userid"])) {
$user_call = new User(array("action" => "get", "id" => $_SESSION["userid"]));
$user_info = $user_call->run(true);
$user_info = $user_info[0];
switch ($user_info["status"]) {
case 0:
header("Location:/signup/email_sent.php");
break;
case 1:
header("Location:/terms.php");
break;
default:
header("Location:/");
break;
}
}
