/** * Выполнить аутентификацию * * @param string $mail почта * @param string $password пароль * @param bool $autologin помнить на сайте * @throws UserException Пользователь не существует * @throws UserException Неверный пароль * @throws UserException Пользователь не активирован * @throws UserException Неверный формат почты */ public function authentication($mail, $password, $autologin = false, $isMd5 = false) { $bad = true; if (checkMail($mail)) { $res = $this->_sql->query("SELECT `id` , `mail` , `password` , INET_NTOA( `ip` ) AS `ip` , `register_date` , `name` , `second_name` , `gender` , `burthday` , `photo` , `country` , `region` , `city` , `street` , `utc_time` , `state` , `status` FROM `SITE_USERS` WHERE `mail`='{$mail}'"); $userResult = $this->_sql->GetRows($res); if ($userResult == NULL) { throw new UserException($mail, UserException::USR_NOT_EXSIST); } $userResult = $userResult[0]; $this->userID = $userResult["id"]; if (!$isMd5) { $password = md5($password); } if ($userResult["password"] != $password) { throw new UserException($mail, UserException::USR_PASSWORD_INCORRECT); } else { if ($this->checkIfActivated($userResult)) { if ($autologin) { setcookie("sec", md5($this->userID) . md5($userResult["mail"]), time() + 221356800, "/"); setcookie("id", $this->userID, time() + 221356800, "/"); } $_SESSION["user"] = $userResult; } else { throw new UserException($mail, UserException::USR_NOT_ACTIVATED); } } } else { throw new UserException($mail, UserException::USR_NAME_INCORRECT); } return true; }
function addComment($params) { $name = isset($_POST['comname']) ? addslashes(trim($_POST['comname'])) : ''; $content = isset($_POST['comment']) ? addslashes(trim($_POST['comment'])) : ''; $mail = isset($_POST['commail']) ? addslashes(trim($_POST['commail'])) : ''; $url = isset($_POST['comurl']) ? addslashes(trim($_POST['comurl'])) : ''; $imgcode = isset($_POST['imgcode']) ? addslashes(trim(strtoupper($_POST['imgcode']))) : ''; $blogId = isset($_POST['gid']) ? intval($_POST['gid']) : -1; $pid = isset($_POST['pid']) ? intval($_POST['pid']) : 0; if (ISLOGIN === true) { $CACHE = Cache::getInstance(); $user_cache = $CACHE->readCache('user'); $name = addslashes($user_cache[UID]['name_orig']); $mail = addslashes($user_cache[UID]['mail']); $url = addslashes(BLOG_URL); } if ($url && strncasecmp($url, 'http', 4)) { $url = 'http://' . $url; } doAction('comment_post'); $Comment_Model = new Comment_Model(); $Comment_Model->setCommentCookie($name, $mail, $url); if ($Comment_Model->isLogCanComment($blogId) === false) { emMsg('评论失败:该文章已关闭评论'); } elseif ($Comment_Model->isCommentExist($blogId, $name, $content) === true) { emMsg('评论失败:已存在相同内容评论'); } elseif (ROLE == ROLE_VISITOR && $Comment_Model->isCommentTooFast() === true) { emMsg('评论失败:您提交评论的速度太快了,请稍后再发表评论'); } elseif (empty($name)) { emMsg('评论失败:请填写姓名'); } elseif (strlen($name) > 20) { emMsg('评论失败:姓名不符合规范'); } elseif ($mail != '' && !checkMail($mail)) { emMsg('评论失败:邮件地址不符合规范'); } elseif (ISLOGIN == false && $Comment_Model->isNameAndMailValid($name, $mail) === false) { emMsg('评论失败:禁止使用管理员昵称或邮箱评论'); } elseif (!empty($url) && preg_match("/^(http|https)\\:\\/\\/[^<>'\"]*\$/", $url) == false) { emMsg('评论失败:主页地址不符合规范', 'javascript:history.back(-1);'); } elseif (empty($content)) { emMsg('评论失败:请填写评论内容'); } elseif (strlen($content) > 8000) { emMsg('评论失败:内容不符合规范'); } elseif (ROLE == ROLE_VISITOR && Option::get('comment_needchinese') == 'y' && !preg_match('/[\\x{4e00}-\\x{9fa5}]/iu', $content)) { emMsg('评论失败:评论内容需包含中文'); } elseif (ISLOGIN == false && Option::get('comment_code') == 'y' && session_start() && (empty($imgcode) || $imgcode !== $_SESSION['code'])) { emMsg('评论失败:验证码错误'); } else { $_SESSION['code'] = null; $Comment_Model->addComment($name, $content, $mail, $url, $imgcode, $blogId, $pid); } }
/** * Зарегистрировать нового пользователя в системе * * @param string $mail Почта * @param string $password Пароль * @param string $name Имя * @param string $surname Фамилия * @param string $burthday Дата рождения * @param bool $gender Пол * @param integer $ip IP * @throws UserException Если пользователь уже существует * @throws UserException Если неверна дата рождения * @throws UserException Не заполнены имя и фамилия * @throws UserException Неверный формат почты */ public function register($mail, $password, $name, $surname, $burthday, $gender, $ip) { if (checkMail($mail)) { if ($this->checkIfExsist($mail)) { throw new UserException($mail, UserException::USR_ALREADY_EXIST); } if (!checkDateFormat($burthday)) { throw new UserException($mail, UserException::USR_CHECK_BURTHDAY); } else { if ($name == "" && $surname == "") { throw new UserException($mail, UserException::USR_NAME_EMPTY); } } $textPassword = $password; $password = md5($password); $date = date("Y-m-d"); $query = "\r\n INSERT INTO `SITE_USERS` SET\r\n `mail`='{$mail}',\r\n `password`='{$password}',\r\n `ip`={$ip},\r\n `register_date`='{$date}',\r\n `name`='{$name}',\r\n `second_name`='{$surname}',\r\n `gender`={$gender},\r\n `burthday`='{$burthday}'\r\n "; $this->_sql->query($query); $querySelectId = $this->_sql->selFieldsWhere("SITE_USERS", "`mail`='{$mail}'", "id"); $arr = $this->_sql->GetRows($querySelectId); $id = $arr[0]["id"]; $activationKey = $this->generateActivationKey(7); $insertActivationRowData = array($id, $activationKey); $this->_sql->insert("USERS_ACTIVATION_KEYS", $insertActivationRowData); $p = new UserMailer(); $p->mail = $mail; $embeddedImages = array("photos/no-photo.jpg", "photos/no-galary.jpg"); $s = new SmartyExst(); $s->assign("NAME", "{$name} {$surname}"); $s->assign("PASS", $textPassword); $s->assign("ID", $id); $s->assign("KEY", $activationKey); $sendString = $s->fetch($this->mailTemplate); $p->registerSend($sendString, $embeddedImages); return $id; } else { throw new UserException($mail, UserException::USR_NAME_INCORRECT); } }
/** * Fügt ein Mitglied in die Datenbank ein und setzt den Status auf "aktiv" * * @param String $name * @param String $vorname * @param Varchar $email * @param String $faktor * * @return Integer Success/Error Code */ public function addMitglied($name, $vorname, $email, $faktor) { if (!checkMail($email)) { return -1; } else { $cSql = "SELECT * FROM " . _TBL_MA_ . " WHERE name = LOWER('" . $name . "') OR email = LOWER('" . $email . "')"; if (!($result = mysql_query($cSql, $this->DBConn)) || mysql_num_rows($result) == 0) { $sql = "INSERT INTO " . _TBL_MA_ . " (name, vorname, email, eintritt, faktor) \n\t\t\t\t\t\t\t\t\t\t\t\t\t\tVALUES ('" . $name . "', '" . $vorname . "', '" . $email . "', CURDATE(), '" . $faktor . "')"; if (!($result = mysql_query($sql, $this->DBConn)) || mysql_affected_rows($this->DBConn) != 1) { return -2; } else { $sSql = "INSERT INTO " . _TBL_MA_STAT_ . " (maId, status, datum) VALUES (LAST_INSERT_ID(), 1, CURDATE())"; if (!($result = mysql_query($sSql, $this->DBConn)) || mysql_affected_rows($this->DBConn) != 1) { return -3; } else { return 1; } } } else { return -4; } } }
$data = $c->get(); $c->close(); $i['post']['face_url'] = stripslashes(textMiddle($data, '<img class=portrait-img src=\\x22', '\\x22>')); } /* 受信任的设置项,如果插件要使用系统的API去储存设置,必须通过set_save1或set_save2挂载点挂载设置名 具体挂载方法为: global $PostArray; $PostArray[] = '设置名'; 为了兼容旧版本,可以global以后检查一下是不是空变量,为空则为旧版本 */ $PostArray = array('face_img', 'face_baiduid', 'face_url'); doAction('set_save1'); //更改邮箱 if ($_POST['mail'] != $i['user']['email'] && !empty($_POST['mail'])) { if (checkMail($_POST['mail'])) { $mail = sqladds($_POST['mail']); $z = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users` WHERE email='{$mail}'"); if ($z['total'] > 0) { msg('修改失败:邮箱已经存在'); } $m->query("UPDATE `" . DB_PREFIX . "users` SET `email` = '{$mail}' WHERE `id` = '" . UID . "';"); } else { msg('邮箱格式有误,请检查'); } } $set = array(); foreach ($PostArray as $value) { if (!isset($i['post'][$value])) { $i['post'][$value] = ''; }
mysql_query($query); //$last_id = mysql_insert_id(); } } //Address Book Data Insert ---End--- //Customer Data Insert ---Start--- for($i=1;$i<=$data->sheets[0]['numRows'];$i++) { $customer_fname = " "; $customer_lname = " "; $customer_contactname = mysql_real_escape_string($data->sheets[0]['cells'][$i][3]); $customer_email = $data->sheets[0]['cells'][$i][29]; $check_customer_email = checkMail($customer_email); $customer_company_name = $data->sheets[0]['cells'][$i][2]; $comp_name = compName($customer_company_name); $companyphone = $data->sheets[0]['cells'][$i][10]; $companyfax = $data->sheets[0]['cells'][$i][14]; $billing_add1 = $data->sheets[0]['cells'][$i][5]; $billing_add2 = $data->sheets[0]['cells'][$i][6]; $billing_city = $data->sheets[0]['cells'][$i][7]; $billing_state = $data->sheets[0]['cells'][$i][8]; $bill_state_val = State_Val($billing_state); $billing_zip = $data->sheets[0]['cells'][$i][9]; $invoice_type = $data->sheets[0]['cells'][$i][18]; $billing_frequency = $data->sheets[0]['cells'][$i][19]; $account_status = $data->sheets[0]['cells'][$i][20]; $status = ($account_status == 'Y')? '1':'0'; $shipping_comp_name = " ";
$mail = addslashes($user_cache[UID]['mail']); $url = addslashes(BLOG_URL); } if ($url && strncasecmp($url, 'http', 4)) { $url = 'http://' . $url; } doAction('comment_post'); if ($Comment_Model->isLogCanComment($blogId) === false) { mMsg('评论失败:该文章已关闭评论', $targetBlogUrl); } elseif ($Comment_Model->isCommentExist($blogId, $name, $content) === true) { mMsg('评论失败:已存在相同内容评论', $targetBlogUrl); } elseif ($Comment_Model->isCommentTooFast() === true) { mMsg('评论失败:您提交评论的速度太快了,请稍后再发表评论', $targetBlogUrl); } elseif (strlen($name) > 20 || strlen($name) == 0) { mMsg('评论失败:姓名不符合规范', $targetBlogUrl); } elseif ($mail != '' && !checkMail($mail)) { mMsg('评论失败:邮件地址不符合规范', $targetBlogUrl); } elseif (ISLOGIN == false && $Comment_Model->isNameAndMailValid($name, $mail) === false) { mMsg('评论失败:禁止使用管理员昵称或邮箱评论', $targetBlogUrl); } elseif (strlen($content) == '' || strlen($content) > 2000) { mMsg('评论失败:内容不符合规范', $targetBlogUrl); } elseif (ROLE == ROLE_VISITOR && Option::get('comment_needchinese') == 'y' && !preg_match('/[\\x{4e00}-\\x{9fa5}]/iu', $content)) { mMsg('评论失败:评论内容需包含中文', $targetBlogUrl); } elseif (ISLOGIN == false && Option::get('comment_code') == 'y' && session_start() && $imgcode != $_SESSION['code']) { mMsg('评论失败:验证码错误', $targetBlogUrl); } else { $DB = Database::getInstance(); $ipaddr = getIp(); $utctimestamp = time(); if ($pid != 0) { $comment = $Comment_Model->getOneComment($pid);
$city = $_POST['city']; $postCode = $_POST['postCode']; if (!empty($nip) && !empty($name) && !empty($lastname) && !empty($email)) { function checkMail($checkmail) { if (filter_var($checkmail, FILTER_VALIDATE_EMAIL)) { if (checkdnsrr(array_pop(explode("@", $checkmail)), "MX")) { return true; } else { return false; } } else { return false; } } if (checkMail($email)) { //dodatkowe informacje: ip i host użytkownika $ip = $_SERVER['REMOTE_ADDR']; $host = gethostbyaddr($_SERVER['REMOTE_ADDR']); $mailText = "NIP:\n{$nip}\nLiczba osób:\n{$perNum}\nUlica:\n{$street}\nNumer domu:\n{$houseNumber}\nNumer mieszkania:\n{$apartmentNumber}\nPaństwo:\n{$country}\nMiasto:\n{$city}\nWojewództwo:\n{$region}\nKod pocztowy:\n{$postCode}\nOd: {$name}, {$lastname}, {$email} ({$ip}, {$host})"; $mailHeader = "Od: {$name} <{$email}>"; @mail($mojemail, 'Formularz zgłoszeniowy', $mailText, $mailHeader) or die('Błąd: formularz nie został wysłana'); echo 'Przesłane informacje:<br /> NIP: '; echo $_POST['nip']; echo '<br /> Imię: '; echo $_POST['name']; echo '<br />Nazwisko: '; echo $_POST['lastname']; echo '<br /> E-mail: '; echo $_POST['email']; echo '<br />Liczba osób: ';
$mail->send(); } //Mail checker function checkMail($mail) { if (preg_match("/^[_\\.0-9a-zA-Z-]+@([0-9a-zA-Z][0-9a-zA-Z-]+\\.)+[a-zA-Z]{2,6}\$/i", $mail)) { return true; } else { return false; } } if (isset($_POST['nombre']) && !empty($_POST['nombre']) and isset($_POST['mail']) && !empty($_POST['mail']) and isset($_POST['mensaje']) && !empty($_POST['mensaje'])) { $mail = mysqli_real_escape_string($db, $_POST['mail']); $nombre = mysqli_real_escape_string($db, $_POST['nombre']); $mensaje = mysqli_real_escape_string($db, $_POST['mensaje']); if (checkMail($mail)) { $sql = "INSERT INTO users (`id`, `nombre`, `email`, `mensaje`) VALUES('','{$nombre}','{$mail}','{$mensaje}')"; $saveDB = mysqli_query($db, $sql); if ($saveDB) { MailGin($mail, $nombre, $mensaje); echo "<div id='respuestaAjax'><script>document.getElementById('formulario').reset(); </script> \n\t\t\t\t\t\t\t<script>\n\t\t\t\t\t\t\tswal({ title: 'GRACIAS', \n\t\t\t\t\t\t\ttext: 'En breve nos comunicaremos contigo', \n\t\t\t\t\t\t\timageUrl: './img/succes.png', \n\t\t\t\t\t\t\tconfirmButtonColor: '#000'\n\t\t\t\t\t\t\t });\n\t\t\t\t\t\t \t </script></div>"; //*enviaMail($nombre,$mail,$mensaje); //header('Location: ../thankyou.html'); } else { echo "<div id='respuestaAjax'> \n\t\t\t\t\t\t \t<script>\n\t\t\t\t\t\t\tswal({ title: 'ERROR', \n\t\t\t\t\t\t\ttext: 'Error en base de datos', \n\t\t\t\t\t\t\timageUrl: './img/error.png', \n\t\t\t\t\t\t\tconfirmButtonColor: '#000'\n\t\t\t\t\t\t\t });\n\t\t\t\t\t\t \t </script></div>"; echo mysqli_error($db); } } else { echo "<div id='respuestaAjax'> \n\t\t\t\t\t\t \t<script>\n\t\t\t\t\t\t\tswal({ title: 'ERROR', \n\t\t\t\t\t\t\ttext: 'Mail invalido', \n\t\t\t\t\t\t\timageUrl: './img/error.png', \n\t\t\t\t\t\t\tconfirmButtonColor: '#000'\n\t\t\t\t\t\t\t });\n\t\t\t\t\t\t \t </script></div>"; } } else {
switch ($_GET['do']) { case 'register': $registerSubmit = filter_input(INPUT_POST, 'register', FILTER_SANITIZE_STRING); // Sicherheitsfunktionen für POST if ($registerSubmit) { $mail = filter_input(INPUT_POST, 'mail'); $mailConfirm = filter_input(INPUT_POST, 'mailC'); $pw = filter_input(INPUT_POST, 'password'); $pwConfirm = filter_input(INPUT_POST, 'passwordC'); $agb = filter_input(INPUT_POST, 'agb'); // Error - array $registerErrors = []; // check mail if (empty($mail)) { $registerErrors['mail'][] = 'Bitte geben Sie Ihre E-Mail Adresse an.'; } elseif (!checkMail($_POST['mail'], $db)) { $registerErrors['mail'][] = 'Diese E-Mail Adresse wird bereits verwendet.'; } if (!filterEmail($mail)) { $registerErrors['mail'][] = 'Die angegebene E-Mail Adresse ist ungültig.'; } if (empty($mailConfirm)) { $registerErrors['mailConfirm'][] = 'Bitte bestätigen die Ihre E-Mail Adresse.'; } if ($mail !== $mailConfirm) { $registerErrors['mailConfirm'][] = 'Die E-Mail Adresse stimmen nicht überein.'; } // PASSWORD if (empty($pw)) { $registerErrors['password'][] = 'Bitte geben Sie ein Passwort ein.'; } elseif (!filterPassword($pw)) {
function dl_invite_yz() { global $m; if (option::get('enable_reg') != '1') { msg('注册失败:该站点已关闭注册'); } $name = isset($_POST['user']) ? addslashes(strip_tags($_POST['user'])) : ''; $mail = isset($_POST['mail']) ? addslashes(strip_tags($_POST['mail'])) : ''; $pw = isset($_POST['pw']) ? addslashes(strip_tags($_POST['pw'])) : ''; $yr = isset($_POST['invite']) ? addslashes(strip_tags($_POST['invite'])) : ''; if (empty($name) || empty($mail) || empty($pw)) { msg('注册失败:请正确填写账户、密码或邮箱'); } $x = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users` WHERE name='{$name}'"); $z = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users` WHERE email='{$name}'"); $y = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users`"); if ($x['total'] > 0) { msg('注册失败:用户名已经存在'); } if ($z['total'] > 0) { msg('注册失败:邮箱已经存在'); } if (!checkMail($mail)) { msg('注册失败:邮箱格式不正确'); } if (empty($yr)) { msg('注册失败:请输入邀请码'); } $invite = $m->fetch_array($m->query('select * from `' . DB_NAME . '`.`' . DB_PREFIX . 'dl_invite` where `code` = "' . $yr . '"')); if (!empty($invite['code'])) { $dlyr = $invite['code']; $m->query('DELETE FROM `' . DB_NAME . '`.`' . DB_PREFIX . 'dl_invite` where `code` = "' . $dlyr . '"'); } else { msg('注册失败:邀请码错误或已被使用'); } if ($y['total'] <= 0) { $role = 'admin'; } else { $role = 'user'; } doAction('admin_reg_2'); $m->query('INSERT INTO `' . DB_NAME . '`.`' . DB_PREFIX . 'users` (`id`, `name`, `pw`, `email`, `role`, `t`) VALUES (NULL, \'' . $name . '\', \'' . EncodePwd($pw) . '\', \'' . $mail . '\', \'' . $role . '\', \'' . getfreetable() . '\');'); setcookie("wmzz_tc_user", $name); setcookie("wmzz_tc_pw", EncodePwd($pw)); doAction('admin_reg_3'); ReDirect('index.php'); echo '}'; die; }
$statement->execute(array($task, $description, $ip)); $taskId = $pdo->query('SELECT LAST_INSERT_ID()')->fetchColumn(); $queryBits = array(); foreach ((array) @$_POST['label'] as $labelId) { $queryBits[] = sprintf('(%d, %d)', $taskId, (int) $labelId); } // labels if (!empty($queryBits)) { $queryBits = implode(', ', $queryBits); $pdo->query("INSERT INTO {$tablesPrefix}tasks_labels (task_id, label_id) VALUES {$queryBits}"); } // notifications $mail = trim($_POST['mail']) ?: null; if ($mail) { if (!checkMail($mail)) { throw new FormException('Invalid e-mail address.'); } $statement = $pdo->prepare("INSERT INTO {$tablesPrefix}tasks_notify (task_id, email, ipv4)\n\t\t\t\tVALUES (?, ?, ?)"); $statement->execute(array($taskId, $mail, $ip)); } $pdo->commit(); if (!empty($notificationsEmail) && checkMail($notificationsEmail)) { $body = $task . "\n\n" . $description . "\n\n" . sprintf('http://%s?issue=%d', $_SERVER['HTTP_HOST'] . preg_replace('/\\?.*$/', '', $_SERVER['REQUEST_URI']), $taskId) . "\n"; sendMail(sprintf('noreply@%s', $_SERVER['HTTP_HOST']), $notificationsEmail, sprintf('%sNew issue submitted', $projectTitle ? "{$projectTitle} " : ''), $body); } header(sprintf('Location: ?issue=%d', $taskId), null, 303); exit; } catch (FormException $e) { $errorMessage = $e->getMessage(); } }
View::output(); } if ($action == 'update') { LoginAuth::checkToken(); $User_Model = new User_Model(); $photo = isset($_POST['photo']) ? addslashes(trim($_POST['photo'])) : ''; $nickname = isset($_POST['name']) ? addslashes(trim($_POST['name'])) : ''; $email = isset($_POST['email']) ? addslashes(trim($_POST['email'])) : ''; $description = isset($_POST['description']) ? addslashes(trim($_POST['description'])) : ''; $login = isset($_POST['username']) ? addslashes(trim($_POST['username'])) : ''; $newpass = isset($_POST['newpass']) ? addslashes(trim($_POST['newpass'])) : ''; $repeatpass = isset($_POST['repeatpass']) ? addslashes(trim($_POST['repeatpass'])) : ''; if (strlen($nickname) > 20) { emDirect("./blogger.php?error_a=1"); } else { if ($email != '' && !checkMail($email)) { emDirect("./blogger.php?error_b=1"); } elseif (strlen($newpass) > 0 && strlen($newpass) < 6) { emDirect("./blogger.php?error_c=1"); } elseif (!empty($newpass) && $newpass != $repeatpass) { emDirect("./blogger.php?error_d=1"); } elseif ($User_Model->isUserExist($login, UID)) { emDirect("./blogger.php?error_e=1"); } elseif ($User_Model->isNicknameExist($nickname, UID)) { emDirect("./blogger.php?error_f=1"); } } if (!empty($newpass)) { $PHPASS = new PasswordHash(8, true); $newpass = $PHPASS->HashPassword($newpass); $User_Model->updateUser(array('password' => $newpass), UID);
if ($mailAdd && $mailDismiss) { throw new FormException('You cannot add and dismiss e-mail addresses at once.'); } if ($mailDismiss) { if (!checkMail($mailDismiss)) { throw new FormException('Invalid e-mail address.'); } $statement = $pdo->prepare("DELETE FROM {$tablesPrefix}tasks_notify WHERE task_id = ? AND email = ?"); $statement->execute(array($issueId, $mailDismiss)); $deleted = (bool) $pdo->query('SELECT ROW_COUNT()')->fetchColumn(); if (!$deleted) { throw new FormException('No such e-mail address in database.'); } $successMessage = 'E-mail address dismissed.'; } elseif ($mailAdd) { if (!checkMail($mailAdd)) { throw new FormException('Invalid e-mail address.'); } $statement = $pdo->prepare("SELECT 1 FROM {$tablesPrefix}tasks_notify WHERE ipv4 = ? AND email = ?"); $statement->execute(array($ip, $mailAdd)); $alreadySubmitted = $statement->fetchColumn(); if (!$alreadySubmitted) { $statement = $pdo->prepare("SELECT COUNT(DISTINCT email) FROM {$tablesPrefix}tasks_notify WHERE ipv4 = ?"); $statement->execute(array($ip)); $distinctEmails = $statement->fetchColumn(); if ($distinctEmails >= $maxEmailsSubmission) { header(' ', null, 403); echo 'You have submitted too many different e-mail addresses from your IP.'; exit; } }
function phpMail($to, $subject, $body, $values, $mailConf) { // recipients $recipients = array(); if (is_array($to)) { foreach ($to as $key => $value) { if (checkMail($key) == true) { $recipients[] = $value . ' <' . $key . '>'; } elseif (checkMail($value) == true) { $recipients[] = $value; } } } else { $recipients[] = $to; } $to = implode(',', $recipients); // define charset if (isset($values['charset'])) { $charset = $values['charset']; } else { $charset = $mailConf->mail_charset; } if (isset($values['html_charset'])) { $charset = $values['html_charset']; } else { $charset = $mailConf->mail_charset_html; } // bulding extra headers $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=' . $charset . "\r\n"; // sender headers $senders = array(); if (isset($values['sender'])) { if (is_array($values['sender'])) { foreach ($values['sender'] as $key => $value) { if (checkMail($key) == true) { $senders[] = $value . ' <' . $key . '>'; } elseif (checkMail($value) == true) { $senders[] = $value; } } } else { $senders[] = $values['sender']; } } elseif ($mailConf->mail_sender_mail) { if ($mailConf->mail_sender_name) { $senders[] = $mailConf->mail_sender_name . ' <' . $mailConf->mail_sender_mail . ">"; } else { $senders[] = $mailConf->mail_sender_mail; } } if (sizeof($senders) > 0) { $tmp = implode(',', $senders); $headers .= "From: " . $tmp . "\r\n"; } // copy headers $cc = array(); if (isset($values['cc'])) { if (is_array($values['cc'])) { foreach ($values['cc'] as $key => $value) { if (checkMail($key) == true) { $cc[] = $value . ' <' . $key . '>'; } elseif (checkMail($value) == true) { $cc[] = $value; } } } else { $cc[] = $values['cc']; } } if (sizeof($cc) > 0) { $tmp = implode(',', $cc); $headers .= "Cc: " . $tmp . "\r\n"; } // hidden copy headers $cc = array(); if (isset($values['bcc'])) { if (is_array($values['bcc'])) { foreach ($values['bcc'] as $key => $value) { if (checkMail($key) == true) { $cc[] = $value . ' <' . $key . '>'; } elseif (checkMail($value) == true) { $cc[] = $value; } } } else { $cc[] = $values['bcc']; } } if (sizeof($cc) > 0) { $tmp = implode(',', $cc); $headers .= "Bcc: " . $tmp . "\r\n"; } // send email $result = mail($to, $subject, $body, $headers); if ($result == null) { return false; } else { return true; } }
/** * @param $value * @param $field_check * @param $field_name * @return string */ protected function checkValue($value, $field_check, $field_name) { $callback = $this->getMessageCallback(); $e = ""; if ($e == "" && preg_match("/e/", $field_check)) { if (isset($value) == false || $value == "") { $e = $callback("empty", $field_name, $value); } } if ($e == "" && preg_match("/i/", $field_check)) { if ($value != "" && is_numeric($value) == false) { $e = $callback("int", $field_name, $value); } } if ($e == "" && preg_match("/a/", $field_check)) { if ($value != "" && preg_match("/^([0-9a-zA-Z\\.]+)\$/", $value) == false) { $e = $callback("alphabet", $field_name, $value); } } if ($e == "" && preg_match("/m/", $field_check)) { if ($value != "" && checkMail($value) == false) { $e = $callback("mail", $field_name, $value); } } if ($e == "" && preg_match("/u/", $field_check)) { if ($value != "" && checkURL($value) == false) { $e = $callback("url", $field_name, $value); } } return $e; }
require_once 'Connections/tecno.php'; mysql_select_db($database_tecno, $tecno); //Obtenemos la cédula $ced = $_POST['cedula']; $mail = $_POST['email']; if ($ced != "") { $opc = 1; } elseif ($mail != "") { $opc = 2; } switch ($opc) { case 1: checkCedula($ced); break; case 2: checkMail($mail); break; } /* echo checkCedula($ced); */ function checkCedula($ced) { //Hacemos una consulta a la BD para verificar la cédula $result = mysql_query("SELECT * FROM datospersonales WHERE datospersonales.cedula= '{$ced}'"); //Si el número de filas es mayor a 0 la cédula ya está en el sistema if (mysql_num_rows($result) > 0) { //Enviamos 0 como respuesta de que no está disponible echo 0; } else { $result = mysql_query("SELECT * FROM usuarios WHERE usuarios.usuario= '{$ced}'"); $row_result = mysql_fetch_assoc($result); if (mysql_num_rows($result) > 0) {
$disable_nickname = $config->get('login', 'disable-nickname') == '1'; $smarty->assign('disable_nickname', $disable_nickname); $disable_birthday = $config->get('login', 'disable-birthday') == '1'; $smarty->assign('disable_birthday', $disable_birthday); if ($disable_register) { $notify->add($lang->get('login'), $lang->get('register_disabled')); } else { $disable_second_email = $config->get('login', 'disable-second-email') == '1'; $smarty->assign('disable_second_email', $disable_second_email); // Register button has been pressed if (isset($_POST['create'])) { // check for bot if ($_POST['mail'] == '' & time() > $_POST['ts'] + 5) { // check if everything is valid ------------------------ // $everything_valid = true; if (!checkMail($_POST['email'])) { $smarty->assign('email_notify', $lang->get('email_invalid')); $everything_valid = false; } // email repeat if (!$disable_second_email) { if ($_POST['email'] != $_POST['email_repeat']) { $smarty->assign('email_repeat_notify', $lang->get('email_repeat_invalid')); $everything_valid = false; } } // nickname if (!$disable_nickname) { if (trim($_POST['nickname']) == '') { $smarty->assign('nickname_notify', $lang->get('nickname_invalid')); $everything_valid = false;
$errors[] = "Nachricht"; // Keine Pflichtfelder $anrede = trim($_POST['anrede']); $ort = stripslashes(trim($_POST['ort'])); $strasse = stripslashes(trim($_POST['strasse'])); $fax = stripslashes(trim($_POST['fax'])); $betreff = isset($_POST['betreff']) ? stripslashes(trim($_POST['betreff'])) : ""; if (!empty($email)) { $validEmail = checkMail($email); } // Fehler vorhanden if (count($errors)) $errorText = "Die mit * markierten Felder sind Pflicht: " . implode(", ", $errors); // Check der MailAdresse erfolgreich? if (!$validEmail) { $errorText .= (strlen($errorText)) ? "<br /><br />" : ""; $errorText .= "E-Mail Adresse ungültig"; } // Wenn jetzt kein Fehlertext vorhanden ist, kann die Mail raus, if (!strlen ($errorText))
function xy_invite_verify() { global $m; if (option::get('enable_reg') != '1') { msg('注册失败:该站点已关闭注册'); } $name = isset($_POST['user']) ? sqladds($_POST['user']) : ''; $mail = isset($_POST['mail']) ? sqladds($_POST['mail']) : ''; $pw = isset($_POST['pw']) ? sqladds($_POST['pw']) : ''; $yr = isset($_POST['yr']) ? sqladds($_POST['yr']) : ''; if (empty($name) || empty($mail) || empty($pw)) { msg('注册失败:请正确填写账户、密码或邮箱'); } if ($_POST['pw'] != $_POST['rpw']) { msg('注册失败:两次输入的密码不一致,请重新输入'); } if (!checkMail($mail)) { msg('注册失败:邮箱格式不正确'); } $x = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users` WHERE `name` = '{$name}' OR `email` = '{$mail}' LIMIT 1"); if ($x['total'] > 0) { msg('注册失败:用户名或邮箱已经被注册'); } $yr_reg = option::get('yr_reg'); if (!empty($yr_reg)) { if (empty($yr)) { msg('注册失败:请输入邀请码'); } else { $z = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "xy_invite`"); if ($z['total'] <= 0) { msg('系统错误:邀请码不足,请联系管理员添加!'); } else { $s = $m->query("SELECT * FROM `" . DB_NAME . "`.`" . DB_PREFIX . "xy_invite` WHERE `code`='{$yr}'"); if ($s->num_rows <= 0) { msg('注册失败:邀请码错误!'); } else { $r = $s->fetch_array(); $r_num = (int) $r['num']; if ($r_num == 1) { $m->query("DELETE FROM `" . DB_NAME . "`.`" . DB_PREFIX . "xy_invite` WHERE `id` = " . $r['id']); } else { if ($r_num > 1) { $m->query("UPDATE `" . DB_NAME . "`.`" . DB_PREFIX . "xy_invite` SET `num`=num-1 WHERE `id`='" . $r['id'] . "';"); } } } } } } $y = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users`"); if ($y['total'] <= 0) { $role = 'admin'; } else { $role = 'user'; } doAction('admin_reg_2'); $m->query('INSERT INTO `' . DB_NAME . '`.`' . DB_PREFIX . 'users` (`id`, `name`, `pw`, `email`, `role`, `t`) VALUES (NULL, \'' . $name . '\', \'' . EncodePwd($pw) . '\', \'' . $mail . '\', \'' . $role . '\', \'' . getfreetable() . '\');'); doAction('admin_reg_3'); ReDirect('index.php?mod=login&msg=' . urlencode('成功注册,请输入账号信息登录本站 [ 账号为用户名或邮箱地址 ]')); die; }
$name = isset($_POST['user']) ? sqladds($_POST['user']) : ''; $mail = isset($_POST['mail']) ? sqladds($_POST['mail']) : ''; $pw = isset($_POST['pw']) ? sqladds($_POST['pw']) : ''; $yr = isset($_POST['yr']) ? sqladds($_POST['yr']) : ''; if (empty($name) || empty($mail) || empty($pw)) { msg('注册失败:请正确填写账户、密码或邮箱'); } if ($_POST['pw'] != $_POST['rpw']) { msg('注册失败:两次输入的密码不一致,请重新输入'); } $x = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users` WHERE `name` = '{$name}' OR `email` = '{$mail}' LIMIT 1"); $y = $m->once_fetch_array("SELECT COUNT(*) AS total FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users`"); if ($x['total'] > 0) { msg('注册失败:用户名或邮箱已经被注册'); } if (!checkMail($mail)) { msg('注册失败:邮箱格式不正确'); } $yr_reg = option::get('yr_reg'); if (!empty($yr_reg)) { if (empty($yr)) { msg('注册失败:请输入邀请码'); } else { if ($yr_reg != $yr) { msg('注册失败:邀请码错误'); } } } if ($y['total'] <= 0) { $role = 'admin'; } else {
$requireResArray = requireCheck($require); //必須チェック実行し返り値を受け取る $errm = $requireResArray['errm']; $empty_flag = $requireResArray['empty_flag']; } //メールアドレスチェック if (empty($errm)) { foreach ($_POST as $key => $val) { if ($val == "confirm_submit") { $sendmail = 1; } if ($key == $Email) { $post_mail = h($val); } if ($key == $Email && $mail_check == 1 && !empty($val)) { if (!checkMail($val)) { $errm .= "<p class=\"error_messe\">【" . $key . "】はメールアドレスの形式が正しくありません。</p>\n"; $empty_flag = 1; } } } } //差出人に届くメールをセット if ($remail == 1) { $userBody = mailToUser($_POST, $dsp_name, $remail_text, $mailFooterDsp, $mailSignature, $encode); $reheader = userHeader($refrom_name, $to, $encode); $re_subject = "=?iso-2022-jp?B?" . base64_encode(mb_convert_encoding($re_subject, "JIS", $encode)) . "?="; } //管理者宛に届くメールをセット $adminBody = mailToAdmin($_POST, $subject, $mailFooterDsp, $mailSignature, $encode, $confirmDsp); $header = adminHeader($userMail, $post_mail, $BccMail, $to);
if (!empty($formName) && !empty($formEmail) && !empty($formText)) { //--- początek funkcji weryfikującej adres e-mail --- function checkMail($checkmail) { if (filter_var($checkmail, FILTER_VALIDATE_EMAIL)) { if (checkdnsrr(array_pop(explode("@", $checkmail)), "MX")) { return true; } else { return false; } } else { return false; } } //--- koniec funkcji --- if (checkMail($formEmail)) { //dodatkowe informacje: ip i host użytkownika $ip = $_SERVER['REMOTE_ADDR']; $host = gethostbyaddr($_SERVER['REMOTE_ADDR']); $protocol = strpos(strtolower($_SERVER['SERVER_PROTOCOL']), 'https') === FALSE ? 'http' : 'https'; $host = $_SERVER['HTTP_HOST']; $script = $_SERVER['SCRIPT_NAME']; $params = $_SERVER['QUERY_STRING']; $currentUrl = $protocol . '://' . $host . $script . '?' . $params; //tworzymy szkielet wiadomości //treść wiadomości $mailText = "Message:\n{$formText}\n\nOd: {$formName}, {$formEmail} ({$ip}, {$host})\n\nLink: {$currentUrl}"; //adres zwrotny $mailHeader = "From: {$formName} <{$formEmail}>"; //funkcja odpowiedzialna za wysłanie e-maila @mail($email, '[Mail ListTwist]', $mailText, $mailHeader) or die('Error: message was not sent');
public function __construct($id) { $xml_doc = 'cars.xml'; $asd = simplexml_load_file($xml_doc); if ($asd) { $cars = $asd->carlist->car; foreach ($cars as $car) { $brand = $car->brand; $model = $car->model; $cost = $car->cost; $id2 = $car->id; if ($id == $id2) { break; } else { } } } //--- początek formularza --- if (empty($_POST['submit'])) { echo "Wybrałeś samochód {$brand} {$model}. W celu dokonania zakupu podaj swój adres mailowy oraz liczbę dni na które chcesz wypożyczyć samochód. Cena za jeden dzień wynosi {$cost} złotych.<table><form action='' method='post'><tr><td>E-Mail:</td><td><input type='text' name='formEmail'/></td></tr><tr><td>Wybierz ilość dni:</td><td><select name='howLong'><option>1</option><option>2</option><option>3</option><option>4</option><option>5</option><option>6</option><option>7</option><option>8</option><option>9</option><option>10</option><option>11</option><option>12</option><option>13</option><option>14</option><option>15</option><option>16</option><option>17</option><option>18</option><option>19</option><option>20</option><option>21</option><option>22</option><option>23</option><option>24</option><option>25</option><option>26</option><option>27</option><option>28</option><option>29</option><option>30</option></select></td></tr><tr><td> </td><td><input type='submit' name='submit' value='Wypożycz'/></td></tr></form></table>"; } else { $time = date('d-m-Y H:i'); $minut = 3; $nowa = strtotime("+ " . $minut . " minutes", strtotime($time)); $id2 = $id2 - 1; $nowa = date('d-m-Y H:i', $nowa); $xml_doc = 'cars.xml'; $asd = simplexml_load_file($xml_doc); $asd->carlist->car[$id2]->date = $nowa; $asd->asXML("cars.xml"); //dane z formularza $formEmail = $_POST['formEmail']; $howLong = $_POST['howLong']; if (!empty($formEmail)) { //--- poczÄ…tek funkcji weryfikującej adres e-mail --- function checkMail($checkmail) { if (filter_var($checkmail, FILTER_VALIDATE_EMAIL)) { $mailParts = explode('@', $checkmail); if (checkdnsrr(array_pop($mailParts), "MX")) { return true; } else { return false; } } else { return false; } } //--- koniec funkcji --- if (checkMail($formEmail)) { //tu jest data i obliczenie daty minus 30 dni $time = date("Y-m-d"); $time_minus_30_cache = mktime(date('H'), date('i'), 0, date('m'), date('d') - 30, date('Y')); $time_minus_30 = date("Y-m-d", $time_minus_30_cache); //sprawdzanie czy już istnieje taki mail i czy nie jest starszy niż 30 dni $xml_doc = 'Maile.xml'; $abc = simplexml_load_file($xml_doc); $a = 0; if ($abc) { $poczta = $abc->lista; foreach ($poczta->adres as $adres) { $jeden = $adres->value; $dwa = $adres->data; if ($formEmail == $jeden && $dwa > $time_minus_30) { //tu jest ten warunek $a++; } else { } } //TU WYŚWIETLA CZY JEST RABAT CZY NIE MA if ($a > 1) { $a++; $cena; echo "Ponieważ to twoje {$a} zamówienie w przeciągu miesiąca otrzymujesz rabat w wysokości 20%<BR>"; $cena = $howLong * $cost; $rabat = 20 * $cena / 100; $cena = $cena - $rabat; $potwierdzenie = 'http://v-ie.uek.krakow.pl/~s181008/app_dev.php/platnosc/?cost=' . $cena . '&description=' . $brand . '+' . $model . '&id=' . $id . 'A' . $howLong; echo "Całkowity koszt wynosi {$cena} złotych <a href='{$potwierdzenie}'>- zapłać</a>"; } else { $cena = $howLong * $cost; if ($howLong > 7) { echo "Ponieważ wypożyczyłeś samochód na więcej niż tydzień dostajesz rabat 10%<BR>"; $rabat = 10 * $cena / 100; $cena = $cena - $rabat; } $potwierdzenie = 'http://v-ie.uek.krakow.pl/~s181008/app_dev.php/platnosc/?cost=' . $cena . '&description=' . $brand . '+' . $model . '&id=' . $id; echo "Całkowity koszt wynosi {$cena} złotych <a href='{$potwierdzenie}'>- zapłać</a>"; } } if (checkMail($formEmail)) { //--- dodawanie rekordu do XMLA --- $xml = simplexml_load_file("Maile.xml"); $nowy = $xml->lista->addChild("adres"); $nowy->addChild("value", $_POST["formEmail"]); $nowy->addChild("data", $time); $xml->asXML("Maile.xml"); } } else { echo 'Adres e-mail jest niepoprawny'; } } else { //komunikat w przypadku nie powodzenia echo 'WypeĹ‚nij wszystkie pola formularza'; } // --- koniec formularza --- } }
if ($p == "") { ReDirect(SYSTEM_URL . 'index.php?pub_plugin=dl_zhmm&error_msg=' . urlencode('错误:未能在本站找到持有该邮箱的用户!')); } $pw = sha1(md5(EncodePwd($p['pw'] . date('Ymd') . SYSTEM_NAME . SYSTEM_VER . SYSTEM_URL))); if ($pw != $key) { ReDirect(SYSTEM_URL . 'index.php?pub_plugin=dl_zhmm&error_msg=' . urlencode('错误:该链接失效或者不归您所拥有,修改密码失败!')); die; } else { $m->query("UPDATE `" . DB_NAME . "`.`" . DB_PREFIX . "users` SET `pw` = '" . $newpw . "' WHERE email = '{$email}'"); ReDirect(SYSTEM_URL . 'index.php?mod=login&error_msg=' . urlencode('由于你的密码已修改,无法再使用旧密码登录,请重新登录')); } } global $m; if (isset($_REQUEST['page']) && $_REQUEST['page'] == 'yjqr') { $emailcc = !empty($_REQUEST['email']) ? base64_decode($_REQUEST['email']) : msg('警告:邮件地址无效'); $email = checkMail($emailcc) ? sqladds($emailcc) : msg('警告:非法操作'); $key = $_REQUEST['key']; $cx = $m->query("SELECT * FROM `" . DB_NAME . "`.`" . DB_PREFIX . "users` WHERE email = '{$email}' LIMIT 1"); $p = $m->fetch_array($cx); if ($p == "") { ReDirect(SYSTEM_URL . 'index.php?pub_plugin=dl_zhmm&error_msg=' . urlencode('错误:未能在本站找到持有该邮箱的用户!')); } $pw = sha1(md5(EncodePwd($p['pw'] . date('Ymd') . SYSTEM_NAME . SYSTEM_VER . SYSTEM_URL))); if ($pw != $key) { ReDirect(SYSTEM_URL . 'index.php?pub_plugin=dl_zhmm&error_msg=' . urlencode('错误:该链接失效或者不归您所拥有,修改密码失败!')); } else { echo '<div class="panel panel-success" style="margin:5% 15% 5% 15%;"> <div class="panel-heading"> <h3 class="panel-title">设置新密码</h3> </div> <div style="margin:0% 5% 5% 5%;">
public function checkMail($value) { return checkMail($value); }