print "{$message}";
}
}
}
} else {
if (isset($_GET['mlog'])) {
$mc = new Machine();
$mc->setMachineID($_GET['mid']);
$mc->showMachineLog();
}
if (isset($_GET['actlid'])) {
$ml->setValue('activitylogid', $_GET['actlid']);
$ml->showMaintenanceUI();
}
if (isset($_GET['session'])) {
checksession('activitylog.html');
}
if (isset($_GET['ui'])) {
$ml->setValue('mainttypeid', $_GET['mtid']);
$ml->setValue('machineid', $_GET['mcid']);
$ml->showMaintenanceUI();
}
if (isset($_GET['gspmlist'])) {
$spm = new SPMaintenance();
$spm->setValue('machineid', $_GET['mcid']);
$spm->createSPMTitleList();
$sel = new selectlist('SPM_ID', $spm->getSPMTitleList(), 'Select Maintenance Plan', 'SPM_ID', 'SPM_Title', 'class="required"', '', '1');
}
if (isset($_GET['gprop'])) {
$ml->setValue('spmid', $_GET['spmid']);
$ml->showGPUI();
<?php
session_start();
$page_title = 'Change your password';
include 'includes/header.php';
require 'checksession.php';
checksession();
//Starts the connection to the database.
require '../mysqli_connect.php';
// Check for form submission:
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$errors = array();
// Initialize an error array.
// Check for a password and match against the confirmed password:
if (!empty($_POST['pass1'])) {
if (preg_match("/^[a-zA-Z(0-9)+]{8,}\$/", $_POST['pass1'])) {
if ($_POST['pass1'] != $_POST['pass2']) {
$errors[] = 'Your password did not match the confirmed password.';
} else {
$passwd = mysqli_real_escape_string($dbc, trim($_POST['pass1']));
}
} else {
$errors[] = 'Your password doesn\'t match the minimum requeriments';
}
} else {
$errors[] = 'You forgot to enter your password.';
}
if (empty($errors)) {
// If everything's OK.
// Make the update with the new password:
$q = "UPDATE USERS SET passwd=SHA1('{$passwd}') WHERE uid={$_SESSION['uid']} LIMIT 1";
function do_articles()
{
global $context, $txt, $settings, $boardurl, $scripturl, $smcFunc;
// do an update of stray articles and categories
$acats = array();
$request = $smcFunc['db_query']('', '
SELECT id FROM {db_prefix}tp_variables
WHERE type = {string:type}', array('type' => 'category'));
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$acats[] = $row['id'];
}
$smcFunc['db_free_result']($request);
}
if (count($acats) > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_variables
SET value2 = {int:val2}
WHERE type = {string:type}
AND value2 NOT IN ({array_string:value2})', array('val2' => 0, 'type' => 'category', 'value2' => $acats));
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET category = {int:cat}
WHERE category NOT IN({array_int:category})
AND category > 0', array('cat' => 0, 'category' => $acats));
}
// first check any ajax stuff
if (isset($_GET['arton'])) {
checksession('get');
$what = is_numeric($_GET['arton']) ? $_GET['arton'] : '0';
if ($what > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET off = IF(off = 0 , 1, 0)
WHERE id = {int:artid}', array('artid' => $what));
} else {
return;
}
} elseif (isset($_GET['artlock'])) {
checksession('get');
$what = is_numeric($_GET['artlock']) ? $_GET['artlock'] : '0';
if ($what > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET locked = IF(locked = 0 , 1, 0)
WHERE id = {int:artid}', array('artid' => $what));
} else {
return;
}
} elseif (isset($_GET['artsticky'])) {
checksession('get');
$what = is_numeric($_GET['artsticky']) ? $_GET['artsticky'] : '0';
if ($what > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET sticky = IF(sticky = 0 , 1, 0)
WHERE id = {int:artid}', array('artid' => $what));
} else {
return;
}
} elseif (isset($_GET['artfront'])) {
checksession('get');
$what = is_numeric($_GET['artfront']) ? $_GET['artfront'] : '0';
if ($what > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET frontpage = IF(frontpage = 0 , 1, 0)
WHERE id = {int:artid}', array('artid' => $what));
} else {
return;
}
} elseif (isset($_GET['artfeat'])) {
checksession('get');
$what = is_numeric($_GET['artfeat']) ? $_GET['artfeat'] : '0';
if ($what > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET featured = IF(featured = 0, 1, 0)
WHERE id = {int:artid}', array('artid' => $what));
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET featured = {int:featured}
WHERE id != {int:artid}', array('featured' => 0, 'artid' => $what));
} else {
return;
}
} elseif (isset($_GET['catdelete'])) {
checksession('get');
$what = is_numeric($_GET['catdelete']) ? $_GET['catdelete'] : '0';
if ($what > 0) {
// first get info
$request = $smcFunc['db_query']('', '
SELECT id, value2 FROM {db_prefix}tp_variables
WHERE id = {int:varid} LIMIT 1', array('varid' => $what));
$row = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
$newcat = !empty($row['value2']) ? $row['value2'] : 0;
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_variables
SET value2 = {int:val2}
WHERE value2 = {int:varid}', array('val2' => $newcat, 'varid' => $what));
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}tp_variables
WHERE id = {int:varid}', array('varid' => $what));
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET category = {int:cat}
WHERE category = {int:catid}', array('cat' => $newcat, 'catid' => $what));
redirectexit('action=tpadmin;sa=categories');
} else {
redirectexit('action=tpadmin;sa=categories');
}
} elseif (isset($_GET['artdelete'])) {
checksession('get');
$what = is_numeric($_GET['artdelete']) ? $_GET['artdelete'] : '0';
$cu = is_numeric($_GET['cu']) ? $_GET['cu'] : '';
if ($cu == -1) {
$strays = true;
$cu = '';
}
if ($what > 0) {
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}tp_articles
WHERE id = {int:artid}', array('artid' => $what));
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}tp_variables
WHERE value5 = {int:artid}', array('artid' => $what));
}
redirectexit('action=tpadmin' . (!empty($cu) ? ';cu=' . $cu : '') . (isset($strays) ? ';sa=strays' . $cu : ';sa=articles'));
}
// for the non-category articles, do a count.
$request = $smcFunc['db_query']('', '
SELECT COUNT(*) as total
FROM {db_prefix}tp_articles
WHERE category = 0 OR category = 9999');
$row = $smcFunc['db_fetch_assoc']($request);
$context['TPortal']['total_nocategory'] = $row['total'];
$smcFunc['db_free_result']($request);
// for the submissions too
$request = $smcFunc['db_query']('', '
SELECT COUNT(*) as total
FROM {db_prefix}tp_articles
WHERE approved = 0');
$row = $smcFunc['db_fetch_assoc']($request);
$context['TPortal']['total_submissions'] = $row['total'];
$smcFunc['db_free_result']($request);
// we are on categories screen
if (in_array($context['TPortal']['subaction'], array('categories', 'addcategory'))) {
TPadd_linktree($scripturl . '?action=tpadmin;sa=categories', $txt['tp-categories']);
// first check if we simply want to copy or set as child
if (isset($_GET['cu']) && is_numeric($_GET['cu'])) {
$ccat = $_GET['cu'];
if (isset($_GET['copy'])) {
$request = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_variables
WHERE id = {int:varid}', array('varid' => $ccat));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_assoc']($request);
$row['value1'] .= '__copy';
$smcFunc['db_free_result']($request);
$smcFunc['db_insert']('insert', '{db_prefix}tp_variables', array('value1' => 'string', 'value2' => 'string', 'value3' => 'string', 'type' => 'string', 'value4' => 'string', 'value5' => 'int', 'subtype' => 'string', 'value7' => 'string', 'value8' => 'string', 'subtype2' => 'int'), array($row['value1'], $row['value2'], $row['value3'], $row['type'], $row['value4'], $row['value5'], $row['subtype'], $row['value7'], $row['value8'], $row['subtype2']), array('id'));
}
redirectexit('action=tpadmin;sa=categories');
} elseif (isset($_GET['child'])) {
$request = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_variables
WHERE id = {int:varid}', array('varid' => $ccat));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_assoc']($request);
$row['value1'] .= '__copy';
$smcFunc['db_free_result']($request);
$smcFunc['db_insert']('INSERT', '{db_prefix}tp_variables', array('value1' => 'string', 'value2' => 'string', 'value3' => 'string', 'type' => 'string', 'value4' => 'string', 'value5' => 'int', 'subtype' => 'string', 'value7' => 'string', 'value8' => 'string', 'subtype2' => 'int'), array($row['value1'], $row['id'], $row['value3'], $row['type'], $row['value4'], $row['value5'], $row['subtype'], $row['value7'], $row['value8'], $row['subtype2']), array('id'));
}
redirectexit('action=tpadmin;sa=categories');
} else {
// get membergroups
get_grps();
$context['html_headers'] .= '
<script type="text/javascript"><!-- // --><![CDATA[
function changeIllu(node,name)
{
node.src = \'' . $boardurl . '/tp-files/tp-articles/illustrations/\' + name;
}
function changeIcon(node,name)
{
node.src = \'' . $boardurl . '/tp-files/tp-articles/icons/\' + name;
}
// ]]></script>';
$request = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_variables
WHERE id = {int:varid} LIMIT 1', array('varid' => $ccat));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_assoc']($request);
$o = explode('|', $row['value7']);
foreach ($o as $t => $opt) {
$b = explode('=', $opt);
if (isset($b[1])) {
$row[$b[0]] = $b[1];
}
}
$smcFunc['db_free_result']($request);
$check = array('layout', 'catlayout', 'toppanel', 'bottompanel', 'leftpanel', 'rightpanel', 'upperpanel', 'lowerpanel', 'showchild');
foreach ($check as $c => $ch) {
if (!isset($row[$ch])) {
$row[$ch] = 0;
}
}
$context['TPortal']['editcategory'] = $row;
}
// fetch all categories and subcategories
$request = $smcFunc['db_query']('', '
SELECT id, value1 as name, value2 as parent, value3, value4,
value5, subtype, value7, value8, subtype2
FROM {db_prefix}tp_variables
WHERE type = {string:type}', array('type' => 'category'));
$context['TPortal']['editcats'] = array();
$allsorted = array();
$alcats = array();
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$row['indent'] = 0;
$allsorted[$row['id']] = $row;
$alcats[] = $row['id'];
}
$smcFunc['db_free_result']($request);
if (count($allsorted) > 1) {
$context['TPortal']['editcats'] = chain('id', 'parent', 'name', $allsorted);
} else {
$context['TPortal']['editcats'] = $allsorted;
}
}
TPadd_linktree($scripturl . '?action=tpadmin;sa=categories;cu=' . $ccat, $txt['tp-editcategory']);
}
return;
}
// fetch all categories and subcategories
$request = $smcFunc['db_query']('', '
SELECT id, value1 as name, value2 as parent, value3, value4,
value5, subtype, value7, value8, subtype2
FROM {db_prefix}tp_variables
WHERE type = {string:type}', array('type' => 'category'));
$context['TPortal']['editcats'] = array();
$allsorted = array();
$alcats = array();
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$row['indent'] = 0;
$allsorted[$row['id']] = $row;
$alcats[] = $row['id'];
}
$smcFunc['db_free_result']($request);
if (count($allsorted) > 1) {
$context['TPortal']['editcats'] = chain('id', 'parent', 'name', $allsorted);
} else {
$context['TPortal']['editcats'] = $allsorted;
}
}
// get the filecount as well
if (count($alcats) > 0) {
$request = $smcFunc['db_query']('', '
SELECT art.category as id, COUNT(art.id) as files
FROM {db_prefix}tp_articles as art
WHERE art.category IN ({string:cats})
GROUP BY art.category', array('cats' => implode(',', $alcats)));
if ($smcFunc['db_num_rows']($request) > 0) {
$context['TPortal']['cats_count'] = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['TPortal']['cats_count'][$row['id']] = $row['files'];
}
$smcFunc['db_free_result']($request);
}
}
if ($context['TPortal']['subaction'] == 'addcategory') {
TPadd_linktree($scripturl . '?action=tpadmin;sa=addcategory', $txt['tp-addcategory']);
}
return;
}
TPadd_linktree($scripturl . '?action=tpadmin;sa=articles', $txt['tp-articles']);
// are we inside a category?
if (isset($_GET['cu']) && is_numeric($_GET['cu'])) {
$where = $_GET['cu'];
}
// show the no category articles?
if (isset($_GET['sa']) && $_GET['sa'] == 'strays') {
TPadd_linktree($scripturl . '?action=tpadmin;sa=strays', $txt['tp-strays']);
$show_nocategory = true;
}
// submissions?
if (isset($_GET['sa']) && $_GET['sa'] == 'submission') {
TPadd_linktree($scripturl . '?action=tpadmin;sa=submission', $txt['tp-submissions']);
$show_submission = true;
}
// single article?
if (isset($_GET['sa']) && substr($_GET['sa'], 0, 11) == 'editarticle') {
TPadd_linktree($scripturl . '?action=tpadmin;sa=' . $_GET['sa'], $txt['tp-editarticle']);
$whatarticle = substr($_GET['sa'], 11);
}
// are we starting a new one?
if (isset($_GET['sa']) && substr($_GET['sa'], 0, 11) == 'addarticle_') {
TPadd_linktree($scripturl . '?action=tpadmin;sa=' . $_GET['sa'], $txt['tp-addarticle']);
$context['TPortal']['editarticle'] = array('id' => '', 'date' => time(), 'body' => '', 'intro' => '', 'useintro' => 0, 'category' => !empty($_GET['cu']) ? $_GET['cu'] : 0, 'frontpage' => 1, 'author_id' => $context['user']['id'], 'subject' => '', 'author' => $context['user']['name'], 'frame' => 'theme', 'approved' => 0, 'off' => 1, 'options' => 'date,title,author,linktree,top,cblock,rblock,lblock,bblock,tblock,lbblock,category,catlist,comments,commentallow,commentupshrink,views,rating,ratingallow,avatar,inherit,social,nofrontsetting', 'parse' => 0, 'comments' => 0, 'comments_var' => '', 'views' => 0, 'rating' => 0, 'voters' => '', 'id_theme' => 0, 'shortname' => '', 'sticky' => 0, 'fileimport' => '', 'topic' => 0, 'locked' => 0, 'illustration' => '', 'headers' => '', 'type' => substr($_GET['sa'], 11), 'featured' => 0, 'realName' => $context['user']['name'], 'authorID' => $context['user']['id'], 'articletype' => substr($_GET['sa'], 11), 'ID_THEME' => 0, 'pub_start' => 0, 'pub_end' => 0);
$context['html_headers'] .= '
<script type="text/javascript"><!-- // --><![CDATA[
function changeIllu(node,name)
{
node.src = \'' . $boardurl . '/tp-files/tp-articles/illustrations/\' + name;
}
function changeIcon(node,name)
{
node.src = \'' . $boardurl . '/tp-files/tp-articles/icons/\' + name;
}
// ]]></script>';
// Add in BBC editor before we call in template so the headers are there
if (substr($_GET['sa'], 11) == 'bbc') {
$context['TPortal']['editor_id'] = 'tp_article_body';
TP_prebbcbox($context['TPortal']['editor_id']);
}
}
// fetch categories and subcategories
if (!isset($show_nocategory)) {
$request = $smcFunc['db_query']('', '
SELECT DISTINCT var.id as id, var.value1 as name, var.value2 as parent
FROM {db_prefix}tp_variables AS var
WHERE var.type = {string:type}
' . (isset($where) ? 'AND var.value2 = {int:whereval}' : '') . '
ORDER BY parent, id DESC', array('type' => 'category', 'whereval' => isset($where) ? $where : 0));
if ($smcFunc['db_num_rows']($request) > 0) {
$context['TPortal']['basecats'] = isset($where) ? array($where) : array('0', '9999');
$cats = array();
$context['TPortal']['cats'] = array();
$sorted = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$sorted[$row['id']] = $row;
$cats[] = $row['id'];
}
$smcFunc['db_free_result']($request);
if (count($sorted) > 1) {
$context['TPortal']['cats'] = chain('id', 'parent', 'name', $sorted);
} else {
$context['TPortal']['cats'] = $sorted;
}
}
}
if (isset($show_submission) && $context['TPortal']['total_submissions'] > 0) {
// check if we have any start values
$start = !empty($_GET['p']) && is_numeric($_GET['p']) ? $_GET['p'] : 0;
// sorting?
$sort = $context['TPortal']['sort'] = !empty($_GET['sort']) && in_array($_GET['sort'], array('date', 'id', 'author_id', 'type', 'subject', 'parse')) ? $_GET['sort'] : 'date';
$context['TPortal']['pageindex'] = TPageIndex($scripturl . '?action=tpadmin;sa=submission;sort=' . $sort, $start, $context['TPortal']['total_submissions'], 15);
$request = $smcFunc['db_query']('', '
SELECT art.id, art.date, art.frontpage, art.category, art.author_id as authorID,
IFNULL(mem.real_name, art.author) as author, art.subject, art.approved,
art.sticky, art.type, art.featured, art.locked, art.off, art.parse as pos
FROM {db_prefix}tp_articles AS art
LEFT JOIN {db_prefix}members AS mem ON (art.author_id = mem.id_member)
WHERE art.approved = {int:approved}
ORDER BY art.{raw:col} {raw:sort}
LIMIT {int:start}, 15', array('approved' => 0, 'col' => $sort, 'start' => $start, 'sort' => in_array($sort, array('sticky', 'locked', 'frontpage', 'date', 'active')) ? 'DESC' : 'ASC'));
if ($smcFunc['db_num_rows']($request) > 0) {
$context['TPortal']['arts_submissions'] = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['TPortal']['arts_submissions'][] = $row;
}
$smcFunc['db_free_result']($request);
}
}
if (isset($show_nocategory) && $context['TPortal']['total_nocategory'] > 0) {
// check if we have any start values
$start = !empty($_GET['p']) && is_numeric($_GET['p']) ? $_GET['p'] : 0;
// sorting?
$sort = $context['TPortal']['sort'] = !empty($_GET['sort']) && in_array($_GET['sort'], array('off', 'date', 'id', 'author_id', 'locked', 'frontpage', 'sticky', 'featured', 'type', 'subject', 'parse')) ? $_GET['sort'] : 'date';
$context['TPortal']['pageindex'] = TPageIndex($scripturl . '?action=tpadmin;sa=articles;sort=' . $sort, $start, $context['TPortal']['total_nocategory'], 15);
$request = $smcFunc['db_query']('', '
SELECT art.id, art.date, art.frontpage, art.category, art.author_id as authorID,
IFNULL(mem.real_name, art.author) as author, art.subject, art.approved, art.sticky,
art.type, art.featured,art.locked, art.off, art.parse as pos
FROM {db_prefix}tp_articles AS art
LEFT JOIN {db_prefix}members AS mem ON (art.author_id = mem.id_member)
WHERE (art.category = 0 OR art.category = 9999)
ORDER BY art.{raw:col} {raw:sort}
LIMIT {int:start}, 15', array('col' => $sort, 'sort' => in_array($sort, array('sticky', 'locked', 'frontpage', 'date', 'active')) ? 'DESC' : 'ASC', 'start' => $start));
if ($smcFunc['db_num_rows']($request) > 0) {
$context['TPortal']['arts_nocat'] = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['TPortal']['arts_nocat'][] = $row;
}
$smcFunc['db_free_result']($request);
}
}
// ok, fetch single article
if (isset($whatarticle)) {
$request = $smcFunc['db_query']('', '
SELECT art.*, IFNULL(mem.real_name, art.author) as realName, art.author_id as authorID,
art.type as articletype, art.id_theme as ID_THEME
FROM {db_prefix}tp_articles as art
LEFT JOIN {db_prefix}members as mem ON (art.author_id = mem.id_member)
WHERE art.id = {int:artid}', array('artid' => is_numeric($whatarticle) ? $whatarticle : 0));
if ($smcFunc['db_num_rows']($request) > 0) {
$context['TPortal']['editarticle'] = $smcFunc['db_fetch_assoc']($request);
$context['TPortal']['editing_article'] = true;
$context['TPortal']['editarticle']['body'] = $smcFunc['htmlspecialchars']($context['TPortal']['editarticle']['body'], ENT_QUOTES);
$smcFunc['db_free_result']($request);
}
// Add in BBC editor before we call in template so the headers are there
if ($context['TPortal']['editarticle']['articletype'] == 'bbc') {
$context['TPortal']['editor_id'] = 'tp_article_body';
TP_prebbcbox($context['TPortal']['editor_id'], strip_tags($context['TPortal']['editarticle']['body']));
}
// fetch the WYSIWYG value
$request = $smcFunc['db_query']('', '
SELECT value1 FROM {db_prefix}tp_variables
WHERE subtype2 = {int:subtype}
AND type = {string:type} LIMIT 1', array('subtype' => $whatarticle, 'type' => 'editorchoice'));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
$context['TPortal']['editorchoice'] = $row['value1'];
} else {
$context['TPortal']['editorchoice'] = 1;
}
$context['html_headers'] .= '
<script type="text/javascript"><!-- // --><![CDATA[
function changeIllu(node,name)
{
node.src = \'' . $boardurl . '/tp-files/tp-articles/illustrations/\' + name;
}
function changeIcon(node,name)
{
node.src = \'' . $boardurl . '/tp-files/tp-articles/icons/\' + name;
}
// ]]></script>';
}
// fetch article count for these
if (isset($cats)) {
$request = $smcFunc['db_query']('', '
SELECT art.category as id, COUNT(art.id) as files
FROM {db_prefix}tp_articles as art
WHERE art.category IN ({array_int:cat})
GROUP BY art.category', array('cat' => $cats));
$context['TPortal']['cats_count'] = array();
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['TPortal']['cats_count'][$row['id']] = $row['files'];
}
$smcFunc['db_free_result']($request);
}
}
// get the icons needed
tp_collectArticleIcons();
// fetch all categories and subcategories
$request = $smcFunc['db_query']('', '
SELECT id, value1 as name, value2 as parent
FROM {db_prefix}tp_variables
WHERE type = {string:type}', array('type' => 'category'));
$context['TPortal']['allcats'] = array();
$allsorted = array();
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$allsorted[$row['id']] = $row;
}
$smcFunc['db_free_result']($request);
if (count($allsorted) > 1) {
$context['TPortal']['allcats'] = chain('id', 'parent', 'name', $allsorted);
} else {
$context['TPortal']['allcats'] = $allsorted;
}
}
// not quite done yet lol, now we need to sort out if articles are to be listed
if (isset($where)) {
// check if we have any start values
$start = !empty($_GET['p']) && is_numeric($_GET['p']) ? $_GET['p'] : 0;
// sorting?
$sort = $context['TPortal']['sort'] = !empty($_GET['sort']) && in_array($_GET['sort'], array('off', 'date', 'id', 'author_id', 'locked', 'frontpage', 'sticky', 'featured', 'type', 'subject', 'parse')) ? $_GET['sort'] : 'date';
$context['TPortal']['categoryID'] = $where;
// get the name
$request = $smcFunc['db_query']('', '
SELECT value1
FROM {db_prefix}tp_variables
WHERE id = {int:varid} LIMIT 1', array('varid' => $where));
$f = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
$context['TPortal']['categoryNAME'] = $f['value1'];
// get the total first
$request = $smcFunc['db_query']('', '
SELECT COUNT(*) as total
FROM {db_prefix}tp_articles
WHERE category = {int:cat}', array('cat' => $where));
$row = $smcFunc['db_fetch_assoc']($request);
$context['TPortal']['pageindex'] = TPageIndex($scripturl . '?action=tpadmin;sa=articles;sort=' . $sort . ';cu=' . $where, $start, $row['total'], 15);
$smcFunc['db_free_result']($request);
$request = $smcFunc['db_query']('', '
SELECT art.id, art.date, art.frontpage, art.category, art.author_id as authorID,
IFNULL(mem.real_name, art.author) as author, art.subject, art.approved, art.sticky,
art.type, art.featured, art.locked, art.off, art.parse as pos
FROM {db_prefix}tp_articles AS art
LEFT JOIN {db_prefix}members AS mem ON (art.author_id = mem.id_member)
WHERE art.category = {int:cat}
ORDER BY art.{raw:sort} {raw:sorter}
LIMIT {int:start}, 15', array('cat' => $where, 'sort' => $sort, 'sorter' => in_array($sort, array('sticky', 'locked', 'frontpage', 'date', 'active')) ? 'DESC' : 'ASC', 'start' => $start));
TPadd_linktree($scripturl . '?action=tpadmin;sa=articles;cu=' . $where, $txt['tp-blocktype19']);
if ($smcFunc['db_num_rows']($request) > 0) {
$context['TPortal']['arts'] = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['TPortal']['arts'][] = $row;
}
$smcFunc['db_free_result']($request);
}
}
$context['html_headers'] .= '
<script type="text/javascript" src="' . $settings['default_theme_url'] . '/scripts/editor.js?rc1"></script>
<script type="text/javascript"><!-- // --><![CDATA[
function getXMLHttpRequest()
{
if (window.XMLHttpRequest)
return new XMLHttpRequest;
else if (window.ActiveXObject)
return new ActiveXObject("MICROSOFT.XMLHTTP");
else
alert("Sorry, but your browser does not support Ajax");
}
window.onload = startToggle;
function startToggle()
{
var img = document.getElementsByTagName("img");
for(var i = 0; i < img.length; i++)
{
if (img[i].className == "toggleFront")
img[i].onclick = toggleFront;
else if (img[i].className == "toggleSticky")
img[i].onclick = toggleSticky;
else if (img[i].className == "toggleLock")
img[i].onclick = toggleLock;
else if (img[i].className == "toggleActive")
img[i].onclick = toggleActive;
else if (img[i].className == "toggleFeatured")
img[i].onclick = toggleFeatured;
}
}
function toggleActive(e)
{
var e = e ? e : window.event;
var target = e.target ? e.target : e.srcElement;
while(target.className != "toggleActive")
target = target.parentNode;
var id = target.id.replace("artActive", "");
var Ajax = getXMLHttpRequest();
Ajax.open("POST", "?action=tpadmin;arton=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '");
Ajax.setRequestHeader("Content-type", "application/x-www-form-urlencode");
var source = target.src;
target.src = "' . $settings['tp_images_url'] . '/ajax.gif"
Ajax.onreadystatechange = function()
{
if(Ajax.readyState == 4)
{
target.src = source == "' . $settings['tp_images_url'] . '/TPactive2.gif" ? "' . $settings['tp_images_url'] . '/TPactive1.gif" : "' . $settings['tp_images_url'] . '/TPactive2.gif";
}
}
var params = "?action=tpadmin;arton=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '";
Ajax.send(params);
}
function toggleFront(e)
{
var e = e ? e : window.event;
var target = e.target ? e.target : e.srcElement;
while(target.className != "toggleFront")
target = target.parentNode;
var id = target.id.replace("artFront", "");
var Ajax = getXMLHttpRequest();
Ajax.open("POST", "?action=tpadmin;artfront=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '");
Ajax.setRequestHeader("Content-type", "application/x-www-form-urlencode");
var source = target.src;
target.src = "' . $settings['tp_images_url'] . '/ajax.gif"
Ajax.onreadystatechange = function()
{
if(Ajax.readyState == 4)
{
target.src = source == "' . $settings['tp_images_url'] . '/TPfront.gif" ? "' . $settings['tp_images_url'] . '/TPfront2.gif" : "' . $settings['tp_images_url'] . '/TPfront.gif";
}
}
var params = "?action=tpadmin;artfront=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '";
Ajax.send(params);
}
function toggleSticky(e)
{
var e = e ? e : window.event;
var target = e.target ? e.target : e.srcElement;
while(target.className != "toggleSticky")
target = target.parentNode;
var id = target.id.replace("artSticky", "");
var Ajax = getXMLHttpRequest();
Ajax.open("POST", "?action=tpadmin;artsticky=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '");
Ajax.setRequestHeader("Content-type", "application/x-www-form-urlencode");
var source = target.src;
target.src = "' . $settings['tp_images_url'] . '/ajax.gif"
Ajax.onreadystatechange = function()
{
if(Ajax.readyState == 4)
{
target.src = source == "' . $settings['tp_images_url'] . '/TPsticky1.gif" ? "' . $settings['tp_images_url'] . '/TPsticky2.gif" : "' . $settings['tp_images_url'] . '/TPsticky1.gif";
}
}
var params = "?action=tpadmin;artsticky=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '";
Ajax.send(params);
}
function toggleLock(e)
{
var e = e ? e : window.event;
var target = e.target ? e.target : e.srcElement;
while(target.className != "toggleLock")
target = target.parentNode;
var id = target.id.replace("artLock", "");
var Ajax = getXMLHttpRequest();
Ajax.open("POST", "?action=tpadmin;artlock=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '");
Ajax.setRequestHeader("Content-type", "application/x-www-form-urlencode");
var source = target.src;
target.src = "' . $settings['tp_images_url'] . '/ajax.gif"
Ajax.onreadystatechange = function()
{
if(Ajax.readyState == 4)
{
target.src = source == "' . $settings['tp_images_url'] . '/TPlock1.gif" ? "' . $settings['tp_images_url'] . '/TPlock2.gif" : "' . $settings['tp_images_url'] . '/TPlock1.gif";
}
}
var params = "?action=tpadmin;artlock=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '";
Ajax.send(params);
}
function toggleFeatured(e)
{
var e = e ? e : window.event;
var target = e.target ? e.target : e.srcElement;
var aP=document.getElementsByTagName(\'img\');
for(var i=0; i<aP.length; i++)
{
if(aP[i].className===\'toggleFeatured\' && aP[i] != target)
{
aP[i].src=\'' . $settings['tp_images_url'] . '/TPflag2.gif\';
}
}
while(target.className != "toggleFeatured")
target = target.parentNode;
var id = target.id.replace("artFeatured", "");
var Ajax = getXMLHttpRequest();
Ajax.open("POST", "?action=tpadmin;artfeat=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '");
Ajax.setRequestHeader("Content-type", "application/x-www-form-urlencode");
var source = target.src;
target.src = "' . $settings['tp_images_url'] . '/ajax.gif"
Ajax.onreadystatechange = function()
{
if(Ajax.readyState == 4)
{
target.src = source == "' . $settings['tp_images_url'] . '/TPflag.gif" ? "' . $settings['tp_images_url'] . '/TPflag2.gif" : "' . $settings['tp_images_url'] . '/TPflag.gif";
}
}
var params = "?action=tpadmin;artfeat=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '";
Ajax.send(params);
}
// ]]></script>';
if ($context['TPortal']['subaction'] == 'artsettings') {
TPadd_linktree($scripturl . '?action=tpadmin;sa=artsettings', $txt['tp-settings']);
} elseif ($context['TPortal']['subaction'] == 'articons') {
TPadd_linktree($scripturl . '?action=tpadmin;sa=articons', $txt['tp-adminicons']);
}
}
<?php
require_once "function/sqllink.php";
require_once "function/encryption.php";
$link = sqllink();
if (checksession($link) == FALSE) {
die("0");
}
$id = $_SESSION['userid'];
$index = $_POST['index'];
if (!$link->beginTransaction()) {
die('0');
}
$sql = "SELECT * FROM `password` WHERE `userid`= ? AND `index`= ? ";
$res = sqlexec($sql, array($id, (int) $index), $link);
$record = $res->fetch(PDO::FETCH_ASSOC);
if ($record == FALSE) {
$link->commit();
die("0");
}
$ppwd = $_POST['newpwd'];
$pubkey = mt_rand(10000000, 99999999);
$newpw = encrypt($ppwd, $pubkey);
$changedCols = "`key` = ? ,`pwd` = ?";
$values = array($pubkey, $newpw);
if (isset($_POST["name"])) {
$changedCols .= " ,`name` = ?";
array_push($values, $_POST["name"]);
}
if (isset($_POST["other"])) {
$changedCols .= " ,`other` = ?";
<!DOCTYPE HTML>
<html>
<head>
<title>Paathshaala Profile</title>
<?php
include_once 'source.php';
include_once 'functions/functions.php';
include_once 'functions/class.user.php';
if (!checksession()) {
redirect();
} else {
$u = new user($_SESSION['uid']);
}
echo $header;
?>
<link rel='stylesheet' href='css/profile.css'>
</head>
<body>
<div id='topbar'></div>
<img src="pics/load.gif" id='loading' style='display:none;'>
<div id='container'>
<?php
echo $topBar;
echo $feedback;
?>
<div id='editProfile'></div>
<div id='profileBox'>
<img id='editProfileButton' src='pics/settings.png'/ >
<div id='snapShot'>
<img src="<?php
} else {
$_SESSION["error"] = "pwsnotthere";
header("Location:settings.php");
}
}
if (isset($_POST['addurl'])) {
echo checkadmin($_SESSION["userid"], $con);
if (checkadmin($_SESSION["userid"], $con) == true) {
header('Location:home.php');
} else {
$URL = $_POST["URL"];
if ($URL != '') {
if (checkurl($URL) == true) {
$id = $_SESSION["userid"];
mysqli_query($con, "INSERT INTO project (website,owner_project) VALUES ('{$URL}','{$id}')");
checksession($id, $con);
} else {
$_SESSION["error"] = "invalidurlformat";
header('Location:createsession.php');
}
} else {
$_SESSION["error"] = "invalidurl";
header('Location:createsession.php');
}
}
}
if (isset($_POST['changeurl'])) {
$URL = $_POST["newurl"];
$id = $_SESSION["userid"];
if ($URL == mysqli_fetch_assoc(mysqli_query($con, "SELECT website FROM project WHERE owner_project='{$id}'"))['website']) {
$_SESSION["error"] = "sameurl";
function random_str($length)
{
$arr = array_merge(range(0, 9), range('a', 'z'), range('A', 'Z'));
$str = '';
$arr_len = count($arr);
for ($i = 0; $i < $length; $i++) {
$rand = mt_rand(0, $arr_len - 1);
$str .= $arr[$rand];
}
return $str;
}
require_once "function/sqllink.php";
require_once "function/encryption.php";
$link = sqllink();
if (!checksession($link)) {
die("0");
}
$id = $_SESSION['userid'];
$usr = $_SESSION['user'];
$username = $_POST['user'];
$device = $_POST['device'];
$sig = $_POST['sig'];
if ($username != $usr) {
die('0');
}
$sql = "DELETE FROM `pin` WHERE `userid`= ? AND `device`= ?";
$res = sqlexec($sql, array($id, $device), $link);
$pinpk = random_str(29);
$sql = "INSERT INTO `pin` (`userid`,`device`,`pinsig`,`pinpk`,`ua`) VALUES (?,?,?,?,?)";
$res = sqlexec($sql, array($id, $device, $sig, $pinpk, $_SERVER['HTTP_USER_AGENT']), $link);
}
if (isset($_SESSION['user'])) {
if (isset($_SESSION["LAST_ACTIVITY"])) {
if (time() - $_SESSION["LAST_ACTIVITY"] > 300) {
// last request was more than 30 minutes ago
session_unset();
// unset $_SESSION variable for the run-time
session_destroy();
// destroy session data in storage
return false;
} else {
$_SESSION["LAST_ACTIVITY"] = time();
// update last activity time stamp
return true;
}
}
}
return false;
}
if (isset($_GET['check'])) {
if (isset($_GET['sgid'])) {
$sgid = $_GET['sgid'];
} else {
$sgid = '';
}
if (checksession($sgid)) {
echo '1';
} else {
echo '0';
}
}
<?php
require_once 'autoload.php';
include 'checksession.php';
if (!checksession()) {
header('Location: login.php');
}
$au = new Approval();
$commallowed = array('2', '17');
if (isset($_SESSION['operatorid'])) {
$au->setValue('operatorid', $_SESSION['operatorid']);
$me = new Message();
$me->setTo($_SESSION['operatorid']);
$nm = $me->getMessagecount();
} else {
checksession('index.php');
}
echo <<<_END
<!DOCTYPE HTML>
<head>
<meta charset="utf-8" />
<title>Divya Engineering ERP</title>
<link href="js/css/sm-core-css.css" rel="stylesheet" type="text/css" />
<link href="js/css/sm-blue/sm-blue.css" rel="stylesheet" type="text/css" />
<script src="js/jquery-2.1.4.min.js" ></script>
<script src="js/jquery.smartmenus.js" ></script>
<script>
