function seccheck($numberarray, $single)
{
$check = null;
foreach ($numberarray as $number => $key) {
if (cleanit($number) == $single) {
$check = true;
}
}
return $check;
}
function users_extra_fields_profile_save()
{
global $user, $users_extra_fields_field;
if ($users_extra_fields_field) {
foreach ($users_extra_fields_field as $thefield) {
foreach ($thefield as $x => $y) {
if ($thefield['show_to_user'] == true) {
$user->extra[$thefield['name']] = cleanit($_POST[$thefield['name']]);
}
}
}
}
}
if (empty($pageURL)) {
$pageURL = 'http';
if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') {
$pageURL .= 's';
}
$pageURL .= '://';
if ($_SERVER['SERVER_PORT'] != '80') {
$pageURL .= $_SERVER['SERVER_NAME'] . ':' . $_SERVER['SERVER_PORT'] . $_SERVER['REQUEST_URI'];
} else {
$pageURL .= $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
}
}
return $pageURL;
}
if (is_numeric($_REQUEST['pid'])) {
$pid = intval(cleanit($_REQUEST['pid']));
STemplate::assign('pid', $pid);
} else {
$error = $lang['138'];
}
if ($error == "") {
if (does_post_exist($pid)) {
$query = "SELECT * FROM posts_comments WHERE PID='" . mysql_real_escape_string($pid) . "' ORDER BY CID desc";
$executequery = $conn->execute($query);
$parray = $executequery->getarray();
$newArr = sancomment($parray);
STemplate::assign('comments', $newArr);
STemplate::assign('totComments', count($newArr));
$query = "SELECT A.*, B.username, B.profilepicture FROM posts A, members B WHERE A.PID='" . mysql_real_escape_string($pid) . "' AND A.USERID=B.USERID";
$executequery = $conn->execute($query);
$parray = $executequery->getarray();
if ($email3 != "") {
if (!verify_valid_email($email3)) {
$error = $lang['199'];
}
}
$email4 = cleanit($_REQUEST['email4']);
if ($email4 != "") {
if (!verify_valid_email($email4)) {
$error = $lang['200'];
}
}
if ($email1 == "" && $email2 == "" && $email3 == "" && $email4 == "") {
$error = $lang['201'];
}
if ($error == "") {
$comment = cleanit($_REQUEST['message']);
if ($email1 != "") {
$sendto = $email1;
$sendername = $config['site_name'];
$from = $config['site_email'];
$subject = $lang['203'] . " " . $sendername;
$sendmailbody = stripslashes($email1) . ",<br><br>";
$sendmailbody .= $lang['203'] . " " . $sendername . "<br>";
$sendmailbody .= $lang['205'] . ":<br>";
$sendmailbody .= "<a href=" . $config['baseurl'] . ">" . $config['baseurl'] . "</a><br><br>";
if ($comment != "") {
$sendmailbody .= $lang['207'] . ":<br>";
$sendmailbody .= stripslashes($comment) . "<br><br>";
}
$sendmailbody .= $lang['206'] . ",<br>" . stripslashes($sendername);
mailme($sendto, $sendername, $from, $subject, $sendmailbody, $bcc = "");
}
if (empty($error)) {
$imagesize = getimagesize($mytmpfile);
$width = $imagesize[0];
$height = $imagesize[1];
$idname = $_POST["idname"];
if (!is_numeric($idname)) {
die;
}
$imagename = $idname . "_original.jpg";
$newimage = $user_image_path . $imagename;
$result = @move_uploaded_file($_FILES['image_file']['tmp_name'], $newimage);
if (empty($result)) {
$error["result"] = "There was an error moving the uploaded file.";
} else {
$avatar_source = cleanit($_POST['avatarsource']);
$sql = "UPDATE " . table_groups . " set group_avatar='uploaded' WHERE group_id={$idname}";
$db->query($sql);
$main_smarty->assign('Avatar_uploaded', 'Avatar uploaded successfully!');
/*if($avatar_source != "" && $avatar_source != "useruploaded"){
loghack('Updating profile, avatar source is not one of the list options.', 'username: '******'|email: '.$_POST["email"]);
$avatar_source == "";
}*/
//$user->avatar_source=$avatar_source;
//$user->store();
}
}
// create large avatar
include mnminclude . "class.pThumb.php";
$img = new pThumb();
$img->pSetSize(group_avatar_size_width, group_avatar_size_height);
/**************************************************************************************************
| PinMe Script by Scriptolution.com
| http://www.pinmescript.com
| webmaster@pinmescript.com
|
|**************************************************************************************************
|
| By using this software you agree that you have read and acknowledged our End-User License
| Agreement available at http://www.pinmescript.com/eula.html and to be bound by it.
|
| Copyright (c) PinMeScript.com. All rights reserved.
|**************************************************************************************************/
include "include/config.php";
include "include/functions/import.php";
$thebaseurl = $config['baseurl'];
$seo = cleanit($_REQUEST['category']);
if ($seo != "") {
$query1 = "select name, CATID from categories WHERE seo='" . mysql_real_escape_string($seo) . "' limit 1";
$executequery1 = $conn->execute($query1);
$CATID = intval($executequery1->fields['CATID']);
$showcatname = $executequery1->fields['name'];
STemplate::assign('showcatname', $showcatname);
if ($CATID > 0) {
$query = "select A.PID, A.ptitle, A.pic, A.pkey, A.price, A.youtube, B.USERID, B.username, B.fname, B.lname, B.profilepicture, C.bname from posts A, members B, boards C WHERE A.active='1' AND A.USERID=B.USERID AND A.BID=C.BID AND C.CATID='" . mysql_real_escape_string($CATID) . "' order by A.PID desc limit 50";
$results = $conn->execute($query);
$pins = $results->getrows();
if (count($pins) >= 50) {
STemplate::assign('more', 1);
STemplate::assign('CATID', $CATID);
}
}
| Agreement available at http://www.gagclonescript.com/eula.html and to be bound by it.
|
| Copyright (c) GagCloneScript.com. All rights reserved.
|**************************************************************************************************/
include "include/config.php";
include "include/functions/import.php";
$thebaseurl = $config['baseurl'];
if ($_REQUEST['msgsub'] == "1") {
$topic = cleanit($_REQUEST['topic']);
$subject = cleanit($_REQUEST['subject']);
$msg = cleanit($_REQUEST['msg']);
$name = cleanit($_REQUEST['name']);
$email = cleanit($_REQUEST['email']);
$username = cleanit($_REQUEST['username']);
$os = cleanit($_REQUEST['os']);
$imagecode = cleanit($_REQUEST['imagecode']);
STemplate::assign('topic', $topic);
STemplate::assign('subject', $subject);
STemplate::assign('msg', $msg);
STemplate::assign('name', $name);
STemplate::assign('email', $email);
STemplate::assign('username', $username);
STemplate::assign('os', $os);
if ($topic == "") {
$error = $lang['243'];
} elseif ($subject == "") {
$error = $lang['244'];
} elseif ($msg == "") {
$error = $lang['245'];
} elseif ($name == "") {
$error = $lang['246'];
<?php
include "include/config.php";
include "include/functions/import.php";
$redirect = stripslashes($_REQUEST['redirect']);
$r = base64_decode($redirect);
STemplate::assign('r', $r);
if ($_SESSION['USERID'] != "" && $redirect != "") {
header("Location:{$redirect}");
exit;
}
if ($_REQUEST['logsub'] != "") {
$username = cleanit($_REQUEST['username']);
$password = cleanit($_REQUEST['password']);
$passwordc = cleanit($_REQUEST['passwordc']);
$email = cleanit($_REQUEST['email']);
//$user_captcha_solution = cleanit($_REQUEST['user_captcha_solution']);
$user_captcha_solution = false;
// by rudem
if ($username == "") {
$error = $lang['4'];
} elseif (strlen($username) < 2) {
$error = $lang['8'];
} elseif (!verify_email_username($username)) {
$error = $lang['6'];
} elseif ($password == "") {
$error = $lang['5'];
} elseif ($passwordc == "") {
$error = $lang['294'];
} elseif ($password != $passwordc) {
$error = $lang['295'];
} else {
header("Location:{$config['baseurl']}/");
exit;
}
}
} else {
if ($_REQUEST['jsub'] != "1") {
$user_username = $screen_name;
$user_fname = $f_name;
$user_lname = $l_name;
} else {
$user_email = cleanit($_REQUEST['user_email']);
$user_username = cleanit($_REQUEST['user_username']);
$user_fname = cleanit($_REQUEST['user_fname']);
$user_lname = cleanit($_REQUEST['user_lname']);
$user_password = cleanit($_REQUEST['user_password']);
if ($user_username == "") {
$error = $lang['19'];
} elseif (strlen($user_username) < 3) {
$error = $lang['20'];
} elseif (!preg_match("/^[a-zA-Z0-9]*\$/i", $user_username)) {
$error = $lang['21'];
} elseif (!verify_email_username($user_username)) {
$error = $lang['14'];
} elseif ($user_fname == "") {
$error = $lang['103'];
} elseif ($user_lname == "") {
$error = $lang['104'];
} elseif ($user_email == "") {
$error = $lang['35'];
} elseif (!verify_valid_email($user_email)) {
/**************************************************************************************************
| PinMe Script by Scriptolution.com
| http://www.pinmescript.com
| webmaster@pinmescript.com
|
|**************************************************************************************************
|
| By using this software you agree that you have read and acknowledged our End-User License
| Agreement available at http://www.pinmescript.com/eula.html and to be bound by it.
|
| Copyright (c) PinMeScript.com. All rights reserved.
|**************************************************************************************************/
include "include/config.php";
include "include/functions/import.php";
$thebaseurl = $config['baseurl'];
$q = intval(cleanit($_REQUEST['params']['q']));
STemplate::assign('q', $q);
if ($q > 0) {
$addme = "AND D.USERID ='" . mysql_real_escape_string($q) . "'";
$offset = intval($_REQUEST['offset']);
$query = "select A.PID, A.ptitle, A.pic, A.pkey, A.price, A.youtube, A.USERID, C.bname from posts A, boards C, posts_fav D WHERE A.active='1' AND A.BID=C.BID AND A.PID=D.PID {$addme} order by A.points desc, A.viewcount desc, A.PID desc limit {$offset}, 10";
$results = $conn->execute($query);
$pins = $results->getrows();
STemplate::assign('pins', $pins);
$pcount = count($pins);
$html = STemplate::fetch('more_owner_likes.tpl');
$arr = array('count' => $pcount, 'lastPage' => false, 'html' => $html);
header("Content-Type: application/json");
echo json_encode($arr);
}
$sortby = "CATID";
$sort = " order by CATID";
$add1 = "&sortby=CATID";
}
if ($_REQUEST['sorthow'] == "desc") {
$sorthow = "desc";
$add1 .= "&sorthow=desc";
} else {
$sorthow = "asc";
$add1 .= "&sorthow=asc";
}
//Search
$fromid = intval($_REQUEST['fromid']);
$toid = intval($_REQUEST['toid']);
$name = cleanit($_REQUEST['name']);
$details = cleanit($_REQUEST['details']);
$add1 .= "&fromid={$fromid}&toid={$toid}&name={$name}&details={$details}";
if ($_POST['submitform'] == "1" || ($_REQUEST['fromid'] != "" || $toid > 0 || $name != "" || $details != "")) {
if ($fromid > 0) {
$addtosql = "WHERE CATID>='" . mysql_real_escape_string($fromid) . "'";
Stemplate::assign('fromid', $fromid);
} else {
$addtosql = "WHERE CATID>'" . mysql_real_escape_string($fromid) . "'";
}
if ($toid > 0) {
$addtosql .= "AND CATID<='" . mysql_real_escape_string($toid) . "'";
Stemplate::assign('toid', $toid);
}
if ($name != "") {
$addtosql .= "AND name like'%" . mysql_real_escape_string($name) . "%'";
Stemplate::assign('name', $name);
}
}
}
}
}
} else {
$post_type = cleanit($_REQUEST['post_type']);
if ($post_type == "Photo") {
$nsfw = intval(cleanit($_REQUEST['nsfw']));
$source = cleanit($_REQUEST['source']);
$tags = cleanit($_REQUEST['tags']);
$title = cleanit($_REQUEST['title']);
$title = str_replace("#", "#", $title);
findHashDeleteCache($title);
$url = cleanit($_REQUEST['url']);
$category = intval(cleanit($_REQUEST['category']));
if ($url == "") {
$error = $lang['96'];
} elseif ($title == "") {
$error = $lang['95'];
} else {
$pos = strrpos($url, ".");
$ph = strtolower(substr($url, $pos + 1, strlen($url) - $pos));
if ($ph == "jpg" || $ph == "jpeg" || $ph == "png" || $ph == "gif") {
$query = "INSERT INTO posts SET USERID='" . mysql_real_escape_string($SID) . "', story='" . mysql_real_escape_string($title) . "', tags='" . mysql_real_escape_string($tags) . "', source='" . mysql_real_escape_string($source) . "', category='" . mysql_real_escape_string($category) . "', nsfw='" . mysql_real_escape_string($nsfw) . "', url='" . mysql_real_escape_string($url) . "', time_added='" . time() . "', date_added='" . date("Y-m-d") . "', active='0', pip='" . $_SERVER['REMOTE_ADDR'] . "'";
$result = $conn->execute($query);
$pid = mysql_insert_id();
$uploadedimage = $config['pdir'] . '/' . $pid . '-temp.' . $ph;
if (!download_photo($url, $uploadedimage)) {
$error = $lang['97'];
$query = "DELETE FROM posts WHERE PID='" . mysql_real_escape_string($pid) . "'";
$results = $conn->execute($query);
$returnthis = $results->getrows();
return $returnthis;
}
function insert_get_all_cats()
{
global $config, $conn;
$query = "select CATID,name from categories order by name asc";
$results = $conn->execute($query);
$returnthis = $results->getrows();
return $returnthis;
}
$BID = intval($_REQUEST['BID']);
if ($_POST['submitform'] == "1") {
if ($BID > 0) {
$bname = cleanit($_REQUEST['bname']);
if ($bname == "") {
$error = $lang['80'];
} elseif (!preg_match("/^[a-zA-Z0-9 ]*\$/i", $bname)) {
$error = $lang['105'];
} elseif ($bname == $lang['82']) {
$error = $lang['80'];
} elseif (strlen($bname) > 100) {
$error = $lang['238'];
} else {
$USERID = intval($_REQUEST['USERID']);
$CATID = intval($_REQUEST['CATID']);
$sql = "update boards set bname='" . mysql_real_escape_string($bname) . "', USERID='" . mysql_real_escape_string($USERID) . "', CATID='" . mysql_real_escape_string($CATID) . "' where BID='" . mysql_real_escape_string($BID) . "'";
$conn->execute($sql);
$message = "Board Successfully Edited.";
Stemplate::assign('message', $message);
/**************************************************************************************************
| PinMe Script by Scriptolution.com
| http://www.pinmescript.com
| webmaster@pinmescript.com
|
|**************************************************************************************************
|
| By using this software you agree that you have read and acknowledged our End-User License
| Agreement available at http://www.pinmescript.com/eula.html and to be bound by it.
|
| Copyright (c) PinMeScript.com. All rights reserved.
|**************************************************************************************************/
include "include/config.php";
include "include/functions/import.php";
$thebaseurl = $config['baseurl'];
$q = cleanit($_REQUEST['params']['q']);
STemplate::assign('q', $q);
if ($q != "") {
$addme = "AND A.source like '%" . mysql_real_escape_string($q) . "%'";
}
$offset = intval($_REQUEST['offset']);
$query = "select A.PID, A.ptitle, A.pic, A.pkey, A.price, A.youtube, B.USERID, B.username, B.fname, B.lname, B.profilepicture, C.bname from posts A, members B, boards C WHERE A.active='1' AND A.USERID=B.USERID AND A.BID=C.BID {$addme} order by A.points desc, A.viewcount desc, A.PID desc limit {$offset}, 10";
$results = $conn->execute($query);
$pins = $results->getrows();
STemplate::assign('pins', $pins);
$pcount = count($pins);
$html = STemplate::fetch('more.tpl');
$arr = array('count' => $pcount, 'lastPage' => false, 'html' => $html);
header("Content-Type: application/json");
echo json_encode($arr);
| webmaster@pinmescript.com
|
|**************************************************************************************************
|
| By using this software you agree that you have read and acknowledged our End-User License
| Agreement available at http://www.pinmescript.com/eula.html and to be bound by it.
|
| Copyright (c) PinMeScript.com. All rights reserved.
|**************************************************************************************************/
include "include/config.php";
include "include/functions/import.php";
$thebaseurl = $config['baseurl'];
$SID = intval($_SESSION['USERID']);
$subpin = intval(cleanit($_REQUEST['subpin']));
$board_id = intval(cleanit($_REQUEST['board_id']));
$comment = cleanit($_REQUEST['comment']);
$iname = $_FILES['iurl']['name'];
if ($SID > 0) {
if ($subpin > 0) {
if ($board_id == "0") {
$arr = array('error' => true, 'msg' => $lang['87']);
} elseif ($comment == "") {
$arr = array('error' => true, 'msg' => $lang['88']);
} elseif (strlen($comment) > 500) {
$arr = array('error' => true, 'msg' => $lang['237']);
} elseif ($iname == "") {
$arr = array('error' => true, 'msg' => $lang['168']);
} else {
$pos = strrpos($iname, ".");
$ph = strtolower(substr($iname, $pos + 1, strlen($iname) - $pos));
if ($ph == "jpg" || $ph == "jpeg" || $ph == "png" || $ph == "gif") {
| Copyright (c) PinMeScript.com. All rights reserved.
|**************************************************************************************************/
include "include/config.php";
include "include/functions/import.php";
$thebaseurl = $config['baseurl'];
$SID = intval($_SESSION['USERID']);
if ($SID > 0) {
$ido = intval(cleanit($_REQUEST['id']));
if ($ido > 0) {
$query = "select BID from boards WHERE BID='" . mysql_real_escape_string($ido) . "' AND USERID='" . mysql_real_escape_string($SID) . "'";
$executequery = $conn->execute($query);
$id = $executequery->fields['BID'];
if ($id > 0) {
if ($_REQUEST['esub'] == "1") {
$bname = cleanit($_REQUEST['bname']);
$cat = intval(cleanit($_REQUEST['cat']));
if ($bname == "") {
$error = $lang['80'];
} elseif (!preg_match("/^[a-zA-Z0-9 ]*\$/i", $bname)) {
$error = $lang['105'];
} elseif (strlen($bname) > 100) {
$error = $lang['238'];
} elseif ($cat == "0") {
$error = $lang['81'];
} else {
$query = "UPDATE boards SET bname='" . mysql_real_escape_string($bname) . "', CATID='" . mysql_real_escape_string($cat) . "' WHERE USERID='" . mysql_real_escape_string($SID) . "' AND BID='" . mysql_real_escape_string($id) . "' limit 1";
$conn->execute($query);
$query = "UPDATE activity SET bname='" . mysql_real_escape_string($bname) . "' WHERE atype='folb' AND FOLB='" . mysql_real_escape_string($id) . "'";
$conn->execute($query);
$msg = $lang['241'];
}
<?php
include "include/config.php";
include "include/functions/import.php";
$PID = intval(cleanit($_REQUEST['id']));
$SID = intval(cleanit($_SESSION['USERID']));
if ($SID > 0) {
if ($PID > 0) {
//dem
$cacheName = $config['basedir'] . '/themes/cache/' . $PID . '.txt';
if (file_exists($cacheName)) {
$json = (array) json_decode(file_get_contents($cacheName));
}
$favsta = scriptolution_fav_status($PID);
if ($favsta == "1") {
$query = "DELETE FROM posts_favorited WHERE PID='" . mysql_real_escape_string($PID) . "' AND USERID='" . mysql_real_escape_string($SID) . "'";
$result = $conn->execute($query);
} else {
$query = "INSERT INTO posts_favorited SET PID='" . mysql_real_escape_string($PID) . "', USERID='" . mysql_real_escape_string($SID) . "'";
$result = $conn->execute($query);
}
}
}
$fav_scripto_count = scriptolution_fav_count($PID);
echo $fav_scripto_count;
/**************************************************************************************************
| PinMe Script by Scriptolution.com
| http://www.pinmescript.com
| webmaster@pinmescript.com
|
|**************************************************************************************************
|
| By using this software you agree that you have read and acknowledged our End-User License
| Agreement available at http://www.pinmescript.com/eula.html and to be bound by it.
|
| Copyright (c) PinMeScript.com. All rights reserved.
|**************************************************************************************************/
include "include/config.php";
include "include/functions/import.php";
$iurl = cleanit($_REQUEST['url']);
if ($iurl != "") {
$ytpos = strpos($iurl, "http://www.youtube.com/watch?v=");
$ytposb = strpos($iurl, "http://www.youtu.be/");
$ytposc = strpos($iurl, "http://youtu.be/");
if ($ytpos === false) {
if ($ytposb === false) {
if ($ytposc === false) {
$yskip = "1";
$ypro = "0";
} else {
$ypro = "3";
}
} else {
$ypro = "2";
}
include "include/config.php";
include "include/functions/import.php";
$thebaseurl = $config['baseurl'];
$r = cleanit(stripslashes($_REQUEST['r']));
STemplate::assign('r', $r);
if ($config['invite_mode'] == "1") {
$templateselect = "signup2.tpl";
} else {
if ($_REQUEST['jsub'] == "1") {
$user_email = cleanit($_REQUEST['user_email']);
$user_username = cleanit($_REQUEST['user_username']);
$user_fname = cleanit($_REQUEST['user_fname']);
$user_lname = cleanit($_REQUEST['user_lname']);
$user_password = cleanit($_REQUEST['user_password']);
$user_password2 = cleanit($_REQUEST['user_password2']);
$user_captcha_solution = cleanit($_REQUEST['user_captcha_solution']);
if ($user_username == "") {
$error = $lang['19'];
} elseif (strlen($user_username) < 3) {
$error = $lang['20'];
} elseif (!preg_match("/^[a-zA-Z0-9]*\$/i", $user_username)) {
$error = $lang['21'];
} elseif (!verify_email_username($user_username)) {
$error = $lang['14'];
} elseif ($user_fname == "") {
$error = $lang['103'];
} elseif ($user_lname == "") {
$error = $lang['104'];
} elseif ($user_email == "") {
$error = $lang['35'];
} elseif (!verify_valid_email($user_email)) {
|
|**************************************************************************************************
|
| By using this software you agree that you have read and acknowledged our End-User License
| Agreement available at http://www.gagclonescript.com/eula.html and to be bound by it.
|
| Copyright (c) GagCloneScript.com. All rights reserved.
|**************************************************************************************************/
include "../include/config.php";
include_once "../include/functions/import.php";
verify_login_admin();
if ($_POST['submitform'] == "1") {
$details = cleanit($_POST['details']);
$code = $_POST['c'];
$nsfwcode = cleanit($_POST['nsfwcode']);
$active = intval(cleanit($_POST['active']));
if ($details == "") {
$error = "Error: Please enter a description.";
} elseif ($code == "") {
$error = "Error: Please enter your Safe Mode On advertisement code.";
} elseif ($nsfwcode == "") {
$error = "Error: Please enter your Safe Mode Off advertisement code.";
} else {
$sql = "insert advertisements set description='" . mysql_real_escape_string($details) . "', code='" . mysql_real_escape_string($code) . "', nsfwcode='" . mysql_real_escape_string($nsfwcode) . "', active='" . mysql_real_escape_string($active) . "'";
$conn->execute($sql);
$message = "Advertisement Successfully Added.";
Stemplate::assign('message', $message);
}
}
$mainmenu = "11";
$submenu = "1";
include "include/config.php";
include "include/functions/import.php";
$thebaseurl = $config['baseurl'];
$cseo = cleanit($_REQUEST['cid']);
if ($cseo != "") {
$query = "SELECT * FROM categories WHERE seo='" . mysql_real_escape_string($cseo) . "' limit 1";
$executequery = $conn->execute($query);
$CATID = $executequery->fields['CATID'];
$CATID = intval($CATID);
if ($CATID > 0) {
$seo = $executequery->fields['seo'];
$cname = $executequery->fields['name'];
STemplate::assign('cname', $cname);
STemplate::assign('seo', $seo);
STemplate::assign('CATID', $CATID);
$page = intval(cleanit($_REQUEST['page']));
if ($page == "") {
$page = "1";
}
$currentpage = $page;
if ($page >= 2) {
$pagingstart = ($page - 1) * $config['items_per_page'];
} else {
$pagingstart = "0";
}
$query1 = "SELECT count(*) as total from posts A, members B where A.active='1' AND A.USERID=B.USERID AND A.category='" . mysql_real_escape_string($CATID) . "' order by A.PID desc limit {$config['maximum_results']}";
$query2 = "SELECT A.*, B.username from posts A, members B where A.active='1' AND A.USERID=B.USERID AND A.category='" . mysql_real_escape_string($CATID) . "' order by A.PID desc limit {$pagingstart}, {$config['items_per_page']}";
$executequery1 = $conn->Execute($query1);
$totalvideos = $executequery1->fields['total'];
$infinity_paging = $config['infinity_paging'];
if ($infinity_paging == "1") {
/**************************************************************************************************
| Gag Clone Script
| http://www.gagclonescript.com
| webmaster@gagclonescript.com
|
|**************************************************************************************************
|
| By using this software you agree that you have read and acknowledged our End-User License
| Agreement available at http://www.gagclonescript.com/eula.html and to be bound by it.
|
| Copyright (c) GagCloneScript.com. All rights reserved.
|**************************************************************************************************/
include "include/config.php";
include "include/functions/import.php";
$thebaseurl = $config['baseurl'];
$USERID = intval(cleanit($_REQUEST['UID']));
if ($USERID > 0) {
$page = intval($_REQUEST['page']);
if ($page == "") {
$page = "1";
}
$currentpage = $page;
STemplate::assign('page', $page);
if ($page >= 2) {
$pagingstart = ($page - 1) * $config['items_per_page'];
} else {
$pagingstart = "0";
}
$query1 = "SELECT count(*) as total from posts A, members B where A.active='1' AND A.USERID=B.USERID AND A.USERID='" . mysql_real_escape_string($USERID) . "' order by A.PID desc limit {$config['maximum_results']}";
$query2 = "SELECT A.*, B.username from posts A, members B where A.active='1' AND A.USERID=B.USERID AND A.USERID='" . mysql_real_escape_string($USERID) . "' order by A.PID desc limit {$pagingstart}, {$config['items_per_page']}";
$executequery1 = $conn->Execute($query1);
<?php
/**************************************************************************************************
| PinMe Script by Scriptolution.com
| http://www.pinmescript.com
| webmaster@pinmescript.com
|
|**************************************************************************************************
|
| By using this software you agree that you have read and acknowledged our End-User License
| Agreement available at http://www.pinmescript.com/eula.html and to be bound by it.
|
| Copyright (c) PinMeScript.com. All rights reserved.
|**************************************************************************************************/
include "include/config.php";
include "include/functions/import.php";
$thebaseurl = $config['baseurl'];
$SID = intval(cleanit($_SESSION['USERID']));
if ($SID > 0) {
$COMID = intval(cleanit($_REQUEST['id']));
if ($COMID > 0) {
$query = "DELETE FROM comments WHERE USERID='" . mysql_real_escape_string($SID) . "' AND COMID='" . mysql_real_escape_string($COMID) . "'";
$result = $conn->execute($query);
$query = "DELETE FROM activity WHERE atype='com' AND COMID='" . mysql_real_escape_string($COMID) . "'";
$result = $conn->execute($query);
}
}
| webmaster@gagclonescript.com
|
|**************************************************************************************************
|
| By using this software you agree that you have read and acknowledged our End-User License
| Agreement available at http://www.gagclonescript.com/eula.html and to be bound by it.
|
| Copyright (c) GagCloneScript.com. All rights reserved.
|**************************************************************************************************/
$lskip = "1";
include "include/config.php";
include "include/functions/import.php";
$SID = intval($_SESSION['USERID']);
if ($SID > 0) {
if ($_REQUEST['jlog'] == "1") {
$user_username = cleanit($_REQUEST['username']);
if ($user_username == "") {
$error = $lang['4'];
} elseif (strlen($user_username) < 2) {
$error = $lang['8'];
} elseif (!preg_match("/^[a-zA-Z0-9]*\$/i", $user_username)) {
$error = $lang['7'];
} elseif (!verify_email_username($user_username)) {
$error = $lang['6'];
}
if ($error == "") {
$query = "UPDATE members SET username='******' WHERE USERID='" . mysql_real_escape_string($SID) . "'";
$result = $conn->execute($query);
$_SESSION['USERNAME'] = $user_username;
header("Location:{$config['baseurl']}/settings");
exit;
| http://www.pinmescript.com
| webmaster@pinmescript.com
|
|**************************************************************************************************
|
| By using this software you agree that you have read and acknowledged our End-User License
| Agreement available at http://www.pinmescript.com/eula.html and to be bound by it.
|
| Copyright (c) PinMeScript.com. All rights reserved.
|**************************************************************************************************/
include "include/config.php";
include "include/functions/import.php";
$thebaseurl = $config['baseurl'];
$SID = intval(cleanit($_SESSION['USERID']));
if ($SID > 0) {
$USERID = intval(cleanit($_REQUEST['user_id']));
if ($USERID > 0) {
$query = "DELETE FROM followm WHERE USERID='" . mysql_real_escape_string($SID) . "' AND ISFOL='" . mysql_real_escape_string($USERID) . "'";
$result = $conn->execute($query);
$query2 = "select BID from boards WHERE USERID='" . mysql_real_escape_string($USERID) . "'";
$results2 = $conn->execute($query2);
$bp = $results2->getrows();
foreach ($bp as &$value) {
$BID = $value['BID'];
$query = "DELETE FROM followb WHERE USERID='" . mysql_real_escape_string($SID) . "' AND ISFOLBID='" . mysql_real_escape_string($BID) . "'";
$result = $conn->execute($query);
}
$query = "DELETE FROM activity WHERE atype='folm' AND USERID='" . mysql_real_escape_string($SID) . "' AND FOLM='" . mysql_real_escape_string($USERID) . "'";
$result = $conn->execute($query);
}
}
function save_profile()
{
global $user, $current_user, $db;
if (!isset($_POST['save_profile']) || !isset($_POST['process']) || $_POST['user_id'] != $current_user->user_id) {
return;
}
if (!check_email(cleanit($_POST['email']))) {
echo '<p class="form-error">' . _(PLIGG_Visual_Profile_BadEmail) . '</p>';
} else {
$user->email = cleanit($_POST['email']);
}
$user->url = cleanit($_POST['url']);
$user->public_email = cleanit($_POST['public_email']);
$user->location = cleanit($_POST['location']);
$user->occupation = cleanit($_POST['occupation']);
$user->aim = cleanit($_POST['aim']);
$user->msn = cleanit($_POST['msn']);
$user->yahoo = cleanit($_POST['yahoo']);
$user->gtalk = cleanit($_POST['gtalk']);
$user->skype = cleanit($_POST['skype']);
$user->irc = cleanit($_POST['irc']);
$user->names = cleanit($_POST['names']);
check_actions('profile_save');
$avatar_source = cleanit($_POST['avatarsource']);
if ($avatar_source != "" && $avatar_source != "useruploaded") {
loghack('Updating profile, avatar source is not one of the list options.', 'username: '******'|email: ' . $_POST["email"]);
$avatar_source == "";
}
$user->avatar_source = $avatar_source;
if (!empty($_POST['password']) || !empty($_POST['password2'])) {
$oldpass = $_POST['oldpassword'];
$userX = $db->get_row("SELECT user_id, user_pass, user_login FROM " . table_users . " WHERE user_login = '******'");
$saltedpass = generateHash($oldpass, substr($userX->user_pass, 0, SALT_LENGTH));
if ($userX->user_pass == $saltedpass) {
if ($_POST['password'] !== $_POST['password2']) {
$msg = '<p align=center><span class=error>' . _(PLIGG_Visual_Profile_BadPass) . '</span></p>';
return $msg;
} else {
$user->pass = trim($_POST['password']);
$msg = '<p align=center><span class=error>' . _(PLIGG_Visual_Profile_PassUpdated) . '</span></p>';
}
} else {
$msg = '<p align=center><span class=error>' . PLIGG_Visual_Profile_BadOldPass . '</span></p>';
return $msg;
}
}
$user->store();
$user->read();
$current_user->Authenticate($user->username, $user->pass);
if (!$msg) {
$msg = '<p align=center><span class=error>' . _(PLIGG_Visual_Profile_DataUpdated) . '</span></p>';
}
return $msg;
}
/**************************************************************************************************
| PinMe Script by Scriptolution.com
| http://www.pinmescript.com
| webmaster@pinmescript.com
|
|**************************************************************************************************
|
| By using this software you agree that you have read and acknowledged our End-User License
| Agreement available at http://www.pinmescript.com/eula.html and to be bound by it.
|
| Copyright (c) PinMeScript.com. All rights reserved.
|**************************************************************************************************/
include "include/config.php";
include "include/functions/import.php";
$thebaseurl = $config['baseurl'];
$q = cleanit($_REQUEST['q']);
STemplate::assign('q', $q);
if ($q != "") {
$query = "select A.PID, A.ptitle, A.pic, A.pkey, A.price, A.youtube, B.USERID, B.username, B.fname, B.lname, B.profilepicture, C.bname from posts A, members B, boards C WHERE A.active='1' AND A.USERID=B.USERID AND A.BID=C.BID AND A.source like'%" . mysql_real_escape_string($q) . "%' order by A.points desc, A.viewcount desc, A.PID desc limit 50";
$results = $conn->execute($query);
$pins = $results->getrows();
if (count($pins) >= 50) {
STemplate::assign('more', 1);
}
}
STemplate::assign('pagetitle', stripslashes($q));
//TEMPLATES BEGIN
STemplate::assign('pins', $pins);
STemplate::display('header.tpl');
STemplate::display('source.tpl');
STemplate::display('footer.tpl');
|
| By using this software you agree that you have read and acknowledged our End-User License
| Agreement available at http://www.gagclonescript.com/eula.html and to be bound by it.
|
| Copyright (c) GagCloneScript.com. All rights reserved.
|**************************************************************************************************/
include "../include/config.php";
include_once "../include/functions/import.php";
verify_login_admin();
if ($_POST['submitform'] == "1") {
$name = htmlentities(strip_tags($_REQUEST['name']), ENT_COMPAT, "UTF-8");
$seo = htmlentities(strip_tags($_REQUEST['seo']), ENT_COMPAT, "UTF-8");
$seo = str_replace("\\/", "", $seo);
$seo = str_replace("/", "-", $seo);
$seo = str_replace("&", "", $seo);
$seo = str_replace("&", "", $seo);
$seo = str_replace(" ", "", $seo);
$parent = "0";
$details = cleanit($_POST['details']);
$sql = "insert categories set name='" . mysql_real_escape_string($name) . "', seo='" . mysql_real_escape_string($seo) . "', parent='" . mysql_real_escape_string($parent) . "', details='" . mysql_real_escape_string($details) . "'";
$conn->execute($sql);
$message = "Category Successfully Added.";
Stemplate::assign('message', $message);
}
$mainmenu = "3";
$submenu = "1";
Stemplate::assign('mainmenu', $mainmenu);
Stemplate::assign('submenu', $submenu);
STemplate::display("administrator/global_header.tpl");
STemplate::display("administrator/cat_add.tpl");
STemplate::display("administrator/global_footer.tpl");
/**************************************************************************************************
| PinMe Script by Scriptolution.com
| http://www.pinmescript.com
| webmaster@pinmescript.com
|
|**************************************************************************************************
|
| By using this software you agree that you have read and acknowledged our End-User License
| Agreement available at http://www.pinmescript.com/eula.html and to be bound by it.
|
| Copyright (c) PinMeScript.com. All rights reserved.
|**************************************************************************************************/
include "include/config.php";
include "include/functions/import.php";
$thebaseurl = $config['baseurl'];
$uname = cleanit($_REQUEST['uname']);
if ($uname != "") {
$query = "select USERID, username, fname, lname, profilepicture, description, gender, website, location from members where username='******' AND status='1'";
$executequery = $conn->execute($query);
$u = $executequery->getrows();
STemplate::assign('u', $u[0]);
$USERID = intval($u[0]['USERID']);
if ($USERID > 0) {
if ($config['use_username'] == "1") {
$seo = stripslashes($u[0]['username']);
} else {
$seo = stripslashes($u[0]['fname']) . " " . stripslashes($u[0]['lname']);
}
STemplate::assign('pagetitle', $seo);
$query = "select A.USERID, A.username, B.bname, B.BID, B.pincount from members A, boards B WHERE A.USERID=B.USERID AND A.status='1' AND B.USERID='" . mysql_real_escape_string($USERID) . "' order by pincount desc limit 100";
$results = $conn->execute($query);
<?php
/**************************************************************************************************
| Gag Clone Script
| http://www.gagclonescript.com
| webmaster@gagclonescript.com
|
|**************************************************************************************************
|
| By using this software you agree that you have read and acknowledged our End-User License
| Agreement available at http://www.gagclonescript.com/eula.html and to be bound by it.
|
| Copyright (c) GagCloneScript.com. All rights reserved.
|**************************************************************************************************/
include "include/config.php";
include "include/functions/import.php";
$pid = intval(cleanit($_REQUEST['id']));
$reasons = intval(cleanit($_REQUEST['value']));
if ($pid > 0) {
if ($reasons > 0) {
$query = "INSERT INTO posts_reports SET PID='" . mysql_real_escape_string($pid) . "', reason='" . mysql_real_escape_string($reasons) . "', time='" . time() . "', ip='" . $_SERVER['REMOTE_ADDR'] . "'";
$result = $conn->execute($query);
}
}
echo $lang['288'];
