function comment_edit_action()
{
$BD = $_POST['comment_post_board'];
$ID = $_POST['comment_post_id'];
$CM = $_POST['comment_id'];
$OK = TRUE;
$who = isset($_SESSION['member']['id']) ? $_SESSION['member']['id'] : 0;
if ($_POST['comment_modify_author'] != $who) {
$OK = FALSE;
set_clue('登入身份已經變動要繼續動作請再切換!');
}
if (empty($_POST['comment_author_nicename'])) {
$OK = FALSE;
set_clue('請記得填寫回覆作者名稱!');
}
if (empty($_POST['comment_content'])) {
$OK = FALSE;
set_clue('最重要的回覆怎麼可以不寫呢!');
}
if (!empty($_POST['comment_author_email']) && !email_check($_POST['comment_author_email'])) {
$OK = FALSE;
set_clue('請填寫正確的電子郵件位址!');
}
if ($OK) {
$comment_author_ip = ip2long($_SERVER['REMOTE_ADDR']);
$comment_author_nicename = sanitize_text($_POST['comment_author_nicename']);
$comment_content = trim($_POST['comment_content']);
$comment_modify = date("Y-m-d H:i:s");
$comment_modify_member = $_POST['comment_modify_author'];
if (isset($_POST['comment_modify_author']) && $_POST['comment_modify_author'] > 0) {
$comment_modify_who = sanitize_text($_POST['comment_modify_who']);
} else {
$comment_modify_who = $comment_author_nicename;
}
$change['key'] = array('comment_author_ip', 'comment_author_nicename', 'comment_content', 'comment_modify', 'comment_modify_member', 'comment_modify_who');
$change['value'] = array($comment_author_ip, $comment_author_nicename, $comment_content, $comment_modify, $comment_modify_member, $comment_modify_who);
if (!empty($_POST['comment_author_email'])) {
$change['key'][] = 'comment_author_email';
$change['value'][] = strtolower($_POST['comment_author_email']);
}
$where['key'] = 'id';
$where['value'] = $CM;
inset('comments', $change, $where);
unset($_SESSION['comment']);
header('location: ' . OUT_PATH . $ID . '#comment-' . $CM);
} else {
if (!isset($_SESSION['comment'])) {
$_SESSION['comment'] = array();
}
$_SESSION['comment']['author_nicename'] = $_POST['comment_author_nicename'];
$_SESSION['comment']['author_email'] = $_POST['comment_author_email'];
$_SESSION['comment']['content'] = $_POST['comment_content'];
$_SESSION['comment']['modify_who'] = isset($_POST['comment_modify_who']) ? $_POST['comment_modify_who'] : '';
$_SESSION['comment']['certify'] = TRUE;
$_SESSION['comment']['id'] = $CM;
header('location: ' . OUT_PATH . 'comment/' . $CM);
}
}
<?php
/**
*
* CMS osRealty 2.1.x
* Autor: Roman Chernyshov
* E-mail: support@osRealty.ru
* URL: www.osRealty.ru
*
*/
defined('_JEXEC') or die('Restricted access');
$err = '';
if ($_POST['add'] == 1) {
if (!empty($_POST['alert']) and email_check($_POST['email'])) {
$text = PHP_slashes(htmlspecialchars(markhtml($_POST['alert'])));
$email = htmlspecialchars($_POST['email']);
$idd = intval($_POST['idd']);
$sql = "INSERT INTO `#__alert` (`fore`, `text`, `email`) VALUES \r\n\t\t\t('{$idd}','{$text}','{$email}')";
$DB->execute($sql);
$err = 'oke';
} else {
$err = 'pub1';
}
}
?>
<div class="fore-old-call">
<img src="/<?php
echo $theme;
?>
images/alert.png" width="279" height="22" border="0" alt="Пожаловаться на прогноз" title="Пожаловаться на прогноз"/>
<div class="border"></div>
function send_email($config = false, $email = false)
{
$config = config_check($config);
$email = email_check($email);
if ($config && $email) {
// require_once("phpmailer/class.phpmailer.php");
require 'phpmailer/PHPMailerAutoload.php';
$mail = new PHPMailer();
log_message('error', 'nohtml.' . print_r($email->nohtml, true));
if ($email->nohtml) {
$mail->IsHTML(false);
} else {
$mail->IsHTML(true);
}
$mail->IsSMTP();
// enable SMTP
// $mail->SMTPDebug = 2; // debugging: 1 = errors and messages, 2 = messages only
$mail->SMTPAuth = true;
// authentication enabled
if ($config->ssl) {
if (trim($config->host) == 'smtp.live.com') {
$mail->SMTPSecure = 'tls';
// secure transfer enabled REQUIRED for GMail
} else {
if (preg_match('/amazonaws.com/', $config->host)) {
$mail->SMTPSecure = 'tls';
// secure transfer enabled REQUIRED for GMail
} else {
$mail->SMTPSecure = 'ssl';
// secure transfer enabled REQUIRED for GMail
}
}
}
$mail->Host = $config->host;
$mail->Port = $config->port;
$mail->Username = $config->username;
$mail->Password = $config->password;
if ($email->reply) {
$mail->AddReplyTo($email->reply, $email->reply_name);
}
if ($email->bcc) {
if (count($email->bcc) > 1) {
foreach ($email->bcc as $rowbcc) {
$mail->AddBCC($rowbcc);
}
} else {
$mail->AddBCC($email->bcc);
}
}
if ($email->attachment) {
foreach ($email->attachment as $row) {
$mail->AddAttachment($row);
}
}
$mail->SetFrom($email->from, $email->from_name);
$mail->Subject = $email->subject;
$mail->Body = $email->message;
$mail->AddAddress($email->to, $email->to);
if ($mail->Send()) {
return 1;
} else {
return $mail->ErrorInfo;
}
}
return 0;
}
if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
require_once '../assets/config.php';
$error = array('error' => 'success', 'email' => '0', 'done' => '0');
function email_check($s)
{
if (preg_match('/^([a-zA-Z0-9_\\.\\-])+\\@(([a-zA-Z0-9\\-])+\\.)+([a-zA-Z0-9]{2,4})+$/', $s) == 1) {
return true;
} else {
return false;
}
}
if ($_POST['email'] == NULL) {
$error['email'] = '1';
} else {
$email = $_POST['email'];
if (!email_check($email)) {
$error['email'] = '3';
} else {
$email = $_POST['email'];
$sql = "select * from `subscribe` where `email`='" . $email . "'";
$query = @mysql_query($sql);
$num = @mysql_num_rows($query);
if ($num != 0) {
$error['email'] = '2';
} else {
$sql = "insert into `subscribe`(email) values('" . $email . "')";
$query = @mysql_query($sql);
$error['done'] = '1';
}
}
}
* E-mail: support@osRealty.ru
* URL: www.osRealty.ru
*
*/
defined('_JEXEC') or die('Restricted access');
if (get_access('admin', 'tools', 'view', false)) {
$i = 0;
if ($_POST['mail'] == 1 or $_POST['mail'] == 3) {
$subject = strip_tags($_POST['subject']);
$emailsup = $DB->getOne("SELECT `#__setting`.`value` FROM `#__setting` WHERE `#__setting`.`name`='emailsup'");
$sql = 'SELECT `#__users`.`password`,`#__users`.`userID`,`#__users`.`email` FROM `#__users` WHERE `#__users`.`alertmail`=1';
$mailarr = $DB->getAll($sql);
$i = 0;
foreach ($mailarr as $mail) {
$endsub = '<p><a href="http://' . $_SERVER['HTTP_HOST'] . '/com/mail/del/' . $mail['userID'] . '/' . $mail['password'] . '">Отписаться от рассылки.</p>';
if (email_check($mail['email'])) {
$m = new Mail();
// начинаем
$m->From($emailsup);
// от кого отправляется почта
$m->To($mail['email']);
// кому адресованно
$m->Subject($subject);
$m->Body($_POST['text'] . $endsub);
$m->Priority(3);
// приоритет письма
$m->Send();
// а теперь пошла отправка
$i++;
}
}
} else {
$zm = array();
$zm[] = "name";
$zm[] = "username";
$zm[] = "password";
$zm[] = "password2";
$zm[] = "email";
$zm[] = "phone";
$name = test_input($_POST[current($zm)]);
$username = test_input($_POST[next($zm)]);
$password = test_input($_POST[next($zm)]);
$password2 = test_input($_POST[next($zm)]);
$email = test_input($_POST[next($zm)]);
$phone = test_input($_POST[end($zm)]);
$error = "";
if ($password == $password2 && email_check($email) && phone_check($phone)) {
$sql = "UPDATE `users` SET `pass`='{$password}', `name`='{$name}', `mail`='{$email}', `phone`='{$phone}' WHERE `login`='{$username}'";
if (mysql_query($sql)) {
echo 'Dane wyedytowane!';
} else {
echo mysql_error();
}
}
}
}
?>
</section>
<footer id="footer">
/**
* Check records for a valid email address
*
* @param string $data The string to space
* @param int $cell_id The cell id
* @param int $work_id The work id
* @param int $process_id The process id
* @return int Return 1 if there is an error, otherwise return 0
*
*/
function email($data, $cell_id, $work_id, $process_id, $row_id)
{
if (email_check($data) != 1) {
//If there is a error, do not create a work_unit record
return 1;
}
return 0;
}
<div>
<b>Username:</b> <?php
echo $username;
?>
</div>
<div>
<b>Password:</b> <?php
echo $password;
?>
</div>
<div>
<b>Email:</b> <?php
echo $email;
?>
<?php
echo email_check($email);
?>
</div>
<div>
<b>Telephone:</b> <?php
echo $phone;
?>
<?php
echo phone_check($phone);
?>
</div>
<div>
<?php
if (count($_POST["hobby"]) > 0) {
echo "<b>You got ";
/**
* Created by Vati Child.
* E-mail: vatia0@gmail.com
* Date: 11/23/14
* Time: 10:00 PM
*/
defined('_JEXEC') or die('Restricted access');
session_start();
$_SESSION = array();
include_once $_SERVER['DOCUMENT_ROOT'] . '/captcha/simple-php-captcha.php';
$_SESSION['captcha'] = simple_php_captcha();
$registry['contact'] = $DB->getAll("SELECT * FROM #__contact WHERE id=1");
if ($_POST['stage'] == 'process') {
session_start();
if (!empty($_POST['name'])) {
if (email_check($_POST['email'])) {
if ($_SESSION['captcha']['code'] == $_POST['capcha']) {
$to = $registry['emailsup'];
$subject = 'funtime.ge -' . !empty($_POST['subject']) ? $_POST['subject'] : 'კონტაქტი';
$message = htmlspecialchars($_POST['msg']);
mail_utf8($registry['contact'][0]['email'], htmlspecialchars($_POST['name']), $_POST['email'], $subject, $message);
header("location:/com/contacts?success=true");
} else {
$message[0] = "error";
$message[1] = 'შეცდომა თქვენ შეიყვანეთ არასწორი კოდი ფოტოსურათიდან.';
}
} else {
$message[0] = "error";
$message[1] = 'არასწორი ელ.ფოსტა';
}
} else {
</p>
<p>
<?php
string_check(EVENT_CONTACT_NAME, 'EVENT_CONTACT_NAME', '');
email_check(EVENT_CONTACT_MAIL, 'EVENT_CONTACT_MAIL');
string_check(TECH_CONTACT_NAME, 'TECH_CONTACT_NAME', '');
email_check(TECH_CONTACT_MAIL, 'TECH_CONTACT_MAIL');
echo "</p>\n<p>\n";
string_check(TITLE, 'TITLE', '');
string_check(SYSTEM_NAME, 'SYSTEM_NAME', 'Bitsand');
string_check(DEFAULT_FACTION, 'DEFAULT_FACTION', 'Lions');
echo "<p>\n";
if (MIN_PASS_LEN < 8) {
echo "<span class = 'sans-warn'>Minimum password length is short (" . MIN_PASS_LEN . ")</span><br>";
} else {
echo "MIN_PASS_LEN: " . MIN_PASS_LEN . "<br>";
}
echo "<p>\n";
if (USE_PAY_PAL == False) {
echo "USE_PAY_PAL: False<br>";
} else {
echo "USE_PAY_PAL: True<br>";
email_check(PAYPAL_EMAIL, 'PAYPAL_EMAIL');
if (PAYPAL_AUTO_MARK_PAID) {
echo "People paying with PayPal <b>will</b> be automatically marked as paid";
} else {
echo "People paying with PayPal will <b>not</b> be automatically marked as paid";
}
}
include '../inc/inc_foot.php';
function email_check()
{
global $_G;
email_check('email_check');
DB::update('member', array('email_check' => 1), 'uid=' . $_G[uid]);
unset($_SESSION['email_check']);
msg('邮箱验证成功', 'success', 'm=home&a=setting');
}
if ($_POST['userclass'] == NULL) {
$error['class'] = '1';
} else {
if (!class_check($_POST['userclass'])) {
$error['class'] = '2';
} else {
if ($_POST['userbirthday'] == NULL) {
$error['birthday'] = '1';
} else {
if (!birthday_check($_POST['userbirthday'])) {
$error['birthday'] = '2';
} else {
if ($_POST['useremail'] == NULL) {
$error['email'] = '1';
} else {
if (!email_check($_POST['useremail'])) {
$error['email'] = '2';
} else {
if ($_POST['userscode'] == NULL) {
$error['scode'] = '1';
} else {
if (!is_number($_POST['userscode'])) {
$error['scode'] = '2';
} else {
if ($_POST['userpass'] == NULL) {
$error['pass'] = '******';
} else {
if (strlen($_POST['userpass']) < 32) {
$error['pass'] = '******';
} else {
$sql = "SELECT * FROM `user` WHERE `password` = '" . $_POST['userpass'] . "' AND `id` != '" . $_POST['userid'] . "'";
function comment_edit($CM)
{
$result = inget('`comment_post_id`,`comment_author`,`comment_author_nicename`,`comment_author_email`,`comment_content`,`comment_password`', 'comments', 'WHERE `id` =' . $CM);
$row = mysql_fetch_assoc($result);
if (empty($_SESSION['member']['id'])) {
if ($row['comment_author'] != 0 || empty($row['comment_password'])) {
include load_page('denied');
exit;
}
} elseif ($row['comment_author'] != $_SESSION['member']['id']) {
include load_page('denied');
exit;
}
$post = post_title($row['comment_post_id']);
$ID = $row['comment_post_id'];
$BD = board_name(post_board($row['comment_post_id']));
$author = $row['comment_author'];
$author_email = $row['comment_author_email'];
$author_nicename = $row['comment_author_nicename'];
$content = html_transfer($row['comment_content']);
$input_nicename = '<input name="comment_author_nicename" value="' . $author_nicename . '">';
$input_email = '<input name="comment_author_email">';
$input_password = '******';
$mod_author = empty($_SESSION['member']['id']) ? 0 : $_SESSION['member']['id'];
//需重整簡化邏輯判斷區段開始
if ((empty($_SESSION['comment']) || $_SESSION['comment']['certify'] != $CM) && !member_check()) {
include load_template('comment_certify');
exit;
}
if (isset($_SESSION['comment']['id']) && $_SESSION['comment']['id'] == $CM && !empty($_SESSION['comment']['content'])) {
$content = $_SESSION['comment']['content'];
} else {
$content = html_transfer($row['comment_content']);
}
//需考慮迴響修改者實做開始
if (!empty($_SESSION['comment']['modify'])) {
$modify = '<input type="text" name="comment_modify_who" value="' . $_SESSION['comment']['modify'] . '">';
} elseif (member_check()) {
$modify = '<input type="text" name="comment_modify_who" readonly value="' . member_info('nicename') . '">';
} else {
$modify = '<input type="text" name="comment_modify_who" value="' . $row['comment_author_nicename'] . '">';
}
//需考慮迴響修改者實做結束
if ($author) {
$member = member_who($author);
$input_nicename = '<input type="text" name="comment_author_nicename" readonly value="' . $member['nicename'] . '">';
$input_email = '<input type="text" name="comment_author_email" readonly value="' . $member['email'] . '">';
} else {
if (isset($_SESSION['comment']['author_nicename'])) {
$input_nicename = ' value="' . $_SESSION['comment']['author_nicename'] . '"';
$input_email = ' value="' . $_SESSION['comment']['author_email'] . '"';
if (email_check($_SESSION['comment']['author_email'])) {
$author_email = $_SESSION['comment']['author_email'];
}
} else {
$input_nicename = ' value="' . $row['comment_author_nicename'] . '"';
$input_email = ' value="' . $row['comment_author_email'] . '"';
}
$input_nicename = '<input type="text" name="comment_author_nicename"' . $input_nicename . '>';
$input_email = '<input type="text" name="comment_author_email"' . $input_email . '>';
}
//需重整簡化邏輯判斷區段結束
include load_template('comment_edit');
}
if ($_POST['pwd'] > '' and $_POST['pwd'] == $_POST['pwd2']) {
$login = PHP_slashes(htmlspecialchars($_POST['login']));
$email = PHP_slashes(htmlspecialchars($_POST['email']));
$fio = PHP_slashes(htmlspecialchars($_POST['fio']));
$phone = PHP_slashes(htmlspecialchars($_POST['phone']));
$group = intval($_POST['group']);
if ($group == 0) {
$group = 1;
}
if ($registry['user_realty'] == 0) {
$group = 1;
}
$all = $DB->getAll("SELECT `#__users`.`id` FROM `#__users` WHERE `username`='{$login}' LIMIT 1");
$allem = $DB->getAll("SELECT `#__users`.`id` FROM `#__users` WHERE `email`='{$email}' LIMIT 1");
if (!empty($login) and count($all) == 0) {
if (email_check($email) or count($allem) > 0) {
if ($group == 1 or $group == 2 and !empty($fio)) {
if ($group == 1 or $group == 2 and !empty($phone)) {
$salt = generate_password(7);
$password = $_POST['pwd'];
$password = sha1($salt . sha1($password));
$date = time();
//if($group==1)$group=3;//18
//if($group==2)$group=5;//23
$group = 0;
if ($registry['user_active'] == 0) {
$group = 3;
}
$sql = "INSERT INTO `#__users` \r\n\t\t\t\t(`id`,`group_id`,`username`,`password`,`salt`,`email`,`title`,`realname`,`icq`,`url`,`email_setting`,`show_smilies`,`show_img`,`show_img_sig`,\r\n\t\t\t\t`show_avatars`,`show_sig`,`language`,`style`,`registered`,`pun_bbcode_enabled`,\r\n\t\t\t\t`pun_bbcode_use_buttons`,`city`,`region`,`profile`,`phone`) \r\n\r\n\t\t\t\tVALUES ('','{$group}','{$login}','{$password}','{$salt}','{$email}','','{$fio}','','','1','1','1','1','1','1',\r\n\t\t\t\t'English','Oxygen','{$date}','1','1','','','','{$phone}')";
$DB->execute($sql);
$userID = $DB->id;
