Beispiel #1
0
<?php

require_once './db-connect.php';
require_once './util.php';
$name = filter_escape($_POST['name']);
$gender = filter_escape($_POST['gender']);
$email = filter_escape($_POST['email']);
$username = filter_escape($_POST['username']);
$password = filter_escape($_POST['password']);
$r_mail = mysql_query("SELECT * FROM user WHERE email='{$email}'");
$r_user = mysql_query("SELECT * FROM user WHERE username='******'");
$mail_num = mysql_num_rows($r_mail);
$user_num = mysql_num_rows($r_user);
if ($mail_num > 0 && $user_num > 0) {
    echo 4;
    return;
} else {
    if ($mail_num === 0 && $user_num > 0) {
        echo 3;
        return;
    } else {
        if ($mail_num > 0 && $user_num === 0) {
            echo 2;
            return;
        } else {
            if ($mail_num === 0 && $user_num === 0) {
                $salt = md5(uniqid(rand(), true));
                $password = hash('sha256', $salt . $password);
                $cookie = md5($email . time() . $salt);
                $insert = mysql_query("INSERT INTO user SET\n    name='{$name}', username='******', gender='{$gender}',\n    email='{$email}', password='******', salt='{$salt}',\n    cookie='{$cookie}', createtime=now()");
                if ($insert) {
Beispiel #2
0
<?php

require_once './db-connect.php';
require_once './util.php';
$cookie = filter_escape($_POST['cookie']);
$result = mysql_query("SELECT * FROM user WHERE cookie='{$cookie}'");
$num = mysql_num_rows($result);
if ($num === 0) {
    echo 0;
} else {
    if ($num === 1) {
        echo 1;
    } else {
        echo 2;
    }
}
Beispiel #3
0
date_default_timezone_set("Asia/Taipei");
require_once "./vendor/autoload.php";
require_once './db-connect.php';
require_once './util.php';
$subject_id = filter_escape($_POST['subject']);
$address = filter_escape($_POST['address']);
$region_id = filter_escape($_POST['region']);
$content = filter_escape($_POST['content']);
$anonymous = filter_escape($_POST['anonymous']);
$cookie = filter_escape($_POST['cookie']);
$marker = filter_escape($_POST['marker']);
$gps = filter_escape($_POST['gps']);
$picture1 = filter_escape($_POST['picture1']);
$picture2 = filter_escape($_POST['picture2']);
$picture3 = filter_escape($_POST['picture3']);
$result = mysql_query("SELECT id FROM user WHERE cookie='{$cookie}'");
$num = mysql_num_rows($result);
if ($num != 1) {
    echo 2;
    return;
}
$row = mysql_fetch_assoc($result);
$user_id = $row['id'];
$content = $address . ', ' . $content;
$result = mysql_query("INSERT INTO report SET\n  user_id={$user_id},\n  region_id={$region_id},\n  subject_id={$subject_id},\n  content='{$content}',\n  address='{$address}',\n  marker='{$marker}',\n  gps='{$gps}',\n  progress_id=0,\n  picture1='{$picture1}',\n  picture2='{$picture2}',\n  picture3='{$picture3}',\n  anonymous={$anonymous},\n  report_time=now()\n  ");
if (!$result) {
    echo 2;
    return;
}
$result = mysql_query("SELECT * FROM region WHERE region_id={$region_id}");
Beispiel #4
0
<?php

require_once "./vendor/autoload.php";
require_once "./db-connect.php";
require_once "./config.php";
require_once './util.php';
date_default_timezone_set("Asia/Taipei");
$subject = filter_escape($_POST['subject']);
$sendername = filter_escape($_POST['name']);
$from = filter_escape($_POST['from']);
$content = $_POST['content'];
$filted_content = filter_escape($content);
$mail = new PHPMailer();
$mail->IsSMTP();
$mail->SMTPAuth = TRUE;
$mail->SMTPSecure = "ssl";
$mail->Host = "smtp.gmail.com";
$mail->Port = 465;
$mail->CharSet = "utf-8";
$mail->Encoding = "base64";
$mail->Username = $agency_gmail_user;
$mail->Password = $agency_gmail_password;
$mail->FromName = $sendername;
$mail->Subject = $subject;
$mail->Body = $content . "\n\n\nFrom: " . $from;
foreach ($manager as $each_manager) {
    $mail->AddAddress($each_manager['mail'], $each_manager['name']);
}
mysql_query("INSERT INTO mail (subject,email,name,content) VALUES ('{$subject}','{$from}','{$sendername}','{$filted_content}')");
if (!$mail->Send()) {
    echo "Mailer Error: " . $mail->ErrorInfo;