static function mysql($query) { if (!isset($GLOBALS["site"]->config)) { require_once "engine/mysql.php"; } @mysql_query("SET NAMES utf8"); $res = mysql_query($query) or die(engine::error()); return $res; }
function main_class($site) { $this->site = $site; $this->engine = $this->site->engine; if (!empty($site->get[0])) { $site->content = engine::error(); return; } $this->site->content = $this->render('main/gallery.php', ['img_list' => GalleryService::custom_get_image_paths(10)]); $this->site->content .= $this->render('main/text.php'); $this->site->content .= $this->render('main/preview.php', ['previews' => PreviewService::getPreviews()]); $this->site->content .= $this->render('main/signup.php'); }
function search_class($site) { $this->site = $site; $this->engine = $this->site->engine; if (!empty($site->get[3])) { $site->content = engine::error(); return; } $urls = array(); $site->title = urldecode($site->get[1]) . ' - ' . $site->title; $site->content .= $GLOBALS["Lang"]["Search results by request"] . '<br/><br/><h1> "' . urldecode($site->get[1]) . '"</h1><br/><br/>'; $query = 'SELECT * FROM `nodes_content` WHERE `text` LIKE "%' . urldecode($site->get[1]) . '%"'; $res = engine::mysql($query); while ($data = mysql_fetch_array($res)) { require_once "engine/functions/print_preview.php"; $site->content .= print_preview($data); array_push($urls, "/" . $data["url"]); } }
* */ header('location: /account/finances'); die('<script>window.location = "/account/finances";</script>'); } else { if ($_GET["mode"] == "cancel") { if (!$test) { $query = 'UPDATE `nodes_transactions` SET `status` = "-1" WHERE `id` = "' . $payment->getId() . '"'; } else { $query = 'UPDATE `nodes_transactions` SET `status` = "-1" WHERE `id` = "' . $_REQUEST["id"] . '"'; } $_SESSION["payment_id"] = ''; engine::mysql($query); header('location: /account/finances'); die('<script>window.location = "/account/finances";</script>'); } else { if (!$test) { $query = 'UPDATE `nodes_transactions` SET `status` = "-1" WHERE `id` = "' . $payment->getId() . '"'; } else { $query = 'UPDATE `nodes_transactions` SET `status` = "-1" WHERE `id` = "' . $_REQUEST["id"] . '"'; } $_SESSION["payment_id"] = ''; engine::mysql($query); header('location: /account/finances'); die('<script>window.location = "/account/finances";</script>'); } } } } else { engine::error(); }
function account_class($site) { $this->site = $site; $this->engine = $this->site->engine; if (!empty($site->get[3])) { $site->content = engine::error(); return; } if (!empty($_SESSION["user"]["id"])) { if (!empty($site->get[1])) { if ($site->get[1] == "settings") { if (!empty($_POST["name"])) { $name = mysql_real_escape_string($_POST["name"]); $email = strtolower(mysql_real_escape_string($_POST["email"])); $query = 'UPDATE `nodes_users` SET `name` = "' . $name . '", `email` = "' . $email . '" WHERE `id` = "' . $_SESSION["user"]["id"] . '"'; engine::mysql($query); $_SESSION["user"]["name"] = $name; $_SESSION["user"]["email"] = $email; if (!empty($_FILES["img"]["tmp_name"])) { $file = engine::upload_photo("img", "img/pic", 50, 50); if ($file != "error") { $file = "/img/pic/" . $file; $query = 'UPDATE `nodes_users` SET `photo` = "' . $file . '" WHERE `id` = "' . $_SESSION["user"]["id"] . '"'; engine::mysql($query); $_SESSION["user"]["photo"] = $file; } } } if (!empty($_POST["pass"])) { $password = md5(trim($_POST["pass"])); $query = 'UPDATE `nodes_users` SET `pass` = "' . $password . '" WHERE `id` = "' . $_SESSION["user"]["id"] . '"'; engine::mysql($query); } $site->title = $GLOBALS["Lang"]["Settings"] . ' - ' . $site->title; $site->content = '<h1 style="padding: 5px;">' . $GLOBALS["Lang"]["Settings"] . '</h1>'; if (empty($_SESSION["user"]["email"])) { $site->content .= '<p>' . $GLOBALS["Lang"]["Enter your email and password to continue"] . '</p>'; } $site->content .= '<br/><form method="POST" enctype="multipart/form-data"> <div style="width: 300px; margin:auto; text-align:center;"> <table> <tr> <td style="padding-bottom: 10px; width: 70px;padding-right: 5px;" align=right><img src="' . $_SESSION["user"]["photo"] . '" width=50 style="border: #d0d0d0 4px solid; border-radius: 4px; margin-top: -5px;" /></td> <td style="padding-bottom: 0px;" valign=top><div style="float:left; text-align:left; padding-left: 5px;">' . $GLOBALS["Lang"]["Change picture"] . ':<br/><input type="file" name="img" class="input" style="width: 200px;margin-top: 5px;" /></div></td> </tr> <tr> <td align=right style="padding-bottom: 10px; width: 70px; padding-right: 5px;">' . $GLOBALS["Lang"]["Name"] . ':</td> <td style="padding-bottom: 10px;" ><input type="text" name="name" value="' . $_SESSION["user"]["name"] . '" class="input" style="width: 200px;" /></td> </tr>'; if (!empty($_SESSION["user"]["email"])) { $site->content .= ' <tr> <td align=right style="padding-bottom: 10px; width: 70px; padding-right: 5px;">' . $GLOBALS["Lang"]["Email"] . ':</td> <td style="padding-bottom: 10px;" ><input type="text" name="email" value="' . $_SESSION["user"]["email"] . '" class="input" style="width: 200px;" /></td> </tr> <tr> <td align=right style="padding-bottom: 10px; width: 70px; padding-right: 5px;">' . $GLOBALS["Lang"]["Password"] . ':</td> <td style="padding-bottom: 10px;" ><input type="password" name="pass" value="" placeHolder="' . $GLOBALS["Lang"]["New password"] . '" class="input" style="width: 200px;" /></td> </tr>'; } else { $site->content .= ' <tr> <td align=right style="padding-bottom: 10px; width: 70px; padding-right: 5px;">' . $GLOBALS["Lang"]["Email"] . ':</td> <td style="padding-bottom: 10px;" ><input required type="text" name="email" placeHolder="' . $GLOBALS["Lang"]["Enter your email"] . '" class="input" style="width: 200px;" /></td> </tr> <tr> <td align=right style="padding-bottom: 10px; width: 70px; padding-right: 5px;">' . $GLOBALS["Lang"]["Password"] . ':</td> <td style="padding-bottom: 10px;" ><input required type="password" name="pass" value="" placeHolder="' . $GLOBALS["Lang"]["Enter your password"] . '" class="input" style="width: 200px;" /></td> </tr>'; } $site->content .= ' <tr> '; if (empty($_SESSION["user"]["url"])) { $site->content .= '<td colspan=2 style="padding: 5px;">'; $query = 'SELECT * FROM `nodes_config` WHERE `name` = "vk_id"'; $res = engine::mysql($query); $vk = mysql_fetch_array($res); $query = 'SELECT * FROM `nodes_config` WHERE `name` = "fb_id"'; $res = engine::mysql($query); $fb_id = mysql_fetch_array($res); $query = 'SELECT * FROM `nodes_config` WHERE `name` = "tw_key"'; $res = engine::mysql($query); $tw_key = mysql_fetch_array($res); $query = 'SELECT * FROM `nodes_config` WHERE `name` = "gp_id"'; $res = engine::mysql($query); $gp_id = mysql_fetch_array($res); if (!empty($fb_id["value"]) || !empty($tw_key["value"]) || !empty($gp_id["value"]) || !empty($vk["value"])) { $site->content .= '<div style="padding: 5px; border: #eee 1px solid; border-radius: 5px;">Connect with social network<br/><br/>'; if (!empty($fb_id["value"])) { $site->content .= '<a rel="nofollow" target="_blank" href=\'https://www.facebook.com/dialog/oauth?client_id=' . $fb_id["value"] . '&redirect_uri=' . urlencode("http://" . $_SERVER["HTTP_HOST"] . "/account.php?mode=social&method=fb") . '\' style="margin: 15px; margin-left: 0px; cursor: pointer;"><img src="/img/social/fb.png" title="Facebook"/></a>'; } if (!empty($tw_key["value"])) { $site->content .= '<a rel="nofollow" target="_blank" href="http://' . $_SERVER["HTTP_HOST"] . '/account.php?mode=social&method=tw" style="margin: 15px;"><img src="/img/social/tw.png" title="Twitter"/></a>'; } if (!empty($gp_id["value"])) { $site->content .= '<a rel="nofollow" target="_blank" href="http://' . $_SERVER["HTTP_HOST"] . '/account.php?mode=social&method=gp" style="margin: 15px;"><img src="/img/social/gp.png" title="Google+"/></a>'; } if (!empty($vk["value"])) { $site->content .= '<a rel="nofollow" target="_blank" href="https://oauth.vk.com/authorize?client_id=' . $vk["value"] . '&scope=notify&redirect_uri=' . urlencode("http://" . $_SERVER["HTTP_HOST"] . '/account.php?mode=social&method=vk') . '&display=page&response_type=token" style="margin: 15px; margin-right: 0px;"><img src="/img/social/vk.png" title="VK"/></a>'; } $site->content .= '</div>'; } } else { $site->content .= ' <td align=right style="padding-bottom: 10px; width: 70px; padding-right: 5px;">' . $GLOBALS["Lang"]["Site"] . ':</td> <td align=left style="padding-left: 7px;"><div style="overflow:hidden; height: 14px; width: 200px;"><a href="' . $_SESSION["user"]["url"] . '" target="_blank">' . str_replace('/', ' / ', str_replace("http://", '', $_SESSION["user"]["url"])) . '</a></div><br/>'; } $site->content .= '<br/> </td> </tr> <tr> <td style="padding-top: 20px;" colspan=2> <input type="submit" class="btn" style="width: 280px;" value="' . $GLOBALS["Lang"]["Save changes"] . '" /><br/><br/> <a href="/account"><input type="button" class="btn btnSmall" style="width: 280px;" value="' . $GLOBALS["Lang"]["Back to account"] . '" /></a><br/><br/> </td> </tr> </table> </div> </form>'; } else { if ($site->get[1] == "inbox") { if (!empty($site->get[3])) { $site->content = engine::error(); return; } $site->title = $GLOBALS["Lang"]["Messages"] . ' - ' . $site->title; $site->content .= '<h1 style="padding: 5px;">' . $GLOBALS["Lang"]["Messages"] . '</h1><br/>'; if (empty($site->get[2])) { $site->content .= '<center><iframe id="message_frame" src="/messages.php?id=' . $_SESSION["user"]["id"] . '" width=100% height=390 style="max-width: 700px;" ></iframe></center>' . '<a href="/account"><input type="button" class="btn btnSmall" style="width: 280px;" value="' . $GLOBALS["Lang"]["Back to account"] . '" /></a>'; } else { $site->content .= '<center><iframe id="message_frame" src="/messages.php?mode=dialog&id=' . $_SESSION["user"]["id"] . '&target=' . $site->get[2] . '" width=100% height=390 style="max-width: 700px;" ></iframe></center>' . '<a href="/account"><input type="button" class="btn btnSmall" style="width: 280px;" value="' . $GLOBALS["Lang"]["Back to account"] . '" /></a>'; } } else { $site->content = engine::error(); return; } } } else { $site->title = $GLOBALS["Lang"]["My Account"] . ' - ' . $site->title; $site->content = '<h1 style="padding: 5px;">' . $GLOBALS["Lang"]["My Account"] . '</h1><br/><br/>'; if ($_SESSION["user"]["id"] == "1") { $site->content .= '<a href="/admin"><input type="button" class="btn btnSmall" style="width: 280px;" value="' . $GLOBALS["Lang"]["Admin"] . '" /></a><br/><br/>'; } $site->content .= '<a href="/account/inbox"><input type="button" class="btn btnSmall" style="width: 280px;" value="' . $GLOBALS["Lang"]["Messages"] . '" /></a><br/><br/>' . '<a href="/account/settings"><input type="button" class="btn btnSmall" style="width: 280px;" value="' . $GLOBALS["Lang"]["Settings"] . '" /></a><br/><br/>' . '<input type="button" class="btn btnSmall" style="width: 280px;" value="' . $GLOBALS["Lang"]["Logout"] . '" onClick="logout();" /><br/><br/>'; } } else { $site->title = $GLOBALS["Lang"]["Access denied"] . ' - ' . $site->title; $site->content = '<h3 style="padding-top: 100px;">' . $GLOBALS["Lang"]["Access denied"] . '</h3><br/>'; } }
function content_class($site) { $this->site = $site; $this->engine = $this->site->engine; $query = 'SELECT * FROM `nodes_catalog` WHERE `visible` = 1'; $res = $site->engine->mysql($query); if ($site->get[0] != "content") { $site->menu .= '<a href="/content">' . $GLOBALS["Lang"]["Content"] . '</a> '; } else { $site->menu .= '<a href="/content"><b>' . $GLOBALS["Lang"]["Content"] . '</b></a> '; } if ($site->get[0] != "content") { $link = $site->get[0]; if (!empty($site->get[1])) { $site->content = engine::error(); return; } } else { if (!empty($site->get[2])) { $site->content = engine::error(); return; } $link = $site->get[1]; } $flag = 0; while ($data = mysql_fetch_array($res)) { $flag = 1; if ($link == $data["url"]) { $site->menu .= '<a href="/' . $data["url"] . '"><b>' . $data["caption"] . '</b></a> '; } else { $site->menu .= '<a href="/' . $data["url"] . '">' . $data["caption"] . '</a> '; } } if (!$flag) { $site->menu = ''; } if ($site->get[0] != "content" || !empty($site->get[1]) && $site->get[0] == "content") { // print catalog $query = 'SELECT * FROM `nodes_catalog` WHERE `url` = "' . $link . '"'; $res = $site->engine->mysql($query); $data = mysql_fetch_array($res); if (!empty($data)) { $site->title = $data["caption"] . ' - ' . $site->title; $site->description = strip_tags($data["text"]); if (!empty($data["img"])) { $site->img = "/img/data/big/" . $data["img"]; } $query = 'SELECT * FROM `nodes_content` WHERE `cat_id` = "' . $data["id"] . '"'; $res = $site->engine->mysql($query); if (!$data["visible"]) { $site->menu = ''; } $site->content .= '<h1>' . $data["caption"] . '</h1><br/>' . '<br/>'; $flag = 0; // print articles while ($d = mysql_fetch_array($res)) { $flag = 1; require_once "engine/functions/print_preview.php"; $site->content .= print_preview($d); } if ($flag) { $site->content .= '<div style="clear:both;"></div>'; } else { // print catalog if (!empty($data["img"])) { $site->content .= '<div id="article"> <div style="float:left; margin-right: 10px; margin-left: 10px;"> <img src="/img/data/big/' . $data["img"] . '" class="img" /> </div> <div class="text"> ' . $data["text"] . ' </div> </div>'; } else { $site->content .= '<div id="article"> <div class="text"> ' . $data["text"] . ' </div> </div>'; } $site->content .= '<div style="clear:both;"></div>'; } } else { $query = 'SELECT * FROM `nodes_content` WHERE `url` = "' . $link . '"'; $res = $site->engine->mysql($query); $data = mysql_fetch_array($res); if (empty($data)) { $query = 'UPDATE `nodes_catch` SET `interval` = "-2" WHERE `url` = "' . $_SERVER["SCRIPT_URI"] . '"'; $site->engine->mysql($query); $site->engine->error(); exit; } else { require_once "engine/functions/print_content.php"; $site->title = $data["caption"] . ' - ' . $site->title; $site->description = strip_tags($data["text"]); if (!empty($data["img"])) { $site->img = "/img/data/big/" . $data["img"]; } $query = 'SELECT * FROM `nodes_catalog` WHERE `id` = "' . $data["cat_id"] . '"'; $r = engine::mysql($query); $d = mysql_fetch_array($r); $site->content .= '<h1>' . $data["caption"] . '</h1><br/>'; $site->content .= print_content($data); $site->content .= ' <div style="clear:both;"></div> <br/> '; require_once "engine/functions/print_preview.php"; $query = 'SELECT * FROM `nodes_content` WHERE `cat_id` = "' . $data["cat_id"] . '" AND `id` <> "' . $data["id"] . '" ORDER BY `date` DESC LIMIT 0, 3'; $res = $site->engine->mysql($query); $count = 0; while ($d = mysql_fetch_array($res)) { $count++; $site->content .= print_preview($d); } if ($count < 3) { $query = 'SELECT * FROM `nodes_content` WHERE `cat_id` <> "' . $data["cat_id"] . '" ORDER BY `date` DESC LIMIT 0, 3'; $res = $site->engine->mysql($query); while ($d = mysql_fetch_array($res)) { if ($count++ > 3) { break; } $site->content .= print_preview($d); } } $site->content .= ' <div style="clear:both;"></div> '; } } } else { require_once "engine/functions/print_preview.php"; $site->title = $GLOBALS["Lang"]["Content"] . ' - ' . $site->title; $site->content .= '<h1>' . $GLOBALS["Lang"]["Content"] . '</h1><br/><br/>'; $query = 'SELECT * FROM `nodes_content` ORDER BY `date` DESC'; $res = engine::mysql($query); $flag = 0; while ($data = mysql_fetch_array($res)) { $flag = 1; $site->content .= print_preview($data); } if ($flag) { $site->content .= '<div style="clear:both;"></div>'; } else { $site->content = '<div style="padding-top: 70px; padding-bottom: 70px;">' . $GLOBALS["Lang"]["No articles found"] . '<div>'; } } }
function register_class($site) { $this->site = $site; $this->engine = $this->site->engine; $site->title = $GLOBALS["Lang"]["Sign Up"] . ' - ' . $site->title; if (!empty($site->get[1])) { $site->content = engine::error(); return; } if (!empty($_POST["email"])) { if ($_POST["captcha"] != $_SESSION["captcha"]) { $fout = '<script>alert("' . $GLOBALS["Lang"]["Error"] . '. ' . $GLOBALS["Lang"]["Invalid conformation code"] . '.");</script>'; } else { $name = mysql_real_escape_string($_POST["name"]); $email = strtolower(mysql_real_escape_string($_POST["email"])); $query = 'SELECT * FROM `nodes_users` WHERE `email` = "' . $email . '"'; @mysql_query("SET NAMES utf8"); $r = mysql_query($query) or die(mysql_error()); $d = mysql_fetch_array($r); if (!empty($d)) { $fout = '<script>alert("' . $GLOBALS["Lang"]["Error"] . '. ' . $GLOBALS["Lang"]["Email"] . ' ' . $GLOBALS["Lang"]["allready exist"] . '.");</script>'; unset($_POST["email"]); } else { if (strpos($email, "@")) { if (!empty($_POST["pass"])) { $query = 'INSERT INTO `nodes_users` (`name`, `photo`, `email`, `pass`, `online`) VALUES ("' . $name . '", "/img/anon.jpg", "' . $email . '", "' . md5(trim($_POST["pass"])) . '", "' . date("U") . '")'; @mysql_query("SET NAMES utf8"); mysql_query($query) or die(mysql_error()); $query = 'SELECT * FROM `nodes_users` WHERE `email` = "' . $email . '" AND `pass` = "' . md5(trim($_POST["pass"])) . '"'; @mysql_query("SET NAMES utf8"); $res = mysql_query($query) or die(mysql_error()); $data = mysql_fetch_array($res); if (!empty($data)) { unset($data["pass"]); unset($data[5]); unset($data["token"]); unset($data[9]); $_SESSION["user"] = $data; $fout = '<script language="JavaScript">window.location = "/";</script>'; } else { $fout = '<div style="text-align:center; padding-top: 100px;">' . $GLOBALS["Lang"]["Incorrect email of password"] . '.</div>'; } if ($site->configs["send_registration_email"]) { engine::send_mail($email, "no-reply@" . $_SERVER["HTTP_HOST"], $GLOBALS["Lang"]["Registration at"] . ' ' . $_SERVER["HTTP_HOST"], 'Dear ' . $name . '!<br/><br/>' . $GLOBALS["Lang"]["We are glad to confirm sucsessful registration at"] . ' <a href="http://' . $_SERVER["HTTP_HOST"] . '/">' . $_SERVER["HTTP_HOST"] . '</a>' . $site->configs["email_signature"]); } $site->content = $fout; return; } else { $fout = '<script>alert("' . $GLOBALS["Lang"]["Error"] . '. ' . $GLOBALS["Lang"]["Enter password"] . '.");</script>'; } } else { $fout = '<script>alert("' . $GLOBALS["Lang"]["Error"] . '. ' . $GLOBALS["Lang"]["Incorrect email"] . '.");</script>'; unset($_POST["email"]); } } } } $fout = '<h1>' . $GLOBALS["Lang"]["Sign Up"] . '</h1>' . '<br/>' . '<br/><form method="POST">' . '<input required type="text" name="email" value="' . $_POST["email"] . '" class="input" style="padding: 5px; width: 100%;max-width: 265px; margin-top: 0px;" placeHolder="' . $GLOBALS["Lang"]["Email"] . '" title="' . $GLOBALS["Lang"]["Email"] . '" /><br/>' . '<input required type="text" name="name" value="' . $_POST["name"] . '" class="input" style="padding: 5px;width: 100%;max-width: 265px; margin-top: 10px;" placeHolder="' . $GLOBALS["Lang"]["Name"] . '" title="' . $GLOBALS["Lang"]["Name"] . '" /><br/>' . '<input required type="password" name="pass" class="input" style="width: 100%;padding: 5px;max-width: 265px; margin-top: 10px;" placeHolder="' . $GLOBALS["Lang"]["Password"] . '" title="' . $GLOBALS["Lang"]["Password"] . '" value="' . $_POST["pass"] . '" /><br/>' . '<br/>' . '<center><img src="/captcha.php?' . md5(date("U")) . '" /></center>' . '<input required type="text" name="captcha" class="input" style="width: 100%;padding: 5px;max-width: 265px; margin-top: 5px;" placeHolder="' . $GLOBALS["Lang"]["Confirmation code"] . '" title="' . $GLOBALS["Lang"]["Confirmation code"] . '" />' . '<br/><input type="submit" class="btn" value="' . $GLOBALS["Lang"]["Submit"] . '" style="width: 100%;max-width: 265px;margin-top: 10px;" /></form>' . '<br/><br/>' . $fout; $site->content = $fout; }