function print_comments($url)
{
$url = trim(str_replace('"', "'", urldecode($url)));
if (!empty($_POST["comment"])) {
$text = str_replace('"', "'", htmlspecialchars(strip_tags($_POST["comment"])));
$text = str_replace("\n", "<br/>", $text);
$query = 'SELECT * FROM `nodes_comments` WHERE `text` LIKE "' . $text . '" AND `url` LIKE "' . $url . '" AND `user_id` = "' . $_SESSION["user"]["id"] . '"';
$res = engine::mysql($query);
$data = mysql_fetch_array($res);
if (empty($data) && intval($_SESSION["user"]["id"] > 0)) {
$query = 'INSERT INTO `nodes_comments` (`url`, `reply`, `user_id`, `text`, `date`) ' . 'VALUES("' . $url . '", "' . intval($_POST["reply"]) . '", "' . $_SESSION["user"]["id"] . '", "' . $text . '", "' . date("U") . '")';
engine::mysql($query);
$query = 'SELECT * FROM `nodes_config` WHERE `name` = "send_comments_email"';
$r_conf = engine::mysql($query);
$d_conf = mysql_fetch_array($r_conf);
if (intval($d_conf["value"])) {
$query = 'SELECT * FROM `nodes_config` WHERE `name` = "email"';
$r_email = engine::mysql($query);
$d_email = mysql_fetch_array($r_email);
$message = 'User ' . $_SESSION["user"]["name"] . ' add new comment!<br/>' . '<a href="' . $_SERVER["SCRIPT_URI"] . '">' . $_SERVER["SCRIPT_URI"] . '</a><br/>' . '<br/>Comment:<br/>-----------------------------<br/>' . $text;
engine::send_mail($d_email["value"], "no-reply@" . $_SERVER["HTTP_HOST"], "New comment at " . $_SERVER["HTTP_HOST"], $message);
}
$fout .= '
<script>alert("' . $GLOBALS["Lang"]["Comment submited!"] . '");</script>
';
}
}
$flag = 0;
$fout1 .= '<table align=center style="width: 100%; max-width: 500px; font-size: 14px;">';
$query = 'SELECT * FROM `nodes_comments` WHERE `url` LIKE "' . $url . '"';
$res = engine::mysql($query);
while ($data = mysql_fetch_array($res)) {
if (intval($data["id"]) > 0) {
$fout1 .= print_comment($data["id"]);
$flag = 1;
}
}
$fout1 .= '</table><br/>';
if (!empty($_SESSION["user"])) {
if (!$flag) {
$fout .= $GLOBALS["Lang"]["There is no comments"] . '<br/><br/>';
} else {
$fout .= $fout1;
}
$fout .= '
<form method="POST">
<div id="new_comment" style="display:none;">
<h2 style="font-size: 21px;">' . $GLOBALS["Lang"]["Add new comment"] . '</h2><br/><br/>
<textarea name="comment" cols=50 style="height: 80px; width: 100%; max-width: 500px;"></textarea><br/><br/>
<center><input type="submit" class="btn" value="' . $GLOBALS["Lang"]["Submit comment"] . '" style="width: 280px;" /></center>
</div>
<input type="button" class="btn" value="' . $GLOBALS["Lang"]["Add comment"] . '" style="width: 280px;" onClick=\'document.getElementById("new_comment").style.display="block";this.style.display="none";\' />
</form>
';
}
return $fout;
}
$query = 'UPDATE `nodes_transactions` SET `status` = "1" WHERE `id` = "' . $payment->getId() . '"';
} else {
$query = 'SELECT * FROM `nodes_transactions` WHERE `id` = "' . $_REQUEST["id"] . '"';
$res = engine::mysql($query);
$d = mysql_fetch_array($res);
$query = 'UPDATE `nodes_transactions` SET `status` = "1" WHERE `id` = "' . $_REQUEST["id"] . '"';
}
engine::mysql($query);
$query = 'SELECT * FROM `nodes_config` WHERE `name` = "send_paypal_email"';
$res = engine::mysql($query);
$spe = mysql_fetch_array($res);
$query = 'SELECT * FROM `nodes_config` WHERE `name` = "email_signature"';
$res = engine::mysql($query);
$sign = mysql_fetch_array($res);
if ($spe["value"]) {
engine::send_mail($dd["email"], $_SESSION["user"]["email"], "New payment to " . $_SERVER["HTTP_HOST"], 'Transaction successfully finished!' . $sign["value"]);
}
// new message in chat to receiver
//
/*
$query = 'SELECT * FROM `nodes_excursions` WHERE `id` = "'.$d["order_id"].'"';
$res = engine::mysql($query);
$d = mysql_fetch_array($res);
$query = 'SELECT * FROM `nodes_users` WHERE `id` = "'.$d["user_id"].'"';
$res = engine::mysql($query);
$dd = mysql_fetch_array($res);
$text = 'User <b>'.$_SESSION["user"]["name"].'</b> create a new transaction';
$mail = 'User <a href="http://'.$_SERVER["HTTP_HOST"].'/account/inbox/'.$_SESSION["user"]["id"].'" target="_blank"><b>'.$_SESSION["user"]["name"].'</b></a> create a new transaction';
$query = 'INSERT INTO `nodes_message`(`from`, `to`, `text`, `date`) VALUES("'.$_SESSION["user"]["id"].'", "'.$d["user_id"].'", "'.$text.'", "'.date("U").'")';
engine::mysql($query);
@mysql_query("SET NAMES utf8");
$res = mysql_query($query) or die(mysql_error());
$target = mysql_fetch_array($res);
$query = 'INSERT INTO `nodes_message`(`from`, `to`, `text`, `date`) VALUES("' . intval($_GET["id"]) . '", "' . intval($_GET["target"]) . '", "' . $text . '", "' . date("U") . '")';
@mysql_query("SET NAMES utf8");
mysql_query($query);
$query = 'SELECT * FROM `nodes_config` WHERE `name` = "send_message_email"';
$r_conf = engine::mysql($query);
$d_conf = mysql_fetch_array($r_conf);
$query = 'SELECT * FROM `nodes_config` WHERE `name` = " email_signature"';
$r_sign = engine::mysql($query);
$d_sign = mysql_fetch_array($r_sign);
if ($d_conf["value"]) {
if ($target["online"] < date("U") - 300) {
$message = 'User ' . $_SESSION["user"]["name"] . ' sent a message for you!<br/><br/>' . '<a href="http://' . $_SERVER["HTTP_HOST"] . '/inbox/' . $_SESSION["user"]["id"] . '">http://' . $_SERVER["HTTP_HOST"] . '/inbox/' . $_SESSION["user"]["id"] . '</a>' . $d_sign["value"];
engine::send_mail($target["email"], "no-reply@" . $_SERVER["HTTP_HOST"], "New message at " . $_SERVER["HTTP_HOST"], $message);
}
}
}
}
$query = 'SELECT * FROM `nodes_message` WHERE (`from` = ' . $_GET["id"] . ' AND `to` = ' . $_GET["target"] . ') OR (`from` = ' . $_GET["target"] . ' AND `to` = ' . $_GET["id"] . ') ORDER BY `date` ASC';
@mysql_query("SET NAMES utf8");
$res = mysql_query($query) or die(mysql_error());
$fout = '<div id="chat">' . '<table style="width: 100%; padding-top: 10px; padding-bottom: 10px;" border=0 >';
while ($data = mysql_fetch_array($res)) {
if ($data["from"] == $_GET['id']) {
if ($data["readed"] == "0") {
$fout .= '<tr><td style="background: #dfdfdf;">';
} else {
$fout .= '<tr><td>';
}
function template($site)
{
$this->site = $site;
$this->engine = $this->site->engine;
if (!empty($_POST["contact"]) && !empty($_POST["text"]) && !empty($_SESSION["user"]["id"])) {
engine::send_mail($site->configs["email"], $_POST["contact"], "New message from " . $_SERVER["HTTP_HOST"], str_replace("\n", "<br/>", $_POST["text"]));
$site->activejs .= '
alert("' . $GLOBALS["Lang"]["Message sent successfully"] . '");
';
}
$site->activejs .= '
if(!window.jQuery) document.write(unescape(\'<script type="text/javascript" src="/libs/jquery-1.11.1.js">%3C/script%3E\'));
if(window.jQuery) try {
jQuery("a, img, div, input, select, textarea, button").tooltipster();
}catch(err) {
document.write(unescape(\'<script type="text/javascript" src="/libs/jquery.tooltipster.min.js">%3C/script%3E\'));
jQuery("a, img, div, input, select, textarea, button").tooltipster();
}
';
if (!isset($_POST["jQuery"])) {
$header = '<header id="mainHead">
<div class="container">
<div id="logo">
<div id="logoOne"><a href="/"><img src="/img/logo.png" style="height: 65px;" alt="' . $site->config->name . '"></a></div>
<div id="logoTwo"><a href="/" id="site_title">' . $site->title . '</a></div>
</div>
<div id="nav">
<ul>
<li><a href="/">' . $GLOBALS["Lang"]["Home"] . '</a></li>
<li><a href="/content">' . $GLOBALS["Lang"]["Content"] . '</a></li>
';
if (empty($_SESSION["user"]["id"])) {
$header .= '<li class="last"><a href="/register" class="btn">' . $GLOBALS["Lang"]["Sign Up"] . '</a></li>
<li class="last" id="last"><a href="#" class="btn" onClick="show_login_form();">' . $GLOBALS["Lang"]["Login"] . '</a></li>';
} else {
$header .= '<li class="last"><a href="/account" class="btn">' . $GLOBALS["Lang"]["My Account"] . '</a></li>
<li class="last" id="last"><a href="#" onClick="logout();" class="btn">' . $GLOBALS["Lang"]["Logout"] . '</a></li>';
}
$header .= '
</ul></div>
<div id="searchIcon" onClick=\'result = prompt("' . $GLOBALS["Lang"]["Search"] . '", ""); if(result){ window.location="/search/"+encodeURIComponent(result); }\'>
<img src="/img/search.png" style="height: 25px;" />
<form id="search_form" method="GET" action="/search/"><input type="hidden" id="query" name="q" value="" /></form>
</div>
<a id="menuIcon"><img src="/img/menu.png" alt="' . $GLOBALS["Lang"]["Show navigation"] . '"></a>
<div id="langIcon">
<form method="POST" id="lang_select">
<select name="lang" onChange=\'document.getElementById("lang_select").submit();\'>';
if ($_SESSION["Lang"] == "en") {
$header .= '<option selected>EN</option>';
} else {
$header .= '<option>EN</option>';
}
if ($_SESSION["Lang"] == "ru") {
$header .= '<option selected>RU</option>';
} else {
$header .= '<option>RU</option>';
}
if ($_SESSION["Lang"] == "gr") {
$header .= '<option selected>GR</option>';
} else {
$header .= '<option>GR</option>';
}
$header .= '
</select>
</form>
</div>
</div>
</header>
<section id="bigNav">
<div class="container">
<ul>
<li><a href="/content">' . $GLOBALS["Lang"]["Content"] . '</a></li>';
if (empty($_SESSION["user"]["id"])) {
$header .= '
<li><a href="#" onClick="show_login_form();">' . $GLOBALS["Lang"]["Login"] . '</a></li>
<li><a href="/register">' . $GLOBALS["Lang"]["Sign Up"] . '</a></li>';
}
if (empty($_SESSION["user"]["id"])) {
$header .= '
<li style="display:none;"><a href="/sitemap.php" target="_blank">' . $GLOBALS["Lang"]["Sitemap"] . '</a></li>';
} else {
if ($_SESSION["user"]["id"] == "1") {
$header .= '
<li><a href="/admin" target="_blank">' . $GLOBALS["Lang"]["Admin"] . '</a></li>';
}
$header .= '
<li><a href="/account">' . $GLOBALS["Lang"]["Account"] . '</a></li>
<li><a href="#" onClick="logout();">' . $GLOBALS["Lang"]["Logout"] . '</a></li>';
}
$header .= '
</ul>
</div>
</section>';
$header .= '
<div id="content">
<!-- content -->
';
$footer = '
<!-- /content -->
</div>
<section id="footer">
<div class="container">
<div class="footer_left">
<div class="footer_contacts">
<span>' . $GLOBALS["Lang"]["Get in Touch"] . '</span>
<div style="clear:both; height: 25px;"></div>
<a href="https://twitter.com/" target="_blank">
<div class="social_img"><img src="/img/social/tw.png" alt="Twitter"/></div>
<div style="padding-top: 7px;" title="' . $GLOBALS["Lang"]["Connect us at"] . ' Twitter">Twitter</div>
</a>
<div style="clear:both; height: 20px;"></div>
<a href="https://www.facebook.com/" target="_blank">
<div class="social_img"><img src="/img/social/fb.png" alt="Facebook"/></div>
<div style="padding-top: 7px;" title="' . $GLOBALS["Lang"]["Connect us at"] . ' Facebook">Facebook</div>
</a>
<div style="clear:both; height: 10px;"></div>
</div>
</div>
<div class="footer_right left-center" id="contact_us">
<span>' . $GLOBALS["Lang"]["Contact Us"] . '</span>
<div style="clear:both; height: 20px;"></div>
<form method="POST">
<textarea name="text" placeHolder="' . $GLOBALS["Lang"]["Your message here"] . '"
';
if (!empty($_SESSION["user"]["id"])) {
$footer .= '></textarea><br/>' . '<input type="submit" onClick=\'send_message();\' class="btn" style="width: 270px;" value="' . $GLOBALS["Lang"]["Send message"] . '" />';
} else {
$footer .= 'onFocus="show_login_form();" ></textarea><br/>' . '<input type="button" class="btn" style="width: 270px;" value="' . $GLOBALS["Lang"]["Send message"] . '" onClick="show_login_form();" />';
}
$footer .= '
</form>
</div>
<div style="clear:both;"></div>
</div>
<div id="copyright">' . $GLOBALS["Lang"]["Copyright"] . ' <a href="http://' . $_SERVER["HTTP_HOST"] . '" title="' . $site->configs["description"] . '">' . $_SERVER["HTTP_HOST"] . '</a>, 2015. ' . $GLOBALS["Lang"]["All rights reserved"] . '</div>
<div id="developed">
<div id="caption">' . $GLOBALS["Lang"]["Developed by"] . ' <a onMouseOver=\'show_developer();\' onClick=\'window.open("http://nodes-studio.com");\'>Nodes Studio</a></div>
<div id="freelance" onMouseOut=\'hide_developer();\'>
<img src="/img/developed.png" title="Nodes Studio - Development Future!" onClick=\'window.open("http://nodes-studio.com");\' />
</div>
</div>
<div style="clear:both;"></div>
</section>
<script src="/script.js" language="JavaScript" type="text/javascript"></script>
<!-- <script src="http://code.jquery.com/jquery-1.11.1.min.js" type="text/javascript"></script> -->
<script language="JavaScript" type="text/javascript">
if(!window.jQuery) document.write(unescape(\'<script type="text/javascript" src="/libs/jquery-1.11.1.js">%3C/script%3E\'));
</script>
<script type="text/javascript" src="/jquery.js"></script>
<script src="/libs/jquery.tooltipster.min.js" type="text/javascript"></script>
<div id="floater">
<img src="/img/up_button.png" alt="' . $GLOBALS["Lang"]["Up"] . '">
</div>
';
}
if (empty($site->get)) {
$this->site->content = $header . '
<section id="topSection">
</section>
<section id="contentSection">
<div class="container">
' . $this->site->content . '
</div>
</section>
<section id="bottomSection">
</section>
' . $footer;
} else {
if (!empty($site->menu)) {
$header .= '
<nav>
<div id="submenu">
<div onClick=\'show_more(this);\' id="submenu_button" ><img src="/img/sliderBars.png" title="' . $GLOBALS["Lang"]["Show All"] . '" /></div>
' . $site->menu . '
</div>
</nav>
<section id="contentSection">
';
} else {
$header .= '<section id="contentSection" style="padding-top: 80px;">';
}
$this->site->content = $header . '
<div class="container">
' . $this->site->content . '
</div>
</section>
' . $footer;
}
}
<html>
<head>
<link href="/style.css" rel="stylesheet" type="text/css">
</head>
<body style="background: #fff; opacity: 1;">';
if (!empty($_POST["email"])) {
$email = str_replace('"', "'", $_POST["email"]);
$query = 'SELECT * FROM `nodes_users` WHERE `email` = "' . $email . '"';
$res = engine::mysql($query);
$data = mysql_fetch_array($res);
if (!empty($data)) {
$new_pass = substr(md5($email . date("U")), 0, 6);
$query = 'UPDATE `nodes_users` SET `pass` = "' . md5($new_pass) . '" WHERE `email` = "' . $email . '"';
@mysql_query("SET NAMES utf8");
$res = mysql_query($query) or die(mysql_error());
engine::send_mail($email, "no-reply@" . $_SERVER[HTTP_HOST], $GLOBALS["Lang"]["New password for"] . " " . $_SERVER[HTTP_HOST], $GLOBALS["Lang"]["New password is"] . ": " . $new_pass . '<br/><br/><a href="http://' . $_SERVER[HTTP_HOST] . '">' . $_SERVER[HTTP_HOST] . '</a>');
$fout .= '<div style="text-align:center; padding-top: 100px;">' . $GLOBALS["Lang"]["Message with new password is sended to email"] . '.</div>
<script>function redirect(){window.location="account.php?mode=form";}setTimeout(redirect, 3000);</script>';
} else {
$fout .= '<div style="text-align:center; padding-top: 100px;">Email ' . $GLOBALS["Lang"]["not found"] . '.</div>' . '<script>function redirect(){window.location="account.php?mode=remember";}setTimeout(redirect, 3000);</script>';
}
} else {
$fout .= '<div style="text-align:left;"><script>parent.document.getElementById("nodes_iframe").style.height="235px";</script><center><h3 style="color: #555;">Restore password</h3></center><br/><form method="POST">' . '<input type="text" name="email" value="' . $_POST["email"] . '" class="input" style="width: 200px; padding: 5px; margin-top: 5px;" placeHolder="Email" /><br/>' . '<div style="padding-top: 17px; padding-bottom: 20px; margin: auto; text-align: center;"><a onClick=\'parent.window.location = "register";\'>' . $GLOBALS["Lang"]["Sign Up"] . '</a> | <a rel="nofollow" href="/account.php?mode=login">Login</a></div>' . '<input type="submit" class="btn" value="Submit" style="width: 200px;" /></form></div>';
}
$fout .= '</body></html>';
} else {
if ($_GET["mode"] == "social" && !empty($_GET["method"])) {
if ($_GET["method"] == "fb") {
require_once 'engine/api/oauth/fb_auth.php';
} else {
if ($_GET["method"] == "vk") {
function register_class($site)
{
$this->site = $site;
$this->engine = $this->site->engine;
$site->title = $GLOBALS["Lang"]["Sign Up"] . ' - ' . $site->title;
if (!empty($site->get[1])) {
$site->content = engine::error();
return;
}
if (!empty($_POST["email"])) {
if ($_POST["captcha"] != $_SESSION["captcha"]) {
$fout = '<script>alert("' . $GLOBALS["Lang"]["Error"] . '. ' . $GLOBALS["Lang"]["Invalid conformation code"] . '.");</script>';
} else {
$name = mysql_real_escape_string($_POST["name"]);
$email = strtolower(mysql_real_escape_string($_POST["email"]));
$query = 'SELECT * FROM `nodes_users` WHERE `email` = "' . $email . '"';
@mysql_query("SET NAMES utf8");
$r = mysql_query($query) or die(mysql_error());
$d = mysql_fetch_array($r);
if (!empty($d)) {
$fout = '<script>alert("' . $GLOBALS["Lang"]["Error"] . '. ' . $GLOBALS["Lang"]["Email"] . ' ' . $GLOBALS["Lang"]["allready exist"] . '.");</script>';
unset($_POST["email"]);
} else {
if (strpos($email, "@")) {
if (!empty($_POST["pass"])) {
$query = 'INSERT INTO `nodes_users` (`name`, `photo`, `email`, `pass`, `online`)
VALUES ("' . $name . '", "/img/anon.jpg", "' . $email . '", "' . md5(trim($_POST["pass"])) . '", "' . date("U") . '")';
@mysql_query("SET NAMES utf8");
mysql_query($query) or die(mysql_error());
$query = 'SELECT * FROM `nodes_users` WHERE `email` = "' . $email . '" AND `pass` = "' . md5(trim($_POST["pass"])) . '"';
@mysql_query("SET NAMES utf8");
$res = mysql_query($query) or die(mysql_error());
$data = mysql_fetch_array($res);
if (!empty($data)) {
unset($data["pass"]);
unset($data[5]);
unset($data["token"]);
unset($data[9]);
$_SESSION["user"] = $data;
$fout = '<script language="JavaScript">window.location = "/";</script>';
} else {
$fout = '<div style="text-align:center; padding-top: 100px;">' . $GLOBALS["Lang"]["Incorrect email of password"] . '.</div>';
}
if ($site->configs["send_registration_email"]) {
engine::send_mail($email, "no-reply@" . $_SERVER["HTTP_HOST"], $GLOBALS["Lang"]["Registration at"] . ' ' . $_SERVER["HTTP_HOST"], 'Dear ' . $name . '!<br/><br/>' . $GLOBALS["Lang"]["We are glad to confirm sucsessful registration at"] . ' <a href="http://' . $_SERVER["HTTP_HOST"] . '/">' . $_SERVER["HTTP_HOST"] . '</a>' . $site->configs["email_signature"]);
}
$site->content = $fout;
return;
} else {
$fout = '<script>alert("' . $GLOBALS["Lang"]["Error"] . '. ' . $GLOBALS["Lang"]["Enter password"] . '.");</script>';
}
} else {
$fout = '<script>alert("' . $GLOBALS["Lang"]["Error"] . '. ' . $GLOBALS["Lang"]["Incorrect email"] . '.");</script>';
unset($_POST["email"]);
}
}
}
}
$fout = '<h1>' . $GLOBALS["Lang"]["Sign Up"] . '</h1>' . '<br/>' . '<br/><form method="POST">' . '<input required type="text" name="email" value="' . $_POST["email"] . '" class="input" style="padding: 5px; width: 100%;max-width: 265px; margin-top: 0px;" placeHolder="' . $GLOBALS["Lang"]["Email"] . '" title="' . $GLOBALS["Lang"]["Email"] . '" /><br/>' . '<input required type="text" name="name" value="' . $_POST["name"] . '" class="input" style="padding: 5px;width: 100%;max-width: 265px; margin-top: 10px;" placeHolder="' . $GLOBALS["Lang"]["Name"] . '" title="' . $GLOBALS["Lang"]["Name"] . '" /><br/>' . '<input required type="password" name="pass" class="input" style="width: 100%;padding: 5px;max-width: 265px; margin-top: 10px;" placeHolder="' . $GLOBALS["Lang"]["Password"] . '" title="' . $GLOBALS["Lang"]["Password"] . '" value="' . $_POST["pass"] . '" /><br/>' . '<br/>' . '<center><img src="/captcha.php?' . md5(date("U")) . '" /></center>' . '<input required type="text" name="captcha" class="input" style="width: 100%;padding: 5px;max-width: 265px; margin-top: 5px;" placeHolder="' . $GLOBALS["Lang"]["Confirmation code"] . '" title="' . $GLOBALS["Lang"]["Confirmation code"] . '" />' . '<br/><input type="submit" class="btn" value="' . $GLOBALS["Lang"]["Submit"] . '" style="width: 100%;max-width: 265px;margin-top: 10px;" /></form>' . '<br/><br/>' . $fout;
$site->content = $fout;
}
