public function setUserInfo($openID)
{
$token = $this->getToken();
if ($token == '') {
return '';
}
$url = "https://api.weixin.qq.com/cgi-bin/user/info?access_token=" . $token . "&openid=" . $openID;
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_HEADER, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31");
$content = curl_exec($curl);
curl_close($curl);
$data = json_decode($content, true);
$mysqlHelperObj = new mysqlHelper();
$sql = "select id from users where user='******'";
$id = $mysqlHelperObj->queryValue($sql, 'id');
if ($id == '') {
$sql = "insert into users (user) values('" . $openID . "')";
$mysqlHelperObj->execute($sql);
}
$sql = "update users set name='" . $data['nickname'] . "', city='" . $data['city'] . "',province='" . $data['province'] . "',sex='" . $data['sex'] . "',country='" . $data['country'] . "',headimgurl='" . addslashes($data['headimgurl']) . "', where user='******'";
$mysqlHelperObj->execute($sql);
return 'true';
}
define('IN_APP', 1);
//Get ecjConfig object
require_once '..' . DS . 'configuration.php';
$ecjConfig = new ecjConfig();
$_dbhost = $ecjConfig->db_host;
$_dbname = $ecjConfig->db_name;
$_dbuser = $ecjConfig->db_user;
$_dbpass = $ecjConfig->db_pass;
$_pre = $ecjConfig->table_prefix;
$_submission_timeout = $ecjConfig->submission_timeout;
$_max_submissions = $ecjConfig->max_submissions;
$_session_max = $ecjConfig->session_lifetime;
unset($ecjConfig);
//Get the mysqlHelper class
require_once '..' . DS . 'include' . DS . 'mysqlHelper.php';
$db = new mysqlHelper();
require_once '..' . DS . 'include' . DS . 'cleanPostAndGet.php';
//Clean $_POST and $_GET of malicious
require_once '..' . DS . 'include' . DS . 'utilityFunctions.php';
$handle = strtoupper($_POST['handle']);
$password = encrypt_password($_POST['password']);
//check for existence of user account
$query = "SELECT * FROM " . $_pre . "users WHERE registration_no='{$handle}' AND password='******' AND activated=1";
$db->setQuery($query);
if ($db->foundRows == 0) {
echo "{'error':'Username and password did not match'}";
return;
}
//Is this a superuser account?
$user_data = $db->fetch_assoc();
if ($user_data['user_type'] != 'su') {
function data_insertjoke($content)
{
$content = addslashes($content);
$ptype = addslashes($ptype);
$ptime = time();
$sql = "INSERT INTO jokes (content,ptime)VALUES('{$content}', FROM_UNIXTIME({$ptime}) )";
$mysqlHelperObj = new mysqlHelper();
return $mysqlHelperObj->execute($sql);
}
function d_getvalues_3($fromuser, $key, $key1, $key2)
{
$value = '';
$value1 = '';
$value2 = '';
$sql = "select {$key} , {$key1}, {$key2} from users where user = '******' ";
$mysqlHelperObj = new mysqlHelper();
$rows = $mysqlHelperObj->queryValueArray($sql);
if ($rows != "") {
$row = $rows[0];
$value = $row["{$key}"];
$value1 = $row["{$key1}"];
$value2 = $row["{$key2}"];
}
return array(stripslashes($value), stripslashes($value1), stripslashes($value2));
}
public function insertdb($name, $type, $msg)
{
date_default_timezone_set('PRC');
if ($type == 'ymsg') {
$t = date('Y');
$sql = "update astrological set {$type} = '{$msg}', y='{$t}' where name = '{$name}'";
} else {
if ($type == 'mmsg') {
$t = date('n');
$sql = "update astrological set {$type} = '{$msg}', m='{$t}' where name = '{$name}'";
} else {
if ($type == 'wmsg') {
$z = date('z');
$t = date('w');
$sql = "update astrological set {$type} = '{$msg}', w='{$t}', wd='{$z}' where name = '{$name}'";
} else {
if ($type == 'dmsg') {
$t = date('z');
$sql = "update astrological set {$type} = '{$msg}', d='{$t}' where name = '{$name}'";
}
}
}
}
$mysqlHelperObj = new mysqlHelper();
return $mysqlHelperObj->execute($sqlstr);
}
//Get ecjConfig object
require_once '..' . DS . 'configuration.php';
$ecjConfig = new ecjConfig();
$_dbhost = $ecjConfig->db_host;
$_dbname = $ecjConfig->db_name;
$_dbuser = $ecjConfig->db_user;
$_dbpass = $ecjConfig->db_pass;
$_pre = $ecjConfig->table_prefix;
$_submission_timeout = $ecjConfig->submission_timeout;
$_max_submissions = $ecjConfig->max_submissions;
unset($ecjConfig);
//Get the utility functions
require_once '..' . DS . 'include' . DS . 'utilityFunctions.php';
//Get the mysqlHelper class
require_once '..' . DS . 'include' . DS . 'mysqlHelper.php';
$db = new mysqlHelper();
require_once '..' . DS . 'include' . DS . 'cleanPostAndGet.php';
//Clean $_POST and $_GET of malicious
if (@$_GET['a'] == 'r_scoreboard') {
$match_table_name = base64_decode(@$_GET['m_tn']);
//We need to see if the match is an active match so that we load the scoreboard in refresh mode while at the same time checking if there's a match by the specified table name
$query = "SELECT * FROM " . $_pre . "matches WHERE match_table_name='{$match_table_name}'";
$db->setQuery($query);
if ($db->foundRows == 0) {
echo 'Unable to load scoreboard for selected match';
return;
}
//Check if the match is active
$md = $db->fetch_assoc();
$match_active = false;
if ($md['start_time'] < time() && $md['start_time'] + $md['duration'] > time()) {
public function getCitypinyin($city)
{
$sql = "select pinyin from cityair where city='{$city}'";
$mysqlHelperObj = new mysqlHelper();
$rows = $mysqlHelperObj->queryValueArray($sql);
if ($rows != "") {
$row = $rows[0];
return $row['pinyin'];
}
return "";
}
function secret_getflag($fromuser)
{
$sql = "select secret_flag from users where user = '******'";
$mysqlHelperObj = new mysqlHelper();
$value = $mysqlHelperObj->queryValue($sql, "secret_flag");
if ($value != "") {
return $value;
} else {
d_insertuser($fromuser);
}
return 0;
}