function msg($key, $lang)
{
$translater = array("success" => array("en" => "successful operation", "fr" => "opération réussie", "ar" => "عملية ناجحة", "al" => "erfolgreichen Betrieb", "ch" => "手术成功", "es" => "operación exitosa", "it" => "operazione riuscita", "tu" => "başarılı operasyon", "hi" => "सफल आपरेशन"));
if (!empty($translater[$key][$lang])) {
Alert($translater[$key][$lang], $key);
}
}
function Kill($s, $t = "")
{
if ($t == "") {
$t = __("Error");
}
Alert($s, $t);
throw new KillException();
}
public function ConfirmLeavePage()
{
//$this->driver.Keyboard.PressKey(Keys.Enter);
//$this->mink->getSession()->getDriver();
$this->getSession()->getDriver();
$alert = $driver . SwitchTo . Alert();
$alert . Accept();
}
function Kill($s, $t = "")
{
if ($t == "") {
$t = __("Error");
}
Alert($s, $t);
exit;
}
function toLogin($url = NULL)
{
if (empty($url)) {
Alert('Please Log in to Continue');
header("location: frmlogin.php");
} else {
header("location: " . $url);
}
}
function CheckAuthority($pos)
{
$_MSG_NOLOGIN = "******";
$_MSG_NOTADMIN = "您不是管理员,无权进入此页面!";
$_MSG_NOTAPPLY = "当前系统没有开放申请,您无权进入此页面!";
if ($pos == "./group.php") {
if (!Login()) {
Alert("./", $_MSG_NOLOGIN);
}
if (!Admin()) {
Alert("./", $_MSG_NOTADMIN);
}
}
if ($pos == "./admin.php") {
if (!Login()) {
Alert("./", $_MSG_NOLOGIN);
}
if (!Admin()) {
Alert("./", $_MSG_NOTADMIN);
}
}
if ($pos == "./action/action_apply.php") {
if (!Login()) {
Alert("../", $_MSG_NOLOGIN);
}
if (!Apply()) {
Alert("../", $_MSG_NOTAPPLY);
}
}
if ($pos == "./action/action_alterkey.php") {
if (!Login()) {
Alert("../", $_MSG_NOLOGIN);
}
}
if ($pos == "./page/group/action/*") {
if (!Login()) {
Alert("../../../", $_MSG_NOLOGIN);
}
if (!Admin()) {
Alert("./", $_MSG_NOTADMIN);
}
}
if ($pos == "./page/admin/action/*") {
if (!Login()) {
Alert("../../../", $_MSG_NOLOGIN);
}
if (!Admin()) {
Alert("../../../", $_MSG_NOTADMIN);
}
}
}
function uploadFile($file, $cattype, $cat)
{
global $loguserid, $uploaddirs, $goodfiles, $badfiles, $userquota, $maxSize;
$targetdir = $uploaddirs[$cattype];
$totalsize = foldersize($targetdir);
$filedata = $_FILES[$file];
$c = FetchResult("SELECT COUNT(*) FROM {uploader} WHERE filename={0} AND cattype={1} AND user={2} AND deldate=0", $filedata['name'], $cattype, $loguserid);
if ($c > 0) {
return "You already have a file with this name. Please delete the old copy before uploading a new one.";
}
if ($filedata['size'] == 0) {
if ($filedata['tmp_name'] == '') {
return 'No file given.';
} else {
return 'File is empty.';
}
}
if ($filedata['size'] > $maxSize) {
return 'File is too large. Maximum size allowed is ' . BytesToSize($maxSize) . '.';
}
$randomid = Shake();
$pname = $randomid . '_' . Shake();
$fname = $_FILES['newfile']['name'];
$temp = $_FILES['newfile']['tmp_name'];
$size = $_FILES['size']['size'];
$parts = explode(".", $fname);
$extension = end($parts);
if ($totalsize + $size > $quot) {
Alert(format(__("Uploading \"{0}\" would break the quota."), $fname));
} else {
if (in_array(strtolower($extension), $badfiles) || is_array($goodfiles) && !in_array(strtolower($extension), $goodfiles)) {
return 'Forbidden file type.';
} else {
$description = $_POST['description'];
$big_descr = $cat['showindownloads'] ? $_POST['big_description'] : '';
Query("insert into {uploader} (id, filename, description, big_description, date, user, private, category, deldate, physicalname) values ({7}, {0}, {1}, {6}, {2}, {3}, {4}, {5}, 0, {8})", $fname, $description, time(), $loguserid, $privateFlag, $_POST['cat'], $big_descr, $randomid, $pname);
copy($temp, $targetdir . "/" . $pname);
Report("[b]" . $loguser['name'] . "[/] uploaded file \"[b]" . $fname . "[/]\"" . ($privateFlag ? " (privately)" : ""), $privateFlag);
die(header("Location: " . actionLink("uploaderlist", "", "cat=" . $_POST["cat"])));
}
}
}
$page = "depreciations.php";
break;
case 'asl':
$table = "asset_status_labels";
$page = "asset_status_labels.php";
break;
case 'l':
$table = "locations";
$page = "locations.php";
break;
case 'man':
$table = "manufacturers";
$page = "manufacturers.php";
break;
case 'fu':
$table = "files";
$page = "assets.php";
if (!empty($_GET['a'])) {
#asset_id
$page = "view_asset.php?id={$_GET['a']}";
}
break;
default:
redirect("index.php");
break;
}
$con->myQuery("UPDATE {$table} SET is_deleted=1 WHERE id=?", array($_GET['id']));
Alert("Delete Successful.", "success");
redirect($page);
die;
}
} else {
$date_end = "";
}
makeHead("Asset Depreciation Report");
require_once "template/header.php";
require_once "template/sidebar.php";
?>
<div class='content-wrapper'>
<div class='content-header'>
<h1 class='page-header text-center text-green'>Asset Maintenance Report</h1>
</div>
<section class='content'>
<div class="row">
<div class='col-lg-12'>
<?php
Alert();
?>
<div class='col-sm-12'>
<form method='get'>
<label class='col-md-2 text-right' >Start Date</label>
<div class='col-md-3'>
<input type='date' name='date_start' class='form-control' id='date_start' value='<?php
echo !empty($_GET['date_start']) ? htmlspecialchars($_GET['date_start']) : '';
?>
'>
</div>
<label class='col-md-2 text-right' >End Date</label>
<div class='col-md-3'>
<input type='date' name='date_end' class='form-control' id='date_end' value='<?php
echo !empty($_GET['date_end']) ? htmlspecialchars($_GET['date_end']) : '';
?>
case 'login':
$redirect = 'index.php';
$error_redirect = "first_login.php";
break;
case 'form':
$redirect = 'change_secret_password.php';
$error_redirect = "change_secret_password.php";
break;
}
$inputs = $_POST;
$inputs = array_map('trim', $inputs);
$errors = "";
if (empty($inputs['password_question'])) {
$errors .= "Enter secret question. <br/>";
}
if (empty($inputs['password_answer'])) {
$errors .= "Enter answer. <br/>";
}
if ($errors != "") {
Alert("You have the following errors: <br/>" . $errors, "danger");
redirect($error_redirect);
die;
} else {
$inputs['id'] = $_SESSION[WEBAPP]['user']['id'];
$con->myQuery("UPDATE users SET password_answer=:password_answer,password_question=:password_question WHERE id=:id", $inputs);
Alert("Secret question and answer saved.", "success");
redirect($redirect);
}
die;
}
}
// die;
if (!empty($_POST)) {
$errors = "";
$inputs = $_POST;
$inputs = array_map('trim', $inputs);
if (empty($inputs['default_password'])) {
$errors .= "Enter default password. <br/>";
} else {
$password_regex = "/^(.{0,7}|[^0-9]*|[^A-Z]*|[^a-z]*|[a-zA-Z0-9]*)\$/";
preg_match($password_regex, $inputs['default_password'], $is_valid, PREG_OFFSET_CAPTURE);
if (!empty($is_valid)) {
$errors .= "Password should contain the ff:<br/>";
$errors .= "One Integer<br>";
$errors .= "One character<br>";
$errors .= "One Uppercase character<br>";
$errors .= "One Special Character<br>";
}
// var_dump($is_valid);
}
if ($errors != "") {
Alert("You have the following errors: <br/>" . $errors, "danger");
redirect("settings.php");
die;
} else {
Alert("Update successful.", "success");
$con->myQuery("UPDATE settings SET default_password=?", array($inputs['default_password']));
redirect("settings.php");
die;
}
}
redirect("index.php");
//Check for last post the user posted.
$lastPost = Fetch(Query("SELECT p.id,p.thread,pt.text FROM {posts} p LEFT JOIN {posts_text} pt ON pt.pid=p.id AND pt.revision=p.currentrevision \n\t\t\t\tWHERE p.user={0} ORDER BY p.date DESC LIMIT 1", $loguserid));
//If it looks similar to this one, assume the user has double-clicked the button.
if ($lastPost['thread'] == $tid && $lastPost['text'] == $_POST['text']) {
$pid = $lastPost['id'];
die(header("Location: " . actionLink("thread", 0, "pid=" . $pid . "#" . $pid)));
}
$rejected = true;
Alert(__("You're going too damn fast! Slow down a little."), __("Hold your horses."));
}
}
}
if (!$rejected) {
$ninja = FetchResult("select id from {posts} where thread={0} order by date desc limit 0, 1", $tid);
if (isset($_POST['ninja']) && $_POST['ninja'] != $ninja) {
Alert(__("You got ninja'd. You might want to review the post made while you were typing before you submit yours."));
$rejected = true;
}
}
if (!$rejected) {
$bucket = "checkPost";
include BOARD_ROOT . "lib/pluginloader.php";
}
if (!$rejected) {
$post = $_POST['text'];
$options = 0;
if ($_POST['nopl']) {
$options |= 1;
}
if ($_POST['nosm']) {
$options |= 2;
list($is_pending_to_join_team) = mysql_fetch_row($result1);
if ($is_pending_to_join_team == "") {
$result = mysql_query("Insert into tournament_players (team_id,player_guid,tournament_id,is_pending_to_join_team,is_pending_to_accept_team_invite,strength_points) values('{$SubscribeFor}','{$s_user_guid}','{$s_user_tournament}','1','0','" . Get_player_strength($s_user_guid) . "')", $dbi) or die("Q 200501180949" . mysql_error($dbi));
}
}
if ($UnSubscribeFor != "") {
$result = mysql_query("delete from tournament_players where player_guid='{$s_user_guid}' and team_id='{$UnSubscribeFor}' and tournament_id='{$s_user_tournament}'", $dbi) or die("Q 200501180949" . mysql_error($dbi));
}
if ($FullJoin != "") {
//check if this team can have more players
$list_sql = "select count(*) from tournament_players where team_id='{$SubscribeFor}' and tournament_id='{$s_user_tournament}' and is_pending_to_join_team=0 and is_pending_to_join_team=0";
$result1 = mysql_query($list_sql, $dbi) or die("200901261641");
list($team_member_count) = mysql_fetch_row($result1);
//see the limit for this tournament
if ($s_user_max_team_members <= $team_member_count) {
Alert("This team is full atm. Try to negotaite ingame with them for an open spot");
} else {
//leave other joined teams if there is any
$query = "delete from tournament_players where player_guid='{$s_user_guid}' and tournament_id='{$s_user_tournament}' and is_pending_to_accept_team_invite=0 and is_pending_to_join_team=0";
$result = mysql_query($query, $dbi) or die("Q 200501180949" . mysql_error($dbi) . $query);
//try to full join this team
$query = "update tournament_players set is_pending_to_join_team=0,is_pending_to_accept_team_invite=0 where team_id='{$FullJoin}' and player_guid='{$s_user_guid}' and tournament_id='{$s_user_tournament}' and is_pending_to_accept_team_invite=1";
$result = mysql_query($query, $dbi) or die("Q 200501180949" . mysql_error($dbi) . $query);
}
}
if ($NoPendings) {
$result = mysql_query("delete from tournament_players where player_guid='{$s_user_guid}' and tournament_id='{$s_user_tournament}' and is_pending_to_join_team=1", $dbi) or die("Q 200501180949" . mysql_error($dbi));
}
$file_name = "tournament_team_list.php";
$list_name_text = "tournament_team_settings";
$new_entry_text = " New tournament team";
$pl = " <span class=\"smallFonts\">[<a href=\"thread.php?id=" . $thread['id'] . "\">1</a>" . $pl . "]</span>";
}
$lastLink = "";
if ($thread['lastpostid']) {
$lastLink = " <a href=\"thread.php?pid=" . $thread['lastpostid'] . "#" . $thread['lastpostid'] . "\">»</a>";
}
$forumList .= Format("\n\t\t<tr class=\"cell{0}\">\n\t\t\t<td class=\"cell2 threadIcon\">{1}</td>\n\t\t\t<td class=\"threadIcon\" style=\"border-right: 0px none;\">\n\t\t\t\t{2}\n\t\t\t</td>\n\t\t\t<td style=\"border-left: 0px none;\">\n\t\t\t\t{3}\n\t\t\t\t<a href=\"thread.php?id={4}\">\n\t\t\t\t\t{5}\n\t\t\t\t</a>\n\t\t\t\t{6}\n\t\t\t\t{7}\n\t\t\t</td>\n\t\t\t<td class=\"center\">\n\t\t\t\t{8}\n\t\t\t</td>\n\t\t\t<td class=\"center\">\n\t\t\t\t{9}\n\t\t\t</td>\n\t\t\t<td class=\"center\">\n\t\t\t\t{10}\n\t\t\t</td>\n\t\t\t<td class=\"smallFonts center\">\n\t\t\t\t{11}<br />\n\t\t\t\t" . __("by") . " {12} {13}</td>\n\t\t</tr>\n", $cellClass, $NewIcon, $ThreadIcon, $poll, $thread['id'], strip_tags($thread['title']), $pl, $tags, UserLink($starter), $thread['replies'], $thread['views'], cdate($dateformat, $thread['lastpostdate']), UserLink($last), $lastLink);
}
Write("\n\t<table class=\"outline margin width100\">\n\t\t<tr class=\"header1\">\n\t\t\t<th style=\"width: 20px;\"> </th>\n\t\t\t<th style=\"width: 16px;\"> </th>\n\t\t\t<th style=\"width: 60%;\">" . __("Title") . "</th>\n\t\t\t<th>" . __("Started by") . "</th>\n\t\t\t<th>" . __("Replies") . "</th>\n\t\t\t<th>" . __("Views") . "</th>\n\t\t\t<th>" . __("Last post") . "</th>\n\t\t</tr>\n\t\t{0}\n\t</table>\n", $forumList);
} else {
if ($forum['minpowerthread'] > $loguser['powerlevel']) {
Alert(__("You cannot start any threads here."), __("Empty forum"));
} elseif ($loguserid) {
Alert(format(__("Would you like to {0}post something{1}?"), "<a href=\"newthread.php?id=" . $fid . "\">", "</a>"), __("Empty forum"));
} else {
Alert(format(__("{0}Log in{1} so you can post something."), "<a href=\"login.php\">", "</a>"), __("Empty forum"));
}
}
if ($pagelinks) {
Write("<div class=\"smallFonts pages\">" . __("Pages:") . " {0}</div>", $pagelinks);
}
MakeCrumbs(array(__("Main") => "./", $forum['title'] => "forum.php?id=" . $fid), $links);
ForumJump();
function ForumJump()
{
global $fid, $loguser;
$pl = $loguser['powerlevel'];
if ($pl < 0) {
$pl = 0;
}
$lastCatID = -1;
if ($_POST['nosm']) {
$previewPost['options'] |= 2;
}
$previewPost['mood'] = (int) $_POST['mood'];
foreach ($user as $key => $value) {
$previewPost["u_" . $key] = $value;
}
MakePost($previewPost, POST_SAMPLE, array('forcepostnum' => 1, 'metatext' => __("Preview")));
} else {
if (isset($_POST['actionpost'])) {
if ($_POST['key'] != $loguser['token']) {
Kill(__("No."));
}
$rejected = false;
if (!$_POST['text']) {
Alert(__("Enter a message and try again."), __("Your post is empty."));
$rejected = true;
}
if (!$rejected) {
$bucket = "checkPost";
include "./lib/pluginloader.php";
}
if (!$rejected) {
$options = 0;
if ($_POST['nopl']) {
$options |= 1;
}
if ($_POST['nosm']) {
$options |= 2;
}
$now = time();
<?php
$viewableforums = ForumsWithPermission('forum.viewforum');
$tag = $_GET['tag'];
$tagcode = '"[' . $tag . ']"';
$forum = $_GET['fid'];
$cond = "WHERE MATCH (t.title) AGAINST ({0} IN BOOLEAN MODE)";
if ($forum) {
$cond .= " AND t.forum = {1}";
}
$total = Fetch(Query("SELECT count(*) from threads t {$cond} AND t.forum IN ({2c})", $tag, $forum, $viewableforums));
$total = $total[0];
$tpp = $loguser['threadsperpage'];
if (isset($_GET['from'])) {
$from = (int) $_GET['from'];
} else {
$from = 0;
}
if (!$tpp) {
$tpp = 50;
}
$rThreads = Query("\tSELECT\n\t\t\t\t\t\tt.*,\n\t\t\t\t\t\tf.(title, id),\n\t\t\t\t\t\t" . ($loguserid ? "tr.date readdate," : '') . "\n\t\t\t\t\t\tsu.(_userfields),\n\t\t\t\t\t\tlu.(_userfields)\n\t\t\t\t\tFROM\n\t\t\t\t\t\tthreads t\n\t\t\t\t\t\t" . ($loguserid ? "LEFT JOIN threadsread tr ON tr.thread=t.id AND tr.id={2}" : '') . "\n\t\t\t\t\t\tLEFT JOIN users su ON su.id=t.user\n\t\t\t\t\t\tLEFT JOIN users lu ON lu.id=t.lastposter\n\t\t\t\t\t\tLEFT JOIN forums f ON f.id=t.forum\n\t\t\t\t\t{$cond} AND f.id IN ({5c})\n\t\t\t\t\tORDER BY sticky DESC, lastpostdate DESC LIMIT {3u}, {4u}", $tagcode, $forum, $loguserid, $from, $tpp, $viewableforums);
$pagelinks = PageLinks(actionLink("tagsearch", "", "tag={$tag}&fid={$forum}&from="), $tpp, $from, $total);
if (NumRows($rThreads)) {
makeThreadListing($rThreads, $pagelinks, false, !$forum);
} else {
Alert(format(__("Tag {0} was not found in any thread."), htmlspecialchars($tag)), __("No threads found."));
}
$allowed_ext = array('zip', 'rar');
if (!in_array($ext, $allowed_ext)) {
Kill("Invalid filetype.");
}
$file = fopen($tmpfile, 'rb');
$tag = fread($file, 4);
fclose($file);
$allowed_tag = array("PK", "Rar!");
if (!in_array($tag, $allowed_tag)) {
Kill("Invalid filetype.");
}
copy($tmpfile, 'downloads/' . $filename);
$thedl = array('file' => 'downloads/' . $filename, 'name' => $_POST['name'], 'desc' => $_POST['desc']);
$downloads = array_merge(array($thedl), $downloads);
file_put_contents('downloads/listing.dat', serialize($downloads));
Alert("Upload successful.", "Notice");
}
$c = 0;
$hl = ' highlightedPost';
foreach ($downloads as $dl) {
echo "\n\t<table class=\"outline margin width100{$hl}\">\n\t\t<tr class=\"cell{$c}\">\n\t\t\t<td>\n\t\t\t\t<span style=\"font-size: 120%; text-decoration: underline;\"><a href=\"{$dl['file']}\">" . htmlspecialchars($dl['name']) . "</a></span><br>\n\t\t\t\tFile size: " . ceil(filesize($dl['file']) / 1024) . " KB<br>\n\t\t\t\tMD5: " . md5_file($dl['file']) . "\n\t\t\t\t" . ($dl['desc'] ? '<br><br>' . nl2br(htmlspecialchars($dl['desc'])) : '') . "\n\t\t\t</td>\n\t\t</tr>\n\t</table>\n";
$c = !$c ? 1 : 0;
$hl = '';
}
if ($loguser['powerlevel'] > 2) {
?>
<form action="" method="post" enctype="multipart/form-data">
<table class="outline margin width100">
<tr class="header0"><th colspan="2">Upload a file</th></tr>
<tr class="cell0">
<td>File</td>
<?php
require_once 'support/config.php';
if (!isLoggedIn()) {
toLogin();
die;
}
if (!AllowUser(array(1))) {
redirect("index.php");
die;
}
if (!empty($_GET['id'])) {
$con->myQuery("UPDATE users SET is_active = IF(is_active=1, 0,1) WHERE id = ?", array($_GET['id']));
Alert("Change Successful", "success");
redirect("user.php");
die;
}
}
if (!$rejected && !$_POST["pollQuestion"]) {
Alert(__("You need to enter a poll question to make a poll."), __("Invalid poll."));
$rejected = true;
}
} else {
$lastPost = time() - $loguser['lastposttime'];
if ($lastPost < Settings::get("floodProtectionInterval")) {
//Check for last thread the user posted.
$lastThread = Fetch(Query("SELECT * FROM {threads} WHERE user={0} ORDER BY id DESC LIMIT 1", $loguserid));
//If it looks similar to this one, assume the user has double-clicked the button.
if ($lastThread['forum'] == $fid && $lastThread['title'] == $_POST['title']) {
die(header("Location: " . actionLink("thread", $lastThread['id'])));
}
$rejected = true;
Alert(__("You're going too damn fast! Slow down a little."), __("Hold your horses."));
}
}
}
}
if (!$rejected) {
$bucket = "checkPost";
include "./lib/pluginloader.php";
}
if (!$rejected) {
$post = $_POST['text'];
$options = 0;
if ($_POST['nopl']) {
$options |= 1;
}
if ($_POST['nosm']) {
{
$examples = array(BB_TEXT => 'Lorem ipsum ABXD', BB_ID => 'KzyXH2mWkU4', BB_NUMBER => 9001, BB_URL => 'http://abxd.dirbaio.net/', BB_COLOR => '#f00');
$bb = '[' . $bbcode['name'];
if ($bbcode['value'] != BB_NULL) {
$bb .= "={$examples[$bbcode['value']]}";
}
$bb .= ']';
if ($bbcode['text'] != BB_NULL) {
$bb .= "{$examples[$bbcode['text']]}[/{$bbcode['name']}]";
}
return $bb;
}
$cell = 1;
if (isset($_GET['delete'])) {
unset($bbcodes[(int) $_GET['id']]);
Alert(__('BBCode was removed correctly'));
file_put_contents(BB_FILE, serialize($bbcodes));
}
if (isset($_POST['name'])) {
if (in_array($_POST['name'], $hardcodedbb)) {
Kill(__('This BBCode is hardcoded into board. Sorry...'));
}
$prepare = array('name' => $_POST['name'], 'value' => $_POST['value'], 'text' => $_POST['text'], 'category' => $_POST['category'], 'description' => $_POST['description'], 'html' => $_POST['html']);
if ($_GET['id']) {
$bbcodes[$_GET['id'] - 1] = $prepare;
} else {
$bbcodes[] = $prepare;
}
file_put_contents(BB_FILE, serialize($bbcodes));
}
?>
$check = FetchResult("select count(*) from {uploader} where id = {0}", $fid);
} else {
$check = FetchResult("select count(*) from {uploader} where user = {0} and id = {1}", $loguserid, $fid);
}
if ($check) {
$entry = Fetch(Query("select * from {uploader} where id = {0}", $fid));
if ($entry['private']) {
@unlink($rootdir . "/" . $entry['user'] . "/" . $entry['filename']);
} else {
@unlink($rootdir . "/" . $entry['filename']);
}
Query("delete from {uploader} where id = {0}", $fid);
Report("[b]" . $loguser['name'] . "[/] deleted \"[b]" . $entry['filename'] . "[/]\".", 1);
die(header("Location: " . actionLink("uploaderlist", "", "cat=" . $_GET["cat"])));
} else {
Alert(__("No such file or not yours to mess with."));
}
} else {
$crumbs = new PipeMenu();
$crumbs->add(new PipeMenuLinkEntry(__("Uploader"), "uploader"));
makeBreadcrumbs($crumbs);
$errormsg = __("No categories found.");
$entries = Query("select * from {uploader_categories} order by ord");
if (NumRows($entries) == 0) {
print "\n\t\t<table class=\"outline margin\">\n\t\t\t<tr class=\"header0\">\n\n\n\n\t\t\t\t<th colspan=\"7\">" . __("Files") . "</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td colspan=\"4\">\n\t\t\t\t\t" . $errormsg . "\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t\t";
} else {
print "\n\t\t<table class=\"outline margin width50\">\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"7\">" . __("Categories") . "</th>\n\t\t\t</tr>\n\t\t";
$cellClass = 0;
while ($entry = Fetch($entries)) {
$filecount = FetchResult("select count(*) from {uploader} where category = {0}", $entry['id']);
print "<tr class=\"cell{$cellClass}\"><td>";
if ($_POST['pass'] !== $_POST['pass2']) {
$err = __("The passwords you entered don't match.");
} else {
if ($haveSecurimage) {
include "securimage/securimage.php";
$securimage = new Securimage();
if ($securimage->check($_POST['captcha_code']) == false) {
$err = __("You got the CAPTCHA wrong.");
}
}
}
}
}
}
if ($err) {
Alert($err);
} else {
$newsalt = Shake();
$sha = doHash($_POST['pass'] . $salt . $newsalt);
$sex = validateSex($_POST["sex"]);
$rUsers = Query("insert into {users} (name, password, pss, regdate, lastactivity, lastip, email, sex, theme) values ({0}, {1}, {2}, {3}, {3}, {4}, {5}, {6}, {7})", $_POST['name'], $sha, $newsalt, time(), $_SERVER['REMOTE_ADDR'], $_POST['email'], $sex, Settings::get("defaultTheme"));
$uid = insertId();
if ($uid == 1) {
Query("update {users} set powerlevel = 4 where id = 1");
}
recalculateKarma($uid);
logAction('register', array('user' => $uid));
$user = Fetch(Query("select * from {users} where id={0}", $uid));
$user["rawpass"] = $_POST["pass"];
$bucket = "newuser";
include "lib/pluginloader.php";
$errors .= "Enter password. <br/>";
}
if (empty($_POST['email'])) {
$errors .= "Enter email address. <br/>";
}
if ($errors != "") {
Alert("You have the following errors: <br/>" . $errors, "danger");
redirect("frm_users.php");
die;
} else {
//IF id exists update ELSE insert
if (empty($inputs['id'])) {
//Insert
$inputs = $_POST;
unset($inputs['id']);
//$inputs['name']=$_POST['name'];
$con->myQuery("INSERT INTO users(user_type_id,first_name,middle_name,last_name,username, password,email,contact_no) VALUES(:user_type_id,:first_name,:middle_name,:last_name,:username,:password, :email,:contact_no)", $inputs);
Alert("Save succesful", "success");
} else {
//Update
$con->myQuery("UPDATE users SET user_type_id=:user_type_id,first_name=:name,middle_name=:middle_name,last_name=:last_name,username=:username,password=:password,email=:email,contact_no=:contact_no WHERE id=:id", $inputs);
Alert("Update succesful", "success");
}
redirect("user.php");
}
die;
} else {
redirect('index.php');
die;
}
redirect('index.php');
<?php
require_once 'support/config.php';
if (!empty($_POST)) {
$user = $con->myQuery("SELECT first_name,middle_name,last_name,id,location_id,user_type_id as user_type,location_id FROM users WHERE username=? AND password=?", array($_POST['username'], $_POST['password']))->fetch(PDO::FETCH_ASSOC);
if (empty($user)) {
Alert("Invalid Username/Password", "success");
redirect('frmlogin.php');
} else {
$_SESSION[WEBAPP]['user'] = $user;
redirect("index.php");
}
die;
} else {
redirect('frmlogin.php');
die;
}
redirect('frmlogin.php');
$s_user_tournament = $id;
session_register("s_user_max_teams");
$s_user_max_teams = $teams_per_account;
session_register("s_user_max_team_members");
$s_user_max_team_members = $max_chars_per_team;
session_register("s_max_teams");
$s_max_teams = $max_teams;
jumpto("index.php");
} else {
Alert("Character does not meet the level requirements to join this tournament");
}
} else {
Alert("Character does not exist");
}
} else {
Alert("Account does not exist");
}
}
?>
<link rel="stylesheet" type="text/css" media="screen" href="../../screen.css">
<style type="text/css">
<!--
.style1 {
color: #FFFFFF;
font-weight: bold;
}
.style5 {color: #FFFFFF}
-->
</style>
</head>
if (!$loguserid) {
Kill(__("You must be logged in to edit your avatars."));
}
if (isset($_POST['action'])) {
$mid = (int) $_POST['mid'];
if ($_POST['action'] == __("Rename")) {
Query("update {moodavatars} set name={0} where mid={1} and uid={2}", $_POST['name'], $mid, $loguserid);
Alert(__("Avatar renamed."), __("Okay"));
} else {
if ($_POST['action'] == __("Delete")) {
Query("delete from {moodavatars} where uid={0} and mid={1}", $loguserid, $mid);
Query("update {posts} set mood=0 where user={0} and mood={1}", $loguserid, $mid);
if (file_exists("{$dataDir}avatars/" . $loguserid . "_" . $mid)) {
unlink("{$dataDir}avatars/" . $loguserid . "_" . $mid);
}
Alert(__("Avatar deleted."), __("Okay"));
} else {
if ($_POST['action'] == __("Add")) {
$highest = FetchResult("select mid from {moodavatars} where uid={0} order by mid desc limit 1", $loguserid);
if ($highest < 1) {
$highest = 1;
}
$mid = $highest + 1;
//Begin copypasta from edituser/editprofile_avatar...
if ($fname = $_FILES['picture']['name']) {
$fext = strtolower(substr($fname, -4));
$error = "";
$exts = array(".png", ".jpg", ".gif");
$dimx = 100;
$dimy = 100;
$dimxs = 60;
// Display the Header
define('PAGE_TITLE', ($myPost->GetPrimary() != '' ? 'Edit' : 'Add') . ' Post');
include_once 'inc/header.php';
?>
<div id="main-info">
<h1><?php
echo PAGE_TITLE;
?>
</h1>
</div>
<div id="data">
<div id="notifications">
<?php
// Report errors to the user
Alert(GetAlert('error'));
Alert(GetAlert('success'), 'success');
?>
</div>
<ul id="options">
<li class="back"><a href="posts.php">Return to Post List</a></li>
<?php
echo $myPost->GetPrimary() != '' ? '<li class="add"><a href="post.php" title="Add a New Blog Post">Add New Post</a></li>' : '';
?>
</ul>
<form action="post.php<?php
echo $myPost->GetPrimary() != '' ? '?id=' . $myPost->GetPrimary() : '';
?>
" method="post" name="edit_post">
<?php
}
if (empty($inputs['purchase_cost'])) {
$inputs['purchase_cost'] = 0;
}
if ($errors != "") {
Alert("You have the following errors: <br/>" . $errors, "danger");
redirect("frm_assets.php");
die;
} else {
//IF id exists update ELSE insert
if (empty($inputs['id'])) {
//Insert
unset($inputs['id']);
$asset_tag = date("Ynd");
$stmt = $con->myQuery("INSERT INTO assets(asset_model_id,asset_status_id,serial_number,asset_name,purchase_date,purchase_cost,order_number,notes,location_id) VALUES(:model_id,:asset_status_id,:serial_number,:asset_name,:purchase_date,:purchase_cost,:order_number,:notes,:location_id)", $inputs);
$asset_id = $con->lastInsertId();
$asset_tag = date("Ynd") . $asset_id;
$con->myQuery("UPDATE assets SET asset_tag=? WHERE id=?", array($asset_tag, $asset_id));
} else {
//Update
$con->myQuery("UPDATE assets SET asset_model_id=:model_id,asset_status_id=:asset_status_id,serial_number=:serial_number,asset_name=:asset_name,purchase_date=:purchase_date,order_number=:order_number,purchase_cost=:purchase_cost,notes=:notes,location_id=:location_id WHERE id=:id", $inputs);
}
Alert("Save succesful", "success");
redirect("assets.php");
}
die;
} else {
redirect('index.php');
die;
}
redirect('index.php');
continue;
}
$qPM = "insert into pmsgs (userto, userfrom, date, ip, msgread) values (" . $recipient . ", " . $loguserid . ", " . time() . ", '" . $_SERVER['REMOTE_ADDR'] . "', 0)";
$rPM = Query($qPM);
$pid = mysql_insert_id();
$qPMT = "insert into pmsgs_text (pid,title,text) values (" . $pid . ", '" . justEscape($_POST['title']) . "', '" . $post . "')";
$rPMT = Query($qPMT);
}
Redirect(__("PM sent!"), "private.php?show=1", __("your PM outbox"));
exit;
}
} else {
Alert(__("Enter a message and try again."), __("Your PM is empty."));
}
} else {
Alert(__("Enter a title and try again."), __("Your PM is untitled."));
}
}
//if($_POST['text']) $prefill = htmlval($_POST['text']);
//if($_POST['title']) $trefill = htmlval($_POST['title']);
$prefill = $pm['text'];
$trefill = $pmtitle;
MakePost($pm, 0, 0, 1);
Write("\n\t<table style=\"width: 100%;\">\n\t\t<tr>\n\t\t\t<td style=\"vertical-align: top; border: none;\">\n\t\t\t\t<form action=\"showprivate.php\" method=\"post\">\n\t\t\t\t\t<table class=\"outline margin width100\">\n\t\t\t\t\t\t<tr class=\"header1\">\n\t\t\t\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t\t\t\t" . __("Edit Draft") . "\n\t\t\t\t\t\t\t</th>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell0\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t" . __("To") . "\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"text\" name=\"to\" style=\"width: 98%;\" maxlength=\"1024\" value=\"{2}\" />\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell1\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t" . __("Title") . "\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"text\" name=\"title\" style=\"width: 98%;\" maxlength=\"60\" value=\"{1}\" />\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<tr class=\"cell0\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t" . __("Message") . "\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<textarea id=\"text\" name=\"text\" rows=\"16\" style=\"width: 98%;\">{0}</textarea>\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell2\">\n\t\t\t\t\t\t\t<td></td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Send") . "\" /> \n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Preview") . "\" />\n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Update Draft") . "\" /> \n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Discard Draft") . "\" /> \n\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"id\" value=\"{3}\" />\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t</table>\n\t\t\t\t</form>\n\t\t\t</td>\n\t\t\t<td style=\"width: 200px; vertical-align: top; border: none;\">\n", $prefill, $trefill, $to, $pmid);
DoSmileyBar();
DoPostHelp();
Write("\n\t\t\t</td>\n\t\t</tr>\n\t</table>\n");
} else {
MakePost($pm, 0, 0, 1);
}
MakeCrumbs(array("Main" => "./", "Private messages" => "private.php", $pmtitle => ""), $links);
<?php
include "dbcon.php";
function Alert($message)
{
echo "<script language=\"javascript\">\n\t<!--\n\talert('{$message}');\n\thistory.back();\n\t//--!>\n\t</script>";
}
// 카운터 TABLE
$que = "\n\t\tCREATE TABLE COUNTER_MAIN (\n\t\tno int(10) NOT NULL auto_increment,\n\t\ttime int(10) default NULL,\n\t\tvisit int(10) default NULL,\n\t\tpageview int(10) default NULL,\n\t\tPRIMARY KEY (no)\n\t\t)";
$que_1 = "INSERT INTO COUNTER_MAIN VALUES (1,0,0,0)";
$que2 = "\n\t\tCREATE TABLE COUNTER_REFERER (\n\t\tno int(10) NOT NULL auto_increment,\n\t\ttime int(10) default NULL,\n\t\treferer varchar(255) default NULL,\n\t\tPRIMARY KEY (no)\n\t\t)";
$que3 = "\n\t\tCREATE TABLE COUNTER_SUB (\n\t\tno int(10) NOT NULL auto_increment,\n\t\ttime int(10) default NULL,\n\t\tip char(15) default NULL,\n\t\tPRIMARY KEY (no)\n\t\t)";
mysql_query($que, $dbcon) or Alert(' COUNTER_MAIN 테이블 생성실패');
mysql_query($que_1, $dbcon) or Alert(' COUNTER_MAIN 초기화 실패');
mysql_query($que2, $dbcon) or Alert(' COUNTER_REFERER 테이블 생성실패');
mysql_query($que3, $dbcon) or Alert(' COUNTER_SUB 테이블 생성실패');
Alert('카운터 초기화 성공!!');
