function update() { authenticate(1); global $template; $name = sanitize($_POST['name'], "string"); $email = sanitize($_POST['email'], "email"); $password = sanitize($_POST['password'], "string"); $password = sha1(SALT . $password . $email); if (!empty($_POST['password'])) { $sql = "update users set password = '******' where id = '" . escape($_SESSION['userid']) . "'"; $query = mysql_query($sql); } $sql = "update users set name = '" . escape($name) . "', email = '" . escape($email) . "' where id = '" . escape($_SESSION['userid']) . "'"; $query = mysql_query($sql); $slug = createslug($name); $basePath = basePath(); header("Location: {$basePath}/users/view/{$_SESSION['userid']}/{$slug}"); }
function update() { authenticate(1); global $template; $name = sanitize($_POST['name'], "string"); $email = sanitize($_POST['email'], "email"); $password = sanitize($_POST['password'], "string"); $password = sha1(SALT . $password . $email); $website = sanitize($_POST['website'], "url"); $realname = sanitize($_POST['realname'], "string"); $location = sanitize($_POST['location'], "string"); $birthday = sanitize($_POST['birthday'], "birthday"); $aboutme = sanitize($_POST['aboutme'], "string"); if (!empty($_POST['password'])) { $sql = "UPDATE users SET password = '******' WHERE id = '" . escape($_SESSION['userid']) . "'"; $query = mysql_query($sql); } $sql = "UPDATE users SET name = '" . escape($name) . "',email = '" . escape($email) . "' , website = '" . escape($website) . "', realname = '" . escape($realname) . "', location = '" . escape($location) . "', birthday = '" . escape($birthday) . "', aboutme = '" . escape($aboutme) . "' WHERE id = '" . escape($_SESSION['userid']) . "'"; $query = mysql_query($sql); $slug = createslug($name); header("Location: " . BASE_PATH . "/users/view/{$_SESSION['userid']}/{$slug}"); }
function createmoduleprocess() { checktoken(); $extension = ''; $error = ''; $modulename = createslug($_POST['title'], true); if ($_FILES["file"]["type"] == "image/gif" || $_FILES["file"]["type"] == "image/jpeg" || $_FILES["file"]["type"] == "image/pjpeg" || $_FILES["file"]["type"] == "image/png") { if ($_FILES["file"]["error"] > 0) { $error = "Module icon incorrect. Please try again."; } else { if (file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $modulename)) { unlink(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $modulename); } $extension = extension($_FILES["file"]["name"]); if (!move_uploaded_file($_FILES["file"]["tmp_name"], dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $modulename)) { $error = "Unable to copy to temp folder. Please CHMOD temp folder to 777."; } } } else { $error = "Module icon not found. Please try again."; } if (empty($_POST['title'])) { $error = "Module title is empty. Please try again."; } if (empty($_POST['link'])) { $error = "Module link is empty. Please try again."; } if (!empty($error)) { $_SESSION['cometchat']['error'] = $error; header("Location: ?module=modules&action=createmodule"); exit; } mkdir(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'modules' . DIRECTORY_SEPARATOR . $modulename); copy(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $modulename, dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'modules' . DIRECTORY_SEPARATOR . $modulename . DIRECTORY_SEPARATOR . 'icon.png'); unlink(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $modulename); $code = "\$trayicon[] = array('" . $modulename . "','" . addslashes(addslashes(addslashes(str_replace('"', '', $_POST['title'])))) . "','" . $_POST['link'] . "','" . $_POST['type'] . "','" . $_POST['width'] . "','" . $_POST['height'] . "','','');"; configeditor('ICONS', $code, 1); header("Location:?module=modules"); }
function exporttheme() { checktoken(); global $currentversion; $theme = createslug($_GET['data']); $zip = new ZipArchive(); if ($zip->open(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $theme . ".zip", ZIPARCHIVE::CREATE) !== TRUE) { echo "This feature is experimental and works only for certain configurations."; exit; } $dirstotheme = array(); if (file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'i' . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme . DIRECTORY_SEPARATOR . 'i.css')) { array_push($dirstotheme, dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'i' . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme); } if (file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'm' . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme . DIRECTORY_SEPARATOR . 'm.css')) { array_push($dirstotheme, dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'm' . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme); } if (file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'desktop' . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme . DIRECTORY_SEPARATOR . 'desktop.css')) { array_push($dirstotheme, dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'desktop' . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme); } if ($handle = opendir(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'modules')) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != ".." && is_dir(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'modules' . DIRECTORY_SEPARATOR . $file) && file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'modules' . DIRECTORY_SEPARATOR . $file . DIRECTORY_SEPARATOR . 'code.php')) { if (file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'modules' . DIRECTORY_SEPARATOR . $file . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme . DIRECTORY_SEPARATOR . $file . '.css')) { array_push($dirstotheme, dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'modules' . DIRECTORY_SEPARATOR . $file . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme); } } } closedir($handle); } if ($handle = opendir(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'plugins')) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != ".." && is_dir(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR . $file) && file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR . $file . DIRECTORY_SEPARATOR . 'code.php')) { if (file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR . $file . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme . DIRECTORY_SEPARATOR . $file . '.css')) { array_push($dirstotheme, dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR . $file . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme); } } } closedir($handle); } if ($handle = opendir(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'extensions')) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != ".." && is_dir(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'extensions' . DIRECTORY_SEPARATOR . $file) && file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'extensions' . DIRECTORY_SEPARATOR . $file . DIRECTORY_SEPARATOR . 'code.php')) { if (file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'extensions' . DIRECTORY_SEPARATOR . $file . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme . DIRECTORY_SEPARATOR . $file . '.css')) { array_push($dirstotheme, dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'extensions' . DIRECTORY_SEPARATOR . $file . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme); } } } closedir($handle); } if (file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme . DIRECTORY_SEPARATOR . 'css' . DIRECTORY_SEPARATOR . 'cometchat.css')) { array_push($dirstotheme, dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme); array_push($dirstotheme, dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme . DIRECTORY_SEPARATOR . 'css'); array_push($dirstotheme, dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $theme . DIRECTORY_SEPARATOR . 'images'); } foreach ($dirstotheme as $dir) { $iterator = new DirectoryIterator($dir); foreach ($iterator as $key) { $key2 = str_replace(dirname(dirname(__FILE__)) . '/', '', $dir . '/' . $key); if (is_file($dir . '/' . $key)) { $zip->addFile($dir . '/' . $key, $key2); } } } $zip->addFromString('version.txt', $currentversion); header("Location:../temp/{$theme}.zip"); }
function clonecolorprocess() { global $ts; $color = createslug($_POST['theme']); $clone = $_POST['clone']; if (file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'colors' . DIRECTORY_SEPARATOR . $color . '.php')) { $_SESSION['cometchat']['error'] = ucfirst($color) . ' color scheme alredy exists.'; header("Location:?module=themes&action=clonecolor&theme={$clone}&ts={$ts}"); exit; } if (file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'colors' . DIRECTORY_SEPARATOR . $clone . '.php')) { copy(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'colors' . DIRECTORY_SEPARATOR . $clone . '.php', dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'colors' . DIRECTORY_SEPARATOR . $color . '.php'); } $_SESSION['cometchat']['error'] = 'New color scheme added successfully'; header("Location:?module=themes&ts={$ts}"); }
function createmoduleprocess() { global $ts; global $trayicon; $extension = ''; $error = ''; $modulename = createslug($_POST['title'], true); if ($_FILES["file"]["type"] == "image/gif" || $_FILES["file"]["type"] == "image/jpeg" || $_FILES["file"]["type"] == "image/pjpeg" || $_FILES["file"]["type"] == "image/png") { if ($_FILES["file"]["error"] > 0) { $error = "Module icon incorrect. Please try again."; } else { if (file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $modulename)) { unlink(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $modulename); } $extension = extension($_FILES["file"]["name"]); if (!move_uploaded_file($_FILES["file"]["tmp_name"], dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $modulename)) { $error = "Unable to copy to temp folder. Please CHMOD temp folder to 777."; } } } else { $error = "Module icon not found. Please try again."; } if (empty($_POST['title'])) { $error = "Module title is empty. Please try again."; } if (!empty($_POST['embed_type'])) { if ($_POST['embed_type'] == 'link') { if (empty($_POST['link'])) { $error = "Module link is empty. Please try again."; } } else { if (empty($_POST['embeded_code'])) { $error = "Module embed code is empty. Please try again."; } } } if (!empty($error)) { $_SESSION['cometchat']['error'] = $error; header("Location: ?module=modules&action=createmodule&ts={$ts}"); exit; } mkdir(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'modules' . DIRECTORY_SEPARATOR . $modulename, 0777); copy(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $modulename, dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'modules' . DIRECTORY_SEPARATOR . $modulename . DIRECTORY_SEPARATOR . 'icon.png'); unlink(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $modulename); if (!empty($_POST['embeded_code'])) { $filePath = dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'modules' . DIRECTORY_SEPARATOR . $modulename . DIRECTORY_SEPARATOR . 'index.html'; $createFile = fopen($filePath, 'w'); fwrite($createFile, $_POST['embeded_code']); fclose($createFile); $code = "\$trayicon['" . $modulename . "'] = array('" . $modulename . "','" . addslashes(addslashes(addslashes(str_replace('"', '', ucfirst($_POST['title']))))) . "','modules/" . $modulename . "/index.html','" . $_POST['type'] . "','" . $_POST['width'] . "','" . $_POST['height'] . "','','1','','1');"; } else { $code = "\$trayicon['" . $modulename . "'] = array('" . $modulename . "','" . addslashes(addslashes(addslashes(str_replace('"', '', ucfirst($_POST['title']))))) . "','" . $_POST['link'] . "','" . $_POST['type'] . "','" . $_POST['width'] . "','" . $_POST['height'] . "','','','','0');"; } eval($code); configeditor(array('trayicon' => $trayicon)); header("Location:?module=modules&ts={$ts}"); }
function clonecolorprocess() { global $ts; global $client; $color = createslug($_POST['theme']); $clone = createslug($_POST['clone']); $_SESSION['cometchat']['error'] = 'Invalid arguments color and clone.'; if (!empty($color) && !empty($clone)) { $sql = "select `color_value` from `cometchat_colors` where `color` = '" . mysqli_real_escape_string($GLOBALS['dbh'], $color) . "' limit 1"; $query = mysqli_query($GLOBALS['dbh'], $sql); $result = mysqli_fetch_assoc($query); if (empty($result)) { $sql = "select `color_value` from `cometchat_colors` where `color` = '" . mysqli_real_escape_string($GLOBALS['dbh'], $clone) . "' and `color_key` = 'parentColor'"; $query = mysqli_query($GLOBALS['dbh'], $sql); $result = mysqli_fetch_assoc($query); if ($result['color_value'] != $clone) { $sql = "insert into `cometchat_colors`(`color_key`,`color_value`,`color`) select `color_key`,`color_value`,'" . mysqli_real_escape_string($GLOBALS['dbh'], $color) . "' from `cometchat_colors` where `color` = '" . mysqli_real_escape_string($GLOBALS['dbh'], $clone) . "'"; } else { $sql = "insert into `cometchat_colors`(`color_key`,`color_value`,`color`) values ('parentColor','" . mysqli_real_escape_string($GLOBALS['dbh'], $result['color_value']) . "','" . mysqli_real_escape_string($GLOBALS['dbh'], $color) . "')"; } $query = mysqli_query($GLOBALS['dbh'], $sql); $_SESSION['cometchat']['error'] = 'New color scheme added successfully'; removeCachedSettings($client . 'cometchat_color'); header("Location:?module=themes&ts={$ts}"); exit; } else { $_SESSION['cometchat']['error'] = ucfirst($color) . ' color scheme already exists.'; } } header("Location:?module=themes&action=clonecolor&theme={$clone}&ts={$ts}"); exit; }