function setPasskey($name)
{
/*
$dbconnnexus=mysql_connect("localhost", "root", "buptnic");
if (!$dbconnnexus){
die('Could not connect');
}
mysql_query("SET NAMES UTF8");
mysql_select_db("nexusphp",$dbconnnexus);
*/
require_once "include/bittorrent.php";
dbconn(true);
$result = mysql_query("SELECT * FROM users WHERE username = '******'", $dbconnnexus);
while ($info = mysql_fetch_assoc($result)) {
$passkeyvalue = $info["passkey"];
$passhash = $info["passhash"];
//echo "</br>passhash is this: ".$passhash;
//echo "</br>passkeyvalue is this: ".$passkeyvalue;
}
if (!$passkeyvalue) {
$passkey = md5($name . date("Y-m-d H:i:s") . $passhash);
mysql_query("UPDATE users SET passkey = '{$passkey}' WHERE username = '******'");
} else {
return $passkeyvalue;
}
//mysql_close($dbconnnexus);
return $passkey;
}
public static function activate($username, $password, $email)
{
dbconn();
$secret = mksecret();
$wantpasshash = md5($secret . $password . $secret);
$query = "INSERT INTO users (username, passhash, secret, editsecret, email, country, gender, status, class, invites, " . ($type == 'invite' ? "invited_by," : "") . " added, last_access, lang, stylesheet" . ", uploaded) VALUES \n ('" . $username . "','" . $wantpasshash . "','" . $secret . "','" . ' ' . "','" . "{$email}" . "'," . '8' . ",'" . 'N/A' . "', 'confirmed', " . '1' . "," . 0 . ", " . ($type == 'invite' ? "'{$inviter}'," : "") . " '" . date("Y-m-d H:i:s") . "' , " . " '" . date("Y-m-d H:i:s") . "' , " . '25' . "," . '3' . "," . '0' . ")";
print $query;
$ret = sql_query($query) or sqlerr(__FILE__, __LINE__);
}
function crk($l)
{
global $CURUSER, $btit_settings;
$xip = $_SERVER["REMOTE_ADDRESS"];
if (function_exists("dbconn")) {
dbconn();
}
if (function_exists("write_log")) {
write_log('Hacking Attempt! User: <a href="' . $btit_settings['url'] . '/index.php?page=userdetails&id=' . $CURUSER['uid'] . '">' . $CURUSER['username'] . '</a> IP:' . $xip . ' - Attempt: ' . htmlspecialchars($l));
}
header('Location: index.php');
die;
}
function crk($l)
{
global $BASEURL;
$xip = vars::$realip;
if (function_exists("dbconn")) {
dbconn();
}
if (function_exists("write_log")) {
write_log('Hacking Attempt! User: <a href="' . $BASEURL . '/userdetails.php?id=' . user::$current['uid'] . '">' . user::$current['username'] . '</a> IP:' . $xip . ' - Attempt: ' . htmlspecialchars($l) . ', INFO');
}
header('Location: index.php');
die;
}
/**
* Авторизация пользователя и формирование http://bx.ecklos.ru/данных в массив
*/
function UserAuthorize()
{
if (isset($_COOKIE['user_id']) && isset($_COOKIE['user_hash'])) {
$auth_err = 0;
$user_id = ClearValueIntval($_COOKIE['user_id']);
$user_hash = ClearValueString($_COOKIE['user_hash'], 32, true);
if ($user_id >= 1) {
$auth_err++;
} elseif (strlen($user_hash) != 32 || !ctype_alnum($user_hash)) {
// Хеш строго из 32х знаков и только латиница-цифры
$auth_err++;
}
if ($auth_err > 0) {
$conn = dbconn('b_users');
// Подключаемся к шарду, на котором находиться таблица
if ($conn) {
$query = 'SELECT `LOGIN`, `TYPE` FROM `b_users` WHERE `ID` = ' . $user_id . ' AND `HASH` = "' . _in_base($user_hash) . '"';
if ($result = $conn->query($query)) {
if ($result->num_rows == 1) {
if ($arUser = $result->fetch_array(MYSQLI_ASSOC)) {
$_SESSION["SESS_AUTH"]["AUTHORIZED"] = "Y";
$_SESSION["SESS_AUTH"]["USER_ID"] = $user_id;
$_SESSION["SESS_AUTH"]["USER_LOGIN"] = $arUser['LOGIN'];
$_SESSION["SESS_AUTH"]["USER_TYPE"] = $arUser['TYPE'];
return true;
}
}
}
} else {
header('Location: /update/');
}
}
UserLogout();
}
return false;
}
$db_road_front = "RoadFrontage";
$db_units = "TotalUnits";
$db_total_sqft = "SqFtTotal";
$db_asset_sales = "AssetSales";
$prev_prop_type = 'Residential';
/* Clear certain variables */
unset($str_url_vars);
$str_url_var_num = 0;
unset($where_clause);
$where_clause_num = 0;
unset($order_clause);
$order_clause_num = 0;
unset($order_clause_res);
$order_clause_res_num = 0;
// Connect to the Db
$dbcnx = dbconn($db_host, $db_username, $db_password, $db_name);
/* Check for variables */
if (empty($agent_id) && empty($firm_id) && empty($display_agent) && empty($display_firm)) {
$err_msg .= "<span class='err_msg'>No Firm or Agent selected.</span>\n";
$exit = 1;
} else {
/* Verify agent is allowed to use our system */
include 'allow_firms.php';
include 'allow_agents.php';
if (!stristr($allow_agents, $agent_id) && !stristr($allow_agents, $display_agent) && !stristr($allow_firms, $firm_id) && !stristr($allow_firms, $display_firm)) {
$err_msg .= "<span class='err_msg'>We are sorry, but this website is not authorized to use this feature.</span>\n";
$exit = 1;
}
}
if (empty($show) || $show == 'all') {
$show = "residential,vacant land,multires,commercial,business op";
p($dbform);
makehide('tablename');
makehide('page', $page);
makehide('doing');
p('</form>');
$cachetables = array();
$pagenum = 30;
$page = intval($page);
if ($page) {
$start_limit = ($page - 1) * $pagenum;
} else {
$start_limit = 0;
$page = 1;
}
if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) {
$lnk = dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
$mysqlver = mysql_get_server_info();
p('<form id="setdbname" method="post" action="' . $self . '">
<p>MySQL ' . $mysqlver . ' running in ' . $dbhost . ' as ' . $dbuser . '@' . $dbhost . '</p>');
$highver = $mysqlver > '4.1' ? 1 : 0;
$query = q("SHOW DATABASES");
$dbs = array();
$dbs[] = '-- Select a database --';
while ($db = mysql_fetch_array($query)) {
$dbs[$db['Database']] = $db['Database'];
}
makeselect(array('title' => 'Please select a database:', 'name' => 'db[]', 'option' => $dbs, 'selected' => $dbname, 'onchange' => 'moddbname(this.options[this.selectedIndex].value)', 'newline' => 1));
p('</form>');
$tabledb = array();
if ($dbname) {
p('<p>');
function rpc_return_quarantined_file($msg)
{
global $xmlrpcerruser;
dbconn();
$input = php_xmlrpc_decode(array_shift($msg->params));
$input = preg_replace('[\\.\\/|\\.\\.\\/]', '', $input);
$date = @mysql_result(dbquery("SELECT DATE_FORMAT(date,'%Y%m%d') FROM maillog where id='" . mysql_real_escape_string($input) . "'"), 0);
$qdir = get_conf_var('QuarantineDir');
$file = null;
switch (true) {
case file_exists($qdir . '/' . $date . '/nonspam/' . $input):
$file = $date . '/nonspam/' . $input;
break;
case file_exists($qdir . '/' . $date . '/spam/' . $input):
$file = $date . '/spam/' . $input;
break;
case file_exists($qdir . '/' . $date . '/mcp/' . $input):
$file = $date . '/mcp/' . $input;
break;
case file_exists($qdir . '/' . $date . '/' . $input . '/message'):
$file = $date . '/' . $input . '/message';
break;
}
$quarantinedir = get_conf_var('QuarantineDir');
switch (true) {
case !is_string($file):
return new xmlrpcresp(0, $xmlrpcerruser + 1, "Parameter type " . gettype($file) . " mismatch expected type.");
case !is_file($quarantinedir . '/' . $file):
return new xmlrpcresp(0, $xmlrpcerruser + 1, "{$quarantinedir}/{$file} is not a file.");
case !is_readable($quarantinedir . '/' . $file):
return new xmlrpcresp(0, $xmlrpcerruser + 1, "{$quarantinedir}/{$file}: permission denied.");
default:
$output = base64_encode(file_get_contents($quarantinedir . '/' . $file));
break;
}
return new xmlrpcresp(new xmlrpcval($output, 'base64'));
}
<?php
include "lib.php";
$connect = dbconn();
$user_id = trim($user_id);
$password = trim($password);
if (!$user_id) {
Error("Please input ID");
}
if (!$password) {
Error("Please input Password");
}
if ($id) {
$setup = get_table_attrib($id);
$group = group_info($setup[group_no]);
}
if ($setup[group_no]) {
$group_no = $setup[group_no];
}
// 회원 로그인 체크
$result = mysql_query("select * from {$member_table} where user_id='{$user_id}' and password=password('{$password}')") or error(mysql_error());
$member_data = mysql_fetch_array($result);
// 회원로그인이 성공하였을 경우 세션을 생성하고 페이지를 이동함
if ($member_data[no]) {
if ($auto_login) {
makeZBSessionID($member_data[no]);
}
// 4.0x 용 세션 처리
$zb_logged_no = $member_data[no];
$zb_logged_time = time();
$zb_logged_ip = $REMOTE_ADDR;
/**
* Создание нового заказа
* Возвращается код добавленного заказа или false в случае ошибки.
*/
function NewOrder($arParams)
{
if (is_array($arParams) && UserGetType() == 'C') {
$name = ClearValueString($arParams['order_name'], 120);
$text = ClearValueString($arParams['order_text']);
$price = ClearValueIntval($arParams['order_price'], array('min' => 500, 'max' => 999999));
if (strlen($name) > 0 && strlen($text) > 0 && !is_null($price)) {
$tax_value = GetTaxValue();
$tax_price = GetTaxPrice($price);
$conn = dbconn('b_orders');
// Подключаемся к шарду, на котором находиться таблица
if ($conn) {
$query = 'INSERT INTO `b_orders`
(`ID`, `DATE_INSERT`, `NAME`, `DESCRIPTION`, `PRICE`, `TAX_VALUE`, `TAX_PRICE`, `CUSTOMER_ID`)
VALUES
(NULL, NOW(), "' . _in_base($name) . '", "' . _in_base($text) . '", ' . $price . ', ' . $tax_value . ',
' . $tax_price . ', ' . UserGetID() . ')';
if ($conn->query($query)) {
return $conn->insert_id;
} else {
return $conn->erorr;
}
} else {
return 'DB_CONNECT_ERROR';
}
}
}
return false;
}
<?php
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Cache-Control: no-store, must-revalidate");
header("Pragma: no-cache");
require_once "../donate/globle.php";
function dbconn($host, $user, $pwd, $db)
{
$conn = mysql_connect($host, $user, $pwd) or die("数据库连接错误!");
mysql_select_db($db) or die("无此数据库!");
mysql_query("set names utf8;");
}
if (!dbconn(Host, Username, Password, Select_db)) {
//echo "数据库连接成功!<br />" ;
} else {
exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
<title>云主机代购查询续费 - 章郎主机</title>
</head>
<body>
<br/><br/>
<div class="framecenter margintop10">
<div class="pagecontent margintleft10" style="width:500px;margin-left:auto;margin-right:auto;margin-top:20px;">
<div class="pagecontentstr">
<div class="righttext center lineheight200">
<h3>您的查询结果如下</h3>
function api_initDb()
{
$db = mparam("db");
$dbcred = mparam("dbcred");
$cfgonly = (int) param("cfgonly", 0);
if (!$cfgonly) {
$dbcred0 = mparam("dbcred0");
$dbcred_ro = param("dbcred_ro");
}
$urlPath = mparam("urlPath");
if (!preg_match('/^(.*?)\\/(\\w+)$/', $db, $ms)) {
die("数据库指定错误: `{$db}`");
}
$dbhost = $ms[1];
$dbname = $ms[2];
if (!$cfgonly) {
list($dbuser0, $dbpwd0) = explode(":", $dbcred0);
if (!$dbuser0 || !isset($dbpwd0)) {
die("数据库管理员用户名密码指定错误: `{$dbcred0}`");
}
list($dbuser, $dbpwd) = explode(":", $dbcred);
if (!$dbuser || !isset($dbpwd)) {
die("应用程序使用的数据库用户名密码指定错误: `{$dbcred}`");
}
if ($dbcred_ro) {
list($dbuser_ro, $dbpwd_ro) = explode(":", $dbcred_ro);
}
$dbh = dbconn($dbhost, null, $dbuser0, $dbpwd0);
try {
$dbh->exec("use {$dbname}");
echo "=== 数据库`{$dbname}`已存在。\n";
} catch (Exception $e) {
echo "=== 创建数据库: {$dbname}\n";
try {
$dbh->exec("create database {$dbname}");
} catch (Exception $e) {
die("*** 用户`{$dbuser0}`无法创建数据库!\n");
}
$dbh->exec("use {$dbname}");
}
echo "=== 设置用户权限: {$dbuser}\n";
try {
$str = $dbpwd ? " identified by '{$dbpwd}'" : "";
$sql = "grant all on {$dbname}.* to {$dbuser}@localhost {$str}";
$dbh->exec($sql);
$sql = "grant all on {$dbname}.* to {$dbuser}@'%' {$str}";
$dbh->exec($sql);
} catch (Exception $e) {
die("*** 用户`{$dbuser0}`无法设置用户权限!\n");
}
if ($dbcred_ro) {
echo "=== 设置只读用户权限: {$dbuser_ro}\n";
$str = $dbpwd_ro ? " identified by '{$dbpwd_ro}'" : "";
$sql = "grant select, lock tables, show view on {$dbname}.* to {$dbuser_ro} {$str}";
$dbh->exec($sql);
$sql = "grant select on mysql.* to {$dbuser_ro}";
$dbh->exec($sql);
$sql = "grant reload, replication client, replication slave on *.* to {$dbuser_ro}";
$dbh->exec($sql);
}
}
echo "=== 写配置文件 " . CONF_FILE . "\n";
$dbcred_b64 = base64_encode($dbcred);
$adminCred = base64_encode(param("adminCred", ""));
$str = <<<EOL
<?php
if (getenv("P_DB") === false) {
\tputenv("P_DB={$db}");
\tputenv("P_DBCRED={$dbcred_b64}");
}
putenv("P_URL_PATH={$urlPath}");
putenv("P_ADMIN_CRED={$adminCred}");
EOL;
file_put_contents(CONF_FILE, $str);
echo "=== 完成! 请使用upgrade命令行工具更新数据库。\n";
}
<?php
# Use the link format below: add a month and a year
# http://localhost/payroll/ws.php?month=?&year=?
require_once 'payroll.php';
$wsMonth = isset($_GET['month']) ? intval($_GET['month']) : '';
$wsYear = isset($_GET['year']) ? intval($_GET['year']) : '';
if ($wsMonth && $wsYear) {
$wsPayroll = new payroll();
$wsPayroll->setters($wsMonth, $wsYear);
$wsPayrollDate = $wsPayroll->getSubmissionDate();
$returnJsonDate = array("{$wsPayrollDate}");
header('Content-type: application/json');
echo json_encode($returnJsonDate);
dbconn($wsMonth, $wsYear);
} else {
echo "<pre>No Data Sent. <br /><br />" . "Use http://localhost/payroll/ws.php?month=?&year=? specifying a month (mm) and a year (yyyy)</pre>";
}
function dbconn($m, $y)
{
$mysqli = new mysqli("localhost", "pyuser", "pypass", "py");
if ($mysqli->connect_errno) {
printf("Connect failed: %s\n", $mysqli->connect_error);
exit;
}
mysqli_query($mysqli, "INSERT INTO `log`( `month`, `year` ) VALUES ( {$m} ,{$y} )");
mysqli_close($mysqli);
}
/**
* @param $action
* @return bool
*/
function audit_log($action)
{
dbconn();
if (AUDIT) {
$user = mysql_real_escape_string($_SESSION['myusername']);
$action = mysql_real_escape_string($action);
$ip = mysql_real_escape_string($_SERVER['REMOTE_ADDR']);
$ret = dbquery("INSERT INTO audit_log (user, ip_address, action) VALUES ('{$user}', '{$ip}', '{$action}')");
if ($ret) {
return true;
}
}
return false;
}
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
require_once './functions.php';
require_once 'Mail/mimeDecode.php';
session_start();
require 'login.function.php';
ini_set("memory_limit", MEMORY_LIMIT);
if (!isset($_GET['id'])) {
die('No input Message ID');
} else {
$message_id = sanitizeInput($_GET['id']);
// See if message is local
dbconn();
// required db link for mysql_real_escape_string
$message_data = mysql_fetch_object(dbquery("SELECT hostname, DATE_FORMAT(date,'%Y%m%d') AS date FROM maillog WHERE id='" . mysql_real_escape_string($message_id) . "' AND " . $_SESSION["global_filter"]));
if (!$message_data) {
die("Message '" . $message_id . "' not found\n");
}
if (!is_local($message_data->hostname) || RPC_ONLY) {
// Host is remote - use XML-RPC
//$client = new xmlrpc_client(constant('RPC_RELATIVE_PATH').'/rpcserver.php', $host, 80);
$input = new xmlrpcval($message_id);
$parameters = array($input);
$msg = new xmlrpcmsg('return_quarantined_file', $parameters);
//$rsp = $client->send($msg);
$rsp = xmlrpc_wrapper($message_data->hostname, $msg);
if ($rsp->faultcode() == 0) {
$response = php_xmlrpc_decode($rsp->value());
function last_generated_sku($catPref)
{
global $DbLink;
dbconn(DB_ADDRESS, DB_NAME, DB_USER, DB_PASSWORD);
$last_gen_query = "SELECT parent_sku from item_alloc where sku_prefix='" . $catPref . "' order by parent_sku desc limit 1";
$result = mysql_query($last_gen_query, $DbLink);
$fetch = mysql_fetch_row($result);
if (is_null($fetch[0])) {
echo '<font color="Red">None</font>';
} else {
echo '<font color="Green">' . $fetch[0] . '</font>';
}
}
protected function onExec()
{
if (!isCLI()) {
if (ApiFw_::$SOLO) {
header("Content-Type: text/plain; charset=UTF-8");
#header("Content-Type: application/json; charset=UTF-8");
}
header("Cache-Control: no-cache");
}
setServerRev();
$ac = param('_ac', null, $_GET);
if (!isset($ac)) {
// 支持PATH_INFO模式。
@($path = $this->getPathInfo());
if ($path != null) {
$ac = $this->parseRestfulUrl($path);
}
}
if (!isset($ac)) {
$ac = mparam('ac', $_GET);
}
Conf::onApiInit();
dbconn();
global $DBH;
if (!isCLI()) {
session_start();
}
$this->apiLog = new ApiLog($ac);
$this->apiLog->logBefore();
// API调用监控
$this->apiWatch = new ApiWatch($ac);
$this->apiWatch->execute();
if ($ac == "batch") {
$useTrans = param("useTrans", false, $_GET);
$ret = $this->batchCall($useTrans);
} else {
$ret = $this->call($ac, true);
}
return $ret;
}
/**
@fn queryAll($sql, $fetchMode = PDO::FETCH_NUM)
执行查询语句,返回数组。
如果查询失败,返回空数组。
默认返回值数组(varr):
$rows = queryAll("SELECT name, phone FROM User");
if (count($rows) > 0) {
...
}
// 值为:
$rows = [
["John", "13712345678"],
["Lucy", "13712345679"]
...
]
// 可转成table格式返回
return ["h"=>["name", "phone"], "d"=>$rows];
也可以返回关联数组(objarr),如:
$rows = queryAll("SELECT name, phone FROM User", PDO::FETCH_ASSOC);
if (count($rows) > 0) {
...
}
// 值为:
$rows = [
["name"=>"John", "phone"=>"13712345678"],
["name"=>"Lucy", "phone"=>"13712345679"]
...
]
// 可转成table格式返回
return objarr2table($rows);
@see objarr2table
*/
function queryAll($sql, $fetchMode = PDO::FETCH_NUM)
{
global $DBH;
if (!isset($DBH)) {
dbconn();
}
$sth = $DBH->query($sql);
if ($sth === false) {
return false;
}
$rows = $sth->fetchAll($fetchMode);
return $rows;
}
<?php
//
// TorrentTrader v2.x
// $LastChangedDate: 2011-11-17 00:13:07 +0000 (Thu, 17 Nov 2011) $
// $LastChangedBy: dj-howarth1 $
//
// http://www.torrenttrader.org
//
//
require_once "backend/functions.php";
dbconn(true);
loggedinonly(true);
?>
<?php
if (!$CURUSER) {
?>
<meta http-equiv='refresh' content='0;url=account-login.php' />
<?php
}
stdhead(T_("HOME"));
//check
if (file_exists("check.php") && $CURUSER["class"] == 7) {
show_error_msg("WARNING", "Check.php still exists, please delete or rename the file as it could pose a security risk<br /><br /><a href='check.php'>View Check.php</a> - Use to check your config!<br /><br />", 0);
}
//Site Notice
if ($site_config['SITENOTICEON']) {
begin_frame(T_("NOTICE"));
function doit($input)
{
global $fp;
if (!($fp = popen($input, 'r'))) {
die("Cannot open pipe");
}
dbconn();
$lines = 1;
while ($line = fgets($fp, 2096)) {
// Reset variables
unset($parsed, $postfix, $_timestamp, $_host, $_type, $_msg_id, $_relay, $_dsn, $_status, $_delay);
$parsed = new syslog_parser($line);
$_timestamp = mysql_real_escape_string($parsed->timestamp);
$_host = mysql_real_escape_string($parsed->host);
// Postfix
if ($parsed->process == 'postfix/smtp' && class_exists('postfix_parser')) {
$postfix = new postfix_parser($parsed->entry);
if (DEBUG) {
print_r($postfix);
}
$_msg_id = mysql_real_escape_string($postfix->id);
// Milter-ahead rejections
if (preg_match('/Milter: /i', $postfix->raw) && preg_match('/(rejected recipient|user unknown)/i', $postfix->entries['reject'])) {
$_type = mysql_real_escape_string('unknown_user');
$_status = mysql_real_escape_string(get_email($postfix->entries['to']));
}
// Unknown users
if (preg_match('/user unknown/i', $postfix->entry)) {
// Unknown users
$_type = mysql_real_escape_string('unknown_user');
$_status = mysql_real_escape_string($postfix->raw);
}
// you can use these matches to populate your table with all the various reject reasons etc., so one could get stats about MTA rejects as well
// example
if (preg_match('/NOQUEUE/i', $postfix->entry)) {
if (preg_match('/Client host rejected: cannot find your hostname/i', $postfix->entry)) {
$_type = mysql_real_escape_string('unknown_hostname');
} else {
$_type = mysql_real_escape_string('NOQUEUE');
}
$_status = mysql_real_escape_string($postfix->raw);
}
// Relay lines
if (isset($postfix->entries['relay']) && isset($postfix->entries['status'])) {
$_type = mysql_real_escape_string('relay');
$_delay = mysql_real_escape_string($postfix->entries['delay']);
$_relay = mysql_real_escape_string(get_ip($postfix->entries['relay']));
$_dsn = mysql_real_escape_string($postfix->entries['dsn']);
$_status = mysql_real_escape_string($postfix->entries['status']);
}
}
if (isset($_type)) {
dbquery("REPLACE INTO mtalog VALUES (FROM_UNIXTIME('{$_timestamp}'),'{$_host}','{$_type}','{$_msg_id}','{$_relay}','{$_dsn}','{$_status}','{$_delay}')");
}
$lines++;
}
dbclose();
pclose($fp);
}
private function _init()
{
$this->_initMeta();
$fnConfirm = null;
if (!$this->forRtest) {
$fnConfirm = function ($connstr) {
echo "=== connect to {$connstr} (enter to cont, ctrl-c to break) ";
fgets(STDIN);
logstr("=== [" . date('c') . "] connect to {$connstr}\n", false);
return true;
};
}
$this->dbh = dbconn($fnConfirm);
try {
$sth = $this->dbh->query('SELECT ver FROM cinf');
$this->dbver = $sth->fetchColumn();
} catch (PDOException $e) {
$this->dbver = 0;
}
}
function item_variation_table($parent_sku)
{
global $DbLink;
dbconn(DB_ADDRESS, DB_NAME, DB_USER, DB_PASSWORD);
$item_variant_query = "SELECT * from variant_header where parent_sku ='{$parent_sku}'";
$item_variant = mysql_query($item_variant_query, $DbLink);
?>
<table class='table_window'>
<tr><td colspan='5'><h3>Item Variations</h3></td></tr>
<tr>
<td style='text-align:center;width:25%;'><b>Child Sku</b></td>
<td style='text-align:center;width:25%;'><b>Variant Sku</b></td>
<td style='text-align:center;width:25%;'><b>Variant Desc</b></td>
<td style='text-align:center;width:25%;'><b>Variant Type</b></td>
</tr>
<?php
while ($row = mysql_fetch_assoc($item_variant)) {
?>
<form method='post' action='?p=vCMS-tab'>
<input type='hidden' name='update' value='itemVariant'/>
<input type='hidden' name='parent_sku' value='<?php
echo $parent_sku;
?>
'/>
<input type='hidden' name='item_sku' value='<?php
echo $row['item_sku'];
?>
'/>
<tr>
<td style='text-align:center;'><?php
echo $row['item_sku'];
?>
</td>
<td style='text-align:center;'><input type='text' size='6' name='newVarSku' value='<?php
echo htmlspecialchars_decode($row['variant_sku']);
?>
'/></td>
<td style='text-align:center;'><input type='text' size='20' name='newVarDesc' value='<?php
echo htmlspecialchars_decode($row['variant_desc']);
?>
'/></td>
<td style='text-align:center;'><select name='newVarType'>
<?php
if ($row['variant_type'] == 'Size') {
echo '<option value="Size" selected="selected">Size</option>';
} else {
echo '<option value="Size">Size</option>';
}
if ($row['variant_type'] == 'Color') {
echo '<option value="Color" selected="selected">Color</option>';
} else {
echo '<option value="Color">Color</option>';
}
if ($row['variant_type'] == 'Style') {
echo '<option value="Style" selected="selected">Style</option>';
} else {
echo '<option value="Style">Style</option>';
}
if ($row['variant_type'] == 'Size/Color') {
echo '<option value="Size/Color" selected="selected">Size/Color</option>';
} else {
echo '<option value="Size/Color">Size/Color</option>';
}
if ($row['variant_type'] == 'Size/Style') {
echo '<option value="Size/Style" selected="selected">Size/Style</option>';
} else {
echo '<option value="Size/Style">Size/Style</option>';
}
if ($row['variant_type'] == 'Weight') {
echo '<option value="Weight" selected="selected">Weight</option>';
} else {
echo '<option value="Weight">Weight</option>';
}
?>
</select>
<td style='text-align:right;width:15px;'>
<input type='submit' value='Update'/>
</form>
</td>
<td style='text-align:left;width:15px;'>
<form method='post' action='?p=vCMS-tab'>
<input type='hidden' name='delete' value='itemVariant'/>
<input type='hidden' name='parent_sku' value='<?php
echo $parent_sku;
?>
'/>
<input type='hidden' name='item_sku' value='<?php
echo $row['item_sku'];
?>
'/>
<input type='submit' value='Delete'/>
</form>
</td>
</tr>
<?php
}
if (is_null($row['alias_sku'])) {
?>
<form method='post' action='?p=vCMS-tab'>
<input type='hidden' name='insert' value='itemVariant'/>
<input type='hidden' name='parent_sku' value='<?php
echo $parent_sku;
?>
'/>
<tr>
<td style='text-align:center;'><?php
echo $parent_sku;
?>
</td>
<td style='text-align:center;'><input type='text' size='6' name='varSku'/></td>
<td style='text-align:center;'><input type='text' size='20' name='varDesc'/></td>
<td style='text-align:center;'><select name='varType'>
<option value='Size'>Size</option>
<option value='Color'>Color</option>
<option value='Style'>Style</option>
<option value='Size/Color'>Size/Color</option>
<option value='Size/Style'>Size/Style</option>
<option value="Weight">Weight</option>
</select></td>
<td colspan='2' style='text-align:center;width:15px;'>
<input type='submit' value='Add Variant'/>
</form>
</td>
</tr>
<?php
}
?>
</table>
<?php
}
|--------------------------------------------------------------------------|
| A bittorrent tracker source based on TBDev.net/tbsource/bytemonsoon. |
|--------------------------------------------------------------------------|
| Project Leaders: Mindless,putyn. |
|--------------------------------------------------------------------------|
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/ \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \
( U | - | 2 | 3 | 2 )-( S | o | u | r | c | e )-( C | o | d | e )
\_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/
*/
require_once dirname(__FILE__) . DIRECTORY_SEPARATOR . 'include' . DIRECTORY_SEPARATOR . 'bittorrent.php';
require_once INCL_DIR . 'user_functions.php';
require_once INCL_DIR . 'html_functions.php';
//require_once INCL_DIR . 'function_ircbot.php';
//== Updated casino.php by Bigjoos
dbconn(false);
loggedinorreturn();
$lang = array_merge(load_language('global'), load_language('casino'));
//== Config
$amnt = $nobits = $abcdefgh = 0;
$dummy = '';
$player = UC_USER;
$mb_basic = 1024 * 1024;
$max_download_user = $mb_basic * 1024 * 1024;
//= 255 Gb
$max_download_global = $mb_basic * $mb_basic * 1;
//== 10.0 Tb
$required_ratio = 0.5;
//== Min ratio
$user_everytimewin_mb = $mb_basic * 20;
//== Means users that wins under 70 mb get a cheat_value of 0 -> win every time
$arFields = json_decode($_POST['json'], true);
$user_login = ClearValueString($arFields['login'], 20, true);
$user_password = ClearValueString($arFields['password'], 20, true);
$user_remember = filter_var($arFields['remember'], FILTER_VALIDATE_BOOLEAN);
if (!ctype_alnum($arFields['login'])) {
$arRequest['MESSAGE'] = 'Логин должен состоять только из латинских букв и цифр';
} elseif (strlen($user_login) < 3) {
$arRequest['MESSAGE'] = 'Длина логина от 3х до 20 символов';
} elseif (strlen($user_password) < 3) {
$arRequest['MESSAGE'] = 'Длина пароля от 3х до 20 символов';
}
/**
* Если ошибок не найдено, авторизуем пользователя
*/
if (empty($arRequest['MESSAGE'])) {
$conn = dbconn('b_users');
// Подключаемся к шарду, на котором находиться таблица
if ($conn) {
$query = 'SELECT COUNT(`ID`), `ID` FROM `b_users` WHERE `LOGIN` = "' . _in_base($user_login) . '" AND `PASSWORD` = "' . md5($user_password) . '"';
if ($result = $conn->query($query)) {
$result_row = $result->fetch_row();
$count_row = $result_row[0];
// Значение поля COUNT(`ID`)
$user_id = $result_row[1];
// Значение поля ID
if ($count_row == 1) {
/**
* Формируем хеш авторизации и добавляем его в БД
*/
$user_hash = md5(uniqid(rand()));
$conn->query('UPDATE `b_users` SET `HASH` = "' . $user_hash . '" WHERE `ID` = ' . $user_id);
