function charge($out)
{
global $total_college;
$f = $out['face'][0]['attribute'];
$total = $f['age']['value'] + getInt($f['gender']['confidence']) + getInt($f['glass']['confidence']) + getInt($f['race']['confidence']) + getInt($f['smiling']['value']);
return $total % $total_college;
}
/**
* Удаление товара из корзины
*/
public function removeAction()
{
if (!isset($_POST['id']) || !isset($_POST['type'])) {
$this->errorAction(1001, 'Custom system error', ['postArgument' => 'noPostArgument']);
}
$id = getInt($_POST['id']);
$type = htmlspecialchars(trim($_POST['type']));
if (empty($id)) {
$this->errorAction(1001);
}
$cart = new ModelCart();
$cart->remove($id, $type);
$summ = $cart->getCostItems();
$count = $cart->getCountItems();
$this->addData(['succes' => 'Ok', 'count' => $count, 'summ' => $summ]);
$this->successAction();
}
if ($showid != '') {
$showid = trim(preg_replace("/[^a-zA-Z0-9_]/", "", $showid));
$max_results = getInt('max-results', 10);
$start_index = getInt('start-index', 1);
$arr = getYoutubeSeasonsByShowID($showid, $max_results, $start_index);
echo json_encode($arr);
} else {
echo 'owner parameter not set';
}
break;
case 'getyoutubeshowownershows':
$link = getCmd('link', '');
if ($link) {
$u = getYoutubeGalleryShowOwner($link);
$max_results = getInt('max-results', 10);
$start_index = getInt('start-index', 1);
$ua = json_decode($u);
if ($ua == false) {
echo $ua;
}
$arr = getYoutubeShowsByUser($ua->username, $max_results, $start_index);
print_r($arr);
} else {
echo 'link parameter not set';
}
break;
case '':
echo '<html><body></body></html>';
break;
default:
echo 'unknown task';
if ($userinfo['user_group'] > $forum_postgroup) {
require_once ABSOLUTE_BASEPATH . '/header.' . PHPEXT;
notification($_LANG['insufficient_privileges'], $_SERVER['HTTP_REFERER'], 3);
die;
}
$res = $db->query('select topic_disabled from ' . $_CONF['dbprefix'] . 'topics ' . "where topic_id='{$id}'");
$db->freeResult();
$topic_disabled = getInt($res[0]['topic_disabled']);
unset($res);
if ($topic_disabled) {
require_once ABSOLUTE_BASEPATH . '/header.' . PHPEXT;
notification($_LANG['topic_disabled'], $_SERVER['HTTP_REFERER'], 3);
die;
}
$db->query('insert into ' . $_CONF['dbprefix'] . 'posts(topic_id, forum_id, poster_id, ' . 'post_time, post_content, poster_ip, poster_so, poster_browser) ' . "values('{$topic_id}', '{$forum_id}', '{$user_id}', " . time() . ", '{$content}', '{$ip}', '{$so}', '{$browser}')");
$res = $db->query('select count(*) as numposts from ' . $_CONF['dbprefix'] . "posts where topic_id='" . $topic_id . "'");
$numPosts = getInt($res[0]['numposts']);
$res = $db->query('select post_id as maxpost from ' . $_CONF['dbprefix'] . 'posts where ' . "topic_id='{$topic_id}' order by post_id desc limit 1");
$maxPost = getInt($res[0]['maxpost']);
unset($res);
$db->freeResult();
$db->close();
if ($numPosts >= 10) {
$lastPage = (int) (($numPosts - 1) / 10) + 1;
header('Location: ' . BASEDIR . "topic/{$topic_id}/{$lastPage}#{$maxPost}");
} else {
header('Location: ' . BASEDIR . "topic/{$topic_id}/1#{$maxPost}");
}
?>
if ($ext == 'jpg') {
$ext = 'jpeg';
}
$ascii = img2ascii($_FILES['avatarfile']['tmp_name'], $ext);
if (!empty($ascii)) {
$db->query('update ' . $_CONF['dbprefix'] . "users set user_avatar='" . sanitizeQuery($ascii) . "' " . "where user_id='" . getInt($uid) . "'");
}
}
if (isset($_POST['removeavatar'])) {
$db->query('update ' . $_CONF['dbprefix'] . "users set user_avatar=null where user_id=" . getInt($uid));
}
if (isset($_POST['removeuser'])) {
$db->query('delete from ' . $_CONF['dbprefix'] . 'users where user_id=' . $uid);
}
if ($_POST['userlev'] != $results['user_group']) {
$db->query('update ' . $_CONF['dbprefix'] . "users set user_group=" . getInt($_POST['userlev']) . ' where user_id=' . $uid);
}
if (isset($_POST['ban'])) {
switch ($_POST['ban']) {
case 'ban':
if (!$results['user_disabled']) {
$db->query('update ' . $_CONF['dbprefix'] . 'users set user_disabled=1 where user_id=' . $uid);
}
break;
case 'unban':
if ($results['user_disabled']) {
$db->query('update ' . $_CONF['dbprefix'] . 'users set user_disabled=0 where user_id=' . $uid);
}
break;
}
}
}
}
$smarty->assign('lang', $_LANG);
$smarty->assign('info', $info);
$smarty->assign('ur_here', $view ? $_LANG['ur_view'] : $_LANG['ur_install']);
$smarty->assign('action_link', array('href' => 'website.php?act=list', 'text' => $_LANG['webstte_list']));
$smarty->assign('type', $type);
$smarty->assign('act', $view ? 'update_website' : 'query_install');
assign_query_info();
$smarty->display('website_install.htm');
} elseif ($_REQUEST['act'] == 'query_install' || $_REQUEST['act'] == 'update_website') {
$type = getChar('type');
//$app_key = getChar('app_key');
//$app_secret = getChar('app_secret');
$rank_name = getChar('rank_name');
$rank_id = getInt('rank_id');
$query = $_REQUEST['act'] == 'query_install';
$olb_rank_name = getChar('olb_rank_name');
if ($query || !$rank_id) {
$sql = 'INSERT INTO ' . $ecs->table('user_rank') . '(`rank_name` , `discount` , `special_rank`,`show_price`) VALUES' . "('{$rank_name}' , '100' , '1','0')";
$db->query($sql);
$rank_id = $db->insert_id();
} else {
if ($rank_name != $olb_rank_name && $rank_id) {
$sql = 'UPDATE ' . $ecs->table('user_rank') . ' SET `rank_name` = ' . "'{$rank_name}' WHERE `rank_id`='{$rank_id}'";
$db->query($sql);
}
}
$commnet = '<?php ' . "\r\n // 第三方插件登录信息---------------------\r\n" . "define('RANK_ID' , '{$rank_id}'); \r\n";
foreach ($_POST['jntoo'] as $key => $val) {
$commnet .= "define('{$key}' , '{$val}'); \r\n";
/**
* process_post_data()
*
* Function to process the form posted
*/
function process_post_data()
{
global $CONFIG;
global $user_albums_list, $lang_errors;
$superCage = Inspekt::makeSuperCage();
$user_album_set = array();
foreach ($user_albums_list as $album) {
$user_album_set[$album['aid']] = 1;
}
$pid = $superCage->post->getInt('pid');
if (!is_array($pid)) {
cpg_die(CRITICAL_ERROR, $lang_errors['param_missing'], __FILE__, __LINE__);
}
$pid_array = $pid;
if ($superCage->post->keyExists('galleryicon')) {
$galleryincon = $superCage->post->getInt('galleyicon');
} else {
$galleryicon = '';
}
foreach ($pid_array as $pid) {
$aid = $superCage->post->getInt("aid{$pid}");
$title = get_post_var('title', $pid);
$caption = get_post_var('caption', $pid);
$keywords = get_post_var('keywords', $pid);
$user1 = get_post_var('user1', $pid);
$user2 = get_post_var('user2', $pid);
$user3 = get_post_var('user3', $pid);
$user4 = get_post_var('user4', $pid);
$delete = false;
$reset_vcount = false;
$reset_votes = false;
$del_comments = false;
$isgalleryicon = $galleryicon === $pid;
if ($superCage->post->keyExists('delete' . $pid)) {
$delete = $superCage->post->getInt('delete' . $pid);
}
if ($superCage->post->keyExists('reset_vcount' . $pid)) {
$reset_vcount = $superCage->post - getInt('reset_vcount' . $pid);
}
if ($superCage->post->keyExists('reset_votes' . $pid)) {
$reset_votes = $superCage->post->getInt('reset_votes' . $pid);
}
if ($superCage->post->keyExists('del_comments' . $pid)) {
$del_comments = $superCage->post->getInt('del_comments' . $pid) || $delete;
}
// OVI
//$query = "SELECT category, filepath, filename, owner_id FROM {$CONFIG['TABLE_PICTURES']}, {$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND pid='$pid'";
$query = "SELECT {$CONFIG['TABLE_PICTURES']}.aid, category, filepath, filename, owner_id, total_filesize FROM {$CONFIG['TABLE_PICTURES']}, {$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND pid='{$pid}'";
$result = cpg_db_query($query);
if (!mysql_num_rows($result)) {
cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
}
$pic = mysql_fetch_array($result);
mysql_free_result($result);
if (!GALLERY_ADMIN_MODE && !MODERATOR_MODE && !USER_ADMIN_MODE && !user_is_allowed() && !$CONFIG['users_can_edit_pics']) {
if ($pic['category'] != FIRST_USER_CAT + USER_ID) {
cpg_die(ERROR, $lang_errors['perm_denied'] . "<br />(picture category = {$pic['category']}/ {$pid})", __FILE__, __LINE__);
}
if (!isset($user_album_set[$aid])) {
cpg_die(ERROR, $lang_errors['perm_denied'] . "<br />(target album = {$aid})", __FILE__, __LINE__);
}
}
$update = "aid = '{$aid}'";
$update .= ", title = '{$title}'";
$update .= ", caption = '{$caption}'";
$update .= ", keywords = '{$keywords}'";
$update .= ", user1 = '{$user1}'";
$update .= ", user2 = '{$user2}'";
$update .= ", user3 = '{$user3}'";
$update .= ", user4 = '{$user4}'";
if ($isgalleryicon && $pic['category'] > FIRST_USER_CAT) {
$sql = 'UPDATE ' . $CONFIG['TABLE_PICTURES'] . ' SET galleryicon=0 WHERE owner_id=' . $pic['owner_id'] . ';';
cpg_db_query($sql);
$update .= ", galleryicon = " . addslashes($galleryicon);
}
if (is_movie($pic['filename'])) {
$pwidth = $superCage->post->getInt('pwidth' . $pid);
$pheight = $superCage->post->getInt('pheight' . $pid);
$update .= ", pwidth = " . $pwidth;
$update .= ", pheight = " . $pheight;
}
if ($reset_vcount) {
$update .= ", hits = '0'";
resetDetailHits($pid);
}
if ($reset_votes) {
$update .= ", pic_rating = '0', votes = '0'";
resetDetailVotes($pid);
}
if (GALLERY_ADMIN_MODE || UPLOAD_APPROVAL_MODE || MODERATOR_MODE) {
if ($superCage->post->keyExists('approved' . $pid)) {
$approved = $superCage->post->getAlpha('approved' . $pid);
}
if ($approved) {
$update .= ", approved = 'YES'";
} else {
$update .= ", approved = 'NO'";
}
}
if ($del_comments) {
$query = "DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}'";
$result = cpg_db_query($query);
}
if ($delete) {
$dir = $CONFIG['fullpath'] . $pic['filepath'];
$file = $pic['filename'];
if (!is_writable($dir)) {
cpg_die(CRITICAL_ERROR, sprintf($lang_errors['directory_ro'], $dir), __FILE__, __LINE__);
}
///////// OVI
$picture_id = $pid;
$owner_id = $pic['owner_id'];
$imageContainer = new FileContainer($picture_id, $owner_id);
$imageContainer->original_path = $dir . $file;
// check
$imageContainer->total_filesize = $pic['total_filesize'];
///////// OVI
/* // OVI
$files = array ($dir . $file, $dir . $CONFIG['normal_pfx'] . $file, $dir . $CONFIG['orig_pfx'] . $file, $dir . $CONFIG['thumb_pfx'] . $file);
foreach ($files as $currFile){
if (is_file($currFile)) @unlink($currFile);
}
*/
///////// OVI
$files = array($dir . $file, $dir . $CONFIG['normal_pfx'] . $file, $dir . $CONFIG['orig_pfx'] . $file, $dir . $CONFIG['thumb_pfx'] . $file);
foreach ($files as $currFile) {
if ($currFile != $dir . $file) {
$imageContainer->thumb_paths[] = $currFile;
}
if (is_file($currFile)) {
@unlink($currFile);
}
}
///////// OVI
///// OVI
global $storage;
$storage->delete_file($imageContainer);
///// OVI
$query = "DELETE FROM {$CONFIG['TABLE_PICTURES']} WHERE pid='{$pid}' LIMIT 1";
$result = cpg_db_query($query);
} else {
$query = "UPDATE {$CONFIG['TABLE_PICTURES']} SET {$update} WHERE pid='{$pid}' LIMIT 1";
$result = cpg_db_query($query);
}
}
}
</a>
<?php
$replies = $db->query('select topic_replies from ' . $_CONF['dbprefix'] . 'topics where ' . "topic_id = '" . getInt($row['topic_id']) . "'");
$db->freeResult();
$replies = getInt($replies[0]['topic_replies']) - 1;
if ($replies >= 10) {
print ' [ ';
$pages = (int) ($replies / 10) + 1;
for ($i = 1; $i <= $pages; $i++) {
print '<a href="' . BASEDIR . 'topic/' . getInt($row['topic_id']) . '/' . $i . '">' . $i . '</a> ';
}
print ']';
}
$author = $db->query('select user_id, username from ' . $_CONF['dbprefix'] . 'users u join ' . $_CONF['dbprefix'] . 'topics t on u.user_id=t.topic_poster ' . "where t.topic_id='" . getInt($row['topic_id']) . "'");
$db->freeResult();
$user_id = getInt($author[0]['user_id']);
$user_author = sanitizeHTML($author[0]['username']);
print "<br>\n -> " . $_LANG['posted_by'] . ' <a href="' . BASEDIR . 'user/' . $user_id . '">' . $user_author . '</a>';
?>
</td>
<td class="newposts"><?php
print $_LANG['latest_post'] . ': ';
?>
<a href="<?php
print BASEDIR;
?>
user/<?php
print intval($row['poster_id']);
?>
"><?php
$res = $db->query('select forum_postgroup from ' . $_CONF['dbprefix'] . 'forums ' . "where forum_id='" . $forum_id . "'");
$db->freeResult();
$forum_postgroup = getInt($res[0]['forum_postgroup']);
$res = $db->query('select topic_disabled from ' . $_CONF['dbprefix'] . 'topics ' . "where topic_id='{$id}'");
$db->freeResult();
$topic_disabled = getInt($res[0]['topic_disabled']);
$topic_sticked = getInt($res[0]['topic_sticked']);
unset($res);
if ($userinfo['user_group'] <= USERLEV_MOD) {
?>
<center><select name="modActions" style="font-size: 10px" onChange='modActions ("<?php
print BASEDIR;
?>
",
<?php
print getInt($row['topic_id']);
?>
, this.value)'>
<option value="none">-- <?php
print $_LANG['mod_actions'];
?>
</option>
<option value="remove"><?php
print $_LANG['remove'];
?>
</option>
<?php
if (!$topic_disabled) {
?>
<option value="lock"><?php
die(json_encode($_RESULT));
break;
case 'add':
$path_id = isset(MSCore::urls()->vars[2]) ? (int) MSCore::urls()->vars[2] : 0;
$page = isset(MSCore::urls()->vars[3]) ? (int) MSCore::urls()->vars[3] : 0;
$new_item_id = isset(MSCore::urls()->vars[4]) ? (int) MSCore::urls()->vars[4] : 0;
/* ACTION */
$OUT_CONFIG = $CONFIG;
$CONFIG = $Tape->generateConfigValues($new_item_id);
if (isset($_REQUEST['conf'])) {
//защита от дублирования поля code {start}
if (!empty($_REQUEST['conf'][1]['code'])) {
$id = !empty($_REQUEST['id']) ? $_REQUEST['id'] : 0;
$tableName = $CONFIG['tables']['items']['db_name'];
$codeItem = $_REQUEST['conf'][1]['code'];
if (MSCore::db()->getOne('SELECT `id` FROM `' . PRFX . $tableName . '` WHERE' . ($id != 0 ? ' `id`!=' . $id . ' AND' : '') . ' `path_id` = "' . getInt($path_id) . '" AND `code` = "' . MSCore::db()->pre($codeItem) . '"')) {
$_REQUEST['conf'][1]['code'] = $codeItem . '-' . date('dHis');
}
}
//защита от дублирования поля code {end}
if ($inserted_id = $Tape->saveItem(false)) {
$vars = $Tape->generateVars();
$vars['apply'] = isset(MSCore::urls()->vars[5]) && MSCore::urls()->vars[5] > 0 ? 1 : 0;
$inserted_id = '<input id="inserted_id" type="hidden" value="' . $inserted_id . '" name="id"/>';
$_RESULT = array('content' => array(template('moduleTape/fast', $vars), $inserted_id));
die(json_encode($_RESULT));
} else {
echo '<i style="display:none">Fatal error: </i>Введенный "Символьный код" уже занят';
/**
* TODO: Сейчас на все ошибки одна причина, исправить :)
*/
<?php
function getInt()
{
return (int) +trim(fgets(STDIN));
}
$l = getInt();
$t = getInt();
while ($t-- > 0) {
$arr = explode(' ', trim(fgets(STDIN)));
if ($arr[0] < $l or $arr[1] < $l) {
echo "UPLOAD ANOTHER\n";
} elseif ($arr[0] == $arr[1]) {
echo "ACCEPTED\n";
} else {
echo "CROP IT\n";
}
}
if (!$session->logged) {
require_once ABSOLUTE_BASEPATH . '/header.' . PHPEXT;
notification($_LANG['insufficient_privileges'], $_SERVER['HTTP_REFERER'], 3);
die;
}
$db = new nullBB_Database($_CONF, $_LANG);
$post_id = getInt($_GET['post_id']);
$res = $db->query('select poster_id from ' . $_CONF['dbprefix'] . 'posts where post_id=' . $post_id);
$db->freeResult();
$poster_id = getInt($res[0]['poster_id']);
if ($userinfo['user_group'] > USERLEV_MOD && $userinfo['user_id'] != $poster_id) {
require_once ABSOLUTE_BASEPATH . '/header.' . PHPEXT;
notification($_LANG['insufficient_privileges'], $_SERVER['HTTP_REFERER'], 3);
die;
}
$res = $db->query('select poster_ip from ' . $_CONF['dbprefix'] . 'posts where post_id=' . $post_id);
$db->freeResult();
$addr = sanitizeHTML($res[0]['poster_ip']);
print $addr;
unset($res);
exit(0);
}
$db = new nullBB_Database($_CONF, $_LANG);
$res = $db->query('select post_content from ' . $_CONF['dbprefix'] . 'posts ' . "where post_id='" . getInt($_GET['post_id']) . "'");
$db->freeResult();
print htmlspecialchars($res[0]['post_content']);
unset($res);
$db->close();
?>
$town = getString("town", null);
$order = getString("order", "default");
$zoom = getString("zoom", null);
$layout = getString("layout", "default");
$caption = getString("caption", $words["key"]);
$groupby = getString("groupby", "player");
$colby = getString("colby", $groupby);
$lines = getBool("lines");
$casen = getBool("casen");
$azoom = getBool("azoom");
$nocache = getBool("nocache");
$dotsize = getFloat("dotsize", 1);
$maxdist = getInt("maxdist", null);
$mindist = getInt("mindist", null);
$maxpop = getInt("maxpop", null);
$minpop = getInt("minpop", null);
$table = preg_replace("/[^a-zA-Z0-9]/", "_", $server);
$s_server = sql_escape_string($server);
$server_info = sql_fetch_row(sql_query("SELECT * FROM servers WHERE name='{$s_server}'"));
// }}}
// figure out where we are {{{
if ($layout == "spread") {
$cx = 768 / 2;
$cy = 256;
} else {
$cx = 256;
$cy = 256;
}
// }}}
/* figure out where to focus {{{
*
die;
}
$db->query('delete from ' . $_CONF['dbprefix'] . 'privmsgs where privmsg_id=' . getInt($_GET['msg_id']) . ' ' . 'and privmsg_to=' . getInt($userinfo['user_id']));
require_once ABSOLUTE_BASEPATH . '/header.' . PHPEXT;
notification($_LANG['delete_privmsg_ok'], $_SERVER['HTTP_REFERER'], 3);
die;
}
$db = new nullBB_Database($_CONF, $_LANG);
$res = $db->query('select * from ' . $_CONF['dbprefix'] . 'privmsgs ' . "where privmsg_id=" . getInt($_GET['msg_id']) . " and privmsg_to=" . getInt($userinfo['user_id']));
$db->freeResult();
if (empty($res)) {
print $_LANG['privmsg_not_found'];
die;
}
$res = $res[0];
if ($res['privmsg_seen'] == false) {
$db->query('update ' . $_CONF['dbprefix'] . 'privmsgs set privmsg_seen=1 ' . 'where privmsg_id=' . getInt($_GET['msg_id']) . ' and privmsg_to=' . getInt($userinfo['user_id']));
}
$from = $db->query('select username from ' . $_CONF['dbprefix'] . 'users where user_id=' . getInt($res['privmsg_from']));
$db->freeResult();
$from = sanitizeHTML($from[0]['username']);
$to = sanitizeHTML($userinfo['username']);
$content = bb2html($res['privmsg_content']);
print '<li class="privmsgHead">' . $_LANG['from'] . ': ' . '<a href="' . BASEDIR . 'user/' . getInt($res['privmsg_from']) . '">' . $from . "</a></li>\n";
print '<li class="privmsgHead">' . $_LANG['to'] . ': ' . '<a href="' . BASEDIR . 'user/' . getInt($res['privmsg_to']) . '">' . $to . "</a></li><br>\n";
print '<div class="privmsgContent">' . $content . "</div><br>\n";
unset($res);
$db->close();
?>
print $_LANG['registered_since'];
?>
</th>
<th><?php
print $_LANG['posts'];
?>
</th>
<th><?php
print $_LANG['reputation'];
?>
</th>
</tr>
<?php
foreach ($res as $row) {
print '<tr class="users">' . '<td class="users"><a href="' . BASEDIR . 'user/' . $row['user_id'] . '">' . sanitizeHTML($row['username']) . '</a></td>' . '<td class="usersCenter">' . @date('d M Y, h:i:s a', $row['user_regtime']) . '</td>' . '<td class="usersRight">' . getInt($row['user_posts']) . '</td>' . '<td class="usersRight">' . getInt($row['user_karma']) . '</td></tr>';
}
?>
</table>
<?php
unset($res);
$db->close();
?>
<?php
require_once ABSOLUTE_BASEPATH . '/footer.' . PHPEXT;
?>
</tr>
<?php
foreach ($res as $row) {
?>
<tr class="reputations">
<td class="reputations"><a href="<?php
print BASEDIR . 'user/' . $row['voter_id'];
?>
"><?php
print sanitizeHTML($row['username_voter']);
?>
</a></td>
<td class="reputations" style="text-align: right; width: 10%"><?php
if (getInt($row['vote']) > 0) {
print '+1';
} else {
print '-1';
}
?>
</td>
</tr>
<?php
}
unset($res);
}
?>
</table></center>
}
$db->query('delete from ' . $_CONF['dbprefix'] . 'posts where post_id=' . $post_id);
$res = $db->query('select count(*) as num from ' . $_CONF['dbprefix'] . 'posts where topic_id=' . $topic_id);
$db->freeResult();
$num = getInt($res[0]['num']);
if ($num == 0) {
$db->query('delete from ' . $_CONF['dbprefix'] . 'topics where topic_id=' . $topic_id);
}
$db->close();
header("Location: " . $_SERVER['HTTP_REFERER']);
die;
}
$res = $db->query('select poster_id from ' . $_CONF['dbprefix'] . 'posts ' . "where post_id='" . getInt($_POST['post_id']) . "'");
$db->freeResult();
if ($res[0]['poster_id'] != $userinfo['user_id'] && $userinfo['user_group'] > USERLEV_MOD) {
notification("Invalid user", $_SERVER['HTTP_REFERER'], 3);
die;
}
$db->query('update ' . $_CONF['dbprefix'] . 'posts set post_content=' . "'" . sanitizeQuery($_POST['post_content']) . "' where post_id='" . getInt($_POST['post_id']) . "'");
$res = $db->query('select count(*) as num from ' . $_CONF['dbprefix'] . 'posts where topic_id=' . $topic_id . ' ' . 'and post_time > ' . $post_time);
$db->freeResult();
$num = getInt($res[0]['num']);
if ($num > 0) {
$db->query('update ' . $_CONF['dbprefix'] . 'posts set post_lastedit_date=' . time() . ', ' . 'post_lastedit_user='******'user_id'] . ' where post_id=' . $post_id);
}
$db->close();
header("Location: " . $_SERVER['HTTP_REFERER']);
die;
?>
</tr>
<?php
foreach ($res as $row) {
$forum_name = sanitizeHTML($row['forum_name']);
$topic_name = sanitizeHTML($row['topic_title']);
$topic_author = sanitizeHTML($row['topic_author']);
$post_author = sanitizeHTML($row['post_author']);
$topic_replies = getInt($row['topic_replies']);
$forum_id = getInt($row['forum_id']);
$topic_id = getInt($row['topic_id']);
$post_id = getInt($row['post_id']);
$topic_user_id = getInt($row['topic_user_id']);
$post_user_id = getInt($row['post_user_id']);
$page = $db->query('select count(*) as numPosts from ' . $_CONF['dbprefix'] . 'posts ' . 'where topic_id=' . $topic_id . ' and post_time < ' . $row['post_time']);
$page = (int) (getInt($page[0]['numPosts']) / 10 + 1);
$db->freeResult();
?>
<tr class="searchresults">
<td class="searchresults"><a href="<?php
print BASEDIR . $forum_id;
?>
"><?php
print $forum_name;
?>
</a></td>
<td class="searchresults"><a href="<?php
print BASEDIR . "topic/{$topic_id}/{$page}#{$post_id}";
?>
"><?php
}
$groups = array();
$res = $db->query('select * from ' . $_CONF['dbprefix'] . 'groups');
foreach ($res as $row) {
$groups[$row['group_id']] = $row['group_name'];
}
$xml = '<?xml version="1.0" encoding="UTF-8" ?>';
$res = $db->query('select forum_name, forum_viewgroup, forum_postgroup from ' . $_CONF['dbprefix'] . 'forums where forum_id=' . $fid);
$res = $res[0];
$xml .= '<forum id="' . $fid . '" name="' . $res['forum_name'] . '">' . '<priv id="view" value="' . getInt($res['forum_viewgroup']) . '" name="' . sanitizeHTML($groups[$res['forum_viewgroup']]) . '"></priv>' . '<priv id="post" value="' . getInt($res['forum_postgroup']) . '" name="' . sanitizeHTML($groups[$res['forum_postgroup']]) . '"></priv>';
foreach ($groups as $id => $name) {
$xml .= '<group id="' . getInt($id) . '" name="' . sanitizeHTML($name) . '"></group>';
}
$xml .= '</forum>';
print $xml;
break;
case 'edit_privs':
if (!$fid) {
die;
}
$view_privs = getInt($_REQUEST['view_privs']);
$post_privs = getInt($_REQUEST['post_privs']);
$db->query('update ' . $_CONF['dbprefix'] . 'forums set forum_viewgroup=' . $view_privs . ' where forum_id=' . $fid);
$db->query('update ' . $_CONF['dbprefix'] . 'forums set forum_postgroup=' . $post_privs . ' where forum_id=' . $fid);
header('Location: ' . $_SERVER['HTTP_REFERER']);
break;
}
$db->close();
?>
print '<a href="javascript:newForum()" style="padding-left: 10px">' . $_LANG['new_forum'] . '</a><br>' . '<form action="editforum.' . PHPEXT . '?action=new" method="POST">' . '<div id="newforum" style="padding-left: 10px"></div><br>' . '</form>' . '<table class="forumlist">' . "\n";
foreach ($res as $row) {
print '<tr class="forumlist">' . '<td class="forumlist">' . '<span id="name' . getInt($row['forum_id']) . '">' . '<a href="/forum/' . getInt($row['forum_id']) . '">' . sanitizeHTML($row['forum_name']) . '</a></span><br>' . '<span id="desc' . getInt($row['forum_id']) . '">' . sanitizeHTML($row['forum_desc']) . '</span></td>' . '<td class="forumlist" style="text-align: right">' . '<select id="' . $row['forum_id'] . '" name="forumaction" value="none" onChange="editForum(this)">' . '<option value="none">-- ' . $_LANG['choose_action'] . '</option>' . '<option value="delete">' . $_LANG['remove_forum'] . '</option>' . '<option value="move_up">' . $_LANG['move_up'] . '</option>' . '<option value="move_down">' . $_LANG['move_down'] . '</option>' . '<option value="edit_name">' . $_LANG['edit_name'] . '</option>' . '<option value="edit_desc">' . $_LANG['edit_desc'] . '</option>' . '<option value="edit_priv">' . $_LANG['edit_priv'] . '</option>' . '</select></td>' . '</tr>';
}
print '</table>';
$db->close();
break;
case 'group':
require_once ABSOLUTE_BASEPATH . '/db.' . PHPEXT;
$db = new nullBB_Database($_CONF, $_LANG);
$res = $db->query('select * from ' . $_CONF['dbprefix'] . 'groups ' . 'order by group_id');
$db->freeResult();
$defaultGroups = array(USERLEV_GOD, USERLEV_ADMIN, USERLEV_GLOBALMOD, USERLEV_MOD, USERLEV_USER, USERLEV_ANY, USERLEV_BANNED);
print '<a href="javascript:newGroup()" style="padding-left: 10px">' . $_LANG['new_group'] . '</a><br>' . '<form action="editgroup.' . PHPEXT . '?action=new" method="POST">' . '<div id="newgroup" style="padding-left: 10px"></div><br>' . '</form>' . '<table class="forumlist">' . "\n";
foreach ($res as $row) {
print '<tr class="forumlist">' . '<td class="forumlist">' . '<span id="name' . getInt($row['group_id']) . '"';
if (!in_array($row['group_id'], $defaultGroups)) {
print ' style="color: #990000"';
}
print '>' . sanitizeHTML($row['group_name']) . '</span><br>' . '</td>' . '<td class="forumlist" style="text-align: right">' . '<select id="' . $row['group_id'] . '" name="groupaction" value="none" onChange="editGroup(this)">' . '<option value="none">-- ' . $_LANG['choose_action'] . '</option>';
if (!in_array($row['group_id'], $defaultGroups)) {
print '<option value="delete">' . $_LANG['remove_group'] . '</option>';
}
print '<option value="edit_name">' . $_LANG['edit_name'] . '</option>' . '</select></td>' . '</tr>';
}
print '</table>';
$db->close();
break;
case 'dump':
print $_LANG['generate_dump'];
print '<meta http-equiv="Refresh" content="0;url=' . BASEDIR . 'admin/dump.sql">';
require_once "../../../../../class/autoload.inc";
require_once "{$jqRoot}/php/jqGridPdo.php";
function getInt($key)
{
if (isset($_GET[$key])) {
return intval($_GET[$key]);
} else {
return -1;
}
}
//error_reporting(E_ALL);
//ini_set('error_reporting', E_ALL);
//ini_set('display_errors',1);
$dept_id = getInt('dept_id');
$major_id = getInt('major_id');
$class_id = getInt('class_id');
$sel = 'select s_id, s_user, s_pwd, s_num, s_name, s_mail, s_date, s_role, s_phone, reg_date, last_login,
edu_id, edu_name, dept_name, major_name, class_name, class_id from student join class using(class_id) join major using(major_id) join department using(dept_id) join education using(edu_id) ';
if ($class_id != -1) {
$sel .= "where class_id= {$class_id}";
} else {
if ($major_id != -1) {
$sel .= "where major_id= {$major_id}";
} else {
if ($dept_id != -1) {
$sel .= "where dept_id= {$dept_id}";
}
}
}
$conn = new DB_Connect();
$grid = new jqGridRender($conn);
print '<li class="contestmenu"><a class="contestmenu" href="' . BASEDIR . 'profile.' . PHPEXT . '">~ ' . $_LANG['user_panel'] . '</li>';
if (preg_match('/\\/' . $basedir . '\\/([0-9]+)/', $_SERVER['HTTP_REFERER'], $match)) {
$forum_id = getInt($match[1]);
$res = $db->query('select forum_postgroup from ' . $_CONF['dbprefix'] . 'forums ' . "where forum_id='" . $forum_id . "'");
$db->freeResult();
$forum_postgroup = getInt($res[0]['forum_postgroup']);
unset($res);
if ($userinfo['user_group'] <= $forum_postgroup) {
print '<li class="contestmenu"><a class="contestmenu" href="javascript:newTopic(' . BASEDIR . ',' . $forum_id . ')">~ New topic</a></li>';
}
}
}
print '<li class="contestmenu" style="border-bottom: 3px solid #fff"></li>';
$res = $db->query('select forum_id, forum_name, forum_viewgroup from ' . $_CONF['dbprefix'] . 'forums');
foreach ($res as $row) {
$forum_viewgroup = getInt($row['forum_viewgroup']);
if ($forum_viewgroup < USERLEV_ANY) {
if ($session->logged) {
if ($userinfo['user_group'] <= $forum_viewgroup) {
print '<li class="contestmenu"><a class="contestmenu" href="' . BASEDIR . $row['forum_id'] . '">' . $row['forum_name'] . '</a></li>' . "\n";
}
}
} else {
print '<li class="contestmenu"><a class="contestmenu" href="' . BASEDIR . $row['forum_id'] . '">' . $row['forum_name'] . '</a></li>' . "\n";
}
}
if ($session->logged) {
if (!$userinfo['user_disabled'] && $userinfo['user_group'] <= USERLEV_ADMIN) {
print '<li class="contestmenu" style="border-bottom: 3px solid #fff"></li>' . '<li class="contestmenu"><a class="contestmenu" href="' . BASEDIR . 'admin/index.' . PHPEXT . '">' . $_LANG['admin_panel'] . '</a></li>';
}
}
function readBriefing($hex)
{
$brief = array();
$brief['RunningTime'] = getShort($hex, 0);
$brief['Unknown'] = getShort($hex, 2);
$brief['StartLength'] = getShort($hex, 4);
$brief['EventLength'] = getInt($hex, 6);
// $eventHex = substr($hex, 10, 800);
//// $brief['EventHex'] = Hex::hexToStr($eventHex);
// $brief['Events'] = array();
// for ($i = 0; $i < $brief['EventLength']; $i++){
// list($length, $event) = $this->readBriefingEvent($eventHex);
// $eventHex = substr($eventHex, $length);
// $brief['Events'][] = (string)$event;
// }
$eventHex = substr($hex, 10, $brief['EventLength'] * 2);
while (strlen($eventHex)) {
list($length, $event) = $this->readBriefingEvent($eventHex);
$eventHex = substr($eventHex, $length);
$brief['Events'][] = (string) $event;
}
$hex = substr($hex, 810);
//tags, strings
$brief['Tags'] = array();
for ($t = 0; $t < 32; $t++) {
$tag = $this->readTag($hex);
$length = !empty($tag) ? strlen($tag) + 2 : 2;
$hex = substr($hex, $length);
if ($tag) {
$brief['Tags'][] = $tag;
}
}
$brief['Strings'] = array();
for ($s = 0; $s < 32; $s++) {
$tag = $this->readTag($hex);
$length = !empty($tag) ? strlen($tag) + 2 : 2;
$hex = substr($hex, $length);
if ($tag) {
$brief['Strings'][] = $tag;
}
}
$this->briefing = $brief;
return $hex;
}
if (!empty($new) && $row['forum_lasttime'] > $session->session_lasttime) {
print ' <i>[NEW]</i>';
}
}
print "<br>" . sanitizeHTML($row['forum_desc']) . "</td>\n";
print '<td class="forums">';
$topics = $db->query('select count(*) as num from ' . $_CONF['dbprefix'] . 'topics ' . 'where forum_id=' . getInt($row['forum_id']));
$db->freeResult();
$topics = getInt($topics[0]['num']);
if ($topics == 0) {
print $_LANG['no_posts'];
} else {
$lastuser = $db->query('select user_id, username from ' . $_CONF['dbprefix'] . 'users u join ' . $_CONF['dbprefix'] . 'posts p ' . 'on u.user_id=p.poster_id where p.post_id=' . getInt($row['forum_lastpost']));
$db->freeResult();
if (!empty($lastuser)) {
$user_id = getInt($lastuser[0]['user_id']);
$username = sanitizeHTML($lastuser[0]['username']);
unset($lastuser);
print $_LANG['latest_post'] . ': <a href="' . BASEDIR . 'user/' . $user_id . '">' . $username . '</a>';
print '<br>@ ' . @date('d M Y, h:i:s a', $lasttime) . '</td>' . "\n";
} else {
print $_LANG['latest_post'] . ': <span style="color: #a00">[anonymous]</span>';
print '<br>@ ' . @date('d M Y, h:i:s a', $lasttime) . '</td>' . "\n";
}
}
print "<td class=\"forums\">" . $row['forum_topics'] . "</td><td class=\"forumsnoright\">" . $row['forum_posts'] . "</td></tr>";
}
$db->close();
?>
</table>
if ($user[0]['user_website']) {
$website = sanitizeHTML($user[0]['user_website']);
print '<tr><td class="userinfoentry">web:</td>' . '<td class="userinfoentry" style="text-align: right">' . $website . "</td></tr>\n";
}
if ($user[0]['user_msn']) {
$msn = sanitizeHTML($user[0]['user_msn']);
$msn = preg_replace('/@/', '<AT>', $msn);
$msn = preg_replace('/\\./', '<DOT>', $msn);
print '<tr><td class="userinfoentry">msn:</td>' . '<td class="userinfoentry" style="text-align: right">' . $msn . "</td></tr>\n";
}
?>
<tr>
<td class="userinfoentry">.</td>
<td class="userinfoentry" style="text-align: right"><a href="javascript:sendMessage(<?php
print getInt($user[0]['user_id']) . ",'" . BASEDIR . "'";
?>
)"><?php
print $_LANG['send_pm'];
?>
</a></td>
</tr>
<tr>
<td class="userinfoentry">.</td>
<td class="userinfoentry" style="text-align: right">
<a href="<?php
print BASEDIR;
?>
messagesByUser.<?php
print PHPEXT;
die;
}
$db = new nullBB_Database($_CONF, $_LANG);
$forum_id = getInt($_POST['forum_id']);
$forum = $db->query('select forum_id from ' . $_CONF['dbprefix'] . 'forums where ' . 'forum_id = ' . $forum_id);
$db->freeResult();
if (empty($forum)) {
require_once ABSOLUTE_BASEPATH . '/header.' . PHPEXT;
notification($_LANG['invalid_forum'], $_SERVER['HTTP_REFERER'], 3);
die;
}
$res = $db->query('select forum_postgroup from ' . $_CONF['dbprefix'] . 'forums where ' . "forum_id='" . $forum_id . "'");
$db->freeResult();
$forum_postgroup = getInt($res[0]['forum_postgroup']);
unset($res);
if ($userinfo['user_group'] > $forum_postgroup) {
require_once ABSOLUTE_BASEPATH . '/header.' . PHPEXT;
notification($_LANG['insufficient_privileges'], $_SERVER['HTTP_REFERER'], 3);
die;
}
$user_id = getInt($session->user_id);
$topic_title = sanitizeQuery($_POST['topic_title']);
unset($forum);
$db->query('insert into ' . $_CONF['dbprefix'] . 'topics(forum_id, topic_title, topic_poster, topic_time) values(' . "'{$forum_id}', '{$topic_title}', '{$user_id}', '" . time() . "')");
$res = $db->query('select topic_id from ' . $_CONF['dbprefix'] . 'topics order by topic_id desc limit 1');
$db->freeResult();
$_POST['topic_id'] = $res[0]['topic_id'];
$topic_id = getInt($_POST['topic_id']);
unset($res);
$db->close();
require_once ABSOLUTE_BASEPATH . '/insertPost.' . PHPEXT;
/**
* Mehrsprachiger Wochentag eines Timestamps.
* @param integer nStamp, zu übergebenes Timestamp
* @param resources Res, Sprachobjekt
* @return string Wochentag als String (kurz)
*/
public static function getDayOfWeekShort($nStamp, resources &$Res)
{
$nStamp = getInt($nStamp);
$nRet = date("w", $nStamp);
if ($nRet == 0) {
$nRet = 7;
}
$sDay = self::getWeekdayShort($nRet, $Res);
return $sDay;
}
* this program. If not, see <http://www.gnu.org/licenses/>. *
**************************************************************************************************/
require_once '../config.ini';
require_once 'admin_head.' . PHPEXT;
$action = $_REQUEST['action'];
switch ($action) {
case 'new':
case 'delete':
case 'edit_name':
break;
default:
die;
break;
}
$defaultGroups = array(USERLEV_GOD, USERLEV_ADMIN, USERLEV_GLOBALMOD, USERLEV_MOD, USERLEV_USER, USERLEV_ANY, USERLEV_BANNED);
$gid = getInt($_REQUEST['gid']);
$db = new nullBB_Database($_CONF, $_LANG);
switch ($action) {
case 'delete':
if (in_array($gid, $default_groups)) {
print '<script>alert("' . $_LANG['no_delete_default_group'] . '")</script>' . '<meta http-equiv="Refresh" value="0;url=' . $_SERVER['HTTP_REFERER'] . '">';
die;
}
$db->query('update ' . $_CONF['dbprefix'] . 'users set user_group=' . USERLEV_USER . ' where user_group=' . $gid);
$db->query('delete from ' . $_CONF['dbprefix'] . 'groups where group_id=' . $gid);
header('Location: ' . $_SERVER['HTTP_REFERER']);
break;
case 'new':
$name = sanitizeQuery($_REQUEST['group_name']);
if (!$name) {
die;
/**************************************************************************************************
* nullBB - Light CMS forum *
* Copyright (C) 2009, BlackLight *
* *
* This program is free software: you can redistribute it and/or modify it under the terms of the *
* GNU General Public License as published by the Free Software Foundation, either version 3 of *
* the License, or (at your option) any later version. This program is distributed in the hope *
* that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for *
* more details. You should have received a copy of the GNU General Public License along with *
* this program. If not, see <http://www.gnu.org/licenses/>. *
**************************************************************************************************/
require_once '../config.ini';
require_once ABSOLUTE_BASEPATH . '/db.' . PHPEXT;
require_once ABSOLUTE_BASEPATH . '/utils.' . PHPEXT;
if (!$_GET['user']) {
die;
}
$db = new nullBB_Database($_CONF, $_LANG);
$user = sanitizeQuery($_GET['user']);
$user = str_replace('*', '%', $user);
$res = $db->query("select user_id, username from " . $_CONF['dbprefix'] . 'users ' . "where username like '" . $user . "'");
if (empty($res)) {
die;
}
foreach ($res as $row) {
print getInt($row['user_id']) . ' # ' . sanitizeHTML($row['username']) . "\n";
}
unset($res);
$db->freeResult();
$db->close();
<td class="searchresults" style="width: 55%"><a href="javascript:popupPrivmsg(<?php
print $msg_id . ",'" . BASEDIR . "', " . $from_id;
?>
)"><?php
if (!$row['privmsg_seen']) {
print '<b>';
}
print $subject;
if (!$row['privmsg_seen']) {
print '</b>';
}
?>
</a></td>
<td class="searchresults" style="width: 25%"><?php
print @date('d M Y, h:i:s a', getInt($row['privmsg_date']));
?>
<td class="searchresults"><a href="<?php
print BASEDIR . 'privmsgbyid.' . PHPEXT . '?del=1&msg_id=' . $msg_id;
?>
">x</a></td>
</tr>
<?php
}
?>
</table><br><br></div>
<?php