function __construct($skin = '') { if (empty($skin)) { $skin = get_my_skin(); } $this->skin = $skin; $this->cache = new Cache_Lite($GLOBALS['_cache_config']); }
function __construct() { require_once _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/photos.inc.php'; $this->_init(); if (func_num_args() == 1) { $more_args = func_get_arg(0); $this->config = array_merge($this->config, $more_args); } }
function __construct() { require_once _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/plugins/widget/osignal_feed/osignal_feed.class.php'; $this->_init(); if (func_num_args() == 1) { $more_args = func_get_arg(0); $this->config = array_merge($this->config, $more_args); } }
<?php /****************************************************************************** Etano =============================================================================== File: processors/ipn.php $Revision$ Software by: DateMill (http://www.datemill.com) Copyright by: DateMill (http://www.datemill.com) Support at: http://www.datemill.com/forum ******************************************************************************* * See the "docs/licenses/etano.txt" file for license. * ******************************************************************************/ require '../includes/common.inc.php'; require _BASEPATH_ . '/includes/user_functions.inc.php'; require _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/payment.inc.php'; $module_code = preg_replace('[^a-zA-Z0-9_]', '', sanitize_and_format_gpc($_REQUEST, 'p', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], '')); if (!empty($module_code)) { if (is_file(_BASEPATH_ . '/plugins/payment/' . $module_code . '/' . $module_code . '.class.php')) { include _BASEPATH_ . '/plugins/payment/' . $module_code . '/' . $module_code . '.class.php'; $class = 'payment_' . $module_code; $pay = new $class(); $pay->ipn(); } else { require _BASEPATH_ . '/includes/classes/log_error.class.php'; new log_error(array('module_name' => 'ipn', 'text' => 'Received a payment IPN for unexisting module: $_REQUEST:' . var_export($_REQUEST, true))); } } else { require _BASEPATH_ . '/includes/classes/log_error.class.php'; new log_error(array('module_name' => 'ipn', 'text' => 'Received a payment IPN without module code: $_REQUEST:' . var_export($_REQUEST, true))); }
<?php /****************************************************************************** Etano =============================================================================== File: processors/comment_delete.php $Revision$ Software by: DateMill (http://www.datemill.com) Copyright by: DateMill (http://www.datemill.com) Support at: http://www.datemill.com/forum ******************************************************************************* * See the "docs/licenses/etano.txt" file for license. * ******************************************************************************/ require '../includes/common.inc.php'; require _BASEPATH_ . '/includes/user_functions.inc.php'; require _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/comments.inc.php'; check_login_member('auth'); if (is_file(_BASEPATH_ . '/events/processors/comment_delete.php')) { include _BASEPATH_ . '/events/processors/comment_delete.php'; } $topass = array(); $comment_id = isset($_GET['comment_id']) ? (int) $_GET['comment_id'] : 0; if (!empty($comment_id)) { $comment_type = isset($_GET['comment_type']) ? $_GET['comment_type'] : ''; switch ($comment_type) { case 'blog': $table = "{$dbtable_prefix}comments_blog"; $parent_table = "{$dbtable_prefix}blog_posts"; $parent_key = "post_id"; break; case 'photo':
<?php /****************************************************************************** Etano =============================================================================== File: processors/search_delete.php $Revision$ Software by: DateMill (http://www.datemill.com) Copyright by: DateMill (http://www.datemill.com) Support at: http://www.datemill.com/forum ******************************************************************************* * See the "docs/licenses/etano.txt" file for license. * ******************************************************************************/ require '../includes/common.inc.php'; require _BASEPATH_ . '/includes/user_functions.inc.php'; require _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/my_searches.inc.php'; check_login_member('save_searches'); $topass = array(); $search_id = isset($_GET['sid']) ? (int) $_GET['sid'] : 0; $query = "DELETE FROM `{$dbtable_prefix}user_searches` WHERE `search_id`={$search_id} AND `fk_user_id`='" . $_SESSION[_LICENSE_KEY_]['user']['user_id'] . "'"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $topass['message']['type'] = MESSAGE_INFO; $topass['message']['text'] = $GLOBALS['_lang'][101]; $nextpage = 'my_searches.php'; if (!empty($_GET['return'])) { $input['return'] = sanitize_and_format_gpc($_GET, 'return', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], ''); $nextpage = $input['return']; } $nextpage = _BASEURL_ . '/' . $nextpage;
function save_thumbnail($image, $size, $save_path, $save_name, $config = array()) { $myreturn = false; $size = array($size, $size); if (empty($config['padding_type'])) { $config['padding_type'] = PAD_1SIDE; } if (empty($config['quality'])) { $config['quality'] = 90; } if ($imginfo = getimagesize($image)) { $orig_size = array($imginfo[0], $imginfo[1]); if ($orig_size[0] / $size[0] < $orig_size[1] / $size[1]) { $relevant_length = 1; } else { $relevant_length = 0; } if ($imginfo[2] == IMAGETYPE_GIF && function_exists('imagecreatefromgif')) { //gif $myimg = @imagecreatefromgif($image); } elseif ($imginfo[2] == IMAGETYPE_JPEG && function_exists('imagecreatefromjpeg')) { //jpg ob_start(); $myimg = @imagecreatefromjpeg($image); ob_end_flush(); } elseif ($imginfo[2] == IMAGETYPE_PNG && function_exists('imagecreatefrompng')) { //png $myimg = @imagecreatefrompng($image); } if (!empty($myimg)) { $new_size = array(); $mynewimg = ''; if ($orig_size[$relevant_length] > $size[$relevant_length]) { // scale down $new_size[$relevant_length] = $size[$relevant_length]; $new_size[1 - $relevant_length] = (int) ($orig_size[1 - $relevant_length] * ($size[$relevant_length] / $orig_size[$relevant_length])); if ($config['padding_type'] == PAD_1SIDE || $config['padding_type'] == PAD_2SIDES) { // $size=$size; // this is actually just PAD_1SIDE and the photo will be square } else { $size = $new_size; // no padding here, photo has original proportions } } else { // picture is smaller than the needed size $new_size = $orig_size; if ($config['padding_type'] == PAD_2SIDES) { //pad in both directions. square and big // $size=array($size,$size); } elseif ($config['padding_type'] == PAD_1SIDE) { // padding in one direction only. square but smaller $size = $orig_size[$relevant_length]; $size = array($size, $size); } else { // no padding. original proportions $size = $orig_size; } } $mynewimg = @imagecreatetruecolor($size[0], $size[1]); imagefilledrectangle($mynewimg, 0, 0, $size[0], $size[1], 0xffffff); $x = (int) (($size[0] - $new_size[0]) / 2); $y = (int) (($size[1] - $new_size[1]) / 2); if (defined('BICUBIC_RESAMPLE')) { imagecopyresamplebicubic($mynewimg, $myimg, $x, $y, 0, 0, $new_size[0], $new_size[1], $orig_size[0], $orig_size[1]); } else { fastimagecopyresampled($mynewimg, $myimg, $x, $y, 0, 0, $new_size[0], $new_size[1], $orig_size[0], $orig_size[1]); } if (!empty($config['watermark_text']) && function_exists('imagettftext')) { $config['watermark_text_color'] = str_pad($config['watermark_text_color'], 6, '0', STR_PAD_RIGHT); $text_color = imagecolorallocate($mynewimg, hexdec(substr($config['watermark_text_color'], 0, 2)), hexdec(substr($config['watermark_text_color'], 2, 2)), hexdec(substr($config['watermark_text_color'], 4, 2))); $text_color2 = imagecolorallocate($mynewimg, 255 - hexdec(substr($config['watermark_text_color'], 0, 2)), 255 - hexdec(substr($config['watermark_text_color'], 2, 2)), 255 - hexdec(substr($config['watermark_text_color'], 4, 2))); $font_size = 15; do { --$font_size; $text_box = imagettfbbox($font_size, 0, _BASEPATH_ . '/includes/fonts/arial.ttf', $config['watermark_text']); $textlen = $text_box[2] - $text_box[0] + 5; } while ($textlen > $new_size[0]); $watermark_x = (int) (($size[0] - $new_size[0]) / 2) + 5; $watermark_y = $new_size[1] + (int) (($size[1] - $new_size[1]) / 2) - 20; //shadow first imagettftext($mynewimg, $font_size, 0, $watermark_x, $watermark_y, $text_color2, _BASEPATH_ . '/includes/fonts/arial.ttf', $config['watermark_text']); //text second imagettftext($mynewimg, $font_size, 0, $watermark_x + 1, $watermark_y + 1, $text_color, _BASEPATH_ . '/includes/fonts/arial.ttf', $config['watermark_text']); } if (!empty($config['watermark_image']) && is_file($config['watermark_image'])) { $wm_image = @imagecreatefrompng($config['watermark_image']); $wm_image_width = imagesx($wm_image); $wm_image_height = imagesy($wm_image); $wm_image_x = (int) (($size[0] - $new_size[0]) / 2) + 5; $wm_image_y = $new_size[1] + (int) (($size[1] - $new_size[1]) / 2) - $wm_image_height; if (defined('BICUBIC_RESAMPLE')) { imagecopyresamplebicubic($mynewimg, $wm_image, $wm_image_x, $wm_image_y, 0, 0, $wm_image_width, $wm_image_height, $wm_image_width, $wm_image_height); } else { fastimagecopyresampled($mynewimg, $wm_image, $wm_image_x, $wm_image_y, 0, 0, $wm_image_width, $wm_image_height, $wm_image_width, $wm_image_height); } } if (!empty($config['round_corners'])) { $skin = get_my_skin(); imagealphablending($mynewimg, true); // put the corners $corner = @imagecreatefrompng(_BASEPATH_ . '/skins_site/' . $skin . '/images/corner_tl.png'); imagecopy($mynewimg, $corner, 0, 0, 0, 0, 7, 7); $corner = @imagecreatefrompng(_BASEPATH_ . '/skins_site/' . $skin . '/images/corner_tr.png'); imagecopy($mynewimg, $corner, $size[0] - 7, 0, 0, 0, 7, 7); $corner = @imagecreatefrompng(_BASEPATH_ . '/skins_site/' . $skin . '/images/corner_bl.png'); imagecopy($mynewimg, $corner, 0, $size[1] - 7, 0, 0, 7, 7); $corner = @imagecreatefrompng(_BASEPATH_ . '/skins_site/' . $skin . '/images/corner_br.png'); imagecopy($mynewimg, $corner, $size[0] - 7, $size[1] - 7, 0, 0, 7, 7); // draw the border lines $border_color = imagecolorallocate($mynewimg, 0xcc, 0xcc, 0xcc); imageline($mynewimg, 7, 0, $size[0] - 8, 0, $border_color); //tl->tr imageline($mynewimg, $size[0] - 1, 7, $size[0] - 1, $size[1] - 8, $border_color); //tr->br imageline($mynewimg, 7, $size[1] - 1, $size[0] - 8, $size[1] - 1, $border_color); //bl->br imageline($mynewimg, 0, 7, 0, $size[1] - 8, $border_color); //tl->bl } $myreturn = imagejpeg($mynewimg, $save_path . '/' . $save_name . '.jpg', $config['quality']); } else { $myreturn = false; } } else { $myreturn = false; } if (!empty($myimg)) { imagedestroy($myimg); } if (!empty($mynewimg)) { imagedestroy($mynewimg); } return $myreturn; }
File: my_networks.php $Revision$ Software by: DateMill (http://www.datemill.com) Copyright by: DateMill (http://www.datemill.com) Support at: http://www.datemill.com/forum ******************************************************************************* * See the "docs/licenses/etano.txt" file for license. * ******************************************************************************/ require 'includes/common.inc.php'; require _BASEPATH_ . '/includes/user_functions.inc.php'; require _BASEPATH_ . '/includes/network_functions.inc.php'; require _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/net.inc.php'; check_login_member('manage_networks'); $tpl = new phemplate(_BASEPATH_ . '/skins_site/' . get_my_skin() . '/', 'remove_nonjs'); require _BASEPATH_ . '/includes/classes/user_cache.class.php'; $user_cache = new user_cache(get_my_skin()); $query = "SELECT `net_id`,`network` FROM `{$dbtable_prefix}networks`"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $networks = array(); $i = 0; while ($rsrow = mysql_fetch_assoc($res)) { $rsrow['network'] = sanitize_and_format($rsrow['network'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]); $net_members = get_network_members($_SESSION[_LICENSE_KEY_]['user']['user_id'], $rsrow['net_id'], 4); if (!empty($net_members)) { $rsrow['members'] = $user_cache->get_cache_tpl($net_members, 'result_user'); } if (!empty($rsrow['members'])) { $rsrow['see_all'] = true; $networks[] = $rsrow;
$input['error_email'] = 'red_border'; } if (!$error) { $query = "SELECT `" . USER_ACCOUNT_ID . "` FROM `" . USER_ACCOUNTS_TABLE . "` WHERE `email`='" . $input['email'] . "' LIMIT 1"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (mysql_num_rows($res)) { $error = true; $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'][] = sprintf($GLOBALS['_lang'][204], $input['email']); $input['error_email'] = 'red_border'; } } if (!$error) { $query = "REPLACE INTO `{$dbtable_prefix}user_settings2` SET `fk_user_id`='" . $_SESSION[_LICENSE_KEY_]['user']['user_id'] . "',`config_option`='new_email',`config_value`='" . $input['email'] . "'"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $input['email2'] = rawurlencode($input['email']); send_template_email($input['email'], sprintf($GLOBALS['_lang'][40], _SITENAME_), 'email_change_confirm.html', get_my_skin(), $input); $topass['message']['type'] = MESSAGE_INFO; $topass['message']['text'][] = $GLOBALS['_lang'][39]; } else { // you must re-read all textareas from $_POST like this: // $input['x']=addslashes_mq($_POST['x']); $input = sanitize_and_format($input, TYPE_STRING, FORMAT_HTML2TEXT_FULL | FORMAT_STRIPSLASH); $topass['input'] = $input; } } redirect2page($nextpage, $topass, $qs);
<?php /****************************************************************************** Etano =============================================================================== File: processors/login.php $Revision$ Software by: DateMill (http://www.datemill.com) Copyright by: DateMill (http://www.datemill.com) Support at: http://www.datemill.com/forum ******************************************************************************* * See the "docs/licenses/etano.txt" file for license. * ******************************************************************************/ require '../includes/common.inc.php'; require _BASEPATH_ . '/includes/user_functions.inc.php'; require _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/login.inc.php'; if (is_file(_BASEPATH_ . '/events/processors/login.php')) { include _BASEPATH_ . '/events/processors/login.php'; } $score_threshold = 600; // seconds $error = false; $topass = array(); $nextpage = 'login.php'; $qs = ''; $qssep = ''; if ($_SERVER['REQUEST_METHOD'] == 'POST') { $user = strtolower(sanitize_and_format_gpc($_POST, 'user', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], '')); $pass = sanitize_and_format_gpc($_POST, 'pass', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], ''); if (!empty($user) && !empty($pass)) { $log['level'] = 'login';
} } if (!$error) { if ($input['page'] == 1) { $input['temp_pass'] = md5(gen_pass(6)); $query = "INSERT IGNORE INTO `" . USER_ACCOUNTS_TABLE . "` SET `" . USER_ACCOUNT_USER . "`='" . $input['user'] . "',`" . USER_ACCOUNT_PASS . "`=md5('" . $input['pass'] . "'),`email`='" . $input['email'] . "',`membership`=2,`status`=" . ASTAT_UNVERIFIED . ",`temp_pass`='" . $input['temp_pass'] . "'"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $_SESSION[_LICENSE_KEY_]['user']['reg_id'] = mysql_insert_id(); $_SESSION[_LICENSE_KEY_]['user']['user'] = $input['user']; // for `dsb_payments` $_SESSION[_LICENSE_KEY_]['user']['email'] = $input['email']; // for info_signup.html $input['uid'] = $_SESSION[_LICENSE_KEY_]['user']['reg_id']; send_template_email($input['email'], sprintf($GLOBALS['_lang'][70], _SITENAME_), 'confirm_reg.html', get_my_skin(), $input); } $query = "SELECT `fk_user_id` FROM `{$dbtable_prefix}user_profiles` WHERE `fk_user_id`=" . $_SESSION[_LICENSE_KEY_]['user']['reg_id']; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $is_update = false; if (mysql_num_rows($res)) { $is_update = true; } $now = gmdate('YmdHis'); if ($is_update) { $query = "UPDATE `{$dbtable_prefix}user_profiles` SET `last_changed`='{$now}'"; } else { $query = "INSERT INTO `{$dbtable_prefix}user_profiles` SET `fk_user_id`='" . $_SESSION[_LICENSE_KEY_]['user']['reg_id'] . "',`last_changed`='{$now}',`date_added`='{$now}',`score`='" . add_member_score(0, 'join', 1, true) . "'"; }
Etano =============================================================================== File: profile.php $Revision$ Software by: DateMill (http://www.datemill.com) Copyright by: DateMill (http://www.datemill.com) Support at: http://www.datemill.com/forum ******************************************************************************* * See the "docs/licenses/etano.txt" file for license. * ******************************************************************************/ //define('CACHE_LIMITER','private'); require_once 'includes/common.inc.php'; require_once 'includes/user_functions.inc.php'; require_once 'includes/network_functions.inc.php'; check_login_member('profile_view'); $tpl = new phemplate(_BASEPATH_ . '/skins_site/' . get_my_skin() . '/', 'remove_nonjs'); $uid = 0; if (!empty($_GET['uid'])) { $uid = (string) (int) $_GET['uid']; } elseif (isset($_GET['user'])) { $user = sanitize_and_format($_GET['user'], TYPE_STRING, $__field2format[FIELD_TEXTFIELD]); $uid = get_userid_by_user($user); } elseif (!empty($_SESSION[_LICENSE_KEY_]['user']['user_id'])) { $uid = (string) $_SESSION[_LICENSE_KEY_]['user']['user_id']; } else { redirect2page('index.php'); } if (!empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) && $_SESSION[_LICENSE_KEY_]['user']['user_id'] == $uid) { redirect2page('my_profile.php'); } $output = array();
<?php /****************************************************************************** Etano =============================================================================== File: processors/contact.php $Revision$ Software by: DateMill (http://www.datemill.com) Copyright by: DateMill (http://www.datemill.com) Support at: http://www.datemill.com/forum ******************************************************************************* * See the "docs/licenses/etano.txt" file for license. * ******************************************************************************/ require '../includes/common.inc.php'; require _BASEPATH_ . '/includes/user_functions.inc.php'; require _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/contact.inc.php'; check_login_member('contact'); if (is_file(_BASEPATH_ . '/events/processors/contact.php')) { include _BASEPATH_ . '/events/processors/contact.php'; } $error = false; $qs = ''; $qs_sep = ''; $topass = array(); $nextpage = 'contact.php'; if ($_SERVER['REQUEST_METHOD'] == 'POST') { $input = array(); // get the input we need and sanitize it $input['fk_user_id'] = !empty($_SESSION[_LICENSE_KEY_]['user']['user_id']) ? $_SESSION[_LICENSE_KEY_]['user']['user_id'] : 0; $input['subject'] = sanitize_and_format_gpc($_POST, 'subject', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], ''); $input['name'] = sanitize_and_format_gpc($_POST, 'name', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], '');
Support at: http://www.datemill.com/forum ******************************************************************************* * See the "docs/licenses/etano.txt" file for license. * ******************************************************************************/ if (!defined('_LICENSE_KEY_')) { die('Hacking attempt'); } include _BASEPATH_ . '/includes/logs.inc.php'; include _BASEPATH_ . '/includes/site_bans.inc.php'; $_access_level = array(); require _BASEPATH_ . '/includes/access_levels.inc.php'; require_once _BASEPATH_ . '/includes/general_functions.inc.php'; $tplvars['tplurl'] = _BASEURL_ . '/skins_site/' . get_my_skin(); $tplvars['tplrelpath'] = $GLOBALS['relative_path'] . 'skins_site/' . get_my_skin(); $GLOBALS['_lang'] = array(); require _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/global.inc.php'; $accepted_months = array($GLOBALS['_lang'][166], $GLOBALS['_lang'][167], $GLOBALS['_lang'][168], $GLOBALS['_lang'][169], $GLOBALS['_lang'][170], $GLOBALS['_lang'][171], $GLOBALS['_lang'][172], $GLOBALS['_lang'][173], $GLOBALS['_lang'][174], $GLOBALS['_lang'][175], $GLOBALS['_lang'][176], $GLOBALS['_lang'][177], $GLOBALS['_lang'][178]); $_pfields = array(); $_pcats = array(); require _BASEPATH_ . '/includes/fields.inc.php'; if (!empty($_SESSION[_LICENSE_KEY_]['user']['user_id'])) { $_SESSION[_LICENSE_KEY_]['user']['user_id'] = (int) $_SESSION[_LICENSE_KEY_]['user']['user_id']; $tplvars['user_logged'] = true; } else { $_SESSION[_LICENSE_KEY_]['user']['user'] = '******'; $_SESSION[_LICENSE_KEY_]['user']['membership'] = 1; } $tplvars['myself'] = $_SESSION[_LICENSE_KEY_]['user']; $GLOBALS['_list_of_online_members'] = get_online_ids(); $GLOBALS['page_last_modified_time'] = isset($_SESSION[_LICENSE_KEY_]['user']['loginout']) ? $_SESSION[_LICENSE_KEY_]['user']['loginout'] : 0; // need this for cache control - the Last-Modified header
<?php /****************************************************************************** Etano =============================================================================== File: processors/pass_change.php $Revision$ Software by: DateMill (http://www.datemill.com) Copyright by: DateMill (http://www.datemill.com) Support at: http://www.datemill.com/forum ******************************************************************************* * See the "docs/licenses/etano.txt" file for license. * ******************************************************************************/ require '../includes/common.inc.php'; require _BASEPATH_ . '/includes/user_functions.inc.php'; require _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/pass_change.inc.php'; if (is_file(_BASEPATH_ . '/events/processors/pass_change.php')) { include _BASEPATH_ . '/events/processors/pass_change.php'; } $error = false; $qs = ''; $qs_sep = ''; $topass = array(); $nextpage = 'my_settings.php'; if ($_SERVER['REQUEST_METHOD'] == 'POST') { $input = array(); // get the input we need and sanitize it $input['pass'] = sanitize_and_format_gpc($_POST, 'pass', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], ''); $input['pass2'] = sanitize_and_format_gpc($_POST, 'pass2', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], ''); if ($input['pass'] != $input['pass2']) { $error = true;
<?php /****************************************************************************** Etano =============================================================================== File: ajax/rate_item.php $Revision: 610 $ Software by: DateMill (http://www.datemill.com) Copyright by: DateMill (http://www.datemill.com) Support at: http://www.datemill.com/forum ******************************************************************************* * See the "docs/licenses/etano.txt" file for license. * ******************************************************************************/ require_once dirname(__FILE__) . '/../includes/common.inc.php'; require_once dirname(__FILE__) . '/../includes/user_functions.inc.php'; require_once _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/rating.inc.php'; $output = ''; $error = false; $id = 0; $qs = ''; $vote_type = ''; $topass = array(); if (!empty($_SESSION[_LICENSE_KEY_]['user']['user_id'])) { if (!empty($_REQUEST['t']) && !empty($_REQUEST['id']) && !empty($_REQUEST['vote'])) { $vote_type = $_REQUEST['t']; $id = (int) $_REQUEST['id']; $vote = (int) $_REQUEST['vote']; if ($vote_type == 'photo') { $parent_field = "photo_id"; $parent_table = "{$dbtable_prefix}user_photos"; $table = "{$dbtable_prefix}rating_photo";
function __construct() { require_once _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/payment.inc.php'; $this->_init(); }
/****************************************************************************** Etano =============================================================================== File: processors/filters_addedit.php $Revision$ Software by: DateMill (http://www.datemill.com) Copyright by: DateMill (http://www.datemill.com) Support at: http://www.datemill.com/forum ******************************************************************************* * See the "docs/licenses/etano.txt" file for license. * ******************************************************************************/ require '../includes/common.inc.php'; require _BASEPATH_ . '/includes/user_functions.inc.php'; require _BASEPATH_ . '/includes/tables/message_filters.inc.php'; require _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/mailbox.inc.php'; check_login_member('manage_folders'); if (is_file(_BASEPATH_ . '/events/processors/filters_addedit.php')) { include _BASEPATH_ . '/events/processors/filters_addedit.php'; } $error = false; $qs = ''; $qs_sep = ''; $topass = array(); $nextpage = 'filters.php'; $input = array(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { // get the input we need and sanitize it foreach ($message_filters_default['types'] as $k => $v) { $input[$k] = sanitize_and_format_gpc($_POST, $k, $__field2type[$v], $__field2format[$v], $message_filters_default['defaults'][$k]); }
} } unset($_SESSION['captcha_word']); if (!$error) { $query = "SELECT `" . USER_ACCOUNT_ID . "` as `uid`,`" . USER_ACCOUNT_USER . "` as `user`,`email` FROM `" . USER_ACCOUNTS_TABLE . "` WHERE `email`='" . $input['email'] . "' LIMIT 1"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (mysql_num_rows($res)) { $input = mysql_fetch_assoc($res); $input['temp_pass'] = md5(gen_pass(6)); $input['ipaddr'] = $_SERVER['REMOTE_ADDR']; $query = "UPDATE `" . USER_ACCOUNTS_TABLE . "` SET `temp_pass`='" . $input['temp_pass'] . "' WHERE `" . USER_ACCOUNT_ID . "`=" . $input['uid']; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } send_template_email($input['email'], sprintf($GLOBALS['_lang'][225], _SITENAME_), 'pass_reset.html', get_my_skin(), $input); $topass['message']['type'] = MESSAGE_INFO; $topass['message']['text'] = $GLOBALS['_lang'][89]; } else { $topass['message']['type'] = MESSAGE_ERROR; $topass['message']['text'] = $GLOBALS['_lang'][90]; } } else { // you must re-read all textareas from $_POST like this: // $input['x']=addslashes_mq($_POST['x']); $input = sanitize_and_format($input, TYPE_STRING, FORMAT_HTML2TEXT_FULL | FORMAT_STRIPSLASH); $topass['input'] = $input; } } redirect2page($nextpage, $topass, $qs);
/****************************************************************************** Etano =============================================================================== File: processors/photo_settings.php $Revision$ Software by: DateMill (http://www.datemill.com) Copyright by: DateMill (http://www.datemill.com) Support at: http://www.datemill.com/forum ******************************************************************************* * See the "docs/licenses/etano.txt" file for license. * ******************************************************************************/ require '../includes/common.inc.php'; require _BASEPATH_ . '/includes/user_functions.inc.php'; require _BASEPATH_ . '/includes/tables/user_photos.inc.php'; require _BASEPATH_ . '/skins_site/' . get_my_skin() . '/lang/photos.inc.php'; check_login_member('upload_photos'); if (is_file(_BASEPATH_ . '/events/processors/photo_settings.php')) { include _BASEPATH_ . '/events/processors/photo_settings.php'; } $error = false; $qs = ''; $qs_sep = ''; $topass = array(); $nextpage = 'my_photos.php'; if ($_SERVER['REQUEST_METHOD'] == 'POST') { $input = array(); // get the input we need and sanitize it foreach ($user_photos_default['types'] as $k => $v) { $input[$k] = sanitize_and_format_gpc($_POST, $k, $__field2type[$v], $__field2format[$v], array()); }
function process(&$input, $type) { global $dbtable_prefix, $tpl; if (!isset($tpl)) { $tpl = new phemplate(_BASEPATH_ . '/skins_site/' . get_my_skin() . '/', 'remove_nonjs'); } // require_once _BASEPATH_.'/includes/classes/log_error.class.php'; // new log_error(array('module_name'=>get_class($this),'text'=>$type.': new notif from paypal: $_POST:'.var_export($_POST,true).' $_GET:'.var_export($_GET,true).' $input:'.var_export($input,true))); if (strcasecmp($input['business'], $this->config['paypal_email']) == 0 || strcasecmp($input['receiver_email'], $this->config['paypal_email']) == 0) { // some transformations parse_str($input['custom'], $temp); if (!empty($temp['uid'])) { $input['user_id'] = $temp['uid']; } $input['dm_item_type'] = $temp['dit']; $input['business'] = strtolower($input['business']); $input['receiver_email'] = strtolower($input['receiver_email']); $input['first_name'] = ucwords(strtolower($input['first_name'])); $input['last_name'] = ucwords(strtolower($input['last_name'])); $query = "SELECT get_lock('" . $input['txn_id'] . "',10)"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (mysql_result($res, 0, 0) == 1) { $query = "SELECT `payment_id`,`is_subscr`,`name`,`is_suspect` FROM `{$dbtable_prefix}payments` WHERE `gw_txn`='" . $input['txn_id'] . "' AND `date`>=now()-INTERVAL 1 DAY"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (mysql_num_rows($res)) { // the other process already did the job. Let's release the lock if ($type == 'pdt') { $output = mysql_fetch_assoc($res); // tell member that he will receive everything by email if ($output['is_subscr']) { if ($output['is_suspect']) { $tpl->set_file('gateway_text', 'thankyou_subscr_nok.html'); } else { $tpl->set_file('gateway_text', 'thankyou_subscr_ok.html'); } } else { $tpl->set_file('gateway_text', 'thankyou_prod_nok.html'); } $tpl->set_var('output', $output); $tpl->process('gateway_text', 'gateway_text', TPL_OPTIONAL); } $query = "SELECT release_lock('" . $input['txn_id'] . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } } else { // we arrived before the other process, let's do the dirty work... if ($input['dm_item_type'] == 'subscr') { $query = "SELECT `" . USER_ACCOUNT_ID . "` as `user_id`,`" . USER_ACCOUNT_USER . "` as `user` FROM `" . USER_ACCOUNTS_TABLE . "` WHERE `" . USER_ACCOUNT_ID . "`=" . $input['user_id']; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (mysql_num_rows($res)) { $real_user = mysql_fetch_assoc($res); if (strcasecmp($input['txn_type'], 'web_accept') == 0 || strcasecmp($input['txn_type'], 'send_money') == 0 || strcasecmp($input['txn_type'], 'subscr_payment') == 0) { if (strcasecmp($input['payment_status'], 'Completed') == 0) { $query = "SELECT `subscr_id`,`price`,`m_value_to`,`duration` FROM `{$dbtable_prefix}subscriptions` WHERE `subscr_id`=" . $input['item_number'] . " AND `is_visible`=1"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (mysql_num_rows($res)) { $real_subscr = mysql_fetch_assoc($res); if (number_format($real_subscr['price'], 2) == number_format($input['mc_gross'], 2)) { if ($input['test_ipn'] != 1 || $this->config['demo_mode'] == 1 && $input['test_ipn'] == 1) { require_once _BASEPATH_ . '/includes/iso31661a2.inc.php'; if (isset($GLOBALS['iso31661a2'][$input['residence_country']])) { $input['country'] = $GLOBALS['iso31661a2'][$input['residence_country']]; $input['email'] = $input['payer_email']; $this->check_fraud($input); } else { $this->is_fraud = true; $this->fraud_reason = 'Invalid country code received from paypal. Please contact administrator.'; require_once _BASEPATH_ . '/includes/classes/log_error.class.php'; new log_error(array('module_name' => get_class($this), 'text' => 'country code received from paypal not found in iso31661a2.inc.php file' . array2qs($_POST))); } if (!empty($real_subscr['duration'])) { // if the old subscription is not over yet, we need to extend the new one with some days $query = "SELECT a.`payment_id`,UNIX_TIMESTAMP(a.`paid_until`) as `paid_until`,b.`price`,b.`duration` FROM `{$dbtable_prefix}payments` a LEFT JOIN `{$dbtable_prefix}subscriptions` b ON a.`fk_subscr_id`=b.`subscr_id` WHERE a.`fk_user_id`=" . $real_user['user_id'] . " AND a.`refunded`=0 AND a.`is_active`=1 AND a.`is_subscr`=1 AND a.`m_value_to`>2 ORDER BY a.`paid_until` DESC LIMIT 1"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (mysql_num_rows($res)) { $rsrow = mysql_fetch_assoc($res); $time = mktime(gmdate('H'), gmdate('i'), gmdate('s'), gmdate('m'), gmdate('d'), gmdate('Y')); if ((int) $rsrow['paid_until'] > (int) $time) { $remaining_days = ((int) $rsrow['paid_until'] - (int) $time) / 86400; //86400 seconds in a day if ($remaining_days > 0) { $remaining_value = (int) $rsrow['price'] / (int) $rsrow['duration'] * $remaining_days; $day_value_new = (int) $real_subscr['price'] / (int) $real_subscr['duration']; $days_append = round($remaining_value / $day_value_new); $real_subscr['duration'] = (int) $real_subscr['duration']; $real_subscr['duration'] += $days_append; } } } } $now = gmdate('Ymd'); // all old active subscriptions end now! $query = "UPDATE `{$dbtable_prefix}payments` SET `paid_until`='{$now}',`is_active`=0 WHERE `fk_user_id`=" . $real_user['user_id'] . " AND `is_active`=1 AND `is_subscr`=1"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } // insert the new subscription $query = "INSERT INTO `{$dbtable_prefix}payments` SET `is_active`=1,`fk_user_id`=" . $real_user['user_id'] . ",`_user`='" . $real_user['user'] . "',`gateway`='" . $this->module_code . "',`is_subscr`=1,`fk_subscr_id`=" . $real_subscr['subscr_id'] . ",`gw_txn`='" . $input['txn_id'] . "',`name`='" . $input['first_name'] . ' ' . $input['last_name'] . "',`country`='" . $input['country'] . "',`email`='" . $input['payer_email'] . "',`m_value_to`=" . $real_subscr['m_value_to'] . ",`amount_paid`='" . $input['mc_gross'] . "',`is_suspect`=" . (int) $this->is_fraud . ",`suspect_reason`='" . $this->fraud_reason . "',`paid_from`='{$now}',`date`=now()"; if (!empty($real_subscr['duration'])) { $query .= ",`paid_until`='{$now}'+INTERVAL " . $real_subscr['duration'] . ' DAY'; } if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (!$this->is_fraud) { $query = "UPDATE `" . USER_ACCOUNTS_TABLE . "` SET `membership`=" . $real_subscr['m_value_to'] . " WHERE `" . USER_ACCOUNT_ID . "`=" . $real_user['user_id']; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } $myreturn = true; add_member_score($real_user['user_id'], 'payment'); if ($type == 'pdt') { $tpl->set_file('gateway_text', 'thankyou_subscr_ok.html'); } } else { if ($type == 'pdt') { $output['name'] = $input['card_holder_name']; $tpl->set_file('gateway_text', 'thankyou_subscr_nok.html'); $tpl->set_var('output', $output); $tpl->process('gateway_text', 'gateway_text', TPL_OPTIONAL); } // DEPT_ADMIN from includes/admin_functions.inc.php is hardcoded below as 4 $query = "SELECT `email` FROM `{$dbtable_prefix}admin_accounts` WHERE `dept_id`=4 ORDER BY `admin_id` DESC LIMIT 1"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (mysql_num_rows($res)) { send_template_email(mysql_result($res, 0, 0), 'Possible fraud detected on ' . _SITENAME_ . ', please investigate', '', '', array(), $this->module_code . ' TXN: ' . $input['txn_id'] . ': ' . $this->fraud_reason); } } } else { // a demo transaction when we're not in demo mode if ($type == 'pdt') { $tpl->set_var('gateway_text', $GLOBALS['_lang'][187]); } require_once _BASEPATH_ . '/includes/classes/log_error.class.php'; new log_error(array('module_name' => get_class($this), 'text' => 'Demo transaction when demo is not enabled: ' . array2qs($_POST))); } } else { // paid price doesn't match the subscription price if ($type == 'pdt') { $tpl->set_var('gateway_text', $GLOBALS['_lang'][188]); } require_once _BASEPATH_ . '/includes/classes/log_error.class.php'; new log_error(array('module_name' => get_class($this), 'text' => 'Invalid amount paid: ' . array2qs($_POST))); } } else { // if the subscr_id was not found if ($type == 'pdt') { $tpl->set_var('gateway_text', $GLOBALS['_lang'][189]); } require_once _BASEPATH_ . '/includes/classes/log_error.class.php'; new log_error(array('module_name' => get_class($this), 'text' => 'Invalid subscr_id received after payment: ' . array2qs($_POST))); } } else { if ($type == 'pdt') { $tpl->set_var('gateway_text', $GLOBALS['_lang'][190]); } require_once _BASEPATH_ . '/includes/classes/log_error.class.php'; new log_error(array('module_name' => get_class($this), 'text' => 'Payment status not Completed: ' . $input['payment_status'] . "\n" . array2qs($_POST))); } } elseif (strcasecmp($input['txn_type'], 'subscr_eot') == 0) { $query = "SELECT `payment_id` FROM `{$dbtable_prefix}payments` WHERE `fk_user_id`=" . $real_user['user_id'] . " AND `fk_subscr_id`=" . $input['item_number'] . " AND `is_active`=1 ORDER BY `payment_id` DESC LIMIT 1"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } if (mysql_num_rows($res)) { $payment_id = mysql_result($res, 0, 0); $now = gmdate('Ymd'); $query = "UPDATE `{$dbtable_prefix}payments` SET `paid_until`='{$now}' WHERE `payment_id`={$payment_id}"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } } else { // invalid eot. require_once _BASEPATH_ . '/includes/classes/log_error.class.php'; new log_error(array('module_name' => get_class($this), 'text' => 'Received End of Term notification for a subscription but subscription doesn\'t exist or not active. Maybe this member has 2 running subscriptions? ' . array2qs($_POST))); } } else { // unhandled txn_type if ($type == 'pdt') { $tpl->set_var('gateway_text', $GLOBALS['_lang'][191]); } require_once _BASEPATH_ . '/includes/classes/log_error.class.php'; new log_error(array('module_name' => get_class($this), 'text' => 'Unhandled txn_type (probably not an error): ' . $input['txn_type'] . "\n" . array2qs($_POST))); } } else { // if the user_id was not found if ($type == 'pdt') { $tpl->set_var('gateway_text', $GLOBALS['_lang'][192]); } require_once _BASEPATH_ . '/includes/classes/log_error.class.php'; new log_error(array('module_name' => get_class($this), 'text' => 'Invalid user_id received after payment: ' . array2qs($_POST))); } } elseif ($input['dm_item_type'] == 'prod') { // no product support for now in Etano require_once _BASEPATH_ . '/includes/classes/log_error.class.php'; new log_error(array('module_name' => get_class($this), 'text' => 'Received dm_item_type=prod but we are not selling products: ' . array2qs($_POST))); } else { // dm_item_type is neither 'prod' nor 'subscr' if ($type == 'pdt') { $tpl->set_var('gateway_text', $GLOBALS['_lang'][193]); } require_once _BASEPATH_ . '/includes/classes/log_error.class.php'; new log_error(array('module_name' => get_class($this), 'text' => 'Invalid dm_item_type: ' . array2qs($_POST))); } // job done, release the lock $query = "SELECT release_lock('" . $input['txn_id'] . "')"; if (!($res = @mysql_query($query))) { trigger_error(mysql_error(), E_USER_ERROR); } } } else { // we could not obtain the lock. // The other process is taking too long but at least this should mean that it is handling this } } else { require_once _BASEPATH_ . '/includes/classes/log_error.class.php'; new log_error(array('module_name' => get_class($this), 'text' => 'Payment was not made into our account: ' . array2qs($_POST))); } }