function get_fb_friends($param)
{
$graph_url = $param->graph_url . '/' . $param->fbid . '/' . $param->connection . '?access_token=' . $param->token;
$fb = get_graphapi_data($graph_url);
$fbdata = $fb->data;
$cdate = date('Y-n-j H:i:s');
echo "inside get_fb_friends";
if ($fbdata) {
logme('updating friends if any');
}
$sql_insert = "INSERT INTO friends_raw_data(facebook_id,friends_fbid,friends_name,friend_location_name,fbdata,created_date) VALUES ";
$sql = '';
foreach ($fbdata as $data) {
$sql_select = sprintf("SELECT friends_fbid FROM friends_raw_data WHERE facebook_id='%s' AND friends_fbid='%s'", mysql_real_escape_string($param->fbid), mysql_real_escape_string($data->id));
$result = mysql_query($sql_select);
if (mysql_num_rows($result) == 0) {
$graph_url_of_friend = $param->graph_url . '/' . $data->id . '?access_token=' . $param->token;
$fb = get_graphapi_data($graph_url_of_friend);
$data_temp = serialize($data);
$sql .= sprintf(", ('%s','%s','%s','%s','%s','%s')", mysql_real_escape_string($param->fbid), mysql_real_escape_string($data->id), mysql_real_escape_string($data->name), mysql_real_escape_string(@$fb->location->name), mysql_real_escape_string($data_temp), $cdate);
}
echo "\n\nplease wait....{$data->id}\n\n";
}
if ($sql) {
$sql = substr($sql, 1);
$query = $sql_insert . $sql;
mysql_query($query);
}
//echo '<br/><br/>'.$query;
if (mysql_errno()) {
echo "error encoutered...";
logme(mysql_error() . '==' . $query);
die(mysql_errno() . ': ' . mysql_error() . '; ' . $query . "\n");
}
}
function __call( $name , $args){
$return = array();
$options = $args[7];
$options_from_function = $args[8];
if(file_exists(getcwd() . "/modules/systemtask." . $name . ".php" )){
include( "modules/systemtask." . $name . ".php");
} else {
$return["error"] = "Function $name does not exsist, Nor does file: " . getcwd() . "/modules/systemtask." . $name . ".php";
}
if( $return["stop"] != '' ){
$this->set_systemtask_stop( $args[1] , $name);
}
return $return;
logme( $args[2] , $args[3], 'systemtask_' . $name , "Arguments: \n" . print_r( $args , true ) . "\nReturn:\n" . print_r($return , true ) );
}
$newmessage = 'yes';
}
if ($pixie_reinstall === 'yes') {
logme('Pixie was re-installed... you should manually delete the directory named install, which is located inside the admin directory.', 'yes', 'error');
$newmessage = 'yes';
}
if ($newmessage === 'no') {
logme('Pixie was installed... remember to delete the install directory on your server.', 'yes', 'error');
}
if (strnatcmp(phpversion(), '5.1.0') >= 0) {
logme('Please ensure that the file .htaccess has the permission 644 and that the file admin/config.php has the permission 640. Please also turn on clean urls to help secure your Pixie site.', 'yes', 'error');
logme('Welcome to Pixie ' . $pixie_version . ' running on PHP ' . phpversion() . ' be sure to visit <a href ="http://www.getpixie.co.uk/" target="_blank">www.getpixie.co.uk</a> to check for updates.', 'no', 'site');
} else {
if (strnatcmp(phpversion(), '5.0.0') <= 0) {
logme('Please ensure that the file .htaccess has the permission 644 and that the file admin/config.php has the permission 640. Please also turn on clean urls to help secure your Pixie site.', 'yes', 'error');
logme('WARNING! Your current PHP version : ' . phpversion() . ' is depreciated and unsupported. Please consult your server Administrator about upgrading php for security reasons.', 'yes', 'error');
}
}
}
/* Needs language */
$emessage = "\nHi {$pixie_name},\nCongratulations! Pixie is now installed. Here are your login details :\n\nUsername : {$pixie_login_username}\nPassword : {$pixie_login_password}\n\nYou can visit : {$pixie_url} to view your site\nor {$pixie_url}admin to login.\n\nThank You for installing Pixie.\nWe hope you enjoy using it!\n\nwww.getpixie.co.uk\n\t\t\t ";
$subject = "Hi {$pixie_name}, Pixie was successfully installed.";
mail($pixie_email, $subject, $emessage);
$pixie_install_complete = 'Complete!';
}
}
if (!isset($error) && !$error) {
$pixie_step = 4;
} else {
$pixie_step = 3;
}
$file_tags = str_replace('_', " ", $field);
$multi_upload->upload_dir = $dir;
$multi_upload->message[] = $multi_upload->extra_text(4);
$multi_upload->do_filename_check = 'y';
$multi_upload->tmp_names_array = $_FILES['upload']['tmp_name'];
$multi_upload->names_array = $_FILES['upload']['name'];
$multi_upload->error_array = $_FILES['upload']['error'];
$multi_upload->replace = isset($_POST['replace']) ? $_POST['replace'] : 'n';
$multi_upload->extensions = array('.png', '.jpg', '.gif', '.zip', '.mp3', '.pdf', '.exe', '.rar', '.swf', '.vcf', '.css', '.dmg', '.php', '.doc', '.xls', '.xml', '.eps', '.rtf', '.iso', '.psd', '.txt', '.ppt', '.mov', '.flv', '.avi', '.m4v', '.mp4', '.gz', '.bz2', '.tar', '.7z', '.svg', '.svgz', '.lzma', '.sig', '.sign', '.js', '.rb', '.ttf', '.html', '.phtml', '.flac', '.ogg', '.wav', '.mkv', '.pls', '.m4a', '.xspf', '.ogv');
$multi_upload->upload_multi_files();
if (lastword($multi_upload->show_error_string()) == 'uploaded.') {
$sql = "file_name = '{$file_name}', file_extension = '{$file_ext}', file_type = '{$file_type}', tags = '{$file_tags}'";
$ok = safe_insert('pixie_files', $sql);
if (!$ok) {
$message = $lang['file_upload_error'];
} else {
$messageok = $multi_upload->show_error_string();
logme($messageok, 'no', 'folder');
safe_optimize('pixie_files');
safe_repair('pixie_files');
}
} else {
$message = $multi_upload->show_error_string();
}
print $message;
}
/* This file should be merged as an include or merged directly into another file instead of it being directly accessed like this. */
} else {
header('Location: ../../../');
exit;
}
function adminrss($s, $user)
{
global $site_name, $site_url, $s, $lang, $date_format;
if (safe_field('nonce', 'pixie_users', "nonce='{$user}'")) {
header('Content-type: text/xml');
// Note : header should ALWAYS go at the top of a document. See php header(); in the php manual.
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
?>
<rss version="2.0"
xmlns:content="http://purl.org/rss/1.0/modules/content/"
xmlns:wfw="http://wellformedweb.org/CommentAPI/"
xmlns:dc="http://purl.org/dc/elements/1.1/">
<channel>
<title><?php
echo "{$site_name} - " . $lang['latest_activity'] . ' (' . $lang['rss_feed'] . ')';
?>
</title>
<description><?php
echo "{$site_name} - " . $lang['latest_activity'] . "";
?>
</description>
<link><?php
echo "{$site_url}/admin/?s=myaccount&do=rss&user={$user}&referrer=rss";
?>
</link>
<generator>Pixie installed @ http://<?php
echo "{$site_url}";
?>
</generator>
<language>en</language>
<image>
<url><?php
echo "{$site_url}";
?>
files/images/rss_feed_icon.gif</url>
<link><?php
echo $site_url . "admin/?s=myaccount&do=rss&user={$user}&referrer=rss";
?>
</link>
<title><?php
echo "{$site_name}";
?>
</title>
</image>
<?php
$max = 60;
$data = safe_rows('*', 'pixie_log', "log_type = 'system' order by log_time desc");
$total = count($data);
if ($total) {
if ($total < $max) {
$max = $total;
}
}
$i = 0;
while ($i < $max) {
$out = $data[$i];
$title = $out['log_message'];
$link = $site_url;
$author = $out['user_id'];
$time = $out['log_time'];
$logunix = returnUnixtimestamp($time);
$time = safe_strftime('%a, %d %b %Y %H:%M:%S %z', $logunix);
$site = str_replace('http://', "", $site_url);
echo " \t\t\r\n\t\t<item>\r\n\t\t\t<title>({$site_name}) - {$author}: {$title}</title>\r\n\t\t\t<link>{$link}?referrer=rss</link>\r\n\t\t\t<author>{$author}</author>\r\n\t\t\t<pubdate>{$time}</pubdate>\r\n\t\t</item>";
$i++;
}
echo "\n\t</channel>\n</rss>";
} else {
// the user has attempted to access the RSS feed with an invalid nonce
logme($lang['rss_access_attempt'], 'yes', 'error');
echo $lang['rss_access_attempt'];
}
}
function save_comments_likes($param)
{
$sql_insert_raw_comment = 'INSERT INTO book_raw_comment(facebook_id,connection,fb_dataid,comment_id,comment_obj,fbdata_postedtime,status) VALUES ';
$sql_insert_comment = 'INSERT INTO book_comment(book_info_id,connection,fb_dataid,comment_id,comment_obj,page_num,fbdata_postedtime,status) VALUES ';
$sql_select = "SELECT fb_dataid FROM {$param->table_name} WHERE facebook_id='{$param->fbid}'";
$result = mysql_query($sql_select);
if ($fbdata) {
logme('updating comments and likes if any');
}
while ($row = mysql_fetch_object($result)) {
$sql_raw_comment = '';
$sql_comment = '';
$friends_that_commented = '';
$fb_dataid = $row->fb_dataid;
//get the comments for the object id
$graph_url = 'https://graph.facebook.com/fql?access_token=' . $param->token . '&q=' . urlencode('select id,text,fromid,time from comment where object_id=') . $fb_dataid;
$fb = get_graphapi_data($graph_url);
echo "\nprocessing...{$fb_dataid}";
foreach ($fb->data as $comment_data) {
if ($param->fbid != $comment_data->fromid) {
$friends_that_commented .= $comment_data->fromid . ';';
}
$comment_postedtime = date('Y-n-j H:i:s', $comment_data->time);
//lets modify the comment object so it will be the same as the fb tools explorer format
$from = create_from_obj($param, $comment_data->fromid);
$comment_data->from = $from;
$comment_data->created_time = $comment_postedtime;
$comment_data->message = $comment_data->text;
$comment = serialize($comment_data);
//end of modifying comment object
//check for duplicate first
$sql_select = "SELECT fb_dataid FROM book_raw_comment WHERE comment_id='" . trim($comment_data->id) . "'";
$result_comments = mysql_query($sql_select);
if (mysql_errno()) {
logme(mysql_error() . '==' . $query);
die(mysql_errno() . ': ' . mysql_error() . '; ' . $query_comment . "\n");
}
if (mysql_num_rows($result_comments) == 0) {
$sql_raw_comment .= sprintf(", ('%s','%s','%s','%s','%s','%s','%s')", $param->fbid, $param->connection, $fb_dataid, $comment_data->id, mysql_real_escape_string($comment), $comment_postedtime, 'active');
}
mysql_free_result($result_comments);
//we will try to add comment to all the book with the fb_dataid
$sql_select = "SELECT page_num,book_info_id FROM book_comment WHERE fb_dataid='" . trim($fb_dataid) . "'";
$result_comments = mysql_query($sql_select);
while ($row = mysql_fetch_object($result_comments)) {
$book_info_id = $row->book_info_id;
//check first if there is already inserted comment for the said book
$sql_select = "SELECT fb_dataid FROM book_comment WHERE book_info_id={$book_info_id} AND comment_id='" . trim($comment_data->id) . "'";
$result_ = mysql_query($sql_select);
if (mysql_num_rows($result_) == 0) {
$sql_comment .= sprintf(", ('%s','%s','%s','%s','%s','%s','%s','%s')", $book_info_id, $param->connection, $fb_dataid, $comment_data->id, mysql_real_escape_string($comment), $row->page_num, $comment_postedtime, 'new');
}
mysql_free_result($result_);
}
mysql_free_result($result_comments);
unset($from);
unset($comment_data);
unset($comment);
}
//end for
//insert into raw book comment in case there is a new comment on one of the objects in the book
if ($sql_raw_comment) {
$sql_raw_comment = substr($sql_raw_comment, 1);
$query_comment = $sql_insert_raw_comment . $sql_raw_comment;
mysql_query($query_comment);
if (mysql_errno()) {
logme(mysql_error() . '==' . $query);
die(mysql_errno() . ': ' . mysql_error() . '; ' . $query_comment . "\n");
}
}
//insert into the book_comment
if ($sql_comment) {
$sql_comment = substr($sql_comment, 1);
$query_comment = $sql_insert_comment . $sql_comment;
mysql_query($query_comment);
echo "<br/>{$query_comment}";
if (mysql_errno()) {
logme(mysql_error() . '==' . $query);
die(mysql_errno() . ': ' . mysql_error() . '; ' . $query_comment . "\n");
}
}
//end of gettings comments
//get the likes so we can make an update in one query
$graph_url = 'https://graph.facebook.com/fql??access_token=' . $param->token . '&q=' . urlencode('select user_id,object_type from like where object_id=') . trim($fb_dataid);
$fb = get_graphapi_data($graph_url);
$friends_that_like = format_friend_that_like($fb->data, $param);
//update the friends that liked and commented
$sql_update = "UPDATE {$param->table_name} \n\t\t\t\t\t\tSET friends_that_commented='{$friends_that_commented}',friends_that_like='{$friends_that_like}' \n\t\t\t\t\t\tWHERE facebook_id='{$param->fbid}' AND fb_dataid='{$fb_dataid}'";
mysql_query($sql_update);
}
}
}
} else {
$error = 'Please provide your email address.';
}
if (isset($error)) {
unset($contact_sub);
}
if (!isset($error)) {
$form_secret = $_POST['form_secret'];
if (isset($_SESSION['FORM_SECRET'])) {
if (strcasecmp($form_secret, $_SESSION['FORM_SECRET']) === 0) {
/* Check that the checksum we created on form submission is the same the posted FORM_SECRET */
mail($to, $subject, $message, $headers);
/* Send the mail */
$log_message = "{$uemail} sent a message to {$to} using the contact form.";
logme($log_message, 'no', 'site');
/* Log the action */
unset($_SESSION['FORM_SECRET']);
/* Unset the checksum */
} else {
/* Invalid secret key */
}
} else {
/* Secret key missing */
}
}
}
break;
// Head
// Head
case 'head':
$assoc['player_type'] = 'SC';
$assoc['player_position'] = trim($row['position']);
$assoc['player_score_year'] = trim($row['year']);
$assoc['player_round'] = trim($row['round']);
$assoc['player_price'] = trim($row['price']);
$assoc['player_score_val'] = trim($row['score']);
$insertArray[] = $assoc;
$indexCount++;
if ($indexCount % 50 == 0) {
logme("updating player score table");
$objPlayer->createPlayerScore($insertArray);
$insertArray = [];
$indexCount = 1;
logme("{$proccessed} completed . " . ($totalCount - $proccessed) . " is pending...");
}
$proccessed++;
}
if (count($insertArray) > 0) {
$objPlayer->createPlayerScore($insertArray);
}
$objFileLog->startProcessing($uploadId, $totalCount, 'C');
logme("Job Completed {$proccessed} completed . " . ($totalCount - $proccessed) . " is pending...");
} else {
logme("I didnt find any thing to process");
}
sleep(30);
}
function logme($message)
{
echo "\n{$message}\n";
}
<?php
error_reporting(1);
ini_set("display_errors", 1);
ini_set('memory_limit', '64M');
set_time_limit(0);
require_once 'connect.php';
require_once 'config.php';
include_once 'common_functions.php';
$book_info_id = empty($argv[1]) ? $_GET['book_info_id'] : $argv[1];
$fb_username = empty($argv[2]) ? $_GET['fb_username'] : $argv[2];
//logme("book_info_id:$book_info_id;fb_username:$fb_username",'static_pages');
$url = $config['base_url'] . "/uniqueurl/create_static_pages?book_info_id={$book_info_id}&fb_username={$fb_username}";
logme($url, 'static_pages');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, FALSE);
curl_exec($ch);
function auth_login($username, $password, $remember)
{
global $lang;
global $timezone;
$username = sterilise_txt($username, TRUE);
$password = sterilise_txt($password, TRUE);
$remember = sterilise_txt($remember, TRUE);
$howmany = count(safe_rows('*', 'pixie_log', "log_message = '" . $lang['failed_login'] . "' and user_ip = '" . $_SERVER["REMOTE_ADDR"] . "' and log_time < utc_timestamp() and log_time > DATE_ADD(utc_timestamp(), INTERVAL -1 DAY)"));
sleep(1);
// should halt dictionary attacks
// no more logins than 3 in 24 hours
if ($howmany > 3) {
$message = $lang['login_exceeded'];
logme($lang['logins_exceeded'], 'yes', 'error');
return $message;
} else {
if (isset($username) && isset($password)) {
$r = safe_field('user_name', 'pixie_users', "user_name = '{$username}'and \n\t\t\tpass = password(lower('" . doSlash($password) . "')) and privs >= 0");
if ($r) {
$user_hits = safe_field('user_hits', 'pixie_users', "user_name='{$username}'");
safe_update('pixie_users', "last_access = utc_timestamp()", "user_name = '{$username}'");
safe_update('pixie_users', "user_hits = {$user_hits} + 1", "user_name = '{$username}'");
$nonce = safe_field('nonce', 'pixie_users', "user_name='{$username}'");
if (isset($remember) && $remember) {
// persistent cookie required
setcookie('pixie_login', $username . ',' . md5($username . $nonce), time() + 3600 * 24 * 365, '/');
} else {
// session-only cookie required
setcookie('pixie_login', $username . ',' . md5($username . $nonce), 0, '/');
}
$privs = safe_field('privs', 'pixie_users', "user_name='{$username}'");
// login is good, create user
$realname = safe_field('realname', 'pixie_users', "user_name='{$username}'");
$nonce = safe_field('nonce', 'pixie_users', "user_name='{$username}'");
if (isset($realname)) {
$GLOBALS['pixie_real_name'] = $realname;
}
if (isset($privs)) {
$GLOBALS['pixie_user_privs'] = $privs;
}
$GLOBALS['pixie_user'] = $username;
$GLOBALS['nonce'] = $nonce;
return '';
} else {
// login failed
$GLOBALS['pixie_user'] = '';
$message = $lang['login_incorrect'];
return $message;
}
} else {
$GLOBALS['pixie_user'] = '';
$message = $lang['login_missing'];
return $message;
}
}
}
$ok = safe_insert($table_name, $sql);
}
if (!$ok) {
$message = $lang['user_duplicate'];
$do = 'newuser';
} else {
// needs to be added to language file
$emessage = "\n\t\t\t\nYou have been invited to help maintain the website {$site_url}. Your account information is:\n\nusername: {$uname}\npassword: {$password}\n\nvisit: " . $site_url . "admin to login.";
$subject = $lang['email_account_new_subject'];
if (!isset($subject)) {
$subject = NULL;
}
mail($email, $subject, $emessage);
$messageok = "{$lang['user_new_ok']} {$realname} ::: [ {$lang['form_username']} : {$uname} ] ::: [ {$lang['form_password']} : {$password} ]";
$logok = "{$lang['user_new_ok']} {$realname}";
logme($logok, 'no', 'user');
}
} else {
$do = 'newuser';
$err = explode('|', $error);
$message = $err[0];
}
}
if (isset($edit) && $edit) {
if (!isset($user_edit) or !$user_edit) {
$rs = safe_row('*', 'pixie_users', "user_id = '{$edit}' limit 0,1");
if ($rs) {
extract($rs);
}
}
if ($privs == 3 && $GLOBALS['pixie_user_privs'] != 3) {
include 'pdf_creator/mpdf.php';
ini_set("pcre.backtrack_limit", "1000000");
ini_set("memory_limit", "128M");
ini_set('max_execution_time', 300);
error_reporting(E_ERROR || E_PARSE);
require_once 'connect.php';
require_once 'config.php';
$book_info_id = empty($argv[1]) ? $_GET['book_info_id'] : $argv[1];
if (empty($book_info_id)) {
logme('empty book info id');
die;
} else {
logme("updating book page number for book info id = {$book_info_id}");
}
$book_info = get_book_info($book_info_id);
logme($book_info_id);
$mpdf = new mPDF('utf-8', array(228.6, 177.7), 12, 2.5, 24.13, 12.7, 12.7, 12.7, 0, 0, 'P');
//encoding;page size;font-size;
$mpdf->useSubstitutions = false;
$mpdf->simpleTables = true;
$mpdf->debug = true;
$mpdf->allow_output_buffering = true;
$stylesheet = file_get_contents('css/content.css');
$mpdf->WriteHTML($stylesheet, 1);
$sql = sprintf("SELECT book_info_id,fb_dataid, fbdata, page_layout,page_num,connection,page_col FROM book_pages \n\t\t\t\tWHERE book_info_id=%d ORDER BY page_num", mysql_real_escape_string($book_info_id));
$query = mysql_query($sql);
if (mysql_errno()) {
die(mysql_errno() . ': ' . mysql_error() . '; ' . $query . "\n");
} else {
while ($book_page = mysql_fetch_object($query)) {
$page = unserialize($book_page->fbdata);
//initialize php settings run-time
error_reporting(1);
ini_set("display_errors", 1);
ini_set('memory_limit', '64M');
set_time_limit(0);
require_once 'connect.php';
require_once 'config.php';
$execution_time['totalstart'] = get_time();
$execution_time['start'] = get_time();
//this is the only parameter to get pass in this script
$book_info_id = empty($argv[1]) ? $_GET['book_info_id'] : $argv[1];
if (empty($book_info_id)) {
logme('empty book info id');
die;
} else {
logme("updating book page number for book info id = {$book_info_id}");
}
//comment this when running on LIVE and uncomment the above lines
//$book_info_id = 43;
$sql = sprintf("SELECT * from book_details_vw WHERE book_info_id = %d", mysql_real_escape_string($book_info_id));
$result = mysql_query($sql) or die(mysql_error());
$sql_book_pages = '';
$comment = '';
$page_num = 1;
$row = mysql_fetch_object($result);
while ($row) {
switch ($row->page_layout) {
case 1:
$page_col = 2;
$what_col = 'max_container_height_col_r';
break;
$messageok = $lang['saved_new_settings_for'] . " " . $output . " " . $lang['page'];
}
page_order_reset();
}
if (isset($s) && $s == 'publish') {
if (isset($title) && $title) {
$output = $title;
} else {
$output = NULL;
}
$icon = 'page';
$pname = safe_field('page_display_name', 'pixie_core', "page_id='{$page_id}'");
if ($m == 'static') {
$messageok = 'Saved updates to the ' . $pname . ' page.';
} else {
if ($output) {
$messageok = $lang['save_update_entry'] . ': ' . $output . " " . $lang['on_the'] . " " . $pname . " " . $lang['page'];
} else {
$messageok = $lang['save_update_entry'] . " (#" . $editid . ") " . $lang['on_the'] . " " . $pname . " " . $lang['page'];
}
}
}
logme($messageok, 'no', $icon);
}
}
} else {
$err = explode('|', $error);
$message = $err[0];
}
}
}
function executer($b_matos, $b_action)
{
try {
$cmd2exec = $GLOBALS['cmd'] . $GLOBALS['idRFCmd'] . " " . $GLOBALS['codeRF'] . " {$b_matos} {$b_action}";
$output = shell_exec($cmd2exec);
} catch (Exception $e) {
$msg = $e->getMessage();
logme("ERROR : {$msg}");
}
$msg = "Excution de {$cmd2exec}";
logme($msg);
}
$subject = NULL;
}
$emessage = $lang['email_newpassword_message'] . $password;
$user = safe_field('realname', 'pixie_users', "email='{$email}'");
$headers = "From: postmaster@{$_SERVER['HTTP_HOST']}" . "\r\n" . 'X-Mailer: PHP/' . phpversion();
mail($email, $subject, $emessage, $headers);
$messageok = $lang['forgotten_ok'];
logme($lang['forgotten_log_ok'] . $user . ' (' . $email . ').', 'yes', 'user');
$m = 'ok';
} else {
$message = $lang['unknown_error'];
}
}
} else {
$message = $lang['forgotten_missing'];
logme($lang['forgotten_log_error'], 'yes', 'error');
}
}
if ($m == 'forgotten') {
?>
<div id="login">
<form accept-charset="UTF-8" action="?s=login&m=forgotten" method="post" id="form_forgotten" class="form">
<fieldset>
<legend>Forgotten your password?</legend>
<p><?php
print $lang['form_help_forgotten'];
?>
</p>
<div class="form_row">
<div class="form_label"><label for="username"><?php
print $lang['form_usernameoremail'];
//FB graph api to get friends
$graph_url = trim("https://graph.facebook.com/{$fbid}/friends?access_token={$token}");
$friends = @json_decode(file_get_contents($graph_url));
logme($graph_url);
$friends_fbid = '';
$friends_list = (array) $friends->data;
foreach ($friends_list as $friend) {
$friends_fbid .= ';' . $friend->id;
}
$friends_fbid = substr($friends_fbid, 1);
$created_date = date('m-j-Y h:i:s a');
$sql = sprintf("INSERT INTO book_cover(book_info_id,friends_fbid,created_date) VALUES('%s','%s','%s')", mysql_real_escape_string($book_info_id), mysql_real_escape_string($friends_fbid), $created_date);
$result = mysql_query($sql);
// This shows the actual query sent to MySQL, and the error. Useful for debugging.
if (!$result) {
$message = 'Invalid query: ' . mysql_error() . "\n";
$message .= 'Whole query: ' . $sql;
logme($message);
die($message);
} else {
echo 'done with no errors';
}
function logme($data)
{
global $config;
$file = $config['tools'] . "/logs/get_fbfriends.log";
$cdate = date('n/j/Y h:i:s a');
$handle = fopen($file, 'ab');
fwrite($handle, "{$data} => {$cdate} \n");
fclose($handle);
}
if (isset($error)) {
sleep(6);
/* slow spammers down */
} else {
if ($duplicate !== 1) {
if (isset($admin_user) && $admin_user) {
$admin_user = strip_tags($admin_user);
$sql = "comment = '{$comment}', name = '{$name}', email = '{$email}', url = '{$web}', post_id = '{$post}', admin_user = '******'";
} else {
$sql = "comment = '{$comment}', name = '{$name}', email = '{$email}', url = '{$web}', post_id = '{$post}', admin_user = '******'";
}
$comment_ok = safe_insert('pixie_module_comments', $sql);
$title = safe_field('title', 'pixie_dynamic_posts', "post_id ='{$post}'");
$countcom = count(safe_rows('*', 'pixie_module_comments', "post_id ='{$post}'"));
if (isset($s)) {
logme($name . ' ' . $lang['comment_save_log'] . "<a href=\"" . createURL($s, $m, $x) . "#comment_{$countcom}\" title=\"{$title}\">{$title}</a>.", 'no', 'comment');
}
} else {
$err = explode('|', $error);
$error = $err[0];
}
}
}
}
$mtitle = "";
show_single();
break;
case 'page':
$start = $posts_per_page * ($x - 1);
$mtitle = "{$page_display_name} (" . $lang['dynamic_page'] . " {$x})";
$rs = safe_rows_start('*', 'pixie_dynamic_posts', "page_id = '{$page_id}' and public = 'yes' order by posted desc limit {$start},{$posts_per_page}");
br()->log('Usage: php ' . basename(__FILE__) . ' setup|delete|print [--table tableName]');
exit;
break;
}
for ($i = 2; $i < count($argv); $i++) {
if (preg_match('/^[-][-](.+)$/', $argv[$i], $matches)) {
if ($matches[1] == 'table') {
$tableName = $argv[$i + 1];
}
}
}
$tables = br()->db()->getRows('SELECT * FROM audit_tables WHERE name LIKE ?', $tableName);
foreach ($tables as $table) {
switch ($commandName) {
case 'delete':
if ($table['is_audited'] != 9) {
removeAuditTriggers($table['name']);
}
break;
case 'setup':
if ($table['is_audited'] != 9) {
createAuditTriggers($table['name'], $table['exclude_fields'], $table['is_audited'], $commandName);
}
break;
case 'print':
createAuditTriggers($table['name'], $table['exclude_fields'], $table['is_audited'], $commandName);
break;
}
}
logme('done');
if (isset($execute4) && $execute4) {
$execute4 = str_replace('pixie_', $pixieconfig['table_prefix'] . 'pixie_', $execute4);
safe_query($execute4);
}
$do = 'info';
include 'modules/' . $modplug . '.php';
if (isset($m_in_navigation)) {
} else {
$m_in_navigation = 'no';
}
// make a safe reference in core, not public etc
$sql = "page_type = '{$m_type}', page_name = '{$modplug}', page_display_name = '{$m_name}', page_description = '{$m_description}', privs = '2', publish = '{$m_publish}', public = 'yes', in_navigation = '{$m_in_navigation}', searchable = 'no'";
$coreok = safe_insert('pixie_core', $sql);
if ($coreok) {
$messageok = $m_name . " " . $lang['install_module_ok'];
logme($messageok, 'no', 'site');
}
}
}
echo "<div id=\"page_header\">\r\n\t\t\t\t\t<h2>" . $lang['install_module'] . "</h2>\r\n\t\t\t\t</div>\r\n\t\t\t\r\n\t\t\t\t<div id=\"admin_form\">\r\n\t\t\t\t\t\t\r\n\t\t\t\t\t<form accept-charset=\"UTF-8\" action=\"?s=settings&x=pages&do=newpage&type=module\" method=\"post\" id=\"form_modplug\" class=\"form\">\r\n\t\t\t\t\t\t<fieldset>\r\n\t\t\t\t\t\t\t<legend>" . $lang['select_module'] . "</legend>\n";
$dir = 'modules/';
if (is_dir($dir)) {
$fd = @opendir($dir);
if ($fd) {
while (($part = @readdir($fd)) == TRUE) {
if ($part != '.' && $part != '..') {
if ($part != 'index.php' && preg_match('/^[A-Za-z].*\\.php$/', $part)) {
if (last_word($part) != 'functions.php') {
$pname = str_replace('.php', "", $part);
$rs = safe_row('*', 'pixie_core', "page_name = '{$pname}' order by page_name asc");
if (!$rs) {
error_reporting(1);
ini_set("display_errors", 1);
ini_set('memory_limit', '64M');
set_time_limit(0);
require_once 'connect.php';
require_once 'config.php';
$fbid = empty($argv[1]) ? $_GET['fbid'] : $argv[1];
$token = empty($argv[2]) ? $_GET['token'] : $argv[2];
//$fbid = empty($fbid)?$_GET['fbid']:$fbid;
//$token = empty($token)?$_GET['token']:$token;
if (empty($fbid)) {
logme('no fbid pass or in cookie');
die('no fbid pass or in cookie');
}
$graph_url = "https://graph.facebook.com/{$fbid}/";
logme($graph_url);
$execution_time['totalstart'] = get_time();
$execution_time['start'] = get_time();
$param->fbid = $fbid;
$param->token = $token;
$param->graph_url = $graph_url;
//me/friends
echo 'processing fb friends...';
$param->connection = 'friends';
$param->table_name = 'friends_raw_data';
get_fb_friends($param);
echo "done<br/>";
//me/statuses
echo 'processing fb statuses...';
$param->connection = 'statuses';
$param->table_name = 'statuses_raw_data';
//corpomessaggiopiccolo
if (strlen($messaggio) < 2) {
$controllo = false;
logme("*tiny_message*", $ip, $nick, $datareale, $email);
}
//controllo del sito
//echo "prima di sitoshow<br>";
if (preg_match('/http:\\/\\/[a-zA-Z0-9._%+-]+\\.[a-zA-Z]{2,4}/', $sito) == 1) {
$sitoshow = true;
}
//echo "il preg da: ".(preg_match('/http:\/\/[a-zA-Z0-9._%+-]+\.[a-zA-Z]{2,4}/',$sito));
//Scrittura
if ($controllo == true) {
$namefile = "./data/" . $dataora;
//echo $namefile."<br />";
$filenew = fopen($namefile, "w");
if ($sitoshow == true) {
fwrite($filenew, "<div class=\"post\"><div class=\"posttop\"><div class=\"title\"><a href='" . $sito . "'>" . $nick . "</a></div><div class=\"date\"> data:" . $datareale . "</div></div><br />" . $messaggio . "</div><br />");
} else {
fwrite($filenew, "<div class=\"post\"><div class=\"posttop\"><div class=\"title\">" . $nick . "</div><div class=\"date\"> data:" . $datareale . "</div></div><br />" . $messaggio . "</div><br />");
}
fclose($filenew);
logme("*written_OK*", $ip, $nick, $datareale, $email);
//@mail('*****@*****.**','Qualcuno ha scritto sul tuo guestbook!', "nick: $nick ip: $ip per leggere clicka => http://vikkio88.altervista.org/guestbook/guestbook.php",'from: vikkio88@altervista.org');
//echo "done<br />";
//echo "<a href='./scrivi.php'>dietro</a><a href='./guestbook.php'>avanti</a>";
header("location: ./guestbook.php");
} else {
echo '<script>alert("Something go wrong! =(,retry?");';
echo 'setTimeout("location.href=\'./scrivi.php\', 3*1000 ");</script>';
}
$prefs = get_prefs();
extract($prefs);
}
}
if (isset($del)) {
if (file_exists("../files/sqlbackups/" . $del)) {
$current = safe_field('last_backup', 'pixie_settings', "settings_id='1'");
if ($current != $del) {
$delk = file_delete("../files/sqlbackups/" . $del);
} else {
$unable = "yes";
}
}
if ($delk) {
$messageok = $lang['backup_delete_ok'] . " {$del}.";
logme($lang['backup_delete_ok'] . " {$del}.", "no", "save");
} else {
if ($unable) {
$message = $lang['backup_delete_no'];
} else {
$message = $lang['backup_delete_error'];
}
}
}
?>
<div id="blocks">
<div id="admin_block_backup" class="admin_block">
<h3><?php
echo $lang['create_backup'];
?>
</h3>
<?php
require_once dirname(__DIR__) . '/Bright.php';
$scriptsPath = dirname(dirname(__DIR__)) . '/js/';
$templatesPath = dirname(dirname(__DIR__)) . '/templates/';
if ($tableName = br($argv, 1)) {
logme('Generating code for ' . $tableName);
$data = array();
$data['entityName'] = $tableName;
$data['fields'] = array();
$configFile = dirname(dirname(__DIR__)) . '/config.php';
if (file_exists($configFile)) {
logme('Loading settings from ' . $configFile);
require_once $configFile;
if (br()->db()) {
$fields = br()->db()->getTableStructure($tableName);
foreach ($fields as $name => $desc) {
$desc['fieldName'] = $name;
$data['fields'][] = $desc;
}
}
}
br()->fs()->saveToFile($scriptsPath . $tableName . '.js', br()->renderer()->fetch(__DIR__ . '/template.databrowser.js', $data));
br()->fs()->saveToFile($templatesPath . $tableName . '.html', br()->renderer()->fetch(__DIR__ . '/template.databrowser.html', $data));
} else {
logme('Table not specified');
}