function viewPosts($mode = 'normal', $criteria = NULL) { //Visar alla inlägg $query = makeQuery($mode, $criteria); $result = mysql_query($query) or die('Ett fel har upstått:<br/>' . mysql_error()); $genderlabels['P'] = 'Pojke'; $genderlabels['F'] = 'Flicka'; while ($data = mysql_fetch_assoc($result)) { $userage = date_get_age($data['birthday']); if ($data['gender'] == 'P') { $divbg = 'blue_faded_div'; } elseif ($data['gender'] == 'F') { $divbg = 'pink_faded_div'; } else { $divbg = 'grey_faded_div'; } if (isset($_SESSION['login']['username'])) { if (preg_match("/" . $_SESSION['login']['username'] . "/i", $data['text'])) { $divbg = 'orange_faded_div'; } elseif ($_SESSION['login']['username'] == $data['username']) { $divbg = 'green_faded_div'; } } echo '<div class="' . $divbg . '" style="repeat-x; margin-top: 10px; border: 1px solid #CCCCCC;">' . "\n"; echo '<table class="body" style="width: 100%;"><tr><td style="vertical-align: top; width: 75px;">' . "\n"; if ($data['image'] == 1 || $data['image'] == 2) { echo insert_avatar($data['userid']); } else { echo '<img src="/images/noimage.png" style="width: 75px; height: 75px; border: 1px solid #cccccc;" alt="Ingen visningsbild"/>' . "\n"; } echo '</td><td style="vertical-align: top;">'; echo fix_time($data['timestamp']) . ' (inlägg #' . $data['id'] . ') <a style="text-decoration:none;" href="javascript:#;" onclick="javascript:document.gbform.message.value=document.gbform.message.value+\'' . $data['username'] . ' : \';document.gbform.message.focus();">[^]</a><br/>' . "\n"; echo '<a href="' . $hp_url . '/traffa/profile.php?id=' . $data['userid'] . '">' . "\n"; echo '<b>' . $data['username'] . '</b></a> ' . "\n"; echo birthdaycake($data['birthday']) . ' ' . "\n"; echo $genderlabels[$data['gender']]; if ($userage > 1) { echo ' ' . $userage . 'år' . "\n"; } if (strlen($data['geo_location']) > 1) { echo ' från ' . htmlentities($data['geo_location']) . "\n"; } echo '<br/>' . "\n"; echo setsmilies($data['text']) . "\n"; echo '</td></tr></table>' . "\n"; echo '</div>' . "\n"; } //while-satsen för att skriva ut inlägg }
/** * Make link url * 라우터 값들을 이용해서 url을 만들어준다. * * @param string $target * @param array $params * @param array $queris * @return string */ function makeLinkUrl($target, $params, $queris) { $str = __ROOT__ . '/'; switch ($target) { case 'intro': $str .= $queris ? makeQuery($queris) : ''; break; case 'index': $str .= isset($params['nest']) ? $target . '/' . $params['nest'] . '/' : ''; $str .= isset($params['nest']) && isset($params['category']) ? $params['category'] . '/' : ''; $str .= $queris ? makeQuery($queris) : ''; break; case 'article': $str .= isset($params['article']) ? $target . '/' . $params['article'] . '/' : ''; break; } return $str; }
<?php include_once "funciones.php"; session_start(); $passIncorrectas = 0; if (isset($_COOKIE['passIncorrectas'])) { $passIncorrectas = $_COOKIE['passIncorrectas']; } if ($passIncorrectas <= 3) { $email = $_POST['email']; $password = $_POST['pass']; $passCifrada = hash("sha256", $password, false); $query = mysqli_fetch_assoc(makeQuery("SELECT Pass, Tipo FROM usuario WHERE Email = '{$email}'")); $passReal = $query['Pass']; if ($passReal != null and strcmp($passReal, $passCifrada) == 0) { $_SESSION['tipo'] = $query['Tipo']; $_SESSION['user'] = $email; header("Location: index.php"); } else { setcookie('passIncorrectas', $passIncorrectas + 1, time() + 300); //Ha fallado, cuento un intento fallido mas. El servidor llama a su anterior referencia header("Location: login.html"); } } else { setcookie('passIncorrectas', 0, time() + 300); //Ha superado el numero de intentos, guardo los intentos y le hago esperar. echo 'Ha superado el límite de intentos. Podrás volver a intentarlo en 5 minutos.'; }
$from = "user"; $where = "user_name LIKE '%{$search}%' AND is_author='1'"; printAuthors(makeQuery($db, $from, $where)); $from = "user,adventure"; $where = "adventure.user_id = user.user_id AND title LIKE '%{$search}%' {$between}"; printAdventures(makeQuery($db, $from, $where)); break; case "adventures": $from = "user,adventure"; $where = "adventure.user_id = user.user_id AND title LIKE '%{$search}%' {$between}"; printAdventures(makeQuery($db, $from, $where)); break; case "authors": $from = "user"; $where = "user_name LIKE '%{$search}%' AND is_author='1'"; printAuthors(makeQuery($db, $from, $where)); break; } } function makeQuery($db, $from, $where) { global $numRows; $query = $db->query("SELECT * FROM {$from} WHERE {$where}"); if ($query->num_rows > 0) { //if there is one row that matches the searched query while ($row = $query->fetch_array()) { $rows[] = $row; } return $rows; } $numRows += $query->num_rows;
function isAlbum($nick, $albumName) { return mysqli_num_rows(makeQuery("SELECT * FROM album WHERE nick='{$nick}' AND name='{$albumName}'")) > 0; }
<?php include_once "funciones.php"; session_start(); $passIncorrectas = 0; if (isset($_COOKIE['passIncorrectas'])) { $passIncorrectas = $_COOKIE['passIncorrectas']; } if ($passIncorrectas <= 3) { $email = $_POST['email']; $password = $_POST['pass']; $passCifrada = hash("sha256", $password, false); $passReal = mysqli_fetch_assoc(makeQuery("SELECT Pass FROM usuario WHERE Email = '{$email}'"))['Pass']; echo $passCifrada . "<br/><br/>"; echo $passReal . "<br/><br/>"; echo strcmp($passReal, $passCifrada) . "<br/><br/>"; if ($passReal != null and strcmp($passReal, $passCifrada) == 0) { $_SESSION['user'] = $email; //header("Location: index.php"); } else { setcookie('passIncorrectas', $passIncorrectas + 1, time() + 300); //Ha fallado, cuento un intento fallido mas. El servidor llama a su anterior referencia //header("Location: login.html"); echo "el usuario no existe"; echo $passReal . "<br/><br/>"; } } else { setcookie('passIncorrectas', 0, time() + 300); //Ha superado el numero de intentos, guardo los intentos y le hago esperar. echo 'Ha superado el límite de intentos. Podrás volver a intentarlo en 5 minutos.'; }
include "inc/connect.php"; if (isset($_GET['tab'])) { $tab = $_GET['tab']; switch ($tab) { case "new": $where = "user.user_id = adventure.user_id ORDER BY posted_at DESC"; printPosts(makeQuery($db, $where)); break; case "top": $where = "user.user_id = adventure.user_id ORDER BY vote_score DESC"; printPosts(makeQuery($db, $where)); break; } } else { $where = "user.user_id = adventure.user_id ORDER BY posted_at DESC"; printPosts(makeQuery($db, $where)); } function makeQuery($db, $where) { $query = $db->query("SELECT * FROM user,adventure WHERE {$where}"); if ($query->num_rows > 0) { //if there is one row that matches the searched query while ($row = $query->fetch_array()) { $postRows[] = $row; } return $postRows; } } function strCat($str) { $string = strip_tags($str);
function isAlbum($nick, $albumName) { return makeQuery("SELECT COUNT[*] FROM album WHERE nick='{$nick}' AND name='{$albumName}'") > 0; }