if (!is_null($email) && strlen($email) > 0 && strcasecmp($email, $row['email'])) { $err = 'Email you have entered is not in the database.'; break; } $user = $row['username']; $email = $row['email']; $userid = $row['id']; $newpass = generatePassword(6, 7); $query = 'UPDATE confa_users set password=password(\'' . $newpass . '\'), modified=NULL where username=\'' . $user . '\''; $result = mysql_query($query); if (!$result) { mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query); die('Query failed'); } if (mysql_affected_rows($link) != 1) { mysql_log(__FILE__, 'insert updated password failed ' . mysql_error() . ' QUERY: ' . $query); die('Query failed'); } $query = 'DELETE from confa_sessions where user_id=' . $userid; $result = mysql_query($query); $to = $email; $subject = "Forum's new password"; $message = $user . ", your new generated password is\n" . $newpass . "\nFeel free to login and change it in your profile"; $from = $from_email; $headers = "From: {$from}"; send_mail($to, $subject, $message); } while (false); } } if (strlen($err) > 0) { print '<font color="red"><b>' . $err . '</b></font>';
<?php /*$Id: new_inc.php 818 2012-10-22 20:02:52Z ranger $*/ require_once 'head_inc.php'; $thread_owner = false; $title = 'New message'; $ticket = '' . ip2long(substr($ip, 1, strlen($ip) - 2)) . '-' . time(); if (!is_null($re) && strlen($re) > 0) { $msg_id = $re; // Retrieve the original message's subject $query = 'SELECT u.username, u.moder, p.subject, p.closed as post_closed, p.views, p.id as msg_id, p.status, p.auth, p.parent, CONVERT_TZ(p.created, \'' . $server_tz . '\', \'' . $prop_tz . ':00\') as created, p.body, p.author, u.id as id, t.closed as thread_closed, ( select max(page) from confa_threads) - t.page + 1 as page, p.thread_id, t.id, p.status, t.author as t_author, t.properties as t_properties from confa_users u, confa_posts p, confa_threads t where p.thread_id=t.id and u.id=p.author and p.id=' . $msg_id; $result = mysql_query($query); if (!$result) { mysql_log(__FILE__, 'query 2 failed ' . mysql_error() . ' QUERY: ' . $query); die('Query failed'); } if (mysql_num_rows($result) != 0) { $row = mysql_fetch_assoc($result); $subject = htmlentities(translit($row['subject'], $proceeded), HTML_ENTITIES, 'UTF-8'); $subj = $subject; if (strpos($subj, 'Re:') !== 0) { $subj = "Re: " . $subj; } $author = htmlentities($row['username'], HTML_ENTITIES, 'UTF-8'); $created = $row['created']; $msg_status = $row['status']; if (!is_null($row['post_closed']) && $row['post_closed'] > 0) { $post_closed = true; } if (!is_null($row['thread_closed']) && $row['thread_closed'] > 0) { $thread_closed = true;
*/ require_once 'head_inc.php'; require_once 'html_head_inc.php'; //require_once('dump.php'); // 199.34.127.57 // print('ID='. $msg_id); // $msg_id='445289'; if (is_null($msg_id)) { die("Specify message ID"); } // 1 retrieve and print as is $query = 'SELECT * from confa_posts where id = ' . $msg_id; // $query = "alter table confa_users add last_pm_check_time timestamp default '0000-00-00 00:00:00'"; // $query = "update confa_users set last_pm_check_time = CURRENT_TIMEstamp"; $result = mysql_query($query); if (!$result) { mysql_log(__FILE__, 'Query page count failed: ' . mysql_error() . ' QUERY: ' . $query); die('Query failed.' . mysql_error() . ' QUERY: ' . $query); } while ($row = mysql_fetch_assoc($result)) { $body = $row['body']; print "Original:<br/>" . $body; $body = before_bbcode($body); print "<br/><b>before_bbcode:</b><br/>" . $body; $body = do_bbcode($body); print "<br/><b>do_bbcode:</b><br/>" . $body; $body = nl2br($body); print "<br/><b>nl2br:</b><br/>" . $body; $body = after_bbcode($body); print "<br/><b>after_bbcode:</b><br/>" . $body; // bbcode, print // after bbcode, print
} } $result = mysql_query($query); if (!$result) { mysql_log(__FILE__ . ':' . __LINE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query . '<--END_OF_QUERY, last_id="' . $last_id . '"'); die('Query failed '); } $_SESSION['last_bydate_id'] = $max_id; $num = 1; $out = ''; $ignored = array(); if ($show_hidden == 1) { $query = "SELECT ignored from confa_ignor where ignored_by=" . $test_user_id; $result_ignored = mysql_query($query); if (!$result_ignored) { mysql_log(__FILE__ . ':' . __LINE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query . 'test_user_id="' . $test_user_id . '"'); die('Query failed '); } while ($row = mysql_fetch_assoc($result_ignored)) { array_push($ignored, $row['ignored']); } } while ($row = mysql_fetch_assoc($result)) { $id = $row['id']; $ban_ends = $row['ban_ends']; $banned = false; if (!is_null($ban_ends) && strcmp($ban_ends, '0000-00-00 00:00:00')) { $banned = true; } $auth_moder = $row['moder']; $subj = $row['subject'];
die('Query failed'); } } } } } } } } $msg_bookmark = NULL; $bookmarks = ''; if (!is_null($user_id) && is_numeric($user_id)) { $query = 'SELECT b.id, b.user, u.username from confa_bookmarks b, confa_users u where b.user=u.id and b.post=' . $msg_id; $result = mysql_query($query); if (!$result) { mysql_log(__FILE__ . ":" . __LINE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query); die('Query failed'); } while ($row = mysql_fetch_assoc($result)) { if ($row['user'] == $user_id) { $msg_bookmark = $row['id']; } if (strlen($bookmarks) > 0) { $bookmarks .= ', '; } $bookmarks .= $row['username']; } } require "msg_inc.php"; if ($reply_closed) { ?>
mysql_log(__FILE__, 'insert failed ' . mysql_error() . ' QUERY: ' . $query); die('Query failed'); } $ban_ends = NULL; } $logged_in = true; } else { $logged_in = true; } if (is_null($logout)) { $query = 'UPDATE confa_sessions set updated = current_timestamp where hash=\'' . $auth_cookie . '\''; } else { $logged_in = false; $query = 'DELETE from confa_sessions where hash=\'' . $auth_cookie . '\' and id=' . $user_id; setcookie('auth_cookie2', '', time() - 100000, $root_dir, $host, false, true); } $result = mysql_query($query); if (!$result) { mysql_log(__FILE__, 'insert failed ' . mysql_error() . ' QUERY: ' . $query); die('Query failed'); } if ($logged_in) { $query = 'SELECT count(*) from confa_pm where receiver=' . $user_id . ' and status=1'; $result = mysql_query($query); if (!$result) { mysql_log(__FILE__, 'select failed ' . mysql_error() . ' QUERY: ' . $query); die('Query failed'); } } } }
function api_pmail_list($app, $inbox = true) { global $prop_tz, $server_tz, $user_id, $pm_deleted_by_receiver, $pm_deleted_by_sender; $response = new Response(); $count = $app->request->getQuery('count'); if (!is_null($count)) { $count = intval($count); } else { $count = 20; } $max_id = $app->request->getQuery('id'); if (is_null($max_id)) { $max_id = -1; } else { $max_id = intval($max_id); } if ($inbox) { $search_condition = 'receiver=' . $user_id . ' and !(p.status &' . $pm_deleted_by_receiver . ')'; } else { $search_condition = 'sender=' . $user_id . ' and !(p.status & ' . $pm_deleted_by_sender . ')'; } $query = 'SELECT s.username, p.id as id, p.sender, p.receiver, p.subject, p.body, ' . 'CONVERT_TZ(p.created, \'' . $server_tz . '\', \'' . $prop_tz . ':00\') as created, p.status, p.chars from confa_pm p, confa_users s where p.' . ($inbox ? 'sender' : 'receiver') . '=s.id and ' . $search_condition . ($max_id > 0 ? ' and p.id <= ' . $max_id : '') . ' order by id desc limit ' . $count; $result = mysql_query($query); if (!$result) { mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query . ' max_id="' . $max_id . '"'); die('Query failed ' . mysql_error() . ' QUERY: ' . $query); } $messages = array(); $count = 0; while ($row = mysql_fetch_assoc($result)) { $messages[] = array('id' => intval($row['id']), 'status' => intval($row['status']), 'subject' => api_get_subject($row['subject'], $row['status']), $inbox ? 'author' : 'recipient' => array('id' => intval($row[$inbox ? 'sender' : 'receiver']), 'name' => $row['username']), 'created' => $row['created'], 'chars' => intval($row['chars'])); $count++; } $response->setContentType('application/json'); $response->setJsonContent(array('count' => $count, 'messages' => $messages)); return $response; }
$page_m_delposts = 'moddelposts.php'; $page_m_ips = 'modips.php'; $page_ban = 'modban.php'; $page_do_search = 'dosearch.php'; $page_topthread = 'topthread.php'; $page_golo = 'golo_list.php'; $page_golo_create = 'golo_new.php'; $page_answered = 'answered.php'; $page_banned = 'banned.php'; $page_pay_ban = 'pay_ban.php'; $page_my_bookmarhs = 'mybookmarks.php'; $page_registrations = 'modregs.php'; // Redirect if URL is not correct if (isset($_SERVER['HTTP_HOST']) && strcmp($_SERVER['HTTP_HOST'], $host)) { print "<HTML><BODY><A target=\"_blank\" href=\"http://" . $host . $root_dir . "\">Wrong URL" . $_SERVER['HTTP_HOST'] . ". Please, click here.</A></BODY></HTML>"; die; } require_once 'func.php'; require_once 'mysql_log.php'; // Connecting, selecting database $link = mysql_connect($dbhost, $dbuser, $dbpassword); if (!$link) { mysql_log(__FILE__, 'Could not connect: ' . mysql_error()); die('Could not connect to database'); } if (!mysql_select_db($dbname)) { mysql_log(__FILE__, 'Could not select database ' . mysql_error()); die('Could not select database'); } require_once 'get_params_inc.php'; require_once 'auth.php';
} } } } } if (strlen($err) == 0) { $tm = date('Y-m-d H:i:s'); $md5 = md5($tm . $user); $query = 'INSERT into confa_regs(username, password, email, actkey) values(\'' . mysql_escape_string($user) . '\', password(\'' . $password . '\'), \'' . $email . '\', \'' . $md5 . '\')'; $result = mysql_query($query); if (!$result) { mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query); die('Query failed'); } if (mysql_affected_rows($link) != 1) { mysql_log(__FILE__, 'insert failed ' . mysql_error() . ' QUERY: ' . $query); die('Query failed'); } $to = $email; $subject = "Forum registration"; $message = "To activate your account, please click the following link or copy and paste it in your browser:<p><a href=\"http://" . $host . $root_dir . $page_activate . '?act_link=' . $md5 . '">http://' . $host . $root_dir . $page_activate . '?act_link=' . $md5 . "</a><p>This link will be valid for 24 hours.\n"; $from = $from_email; $headers = "From: {$from}"; if (isset($reg_type) && $reg_type == REG_TYPE_OPEN) { print $message; } else { if (isset($reg_type) && $reg_type == REG_TYPE_EMAIL) { mail($to, $subject, $message, $headers); print "<B>" . $user . "</B>, activation link has been sent to " . $email . ". The link will be valid for 86400 seconds ( 24 hours )"; } else { if (isset($reg_type) && $reg_type == REG_TYPE_CONFIRM) {
function get_answered($how_many = 0) { global $last_answered_id, $server_tz, $prop_tz, $user_id, $auth_cookie; if (is_null($last_answered_id)) { $last_answered_id = 0; } if ($how_many > 0) { $query = 'SELECT b.id as my_id, b.author as me_author, u.username, u.moder, p.closed as post_closed, p.level, p.page, p.parent, p.auth, p.views, p.content_flags, p.likes, p.dislikes, CONVERT_TZ(p.created, \'' . $server_tz . '\', \'' . $prop_tz . ':00\') as created, p.subject, p.author, p.status, p.id as id, p.chars, (select count(*) from confa_posts where parent = p.id) as counter from confa_posts p, confa_posts b, confa_users u where p.parent=b.id and b.author=' . $user_id . ' and p.author=u.id and p.status != 2 order by id desc limit ' . $how_many; } else { $query = 'SELECT b.id as my_id, b.author as me_author, u.username, u.moder, p.closed as post_closed, p.level, p.page, p.parent, p.auth, p.views, p.content_flags, p.likes, p.dislikes, CONVERT_TZ(p.created, \'' . $server_tz . '\', \'' . $prop_tz . ':00\') as created, p.subject, p.author, p.status, p.id as id, p.chars, s.last_answered_time, (select count(*) from confa_posts where parent = p.id) as counter from confa_posts p, confa_posts b, confa_users u, confa_sessions s where s.hash=\'' . $auth_cookie . '\' and s.last_answered_time < p.created and p.parent=b.id and b.author=' . $user_id . ' and p.author=u.id and p.id > ' . $last_answered_id . ' and p.status != 2 order by id desc limit 100'; } $result = mysql_query($query); if (!$result) { mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query); return false; } $query = 'UPDATE confa_sessions set last_answered_time=current_timestamp where user_id = ' . $user_id; $result2 = mysql_query($query); if (!$result2) { mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query); return false; } return $result; }
$query = 'INSERT into confa_ban_history( moder, expires, victim, ban_reason) values( ' . $user_id . ', addtime( current_timestamp(), \'' . $bantime . ':00\'), ' . $moduserid . ', \'' . mysql_escape_string(trim($ban_reason)) . '\' )'; } else { $query = 'INSERT into confa_ban_history( moder, expires, victim) values( ' . $user_id . ', \'0000-00-00 00:00:00\', ' . $moduserid . ' )'; } $result = mysql_query($query); if (!$result) { mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query); die('Query failed'); } $ban_id = mysql_insert_id(); if ($bantime > 0) { $query = 'Update confa_users set ban_ends=addtime( current_timestamp(), \'' . $bantime . ':00\'), ban=' . $ban_id . ' where id=' . $moduserid; } else { $query = 'Update confa_users set pban=0, ban_ends=\'0000-00-00 00:00:00\', ban=' . $ban_id . ' where id=' . $moduserid; } $result = mysql_query($query); if (!$result) { mysql_log(__FILE__, 'query failed ' . mysql_error() . ' QUERY: ' . $query); die('Query failed'); } if (mysql_affected_rows($link) == 0) { mysql_log(__FILE__, '0 affected rows ' . mysql_error() . ' QUERY: ' . $query); die('Query failed'); } require 'moduser.php'; } else { print "<HTML><BODY>You have no access to this page.</BODY></HTML>"; } ?>