public function getContent()
{
global $sql;
// Strona zabezpieczona wykonuje dwa niepotrzebne zapytania, mimo, że tekst sie nie wyświetla, należy po pierwszym zapytaniu wykonać fetch_assoc
$page = $sql->query('
SELECT * FROM ' . DB_PREFIX . 'subpages
WHERE id = ' . $this->id)->fetch();
// Page does not exist
if (!$page) {
return not_found('Page you have been loking for does not exists.');
} else {
if ($page['permit'] == 0) {
return no_access();
} else {
if (!LOGGED && $page['type'] == 2) {
return no_access(array('Wybrana treść jest dostępna tylko dla zalogowanych osób.', t('REGISTER')));
} else {
Kio::addTitle($page['title']);
Kio::addBreadcrumb($page['title'], $page['id'] . '/' . clean_url($page['title']));
// $this->subcodename = $page['number'];
Kio::addHead($page['head']);
if ($page['description']) {
Kio::setDescription($page['description']);
}
if ($page['keywords']) {
Kio::setKeywords($page['keywords']);
}
return eval('?>' . $page['content']);
}
}
}
}
public function getContent()
{
global $sql;
if (LOGGED) {
$note = new Notifier();
Kio::addCssFile('modules/pm/pm.css');
// Tabs
Kio::addTabs(array(t('Received (%messages)', array('%messages' => User::$pmInbox)) => 'pm/inbox', t('Sent (%messages)', array('%messages' => User::$pmOutbox)) => 'pm/outbox', t('Write') => 'pm/write'));
switch (u1) {
case 'write':
return $this->getComposeForm();
break;
case 'inbox':
case 'outbox':
if (u2 == 'read' && ctype_digit(u3)) {
return $this->getMessage();
} else {
return $this->getFolder(u1 == 'inbox' ? 0 : 1);
}
break;
default:
redirect(HREF . 'pm/inbox');
// //$info->negative('Pojemność skrzynki jest na wyczeraniu.');
// $tpl = new PHPTAL('modules/pm/default.html');
// $tpl->cfg = $cfg;
// $tpl->form = $form;
// $tpl->user = $user;
// $tpl->note = $note;
// echo $tpl->execute();
}
} else {
return no_access(array('Dostęp do prywatnych wiadomości jest możliwy tylko po zalogowaniu się.', t('REGISTER')));
}
}
global $username, $password, $email, $studentid;
if (@$_POST['username'] and @$_POST['password'] and @$_POST['confpassword'] and @$_POST['email'] and @$_POST['studentid']) {
if (@$_POST['password'] != @$_POST['confpassword']) {
header("location: register.php?action=err&mes=注册失败!两次密码输入不一致!");
exit;
}
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
$studentid = $_POST['studentid'];
if (get_user_by_name($username)) {
header("location: register.php?action=err&mes=注册失败!用户名已存在!");
exit;
} else {
if (!is_numeric($studentid)) {
header("location: register.php?action=err&mes=注册失败!学号不正确!");
exit;
} else {
if (!add_user($username, $password, $email, $studentid)) {
header("location: register.php?action=err&mes=注册失败!请检查其他信息!");
exit;
} else {
$_SESSION['userid'] = get_user_by_name($username)['userid'];
header("location: userdetails.php?action=succ&mes=注册成功!欢迎加入" . show_user_by_id($_SESSION['userid']));
exit;
}
}
}
} else {
no_access('register.php');
}
global $password;
if (@$_POST['username'] and @$_POST['password']) {
$username = $_POST['username'];
$password = $_POST['password'];
if (!empty($username) and !empty($password)) {
$user = get_user_by_name($username);
if (!$user) {
// echo '<HTML><HEAD><META HTTP-EQUIV="refresh" CONTENT="3;url=login.php"></HEAD><BODY>';
header("location: login.php?action=err&mes=登录失败!用户不存在!请重试!");
exit;
} else {
if ($user['password'] == hash_password($password)) {
$_SESSION['userid'] = $user['userid'];
header("location: userdetails.php?action=succ&mes=登录成功!欢迎回来:" . show_user_by_id($user['userid']));
exit;
} else {
header("location: login.php?action=err&mes=登录失败!密码错误!请重试!");
exit;
}
}
} else {
no_access();
}
} else {
no_access();
}
?>
public function getContent()
{
global $sql;
if (!LOGGED) {
return no_access('By mieć dostęp do edycji profilu musisz się zalogować.');
}
$note = new Notifier();
$err = new Error();
$edit = isset($_POST['edit']) ? true : false;
$countries = (include 'lang/countries.php');
asort($countries);
//Edit user by ID
if (ctype_digit(u1)) {
$profile = $sql->query('
SELECT u.*
FROM ' . DB_PREFIX . 'users u
WHERE u.id = ' . u1)->fetch(PDO::FETCH_ASSOC);
if ($profile) {
Kio::addTitle(t('Users'));
Kio::addBreadcrumb(t('Users'), 'users');
Kio::addTitle($profile['nickname'] . ' - ' . t('Edit profile'));
Kio::addBreadcrumb($profile['nickname'], 'profile/' . u1);
Kio::addBreadcrumb(t('Edit profile'), 'edit_profile/' . u1);
$form = $profile;
} else {
return not_found(t('Selected user doesn't exists.'), array(t('This person was deleted from database.'), t('Entered URL is invalid.')));
}
} else {
$profile = User::toArray();
Kio::addTitle(t('Edit profile'));
Kio::addBreadcrumb(t('Edit profile'), 'edit_profile');
}
$form = $profile;
$form['password'] = '';
$form['password2'] = '';
$form['birthdate'] = explode('-', $profile['birthdate']);
$form['newsletter'] = $profile['newsletter'] ? 1 : 0;
$form['pm_notify'] = $profile['pm_notify'] ? 1 : 0;
$form['hide_email'] = $profile['hide_email'] ? 1 : 0;
if (!u1 || $profile) {
// Edit profile
if (!empty($edit)) {
$form = array('nickname' => Kio::getConfig('allow_change_nick', 'edit_profile') ? filter($_POST['nickname'], 100) : User::$nickname, 'password' => filter($_POST['password'], 100), 'password2' => filter($_POST['password2'], 100), 'email' => strtolower(filter($_POST['email'], 100)), 'forename' => $_POST['forename'], 'surname' => $_POST['surname'], 'gender' => $_POST['gender'], 'locality' => $_POST['locality'], 'country' => !empty($countries[$_POST['country']]) ? $_POST['country'] : '', 'communicator' => $_POST['communicator'], 'website' => $_POST['website'], 'birthdate' => array_map('intval', (array) $_POST['birthdate']), 'newsletter' => isset($_POST['newsletter']) ? 1 : 0, 'pm_notify' => isset($_POST['pm_notify']) ? 1 : 0, 'hide_email' => isset($_POST['hide_email']) ? 1 : 0, 'avatar' => $_FILES['avatar']['error'] == 0 && !$_POST['delete_avatar'] ? $_FILES['avatar'] : array(), 'delete_avatar' => isset($_POST['delete_avatar']) ? 1 : 0, 'photo' => isset($_FILES['photo']) ? $_FILES['photo'] : null, 'delete_photo' => isset($_POST['delete_photo']) ? 1 : 0, 'title' => $_POST['title'], 'interests' => $_POST['interests'], 'signature' => $_POST['signature']);
$allowed_types = array('image/png' => 'png', 'image/jpeg' => 'jpg', 'image/gif' => 'gif');
// Nickname
$err->setError('nickname_empty', t('ERROR_NICKNAME_EMPTY'))->condition(!$form['nickname']);
$err->setError('nickname_exists', t('ERROR_NICKNAME_EXISTS'))->condition(Kio::getConfig('allow_change_nick', 'edit_profile') && $form['nickname'] && strtolower($form['nickname']) != strtolower($profile['nickname']) && is_registered($form['nickname']));
// Password
$err->setError('password_differ', t('ERROR_PASSWORD_DIFFER'))->condition($form['password'] != $form['password2']);
// E-mail
$err->setError('email_empty', t('ERROR_EMAIL_EMPTY'))->condition(!$form['email']);
if ($form['email']) {
$err->setError('email_invalid', t('ERROR_EMAIL_INVALID'))->condition($form['email'] && !is_email($form['email']));
$err->setError('email_exists', t('ERROR_EMAIL_EXISTS'))->condition($form['email'] != $profile['email'] && is_email($form['email']) && is_registered($form['email'], 'email'));
}
// Birthdate
$err->setError('birthdate_invalid', t('ERROR_BIRTHDATE'))->condition(array_sum($form['birthdate']) > 0 && !is_date('Y-n-j', $form['birthdate'][0] . '-' . $form['birthdate'][1] . '-' . $form['birthdate'][2]));
// Avatar
if ($form['avatar']) {
$err->avatar_invalid_type(t('ERROR_ava'))->condition(!in_array($form['avatar']['type'], array_keys($allowed_types)));
$err->avatar_exceeded_max_size(t('ERROR_ava'))->condition(Kio::getConfig('avatar_size_max', 'edit_profile') && !$err->isError('avatar_invalid_type') && $form['avatar']['size'] > Kio::getConfig('avatar_size_max', 'edit_profile'));
}
// No errors
if ($err->noErrors()) {
if ($form['delete_avatar']) {
unlink(ROOT . 'images/avatars/' . $profile['id'] . '.' . User::$avatar);
}
if ($form['avatar']) {
move_uploaded_file($_FILES['avatar']['tmp_name'], ROOT . 'images/avatars/' . $profile['id'] . '.' . $allowed_types[$form['avatar']['type']]);
if ($allowed_types[$form['avatar']['type']] != User::$avatar) {
unlink(ROOT . 'images/avatars/' . $profile['id'] . '.' . User::$avatar);
}
}
$form['birthdate'] = array_sum($form['birthdate']) > 0 ? $form['birthdate'][0] . '-' . $form['birthdate'][1] . '-' . $form['birthdate'][2] : '';
$sql->exec('
UPDATE ' . DB_PREFIX . 'users
SET nickname = "' . (Kio::getConfig('allow_change_nick', 'edit_profile') ? $form['nickname'] : User::$nickname) . '",
' . ($form['password'] ? 'pass = "******",' : '') . '
email = "' . $form['email'] . '",
forename = "' . $form['forename'] . '",
surname = "' . $form['surname'] . '",
gender = ' . ($form['gender'] == 1 || $form['gender'] == 2 ? (int) $form['gender'] : 0) . ',
locality = "' . $form['locality'] . '",
country = "' . $form['country'] . '",
communicator = "' . $form['communicator'] . '",
website = "' . $form['website'] . '",
birthdate = "' . $form['birthdate'] . '",
newsletter = ' . $form['newsletter'] . ',
pm_notify = ' . $form['pm_notify'] . ',
hide_email = ' . $form['hide_email'] . ',
' . ($form['avatar'] ? 'avatar = "' . $allowed_types[$form['avatar']['type']] . '",' : ($form['delete_avatar'] ? 'avatar = "",' : '')) . '
title = "' . $form['title'] . '",
interests = "' . $form['interests'] . '",
signature = "' . $form['signature'] . '"
WHERE id = ' . $profile['id']);
$note->success(t('Your profile was modified successfully.'));
redirect(HREF . 'edit_profile');
} else {
$note->error($err->toArray());
}
}
try {
$tpl = new PHPTAL('modules/edit_profile/edit_profile.tpl.html');
$tpl->profile = $profile;
$tpl->countries = $countries;
$tpl->allow_change_nick = Kio::getConfig('allow_change_nick', 'edit_profile');
$tpl->form = $form;
$tpl->err = $err->toArray();
$tpl->note = $note;
return $tpl->execute();
} catch (Exception $e) {
return template_error($e);
}
}
}
if (u2) {
require_once ROOT . 'modules/' . u2 . '/admin/index.php';
// if (file_exists(ROOT.'modules/'.u2.'/admin/index.php'))
// {
// $permit['admin-'.u2].$permit['admin']
// ? require_once ROOT.'modules/'.u2.'/admin/index.php'
// : no_access(sprintf('Nie masz dostępu do administracji modułem <strong>%s</strong>.', u2));
// }
// else
// {
// not_found(sprintf($lang_system['PAGE_NOT_FOUND'], u2));
// }
} else {
require_once ROOT . 'admin/modules.php';
}
break;
case 'blocks':
$kio->path['admin/blocks'] = 'Bloki';
file_exists(ROOT . 'blocks/' . u2 . '/index.php') ? require_once ROOT . 'blocks/' . u2 . '/index.php' : not_found(sprintf($lang_system['PAGE_NOT_FOUND'], u2), array($lang_system['NO_FILE'], $lang_system['NO_CONTENT'], $lang_system['BAD_ADDRESS']));
break;
case 'includes':
file_exists(ROOT . 'system/' . u2 . '/index.php') ? $permit['admin-system-' . u2] . $permit['admin'] ? require_once ROOT . 'system/' . u2 . '/index.php' : no_access(sprintf('Dostęp do administracji rozszerzeniem <strong>%s</strong> jest zabroniony.', u2)) : not_found(sprintf($lang_system['PAGE_NOT_FOUND'], u2), array($lang_system['NO_FILE'], $lang_system['NO_CONTENT'], $lang_system['BAD_ADDRESS']));
break;
default:
file_exists(ROOT . 'admin/' . u1 . '/index.php') ? require_once ROOT . 'admin/' . u1 . '/index.php' : not_found(sprintf($lang_system['PAGE_NOT_FOUND'], u2), array($lang_system['NO_FILE'], $lang_system['NO_CONTENT'], $lang_system['BAD_ADDRESS']));
}
} else {
require_once ROOT . 'admin/default.php';
}
$admin['columns'] = 2;
block('Wskazówka', 'tips', 'L', 0, 1, 'Co robić, żeby było dobrze?');
* User: Pal
* Date: 2015/11/13
* Time: 16:11
*/
include_once "linkstart.php";
if (!is_login()) {
header("location: login.php");
exit;
}
if (@$_POST['username'] and @$_POST['studentid'] and @$_POST['email']) {
$username = $_POST['username'];
$studentid = $_POST['studentid'];
$email = $_POST['email'];
$qq = @$_POST['qq'];
$phone = @$_POST['phone'];
$signature = @$_POST['signature'];
if ($user = get_user_by_id($_SESSION['userid'])) {
if (!($err = edit_user($user['userid'], $username, $studentid, $email, $signature, $qq, $phone))) {
header("location: userdetails.php?action=succ");
} else {
header("location: userdetails.php?action=err&mes=" . $err);
}
} else {
no_access('修改信息页面');
}
} else {
header("location: userdetails.php?action=err&mes=用户名、学生证号或邮箱均不能为空!");
}
?>