/** * @return &array объект запроса */ function &construct() { $Request = []; setQuery($Request, isset($_GET) ? $_GET : []); setPost($Request, isset($_POST) ? $_POST : []); setServer($Request, $_SERVER); global $argc, $argv; setArgc($Request, isset($argc) ? $argc : 0); setArgv($Request, isset($argv) ? $argv : []); return $Request; }
function setQuery($spec, $value = null) { if (null === $value && !is_array($spec)) { return; } if (null === $value && is_array($spec)) { foreach ($spec as $key => $value) { setQuery($key, $value); } return true; } $_GET[(string) $spec] = $value; return true; }
} else { // no, we start a new session $deliveredrecords = 0; $extquery = ''; $metadataPrefix = $args['metadataPrefix']; if (isset($args['from'])) { $from = checkDateFormat($args['from']); $extquery .= fromQuery($from); } if (isset($args['until'])) { $until = checkDateFormat($args['until']); $extquery .= untilQuery($until); } if (isset($args['set'])) { if (is_array($SETS)) { $extquery .= setQuery($args['set']); } else { $errors[] = oai_error('noSetHierarchy'); } } } if (!empty($errors)) { oai_exit(); } // Load the handler if (is_array($METADATAFORMATS[$metadataPrefix]) && isset($METADATAFORMATS[$metadataPrefix]['myhandler'])) { $inc_record = $METADATAFORMATS[$metadataPrefix]['myhandler']; include $inc_record; } else { $errors[] = oai_error('cannotDisseminateFormat', 'metadataPrefix', $metadataPrefix); }
} if (isset($args['from'])) { if (!checkDateFormat($from)) { $errors .= oai_error('badGranularity', 'from', $from); } $extquery .= fromQuery($from); } if (isset($args['until'])) { if (!checkDateFormat($until)) { $errors .= oai_error('badGranularity', 'until', $until); } $extquery .= untilQuery($until); } if (isset($args['set'])) { // if (is_array($SETS)) { $extquery .= setQuery($set); // } else { // $errors .= oai_error('noSetHierarchy'); // oai_exit(); // } } } if (empty($errors)) { $query = idQuery() . $extquery; $res = $db->query($query); if (DB::isError($res)) { if ($SHOW_QUERY_ERROR) { echo __FILE__ . ',' . __LINE . "<br />"; echo "Query: {$query}<br />\n"; die($db->errorNative()); } else {
function getResult($result = '', $query = null) { if ($query) { $args = func_get_args(); $result = setQuery($args); } if ($result) { if ($row = mysql_fetch_row($result)) { return $row[0]; } } return false; }
header('Location: chat.php'); die; } } if (isset($_POST['username'])) { //Preprocess username and password $username = strtolower($connection->real_escape_string($_POST['username'])); $password = password_hash($connection->real_escape_string($_POST['password']), PASSWORD_DEFAULT); //Look for matching users $user = mysqli_fetch_array(getQuery("SELECT * FROM user WHERE username = '******'")); //If a matching user was found, redirect to chat if (password_verify($connection->real_escape_string($_POST['password']), $user['password'])) { $_SESSION['user'] = $user; $token = $_SESSION['user']['id'] . password_hash(strval(time()), PASSWORD_DEFAULT); $id = $_SESSION['user']['id']; setQuery("INSERT INTO user_session VALUES ({$id}, '{$token}')"); //Close connection to database mysqli_close($connection); setcookie('usercookie', $token, 86400 * 365 * 100); header('Location: chat.php'); die; } //Close connection to database mysqli_close($connection); //Store error message if login was unsuccessful $message = '<span class="error-message">' . getString("incorrectUserOrPassword") . '</span>'; } ?> <!DOCTYPE html> <html lang="en"> <head>
setQuery("CREATE TABLE `message` (\n\t\t\t `id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t `content` text NOT NULL,\n\t\t\t `author` int(11) NOT NULL,\n\t\t\t `timestamp` int(11) NOT NULL,\n\t\t\t `edit` int(11) NOT NULL DEFAULT '0',\n\t\t\t `skype` int(11) NOT NULL DEFAULT '0',\n\t\t\t PRIMARY KEY (`id`)\n\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=latin1"); setQuery("DROP TABLE IF EXISTS `style`"); setQuery("CREATE TABLE `style` (\n\t\t\t `id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t `name` varchar(30) NOT NULL,\n\t\t\t `css` varchar(30) NOT NULL,\n\t\t\t `primarycolor` varchar(30) NOT NULL,\n\t\t\t `secondarycolor` varchar(30) NOT NULL,\n\t\t\t `backgroundcolor` varchar(30) NOT NULL,\n\t\t\t `scrollbar` varchar(30) NOT NULL,\n\t\t\t `markup` varchar(30) NOT NULL,\n\t\t\t PRIMARY KEY (`id`)\n\t\t\t) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=latin1"); setQuery("INSERT INTO `style` (`id`, `name`, `css`, `primarycolor`, `secondarycolor`, `backgroundcolor`, `scrollbar`, `markup`) VALUES\n\t\t\t(1, 'Standard', 'standard.css', '#428BCA', '#EDF9FC', '#FFFFFF', 'dark-thick', 'highlight.xcode.css')"); setQuery("DROP TABLE IF EXISTS `user`"); setQuery("CREATE TABLE `user` (\n\t\t\t `username` varchar(20) NOT NULL,\n\t\t\t `display_name` varchar(30) NOT NULL,\n\t\t\t `id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t `password` varchar(255) NOT NULL,\n\t\t\t `online` int(11) NOT NULL DEFAULT '0',\n\t\t\t `status` int(11) NOT NULL DEFAULT '1',\n\t\t\t `status_message` varchar(100) NOT NULL,\n\t\t\t `image` int(11) DEFAULT NULL,\n\t\t\t `is_typing` int(11) NOT NULL DEFAULT '0',\n\t\t\t `language` int(11) NOT NULL DEFAULT '1',\n\t\t\t `mute_sounds` int(11) NOT NULL DEFAULT '0',\n\t\t\t `last_activity` int(11) NOT NULL DEFAULT '0',\n\t\t\t `style` int(11) NOT NULL DEFAULT '1',\n\t\t\t PRIMARY KEY (`id`)\n\t\t\t) ENGINE=InnoDB DEFAULT CHARSET=latin1"); setQuery('INSERT INTO `user` (`username`, `display_name`, `password`, `status_message`) VALUES ("' . strtolower($connection->real_escape_string($_POST['username'])) . '", "' . $connection->real_escape_string($_POST["display"]) . '", "' . password_hash($connection->real_escape_string($_POST['password']), PASSWORD_DEFAULT) . '", "")'); setQuery("DROP TABLE IF EXISTS `user_session`"); setQuery("CREATE TABLE `user_session` (\n\t\t\t `id` int(11) NOT NULL,\n\t\t\t `token` varchar(255) DEFAULT NULL\n\t\t\t) ENGINE=MyISAM DEFAULT CHARSET=latin1"); setQuery("DROP TABLE IF EXISTS `edited_message`"); setQuery("CREATE TABLE `edited_message` (\n\t\t\t `id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t `message` int(11) NOT NULL,\n\t\t\t `timestamp` int(11) NOT NULL,\n\t\t\t PRIMARY KEY(`id`)\n\t\t\t) ENGINE=MyISAM DEFAULT CHARSET=latin1"); setQuery("DROP TABLE IF EXISTS `language`"); setQuery("CREATE TABLE `language` (\n\t\t\t `id` int(11) NOT NULL AUTO_INCREMENT,\n\t\t\t `name` varchar(30) DEFAULT NULL,\n\t\t\t `local_name` varchar(30) DEFAULT NULL,\n\t\t\t PRIMARY KEY(`id`)\n\t\t\t) ENGINE=MyISAM DEFAULT CHARSET=latin1"); setQuery('INSERT INTO `language` (`name`, `local_name`) VALUES ("english", "English")'); setQuery('INSERT INTO `language` (`name`, `local_name`) VALUES ("norwegian", "Norsk")'); //Write to .ini file createIniFile($_POST["ip"], $_POST["db_user"], $_POST["db_password"], $_POST["db_name"]); // Redirect browser header("Location: ./index.php"); //Delete this file upon completion //unlink(__FILE__); } } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8">
function setDB() { global $time, $link, $rankingtableList, $DB, $time; $date = setDate($time); $query1 = "SELECT '" . $DB . "' FROM team1 WHERE date='" . $date . "'"; $query2 = "SELECT '" . $DB . "' FROM team2 WHERE date='" . $date . "'"; $get1 = mysql_query($query1, $link); $get1 = mysql_num_rows($get1); $get2 = mysql_query($query2, $link); $get2 = mysql_num_rows($get2); if ($get1 == 0 && $get2 == 0) { for ($i = 0; $i < sizeof($rankingtableList); $i++) { $team1 = $rankingtableList[$i]['team1']; $team2 = $rankingtableList[$i]['team2']; echo "<br>" . $team1['name']; $coefficient = getCoefficient($team1['name'], $team2['name']); $oldpoints = $rankingtableList[$i]['tables']['oldpoints']; $query1 = setQuery($team1, $oldpoints, "team1"); $query2 = setQuery($team2, $oldpoints, "team2"); mysql_query($query1, $link); $id1 = mysql_insert_id(); mysql_query($query2, $link); $id2 = mysql_insert_id(); $querysoccerteams = "SELECT '" . $DB . "' FROM soccerteams WHERE team1id ='" . $id1 . "' OR team2id ='" . $id2 . "'"; $getsoccerteams = mysql_query($querysoccerteams, $link); $number = mysql_num_rows($getsoccerteams); if ($number == 0) { $querysoccerteams = "INSERT INTO soccerteams (team1id,team2id,one,x,two,date) VALUES ('" . $id1 . "','" . $id2 . "','" . $coefficient['one'] . "','" . $coefficient['x'] . "','" . $coefficient['two'] . "','" . $date . "')"; mysql_query($querysoccerteams, $link); $scteamsid = mysql_insert_id(); setDbtable($scteamsid, $rankingtableList[$i]['tables']['table3']); } } } }
$relWords = array(); foreach ($userWords as $k => $v) { if ($mostUsedWords[$k] >= 10) // To avoid words you've used 1-9 times and no one else uses to dominate the list $relWords[$k] = ($v / $numWordsUser) / ($mostUsedWords[$k] / $numWordsTotal); } asort($relWords); $relWords = array_reverse($relWords); printWordList($relWords, true); $content[] = '<br>'.getString('relMostUsedEmoticonsFor').' '.$user['username'].':<br>'; $relEmoticons = array(); foreach ($userEmoticons as $k => $v) { if ($mostUsedWords[$k] >= 10) // To avoid emoticons you've used 1-9 times and no one else uses to dominate the list $relEmoticons[$k] = ($v / $numEmoticonsUser) / ($mostUsedEmoticons[$k] / $numEmoticonsTotal); } asort($relEmoticons); $relEmoticons = array_reverse($relEmoticons); printWordList($relEmoticons, true); }*/ } } echo mysqli_fetch_assoc(getQuery("SELECT stats FROM chat"))["stats"]; // This should probably be done in a thread or similar $lastStats = mysqli_fetch_assoc(getQuery("SELECT stats_timestamp FROM chat"))["stats_timestamp"]; if (time() - 24 * 60 * 60 > $lastStats) { getNumbers(); getUserActivity(); getDailyActivity(); $json = json_encode($stats, JSON_NUMERIC_CHECK); $time = time(); setQuery("UPDATE chat SET stats = '{$json}', stats_timestamp = '{$time}'"); }
function uploadUserOrChatImage($file, $uploader, $savePath, $maxSize, $type) { $originalFileName = $file["name"][0]; $uploadTime = time(); $fileSize = $file["size"][0]; //Create unique id for file $fileIdresult = getQuery("SELECT * FROM file WHERE id=(SELECT MAX(id) FROM file)"); $newFileIdAssoc = $fileIdresult->fetch_assoc(); $newFileId = $newFileIdAssoc["id"] + 1; //check if file is an image: $mime = mime_content_type($file['tmp_name'][0]); if (!strstr($mime, "image/")) { printJson('{"status": "failure", "message": " ' . $originalFileName . ' ' . getString('notAnImage') . '."}'); return; } //Format for filename 'id.fileExtension' $newFileName = $newFileId . substr($originalFileName, strrpos($originalFileName, '.')); if ($fileSize > $maxSize) { printJson('{"status": "failure", "message": " ' . $originalFileName . ' ' . getString('fileIsTooLarge') . '."}'); return; } //Add to database setQuery("INSERT INTO file (path, uploader, name, mime_type, timestamp) VALUES ('{$newFileName}', '{$uploader}', '{$originalFileName}','{$mime}', '{$uploadTime}')"); $success = move_uploaded_file($file['tmp_name'][0], $savePath . $newFileName); if ($success && $type == "userImage") { setUserImage($uploader, $newFileId); printJson('{"status": "success", "message": " ' . getString('theFile') . ' ' . $originalFileName . ' ' . getString('wasUploaded') . '."}'); } elseif ($success && $type == "chatImage") { setChatImage($newFileId, $uploader); printJson('{"status": "success", "message": " ' . getString('theFile') . ' ' . $originalFileName . ' ' . getString('wasUploaded') . '."}'); } else { printJson('{"status": "success", "message": "' . getString('uploadFailed') . '."}'); } }
function releaseLive($smarty, $msi, $user_id) { //echo '<pre>'.print_r($_POST,true)."</pre>"; /* First, get the data for the fields selected for release. Only consider fields that have been changed. User fields have data_id = 'u' Contact fields have data_id=address_id, phone_id, or e-mail_id for existing items, and -hold_id for adds. */ $contact_id = $_POST['contact_id']; $user_data = new UserData($msi, $smarty, $user_id, $contact_id); $contact_data = new ContactData($msi, $smarty, $user_id, $contact_id); $err_msg = ''; //echo '<pre>'.print_r($contact_data,true).'</pre>'; //echo '<pre>'.print_r($user_data,true).'</pre>'; $data_keys = array(); foreach ($_POST as $key => $px) { if (substr($key, 0, 1) == 's') { $data_type = substr($key, 1, 1); // a, p, e, u $field_name = substr($key, strpos($key, '_', 3) + 1); /*echo '<br />data type, field name: '.$data_type.' '. $field_name;*/ if ($data_type == 'u') { $data_id = 'u'; $trans_type = $user_data->getTransType($field_name); if ($trans_type != '') { $val = $user_data->getVal($field_name); $data_keys[] = array('data_type' => $data_type, 'data_id' => $data_id, 'trans_type' => $trans_type, 'field_name' => $field_name, 'val' => $val); } } else { $data_id = substr($key, 3, strpos($key, '_', 3) - 3); $trans_type = $contact_data->getTransType($data_type, $data_id, $field_name); //echo '<br />data id, trans type: '.$data_id.' '.$trans_type; if ($trans_type != '') { $val = $contact_data->getVal($data_type, $data_id, $field_name); $data_keys[] = array('data_type' => $data_type, 'data_id' => $data_id, 'trans_type' => $trans_type, 'field_name' => $field_name, 'val' => $val); } } } } //echo '<pre>'.print_r($data_keys,true).'</pre>'; sort($data_keys); //echo '<pre>data keys: '.print_r($data_keys,true).'</pre>'; $data_id = ''; $data_type = ''; foreach ($data_keys as $px) { if ($data_id != $px['data_id'] || $data_type != $px['data_type']) { if ($data_id != '') { // update db setQuery($msi, $user_id, $data_type, $data_id, $contact_id, $trans_type, $userq, $addfields, $addvals, $changeq, $changew, $err_msg); } // (re-) set variables $data_id = $px['data_id']; $data_type = $px['data_type']; $c_count = false; $userq = ''; $addfields = ''; $addvals = ''; $changeq = ''; $changew = ''; // where clause } $trans_type = $px['trans_type']; $field_name = $px['field_name']; $val = $px['val']; /*echo "<br />data_id, data_type, trans_type, field_name, val: ". "$data_id, $data_type, $trans_type, $field_name, $val";*/ if ($data_type == 'u') { // user data if ($c_count) { // if there is already something in the list $userq .= ','; } if ($field_name == 'birth_date') { $userq .= $field_name . "=str_to_date('{$val}','%m/%d/%Y')"; } else { $userq .= $field_name . "='" . $val . "'"; } } else { // address, phone, or e-mail switch ($trans_type) { case 'add': if ($val != '') { if ($data_type == 'p' && $field_name == 'number') { $val = str_replace(array('(', ')', ' ', '-'), "", $val); } if ($c_count) { $addfields .= ','; $addvals .= ','; } else { if ($data_type == 'p') { $addfields = 'owner_id,formatted,'; $addvals = $contact_id . ',0,'; } else { $addfields = 'owner_id,'; $addvals = $contact_id . ','; } } $addfields .= $field_name; $addvals .= "'" . $val . "'"; } break; case 'change': if ($data_type == 'p' && $field_name == 'number') { $val = str_replace(array('(', ')', ' ', '-'), '', $val); } if ($c_count) { $changeq .= ','; } else { if ($data_type == 'p') { $changeq = 'formatted=0,'; } else { $changeq = ''; } $changew = " where " . tableName($data_type) . "_id=" . $data_id; } $changeq .= $field_name . "='" . $val . "'"; break; //case 'del': /* delete query only uses $data_type, $data_id, and $contact_id, set elsewhere */ // break; } } $c_count = true; } setQuery($msi, $user_id, $data_type, $data_id, $contact_id, $trans_type, $userq, $addfields, $addvals, $changeq, $changew, $err_msg); unset($user_data, $contact_data); return $err_msg; }
} $muteSound = isset($_POST['sound']) == true ? 1 : 0; if ($user['mute_sounds'] != $muteSound) { setQuery("UPDATE user set mute_sounds = " . $muteSound . " WHERE id = " . $user['id']); } $passwordMessage = ""; //change password if (isset($_POST['oldPassword'])) { if (password_verify($connection->real_escape_string($_POST['oldPassword']), $user['password'])) { if (empty($_POST['newPassword'])) { $passwordMessage = "password can't be empty"; } elseif ($_POST['newPassword'] != $_POST['repeatPassword']) { $passwordMessage = "the new passwords don't match"; } else { $hashedNewPassword = password_hash($_POST['newPassword'], PASSWORD_DEFAULT); setQuery("UPDATE user set password = '******' WHERE id= " . $user['id']); $passwordMessage = "password changed"; } } else { $passwordMessage = "invalid password"; } } //Update page updateUserSession(); header('Location: chat.php'); die; } $languages = getQuery("SELECT * FROM language"); $languageOptions = ''; while ($lang = mysqli_fetch_assoc($languages)) { $selected = $lang['id'] == $user['language'] ? " selected" : "";