Ejemplo n.º 1
0
function styles_combo($all = false, $selected = "")
{
    global $THIS_BASEPATH, $language;
    if (!$all) {
        $sr = style_list();
        foreach ($sr as $s) {
            $news[] = $s["style_url"];
        }
    }
    $dir = @opendir("{$THIS_BASEPATH}/style");
    $lc = "\n<select name=\"style_url\" size=\"1\">";
    if ($selected == "") {
        $lc .= "\n<option value=\"\">" . $language["SELECT"] . "</option>";
    }
    while ($file = @readdir($dir)) {
        if (is_dir("{$THIS_BASEPATH}/style/{$file}") && $file != "." && $file != ".." && file_exists("{$THIS_BASEPATH}/style/{$file}/index.php")) {
            if (!$all && !in_array("style/{$file}", $news) || $all) {
                $lc .= "\n<option value=\"{$file}\" " . ($selected == "style/{$file}" ? "selected=\"selected\"" : "") . ">{$file}</option>";
            }
        }
    }
    @closedir($dir);
    $lc .= "</select>";
    return $lc;
}
Ejemplo n.º 2
0
if (answer)
window.location='index.php?page=usercp&uid=<?php 
echo $CURUSER["uid"];
?>
&do=pm&action=list'
// -->
}
</script>
<?php 
if (isset($CURUSER) && $CURUSER && $CURUSER["uid"] > 1) {
    print "<form name=\"jump1\" action=\"index.php\" method=\"post\">\n";
    ?>
<table cellpadding="0" cellspacing="0" width="100%">
<tr>
<?php 
    $style = style_list();
    $langue = language_list();
    $block[0]["id"] = "yes";
    $block[0]["block"] = "side blocks";
    $block[1]["id"] = "nol";
    $block[1]["block"] = "no left";
    $block[2]["id"] = "nor";
    $block[2]["block"] = "no right";
    $block[3]["id"] = "no";
    $block[3]["block"] = "no blocks";
    // group image
    $rsr = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT picture FROM {$TABLE_PREFIX}users_level WHERE id_level=" . $CURUSER['id']);
    $rosr = mysqli_fetch_array($rsr);
    if ($rosr["picture"] == '') {
        $xx = '';
    } else {
Ejemplo n.º 3
0
function tabella($action, $dati = array())
{
    global $idflag, $link, $idlangue, $idstyle, $CURUSER, $USE_IMAGECODE, $TABLE_PREFIX, $language, $tpl_account, $THIS_BASEPATH;
    if ($action == "signup") {
        $dati["username"] = "";
        $dati["email"] = "";
        $dati["language"] = $idlangue;
    }
    // avoid error with js
    $language["DIF_PASSWORDS"] = AddSlashes($language["DIF_PASSWORDS"]);
    $language["INSERT_PASSWORD"] = AddSlashes($language["INSERT_PASSWORD"]);
    $language["USER_PWD_AGAIN"] = AddSlashes($language["USER_PWD_AGAIN"]);
    $language["INSERT_USERNAME"] = AddSlashes($language["INSERT_USERNAME"]);
    $language["ERR_NO_EMAIL"] = AddSlashes($language["ERR_NO_EMAIL"]);
    $language["ERR_NO_EMAIL_AGAIN"] = AddSlashes($language["ERR_NO_EMAIL_AGAIN"]);
    $language["DIF_EMAIL"] = AddSlashes($language["DIF_EMAIL"]);
    $tpl_account->set("language", $language);
    $tpl_account->set("account_action", $action);
    $tpl_account->set("account_form_actionlink", htmlspecialchars("index.php?page=signup&act={$action}&returnto={$link}"));
    $tpl_account->set("account_uid", $dati["id"]);
    $tpl_account->set("account_returnto", urlencode($link));
    $tpl_account->set("account_IDlanguage", $idlang);
    $tpl_account->set("account_IDstyle", $idstyle);
    $tpl_account->set("account_IDcountry", $idflag);
    $tpl_account->set("account_username", $dati["username"]);
    $tpl_account->set("dati", $dati);
    $tpl_account->set("DEL", $action == "delete", true);
    $tpl_account->set("DISPLAY_FULL", $action == "signup", true);
    if ($action == "del") {
        $tpl_account->set("account_from_delete_confirm", "<input type=\"submit\" name=\"elimina\" value=\"" . $language["FRM_DELETE"] . "\" />&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"submit\" name=\"elimina\" value=\"" . $language["FRM_CANCEL"] . "\" />");
    } else {
        $tpl_account->set("account_from_delete_confirm", "<input type=\"submit\" name=\"conferma\" value=\"" . $language["FRM_CONFIRM"] . "\" />&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"reset\" name=\"annulla\" value=\"" . $language["FRM_CANCEL"] . "\" />");
    }
    $lres = language_list();
    $option = "\n<select name=\"language\" size=\"1\">";
    foreach ($lres as $langue) {
        $option .= "\n<option ";
        if ($langue["id"] == $dati["language"]) {
            $option .= "\"selected\" ";
        }
        $option .= "value=\"" . $langue["id"] . "\">" . $langue["language"] . "</option>";
    }
    $option .= "\n</select>";
    $tpl_account->set("account_combo_language", $option);
    $sres = style_list();
    $option = "\n<select name=\"style\" size=\"1\">";
    foreach ($sres as $style) {
        $option .= "\n<option ";
        if ($style["id"] == $dati["style"]) {
            $option .= "\"selected\" ";
        }
        $option .= "value=\"" . $style["id"] . "\">" . $style["style"] . "</option>";
    }
    $option .= "\n</select>";
    $tpl_account->set("account_combo_style", $option);
    $fres = flag_list();
    $option = "\n<select name=\"flag\" size=\"1\">\n<option value='0'>---</option>";
    $thisip = $_SERVER["REMOTE_ADDR"];
    $remotedns = gethostbyaddr($thisip);
    if ($remotedns != $thisip) {
        $remotedns = strtoupper($remotedns);
        preg_match('/^(.+)\\.([A-Z]{2,3})$/', $remotedns, $tldm);
        if (isset($tldm[2])) {
            $remotedns = mysql_escape_string($tldm[2]);
        }
    }
    foreach ($fres as $flag) {
        $option .= "\n<option ";
        if ($flag["id"] == $dati["flag"] || $flag["domain"] == $remotedns && $action == "signup") {
            $option .= "\"selected\" ";
        }
        $option .= "value=\"" . $flag["id"] . "\">" . $flag["name"] . "</option>";
    }
    $option .= "\n</select>";
    $tpl_account->set("account_combo_country", $option);
    $zone = date('Z', time());
    $daylight = date('I', time()) * 3600;
    $os = $zone - $daylight;
    if ($os != 0) {
        $timeoff = $os / 3600;
    } else {
        $timeoff = 0;
    }
    if (!$CURUSER || $CURUSER["uid"] == 1) {
        $dati["time_offset"] = $timeoff;
    }
    $tres = timezone_list();
    $option = "<select name=\"timezone\">";
    foreach ($tres as $timezone) {
        $option .= "\n<option ";
        if ($timezone["difference"] == $dati["time_offset"]) {
            $option .= "selected=\"selected\" ";
        }
        $option .= "value=\"" . $timezone["difference"] . "\">" . unesc($timezone["timezone"]) . "</option>";
    }
    $option .= "\n</select>";
    $tpl_account->set("account_combo_timezone", $option);
    // -----------------------------
    // Captcha hack
    // -----------------------------
    // if set to use secure code: try to display imagecode
    if ($USE_IMAGECODE && $action != "mod") {
        if (extension_loaded('gd')) {
            $arr = gd_info();
            if ($arr['FreeType Support'] == 1) {
                $p = new ocr_captcha();
                $tpl_account->set("CAPTCHA", true, true);
                $tpl_account->set("account_captcha", $p->display_captcha(true));
                $private = $p->generate_private();
            } else {
                include "{$THIS_BASEPATH}/include/security_code.php";
                $scode_index = rand(0, count($security_code) - 1);
                $scode = "<input type=\"hidden\" name=\"security_index\" value=\"{$scode_index}\" />\n";
                $scode .= $security_code[$scode_index]["question"];
                $tpl_account->set("scode_question", $scode);
                $tpl_account->set("CAPTCHA", false, true);
            }
        } else {
            include "{$THIS_BASEPATH}/include/security_code.php";
            $scode_index = rand(0, count($security_code) - 1);
            $scode = "<input type=\"hidden\" name=\"security_index\" value=\"{$scode_index}\" />\n";
            $scode .= $security_code[$scode_index]["question"];
            $tpl_account->set("scode_question", $scode);
            $tpl_account->set("CAPTCHA", false, true);
        }
    } elseif ($action != "mod") {
        include "{$THIS_BASEPATH}/include/security_code.php";
        $scode_index = rand(0, count($security_code) - 1);
        $scode = "<input type=\"hidden\" name=\"security_index\" value=\"{$scode_index}\" />\n";
        $scode .= $security_code[$scode_index]["question"];
        $tpl_account->set("scode_question", $scode);
        // we will request simple operation to user
        $tpl_account->set("CAPTCHA", false, true);
    }
    // -----------------------------
    // Captcha hack
    // -----------------------------
}
Ejemplo n.º 4
0
     $lres = language_list();
     $langtpl = array();
     foreach ($lres as $langue) {
         $langtpl["language_combo"] .= "\n<option ";
         if ($langue["id"] == $CURUSER["language"]) {
             $langtpl["language_combo"] .= "selected=\"selected\" ";
         }
         $langtpl["language_combo"] .= "value=\"" . $langue["id"] . "\">" . unesc($langue["language"]) . "</option>";
         $langtpl["language_combo"] .= $option;
     }
     unset($lres);
     $usercptpl->set("lang", $langtpl);
 }
 if ($btit_settings["hide_style_visible"] != "visible") {
     //style list
     $sres = style_list();
     $styletpl = array();
     foreach ($sres as $style) {
         $styletpl["style_combo"] .= "\n<option ";
         if ($style["id"] == $CURUSER["style"]) {
             $styletpl["style_combo"] .= "selected=\"selected\" ";
         }
         $styletpl["style_combo"] .= "value=\"" . $style["id"] . "\">" . unesc($style["style"]) . "</option>";
         $styletpl["style_combo"] .= $option;
     }
     unset($sres);
     $usercptpl->set("style", $styletpl);
 }
 //flag list
 $fres = flag_list();
 $flagtpl = array();
Ejemplo n.º 5
0
     $opts['default'] = $curu['team'];
 }
 # team list
 $teams = team_list();
 $admintpl->set('team_combo', get_combo($teams, $opts));
 # lang list
 $opts['name'] = 'language';
 $opts['value'] = 'language';
 $opts['default'] = $curu['language'];
 $langs = language_list();
 $admintpl->set('language_combo', get_combo($langs, $opts));
 # style list
 $opts['name'] = 'style';
 $opts['value'] = 'style';
 $opts['default'] = $curu['style'];
 $styles = style_list();
 $admintpl->set('style_combo', get_combo($styles, $opts));
 # timezone list
 $opts['name'] = 'timezone';
 $opts['id'] = 'difference';
 $opts['value'] = 'timezone';
 $opts['default'] = $curu['time_offset'];
 $tzones = timezone_list();
 $admintpl->set('tz_combo', get_combo($tzones, $opts));
 # flag list
 $opts['complete'] = false;
 $opts['value'] = 'name';
 $opts['id'] = 'id';
 $opts['default'] = $curu['flag'];
 $flags = flag_list();
 $admintpl->set('flag_combo', get_combo($flags, $opts));
Ejemplo n.º 6
0
     $id = intval($_GET["id"]);
     if ($id != $DEFAULT_LANGUAGE) {
         $rlang = $db->query("SELECT * FROM language WHERE id = " . $id);
         $reslang = $rlang->fetch_array(MYSQLI_BOTH);
         $lang = $reslang["language_url"];
         if (unlink($lang)) {
             $db->query("UPDATE users SET language = " . $DEFAULT_LANGUAGE . " WHERE language = " . $id);
             $db->query("DELETE FROM language WHERE id = " . $id);
             @unlink(CACHE_PATH . 'language_list.txt');
         } else {
             err_msg(ERROR, DELFAILED);
         }
     }
     redirect("admincp.php?user="******"uid"] . "&code=" . user::$current["random"] . "&do=language&action=read");
 } elseif ($do == "style" && $action == "read") {
     $cat = style_list();
     block_begin(STYLE_SETTINGS);
     print "<br />&nbsp;&nbsp;<a href='admincp.php?user="******"uid"] . "&code=" . user::$current["random"] . "&do=style&action=add'><img alt='" . INSERT_NEW_STYLE . "' border='0' src='images/new.gif'></a>\n";
     print "<br /><br />\n<table class='lista' width='100%' align='center'>\n";
     print "<tr>\n";
     print "<td class='header' align='center'>" . STYLE_NAME . "</td>\n";
     print "<td class='header' align='center'>" . STYLE_URL . "</td>\n";
     print "<td class='header' align='center'>" . MEMBERS . "</td>\n";
     print "<td class='header' align='center'>" . EDIT . "</td>\n";
     print "<td class='header' align='center'>" . DELETE . "</td>\n";
     print "</tr>\n";
     foreach ($cat as $category) {
         $res = $db->query("SELECT * FROM users WHERE style = " . (int) $category["id"]);
         $total_users = intval(0 + @$res->num_rows);
         print "<tr>\n";
         print "<td class='lista' align='center'>" . security::html_safe(unesc($category["style"])) . "</td>\n";
Ejemplo n.º 7
0
function tabella($action, $dati = array())
{
    global $DBDT, $SITENAME, $INVITATIONSON, $code, $rid, $inviter, $idflag, $link, $idlangue, $idstyle, $CURUSER, $USE_IMAGECODE, $TABLE_PREFIX, $language, $tpl_account, $THIS_BASEPATH, $btit_settings;
    $password_length = 12;
    $generate_password = crypt(uniqid(mt_rand(), 1));
    $generate_password = strip_tags(stripslashes($generate_password));
    $generate_password = str_replace(".", "", $generate_password);
    $generate_password = strrev(str_replace("/", "", $generate_password));
    $generate_password = substr($generate_password, 0, $password_length);
    $pass_min_req = explode(",", $btit_settings["secsui_pass_min_req"]);
    $tpl_account->set("pass_min_char", $pass_min_req[0]);
    $tpl_account->set("pass_min_lct", $pass_min_req[1]);
    $tpl_account->set("pass_min_uct", $pass_min_req[2]);
    $tpl_account->set("pass_min_num", $pass_min_req[3]);
    $tpl_account->set("pass_min_sym", $pass_min_req[4]);
    $tpl_account->set("pass_char_plural", $pass_min_req[0] == 1 ? false : true, true);
    $tpl_account->set("pass_lct_plural", $pass_min_req[1] == 1 ? false : true, true);
    $tpl_account->set("pass_uct_plural", $pass_min_req[2] == 1 ? false : true, true);
    $tpl_account->set("pass_num_plural", $pass_min_req[3] == 1 ? false : true, true);
    $tpl_account->set("pass_sym_plural", $pass_min_req[4] == 1 ? false : true, true);
    $tpl_account->set("pass_lct_set", $pass_min_req[1] > 0 ? true : false, true);
    $tpl_account->set("pass_uct_set", $pass_min_req[2] > 0 ? true : false, true);
    $tpl_account->set("pass_num_set", $pass_min_req[3] > 0 ? true : false, true);
    $tpl_account->set("pass_sym_set", $pass_min_req[4] > 0 ? true : false, true);
    if ($action == "signup" || $action == "invite") {
        $tpl_account->set("BY_INVITATION", false, true);
        $dati["username"] = "";
        $dati["email"] = "";
        $dati["language"] = $idlangue;
        $dati["style"] = $idstyle;
    }
    $uid = $CURUSER["uid"];
    $r = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * from {$TABLE_PREFIX}users WHERE id = {$uid}");
    $x = mysqli_result($r, 0, "gender");
    $gender = "<input name=\"gen\" type=\"radio\" value=\"0\" checked=\"checked\" />\n\t\t\t  " . $language["MALE"] . "  </label>\n\t\t\t  <input name=\"gen\" type=\"radio\" value=\"1\" />\n\t\t\t" . $language["FEMALE"] . " ";
    $tpl_account->set("account_gender", $gender);
    // avoid error with js
    $language["DIF_PASSWORDS"] = AddSlashes($language["DIF_PASSWORDS"]);
    $language["INSERT_PASSWORD"] = AddSlashes($language["INSERT_PASSWORD"]);
    $language["USER_PWD_AGAIN"] = AddSlashes($language["USER_PWD_AGAIN"]);
    $language["INSERT_USERNAME"] = AddSlashes($language["INSERT_USERNAME"]);
    $language["ERR_NO_EMAIL"] = AddSlashes($language["ERR_NO_EMAIL"]);
    $language["ERR_NO_EMAIL_AGAIN"] = AddSlashes($language["ERR_NO_EMAIL_AGAIN"]);
    $language["DIF_EMAIL"] = AddSlashes($language["DIF_EMAIL"]);
    $language["PASSWORD_GENERATE"] = AddSlashes($language["PASSWORD_GENERATE"]);
    $language["PASSWORD_GENERATE_INFO"] = AddSlashes($language["PASSWORD_GENERATE_INFO"]);
    $tpl_account->set("language", $language);
    $tpl_account->set("account_action", $action);
    $tpl_account->set("account_form_actionlink", htmlspecialchars("index.php?page=signup&act={$action}&returnto={$link}"));
    $tpl_account->set("account_uid", $dati["id"]);
    $tpl_account->set("account_returnto", urlencode($link));
    if ($btit_settings["hide_language-visible"] != "visible") {
        $tpl_account->set("account_IDlanguage", $idlang);
    }
    if ($btit_settings["hide_style_visible"] != "visible") {
        $tpl_account->set("account_IDstyle", $idstyle);
    }
    $tpl_account->set("account_IDcountry", $idflag);
    $tpl_account->set("account_username", $dati["username"]);
    $tpl_account->set("password_generate", $generate_password);
    $tpl_account->set("dati", $dati);
    $tpl_account->set("DEL", $action == "delete", true);
    $tpl_account->set("DISPLAY_FULL", $action == "signup" || $action == "invite", true);
    $tpl_account->set("hide_language_visible_1", $btit_settings["hide_language"] == "hidden" ? false : true, true);
    $tpl_account->set("hide_language_visible_2", $btit_settings["hide_language"] == "hidden" ? false : true, true);
    $tpl_account->set("hide_style_visible_1", $btit_settings["hide_style"] == "hidden" ? false : true, true);
    $tpl_account->set("hide_style_visible_2", $btit_settings["hide_style"] == "hidden" ? false : true, true);
    // DT referral
    $tpl_account->set("refer", $btit_settings["ref_on"] == false ? false : true, true);
    if ($btit_settings["ref_on"] == true) {
        if (!$rid == "") {
            $tpl_account->set("refa", $rid);
            $rdt = do_sqlquery("SELECT username FROM {$TABLE_PREFIX}users WHERE id = '" . $rid . "'", true);
            @($idt = mysqli_fetch_assoc($rdt));
            $tpl_account->set("refb", $idt["username"]);
        } else {
            $tpl_account->set("refb", "Nobody");
        }
    }
    // DT referral end
    //begin invitation system by dodge
    if ($INVITATIONSON) {
        $tpl_account->set("BY_INVITATION", true, true);
        $tpl_account->set("account_IDcode", $code);
        $tpl_account->set("account_IDinviter", $inviter);
    }
    //end invitation system
    if ($action == "del") {
        $tpl_account->set("account_from_delete_confirm", "<input type=\"submit\" name=\"elimina\" value=\"" . $language["FRM_DELETE"] . "\" />&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"submit\" name=\"elimina\" value=\"" . $language["FRM_CANCEL"] . "\" />");
    } else {
        $tpl_account->set("account_from_delete_confirm", "<input type=\"submit\" name=\"conferma\" value=\"" . $language["FRM_CONFIRM"] . "\" />&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"reset\" name=\"annulla\" value=\"" . $language["FRM_CANCEL"] . "\" />");
    }
    if ($btit_settings["hide_language_visible"] != "visible") {
        $lres = language_list();
        $option = "\n<select name=\"language\" size=\"1\">";
        foreach ($lres as $langue) {
            $option .= "\n<option ";
            if ($langue["id"] == $dati["language"]) {
                $option .= "selected=\"selected\"  ";
            }
            $option .= "value=\"" . $langue["id"] . "\">" . $langue["language"] . "</option>";
        }
        $option .= "\n</select>";
        $tpl_account->set("account_combo_language", $option);
    }
    if ($btit_settings["hide_style_visible"] != "visible") {
        $sres = style_list();
        $option = "\n<select name=\"style\" size=\"1\">";
        foreach ($sres as $style) {
            $option .= "\n<option ";
            if ($style["id"] == $dati["style"]) {
                $option .= "selected=\"selected\"  ";
            }
            $option .= "value=\"" . $style["id"] . "\">" . $style["style"] . "</option>";
        }
        $option .= "\n</select>";
        $tpl_account->set("account_combo_style", $option);
    }
    $fres = flag_list();
    $option = "\n<select name=\"flag\" size=\"1\">\n<option value='0'>---</option>";
    $thisip = $_SERVER["REMOTE_ADDR"];
    $remotedns = gethostbyaddr($thisip);
    if ($remotedns != $thisip) {
        $remotedns = strtoupper($remotedns);
        preg_match('/^(.+)\\.([A-Z]{2,3})$/', $remotedns, $tldm);
        if (isset($tldm[2])) {
            $remotedns = mysqli_real_escape_string($DBDT, $tldm[2]);
        }
    }
    foreach ($fres as $flag) {
        $option .= "\n<option ";
        if ($flag["id"] == $dati["flag"] || $flag["domain"] == $remotedns && $action == "signup") {
            $option .= "selected=\"selected\"  ";
        }
        $option .= "value=\"" . $flag["id"] . "\">" . $flag["name"] . "</option>";
    }
    $option .= "\n</select>";
    $tpl_account->set("account_combo_country", $option);
    $zone = date('Z', time());
    $daylight = date('I', time()) * 3600;
    $os = $zone - $daylight;
    if ($os != 0) {
        $timeoff = $os / 3600;
    } else {
        $timeoff = 0;
    }
    if (!$CURUSER || $CURUSER["uid"] == 1) {
        $dati["time_offset"] = $timeoff;
    }
    $tres = timezone_list();
    $option = "<select name=\"timezone\">";
    foreach ($tres as $timezone) {
        $option .= "\n<option ";
        if ($timezone["difference"] == $dati["time_offset"]) {
            $option .= "selected=\"selected\" ";
        }
        $option .= "value=\"" . $timezone["difference"] . "\">" . unesc($timezone["timezone"]) . "</option>";
    }
    $option .= "\n</select>";
    $tpl_account->set("account_combo_timezone", $option);
    // -----------------------------
    // Captcha hack
    // -----------------------------
    // if set to use secure code: try to display imagecode
    if ($btit_settings["gcsw"] == false) {
        $tpl_account->set("GCAPTCHA", false, true);
        $tpl_account->set("XCAPTCHA", true, true);
        if ($USE_IMAGECODE && $action != "mod") {
            if (extension_loaded('gd')) {
                $arr = gd_info();
                if ($arr['FreeType Support'] == 1) {
                    $p = new ocr_captcha();
                    $tpl_account->set("CAPTCHA", true, true);
                    $tpl_account->set("account_captcha", $p->display_captcha(true));
                    $private = $p->generate_private();
                } else {
                    include "{$THIS_BASEPATH}/include/security_code.php";
                    $scode_index = rand(0, count($security_code) - 1);
                    $scode = "<input type=\"hidden\" name=\"security_index\" value=\"{$scode_index}\" />\n";
                    $scode .= $security_code[$scode_index]["question"];
                    $tpl_account->set("scode_question", $scode);
                    $tpl_account->set("CAPTCHA", false, true);
                }
            } else {
                include "{$THIS_BASEPATH}/include/security_code.php";
                $scode_index = rand(0, count($security_code) - 1);
                $scode = "<input type=\"hidden\" name=\"security_index\" value=\"{$scode_index}\" />\n";
                $scode .= $security_code[$scode_index]["question"];
                $tpl_account->set("scode_question", $scode);
                $tpl_account->set("CAPTCHA", false, true);
            }
        } elseif ($action != "mod") {
            include "{$THIS_BASEPATH}/include/security_code.php";
            $scode_index = rand(0, count($security_code) - 1);
            $scode = "<input type=\"hidden\" name=\"security_index\" value=\"{$scode_index}\" />\n";
            $scode .= $security_code[$scode_index]["question"];
            $tpl_account->set("scode_question", $scode);
            // we will request simple operation to user
            $tpl_account->set("CAPTCHA", false, true);
        }
    } else {
        $tpl_account->set("GCAPTCHA", true, true);
        $tpl_account->set("XCAPTCHA", false, true);
        $tpl_account->set("sike", $btit_settings["gcsitk"]);
    }
    // -----------------------------
    // Captcha hack
    // -----------------------------
}
Ejemplo n.º 8
0
function tabella($action, $dati = array())
{
    global $idflag, $link, $idlangue, $idstyle, $db, $USE_IMAGECODE;
    ?>
    <center>
    <p>
	
    <form name="utente" method="post" OnSubmit="return FormControl('<?php 
    echo $action;
    ?>
')" action="<?php 
    echo htmlentities(urldecode($_SERVER['PHP_SELF'])) . "?act=" . $action . "&returnto=" . urlencode($link);
    ?>
">
    <input type="hidden" name="act" value="<?php 
    echo $action;
    ?>
" />
    <input type="hidden" name="uid" value="<?php 
    echo (int) $dati["id"];
    ?>
" />
    <input type="hidden" name="returnto" value="<?php 
    echo urlencode($link);
    ?>
 "/>
    <input type="hidden" name="language" value="<?php 
    echo $idlangue;
    ?>
 "/>
    <input type="hidden" name="style" value="<?php 
    echo $idstyle;
    ?>
 "/>
    <input type="hidden" name="flag" value="<?php 
    echo $idflag;
    ?>
 "/>
    <input type="hidden" name="username" value="<?php 
    echo security::html_safe($dati["username"]);
    ?>
"/>
    <table width="60%" border="0" class="lista">
    <tr>
    <td align="left" class="header"><?php 
    echo USER_NAME;
    ?>
: </td>
    <td align="left" class="lista">
    <?php 
    if ($action == "mod" || $action == "del") {
        print "\n<input type='text' size='40' name='user' value='" . security::html_safe(unesc($dati['username'])) . "' " . ($action == "mod" ? "" : "readonly") . " />";
    } else {
        print "\n<input type='text' size='40' name='user' />";
    }
    ?>
    </td>
    </tr>
    <?php 
    if (user::$current["uid"] == $dati["id"] && $action == "mod" || $action == "signup" || user::$current["edit_users"] == "yes" && $action == "mod") {
        ?>
    <tr>
    <td align="left" class="header"><?php 
        echo USER_PWD;
        ?>
:</td>
    <td align="left" class="lista"><input type="password" size="40" name="pwd" /></td>
    </tr>
    <tr>
    <td align="left" class="header"><?php 
        echo USER_PWD_AGAIN;
        ?>
:</td>
    <td align="left" class="lista"><input type="password" size="40" name="pwd1" /></td>
    </tr>
    <tr>
    <td align="left" class="header"><?php 
        echo USER_EMAIL;
        ?>
:</td>
    <td align="left" class="lista"><input type="text" size="30" name="email" value="<?php 
        if ($action == "mod") {
            echo security::html_safe($dati['email']);
        }
        ?>
"/></td>
    </tr>
    <?php 
        $lres = language_list();
        print "<tr>\n\t<td align='left' class='header'>" . USER_LANGUE . ":</td>";
        print "\n\t<td align='left' class='lista'><select name='language'>";
        foreach ($lres as $langue) {
            $option = "\n<option ";
            if ($langue["id"] == $dati["language"]) {
                $option .= "selected='selected' ";
            }
            $option .= "value='" . (int) $langue["id"] . "'>" . security::html_safe($langue["language"]) . "</option>";
            print $option;
        }
        print "</select></td>\n</tr>";
        $sres = style_list();
        print "<tr>\n\t<td align='left' class='header'>" . USER_STYLE . ":</td>";
        print "\n\t<td align='left' class='lista'><select name='style'>";
        foreach ($sres as $style) {
            $option = "\n<option ";
            if ($style["id"] == $dati["style"]) {
                $option .= "selected='selected' ";
            }
            $option .= "value='" . (int) $style["id"] . "'>" . security::html_safe($style["style"]) . "</option>";
            print $option;
        }
        print "</select></td>\n</tr>";
        $fres = flag_list();
        print "<tr>\n\t<td align='left' class='header'>" . PEER_COUNTRY . ":</td>";
        print "\n\t<td align='left' class='lista'><select name='flag'>\n<option value='0'>---</option>";
        $thisip = vars::$realip;
        $remotedns = gethostbyaddr($thisip);
        if ($remotedns != $thisip) {
            $remotedns = utf8::strtoupper($remotedns);
            preg_match('/^(.+)\\.([A-Z]{2,3})$/', $remotedns, $tldm);
            if (isset($tldm[2])) {
                $remotedns = $db->real_escape_string($tldm[2]);
            }
        }
        foreach ($fres as $flag) {
            $option = "\n<option ";
            if ($flag["id"] == $dati["flag"] || $flag["domain"] == $remotedns && $action == "signup") {
                $option .= "selected='selected' ";
            }
            $option .= "value='" . (int) $flag["id"] . "'>" . security::html_safe($flag["name"]) . "</option>";
            print $option;
        }
        print "</select></td>\n</tr>";
        $zone = date('Z', vars::$timestamp);
        $daylight = date('I', vars::$timestamp) * 3600;
        $os = $zone - $daylight;
        if ($os != 0) {
            $timeoff = $os / 3600;
        } else {
            $timeoff = 0;
        }
        if (!user::$current || user::$current["uid"] == 1) {
            $dati["time_offset"] = $timeoff;
        }
        $tres = timezone_list();
        print "<tr>\n\t<td align='left' class='header'>" . TIMEZONE . ":</td>";
        print "\n\t<td align='left' class='lista' colspan='2'>\n<select name='timezone'>";
        foreach ($tres as $timezone) {
            $option = "\n<option ";
            if ($timezone["difference"] == $dati["time_offset"]) {
                $option .= "selected='selected' ";
            }
            $option .= "value='" . $timezone["difference"] . "'>" . security::html_safe(unesc($timezone["timezone"])) . "</option>";
            print $option;
        }
        print "</select></td>\n</tr>";
        // -----------------------------
        // Captcha hack
        // -----------------------------
        // if set to use secure code: try to display imagecode
        if (user::$current['edit_users'] == 'yes' && $action == "mod" && user::$current["uid"] != $dati["id"]) {
            print "<tr>\n\t<td align='left' class='header'>" . USER_LEVEL . ":</td><td align='left' class='lista'>";
            print "<select name='level'>";
            $res = $db->query("SELECT level FROM users_level WHERE id_level <= " . user::$current["id_level"] . " ORDER BY id_level");
            while ($row = $res->fetch_array(MYSQLI_BOTH)) {
                $select = "<option value='" . unesc($row["level"]) . "'";
                if (unesc($dati["level"]) == unesc($row["level"])) {
                    $select .= "selected='selected'";
                }
                $select .= ">" . security::html_safe(unesc($row["level"])) . "</option>\n";
                print $select;
            }
            print "</select></td></tr>";
        } elseif ($USE_IMAGECODE && $action != "mod") {
            if (extension_loaded('gd')) {
                $arr = gd_info();
                if ($arr['FreeType Support'] == 1) {
                    $p = new ocr_captcha();
                    print "<tr>\n\t<td align='left' class='header'>" . IMAGE_CODE . ":</td>";
                    print "\n\t<td align='left' class='lista'><input type='text' name='private_key' value='' maxlength='6' size='6'>\n";
                    print $p->display_captcha(true);
                    $private = $p->generate_private();
                    print "</td>\n</tr>";
                }
            }
        }
        // -----------------------------
        // Captcha hack
        // -----------------------------
    }
    ?>
    <tr>
    <td align="center" class="header"></td>
    <?php 
    if ($action == "del") {
        print "\n<td align='left' class='lista'><input type='submit' name='elimina' value='" . FRM_DELETE . "' />&nbsp;&nbsp;&nbsp;&nbsp;<input type='submit' name='elimina' value='" . FRM_CANCEL . "' /></td>";
    } else {
        print "\n<td align='left' class='lista'><input type='submit' name='conferma' value='" . FRM_CONFIRM . "' />&nbsp;&nbsp;&nbsp;&nbsp;<input type='reset' name='annulla' value='" . FRM_CANCEL . "' /></td>";
    }
    ?>
    </tr>
    </table>
    </form>
    </center>
    </p>
    <?php 
}