Ejemplo n.º 1
function photoalbum_remove_photo($photos, $owner, $photoalbum_information = null, $override = false)
    /* $photos can be a single photo id or an array of ids. 
    			For security reasons, the owner of the photos has to,
    			be passed in $owner. To disable owner check, just pass
    			override instead of the owners id.
    			TODO: add support for updating the photoalbums-table...
    if (!is_array($photos)) {
        $photos = array($photos);
    if (!is_array($photoalbum_information) && $photoalbum_information != 'iknowwhatido') {
        to_logfile('error', __FILE__, __LINE__, 'I was called without information about how table:photo_albums should be updated. Neither wasI given assurance that the script who called me would take care of the updating itself.');
        die('<p class="error">Ett allvarligt fel har inträffats på hamsterpaj. Dina bilder kunde inte tas bort, incidenten har rapporterats till de som arbetar med hamsterpaj</p>');
    if ($override != true) {
        $query = 'SELECT owner FROM photos WHERE id IN(' . implode(',', $photos) . ') LIMIT 10';
        $result = mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
        while ($data = mysql_fetch_assoc($result)) {
            if ($data['owner'] != $_SESSION['login']['id']) {
                return false;
    $query = 'DELETE photos, comments FROM photos, comments WHERE photos.id IN(' . implode(',', $photos) . ') AND type = "photos" AND comments.item_id = photos.id';
    mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
    if (isset($photoalbum_information)) {
        $new_photos = array_diff($photoalbum_information['photos'], $photos);
        $new_string = implode(',', $new_photos);
        $query = 'UPDATE photo_albums SET photos = "' . $new_string . '" WHERE (id = "' . $photoalbum_information['id'] . '" or position = "' . $photoalbum_information['category'] . '") && owner = "' . $owner . '" LIMIT 1';
        mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
    foreach ($photos as $image_id) {
        unlink(PATHS_IMAGES . 'photoalbums/images_' . round($image_id / 1000) . '/' . $image_id . '_thumb.jpg');
        unlink(PATHS_IMAGES . 'photoalbums/images_' . round($image_id / 1000) . '/' . $image_id . '_full.jpg');
    return true;
Ejemplo n.º 2
 for ($i = 1; $i <= 4; $i++) {
     if (strlen($_FILES['photo_' . $i]['name']) > 0) {
         $extension = strtolower(substr($_FILES['photo_' . $i]['name'], strrpos($_FILES['photo_' . $i]['name'], '.') + 1));
         if (in_array($extension, array('jpg', 'jpeg', 'bmp', 'png'))) {
             $uploaded_images[$i] = $_FILES['photo_' . $i]['tmp_name'];
             $imagestring[$i - 1] = '1';
         } else {
             echo '<p class="error">Filen ' . $_FILES['photo_' . $i]['name'] . ' kunde inte laddas upp, eftersom filformatet inte kändes igen!</p>';
 foreach ($uploaded_images as $position => $filename) {
     $save_path = PATHS_IMAGES . 'blog_photos/' . round($data['id'] / 2500) . '/';
     if (!is_dir($save_path)) {
         if (!mkdir($save_path)) {
             to_logfile('error', __FILE__, __LINE__, 'Could not create directory', $save_path);
             die('Ett internt fel har uppstått, dina foton kunde inte laddas upp! Felet har loggats.');
     system('convert ' . $filename . ' -resize 120x90! ' . $save_path . $data['id'] . '_' . $position . '.jpg');
     echo 'convert ' . $filename . ' -resize 120x90! ' . $save_path . $data['id'] . '_' . $position . '.jpg' . '<br />';
 for ($i = 1; $i <= 4; $i++) {
     if ($_POST['photo_' . $i . '_delete'] == 1) {
         $imagestring[$i - 1] = 0;
         unlink(PATHS_IMAGES . 'blog_photos/' . round($data['id'] / 2500) . '/');
 $query = 'UPDATE blog SET title = "' . mysql_real_escape_string(stripslashes($_POST['title'])) . '", ';
 $query .= 'text = "' . mysql_real_escape_string(stripslashes($_POST['text'])) . '", photos = "' . $imagestring . '" ';
 $query .= 'WHERE user = "******" AND date = "' . date('Y-m-d') . '" LIMIT 1';
Ejemplo n.º 3
function login_load_user_data($userid, $data, $file = null, $line = null)
    if (!is_numeric($userid)) {
        to_logfile('debug', __FILE__, __LINE__, 'login_load_user_data() called without userid', print_r(debug_backtrace(), true));
    $query = 'SELECT ';
    foreach ($data as $table => $fields) {
        foreach ($fields as $field_name) {
            $query .= $table . '.' . $field_name . ' AS ' . $table . '__' . $field_name . ', ';
            if ($table == 'userinfo' && $field_name == 'zip_code') {
                $zip_codes = 'active';
                $query .= 'zip_codes.spot AS userinfo__geo_location, zip_codes.x_rt90 AS userinfo__x_rt90, zip_codes.y_rt90 AS userinfo__y_rt90, ';
    $query .= 'null ';
    /* We select a NULL value so that the last comma doesn't create a syntax error */
    $query .= 'FROM ';
    $walked_tables = 0;
    if ($zip_codes == 'active') {
        $query .= 'zip_codes, ';
    foreach (array_keys($data) as $table) {
        $query .= $table;
        if (count($data) > $walked_tables) {
            $query .= ',';
        $query .= ' ';
    $query .= 'WHERE ';
    $walked_tables = 0;
    foreach (array_keys($data) as $table) {
        if ($table == 'login') {
            $query .= 'login.id = ' . $userid . ' ';
        } else {
            $query .= $table . '.userid = ' . $userid . ' ';
        if (count($data) > $walked_tables) {
            $query .= 'AND';
        $query .= ' ';
    if ($zip_codes == 'active') {
        $query .= 'AND zip_codes.zip_code = userinfo.zip_code ';
    $query .= 'LIMIT 1';
    $file = isset($file) ? $file : __FILE__;
    $line = isset($line) ? $line : __LINE__;
    $result = mysql_query($query) or die(report_sql_error($query, $file, $line));
    if (mysql_num_rows($result) == 0) {
        return false;
    $data = mysql_fetch_assoc($result);
    foreach ($data as $key => $value) {
        $explosion = explode('__', $key);
        $return[$explosion[0]][$explosion[1]] = $value;
    return $return;
Ejemplo n.º 4
function dateSplitDate($date)
    $datearray = explode('-', $date);
    to_logfile('notice', __FILE__, __LINE__, 'Deprecated function dateSplitDate() was called', $_SERVER['REQUEST_URI']);
    return $datearray;
Ejemplo n.º 5
                echo '</select>' . "\n";
                echo '</td>' . "\n";
            echo '</tr></table>' . "\n";
            echo '<input type="submit" value="Flytta &raquo;" style="clear: left;" />' . "\n";
            echo '</form>' . "\n";
            echo '</div>' . "\n";
    case 'sort':
        if ($_GET['perform'] == 'true') {
            $neworder = explode(',', $_POST['order']);
            foreach ($neworder as $current) {
                if (!is_numeric($current) || !in_array($current, $categories[$_GET['category']]['photos'])) {
                    die('<p class="error">Ett allvarligt fel har inträffat. Ladda om sidan och försök igen.</p>');
                    to_logfile('notice', __FILE__, __LINE__, 'User tried to sort a photo not present in the category!');
            $query = 'UPDATE photo_albums SET photos = "' . $_POST['order'] . '" WHERE owner = "' . $_SESSION['login']['id'] . '" AND position = "' . $_GET['category'] . '" LIMIT 1';
            mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
            echo jscript_alert('Den nya ordningen har sparats');
            echo jscript_location($_SERVER['PHP_SELF'] . '?id=' . $_GET['id']);
            $categories[$_GET['category']]['photos'] = $neworder;
<script src="/include/jsdragdrop/prototype.js" type="text/javascript"></script>
<script src="/include/jsdragdrop/scriptaculous.js" type="text/javascript"></script>
  #testlist { 
Ejemplo n.º 6
function traffa_draw_user_div($userid, $info = null)
    /* If you already have information from the database, please pass it on in the $info
    	   parameter. The information should be formatted like this:
    	   $info['login']['username'] = '******';
    	   $info['userinfo']['birthday'] = '1970-01-01';
    	   Note that it isn't necessary to have complete info, the script will fetch all info
    	   not sent.
    	   Please note that this function returns all the data used, you may use it further in your script.
    	   Return will look like this:
    	   $return['status'] = 'success'/'fail';
    	   $return['reason'] = null or error explanation.
    	   $return['login']['lastaction'] = 118371272;
    /* $info is unset further down and the snyggve-info isn't fetched in this function. */
    if ($info['snyggve'] == 1) {
        $snyggve = 1;
    if ($userid < 1) {
        to_logfile('error', __FILE__, __LINE__, 'traffa_draw_user_div() was called without userid', print_r(debug_backtrace(), true));
    $fetch['login'] = array('username', 'lastaction', 'lastrealaction', 'lastlogon', 'regtimestamp', 'userlevel');
    $fetch['userinfo'] = array('contact1', 'contact2', 'gender', 'birthday', 'zip_code', 'image', 'current_action', 'cell_phone', 'user_status');
    $fetch['traffa'] = array('firstname', 'color_theme');
    $fetch['preferences'] = array('activate_current_action');
    /* Remove already known fields from the fetch array */
    foreach ($info as $table) {
        foreach ($table as $row) {
    $userinfo = login_load_user_data($userid, $fetch);
    if (!is_array($userinfo)) {
        to_logfile('error', 'userinfo was not an array, as expected.', __FILE__, __LINE__);
        die('<p class="error">Ett internt fel orsakades. Visningen av sidan har stoppats och hamsterpajs utvecklingsavdelning har underrättats.</p>');
    /* Inject already known fields to the userinfo array */
    foreach ($info as $table) {
        foreach ($table as $row) {
            $userinfo[$table][$row] = $info[$table][$row];
    switch ($userinfo['traffa']['color_theme']) {
        case '1':
            $profile_colors['light'] = '#edf4fd';
            $profile_colors['background'] = '#c9ddf9';
            $profile_colors['dark'] = '#7ba0cf';
            $profile_colors['border'] = '#3f5879';
        case '2':
            $profile_colors['light'] = '#f1edfd';
            $profile_colors['background'] = '#d1c9f9';
            $profile_colors['dark'] = '#897bcf';
            $profile_colors['border'] = '#493f79';
        case '3':
            $profile_colors['light'] = '#faedfd';
            $profile_colors['background'] = '#efc9f9';
            $profile_colors['dark'] = '#bb7bcf';
            $profile_colors['border'] = '#6b3f79';
        case '4':
            $profile_colors['light'] = '#fdedf7';
            $profile_colors['background'] = '#f9c9e7';
            $profile_colors['dark'] = '#cf7bb0';
            $profile_colors['border'] = '#793f64';
        case '5':
            $profile_colors['light'] = '#fdeeed';
            $profile_colors['background'] = '#f9c9c9';
            $profile_colors['dark'] = '#cf7b7d';
            $profile_colors['border'] = '#793f40';
        case '6':
            $profile_colors['light'] = '#fdf7ed';
            $profile_colors['background'] = '#f9e6c9';
            $profile_colors['dark'] = '#cfaa7b';
            $profile_colors['border'] = '#79603f';
        case '7':
            $profile_colors['light'] = '#fafded';
            $profile_colors['background'] = '#f0f9c9';
            $profile_colors['dark'] = '#c1cf7b';
            $profile_colors['border'] = '#6f793f';
        case '8':
            $profile_colors['light'] = '#f0fded';
            $profile_colors['background'] = '#d4f9c9';
            $profile_colors['dark'] = '#8dcf7b';
            $profile_colors['border'] = '#4b793f';
        case '9':
            $profile_colors['light'] = '#edfdf4';
            $profile_colors['background'] = '#c9f9dc';
            $profile_colors['dark'] = '#7bcf9a';
            $profile_colors['border'] = '#3f7954';
        case '10':
            $profile_colors['light'] = '#edfdfd';
            $profile_colors['background'] = '#c9f9f8';
            $profile_colors['dark'] = '#7bcfcd';
            $profile_colors['border'] = '#3f7978';
            $profile_colors['light'] = '#edf4fd';
            $profile_colors['background'] = '#c9ddf9';
            $profile_colors['dark'] = '#7ba0cf';
            $profile_colors['border'] = '#3f5879';
    if ($userinfo['userinfo']['image'] == 1 || $userinfo['userinfo']['image'] == 2) {
        $image_code = ui_avatar($userid, array('style' => 'float: left; margin: 5px; border: 1px solid #3f657a;'));
    } elseif ($userid == $_SESSION['login']['id']) {
        $image_code = '<div class="avatar" style="float: left;"><img src="http://images.hamsterpaj.net/images/noimage.png" /><input type="button" class="button" value="Fixa bild" onclick="window.location=\'/avatar-settings.php\';" /></div>' . "\n";
    } else {
        $image_code = '<img src="http://images.hamsterpaj.net/images/noimage.png" class="avatar" style="float: left; margin: 5px;" />';
    $gender = '';
    if ($userinfo['userinfo']['gender'] == 'm') {
        $gender = 'pojke ';
    } elseif ($userinfo['userinfo']['gender'] == 'f') {
        $gender = 'flicka ';
    $location = strlen($userinfo['userinfo']['geo_location']) > 0 ? 'från ' . $userinfo['userinfo']['geo_location'] : '';
    if ($_SESSION['userinfo']['x_rt90'] > 0 && $userinfo['userinfo']['x_rt90'] > 0 && $userinfo['userinfo']['zip_code'] != $_SESSION['userinfo']['zip_code']) {
        $location .= ', ' . rt90_readable(rt90_distance($_SESSION['userinfo']['x_rt90'], $_SESSION['userinfo']['y_rt90'], $userinfo['userinfo']['x_rt90'], $userinfo['userinfo']['y_rt90']));
    if ($userinfo['userinfo']['x_rt90'] > 0) {
        /* Note RT90 Y and X values are flipped, due to a "bug" at hitta.se */
        /* Reference: daniel.eklund@hitta.se */
        $hittapunktse_url = 'http://www.hitta.se/LargeMap.aspx?ShowSatellite=false&pointX=' . $userinfo['userinfo']['y_rt90'];
        $hittapunktse_url .= '&pointY=' . $userinfo['userinfo']['x_rt90'] . '&z=4&name=' . $userinfo['login']['username'];
        $hittapunktse_url .= '&cy=' . $userinfo['userinfo']['x_rt90'] . '&cx' . $userinfo['userinfo']['y_rt90'];
        $hittapunktse_url = 'http://www.hitta.se/LargeMap.aspx?ShowSatellite=false&pointX=' . $userinfo['userinfo']['y_rt90'];
        $hittapunktse_url .= '&pointY=' . $userinfo['userinfo']['x_rt90'] . '&cx=' . $userinfo['userinfo']['y_rt90'];
        $hittapunktse_url .= '&cy=' . $userinfo['userinfo']['x_rt90'] . '&z=6&name=' . $userinfo['login']['username'];
        $location_button = '<input type="button" value="Visa på karta" class="button_90" onclick="';
        $location_button .= "window.open('{$hittapunktse_url}', 'user_map_{$userid}', 'location=false, width=750, height=500');";
        $location_button .= '" style="float: right;"/>' . "\n";
    if ($userid == 20702) {
        $location = 'från Internet ';
    $age = '';
    if ($userinfo['userinfo']['birthday'] != '0000-00-00') {
        $age = date_get_age($userinfo['userinfo']['birthday']) . ' år ';
    $status = login_onlinestatus($userinfo['login']['lastaction'], $userinfo['login']['lastrealaction']);
    //	$onlinestatus = '<span style="color: grey;">Offline</span>';
    //	$onlinestatus = '<span style="font-size: 14px;">Loggade senast in ' . fix_time($userinfo['login']['lastlogon']) . '</span>' . "\n";
    switch ($status['handle']) {
        case 'offline':
            if ($userinfo['login']['lastrealaction'] == 0) {
                $onlinestatus = '<span style="font-size: 14px;">Sågs senast ' . fix_time($userinfo['login']['lastlogon']) . '</span>' . "\n";
            } else {
                $onlinestatus = '<span style="font-size: 14px;">Sågs senast ' . fix_time($userinfo['login']['lastrealaction']) . '</span>' . "\n";
        case 'online':
            $hours = floor(($userinfo['login']['lastaction'] - $userinfo['login']['lastlogon']) / 3600);
            $minutes = floor(($userinfo['login']['lastaction'] - $userinfo['login']['lastlogon'] - $hours * 3600) / 60);
            $onlinestatus = '<span style="color: green; font-size: 14px;">Online </span><span style="font-size: 14px;"> sedan ';
            $onlinestatus .= $hours > 0 ? $hours . ' timmar och ' : null;
            $onlinestatus .= $minutes . ' minuter</span>';
        case 'idle':
            $onlinestatus = $status['label'] . ' sedan ' . date('H:i', $userinfo['login']['lastrealaction']);
    $contact1 = strlen($userinfo['userinfo']['contact1']) > 0 ? parseContact($userinfo['userinfo']['contact1']) : array('label' => 'Kontaktsätt', 'link' => '-');
    $contact2 = strlen($userinfo['userinfo']['contact2']) > 0 ? parseContact($userinfo['userinfo']['contact2']) : array('label' => 'Kontaktsätt', 'link' => '-');
    $firstname = strlen($userinfo['traffa']['firstname']) > 0 ? $userinfo['traffa']['firstname'] : '-';
    $right_now = strlen($userinfo['userinfo']['current_action']) > 0 ? $userinfo['userinfo']['current_action'] : 'Okänt';
    if ($userinfo['login']['lastlogon'] > strtotime(date('Y-m-d'))) {
        $lastlogon = 'Idag ' . date('H:i', $userinfo['login']['lastlogon']);
    } elseif ($userinfo['login']['lastlogon'] > strtotime(date('Y-m-d')) - 86400) {
        $lastlogon = 'Igår ' . date('H:i', $userinfo['login']['lastlogon']);
    } elseif ($userinfo['login']['lastlogon'] > strtotime(date('Y-m-d')) - 518400) {
        $weekdays = array('Söndags', 'Måndags', 'Tisdags', 'Onsdags', 'Torsdags', 'Fredags', 'Lördags');
        $lastlogon = 'I ' . $weekdays[date('w', $userinfo['login']['lastlogon'])] . ' klockan ' . date('H:i', $userinfo['login']['lastlogon']);
    } else {
        $lastlogon = date('Y-m-d H:i', $userinfo['login']['lastlogon']);
    echo '<div style="height: 120px; margin: -3px; margin-bottom: 3px; background: ' . $profile_colors['background'] . '; border-bottom: 1px solid ' . $profile_colors['border'] . '; padding: 3px;">' . "\n";
    if (strlen($userinfo['userinfo']['user_status']) > 0) {
        echo '<h3>' . $userinfo['userinfo']['user_status'] . '</h3>' . "\n";
    echo $image_code . "\n";
    echo '<div style="width: 545px; float: left;">' . "\n";
    echo '<div style="background: white;">' . "\n";
    echo '<h2 style="margin: 0px; font-size: 19px;">' . $userinfo['login']['username'] . ' - ' . $gender . $age . $location . $location_button . '</h2>' . "\n";
    echo '<h3>' . $onlinestatus . '</h3>' . "\n";
    echo '</div>' . "\n";
    echo '<div style="width: 400px;">' . "\n";
    echo '<div style="float: left; clear: right; width: 50%;"><span style="font-weight: bold;">Förnamn</span><br />' . $firstname . '</div>';
    echo '<div style="float: left; clear: right; width: 50%;"><span style="font-weight: bold;">Blev medlem: </span><br/> ' . date('Y-m-d', $userinfo['login']['regtimestamp']) . '</div><br />' . "\n";
    echo '<div style="float: left; clear: both; width: 50%;"><span style="font-weight: bold;">' . $contact1['label'] . '</span><br />' . $contact1['link'] . '</div>' . "\n";
    echo '<div style="float: left; clear: right; width: 50%;"><span style="font-weight: bold;">' . $contact2['label'] . '</span><br />' . $contact2['link'] . '</div>' . "\n";
    echo '</div>' . "\n";
    echo '</div>' . "\n";
    echo '</div>' . "\n";
    echo '<div style="margin: -3px; border-bottom: 1px solid ' . $profile_colors['border'] . '; background: ' . $profile_colors['dark'] . '; height: 25px; font-weight: bold; color: white;">' . "\n";
    $links[] = array('width' => 95, 'label' => 'Presentation', 'uri' => '/traffa/profile.php?id=' . $userid);
    $links[] = array('width' => 85, 'label' => 'Gästbok', 'uri' => '/traffa/guestbook.php?view=' . $userid);
    if ($_SESSION['login']['id'] == $userid) {
        $links[] = array('width' => 150, 'label' => 'Mina meddelanden', 'uri' => '/traffa/messages.php');
        $links[] = array('width' => 100, 'label' => 'Mina besök', 'uri' => '/traffa/my_visitors_joel.php');
    } else {
        $links[] = array('width' => 185, 'label' => 'Skicka privatmeddelande', 'uri' => '/traffa/messages.php?action=compose&amp;recipient_username='******'login']['username'] . '&amp;recipient_id=' . $userid);
    foreach ($links as $current) {
        echo '<div style="float: left; width: ' . $current['width'] . 'px; line-height: 25px; border-right: 1px solid #3f657a; height: 25px; text-align: center;"><a href="' . $current['uri'] . '" style="color: white;">' . $current['label'] . '</a></div>' . "\n";
    if ($userid != $_SESSION['login']['id'] && login_checklogin()) {
        echo '<input type="button" class="button_80" style="float: right; margin-right: 5px; margin-top: 3px;" value="Kompis" onclick="window.open(\'/traffa/friends_popup.php?user_id=' . $userid . '\', \'cpinternetexplorer\', \'location=no, width=200, height=100\');" />' . "\n";
        echo '<input type="button" class="button_100" style="float: right; margin-right: 5px; margin-top: 3px;" value="Rapportera" onclick="abuse_report(\'user\', ' . $userid . ');" />' . "\n";
    if ($_SERVER['REQUEST_URI'] == '/traffa/my_visitors.php') {
    echo '</div>' . "\n";
Ejemplo n.º 7
        $profile_colors['light'] = '#edfdfd';
        $profile_colors['background'] = '#c9f9f8';
        $profile_colors['dark'] = '#7bcfcd';
        $profile_colors['border'] = '#3f7978';
        $profile_colors['light'] = '#edf4fd';
        $profile_colors['background'] = '#c9ddf9';
        $profile_colors['dark'] = '#7ba0cf';
        $profile_colors['border'] = '#3f5879';
if ($die == 1) {
    if ($_GET['id'] > 0) {
        echo 'Medlemmen du söker kunde tyvärr inte hittas.';
        to_logfile('notice', __FILE__, __LINE__, 'user not found', $_GET['id']);
    } else {
        echo 'Du måste ange ett ID-nummer för att besöka en medlems profilsida!';
} else {
    if (strlen($userinfo['traffa']['profile_modules']) < 1) {
        $display_modules = array(2);
    } else {
        $display_modules = explode(',', $userinfo['traffa']['profile_modules']);
    array_unshift($display_modules, 18);
    if ($userinfo['userinfo']['radio_dj'] == 1 && $userinfo['login']['id'] != 15 && $userinfo['login']['id'] != 644314) {
        array_unshift($display_modules, 14);
    if ($_SESSION['login']['userlevel'] >= 3) {
        $display_modules[] = 0;