Ejemplo n.º 1
0
function profile_fetch($options)
{
    $options['viewer'] = isset($options['viewer']) ? $options['viewer'] : (login_checklogin() ? $_SESSION['login']['id'] : 0);
    //preint_r(array('viewer' => $options['viewer'], 'userblock_check' => userblock_check($options['user_id'], $options['viewer'])), 'Joel är en testare!');
    if ($options['viewer'] > 0 && userblock_check($options['user_id'], $options['viewer']) == 1) {
        $options['error_message'] = 'Användaren har blockerat dig.';
    } else {
        $query = 'SELECT l.username, l.lastaction, l.lastlogon, u.gender, u.birthday, u.image, u.user_status, u.profile_theme, u.gb_entries, z.spot, z.zip_code, z.x_rt90, z.y_rt90, u.presentation_text, p.gb_anti_p12';
        $query .= ' FROM login AS l, userinfo AS u, zip_codes AS z, preferences AS p';
        $query .= ' WHERE l.id = "' . $options['user_id'] . '" AND u.userid = l.id AND z.zip_code = u.zip_code AND p.userid = l.id';
        if (!isset($options['show_removed_users']) || isset($options['show_removed_users']) && $options['show_removed_users'] == false) {
            $query .= ' AND l.is_removed = 0';
        }
        $query .= ' LIMIT 1';
        $result = mysql_query($query) or report_sql_error($query, __FILE__, __LINE__);
        if (mysql_num_rows($result) > 0) {
            $data = mysql_fetch_assoc($result);
            if (strlen($data['presentation_text']) == 0) {
                $old_presentation_query = 'SELECT freetext AS presentation_text FROM traffa_freetext WHERE userid = "' . $options['user_id'] . '" LIMIT 1';
                $result = mysql_query($old_presentation_query) or report_sql_error($old_presentation_query);
                if (mysql_num_rows($old_presentation_result) > 0) {
                    $old_presentation = mysql_fetch_assoc($old_presentation_result);
                    $options['presentation_text'] = $old_presentation['presentation_text'];
                    profile_presentation_save($options);
                } else {
                    $options['presentation_text'] = 'Användaren har inte skapat någon presentation ännu.';
                }
            }
            $options = array_merge($options, $data);
        } else {
            $options['error_message'] = 'Den användaren hittade vi tyvärr inte.';
        }
    }
    return $options;
}
Ejemplo n.º 2
0
function messages_can_send($sender, $recipient, $title, $message)
{
    $return = null;
    if ($recipient == 2348) {
        $return .= 'Webmaster är ett administrationskonto som inte används av någon människa.';
        $return .= 'Använd forumet eller hamsterpaj -> Support för att ställa en fråga om siten.' . "\n";
    }
    if (strlen($title) < MESSAGES_MIN_TITLE_STRLEN) {
        $return .= 'Titeln måste vara minst ' . MESSAGES_MIN_TITLE_STRLEN . ' tecken lång.' . "\n";
    }
    if (strlen($title) > MESSAGES_MAX_TITLE_STRLEN) {
        $return .= 'Titeln får inte vara mer än ' . MESSAGES_MAX_TITLE_STRLEN . ' tecken lång.' . "\n";
    }
    if (trim($title) == '') {
        $return .= 'Titeln måste vara minst ' . MESSAGES_MIN_TITLE_STRLEN . ' tecken lång.' . "\n";
    }
    if (!is_numeric($recipient)) {
        $return .= 'Det verkar som om mottagare har angivits felaktigt. Detta är ett internt serverfel och bör aldrig kunna inträffa. Kontakta administratör.' . "\n";
    }
    if (strlen($message) < MESSAGES_MIN_MESSAGE_STRLEN) {
        $return .= 'Du måste skriva minst ' . MESSAGES_MIN_MESSAGE_STRLEN . ' tecken i ditt meddelande.' . "\n";
    }
    $message_check = content_check($message);
    if ($message_check != 1) {
        $return .= $message_check . "\n";
    }
    $title_check = content_check($title);
    if ($title_check != 1) {
        $return .= $title_check . "\n";
    }
    if (userblock_check($recipient, $sender) == 1) {
        $return .= 'Mottagaren har blockerat dig och meddelandet kan därför inte levereras.' . "\n";
    }
    if (strlen($return) > 1) {
        return $return;
    }
    return true;
}
Ejemplo n.º 3
0
echo '<html><head><title>Svara</title>';
echo '<link href="/stylesheets/ui.css.php" rel="stylesheet" type="text/css">';
echo '<link href="/stylesheets/buttons.css" rel="stylesheet" type="text/css">';
echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />';
echo '</head>';
if ($_GET['action'] == 'reply') {
    echo '<body onload="document.forms[0].message.focus()">';
} else {
    echo '<body>';
}
echo '<div id="main" style="padding: 5px; width: 215px; height: 170px; margin-top: 10px;">';
if (login_checklogin()) {
    if ($_GET['action'] == 'reply') {
        draw_reply_form(htmlspecialchars($_GET['username']), $_GET['userid'], $_GET['answereid']);
    } elseif ($_GET['action'] == 'send_reply') {
        if (userblock_check($_GET['userid'], $_SESSION['login']['id']) == 1) {
            jscript_alert('Den användare som du har angivit som mottagare har blockerat dig, och ditt meddelande kan därför inte skickas!');
            echo '<script language="javascript">history.go(-1);</script>';
            die;
        }
        /*
        				if(644314 == $_SESSION['login']['id'])
        					log_to_file('henrik', LOGLEVEL_DEBUG, __FILE__, __LINE__, $_POST['message']);
        */
        $spamval = spamcheck($_SESSION['login']['id'], $_POST['message']);
        if ($spamval == 1) {
            echo '<script language="javascript">setTimeout(\'window.close();\',500);</script>';
            new_entry($_GET['userid'], $_SESSION['login']['id'], $_POST['message'], $_POST['is_private'], $_GET['answereid']);
            echo '<h1>Inlägget skickat!</h1>';
        } else {
            echo '<script language="javascript">alert("' . $spamval . '");</script>';
Ejemplo n.º 4
0
<?php

session_start();
require '../include/core/common.php';
if ($_GET['action'] == 'comment' && $_SESSION['login']['id'] > 0) {
    if ($_SESSION['photoalbum']['comments'][$_POST['photo_id']] > time() - PHOTOALBUM_COMMENT_TIME) {
        jscript_alert('Hey, du kommenterade ju detta fotot nyss!');
    } elseif (strlen($_POST['text']) < 4) {
        jscript_alert('Lite väl kort kommentar det där va?');
    } else {
        /* Check if user is blocked */
        $query = 'SELECT owner FROM photos WHERE id ="' . $_POST['photo_id'] . '"';
        $result = mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
        $data = mysql_fetch_assoc($result);
        if (userblock_check($data['owner'], $_SESSION['login']['id']) == 1) {
            jscript_alert('Den gubben gick inte, du är blockerad :(');
            exit;
        }
        $query = 'INSERT INTO comments(type, item_id, user, timestamp, text) VALUES("photos", "' . $_POST['photo_id'] . '", ' . $_SESSION['login']['id'] . ', UNIX_TIMESTAMP(), "' . htmlspecialchars($_POST['text']) . '")';
        mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
        echo '<script>' . "\n";
        echo 'window.location = "iframe.php?id=' . $_POST['photo_id'] . '";';
        echo '</script>';
        $_SESSION['photoalbum']['comments'][$_POST['photo_id']] = time();
    }
} elseif ($_GET['action'] == 'delete' && $_SESSION['login']['id'] > 0 && is_numeric($_GET['photo_id']) && is_numeric($_GET['comment_id'])) {
    $query = 'SELECT owner FROM photos WHERE id = "' . $_GET['photo_id'] . '" LIMIT 1';
    $result = mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
    $data = mysql_fetch_assoc($result);
    if ($data['owner'] == $_SESSION['login']['id']) {
        $query = 'DELETE FROM comments WHERE item_id = "' . $_GET['photo_id'] . '" AND id = "' . $_GET['comment_id'] . '" LIMIT 1';