function verify_botguard() { global $botguard_cookie_name; if (@$_COOKIE[$botguard_cookie_name] == get_cookie_value()) { return true; } return verify_captcha(); }
} ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <head> <link href='http://fonts.googleapis.com/css?family=Josefin+Sans' rel='stylesheet' type='text/css'> <link rel="stylesheet" type="text/css" href="dine.css?v=0.1"> <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js"></script> <script src='https://www.google.com/recaptcha/api.js'></script> </head> <body id="plate"> <div id="text"> <?php $who = name(); $where = place(); $when = when(); $duration = duration(); $email = email(); $why = reason(); $mail_text = "Who: {$who}\r\n" . "Where: {$where}\r\n" . "When: {$when}\r\n" . "Duration: {$duration} hour(s) \r\n" . "Email: {$email}\r\n" . "Reason: {$why}\r\n"; if (verify_captcha()) { send_mail($mail_text, $email, $who); echo "Mail sent, now you must wait for me to respond."; } else { echo "Captcha failed, I don't dine with robots"; } ?> </div> </body> </html>
<?php require_once dirname(dirname(__FILE__)) . '/thirdpart/qzone/config.php'; include_once dirname(dirname(__FILE__)) . '/thirdpart/qzone/txwboauth.php'; $c = new WeiboClient(WB_AKEY, WB_SKEY, $_SESSION['last_key']['oauth_token'], $_SESSION['last_key']['oauth_token_secret']); $aa = $c->pub_abc($_SESSION['last_key']['openid']); //print_r($aa); $id = $_SESSION['last_key']['openid']; $name = $aa['nickname']; if (!$id) { need_login(); } $sns = 'qzone:' . $id; if ($_POST) { verify_captcha('verifyregister', WEB_ROOT . '/account/loginup_qq.php'); $u = array(); $u['sns'] = $sns; $u['username'] = $name ? $name : $name . time(); $u['password'] = strval($_POST['password']); $u['email'] = strval($_POST['email']); $u['city_id'] = isset($_POST['city_id']) ? abs(intval($_POST['city_id'])) : abs(intval($city['id'])); if ($_POST['subscribe']) { ZSubscribe::Create($u['email'], abs(intval($u['city_id']))); } if (!Utility::ValidEmail($u['email'], true)) { Session::Set('error', 'Email地址为无效地址'); redirect(WEB_ROOT . '/account/loginup_qzone.php'); } if ($_POST['password']) { if (option_yes('emailverify')) { $u['enable'] = 'N';
<?php require_once dirname(dirname(__FILE__)) . '/app.php'; if ($_POST) { verify_captcha('verifyfeedback', WEB_ROOT . '/feedback/seller.php'); if (!$_POST['content'] || !$_POST['title'] || !$_POST['contact']) { Session::Set('error', '请完成表单后再提交'); redirect(WEB_ROOT . '/feedback/seller.php'); } $table = new Table('feedback', $_POST); $table->city_id = abs(intval($city['id'])); $table->create_time = time(); $table->category = 'seller'; $table->title = htmlspecialchars($table->title); $table->content = htmlspecialchars($table->content); $table->contact = htmlspecialchars($table->contact); $table->Insert(array('city_id', 'title', 'contact', 'content', 'create_time', 'category')); redirect(WEB_ROOT . '/feedback/success.php'); } $pagetitle = '商务合作'; include template("feedback_seller");
/** * Function used to add comment * This is more advance function , * in this function functions can be applied on comments */ function add_comment($comment, $obj_id, $reply_to = NULL, $type = 'v', $obj_owner = NULL, $obj_link = NULL, $force_name_email = false) { global $userquery, $eh, $db, $Cbucket; //Checking maximum comments characters allowed if (defined("MAX_COMMENT_CHR")) { if (strlen($comment) > MAX_COMMENT_CHR) { e(sprintf("'%d' characters allowed for comment", MAX_COMMENT_CHR)); } } if (!verify_captcha()) { e(lang('usr_ccode_err')); } if (empty($comment)) { e(lang("pelase_enter_something_for_comment")); } $params = array('comment' => $comment, 'obj_id' => $obj_id, 'reply_to' => $reply_to, 'type' => $type); $this->validate_comment_functions($params); /* if($type=='video' || $type=='v') { if(!$this->video_exists($obj_id)) e(lang("class_vdo_del_err")); //Checking owner of video if(!USER_COMMENT_OWN) { if(userid()==$this->get_vid_owner($obj_id)); e(lang("usr_cmt_err2")); } } */ if (!userid() && $Cbucket->configs['anonym_comments'] != 'yes') { e(lang("you_not_logged_in")); } if (!userid() && $Cbucket->configs['anonym_comments'] == 'yes' || $force_name_email) { //Checking for input name and email if (empty($_POST['name'])) { e(lang("please_enter_your_name")); } if (empty($_POST['email'])) { e(lang("please_enter_your_email")); } $name = mysql_clean($_POST['name']); $email = mysql_clean($_POST['email']); } if (empty($eh->error_list)) { $attributes = get_message_attributes($comment); if (is_array($attributes)) { $attributes = json_encode($attributes); } $fields = array('type' => $type, 'comment' => $comment, 'comment_attributes' => $attributes, 'type_id' => $obj_id, 'userid' => userid(), 'date_added' => now(), 'parent_id' => $reply_to, 'anonym_name' => $name, 'anonym_email' => $email, 'comment_ip' => mysql_clean(client_ip()), 'type_owner_id' => $obj_owner); $cid = db_insert(tbl('comments'), $fields); $db->update(tbl("users"), array("total_comments"), array("|f|total_comments+1"), " userid='" . userid() . "'"); e(lang("grp_comment_msg"), "m"); //$cid = $db->insert_id(); $own_details = $userquery->get_user_field_only($obj_owner, 'email'); $username = username(); $username = $username ? $username : post('name'); $useremail = $email; //Adding Comment Log $log_array = array('success' => 'yes', 'action_obj_id' => $cid, 'action_done_id' => $obj_id, 'details' => "made a comment", 'username' => $username, 'useremail' => $useremail); insert_log($type . '_comment', $log_array); //sending email if (SEND_COMMENT_NOTIFICATION == 'yes' && $own_details) { global $cbemail; $tpl = $cbemail->get_template('user_comment_email'); $more_var = array('{username}' => $username, '{obj_link}' => $obj_link . '#comment_' . $cid, '{comment}' => $comment, '{obj}' => get_obj_type($type)); if (!is_array($var)) { $var = array(); } $var = array_merge($more_var, $var); $subj = $cbemail->replace($tpl['email_template_subject'], $var); $msg = nl2br($cbemail->replace($tpl['email_template'], $var)); //Now Finally Sending Email cbmail(array('to' => $own_details, 'from' => WEBSITE_EMAIL, 'subject' => $subj, 'content' => $msg)); } add_users_mentioned($comment, NULL, $cid); return $cid; } return false; }
define("THIS_PAGE", "contact"); require 'includes/config.inc.php'; $name = post('name'); $email = post('email'); $reason = post('reason'); $message = post('message'); if (isset($_POST['contact'])) { if (empty($name)) { e(lang("name_was_empty")); } elseif (empty($email) || !is_valid_syntax('email', $email)) { e(lang("invalid_email")); } elseif (empty($reason)) { e(lang("pelase_enter_reason")); } elseif (empty($message)) { e(lang("please_enter_something_for_message")); } elseif (!verify_captcha()) { e(lang('usr_ccode_err')); } else { $tpl = $cbemail->get_template('contact_form'); $more_var = array('{name}' => substr($name, 0, 100), '{email}' => substr($email, 0, 100), '{reason}' => substr($reason, 0, 300), '{message}' => $message, '{ip_address}' => $_SERVER['REMOTE_ADDR'], '{now}' => now()); if (!is_array($var)) { $var = array(); } $var = array_merge($more_var, $var); $subj = $cbemail->replace($tpl['email_template_subject'], $var); $msg = nl2br($cbemail->replace($tpl['email_template'], $var)); //Now Finally Sending Email if (cbmail(array('to' => SUPPORT_EMAIL, 'from' => $email, 'subject' => $subj, 'content' => $msg))) { e(lang("email_send_confirm"), "m"); } }
/** * Function used to validate signup form */ function signup_user($array = NULL, $send_signup_email = true) { global $LANG, $db, $userquery; if ($array == NULL) { $array = $_POST; } if (is_array($_FILES)) { $array = array_merge($array, $_FILES); } $this->validate_form_fields($array); //checking terms and policy agreement if ($array['agree'] != 'yes' && !has_access('admin_access', true)) { e(lang('usr_ament_err')); } if (!verify_captcha()) { e(lang('usr_ccode_err')); } if (!error()) { $signup_fields = $this->load_signup_fields($array); //Adding Custom Signup Fields if (count($this->custom_signup_fields) > 0) { $signup_fields = array_merge($signup_fields, $this->custom_signup_fields); } foreach ($signup_fields as $field) { $name = formObj::rmBrackets($field['name']); $val = $array[$name]; if ($field['use_func_val']) { $val = $field['validate_function']($val); } //Overrides use_func_val if ($field['value_function'] && function_exists($field['value_function'])) { $val = $field['value_function']($val); } if (!empty($field['db_field'])) { $query_field[] = $field['db_field']; } if (is_array($val)) { $new_val = ''; foreach ($val as $v) { $new_val .= "#" . $v . "# "; } $val = $new_val; } if (!$field['clean_func'] || !function_exists($field['clean_func']) && !is_array($field['clean_func'])) { $val = mysql_clean($val); } else { $val = apply_func($field['clean_func'], sql_free('|no_mc|' . $val)); } if (!empty($field['db_field'])) { $query_val[] = $val; } } // Setting Verification type if (EMAIL_VERIFICATION == '1') { $status = 'unverified'; $welcome_email = 'no'; } else { $status = 'verified'; $welcome_email = 'yes'; } if (config('user_moderation') == 'yes') { $active = 'no'; } else { $active = 'yes'; } if (has_access('admin_access', true)) { if ($array['status'] == 'verified') { $status = 'verified'; $welcome_email = 'yes'; } else { $status = 'unverified'; $welcome_email = 'no'; } if ($array['active'] == 'yes') { $active = 'yes'; } else { $active = 'yes'; } $query_field[] = "level"; $query_val[] = $array['level']; } $query_field[] = "status"; $query_val[] = $status; $query_field[] = "active"; $query_val[] = $active; $query_field[] = "\twelcome_email_sent"; $query_val[] = $welcome_email; //Creating AV Code $avcode = RandomString(10); $query_field[] = "avcode"; $query_val[] = $avcode; //Signup IP $signup_ip = $_SERVER['REMOTE_ADDR']; $query_field[] = "signup_ip"; $query_val[] = $signup_ip; //Date Joined $now = NOW(); $query_field[] = "doj"; $query_val[] = $now; /** * A VERY IMPORTANT PART OF * OUR SIGNUP SYSTEM IS * SESSION KEY AND CODE * WHEN A USER IS LOGGED IN * IT IS ONLY VALIDATED BY * ITS SIGNUP KEY AND CODE * */ $sess_key = $this->create_session_key($_COOKIE['PHPSESSID'], $array['password']); $sess_code = $this->create_session_code(); $query_field[] = "user_session_key"; $query_val[] = $sess_key; $query_field[] = "user_session_code"; $query_val[] = $sess_code; $query = "INSERT INTO " . tbl("users") . " ("; $total_fields = count($query_field); //Adding Fields to query $i = 0; foreach ($query_field as $qfield) { $i++; $query .= $qfield; if ($i < $total_fields) { $query .= ','; } } $query .= ") VALUES ("; $i = 0; //Adding Fields Values to query foreach ($query_val as $qval) { $i++; $query .= "'{$qval}'"; if ($i < $total_fields) { $query .= ','; } } //Finalzing Query $query .= ")"; $db->Execute($query); $insert_id = $db->insert_id(); $db->insert(tbl($userquery->dbtbl['user_profile']), array("userid"), array($insert_id)); if (!has_access('admin_access', true) && EMAIL_VERIFICATION && $send_signup_email) { global $cbemail; $tpl = $cbemail->get_template('email_verify_template'); $more_var = array('{username}' => post('username'), '{password}' => post('password'), '{email}' => post('email'), '{avcode}' => $avcode); if (!is_array($var)) { $var = array(); } $var = array_merge($more_var, $var); $subj = $cbemail->replace($tpl['email_template_subject'], $var); $msg = nl2br($cbemail->replace($tpl['email_template'], $var)); //Now Finally Sending Email //cbmail(array('to'=>post('email'),'from'=>WEBSITE_EMAIL,'subject'=>$subj,'content'=>$msg)); } elseif (!has_access('admin_access', true) && $send_signup_email) { //$this->send_welcome_email($insert_id); } $log_array = array('username' => $array['username'], 'userid' => $insert_id, 'userlevel' => $array['level'], 'useremail' => $array['email'], 'success' => 'yes', 'details' => sprintf("%s signed up", $array['username'])); //Login Signup insert_log('signup', $log_array); //Adding User has Signup Feed addFeed(array('action' => 'signup', 'object_id' => $insert_id, 'object' => 'signup', 'uid' => $insert_id)); return $insert_id; } return false; }
<?php require_once dirname(dirname(__FILE__)) . '/app.php'; if ($_POST) { verify_captcha('verifyregister', WEB_ROOT . '/account/signup.php'); $u = array(); $u['username'] = strval($_POST['username']); $u['password'] = strval($_POST['password']); $u['email'] = strval($_POST['email']); $u['city_id'] = isset($_POST['city_id']) ? abs(intval($_POST['city_id'])) : abs(intval($city['id'])); $u['mobile'] = strval($_POST['mobile']); if ($_POST['subscribe']) { ZSubscribe::Create($u['email'], abs(intval($u['city_id']))); } if (!Utility::ValidEmail($u['email'], true)) { Session::Set('error', 'Email地址为无效地址'); redirect(WEB_ROOT . '/account/signup.php'); } if ($_POST['password2'] == $_POST['password'] && $_POST['password']) { if (option_yes('emailverify') || option_yes('mobilecode')) { $u['enable'] = 'N'; } if (option_yes('emailverify')) { $u['emailable'] = 'N'; } if ($user_id = ZUser::Create($u)) { ZCredit::Register($user_id); if (option_yes('emailverify')) { mail_sign_id($user_id); Session::Set('unemail', $_POST['email']); redirect(WEB_ROOT . '/account/signuped.php');
<?php require_once dirname(dirname(__FILE__)) . '/app.php'; need_login(); need_open(option_yes('navforum')); $publics = option_category('public'); if ($_POST) { verify_captcha('verifytopic', WEB_ROOT . '/forum/new.php'); $topic = new Table('topic', $_POST); if ($topic->category == 'city') { $topic->city_id = abs(intval($city['id'])); } else { $topic->public_id = abs(intval($topic->category)); } $topic->user_id = $topic->last_user_id = $login_user_id; $topic->create_time = $topic->last_time = time(); $topic->reply_number = 0; $insert = array('user_id', 'city_id', 'public_id', 'content', 'last_user_id', 'last_time', 'reply_number', 'create_time', 'title'); if ($topic_id = $topic->insert($insert)) { redirect(WEB_ROOT . "/forum/topic.php?id={$topic_id}"); } $topic = $_POST; } $id = abs(intval($_GET['id'])); $pagetitle = '发表新话题'; include template('forum_new');
<?php require_once dirname(dirname(__FILE__)) . '/app.php'; if ($_POST) { verify_captcha('verifyfeedback', WEB_ROOT . '/feedback/suggest.php'); if (!$_POST['content'] || !$_POST['title'] || !$_POST['contact']) { Session::Set('error', '请完成表单后再提交'); redirect(WEB_ROOT . '/feedback/seller.php'); } $table = new Table('feedback', $_POST); $table->city_id = abs(intval($city['id'])); $table->create_time = time(); $table->category = 'suggest'; $table->title = htmlspecialchars($table->title); $table->content = htmlspecialchars($table->content); $table->contact = htmlspecialchars($table->contact); $table->Insert(array('city_id', 'title', 'contact', 'content', 'create_time', 'category')); redirect(WEB_ROOT . '/feedback/success.php'); } $pagetitle = '意见反馈'; include template("feedback_suggest");