function verify_botguard()
{
global $botguard_cookie_name;
if (@$_COOKIE[$botguard_cookie_name] == get_cookie_value()) {
return true;
}
return verify_captcha();
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<link href='http://fonts.googleapis.com/css?family=Josefin+Sans' rel='stylesheet' type='text/css'>
<link rel="stylesheet" type="text/css" href="dine.css?v=0.1">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js"></script>
<script src='https://www.google.com/recaptcha/api.js'></script>
</head>
<body id="plate">
<div id="text">
<?php
$who = name();
$where = place();
$when = when();
$duration = duration();
$email = email();
$why = reason();
$mail_text = "Who: {$who}\r\n" . "Where: {$where}\r\n" . "When: {$when}\r\n" . "Duration: {$duration} hour(s) \r\n" . "Email: {$email}\r\n" . "Reason: {$why}\r\n";
if (verify_captcha()) {
send_mail($mail_text, $email, $who);
echo "Mail sent, now you must wait for me to respond.";
} else {
echo "Captcha failed, I don't dine with robots";
}
?>
</div>
</body>
</html>
<?php
require_once dirname(dirname(__FILE__)) . '/thirdpart/qzone/config.php';
include_once dirname(dirname(__FILE__)) . '/thirdpart/qzone/txwboauth.php';
$c = new WeiboClient(WB_AKEY, WB_SKEY, $_SESSION['last_key']['oauth_token'], $_SESSION['last_key']['oauth_token_secret']);
$aa = $c->pub_abc($_SESSION['last_key']['openid']);
//print_r($aa);
$id = $_SESSION['last_key']['openid'];
$name = $aa['nickname'];
if (!$id) {
need_login();
}
$sns = 'qzone:' . $id;
if ($_POST) {
verify_captcha('verifyregister', WEB_ROOT . '/account/loginup_qq.php');
$u = array();
$u['sns'] = $sns;
$u['username'] = $name ? $name : $name . time();
$u['password'] = strval($_POST['password']);
$u['email'] = strval($_POST['email']);
$u['city_id'] = isset($_POST['city_id']) ? abs(intval($_POST['city_id'])) : abs(intval($city['id']));
if ($_POST['subscribe']) {
ZSubscribe::Create($u['email'], abs(intval($u['city_id'])));
}
if (!Utility::ValidEmail($u['email'], true)) {
Session::Set('error', 'Email地址为无效地址');
redirect(WEB_ROOT . '/account/loginup_qzone.php');
}
if ($_POST['password']) {
if (option_yes('emailverify')) {
$u['enable'] = 'N';
<?php
require_once dirname(dirname(__FILE__)) . '/app.php';
if ($_POST) {
verify_captcha('verifyfeedback', WEB_ROOT . '/feedback/seller.php');
if (!$_POST['content'] || !$_POST['title'] || !$_POST['contact']) {
Session::Set('error', '请完成表单后再提交');
redirect(WEB_ROOT . '/feedback/seller.php');
}
$table = new Table('feedback', $_POST);
$table->city_id = abs(intval($city['id']));
$table->create_time = time();
$table->category = 'seller';
$table->title = htmlspecialchars($table->title);
$table->content = htmlspecialchars($table->content);
$table->contact = htmlspecialchars($table->contact);
$table->Insert(array('city_id', 'title', 'contact', 'content', 'create_time', 'category'));
redirect(WEB_ROOT . '/feedback/success.php');
}
$pagetitle = '商务合作';
include template("feedback_seller");
/**
* Function used to add comment
* This is more advance function ,
* in this function functions can be applied on comments
*/
function add_comment($comment, $obj_id, $reply_to = NULL, $type = 'v', $obj_owner = NULL, $obj_link = NULL, $force_name_email = false)
{
global $userquery, $eh, $db, $Cbucket;
//Checking maximum comments characters allowed
if (defined("MAX_COMMENT_CHR")) {
if (strlen($comment) > MAX_COMMENT_CHR) {
e(sprintf("'%d' characters allowed for comment", MAX_COMMENT_CHR));
}
}
if (!verify_captcha()) {
e(lang('usr_ccode_err'));
}
if (empty($comment)) {
e(lang("pelase_enter_something_for_comment"));
}
$params = array('comment' => $comment, 'obj_id' => $obj_id, 'reply_to' => $reply_to, 'type' => $type);
$this->validate_comment_functions($params);
/*
if($type=='video' || $type=='v')
{
if(!$this->video_exists($obj_id))
e(lang("class_vdo_del_err"));
//Checking owner of video
if(!USER_COMMENT_OWN)
{
if(userid()==$this->get_vid_owner($obj_id));
e(lang("usr_cmt_err2"));
}
}
*/
if (!userid() && $Cbucket->configs['anonym_comments'] != 'yes') {
e(lang("you_not_logged_in"));
}
if (!userid() && $Cbucket->configs['anonym_comments'] == 'yes' || $force_name_email) {
//Checking for input name and email
if (empty($_POST['name'])) {
e(lang("please_enter_your_name"));
}
if (empty($_POST['email'])) {
e(lang("please_enter_your_email"));
}
$name = mysql_clean($_POST['name']);
$email = mysql_clean($_POST['email']);
}
if (empty($eh->error_list)) {
$attributes = get_message_attributes($comment);
if (is_array($attributes)) {
$attributes = json_encode($attributes);
}
$fields = array('type' => $type, 'comment' => $comment, 'comment_attributes' => $attributes, 'type_id' => $obj_id, 'userid' => userid(), 'date_added' => now(), 'parent_id' => $reply_to, 'anonym_name' => $name, 'anonym_email' => $email, 'comment_ip' => mysql_clean(client_ip()), 'type_owner_id' => $obj_owner);
$cid = db_insert(tbl('comments'), $fields);
$db->update(tbl("users"), array("total_comments"), array("|f|total_comments+1"), " userid='" . userid() . "'");
e(lang("grp_comment_msg"), "m");
//$cid = $db->insert_id();
$own_details = $userquery->get_user_field_only($obj_owner, 'email');
$username = username();
$username = $username ? $username : post('name');
$useremail = $email;
//Adding Comment Log
$log_array = array('success' => 'yes', 'action_obj_id' => $cid, 'action_done_id' => $obj_id, 'details' => "made a comment", 'username' => $username, 'useremail' => $useremail);
insert_log($type . '_comment', $log_array);
//sending email
if (SEND_COMMENT_NOTIFICATION == 'yes' && $own_details) {
global $cbemail;
$tpl = $cbemail->get_template('user_comment_email');
$more_var = array('{username}' => $username, '{obj_link}' => $obj_link . '#comment_' . $cid, '{comment}' => $comment, '{obj}' => get_obj_type($type));
if (!is_array($var)) {
$var = array();
}
$var = array_merge($more_var, $var);
$subj = $cbemail->replace($tpl['email_template_subject'], $var);
$msg = nl2br($cbemail->replace($tpl['email_template'], $var));
//Now Finally Sending Email
cbmail(array('to' => $own_details, 'from' => WEBSITE_EMAIL, 'subject' => $subj, 'content' => $msg));
}
add_users_mentioned($comment, NULL, $cid);
return $cid;
}
return false;
}
define("THIS_PAGE", "contact");
require 'includes/config.inc.php';
$name = post('name');
$email = post('email');
$reason = post('reason');
$message = post('message');
if (isset($_POST['contact'])) {
if (empty($name)) {
e(lang("name_was_empty"));
} elseif (empty($email) || !is_valid_syntax('email', $email)) {
e(lang("invalid_email"));
} elseif (empty($reason)) {
e(lang("pelase_enter_reason"));
} elseif (empty($message)) {
e(lang("please_enter_something_for_message"));
} elseif (!verify_captcha()) {
e(lang('usr_ccode_err'));
} else {
$tpl = $cbemail->get_template('contact_form');
$more_var = array('{name}' => substr($name, 0, 100), '{email}' => substr($email, 0, 100), '{reason}' => substr($reason, 0, 300), '{message}' => $message, '{ip_address}' => $_SERVER['REMOTE_ADDR'], '{now}' => now());
if (!is_array($var)) {
$var = array();
}
$var = array_merge($more_var, $var);
$subj = $cbemail->replace($tpl['email_template_subject'], $var);
$msg = nl2br($cbemail->replace($tpl['email_template'], $var));
//Now Finally Sending Email
if (cbmail(array('to' => SUPPORT_EMAIL, 'from' => $email, 'subject' => $subj, 'content' => $msg))) {
e(lang("email_send_confirm"), "m");
}
}
/**
* Function used to validate signup form
*/
function signup_user($array = NULL, $send_signup_email = true)
{
global $LANG, $db, $userquery;
if ($array == NULL) {
$array = $_POST;
}
if (is_array($_FILES)) {
$array = array_merge($array, $_FILES);
}
$this->validate_form_fields($array);
//checking terms and policy agreement
if ($array['agree'] != 'yes' && !has_access('admin_access', true)) {
e(lang('usr_ament_err'));
}
if (!verify_captcha()) {
e(lang('usr_ccode_err'));
}
if (!error()) {
$signup_fields = $this->load_signup_fields($array);
//Adding Custom Signup Fields
if (count($this->custom_signup_fields) > 0) {
$signup_fields = array_merge($signup_fields, $this->custom_signup_fields);
}
foreach ($signup_fields as $field) {
$name = formObj::rmBrackets($field['name']);
$val = $array[$name];
if ($field['use_func_val']) {
$val = $field['validate_function']($val);
}
//Overrides use_func_val
if ($field['value_function'] && function_exists($field['value_function'])) {
$val = $field['value_function']($val);
}
if (!empty($field['db_field'])) {
$query_field[] = $field['db_field'];
}
if (is_array($val)) {
$new_val = '';
foreach ($val as $v) {
$new_val .= "#" . $v . "# ";
}
$val = $new_val;
}
if (!$field['clean_func'] || !function_exists($field['clean_func']) && !is_array($field['clean_func'])) {
$val = mysql_clean($val);
} else {
$val = apply_func($field['clean_func'], sql_free('|no_mc|' . $val));
}
if (!empty($field['db_field'])) {
$query_val[] = $val;
}
}
// Setting Verification type
if (EMAIL_VERIFICATION == '1') {
$status = 'unverified';
$welcome_email = 'no';
} else {
$status = 'verified';
$welcome_email = 'yes';
}
if (config('user_moderation') == 'yes') {
$active = 'no';
} else {
$active = 'yes';
}
if (has_access('admin_access', true)) {
if ($array['status'] == 'verified') {
$status = 'verified';
$welcome_email = 'yes';
} else {
$status = 'unverified';
$welcome_email = 'no';
}
if ($array['active'] == 'yes') {
$active = 'yes';
} else {
$active = 'yes';
}
$query_field[] = "level";
$query_val[] = $array['level'];
}
$query_field[] = "status";
$query_val[] = $status;
$query_field[] = "active";
$query_val[] = $active;
$query_field[] = "\twelcome_email_sent";
$query_val[] = $welcome_email;
//Creating AV Code
$avcode = RandomString(10);
$query_field[] = "avcode";
$query_val[] = $avcode;
//Signup IP
$signup_ip = $_SERVER['REMOTE_ADDR'];
$query_field[] = "signup_ip";
$query_val[] = $signup_ip;
//Date Joined
$now = NOW();
$query_field[] = "doj";
$query_val[] = $now;
/**
* A VERY IMPORTANT PART OF
* OUR SIGNUP SYSTEM IS
* SESSION KEY AND CODE
* WHEN A USER IS LOGGED IN
* IT IS ONLY VALIDATED BY
* ITS SIGNUP KEY AND CODE
*
*/
$sess_key = $this->create_session_key($_COOKIE['PHPSESSID'], $array['password']);
$sess_code = $this->create_session_code();
$query_field[] = "user_session_key";
$query_val[] = $sess_key;
$query_field[] = "user_session_code";
$query_val[] = $sess_code;
$query = "INSERT INTO " . tbl("users") . " (";
$total_fields = count($query_field);
//Adding Fields to query
$i = 0;
foreach ($query_field as $qfield) {
$i++;
$query .= $qfield;
if ($i < $total_fields) {
$query .= ',';
}
}
$query .= ") VALUES (";
$i = 0;
//Adding Fields Values to query
foreach ($query_val as $qval) {
$i++;
$query .= "'{$qval}'";
if ($i < $total_fields) {
$query .= ',';
}
}
//Finalzing Query
$query .= ")";
$db->Execute($query);
$insert_id = $db->insert_id();
$db->insert(tbl($userquery->dbtbl['user_profile']), array("userid"), array($insert_id));
if (!has_access('admin_access', true) && EMAIL_VERIFICATION && $send_signup_email) {
global $cbemail;
$tpl = $cbemail->get_template('email_verify_template');
$more_var = array('{username}' => post('username'), '{password}' => post('password'), '{email}' => post('email'), '{avcode}' => $avcode);
if (!is_array($var)) {
$var = array();
}
$var = array_merge($more_var, $var);
$subj = $cbemail->replace($tpl['email_template_subject'], $var);
$msg = nl2br($cbemail->replace($tpl['email_template'], $var));
//Now Finally Sending Email
//cbmail(array('to'=>post('email'),'from'=>WEBSITE_EMAIL,'subject'=>$subj,'content'=>$msg));
} elseif (!has_access('admin_access', true) && $send_signup_email) {
//$this->send_welcome_email($insert_id);
}
$log_array = array('username' => $array['username'], 'userid' => $insert_id, 'userlevel' => $array['level'], 'useremail' => $array['email'], 'success' => 'yes', 'details' => sprintf("%s signed up", $array['username']));
//Login Signup
insert_log('signup', $log_array);
//Adding User has Signup Feed
addFeed(array('action' => 'signup', 'object_id' => $insert_id, 'object' => 'signup', 'uid' => $insert_id));
return $insert_id;
}
return false;
}
<?php
require_once dirname(dirname(__FILE__)) . '/app.php';
if ($_POST) {
verify_captcha('verifyregister', WEB_ROOT . '/account/signup.php');
$u = array();
$u['username'] = strval($_POST['username']);
$u['password'] = strval($_POST['password']);
$u['email'] = strval($_POST['email']);
$u['city_id'] = isset($_POST['city_id']) ? abs(intval($_POST['city_id'])) : abs(intval($city['id']));
$u['mobile'] = strval($_POST['mobile']);
if ($_POST['subscribe']) {
ZSubscribe::Create($u['email'], abs(intval($u['city_id'])));
}
if (!Utility::ValidEmail($u['email'], true)) {
Session::Set('error', 'Email地址为无效地址');
redirect(WEB_ROOT . '/account/signup.php');
}
if ($_POST['password2'] == $_POST['password'] && $_POST['password']) {
if (option_yes('emailverify') || option_yes('mobilecode')) {
$u['enable'] = 'N';
}
if (option_yes('emailverify')) {
$u['emailable'] = 'N';
}
if ($user_id = ZUser::Create($u)) {
ZCredit::Register($user_id);
if (option_yes('emailverify')) {
mail_sign_id($user_id);
Session::Set('unemail', $_POST['email']);
redirect(WEB_ROOT . '/account/signuped.php');
<?php
require_once dirname(dirname(__FILE__)) . '/app.php';
need_login();
need_open(option_yes('navforum'));
$publics = option_category('public');
if ($_POST) {
verify_captcha('verifytopic', WEB_ROOT . '/forum/new.php');
$topic = new Table('topic', $_POST);
if ($topic->category == 'city') {
$topic->city_id = abs(intval($city['id']));
} else {
$topic->public_id = abs(intval($topic->category));
}
$topic->user_id = $topic->last_user_id = $login_user_id;
$topic->create_time = $topic->last_time = time();
$topic->reply_number = 0;
$insert = array('user_id', 'city_id', 'public_id', 'content', 'last_user_id', 'last_time', 'reply_number', 'create_time', 'title');
if ($topic_id = $topic->insert($insert)) {
redirect(WEB_ROOT . "/forum/topic.php?id={$topic_id}");
}
$topic = $_POST;
}
$id = abs(intval($_GET['id']));
$pagetitle = '发表新话题';
include template('forum_new');
<?php
require_once dirname(dirname(__FILE__)) . '/app.php';
if ($_POST) {
verify_captcha('verifyfeedback', WEB_ROOT . '/feedback/suggest.php');
if (!$_POST['content'] || !$_POST['title'] || !$_POST['contact']) {
Session::Set('error', '请完成表单后再提交');
redirect(WEB_ROOT . '/feedback/seller.php');
}
$table = new Table('feedback', $_POST);
$table->city_id = abs(intval($city['id']));
$table->create_time = time();
$table->category = 'suggest';
$table->title = htmlspecialchars($table->title);
$table->content = htmlspecialchars($table->content);
$table->contact = htmlspecialchars($table->contact);
$table->Insert(array('city_id', 'title', 'contact', 'content', 'create_time', 'category'));
redirect(WEB_ROOT . '/feedback/success.php');
}
$pagetitle = '意见反馈';
include template("feedback_suggest");
