Ejemplo n.º 1
0
$conf->query(mysqli_query($db, "SELECT * FROM `" . TB_CONF . "` WHERE `id`='1'"));
$user = new user($db);
$user->sessionName('login', 'password');
$obj = new glowna($db);
$theme = $conf->pobierz("theme");
$lang = 'lt';
$contentFileName = 'themes/' . $theme . '/content_' . $lang . '.ini';
$content = new Content($contentFileName, $lang);
if ($user->verifyLogin()) {
    $tentego_glowna = mysqli_num_rows(mysqli_query($db, "SELECT * FROM `{$img_table}` WHERE `is_waiting`='0' AND `author`='" . $user->userInfo('id') . "'"));
    $tentego_poczekalnia = mysqli_num_rows(mysqli_query($db, "SELECT * FROM `{$img_table}` WHERE `is_waiting`='1' AND `author`='" . $user->userInfo('id') . "'"));
    $tentego_last_uploaded = mysqli_fetch_array(mysqli_query($db, "SELECT * FROM `{$img_table}` WHERE `author`='" . $user->userInfo('id') . "' ORDER BY `id` DESC"));
    if (isset($_POST['zmien'])) {
        $info = NULL;
        if (empty($_POST['stare_haslo']) || empty($_POST['nowe_haslo'])) {
            $info = $content->getValue("global", "niewypelniono") . "</span>";
        } else {
            $old_pass = md5($_POST['stare_haslo']);
            if (!mysqli_num_rows(mysqli_query($db, "SELECT * FROM `user` WHERE `login`='" . $user->userInfo('login') . "' and `haslo`='" . $old_pass . "'"))) {
                $info = $content->getValue("profil", "zleHaslo");
            } else {
                $new_pass = md5($_POST['nowe_haslo']);
                $user_login = $user->userInfo('login');
                if (!mysqli_query($db, "UPDATE `user` SET `haslo` = '" . $new_pass . "' WHERE `login`='" . $user_login . "';")) {
                    $info = $content->getValue("profil", "nieudalosie");
                } else {
                    $user->sessionRelog($user_login, $_POST['nowe_haslo']);
                    $info = $content->getValue("profil", "zminiono");
                }
            }
        }
Ejemplo n.º 2
0
require_once 'include/module/Content.class.php';
require_once 'include/module/dett.php';
$conf = new conf();
$conf->query(mysqli_query($db, "SELECT * FROM `" . TB_CONF . "` WHERE `id`='1'"));
$user = new user($db);
$user->sessionName('login', 'password');
$obj = new glowna($db);
$theme = $conf->pobierz("theme");
$lang = 'lt';
$contentFileName = 'themes/' . $theme . '/content_' . $lang . '.ini';
$content = new Content($contentFileName, $lang);
if (isset($_POST['submit_tresc'])) {
    if (($error = $obj->genericValidation($_POST)) != 0) {
        switch ($error) {
            case 1:
                echo '<b>' . $content->getValue("dodaj", "niewypelniono") . '</b><br/><a href="dodaj.php">&laquo; ' . $content->getValue("global", "powrot") . '</a>';
                exit;
                break;
        }
    }
    $tresc = @htmlspecialchars(mysqli_real_escape_string($db, $_POST['tresc']));
    $tytul = @htmlspecialchars(mysqli_real_escape_string($db, $_POST['tytul']));
    $zrodlo = @htmlspecialchars(mysqli_real_escape_string($db, $_POST['zrodlo']));
    $autor = $user->userInfo("id");
    $data = date('Y-m-d H:i:s');
    $image = new SimpleImage();
    switch ($_POST['type']) {
        case 'tekst':
            if (!$image->create($tresc)) {
                echo '<b>' . $content->getValue("dodaj", "zadlugiText") . '</b><br/><a href="dodaj.php">&laquo; ' . $content->getValue("global", "powrot") . '</a>';
                exit;
Ejemplo n.º 3
0
require_once 'include/module/user.class.php';
require_once 'include/module/Content.class.php';
require_once 'include/module/dett.php';
$conf = new conf();
$conf->query(mysqli_query($db, "SELECT * FROM `" . TB_CONF . "` WHERE `id`='1'"));
$obj = new glowna($db);
$user = new user($db);
$user->sessionName('login', 'password');
$theme = $conf->pobierz("theme");
$lang = 'lt';
$contentFileName = 'themes/' . $theme . '/content_' . $lang . '.ini';
$content = new Content($contentFileName, $lang);
if (isset($_POST['submit'])) {
    $info = NULL;
    if (!$_POST['login'] || !$_POST['password'] || !$_POST['password2'] || !$_POST['email']) {
        $info = $content->getValue("global", "niewypelniono") . '<br/><a href="rejestracja.php">' . $content->getValue("global", "powrot") . ' &laquo; </a>';
    } else {
        if ($_SESSION['security_code'] == $_POST['security_code']) {
            if (isset($_POST['regulamin'])) {
                if ($_POST['password'] == $_POST['password2']) {
                    $account = htmlspecialchars(mysqli_real_escape_string($db, $_POST['login']));
                    $password = md5($_POST['password']);
                    $email = htmlspecialchars(mysqli_real_escape_string($db, $_POST['email']));
                    if ($conf->pobierz('req_code')) {
                        $code = rand(10000000, 99999999);
                    } else {
                        $code = 0;
                    }
                    $is_exists = mysqli_num_rows(mysqli_query($db, "SELECT * FROM `user` WHERE login = '******'"));
                    if ($is_exists == 0) {
                        $to = $email;
Ejemplo n.º 4
0
require_once 'include/module/index.class.php';
require_once 'include/module/dett.php';
$conf = new conf();
$conf->query(mysqli_query($db, "SELECT * FROM `" . TB_CONF . "` WHERE `id`='1'"));
$user = new user($db);
$user->sessionName('login', 'password');
$obj = new glowna($db);
$theme = $conf->pobierz("theme");
$lang = 'lt';
$contentFileName = 'themes/' . $theme . '/content_' . $lang . '.ini';
$content = new Content($contentFileName, $lang);
$info = NULL;
if (isset($_GET['code']) && is_numeric($_GET['code'])) {
    $_GET['code'] = mysql_escape_string($_GET['code']);
    if (mysqli_query($db, "UPDATE `user` SET `code`='0' WHERE code='" . $_GET['code'] . "'")) {
        $info = $content->getValue("aktywacja", "aktywowane") . '<a href="login.php">' . $content->getValue("global", "loguj") . '</a>';
    } else {
        $info = $content->getValue("aktywacja", "niepowiodlosie");
    }
} else {
    header("LOCATION:index.php");
}
require_once 'themes/' . $theme . '/header.php';
//LOAD header
echo '<div id="content" class="background">';
require_once 'themes/' . $theme . '/activate.php';
//LOAD content
echo '</div>';
require_once 'themes/' . $theme . '/footer.php';
//LOAD footer
ob_end_flush();
Ejemplo n.º 5
0
require_once 'include/module/dett.php';
$conf = new conf();
$conf->query(mysqli_query($db, "SELECT * FROM `" . TB_CONF . "` WHERE `id`='1'"));
$user = new user($db);
$user->sessionName('login', 'password');
$obj = new glowna($db);
$theme = $conf->pobierz("theme");
$lang = 'lt';
$contentFileName = 'themes/' . $theme . '/content_' . $lang . '.ini';
$content = new Content($contentFileName, $lang);
if (isset($_POST['submit'])) {
    if (!empty($_POST['tresc']) && !empty($_POST['imie']) && !empty($_POST['email'])) {
        $message = "Wysłał: " . clean($_POST['imie']) . "\ne-mail: " . clean($_POST['email']) . "\n\n----------Treść wiadomości----------\n\n" . clean($_POST['tresc']);
        $header = "From: " . clean($_POST['imie']) . " <" . clean($_POST['email']) . ">";
        if (!@mail($conf->pobierz("email"), "Wiadomosc z " . $conf->pobierz("tytul"), $message, $header)) {
            $info = $content->getValue("kontakt", "kontakt");
        } else {
            $info = "<div align=\"center\"><strong>" . $content->getValue("kontakt", "wyslano") . "</strong></div>";
        }
    } else {
        $info = $content->getValue("global", "niewypelniono");
    }
    $info .= '<br/><a href="kontakt.php">&laquo; ' . $content->getValue("global", "powrot") . '</a>';
}
function clean($str)
{
    $injections = array('/(\\n+)/i', '/(\\r+)/i', '/(\\t+)/i', '/(%0A+)/i', '/(%0D+)/i', '/(%08+)/i', '/(%09+)/i');
    $str = preg_replace($injections, '', $str);
    return $str;
}
require_once 'themes/' . $theme . '/header.php';