Example #1
0
        show_message('url_error', './');
        exit;
    }
} elseif ($command == 'answer_response') {
    $aid = intval($_POST['aid']);
    $query = $dblink->query("select * from {$tablepre}answer where aid={$aid}");
    if (!$dblink->num_rows($query)) {
        show_message('action_error', './');
        exit;
    }
    if (!$cyask_uid) {
        $referer = get_referer();
        show_message('user_nologin', $referer);
        exit;
    }
    if (check_submit($_POST['dosubmit'], $_POST['formhash'])) {
        $days = strtotime(date("Y-m-d"));
        if (empty($_POST['content'])) {
            show_message('response_null', '');
            exit;
        }
        if ($cyask_user) {
            $query = $dblink->query("SELECT count(*) FROM {$tablepre}res WHERE aid={$aid} AND uid={$cyask_uid} AND days={$days}");
        } else {
            $query = $dblink->query("SELECT count(*) FROM {$tablepre}res WHERE aid={$aid} AND uip='{$onlineip}' AND days={$days}");
        }
        if ($dblink->result($query, 0) > 3) {
            show_message('response_more', '');
            exit;
        } else {
            $content = filters_content($_POST['content']);
Example #2
0
    $i = 1;
    while ($row = $dblink->fetch_array($query)) {
        $row['id'] = $i;
        $query_c = $dblink->query("select * from {$tablepre}answer_1 where aid='{$row['aid']}'");
        $row_c = $dblink->fetch_array($query_c);
        $row = array_merge($row, $row_c);
        $row['content'] = cut_str($row['content'], 200);
        $answer_list[$i] = $row;
        $i++;
    }
    include template('handle_ques_setvote');
} elseif ($command == 'ques_vote_submit') {
    $query = $dblink->query("SELECT count(*) FROM {$tablepre}question WHERE qid={$qid}");
    if (!$dblink->result($query, 0)) {
        show_message('action_error', './');
        exit;
    }
    if (check_submit($_POST['quesvotesubmit'], $_POST['formhash'])) {
        $dblink->query("UPDATE {$tablepre}question SET status=3 WHERE qid={$qid}");
        $vote_list = explode("|", $_POST[vote_list]);
        $vote_count = count($vote_list);
        for ($i = 0; $i < $vote_count; $i++) {
            $dblink->query("UPDATE {$tablepre}answer SET joinvote=1 WHERE aid={$vote_list[$i]}");
        }
        header("location:signal.php?resultno=104&url={$url}");
        exit;
    } else {
        show_message('url_error', './');
        exit;
    }
}
Example #3
0
/*
	[CYASK] (C)2009 Cyask.com
	Revision: 3.2
	Date: 2009-12-20
	Author: zhaoshunyao
	QQ: 240508015
*/
define('CURSCRIPT', 'login');
require './include/common.inc.php';
$url = empty($_GET['url']) ? $_POST['url'] : $_GET['url'];
if ($command == 'login') {
    if ($cyask_uid) {
        $url = empty($url) ? './' : $url;
        show_message('login_succeed', $url);
    }
    if (check_submit($_POST['loginsubmit'], $_POST['formhash'])) {
        $cyask_user = trim($_POST['username']);
        $cyask_user = daddslashes($cyask_user);
        $md5passwd = md5($_POST['password']);
        $query = $dblink->query("SELECT uid,password FROM {$tablepre}member WHERE username='{$cyask_user}'");
        $rows = $dblink->num_rows($query);
        if ($rows) {
            $members = $dblink->fetch_array($query);
            $cyask_uid = $members['uid'];
            $cyask_pw = $members['password'];
            if ($cyask_pw == $md5passwd) {
                $dblink->query("UPDATE {$tablepre}member SET lastlogin='{$timestamp}' WHERE uid='{$members['uid']}'");
                $url = empty($url) ? './' : $url;
                $cookietime = $_POST['cookietime'] ? 86400 * 30 : 0;
                set_cookie('compound', authcode("{$cyask_uid}\t{$cyask_user}\t{$cyask_pw}", 'ENCODE', $cyask_key), $cookietime);
                set_cookie('styleid', $styleid, $cookietime);
Example #4
0
/*
	[CYASK] (C)2007 Cyask.com QQ: 240508015
	Revision: 3.0.0 for Discuz
	Date: 2007/4/23
*/
define('CURSCRIPT', 'collect');
error_reporting(7);
require_once './include/common.inc.php';
$title = $site_name;
if (!$cyask_uid) {
    $url = get_referer();
    show_message('user_nologin', '');
    exit;
}
if ($command == 'collect') {
    if (check_submit($_POST['collectsubmit'], $_POST['formhash'])) {
        $collect_url = trim($_POST['collect_url']);
        $collect_title = trim($_POST['collect_title']);
        $collect_content = empty($_POST['content']) ? '' : filters_content($_POST['content']);
        $sortname = $_POST['sortname'];
        $ctype = $_POST['ctype'];
        $public = $_POST['public'];
        $dblink->query("INSERT INTO {$dbprefix}collect SET uid={$cyask_uid},username='{$cyask_user}',sortname='{$sortname}',ctype='{$ctype}',title='{$collect_title}',content='{$collect_content}',url='{$collect_url}',public='{$public}',collecttime='{$timestamp}'");
        $url = $_POST['url'];
        show_message('collect_succeed', $url);
        exit;
    } else {
        show_message('url_error', './');
        exit;
    }
} else {
Example #5
0
<?php

/*
	[CYASK] (C)2007 Cyask.com QQ: 240508015
	Revision: 3.0.0 for Discuz
	Date: 2007/4/23
*/
define('CURSCRIPT', 'register');
require './include/common.inc.php';
$url = empty($_GET['url']) ? $_POST['url'] : $_GET['url'];
if ($command == 'registed') {
    if ($cyask_uid) {
        show_message('login_succeed', $url);
    }
    if (check_submit($_POST['registsubmit'], $_POST['formhash'])) {
        $cyask_user = trim($_POST['username']);
        $cyask_user = strtolower($cyask_user);
        $password = trim($_POST['password']);
        $email = $_POST['email'];
        $username_ok = filters_username($cyask_user);
        if (!$username_ok) {
            show_message('regist_name_error', '');
        }
        $email_ok = uc_user_checkemail($email);
        if (!$email_ok) {
            show_message('regist_email_error' . abs($email_ok), '');
        }
        $usernum = uc_user_checkname($cyask_user);
        if ($usernum != 1) {
            show_message('regist_name_used', '');
        } else {
Example #6
0
<?php

/*
四川省扶贫和移民工作局
*/
define('IN_ADMIN', True);
require 'include/common.php';
$do = getGP('do', 'G');
if (check_submit('dosubmit')) {
    $errmsg = array();
    initGP(array('username', 'password', 'vdcode', 'remember'), 'P');
    if (strlen($username) < 3 || strlen($username) > 50) {
        $errmsg[] = '用户名长度必须在3-20字节之间。';
    } elseif (!is_username($username)) {
        $errmsg[] = '用户名中含有非法字符。';
    }
    if (strlen($password) < 6) {
        $errmsg[] = '密码长度不能小于6个字节。';
    }
    if (get_config('user', 'login_vdcode')) {
        session_start();
        if (strtolower($vdcode) != $_SESSION['vdcode']) {
            $errmsg[] = '验证码不正确。';
        }
        unset($_SESSION['vdcode']);
    }
    if (count($errmsg)) {
        show_msg($errmsg, 'login.php');
    }
    $flag = $_USER->login($username, $password, $remember);
    if ($flag == 1) {
Example #7
0
        $url = 'member.php?uid=' . $uid;
        show_message('user_nologin', '');
        exit;
    }
} elseif ($command == 'sendmsg') {
    if (!$cyask_user) {
        $backurl = 'member.php?uid=' . $uid;
        show_message('user_nologin', '');
        exit;
    }
    if ($cyask_uid == $uid) {
        $url = 'member.php?uid=' . $uid;
        show_message('sendmsg_self', $url);
        exit;
    }
    if (check_submit($_POST['sendmsg'], $_POST['formhash'])) {
        $num = uc_pm_send($cyask_uid, $uid, $_POST['title'], $_POST['content'], 1, 0, 0);
        if ($num > 0) {
            $url = 'member.php?uid=' . $uid;
            show_message('sendmsg_succeed', $url);
        } else {
            $url = 'member.php?uid=' . $uid;
            show_message('sendmsg_error', $url);
        }
        /*		if($passport=='discuz5.0.0')
        		{
        			$dblink->query("insert into $dbprefix"."pms set msgfrom='$cyask_user',msgfromid='$cyask_uid',msgtoid='$uid',folder='inbox',new=1,subject='$_POST[title]',dateline='$timestamp',message='$_POST[content]'");
        			
        		}
        		elseif($passport=='discuz5.5.0')
        		{
Example #8
0
    gotoindex();
}
check_login();
if (!post_check()) {
    exit(0);
} else {
    set_cookie();
}
$_GET['pagename'] = "posting";
include "header.php";
$m_id = $_SESSION['id'];
$content = $_POST['content'];
$question = $_POST['question'];
$choice = $_POST['choice'];
$answer = $_POST['answer'];
if (check_submit($content, $question, $choice, $answer) == false) {
    print "<a href='posting.php'>戻る</a>";
    exit(0);
}
$db = new mydb();
if (insert_question($db, $content, $question, $m_id) == false) {
    sql_failed();
    exit(0);
}
for ($i = 0; $i < count($choice); $i++) {
    if (insert_choice($db, $choice[$i], $answer[$i]) == false) {
        sql_failed();
        exit(0);
    }
}
reset_cookie();