function unsetcookies() { foreach (func_get_args() as $name) { if (!empty($name) && !empty($_COOKIE[$name])) { setcookie($name, '', time() - 3600); unset($_COOKIE[$name]); } } } if (!empty($_COOKIE['clearsettings'])) { unsetcookies('domail', 'email', 'saveto', 'path', 'useproxy', 'proxy', 'proxyuser', 'proxypass', 'split', 'partSize', 'savesettings', 'clearsettings', 'premium_acc', 'premium_user', 'premium_pass'); } if (!empty($_GET['savesettings']) && $_GET['savesettings'] == 'on') { $expiretime = time() + 800600; setcookie('savesettings', '1', $expiretime); if (!empty($_GET['domail']) && $_GET['domail'] == 'on' && !empty($_GET['email']) && checkmail($_GET['email'])) { setcookie('domail', '1', $expiretime); setcookie('email', $_GET['email'], $expiretime); if (!empty($_GET['split']) && $_GET['split'] == 'on') { setcookie('split', '1', $expiretime); if (!empty($_GET['partSize']) && is_numeric($_GET['partSize'])) { setcookie('partSize', $_GET['partSize'], $expiretime); } else { unsetcookies('partSize'); } if (!empty($_GET['method']) && in_array($_GET['method'], array('tc', 'rfc'))) { setcookie('method', $_GET['method'], $expiretime); } else { unsetcookies('method'); } } else {
if (strlen($yourname) > 40) { $error .= "<br>{$error1}"; } if (empty($yourname)) { $error .= "<br>{$error4}"; } } // Email Validation Section ---------------------------- if ($email_optional != 1) { if (strlen($youremail) > 40) { $error .= "<br>{$error2}"; } if (empty($youremail)) { $error .= "<br>{$error5}"; } if (checkmail($youremail) != 1) { $error .= "<br>{$error3}"; } } // Message Validation Section --------------------------- if ($message_optional != 1) { if (empty($yourmessage)) { $error .= "<br>{$error6}"; } } // Exit Program if there is an error -------------------- if ($error) { $z = "1"; echo $error; echo "<center><br><a href=\"javascript:history.go(-1)\" class=\"text\">{$goback}</a></center>"; include "footer.inc";
function myprofile() { global $set, $apx, $db; //Weiterleisten auf Loginseite, wenn nicht angemeldet if (!$apx->user->info['userid']) { header('Location: index.php'); } if ($_POST['send'] == 1) { if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['username'] || ($_POST['pwd1'] || $_POST['pwd2']) && (!$_POST['pwd1'] || !$_POST['pwd2']) || !$_POST['email']) { infoNotComplete(); } elseif ($_POST['pwd1'] != $_POST['pwd2']) { info($apx->lang->get('INFO_PWNOMATCH')); } elseif (strlen($_POST['signature']) > $set['user']['sigmaxlen']) { info($apx->lang->get('INFO_SIGTOOLONG')); } elseif (!checkmail($_POST['email'])) { info($apx->lang->get('INFO_NOMAIL')); } else { if (substr($_POST['homepage'], 0, 4) == 'www.') { $_POST['homepage'] = 'http://' . $_POST['homepage']; } if ($_POST['pwd1']) { $_POST['salt'] = random_string(); $_POST['password'] = md5(md5($_POST['pwd1']) . $_POST['salt']); } if ($_POST['bd_day'] && $_POST['bd_mon'] && $_POST['bd_year']) { $_POST['birthday'] = sprintf('%02d-%02d-%04d', $_POST['bd_day'], $_POST['bd_mon'], $_POST['bd_year']); } elseif ($_POST['bd_day'] && $_POST['bd_day']) { $_POST['birthday'] = sprintf('%02d-%02d', $_POST['bd_day'], $_POST['bd_mon']); } else { $_POST['birthday'] = ''; } //Location bestimmen $_POST['locid'] = user_get_location($_POST['plz'], $_POST['city'], $_POST['country']); $db->dupdate(PRE . '_user', iif($_POST['pwd1'], 'password,salt,') . 'username,email,homepage,icq,aim,yim,msn,skype,realname,gender,birthday,city,plz,country,locid,interests,work,custom1,custom2,custom3,custom4,custom5,custom6,custom7,custom8,custom9,custom10,signature,pub_lang,pub_invisible,pub_hidemail,pub_poppm,pub_usegb,pub_gbmail,pub_profileforfriends,pub_showbuddies,pub_theme,admin_lang,admin_editor' . iif($apx->is_module('forum'), ',forum_autosubscribe'), "WHERE userid='" . $apx->user->info['userid'] . "'"); logit('USER_MYPROFILE'); if ($_POST['pwd1']) { $apx->session->destroy(); setcookie($set['main']['cookie_pre'] . '_admin_userid', 0, time() - 99999, '/'); setcookie($set['main']['cookie_pre'] . '_admin_password', 0, time() - 99999, '/'); unset($_COOKIE[$set['main']['cookie_pre'] . '_admin_userid'], $_COOKIE[$set['main']['cookie_pre'] . '_admin_password']); } printJSRedirect('action.php?action=user.myprofile'); } } else { $ex = array('userid', 'password', 'birthday', 'reg_time', 'reg_email', 'lastonline', 'lastactive'); foreach ($apx->user->info as $key => $val) { if (in_array($key, $ex)) { continue; } $_POST[$key] = $val; } list($_POST['bd_day'], $_POST['bd_mon'], $_POST['bd_year']) = explode('-', $apx->user->info['birthday']); //Sprache foreach ($apx->languages as $id => $name) { $lang_admin .= '<option value="' . $id . '"' . iif($_POST['admin_lang'] == $id, ' selected="selected"') . '>' . $name . '</option>'; $lang_pub .= '<option value="' . $id . '"' . iif($_POST['pub_lang'] == $id, ' selected="selected"') . '>' . $name . '</option>'; } //Themes $handle = opendir(BASEDIR . getpath('tmpldir')); while ($file = readdir($handle)) { if ($file == '.' || $file == '..' || !is_dir(BASEDIR . getpath('tmpldir') . $file)) { continue; } $themes[] = $file; } closedir($handle); sort($themes); foreach ($themes as $themeid) { $themelist .= '<option value="' . $themeid . '"' . iif($themeid == $_POST['pub_theme'], ' selected="selected"') . '>' . $themeid . '</option>'; } //Custom-Felder for ($i = 1; $i <= 10; $i++) { $fieldname = $set['user']['cusfield_names'][$i - 1]; $apx->tmpl->assign('CUSFIELD' . $i . '_NAME', replace($fieldname)); $apx->tmpl->assign('CUSTOM' . $i, compatible_hsc($_POST['custom' . $i])); } $apx->tmpl->assign('USERNAME_LOGIN', replace($_POST['username_login'])); $apx->tmpl->assign('USERNAME', compatible_hsc($_POST['username'])); $apx->tmpl->assign('EMAIL', compatible_hsc($_POST['email'])); $apx->tmpl->assign('HOMEPAGE', compatible_hsc($_POST['homepage'])); $apx->tmpl->assign('ICQ', (int) $_POST['icq']); $apx->tmpl->assign('AIM', compatible_hsc($_POST['aim'])); $apx->tmpl->assign('YIM', compatible_hsc($_POST['yim'])); $apx->tmpl->assign('MSN', compatible_hsc($_POST['msn'])); $apx->tmpl->assign('SKYPE', compatible_hsc($_POST['skype'])); $apx->tmpl->assign('REALNAME', compatible_hsc($_POST['realname'])); $apx->tmpl->assign('CITY', compatible_hsc($_POST['city'])); $apx->tmpl->assign('COUNTRY', compatible_hsc($_POST['country'])); $apx->tmpl->assign('PLZ', compatible_hsc($_POST['plz'])); $apx->tmpl->assign('INTERESTS', compatible_hsc($_POST['interests'])); $apx->tmpl->assign('WORK', compatible_hsc($_POST['work'])); $apx->tmpl->assign('GENDER', (int) $_POST['gender']); $apx->tmpl->assign('BD_DAY', (int) $_POST['bd_day']); $apx->tmpl->assign('BD_MON', (int) $_POST['bd_mon']); $apx->tmpl->assign('BD_YEAR', (int) $_POST['bd_year']); $apx->tmpl->assign('SIGNATURE', compatible_hsc($_POST['signature'])); $apx->tmpl->assign('MAXLEN', $set['user']['sigmaxlen']); $apx->tmpl->assign('PUB_INVISIBLE', (int) $_POST['pub_invisible']); $apx->tmpl->assign('PUB_HIDEMAIL', (int) $_POST['pub_hidemail']); $apx->tmpl->assign('PUB_POPPM', (int) $_POST['pub_poppm']); $apx->tmpl->assign('PUB_SHOWBUDDIES', (int) $_POST['pub_showbuddies']); $apx->tmpl->assign('PUB_USEGB', (int) $_POST['pub_usegb']); $apx->tmpl->assign('PUB_GBMAIL', (int) $_POST['pub_gbmail']); $apx->tmpl->assign('PUB_THEME', $themelist); $apx->tmpl->assign('PUB_LANG', $lang_pub); $apx->tmpl->assign('PUB_PROFILEFORFRIENDS', (int) $_POST['pub_profileforfriends']); $apx->tmpl->assign('FORUM_AUTOSUBSCRIBE', (int) $_POST['forum_autosubscribe']); $apx->tmpl->assign('ADMIN_LANG', $lang_admin); $apx->tmpl->assign('ADMIN_EDITOR', (int) $_POST['admin_editor']); $apx->tmpl->parse('myprofile'); } }
function boxes_go() { global $list, $options, $fromaddr; require_once CLASS_DIR . "mail.php"; $_POST["partSize"] = isset($_POST["partSize"]) & $_POST["split"] == "on" ? $_POST["partSize"] * 1024 * 1024 : FALSE; $v_mails = explode("\n", $_POST['emails']); $v_min = count(count($_POST["files"]) < count($v_mails) ? $_POST["files"] : $v_mails); for ($i = 0; $i < $v_min; $i++) { $file = $list[$_POST["files"][$i]]; $v_mail = trim($v_mails[$i]); if (!checkmail($v_mail)) { printf(lang(144), $v_mail); echo "<br /><br />"; } elseif (file_exists($file["name"])) { if (xmail("{$fromaddr}", $v_mail, "File " . basename($file["name"]), "File: " . basename($file["name"]) . "\r\n" . "Link: " . $file["link"] . ($file["comment"] ? "\r\nComments: " . str_replace("\\r\\n", "\r\n", $file["comment"]) : ""), $file["name"], $_POST["partSize"], $_POST["method"])) { if ($_POST["del_ok"] && !$options['disable_deleting']) { if (@unlink($file["name"])) { $v_ads = " and deleted!"; unset($list[$_POST["files"][$i]]); } else { $v_ads = ", but <b>not</b> deleted!</b>"; } } else { $v_ads = " !"; } echo '<script type="text/javascript">' . "mail('File <b>" . basename($file["name"]) . "</b> it is sent for the address <b>" . $v_mail . "</b>" . $v_ads . "', '" . md5(basename($file["name"])) . "');</script>\r\n<br />"; } else { echo lang(12) . "<br />"; } } else { printf(lang(145), $file['name']); echo "<br /><br />"; } } if (count($_POST["files"]) < count($v_mails)) { for ($i = count($_POST["files"]); $i < count($v_mails); $i++) { $v_mail = trim($v_mails[$i]); echo "{$v_mail}.</b><br /><br />"; } echo "</b><br />"; } elseif (count($_POST["files"]) > count($v_mails)) { for ($i = count($v_mails); $i < count($_POST["files"]); $i++) { $file = $list[$_POST["files"][$i]]; if (file_exists($file["name"])) { echo $file["name"] . "<br /><br />"; } else { printf(lang(145), $file['name']); echo "<br /><br />"; } } echo "<br />"; } if ($_POST["del_ok"]) { if (!updateListInFile($list)) { echo lang(146) . "<br /><br />"; } } }
if (count($argv) > 1) { for ($i = 1; $i < count($argv); $i++) { if (is_dir($argv[$i])) { $dh = opendir($argv[$i]); while ($fn = readdir($dh)) { if (substr($fn, 0, 1) !== '.') { $email = file_get_contents($argv[$i] . '/' . $fn); print $argv[$i] . "/{$fn}\n"; checkmail($email); } } closedir($dh); } else { $email = file_get_contents($argv[$i]); print $argv[$i] . "\n"; checkmail($email); } } } else { $handle = fopen("php://stdin", "r"); $email = stream_get_contents($handle); fclose($handle); checkmail($email); } /** * Now show the results */ foreach ($total as $t => $v) { printf("%-15s %6d\n", $t, $v); } }
<?php // функция проверяет является ли строка адресом e-mail require_once "settings.php"; function checkmail($string) { return preg_match('%[-\\.\\w]+@[-\\w]+(?:\\.[-\\w]+)+%', $string); } $link = mysql_connect(DBHOST, DBUSER, DBPASSWD) or die("Ошибка соединения: " . mysql_error()); //print "<b>Успешное подключение</b>"; mysql_select_db($DBNAME) or die("невозможно выполнить выборку из БД"); if (isset($_POST['email']) & checkmail($_POST['email']) & strlen($_POST['password']) >= 8) { $email = @mysql_real_escape_string($_POST['email']); $password = @mysql_real_escape_string($_POST['password']); $query = "SELECT * FROM users WHERE email='{$email}' AND password='******'"; $res = mysql_query($query) or trigger_error(mysql_error() . $query); if ($row = mysql_fetch_assoc($res)) { // начнём сессию и определим некоторые переменные session_start(); $_SESSION['user_id'] = $row['user_id']; $_SESSION['ip'] = $_SERVER['REMOTE_ADDR']; } header("Location: http://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); exit; } if (isset($_GET['action']) and $_GET['action'] == "logout") { session_start(); session_destroy(); header("Location: http://" . $_SERVER['HTTP_HOST'] . "/foronliner/listnonregister.php"); exit; }
$mail = $user[reg_email]; } else { $mail = $user[user_email]; } if ($user[reg_email]) { $sendmail->mail($email, stripslashes($mail_subject), stripslashes($mail_body), $mail_header); } } eval("\$fail_newsletter = \"" . gettemplate("admin.done") . "\";"); } ####################################### if ($adminaction == "edituser_save") { ### check entrys #### if (!$form[user_login] || !$form[user_name] || !$form[reg_email]) { eval("\$fail_useredit = \"" . gettemplate("fail.eingabe") . "\";"); } elseif (!checkmail($form[reg_email])) { eval("\$fail_useredit =\"" . gettemplate("fail.eingabe.invalid.mail") . "\";"); } else { if ($form[delete]) { if ($userid != 1) { $db->query_str("DELETE FROM {$tab['user']} WHERE id='{$userid}'"); } else { $inc[action] = "GastAccount cannot be deleted."; } } else { ### SAVE QUERY ### $date = time(); $query = $db->query_str("UPDATE {$tab['user']} SET \n\t\t\t\t\tuser_login='******'user_login']}',\n\t\t\t\t\tuser_name='{$form['user_name']}',\n\t\t\t\t\tuser_email='{$form['user_email']}',\n\t\t\t\t\tuser_location='{$form['user_location']}',\n\t\t\t\t\treg_email='{$form['reg_email']}',\n\t\t\t\t\tuser_icq='{$form['user_icq']}',\n\t\t\t\t\tuser_aim='{$form['user_aim']}',\n\t\t\t\t\tuser_yim='{$form['user_yim']}',\n\t\t\t\t\tuser_hp='{$form['user_hp']}',\n\t\t\t\t\tuser_interests='{$form['user_interests']}',\n\t\t\t\t\tuser_signatur='{$form['user_signatur']}',\n\t\t\t\t\tuser_text='{$form['user_text']}',\n\t\t\t\t\tuser_work='{$form['user_work']}',\n\t\t\t\t\tuser_gender='{$form['user_gender']}'\n\t\t\t\t\tWHERE id='{$userid}'"); } $adminaction = "showusers"; }
<?php // Si on reçoit des infos du formulaire de changement de mail et qu'on a bien reçu un mail if (isset($_POST['mail_change']) && $_POST['mail_change'] == 'ok' && isset($_POST['nouveau_mail'])) { $nouveau_mail = trim($_POST['nouveau_mail']); // On récupère le nouveau mail, en enlevant les caractères indésirables $resultat_test_mail = checkmail($nouveau_mail, $bdd); // On teste le mail envoyé if ($resultat_test_mail == 'isnt') { $erreur_pas_un_mail = 1; } else { if ($resultat_test_mail == 'exists') { $erreur_deja_utilise = 1; } else { if ($resultat_test_mail == 'empty') { $erreur_pas_de_mail = 1; } else { if ($resultat_test_mail == 'ok') { // On enregistre le nouveau mail $req = $bdd->prepare('UPDATE users SET mail=? WHERE id_user = ?'); $req->execute(array($nouveau_mail, $id_user)); $mail_modifie = 1; } } } } } // Si on reçoit des infos du formulaire de changement de MOT DE PASSE et qu'on a bien reçu un mdp if (isset($_POST['mdp_change']) && $_POST['mdp_change'] == 'ok' && isset($_POST['nouveau_mdp']) && isset($_POST['verif_mdp'])) {
function prepareforsave($string) { //$string = strip_tags($string); //$string = nl2br($string); return $string; } //print_r ($_POST); if ($_POST['username'] == "") { print "имя не введено<br>"; exit; } if ($_POST['mail'] == "") { print "почта на указана"; exit; } if (!checkmail($_POST['mail'])) { print "формат почты указан неверно"; exit; } if ($_POST['pass1'] == "") { print "пароль не введён"; exit; } if (strlen($_POST['pass1']) < $passlen) { print "длина пароля должна быть не менее {$passlen} символов"; exit; } if ($_POST['pass1'] != $_POST['pass2']) { print "пароль и его подтверждение не совпадают"; exit; }
/** Creates a new hosted account * * Creates a new hosted account (in the tables <code>membres</code> * and <code>local</code>). Prevents any manipulation of the account if * the account $mid is not super-admin. * * * @global m_err $err * @global m_quota $quota * @global array $classes * @global int $cuid * @global m_mem $mem * @global string $L_MYSQL_DATABASE * @global string $L_MYSQL_LOGIN * @global m_hooks $hooks * @global m_action $action * @param string $login Login name like [a-z][a-z0-9]* * @param string $pass Password (max. 64 characters) * @param string $nom Name of the account owner * @param string $prenom First name of the account owner * @param string $mail Email address of the account owner, useful to get * one's lost password * @param integer $canpass * @param string $type Account type for quotas * @param int $duration * @param string $notes * @param integer $force * @param string $create_dom * @param int $db_server_id * @return boolean Returns FALSE if an error occurs, TRUE if not. */ function add_mem($login, $pass, $nom, $prenom, $mail, $canpass = 1, $type = 'default', $duration = 0, $notes = "", $force = 0, $create_dom = '', $db_server_id) { global $err, $quota, $classes, $cuid, $mem, $L_MYSQL_DATABASE, $L_MYSQL_LOGIN, $hooks, $action; $err->log("admin", "add_mem", $login . "/" . $mail); if (!$this->enabled) { $err->raise("admin", _("-- Only administrators can access this page! --")); return false; } if (empty($db_server_id)) { $err->raise("admin", _("Missing db_server field")); return false; } if ($login == "" || $pass == "") { $err->raise("admin", _("All fields are mandatory")); return false; } if (!$force) { if ($mail == "") { $err->raise("admin", _("All fields are mandatory")); return false; } //@todo remove cf functions.php if (checkmail($mail) != 0) { $err->raise("admin", _("Please enter a valid email address")); return false; } } $login = strtolower($login); if (!preg_match("#^[a-z0-9]+\$#", $login)) { //$ $err->raise("admin", _("Login can only contains characters a-z and 0-9")); return false; } if (strlen($login) > 14) { // Not an arbitrary value : MySQL user names can be up to 16 characters long // If we want to allow people to create a few mysql_user (and we want to!) // we have to limit the login lenght $err->raise("admin", _("The login is too long (14 chars max)")); return false; } // Some login are not allowed... if ($login == $L_MYSQL_DATABASE || $login == $L_MYSQL_LOGIN || $login == "mysql" || $login == "root") { $err->raise("admin", _("Login can only contains characters a-z, 0-9 and -")); return false; } $pass = _md5cr($pass); $db = new DB_System(); $notes = mysql_real_escape_string($notes); // Already exist? $db->query("SELECT count(*) AS cnt FROM membres WHERE login='******';"); $db->next_record(); if (!$db->f("cnt")) { $db->query("SELECT max(m.uid)+1 as nextid FROM membres m"); if (!$db->next_record()) { $uid = 2000; } else { $uid = $db->Record["nextid"]; if ($uid <= 2000) { $uid = 2000; } } $db->query("INSERT INTO membres (uid,login,pass,mail,creator,canpass,type,created,notes,db_server_id) VALUES ('{$uid}','{$login}','{$pass}','{$mail}','{$cuid}','{$canpass}', '{$type}', NOW(), '{$notes}', '{$db_server_id}');"); $db->query("INSERT INTO local(uid,nom,prenom) VALUES('{$uid}','{$nom}','{$prenom}');"); $this->renew_update($uid, $duration); #exec("sudo /usr/lib/alternc/mem_add ".$login." ".$uid); $action->create_dir(getuserpath("{$login}")); $action->fix_user($uid); // Triggering hooks $mem->su($uid); // TODO: old hook method FIXME: when unused remove this /* foreach($classes as $c) { if (method_exists($GLOBALS[$c],"alternc_add_member")) { $GLOBALS[$c]->alternc_add_member(); } } */ $hooks->invoke("alternc_add_member"); // New hook way $hooks->invoke("hook_admin_add_member", array(), array('quota')); // First !!! The quota !!! Etherway, we can't be sure to be able to create all $hooks->invoke("hook_admin_add_member"); $mem->unsu(); if (!empty($create_dom)) { $this->add_shared_domain($uid, $create_dom); } return $uid; } else { $err->raise("admin", _("This login already exists")); return false; } }
$_POST['userid'] = 0; } $_POST['file'] = $_FILES['file']['name']; $_POST['tempfile'] = 'downloads/uploads/' . $stamp . '-' . $_FILES['file']['name']; $_POST['addtime'] = time(); $_POST['send_ip'] = get_remoteaddr(); $_POST['local'] = 1; $_POST['secid'] = 'all'; $_POST['text'] = strtr(strip_tags($_POST['text']), array("\r\n" => "<br />\r\n", "\n" => "<br />\n")); if ($set['downloads']['coms']) { $_POST['allowcoms'] = 1; } if ($set['downloads']['ratings']) { $_POST['allowrating'] = 1; } if (checkmail($_POST['author_link'])) { $_POST['author_link'] = 'mailto:' . $_POST['author_link']; } //eMail-Benachrichtigung if ($set['downloads']['mailonnew']) { $input = array('URL' => HTTP); sendmail($set['downloads']['mailonnew'], 'SENDDOWNLOAD', $input); } //Captcha löschen if ($set['downloads']['captcha'] && !$user->info['userid']) { $captcha->remove(); } $db->dinsert(PRE . '_downloads', 'userid,secid,catid,send_username,send_email,send_ip,file,tempfile,local,title,text,author,author_link,addtime,allowcoms,allowrating'); message($apx->lang->get('MSG_OK'), mklink('downloads.php', 'downloads.html')); } //SCRIPT BEENDEN
// Vérification que c'est bien une image if (!$image->isImage()) { die('image non trouvée'); } function checkmail($mail) { if (eregi("^[0-9a-z]([-_.~]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]{2,4}\$", $mail)) { return true; } else { return false; } } if (!checkmail($_REQUEST['from_email'])) { die("L'adresse email de l'expéditeur n'est pas valide, utilisez le bouton précédent pour la corriger"); } if (!checkmail($_REQUEST['to_email'])) { die("L'adresse email du destinataire n'est pas valide, utilisez le bouton précédent pour la corriger"); } if (empty($_REQUEST['message'])) { die("Le message est vide, utilisez le bouton précédent pour la corriger"); } // sauvegarde du formulaire dans session $_SESSION['ecard']['from_email'] = $_REQUEST['from_email']; $_SESSION['ecard']['from_name'] = $_REQUEST['from_name']; $_SESSION['ecard']['to_email'] = $_REQUEST['to_email']; $_SESSION['ecard']['message'] = $_REQUEST['message']; $_SESSION['ecard']['message'] = str_replace("\n", '', $_SESSION['ecard']['message']); $_SESSION['ecard']['message'] = str_replace("\r", '', $_SESSION['ecard']['message']); /* echo '<pre>'; print_r($_SESSION['ecard']);
function checkmail($user_email) { //验证电子邮件地址 if (preg_match("/\\w+([-+.]\\w+)*@\\w+([-.]\\w+)*\\.\\w+([-.]\\w+)*/", $user_email)) { return true; } else { return false; } } if (get_argp("user_name") == NULL) { action_return(0, $re_langpackage->re_empty_name, "-1"); } if (!login_check(get_argp("user_name"))) { action_return(0, $re_langpackage->re_right_name, "-1"); } if (!checkmail(get_argp("user_email")) || !login_check(get_argp("user_email"))) { action_return(0, $re_langpackage->re_right_email, "-1"); } if (strlen(get_argp("user_repassword")) < 6) { action_return(0, $re_langpackage->re_pass_limit, "-1"); } $user_name = short_check(get_argp("user_name")); $user_pws = md5(get_argp("user_password")); $user_sex = intval(get_argp("user_sex")); $user_email = short_check(get_argp("user_email")); $is_pass = 1; $user_vericode = get_argp("veriCode"); $invite_fromuid = 0; if (get_session('InviteFromUid')) { $invite_fromuid = get_session('InviteFromUid'); }
require_once 'functions.php'; $valid = TRUE; if (isset($_POST['submit'])) { foreach ($_POST as $key => $value) { ${$key} = $value; } $valid = $fn = checklength($fname, 1, 30); $ln = checklength($lname, 1, 30); $valid = $valid && $ln; $em = checkemail($email); $valid = $valid && $em; $ps = checkpassword($password); $valid = $valid && $ps; $ps2 = $password == $password2; $valid = $valid && $ps2; $zp = checkmail($zipcode, 'US'); $valid = $valid && $zp; if ($valid) { echo "form filled successfully!"; exit; } } else { $fn = $ln = $em = $ps = $ps2 = $hp = $zp = TRUE; $fname = $lname = $email = $zipcode = $omepage = ""; } if (!$valid) { ?> <style type="text/css"> td.error { color:#F00;
$yetki = $_POST["yetki"]; $tarih = date("y-m-d"); if ($kullanici_adi == "" or $parola == "" or $parolatekrar == "" or $eposta == "" or $yetki == "" or $adi == "") { echo "<center><i class='fa fa-frown-o'></i> Lütfen tüm alanları eksiksiz doldurun!</center>"; header("Refresh: 2; url=index.php?sayfa=uyeekle"); return; } elseif ($parola != $parolatekrar) { echo "<center><i class='fa fa-frown-o'></i> Parola ve Parola Tekrar alanları aynı olmalı!</center>"; header("Refresh: 2; url=index.php?sayfa=uyeekle"); return; } function checkmail($eposta) { return filter_var($eposta, FILTER_VALIDATE_EMAIL); } if (!checkmail($eposta)) { echo "<center><i class='fa fa-frown-o'></i> Yazdığınız e-posta adresi geçersiz!</center>"; header("Refresh: 2; url=index.php?sayfa=uyeekle"); return; } $isim_kontrol = mysql_query("select * from tlg_uyeler where k_adi='" . $kullanici_adi . "'") or die(mysql_error()); $uye_varmi = mysql_num_rows($isim_kontrol); if ($uye_varmi > 0) { echo "<center><i class='fa fa-frown-o'></i> Kullanıcı adı başka bir üye tarafından kullanılıyor!</center>"; header("Refresh: 2; url=index.php?sayfa=uyeekle"); return; } $eposta_kontrol = mysql_query("select * from tlg_uyeler where eposta='" . $eposta . "'") or die(mysql_error()); $eposta_varmi = mysql_num_rows($eposta_kontrol); if ($eposta_varmi > 0) { echo "<center><i class='fa fa-frown-o'></i> E-Posta başka bir üye tarafından kullanılıyor!</center>";
function mail_go() { global $list, $options, $L; require_once CLASS_DIR . "mail.php"; if (!checkmail($_POST["email"])) { echo $L->say['invalid_email'] . "<br /><br />"; } else { $_POST["partSize"] = isset($_POST["partSize"]) & $_POST["split"] == "on" ? $_POST["partSize"] * 1024 * 1024 : FALSE; for ($i = 0; $i < count($_POST["files"]); $i++) { $file = $list[$_POST["files"][$i]]; if (file_exists($file["name"])) { if (xmail("{$fromaddr}", $_POST['email'], "File " . basename($file["name"]), "File: " . basename($file["name"]) . "\r\n" . "Link: " . $file["link"] . ($file["comment"] ? "\r\nComments: " . str_replace("\\r\\n", "\r\n", $file["comment"]) : ""), $file["name"], $_POST["partSize"], $_POST["method"])) { if ($_POST["del_ok"] && !$options['disable_to']['act_del']) { if (@unlink($file["name"])) { $v_ads = " " . $L->say['_and_del'] . ""; unset($list[$_POST["files"][$i]]); } else { $v_ads = ", " . $L->say['_but'] . " <b>" . $L->say['_not_del'] . "</b>"; } } else { $v_ads = " !"; } echo '<script type="text/javascript">' . "<!--\r\nmail('File <b>" . basename($file["name"]) . "</b> " . $L->say['send_for_addr'] . " <b>" . $_POST["email"] . "</b>" . $v_ads . "', '" . md5(basename($file["name"])) . "');//-->\r\n</script>\r\n<br />"; } else { echo $L->say['error_send'] . "<br />"; } } else { echo $L->sprintf($L->say['not_found'], $file['name']) . "<br /><br />"; } } } }
if (@mail($this_user['email'], "Забытый пароль", $message, "From: Sniffer Bot <$from_email>\nContent-Type: text/plain; charset=windows-1251")) $send_ok = true; } else error_message("send", 3); } if ($reg and $_POST['create']) { $user['login'] = strtolower($_POST['login']); if (!preg_match("/^[a-zA-Z1-9_]{1,20}$/", $user['login'])) error_message("create", 1); if ($user['login'] == "refresh" or $user['login'] == "i" or $user['login'] == "s") error_message("create", 3); $user['password'] = trim($_POST['password']); if (!preg_match("/^[a-zA-Z1-9_]{1,20}$/", $user['password'])) error_message("create", 2); foreach ($users as $key => $entrie) { $some_user = unserialize($entrie); if ($some_user['login'] == $user['login']) error_message("create", 3); } $user['email'] = checkmail($_POST['email']); if ($user['email'] != $_POST['email']) error_message("create", 4); $user['last_visited'] = time(); $entrie = serialize($user); $users[] = $entrie; $users_content = serialize($users); put_file_content($users_filename, $users_content); } if ($styles_enabled) { if ($_GET['style'] and file_exists("styles/".$_GET['style'].".css")) $style_filename = $_GET['style'].".css"; elseif ($_COOKIE['s_style'] and file_exists("styles/".$_COOKIE['s_style'].".css")) $style_filename = $_COOKIE['s_style'].".css"; $current_style = substr($style_filename, 0, strpos($style_filename, ".css")); setcookie("s_style", $current_style, time()+7776000); }
function addcom() { global $db, $apx, $user; $_POST['mid'] = (int) $_POST['mid']; if (!$_POST['mid']) { die('missing mID!'); } //if ( !$apx->is_module($_POST['module']) ) die('invalid MODULE!'); $apx->lang->drop('add', 'comments'); list($spam) = $db->first("SELECT time FROM " . PRE . "_comments WHERE ( module='" . addslashes($_POST['module']) . "' AND ip='" . get_remoteaddr() . "' AND mid='" . $_POST['mid'] . "' ) ORDER BY time DESC"); //Captcha prüfen if ($this->set['captcha'] && !$user->info['userid']) { require BASEDIR . 'lib/class.captcha.php'; $captcha = new captcha(); $captchafailed = $captcha->check(); } if ($user->info['userid']) { if ($captchafailed) { message($apx->lang->get('MSG_COM_WRONGCODE'), 'javascript:history.back()'); } elseif ($this->ip_is_blocked()) { message($apx->lang->get('MSG_COM_BLOCKIP'), 'back'); } elseif (!$_POST['text'] || $this->set['req_title'] && !$_POST['title']) { message('back'); } elseif ($this->text_is_blocked()) { message($apx->lang->get('MSG_COM_BLOCKTEXT'), 'back'); } elseif ($this->set['maxlen'] && strlen($_POST['text']) > $this->set['maxlen']) { message($apx->lang->get('MSG_COM_TOOLONG'), 'back'); } elseif ($spam + $this->set['spamprot'] * 60 > time()) { message($apx->lang->get('MSG_COM_BLOCKSPAM', array('SEC' => $spam + $this->set['spamprot'] * 60 - time())), 'back'); } else { if ($this->set['mod'] && !$user->is_team_member()) { $_POST['active'] = 0; } else { $_POST['active'] = 1; } $_POST['userid'] = $user->info['userid']; $_POST['username'] = $user->info['username']; $_POST['time'] = time(); $_POST['ip'] = get_remoteaddr(); $db->dinsert(PRE . '_comments', 'module,mid,userid,username,title,text,time,notify,ip,active'); $comid = $db->insert_id(); //eMail-Benachrichtigung (Admin) if ($this->set['mailonnew']) { $text = strip_tags(dbcodes($_POST['text'])); $input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI'], 'TEXT' => $text); sendmail($this->set['mailonnew'], 'SENDCOM', $input); } //eMail-Benachrichtigung (User) if ($_POST['active']) { $data = $db->fetch("\n\t\t\t\t\t\tSELECT DISTINCT IF(c.userid, u.email, c.email) AS email\n\t\t\t\t\t\tFROM " . PRE . "_comments AS c\n\t\t\t\t\t\tLEFT JOIN " . PRE . "_user AS u USING(userid)\n\t\t\t\t\t\tWHERE c.module='" . addslashes($_POST['module']) . "' AND c.mid='" . addslashes($_POST['mid']) . "' AND c.notify=1 AND c.id!='" . $comid . "' AND c.userid!=" . $user->info['userid'] . "\n\t\t\t\t\t"); if (count($data)) { foreach ($data as $res) { $input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI']); sendmail($res['email'], 'NOTIFYCOM', $input); } } //Notify zurücksetzen $db->query("UPDATE " . PRE . "_comments SET notify=0 WHERE module='" . addslashes($_POST['module']) . "' AND mid='" . addslashes($_POST['mid']) . "' AND id!='" . $comid . "'"); } //Captcha löschen if ($this->set['captcha'] && !$user->info['userid']) { $captcha->remove(); } message($apx->lang->get('MSG_COM_OK'), str_replace('&', '&', $_SERVER['REQUEST_URI'])); } } elseif ($this->set['pub']) { if (!checkmail($_POST['email'])) { if ($this->set['req_email']) { $emailnotvalid = true; } else { $_POST['email'] = ''; } } if ($captchafailed) { message($apx->lang->get('MSG_COM_WRONGCODE'), 'javascript:history.back()'); } elseif ($this->ip_is_blocked()) { message($apx->lang->get('MSG_COM_BLOCKIP'), 'back'); } elseif (!$_POST['username'] || !$_POST['text'] || $this->set['req_email'] && !$_POST['email'] || $this->set['req_homepage'] && !$_POST['homepage'] || $this->set['req_title'] && !$_POST['title']) { message('back'); } elseif ($_POST['notify'] && !$_POST['email']) { message($apx->lang->get('MSG_COM_MAILNEEDED'), 'back'); } elseif ($this->text_is_blocked()) { message($apx->lang->get('MSG_COM_BLOCKTEXT'), 'back'); } elseif ($this->set['entrymaxlen'] && strlen($_POST['text']) > $this->set['entrymaxlen']) { message($apx->lang->get('MSG_COM_TOOLONG'), 'back'); } elseif ($emailnotvalid) { message($apx->lang->get('MSG_COM_EMAILNOTVALID'), 'back'); } elseif ($spam + $this->set['spamprot'] * 60 > time()) { message($apx->lang->get('MSG_COM_BLOCKSPAM', array('SEC' => $spam + $this->set['spamprot'] * 60 - time())), 'back'); } else { if (substr($_POST['homepage'], 0, 4) == 'www.') { $_POST['homepage'] = 'http://' . $_POST['homepage']; } if ($this->set['mod']) { $_POST['active'] = 0; } else { $_POST['active'] = 1; } $_POST['time'] = time(); $_POST['ip'] = get_remoteaddr(); $db->dinsert(PRE . '_comments', 'module,mid,userid,username,email,homepage,title,text,time,notify,ip,active'); //eMail-Benachrichtigung (Admin) if ($this->set['mailonnew']) { $text = strip_tags(dbcodes($_POST['text'])); $input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI'], 'TEXT' => $text); sendmail($this->set['mailonnew'], 'SENDCOM', $input); } //eMail-Benachrichtigung (User) if ($_POST['active']) { $data = $db->fetch("\n\t\t\t\t\t\tSELECT DISTINCT IF(c.userid, u.email, c.email) AS email\n\t\t\t\t\t\tFROM " . PRE . "_comments AS c\n\t\t\t\t\t\tLEFT JOIN " . PRE . "_user AS u USING(userid)\n\t\t\t\t\t\tWHERE c.module='" . addslashes($_POST['module']) . "' AND c.mid='" . addslashes($_POST['mid']) . "' AND c.notify=1 AND c.id!='" . $comid . "'\n\t\t\t\t\t"); if (count($data)) { foreach ($data as $res) { $input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI']); sendmail($res['email'], 'NOTIFYCOM', $input); } } //Notify zurücksetzen $db->query("UPDATE " . PRE . "_comments SET notify=0 WHERE module='" . addslashes($_POST['module']) . "' AND mid='" . addslashes($_POST['mid']) . "' AND id!='" . $comid . "'"); } //Captcha löschen if ($this->set['captcha'] && !$user->info['userid']) { $captcha->remove(); } message($apx->lang->get('MSG_COM_OK'), str_replace('&', '&', $_SERVER['REQUEST_URI'])); } } }
} function filexist($filename) { if (file_exists('../cache/' . $filename)) { unlink('../cache/' . $filename); echo '0'; } else { echo '1'; } } if (isset($_REQUEST['f']) && $_REQUEST['f'] == 'user1') { echo checkuser($_REQUEST['captcha']); } if (isset($_REQUEST['f']) && $_REQUEST['f'] == 'user') { echo checkuser($_REQUEST['username']); } if (isset($_REQUEST['f']) && $_REQUEST['f'] == 'mail') { echo checkmail($_REQUEST['email']); } if (isset($_REQUEST['f']) && $_REQUEST['f'] == 'userc') { echo checkuserc($_REQUEST['username']); } if (isset($_REQUEST['f']) && $_REQUEST['f'] == 'mailc') { echo checkmailc($_REQUEST['email']); } if (isset($_REQUEST['f']) && $_REQUEST['f'] == 'df') { echo deletfile($_REQUEST['df']); } if (isset($_REQUEST['f']) && $_REQUEST['f'] == 'fe') { echo filexist($_REQUEST['fe']); }
setcookie("proxy", "", TIME_NOW - 3600); setcookie("proxyuser", "", TIME_NOW - 3600); setcookie("proxypass", "", TIME_NOW - 3600); setcookie("split", "", TIME_NOW - 3600); setcookie("partSize", "", TIME_NOW - 3600); setcookie("savesettings", "", TIME_NOW - 3600); setcookie("clearsettings", "", TIME_NOW - 3600); setcookie("premium_acc", "", TIME_NOW - 3600); setcookie("premium_user", "", TIME_NOW - 3600); setcookie("premium_pass", "", TIME_NOW - 3600); } if (isset($_REQUEST["savesettings"]) && $_REQUEST["savesettings"] == "on") { setcookie("savesettings", TRUE, TIME_NOW + 800600); if ($_REQUEST["domail"] == "on") { setcookie("domail", TRUE, TIME_NOW + 800600); if (checkmail($_REQUEST["email"])) { setcookie("email", $_REQUEST["email"], TIME_NOW + 800600); } else { setcookie("email", "", TIME_NOW - 3600); } if ($_REQUEST["split"] == "on") { setcookie("split", TRUE, TIME_NOW + 800600); if (is_numeric($_REQUEST["partSize"])) { setcookie("partSize", $_REQUEST["partSize"], TIME_NOW + 800600); } else { setcookie("partSize", "", TIME_NOW - 3600); } if (in_array($_REQUEST["method"], array("tc", "rfc"))) { setcookie("method", $_REQUEST["method"], TIME_NOW + 800600); } else { setcookie("method", "", TIME_NOW - 3600);
$captcha = new captcha(); $captchafailed = $captcha->check(); } if ($captchafailed) { message($apx->lang->get('MSG_WRONGCODE'), 'javascript:history.back()'); } elseif (!$_POST['username'] || !$_POST['pwd1'] || !$_POST['pwd2'] || !$_POST['email1'] || !$_POST['email2']) { message('back'); } elseif ($_POST['pwd1'] != $_POST['pwd2']) { message($apx->lang->get('MSG_PWNOMATCH'), 'javascript:history.back()'); } elseif ($set['user']['userminlen'] && strlen($_POST['username']) < $set['user']['userminlen']) { message($apx->lang->get('MSG_USERLENGTH', array('LENGTH' => $set['user']['userminlen'])), 'javascript:history.back()'); } elseif ($set['user']['pwdminlen'] && strlen($_POST['pwd1']) < $set['user']['pwdminlen']) { message($apx->lang->get('MSG_PWDLENGTH', array('LENGTH' => $set['user']['pwdminlen'])), 'javascript:history.back()'); } elseif ($_POST['email1'] != $_POST['email2']) { message($apx->lang->get('MSG_EMAILNOMATCH'), 'javascript:history.back()'); } elseif (!checkmail($_POST['email1'])) { message($apx->lang->get('MSG_NOMAIL'), 'javascript:history.back()'); } elseif ($blockname) { message($apx->lang->get('MSG_USERNOTALLOWED', array('STRING' => $blockname)), 'javascript:history.back()'); } elseif ($check) { message($apx->lang->get('MSG_USEREXISTS'), 'javascript:history.back()'); } elseif (!$set['user']['mailmultiacc'] && $check2) { message($apx->lang->get('MSG_MAILEXISTS'), 'javascript:history.back()'); } else { //Captcha löschen if ($set['user']['captcha']) { $captcha->remove(); } if (substr($_POST['homepage'], 0, 4) == 'www.') { $_POST['homepage'] = 'http://' . $_POST['homepage']; }
function edit() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send'] == 1) { $emails = explode(',', $_POST['email']); foreach ($emails as $one) { if (!checkmail(trim($one))) { $wrongmail = true; break; } } if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['title'] || !$_POST['email']) { infoNotComplete(); } elseif ($wrongmail) { info($apx->lang->get('INFO_NOEMAIL', array('EMAIL' => $one))); } else { $db->dupdate(PRE . '_contact', 'title,email', " WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); logit('CONTACT_EDIT', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('contact.show')); } } else { list($_POST['title'], $_POST['email']) = $db->first("SELECT title,email FROM " . PRE . "_contact WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('EMAIL', compatible_hsc($_POST['email'])); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('ACTION', 'edit'); $apx->tmpl->parse('add_edit'); } }
<?php include "./config.php"; $message = ""; $uname = $_POST["uname"]; $mail = $_POST["mail"]; $blog = $_POST["blog"]; $address = $_POST["address"]; $gid = $_GET["gid"]; if (checkmail($mail) == true) { $md5string = md5($uname . $mail . $gid . "adbcde"); if (isSameMail($mail) == true) { //用update,已有mail 資訊 $sql = "UPDATE `subscription_user` SET `name` = '{$uname}',\r\n\t\t\t\t`md5` = '{$md5string}',\r\n\t\t\t\t`blog` = '{$blog}',\r\n\t\t\t\t`address` = '{$address}',\r\n\t\t\t\t`user_disable` = '0' WHERE CONVERT( `subscription_user`.`Email` USING utf8 ) = '{$mail}' and `subscription_user`.gid = {$gid} LIMIT 1 "; $rs =& $conn->Execute($sql); } else { // 用add $sql = "INSERT INTO `subscription_user` (`name` ,`Email` ,`blog`,`address`,`md5` ,`active` ,`user_disable`,`gid`)\r\n\t\t\t\tVALUES ('{$uname}', '{$mail}','{$blog}','{$address}', '{$md5string}', '0', '0',{$gid})"; $rs =& $conn->Execute($sql); } } else { $message = "E-mail填寫錯誤"; } if ($message == "") { $groupObj = get_group_content($conn, $gid); $to = $mail; $authenticateURL = __SITE_URL . "authenticate.php?key=" . $md5string; $authenticateURL = "<a href=\"{$authenticateURL}\">{$authenticateURL}</a>"; $body = $groupObj["checkMail"]; $body = str_replace('{$uname}', $uname, $body); $body = str_replace('{$umail}', $mail, $body);
tmessage('noright', array(), false, false); } check_forum_password($foruminfo); /////////////////////////////////////////////////////////////////////////////////////// Seite empfehlen if ($_POST['send']) { //Captcha prüfen if ($set['main']['tellcaptcha'] && !$user->info['userid']) { require BASEDIR . 'lib/class.captcha.php'; $captcha = new captcha(); $captchafailed = $captcha->check(); } if ($captchafailed) { message($apx->lang->get('MSG_WRONGCODE'), 'javascript:history.back()'); } elseif (!$_POST['username'] || !$_POST['email'] || !$_POST['toemail'] || !$_POST['subject'] || !$_POST['text']) { message('back'); } elseif (!checkmail($_POST['email']) || !checkmail($_POST['toemail'])) { message($apx->lang->get('MSG_MAILNOTVALID'), 'back'); } else { $goto = HTTP . $set['forum']['directory'] . '/' . mkrellink('thread.php?id=' . $threadinfo['threadid'], 'thread,' . $threadinfo['threadid'] . ',1' . urlformat($threadinfo['title']) . '.html'); mail($_POST['toemail'], $_POST['subject'], $_POST['text'], 'From: ' . $_POST['username'] . '<' . $_POST['email'] . '>'); message($apx->lang->get('MSG_OK'), $goto); } } else { $url = HTTP . $set['forum']['directory'] . '/' . mkrellink('thread.php?id=' . $threadinfo['threadid'], 'thread,' . $threadinfo['threadid'] . ',1' . urlformat($threadinfo['title']) . '.html'); //Captcha erstellen if ($set['main']['tellcaptcha'] && !$user->info['userid']) { require BASEDIR . 'lib/class.captcha.php'; $captcha = new captcha(); $captchacode = $captcha->generate(); } $apx->tmpl->assign('POSTTO', $_SERVER['REQUEST_URI']);
/** update a crontab, * @return boolean TRUE if the crontab has been edited */ private function _update_one($url, $user, $password, $email, $schedule, $id = null) { global $db, $err, $quota, $cuid; $err->log("cron", "update_one"); if (empty($url) && !is_null($id)) { return $this->delete_one($id); } if (filter_var($url, FILTER_VALIDATE_URL) === false) { $err->raise("cron", _("URL not valid")); return false; } $url = urlencode($url); $user = urlencode($user); if (empty($user)) { $password = ''; } $password = urlencode($password); //@todo remove checkmail cf functions.php if (!empty($email) && !checkmail($email) == 0) { $err->raise("cron", _("Email address is not valid")); return false; } $email = urlencode($email); if (!$this->valid_schedule($schedule)) { return false; } if (is_null($id)) { // if a new insert, quotacheck $q = $quota->getquota("cron"); if ($q["u"] >= $q["t"]) { $err->raise("cron", _("You quota of cron entries is over. You cannot create more cron entries")); return false; } } else { // if not a new insert, check the $cuid $db->query("SELECT uid FROM cron WHERE id = {$id};"); if (!$db->next_record()) { return "false"; } // return false if pb if ($db->f('uid') != $cuid) { $err->raise("cron", _("Identity problem")); return false; } } $query = "REPLACE INTO cron (id, uid, url, user, password, schedule, email) VALUES ('{$id}', '{$cuid}', '{$url}', '{$user}', '{$password}', '{$schedule}', '{$email}') ;"; return $db->query("{$query}"); }
function mail_go() { global $list, $options, $fromaddr; require_once CLASS_DIR . "mail.php"; if (!checkmail($_POST["email"])) { echo lang(166) . "<br /><br />"; } else { $_POST["partSize"] = isset($_POST["partSize"]) & $_POST["split"] == "on" ? $_POST["partSize"] * 1024 * 1024 : FALSE; for ($i = 0; $i < count($_POST["files"]); $i++) { $file = $list[$_POST["files"][$i]]; if (file_exists($file["name"])) { if (xmail("{$fromaddr}", $_POST['email'], "File " . basename($file["name"]), "File: " . basename($file["name"]) . "\r\n" . "Link: " . $file["link"] . ($file["comment"] ? "\r\nComments: " . str_replace("\\r\\n", "\r\n", $file["comment"]) : ""), $file["name"], $_POST["partSize"], $_POST["method"])) { if ($_POST["del_ok"] && !$options['disable_deleting']) { if (@unlink($file["name"])) { $v_ads = " and deleted."; unset($list[$_POST["files"][$i]]); } else { $v_ads = ", but <b>not deleted!</b>"; } } else { $v_ads = " !"; } echo '<script type="text/javascript">' . "<!--\r\nmail('File <b>" . basename($file["name"]) . "</b> it is sent for the address <b>" . $_POST["email"] . "</b>" . $v_ads . "', '" . md5(basename($file["name"])) . "');//-->\r\n</script>\r\n<br />"; } else { echo lang(12) . "<br />"; } } else { printf(lang(145), $file['name']); echo "<br /><br />"; } } } }
function boxes_go() { global $list, $options, $fromaddr, $L; require_once CLASS_DIR . "mail.php"; $_POST["partSize"] = isset($_POST["partSize"]) & $_POST["split"] == "on" ? $_POST["partSize"] * 1024 * 1024 : FALSE; $v_mails = explode("\n", $_POST['emails']); $v_min = count(count($_POST["files"]) < count($v_mails) ? $_POST["files"] : $v_mails); for ($i = 0; $i < $v_min; $i++) { $file = $list[$_POST["files"][$i]]; $v_mail = trim($v_mails[$i]); if (!checkmail($v_mail)) { echo $L->sprintf($L->say['invalid_email_addr'], $v_mail) . "<br /><br />"; } elseif (file_exists($file["name"])) { if (xmail("{$fromaddr}", $v_mail, "File " . basename($file["name"]), "File: " . basename($file["name"]) . "\r\n" . "Link: " . $file["link"] . ($file["comment"] ? "\r\nComments: " . str_replace("\\r\\n", "\r\n", $file["comment"]) : ""), $file["name"], $_POST["partSize"], $_POST["method"])) { if ($_POST["del_ok"] && !$options['disable_to']['act_del']) { if (@unlink($file["name"])) { $v_ads = " " . $L->says['_and_del']; unset($list[$_POST["files"][$i]]); } else { $v_ads = ", " . $L->say['_but'] . " <b>" . $L->say['_not_del'] . "</b>"; } } else { $v_ads = " !"; } echo '<script type="text/javascript">' . "mail('File <b>" . basename($file["name"]) . "</b> it is sent for the address <b>" . $v_mail . "</b>" . $v_ads . "', '" . md5(basename($file["name"])) . "');</script>\r\n<br />"; } else { echo "<b class=\"r\">" . $L->say['error_send'] . "</b><br />"; } } else { echo $L->sprintf($L->say['not_found'], $file['name']) . "<br /><br />"; } } if (count($_POST["files"]) < count($v_mails)) { for ($i = count($_POST["files"]); $i < count($v_mails); $i++) { $v_mail = trim($v_mails[$i]); echo "{$v_mail}.</b><br /><br />"; } echo "</b><br />"; } elseif (count($_POST["files"]) > count($v_mails)) { for ($i = count($v_mails); $i < count($_POST["files"]); $i++) { $file = $list[$_POST["files"][$i]]; if (file_exists($file["name"])) { echo $file["name"] . "<br /><br />"; } else { echo $L->sprintf($L->say['not_found'], $file['name']) . "<br /><br />"; } } echo "<br />"; } if ($_POST["del_ok"]) { if (!updateListInFile($list)) { echo $L->say['error_upd_list'] . "<br /><br />"; } } }
} if ($options['ref_check']) { check_referer(); } // Detect if it doesn't have a protocol assigned if (stripos($LINK, '://') === false || strtolower(substr($LINK, 0, 7)) != 'http://' && strtolower(substr($LINK, 0, 6)) != 'ftp://' && strtolower(substr($LINK, 0, 6)) != 'ssl://' && strtolower(substr($LINK, 0, 8)) != 'https://') { // Automatically assign http:// $LINK = 'http://' . $LINK; } if (!empty($_GET['saveto']) && empty($_GET['path'])) { html_error(lang(6)); } if (empty($_GET['useproxy'])) { $_GET['proxy'] = ''; } if (!empty($_GET['domail']) && !checkmail($_GET['email'])) { html_error(lang(3)); if (!empty($_GET['split']) && !is_numeric($_GET['partSize'])) { html_error(lang(4)); } // T-8: Check this. } $Url = parse_url($LINK); $Url['scheme'] = strtolower($Url['scheme']); $Url['path'] = empty($Url['path']) ? '/' : str_replace('%7C', '|', $Url['path']); $LINK = rebuild_url($Url); if (empty($_GET['referer'])) { $Referer = $Url; $Referer['scheme'] = strtolower($Referer['scheme']); // Remove login from Referer unset($Referer['user'], $Referer['pass']);
{ $sql = "SELECT count(1) FROM `mail` WHERE \n\t\t\t\tnew_mail=1 AND `to_user`='" . $_SESSION['user_id'] . "'"; $result = mysql_query($sql); if (!$result) { return false; } $row = mysql_fetch_row($result); $retmsg = "<span id=red>(" . $row[0] . ")</span>"; mysql_free_result($result); return $retmsg; } $profile = ""; if (isset($_SESSION['user_id'])) { $sid = $_SESSION['user_id']; $profile .= "<i class=icon-user></i><a href=./modifypage.php>{$MSG_USERINFO}</a> <a href='./userinfo.php?user={$sid}'><span id=red>{$sid}</span></a>"; $mail = checkmail(); if ($mail) { $profile .= " <i class=icon-envelope></i><a href=./mail.php>{$mail}</a>"; } $profile .= " <a href='./status.php?user_id={$sid}'><span id=red>Recent</span></a>"; $profile .= " <a href=./logout.php>{$MSG_LOGOUT}</a> "; } else { if ($OJ_WEIBO_AUTH) { $profile .= "<a href=./login_weibo.php>{$MSG_LOGIN}(WEIBO)</a> "; } if ($OJ_RR_AUTH) { $profile .= "<a href=./login_renren.php>{$MSG_LOGIN}(RENREN)</a> "; } if ($OJ_QQ_AUTH) { $profile .= "<a href=./login_qq.php>{$MSG_LOGIN}(QQ)</a> "; }
function eimport() { global $set, $db, $apx; if ($_POST['catid'][0] == 'all' || !isset($_POST['catid'])) { $_POST['catid'] = array('all'); } if ($_POST['send'] == 1) { $emails = explode("\n", $_POST['email']); $emails = array_map('trim', $emails); $wrongmails = array(); foreach ($emails as $email) { if (!strlen($email)) { continue; } if ($email && !checkmail($email)) { $wrongmails[] = $email; } } if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['catid']) { infoNotComplete(); } elseif ($wrongmails) { info($apx->lang->get('INFO_WRONGSYNTAX', array('EMAILS' => implode(', ', $wrongmails)))); } else { //Kategorien if ($_POST['catid'][0] == 'all') { $catids = array_keys($set['newsletter']['categories']); } else { $catids = array_unique(array_map('intval', $_POST['catid'])); } foreach ($emails as $email) { if (!strlen($email)) { continue; } list($aboId) = $db->first("SELECT id FROM " . PRE . "_newsletter_emails WHERE email LIKE '" . addslashes_like($email) . "' LIMIT 1"); //Email bereits vorhanden if ($aboId) { foreach ($catids as $catid) { $db->query("\n\t\t\t\t\t\t\tINSERT IGNORE INTO " . PRE . "_newsletter_emails_cat\n\t\t\t\t\t\t\t(eid, catid, active, html) VALUES\n\t\t\t\t\t\t\t('" . $aboId . "', '" . $catid . "', '1', '" . ($_POST['html'] ? true : false) . "')\n\t\t\t\t\t\t"); if ($db->affected_rows() == 0) { $db->query("\n\t\t\t\t\t\t\t\tUPDATE " . PRE . "_newsletter_emails_cat\n\t\t\t\t\t\t\t\tSET active=1, html='" . ($_POST['html'] ? 1 : 0) . "', incode=''\n\t\t\t\t\t\t\t\tWHERE eid='" . $aboId . "' AND catid='" . $catid . "'\n\t\t\t\t\t\t\t\tLIMIT 1\n\t\t\t\t\t\t\t"); } } } else { $db->query("INSERT INTO " . PRE . "_newsletter_emails (email) VALUES ('" . addslashes($email) . "')"); $nid = $db->insert_id(); foreach ($catids as $catid) { $db->query("\n\t\t\t\t\t\t\tINSERT INTO " . PRE . "_newsletter_emails_cat\n\t\t\t\t\t\t\t(eid, catid, active, html) VALUES\n\t\t\t\t\t\t\t('" . $nid . "', '" . $catid . "', '1', '" . ($_POST['html'] ? true : false) . "')\n\t\t\t\t\t\t"); } } logit('NEWSLETTER_EADD', 'ID #' . $nid); } logit('NEWSLETTER_EIMPORT'); printJSRedirect(get_index('newsletter.eshow')); } } else { //Kategorien $catinfo = $set['newsletter']['categories']; asort($catinfo); $catlist = '<option value="all"' . iif($_POST['catid'][0] == 'all', 'selected="selected"') . ' style="font-weight:bold;">' . $apx->lang->get('ALL') . '</option>'; foreach ($catinfo as $id => $name) { $catlist .= '<option value="' . $id . '"' . iif(in_array($id, $_POST['catid']), 'selected="selected"') . '>' . replace($name) . '</option>'; } $apx->tmpl->assign('CATLIST', $catlist); $apx->tmpl->assign('EMAIL', ''); $apx->tmpl->assign('HTML', 0); $apx->tmpl->parse('eimport'); } }