function unsetcookies()
{
foreach (func_get_args() as $name) {
if (!empty($name) && !empty($_COOKIE[$name])) {
setcookie($name, '', time() - 3600);
unset($_COOKIE[$name]);
}
}
}
if (!empty($_COOKIE['clearsettings'])) {
unsetcookies('domail', 'email', 'saveto', 'path', 'useproxy', 'proxy', 'proxyuser', 'proxypass', 'split', 'partSize', 'savesettings', 'clearsettings', 'premium_acc', 'premium_user', 'premium_pass');
}
if (!empty($_GET['savesettings']) && $_GET['savesettings'] == 'on') {
$expiretime = time() + 800600;
setcookie('savesettings', '1', $expiretime);
if (!empty($_GET['domail']) && $_GET['domail'] == 'on' && !empty($_GET['email']) && checkmail($_GET['email'])) {
setcookie('domail', '1', $expiretime);
setcookie('email', $_GET['email'], $expiretime);
if (!empty($_GET['split']) && $_GET['split'] == 'on') {
setcookie('split', '1', $expiretime);
if (!empty($_GET['partSize']) && is_numeric($_GET['partSize'])) {
setcookie('partSize', $_GET['partSize'], $expiretime);
} else {
unsetcookies('partSize');
}
if (!empty($_GET['method']) && in_array($_GET['method'], array('tc', 'rfc'))) {
setcookie('method', $_GET['method'], $expiretime);
} else {
unsetcookies('method');
}
} else {
if (strlen($yourname) > 40) {
$error .= "<br>{$error1}";
}
if (empty($yourname)) {
$error .= "<br>{$error4}";
}
}
// Email Validation Section ----------------------------
if ($email_optional != 1) {
if (strlen($youremail) > 40) {
$error .= "<br>{$error2}";
}
if (empty($youremail)) {
$error .= "<br>{$error5}";
}
if (checkmail($youremail) != 1) {
$error .= "<br>{$error3}";
}
}
// Message Validation Section ---------------------------
if ($message_optional != 1) {
if (empty($yourmessage)) {
$error .= "<br>{$error6}";
}
}
// Exit Program if there is an error --------------------
if ($error) {
$z = "1";
echo $error;
echo "<center><br><a href=\"javascript:history.go(-1)\" class=\"text\">{$goback}</a></center>";
include "footer.inc";
function myprofile()
{
global $set, $apx, $db;
//Weiterleisten auf Loginseite, wenn nicht angemeldet
if (!$apx->user->info['userid']) {
header('Location: index.php');
}
if ($_POST['send'] == 1) {
if (!checkToken()) {
infoInvalidToken();
} elseif (!$_POST['username'] || ($_POST['pwd1'] || $_POST['pwd2']) && (!$_POST['pwd1'] || !$_POST['pwd2']) || !$_POST['email']) {
infoNotComplete();
} elseif ($_POST['pwd1'] != $_POST['pwd2']) {
info($apx->lang->get('INFO_PWNOMATCH'));
} elseif (strlen($_POST['signature']) > $set['user']['sigmaxlen']) {
info($apx->lang->get('INFO_SIGTOOLONG'));
} elseif (!checkmail($_POST['email'])) {
info($apx->lang->get('INFO_NOMAIL'));
} else {
if (substr($_POST['homepage'], 0, 4) == 'www.') {
$_POST['homepage'] = 'http://' . $_POST['homepage'];
}
if ($_POST['pwd1']) {
$_POST['salt'] = random_string();
$_POST['password'] = md5(md5($_POST['pwd1']) . $_POST['salt']);
}
if ($_POST['bd_day'] && $_POST['bd_mon'] && $_POST['bd_year']) {
$_POST['birthday'] = sprintf('%02d-%02d-%04d', $_POST['bd_day'], $_POST['bd_mon'], $_POST['bd_year']);
} elseif ($_POST['bd_day'] && $_POST['bd_day']) {
$_POST['birthday'] = sprintf('%02d-%02d', $_POST['bd_day'], $_POST['bd_mon']);
} else {
$_POST['birthday'] = '';
}
//Location bestimmen
$_POST['locid'] = user_get_location($_POST['plz'], $_POST['city'], $_POST['country']);
$db->dupdate(PRE . '_user', iif($_POST['pwd1'], 'password,salt,') . 'username,email,homepage,icq,aim,yim,msn,skype,realname,gender,birthday,city,plz,country,locid,interests,work,custom1,custom2,custom3,custom4,custom5,custom6,custom7,custom8,custom9,custom10,signature,pub_lang,pub_invisible,pub_hidemail,pub_poppm,pub_usegb,pub_gbmail,pub_profileforfriends,pub_showbuddies,pub_theme,admin_lang,admin_editor' . iif($apx->is_module('forum'), ',forum_autosubscribe'), "WHERE userid='" . $apx->user->info['userid'] . "'");
logit('USER_MYPROFILE');
if ($_POST['pwd1']) {
$apx->session->destroy();
setcookie($set['main']['cookie_pre'] . '_admin_userid', 0, time() - 99999, '/');
setcookie($set['main']['cookie_pre'] . '_admin_password', 0, time() - 99999, '/');
unset($_COOKIE[$set['main']['cookie_pre'] . '_admin_userid'], $_COOKIE[$set['main']['cookie_pre'] . '_admin_password']);
}
printJSRedirect('action.php?action=user.myprofile');
}
} else {
$ex = array('userid', 'password', 'birthday', 'reg_time', 'reg_email', 'lastonline', 'lastactive');
foreach ($apx->user->info as $key => $val) {
if (in_array($key, $ex)) {
continue;
}
$_POST[$key] = $val;
}
list($_POST['bd_day'], $_POST['bd_mon'], $_POST['bd_year']) = explode('-', $apx->user->info['birthday']);
//Sprache
foreach ($apx->languages as $id => $name) {
$lang_admin .= '<option value="' . $id . '"' . iif($_POST['admin_lang'] == $id, ' selected="selected"') . '>' . $name . '</option>';
$lang_pub .= '<option value="' . $id . '"' . iif($_POST['pub_lang'] == $id, ' selected="selected"') . '>' . $name . '</option>';
}
//Themes
$handle = opendir(BASEDIR . getpath('tmpldir'));
while ($file = readdir($handle)) {
if ($file == '.' || $file == '..' || !is_dir(BASEDIR . getpath('tmpldir') . $file)) {
continue;
}
$themes[] = $file;
}
closedir($handle);
sort($themes);
foreach ($themes as $themeid) {
$themelist .= '<option value="' . $themeid . '"' . iif($themeid == $_POST['pub_theme'], ' selected="selected"') . '>' . $themeid . '</option>';
}
//Custom-Felder
for ($i = 1; $i <= 10; $i++) {
$fieldname = $set['user']['cusfield_names'][$i - 1];
$apx->tmpl->assign('CUSFIELD' . $i . '_NAME', replace($fieldname));
$apx->tmpl->assign('CUSTOM' . $i, compatible_hsc($_POST['custom' . $i]));
}
$apx->tmpl->assign('USERNAME_LOGIN', replace($_POST['username_login']));
$apx->tmpl->assign('USERNAME', compatible_hsc($_POST['username']));
$apx->tmpl->assign('EMAIL', compatible_hsc($_POST['email']));
$apx->tmpl->assign('HOMEPAGE', compatible_hsc($_POST['homepage']));
$apx->tmpl->assign('ICQ', (int) $_POST['icq']);
$apx->tmpl->assign('AIM', compatible_hsc($_POST['aim']));
$apx->tmpl->assign('YIM', compatible_hsc($_POST['yim']));
$apx->tmpl->assign('MSN', compatible_hsc($_POST['msn']));
$apx->tmpl->assign('SKYPE', compatible_hsc($_POST['skype']));
$apx->tmpl->assign('REALNAME', compatible_hsc($_POST['realname']));
$apx->tmpl->assign('CITY', compatible_hsc($_POST['city']));
$apx->tmpl->assign('COUNTRY', compatible_hsc($_POST['country']));
$apx->tmpl->assign('PLZ', compatible_hsc($_POST['plz']));
$apx->tmpl->assign('INTERESTS', compatible_hsc($_POST['interests']));
$apx->tmpl->assign('WORK', compatible_hsc($_POST['work']));
$apx->tmpl->assign('GENDER', (int) $_POST['gender']);
$apx->tmpl->assign('BD_DAY', (int) $_POST['bd_day']);
$apx->tmpl->assign('BD_MON', (int) $_POST['bd_mon']);
$apx->tmpl->assign('BD_YEAR', (int) $_POST['bd_year']);
$apx->tmpl->assign('SIGNATURE', compatible_hsc($_POST['signature']));
$apx->tmpl->assign('MAXLEN', $set['user']['sigmaxlen']);
$apx->tmpl->assign('PUB_INVISIBLE', (int) $_POST['pub_invisible']);
$apx->tmpl->assign('PUB_HIDEMAIL', (int) $_POST['pub_hidemail']);
$apx->tmpl->assign('PUB_POPPM', (int) $_POST['pub_poppm']);
$apx->tmpl->assign('PUB_SHOWBUDDIES', (int) $_POST['pub_showbuddies']);
$apx->tmpl->assign('PUB_USEGB', (int) $_POST['pub_usegb']);
$apx->tmpl->assign('PUB_GBMAIL', (int) $_POST['pub_gbmail']);
$apx->tmpl->assign('PUB_THEME', $themelist);
$apx->tmpl->assign('PUB_LANG', $lang_pub);
$apx->tmpl->assign('PUB_PROFILEFORFRIENDS', (int) $_POST['pub_profileforfriends']);
$apx->tmpl->assign('FORUM_AUTOSUBSCRIBE', (int) $_POST['forum_autosubscribe']);
$apx->tmpl->assign('ADMIN_LANG', $lang_admin);
$apx->tmpl->assign('ADMIN_EDITOR', (int) $_POST['admin_editor']);
$apx->tmpl->parse('myprofile');
}
}
function boxes_go()
{
global $list, $options, $fromaddr;
require_once CLASS_DIR . "mail.php";
$_POST["partSize"] = isset($_POST["partSize"]) & $_POST["split"] == "on" ? $_POST["partSize"] * 1024 * 1024 : FALSE;
$v_mails = explode("\n", $_POST['emails']);
$v_min = count(count($_POST["files"]) < count($v_mails) ? $_POST["files"] : $v_mails);
for ($i = 0; $i < $v_min; $i++) {
$file = $list[$_POST["files"][$i]];
$v_mail = trim($v_mails[$i]);
if (!checkmail($v_mail)) {
printf(lang(144), $v_mail);
echo "<br /><br />";
} elseif (file_exists($file["name"])) {
if (xmail("{$fromaddr}", $v_mail, "File " . basename($file["name"]), "File: " . basename($file["name"]) . "\r\n" . "Link: " . $file["link"] . ($file["comment"] ? "\r\nComments: " . str_replace("\\r\\n", "\r\n", $file["comment"]) : ""), $file["name"], $_POST["partSize"], $_POST["method"])) {
if ($_POST["del_ok"] && !$options['disable_deleting']) {
if (@unlink($file["name"])) {
$v_ads = " and deleted!";
unset($list[$_POST["files"][$i]]);
} else {
$v_ads = ", but <b>not</b> deleted!</b>";
}
} else {
$v_ads = " !";
}
echo '<script type="text/javascript">' . "mail('File <b>" . basename($file["name"]) . "</b> it is sent for the address <b>" . $v_mail . "</b>" . $v_ads . "', '" . md5(basename($file["name"])) . "');</script>\r\n<br />";
} else {
echo lang(12) . "<br />";
}
} else {
printf(lang(145), $file['name']);
echo "<br /><br />";
}
}
if (count($_POST["files"]) < count($v_mails)) {
for ($i = count($_POST["files"]); $i < count($v_mails); $i++) {
$v_mail = trim($v_mails[$i]);
echo "{$v_mail}.</b><br /><br />";
}
echo "</b><br />";
} elseif (count($_POST["files"]) > count($v_mails)) {
for ($i = count($v_mails); $i < count($_POST["files"]); $i++) {
$file = $list[$_POST["files"][$i]];
if (file_exists($file["name"])) {
echo $file["name"] . "<br /><br />";
} else {
printf(lang(145), $file['name']);
echo "<br /><br />";
}
}
echo "<br />";
}
if ($_POST["del_ok"]) {
if (!updateListInFile($list)) {
echo lang(146) . "<br /><br />";
}
}
}
if (count($argv) > 1) {
for ($i = 1; $i < count($argv); $i++) {
if (is_dir($argv[$i])) {
$dh = opendir($argv[$i]);
while ($fn = readdir($dh)) {
if (substr($fn, 0, 1) !== '.') {
$email = file_get_contents($argv[$i] . '/' . $fn);
print $argv[$i] . "/{$fn}\n";
checkmail($email);
}
}
closedir($dh);
} else {
$email = file_get_contents($argv[$i]);
print $argv[$i] . "\n";
checkmail($email);
}
}
} else {
$handle = fopen("php://stdin", "r");
$email = stream_get_contents($handle);
fclose($handle);
checkmail($email);
}
/**
* Now show the results
*/
foreach ($total as $t => $v) {
printf("%-15s %6d\n", $t, $v);
}
}
<?php
// функция проверяет является ли строка адресом e-mail
require_once "settings.php";
function checkmail($string)
{
return preg_match('%[-\\.\\w]+@[-\\w]+(?:\\.[-\\w]+)+%', $string);
}
$link = mysql_connect(DBHOST, DBUSER, DBPASSWD) or die("Ошибка соединения: " . mysql_error());
//print "<b>Успешное подключение</b>";
mysql_select_db($DBNAME) or die("невозможно выполнить выборку из БД");
if (isset($_POST['email']) & checkmail($_POST['email']) & strlen($_POST['password']) >= 8) {
$email = @mysql_real_escape_string($_POST['email']);
$password = @mysql_real_escape_string($_POST['password']);
$query = "SELECT * FROM users WHERE email='{$email}' AND password='******'";
$res = mysql_query($query) or trigger_error(mysql_error() . $query);
if ($row = mysql_fetch_assoc($res)) {
// начнём сессию и определим некоторые переменные
session_start();
$_SESSION['user_id'] = $row['user_id'];
$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
}
header("Location: http://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit;
}
if (isset($_GET['action']) and $_GET['action'] == "logout") {
session_start();
session_destroy();
header("Location: http://" . $_SERVER['HTTP_HOST'] . "/foronliner/listnonregister.php");
exit;
}
$mail = $user[reg_email];
} else {
$mail = $user[user_email];
}
if ($user[reg_email]) {
$sendmail->mail($email, stripslashes($mail_subject), stripslashes($mail_body), $mail_header);
}
}
eval("\$fail_newsletter = \"" . gettemplate("admin.done") . "\";");
}
#######################################
if ($adminaction == "edituser_save") {
### check entrys ####
if (!$form[user_login] || !$form[user_name] || !$form[reg_email]) {
eval("\$fail_useredit = \"" . gettemplate("fail.eingabe") . "\";");
} elseif (!checkmail($form[reg_email])) {
eval("\$fail_useredit =\"" . gettemplate("fail.eingabe.invalid.mail") . "\";");
} else {
if ($form[delete]) {
if ($userid != 1) {
$db->query_str("DELETE FROM {$tab['user']} WHERE id='{$userid}'");
} else {
$inc[action] = "GastAccount cannot be deleted.";
}
} else {
### SAVE QUERY ###
$date = time();
$query = $db->query_str("UPDATE {$tab['user']} SET \n\t\t\t\t\tuser_login='******'user_login']}',\n\t\t\t\t\tuser_name='{$form['user_name']}',\n\t\t\t\t\tuser_email='{$form['user_email']}',\n\t\t\t\t\tuser_location='{$form['user_location']}',\n\t\t\t\t\treg_email='{$form['reg_email']}',\n\t\t\t\t\tuser_icq='{$form['user_icq']}',\n\t\t\t\t\tuser_aim='{$form['user_aim']}',\n\t\t\t\t\tuser_yim='{$form['user_yim']}',\n\t\t\t\t\tuser_hp='{$form['user_hp']}',\n\t\t\t\t\tuser_interests='{$form['user_interests']}',\n\t\t\t\t\tuser_signatur='{$form['user_signatur']}',\n\t\t\t\t\tuser_text='{$form['user_text']}',\n\t\t\t\t\tuser_work='{$form['user_work']}',\n\t\t\t\t\tuser_gender='{$form['user_gender']}'\n\t\t\t\t\tWHERE id='{$userid}'");
}
$adminaction = "showusers";
}
<?php
// Si on reçoit des infos du formulaire de changement de mail et qu'on a bien reçu un mail
if (isset($_POST['mail_change']) && $_POST['mail_change'] == 'ok' && isset($_POST['nouveau_mail'])) {
$nouveau_mail = trim($_POST['nouveau_mail']);
// On récupère le nouveau mail, en enlevant les caractères indésirables
$resultat_test_mail = checkmail($nouveau_mail, $bdd);
// On teste le mail envoyé
if ($resultat_test_mail == 'isnt') {
$erreur_pas_un_mail = 1;
} else {
if ($resultat_test_mail == 'exists') {
$erreur_deja_utilise = 1;
} else {
if ($resultat_test_mail == 'empty') {
$erreur_pas_de_mail = 1;
} else {
if ($resultat_test_mail == 'ok') {
// On enregistre le nouveau mail
$req = $bdd->prepare('UPDATE users
SET mail=?
WHERE id_user = ?');
$req->execute(array($nouveau_mail, $id_user));
$mail_modifie = 1;
}
}
}
}
}
// Si on reçoit des infos du formulaire de changement de MOT DE PASSE et qu'on a bien reçu un mdp
if (isset($_POST['mdp_change']) && $_POST['mdp_change'] == 'ok' && isset($_POST['nouveau_mdp']) && isset($_POST['verif_mdp'])) {
function prepareforsave($string)
{
//$string = strip_tags($string);
//$string = nl2br($string);
return $string;
}
//print_r ($_POST);
if ($_POST['username'] == "") {
print "имя не введено<br>";
exit;
}
if ($_POST['mail'] == "") {
print "почта на указана";
exit;
}
if (!checkmail($_POST['mail'])) {
print "формат почты указан неверно";
exit;
}
if ($_POST['pass1'] == "") {
print "пароль не введён";
exit;
}
if (strlen($_POST['pass1']) < $passlen) {
print "длина пароля должна быть не менее {$passlen} символов";
exit;
}
if ($_POST['pass1'] != $_POST['pass2']) {
print "пароль и его подтверждение не совпадают";
exit;
}
/** Creates a new hosted account
*
* Creates a new hosted account (in the tables <code>membres</code>
* and <code>local</code>). Prevents any manipulation of the account if
* the account $mid is not super-admin.
*
*
* @global m_err $err
* @global m_quota $quota
* @global array $classes
* @global int $cuid
* @global m_mem $mem
* @global string $L_MYSQL_DATABASE
* @global string $L_MYSQL_LOGIN
* @global m_hooks $hooks
* @global m_action $action
* @param string $login Login name like [a-z][a-z0-9]*
* @param string $pass Password (max. 64 characters)
* @param string $nom Name of the account owner
* @param string $prenom First name of the account owner
* @param string $mail Email address of the account owner, useful to get
* one's lost password
* @param integer $canpass
* @param string $type Account type for quotas
* @param int $duration
* @param string $notes
* @param integer $force
* @param string $create_dom
* @param int $db_server_id
* @return boolean Returns FALSE if an error occurs, TRUE if not.
*/
function add_mem($login, $pass, $nom, $prenom, $mail, $canpass = 1, $type = 'default', $duration = 0, $notes = "", $force = 0, $create_dom = '', $db_server_id)
{
global $err, $quota, $classes, $cuid, $mem, $L_MYSQL_DATABASE, $L_MYSQL_LOGIN, $hooks, $action;
$err->log("admin", "add_mem", $login . "/" . $mail);
if (!$this->enabled) {
$err->raise("admin", _("-- Only administrators can access this page! --"));
return false;
}
if (empty($db_server_id)) {
$err->raise("admin", _("Missing db_server field"));
return false;
}
if ($login == "" || $pass == "") {
$err->raise("admin", _("All fields are mandatory"));
return false;
}
if (!$force) {
if ($mail == "") {
$err->raise("admin", _("All fields are mandatory"));
return false;
}
//@todo remove cf functions.php
if (checkmail($mail) != 0) {
$err->raise("admin", _("Please enter a valid email address"));
return false;
}
}
$login = strtolower($login);
if (!preg_match("#^[a-z0-9]+\$#", $login)) {
//$
$err->raise("admin", _("Login can only contains characters a-z and 0-9"));
return false;
}
if (strlen($login) > 14) {
// Not an arbitrary value : MySQL user names can be up to 16 characters long
// If we want to allow people to create a few mysql_user (and we want to!)
// we have to limit the login lenght
$err->raise("admin", _("The login is too long (14 chars max)"));
return false;
}
// Some login are not allowed...
if ($login == $L_MYSQL_DATABASE || $login == $L_MYSQL_LOGIN || $login == "mysql" || $login == "root") {
$err->raise("admin", _("Login can only contains characters a-z, 0-9 and -"));
return false;
}
$pass = _md5cr($pass);
$db = new DB_System();
$notes = mysql_real_escape_string($notes);
// Already exist?
$db->query("SELECT count(*) AS cnt FROM membres WHERE login='******';");
$db->next_record();
if (!$db->f("cnt")) {
$db->query("SELECT max(m.uid)+1 as nextid FROM membres m");
if (!$db->next_record()) {
$uid = 2000;
} else {
$uid = $db->Record["nextid"];
if ($uid <= 2000) {
$uid = 2000;
}
}
$db->query("INSERT INTO membres (uid,login,pass,mail,creator,canpass,type,created,notes,db_server_id) VALUES ('{$uid}','{$login}','{$pass}','{$mail}','{$cuid}','{$canpass}', '{$type}', NOW(), '{$notes}', '{$db_server_id}');");
$db->query("INSERT INTO local(uid,nom,prenom) VALUES('{$uid}','{$nom}','{$prenom}');");
$this->renew_update($uid, $duration);
#exec("sudo /usr/lib/alternc/mem_add ".$login." ".$uid);
$action->create_dir(getuserpath("{$login}"));
$action->fix_user($uid);
// Triggering hooks
$mem->su($uid);
// TODO: old hook method FIXME: when unused remove this
/*
foreach($classes as $c) {
if (method_exists($GLOBALS[$c],"alternc_add_member")) {
$GLOBALS[$c]->alternc_add_member();
}
}
*/
$hooks->invoke("alternc_add_member");
// New hook way
$hooks->invoke("hook_admin_add_member", array(), array('quota'));
// First !!! The quota !!! Etherway, we can't be sure to be able to create all
$hooks->invoke("hook_admin_add_member");
$mem->unsu();
if (!empty($create_dom)) {
$this->add_shared_domain($uid, $create_dom);
}
return $uid;
} else {
$err->raise("admin", _("This login already exists"));
return false;
}
}
$_POST['userid'] = 0;
}
$_POST['file'] = $_FILES['file']['name'];
$_POST['tempfile'] = 'downloads/uploads/' . $stamp . '-' . $_FILES['file']['name'];
$_POST['addtime'] = time();
$_POST['send_ip'] = get_remoteaddr();
$_POST['local'] = 1;
$_POST['secid'] = 'all';
$_POST['text'] = strtr(strip_tags($_POST['text']), array("\r\n" => "<br />\r\n", "\n" => "<br />\n"));
if ($set['downloads']['coms']) {
$_POST['allowcoms'] = 1;
}
if ($set['downloads']['ratings']) {
$_POST['allowrating'] = 1;
}
if (checkmail($_POST['author_link'])) {
$_POST['author_link'] = 'mailto:' . $_POST['author_link'];
}
//eMail-Benachrichtigung
if ($set['downloads']['mailonnew']) {
$input = array('URL' => HTTP);
sendmail($set['downloads']['mailonnew'], 'SENDDOWNLOAD', $input);
}
//Captcha löschen
if ($set['downloads']['captcha'] && !$user->info['userid']) {
$captcha->remove();
}
$db->dinsert(PRE . '_downloads', 'userid,secid,catid,send_username,send_email,send_ip,file,tempfile,local,title,text,author,author_link,addtime,allowcoms,allowrating');
message($apx->lang->get('MSG_OK'), mklink('downloads.php', 'downloads.html'));
}
//SCRIPT BEENDEN
// Vérification que c'est bien une image
if (!$image->isImage()) {
die('image non trouvée');
}
function checkmail($mail)
{
if (eregi("^[0-9a-z]([-_.~]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]{2,4}\$", $mail)) {
return true;
} else {
return false;
}
}
if (!checkmail($_REQUEST['from_email'])) {
die("L'adresse email de l'expéditeur n'est pas valide, utilisez le bouton précédent pour la corriger");
}
if (!checkmail($_REQUEST['to_email'])) {
die("L'adresse email du destinataire n'est pas valide, utilisez le bouton précédent pour la corriger");
}
if (empty($_REQUEST['message'])) {
die("Le message est vide, utilisez le bouton précédent pour la corriger");
}
// sauvegarde du formulaire dans session
$_SESSION['ecard']['from_email'] = $_REQUEST['from_email'];
$_SESSION['ecard']['from_name'] = $_REQUEST['from_name'];
$_SESSION['ecard']['to_email'] = $_REQUEST['to_email'];
$_SESSION['ecard']['message'] = $_REQUEST['message'];
$_SESSION['ecard']['message'] = str_replace("\n", '', $_SESSION['ecard']['message']);
$_SESSION['ecard']['message'] = str_replace("\r", '', $_SESSION['ecard']['message']);
/*
echo '<pre>';
print_r($_SESSION['ecard']);
function checkmail($user_email)
{
//验证电子邮件地址
if (preg_match("/\\w+([-+.]\\w+)*@\\w+([-.]\\w+)*\\.\\w+([-.]\\w+)*/", $user_email)) {
return true;
} else {
return false;
}
}
if (get_argp("user_name") == NULL) {
action_return(0, $re_langpackage->re_empty_name, "-1");
}
if (!login_check(get_argp("user_name"))) {
action_return(0, $re_langpackage->re_right_name, "-1");
}
if (!checkmail(get_argp("user_email")) || !login_check(get_argp("user_email"))) {
action_return(0, $re_langpackage->re_right_email, "-1");
}
if (strlen(get_argp("user_repassword")) < 6) {
action_return(0, $re_langpackage->re_pass_limit, "-1");
}
$user_name = short_check(get_argp("user_name"));
$user_pws = md5(get_argp("user_password"));
$user_sex = intval(get_argp("user_sex"));
$user_email = short_check(get_argp("user_email"));
$is_pass = 1;
$user_vericode = get_argp("veriCode");
$invite_fromuid = 0;
if (get_session('InviteFromUid')) {
$invite_fromuid = get_session('InviteFromUid');
}
require_once 'functions.php';
$valid = TRUE;
if (isset($_POST['submit'])) {
foreach ($_POST as $key => $value) {
${$key} = $value;
}
$valid = $fn = checklength($fname, 1, 30);
$ln = checklength($lname, 1, 30);
$valid = $valid && $ln;
$em = checkemail($email);
$valid = $valid && $em;
$ps = checkpassword($password);
$valid = $valid && $ps;
$ps2 = $password == $password2;
$valid = $valid && $ps2;
$zp = checkmail($zipcode, 'US');
$valid = $valid && $zp;
if ($valid) {
echo "form filled successfully!";
exit;
}
} else {
$fn = $ln = $em = $ps = $ps2 = $hp = $zp = TRUE;
$fname = $lname = $email = $zipcode = $omepage = "";
}
if (!$valid) {
?>
<style type="text/css">
td.error
{
color:#F00;
$yetki = $_POST["yetki"];
$tarih = date("y-m-d");
if ($kullanici_adi == "" or $parola == "" or $parolatekrar == "" or $eposta == "" or $yetki == "" or $adi == "") {
echo "<center><i class='fa fa-frown-o'></i> Lütfen tüm alanları eksiksiz doldurun!</center>";
header("Refresh: 2; url=index.php?sayfa=uyeekle");
return;
} elseif ($parola != $parolatekrar) {
echo "<center><i class='fa fa-frown-o'></i> Parola ve Parola Tekrar alanları aynı olmalı!</center>";
header("Refresh: 2; url=index.php?sayfa=uyeekle");
return;
}
function checkmail($eposta)
{
return filter_var($eposta, FILTER_VALIDATE_EMAIL);
}
if (!checkmail($eposta)) {
echo "<center><i class='fa fa-frown-o'></i> Yazdığınız e-posta adresi geçersiz!</center>";
header("Refresh: 2; url=index.php?sayfa=uyeekle");
return;
}
$isim_kontrol = mysql_query("select * from tlg_uyeler where k_adi='" . $kullanici_adi . "'") or die(mysql_error());
$uye_varmi = mysql_num_rows($isim_kontrol);
if ($uye_varmi > 0) {
echo "<center><i class='fa fa-frown-o'></i> Kullanıcı adı başka bir üye tarafından kullanılıyor!</center>";
header("Refresh: 2; url=index.php?sayfa=uyeekle");
return;
}
$eposta_kontrol = mysql_query("select * from tlg_uyeler where eposta='" . $eposta . "'") or die(mysql_error());
$eposta_varmi = mysql_num_rows($eposta_kontrol);
if ($eposta_varmi > 0) {
echo "<center><i class='fa fa-frown-o'></i> E-Posta başka bir üye tarafından kullanılıyor!</center>";
function mail_go()
{
global $list, $options, $L;
require_once CLASS_DIR . "mail.php";
if (!checkmail($_POST["email"])) {
echo $L->say['invalid_email'] . "<br /><br />";
} else {
$_POST["partSize"] = isset($_POST["partSize"]) & $_POST["split"] == "on" ? $_POST["partSize"] * 1024 * 1024 : FALSE;
for ($i = 0; $i < count($_POST["files"]); $i++) {
$file = $list[$_POST["files"][$i]];
if (file_exists($file["name"])) {
if (xmail("{$fromaddr}", $_POST['email'], "File " . basename($file["name"]), "File: " . basename($file["name"]) . "\r\n" . "Link: " . $file["link"] . ($file["comment"] ? "\r\nComments: " . str_replace("\\r\\n", "\r\n", $file["comment"]) : ""), $file["name"], $_POST["partSize"], $_POST["method"])) {
if ($_POST["del_ok"] && !$options['disable_to']['act_del']) {
if (@unlink($file["name"])) {
$v_ads = " " . $L->say['_and_del'] . "";
unset($list[$_POST["files"][$i]]);
} else {
$v_ads = ", " . $L->say['_but'] . " <b>" . $L->say['_not_del'] . "</b>";
}
} else {
$v_ads = " !";
}
echo '<script type="text/javascript">' . "<!--\r\nmail('File <b>" . basename($file["name"]) . "</b> " . $L->say['send_for_addr'] . " <b>" . $_POST["email"] . "</b>" . $v_ads . "', '" . md5(basename($file["name"])) . "');//-->\r\n</script>\r\n<br />";
} else {
echo $L->say['error_send'] . "<br />";
}
} else {
echo $L->sprintf($L->say['not_found'], $file['name']) . "<br /><br />";
}
}
}
}
if (@mail($this_user['email'], "Забытый пароль", $message, "From: Sniffer Bot <$from_email>\nContent-Type: text/plain; charset=windows-1251")) $send_ok = true;
}
else error_message("send", 3);
}
if ($reg and $_POST['create']) {
$user['login'] = strtolower($_POST['login']);
if (!preg_match("/^[a-zA-Z1-9_]{1,20}$/", $user['login'])) error_message("create", 1);
if ($user['login'] == "refresh" or $user['login'] == "i" or $user['login'] == "s") error_message("create", 3);
$user['password'] = trim($_POST['password']);
if (!preg_match("/^[a-zA-Z1-9_]{1,20}$/", $user['password'])) error_message("create", 2);
foreach ($users as $key => $entrie) {
$some_user = unserialize($entrie);
if ($some_user['login'] == $user['login']) error_message("create", 3);
}
$user['email'] = checkmail($_POST['email']);
if ($user['email'] != $_POST['email']) error_message("create", 4);
$user['last_visited'] = time();
$entrie = serialize($user);
$users[] = $entrie;
$users_content = serialize($users);
put_file_content($users_filename, $users_content);
}
if ($styles_enabled) {
if ($_GET['style'] and file_exists("styles/".$_GET['style'].".css")) $style_filename = $_GET['style'].".css";
elseif ($_COOKIE['s_style'] and file_exists("styles/".$_COOKIE['s_style'].".css")) $style_filename = $_COOKIE['s_style'].".css";
$current_style = substr($style_filename, 0, strpos($style_filename, ".css"));
setcookie("s_style", $current_style, time()+7776000);
}
function addcom()
{
global $db, $apx, $user;
$_POST['mid'] = (int) $_POST['mid'];
if (!$_POST['mid']) {
die('missing mID!');
}
//if ( !$apx->is_module($_POST['module']) ) die('invalid MODULE!');
$apx->lang->drop('add', 'comments');
list($spam) = $db->first("SELECT time FROM " . PRE . "_comments WHERE ( module='" . addslashes($_POST['module']) . "' AND ip='" . get_remoteaddr() . "' AND mid='" . $_POST['mid'] . "' ) ORDER BY time DESC");
//Captcha prüfen
if ($this->set['captcha'] && !$user->info['userid']) {
require BASEDIR . 'lib/class.captcha.php';
$captcha = new captcha();
$captchafailed = $captcha->check();
}
if ($user->info['userid']) {
if ($captchafailed) {
message($apx->lang->get('MSG_COM_WRONGCODE'), 'javascript:history.back()');
} elseif ($this->ip_is_blocked()) {
message($apx->lang->get('MSG_COM_BLOCKIP'), 'back');
} elseif (!$_POST['text'] || $this->set['req_title'] && !$_POST['title']) {
message('back');
} elseif ($this->text_is_blocked()) {
message($apx->lang->get('MSG_COM_BLOCKTEXT'), 'back');
} elseif ($this->set['maxlen'] && strlen($_POST['text']) > $this->set['maxlen']) {
message($apx->lang->get('MSG_COM_TOOLONG'), 'back');
} elseif ($spam + $this->set['spamprot'] * 60 > time()) {
message($apx->lang->get('MSG_COM_BLOCKSPAM', array('SEC' => $spam + $this->set['spamprot'] * 60 - time())), 'back');
} else {
if ($this->set['mod'] && !$user->is_team_member()) {
$_POST['active'] = 0;
} else {
$_POST['active'] = 1;
}
$_POST['userid'] = $user->info['userid'];
$_POST['username'] = $user->info['username'];
$_POST['time'] = time();
$_POST['ip'] = get_remoteaddr();
$db->dinsert(PRE . '_comments', 'module,mid,userid,username,title,text,time,notify,ip,active');
$comid = $db->insert_id();
//eMail-Benachrichtigung (Admin)
if ($this->set['mailonnew']) {
$text = strip_tags(dbcodes($_POST['text']));
$input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI'], 'TEXT' => $text);
sendmail($this->set['mailonnew'], 'SENDCOM', $input);
}
//eMail-Benachrichtigung (User)
if ($_POST['active']) {
$data = $db->fetch("\n\t\t\t\t\t\tSELECT DISTINCT IF(c.userid, u.email, c.email) AS email\n\t\t\t\t\t\tFROM " . PRE . "_comments AS c\n\t\t\t\t\t\tLEFT JOIN " . PRE . "_user AS u USING(userid)\n\t\t\t\t\t\tWHERE c.module='" . addslashes($_POST['module']) . "' AND c.mid='" . addslashes($_POST['mid']) . "' AND c.notify=1 AND c.id!='" . $comid . "' AND c.userid!=" . $user->info['userid'] . "\n\t\t\t\t\t");
if (count($data)) {
foreach ($data as $res) {
$input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI']);
sendmail($res['email'], 'NOTIFYCOM', $input);
}
}
//Notify zurücksetzen
$db->query("UPDATE " . PRE . "_comments SET notify=0 WHERE module='" . addslashes($_POST['module']) . "' AND mid='" . addslashes($_POST['mid']) . "' AND id!='" . $comid . "'");
}
//Captcha löschen
if ($this->set['captcha'] && !$user->info['userid']) {
$captcha->remove();
}
message($apx->lang->get('MSG_COM_OK'), str_replace('&', '&', $_SERVER['REQUEST_URI']));
}
} elseif ($this->set['pub']) {
if (!checkmail($_POST['email'])) {
if ($this->set['req_email']) {
$emailnotvalid = true;
} else {
$_POST['email'] = '';
}
}
if ($captchafailed) {
message($apx->lang->get('MSG_COM_WRONGCODE'), 'javascript:history.back()');
} elseif ($this->ip_is_blocked()) {
message($apx->lang->get('MSG_COM_BLOCKIP'), 'back');
} elseif (!$_POST['username'] || !$_POST['text'] || $this->set['req_email'] && !$_POST['email'] || $this->set['req_homepage'] && !$_POST['homepage'] || $this->set['req_title'] && !$_POST['title']) {
message('back');
} elseif ($_POST['notify'] && !$_POST['email']) {
message($apx->lang->get('MSG_COM_MAILNEEDED'), 'back');
} elseif ($this->text_is_blocked()) {
message($apx->lang->get('MSG_COM_BLOCKTEXT'), 'back');
} elseif ($this->set['entrymaxlen'] && strlen($_POST['text']) > $this->set['entrymaxlen']) {
message($apx->lang->get('MSG_COM_TOOLONG'), 'back');
} elseif ($emailnotvalid) {
message($apx->lang->get('MSG_COM_EMAILNOTVALID'), 'back');
} elseif ($spam + $this->set['spamprot'] * 60 > time()) {
message($apx->lang->get('MSG_COM_BLOCKSPAM', array('SEC' => $spam + $this->set['spamprot'] * 60 - time())), 'back');
} else {
if (substr($_POST['homepage'], 0, 4) == 'www.') {
$_POST['homepage'] = 'http://' . $_POST['homepage'];
}
if ($this->set['mod']) {
$_POST['active'] = 0;
} else {
$_POST['active'] = 1;
}
$_POST['time'] = time();
$_POST['ip'] = get_remoteaddr();
$db->dinsert(PRE . '_comments', 'module,mid,userid,username,email,homepage,title,text,time,notify,ip,active');
//eMail-Benachrichtigung (Admin)
if ($this->set['mailonnew']) {
$text = strip_tags(dbcodes($_POST['text']));
$input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI'], 'TEXT' => $text);
sendmail($this->set['mailonnew'], 'SENDCOM', $input);
}
//eMail-Benachrichtigung (User)
if ($_POST['active']) {
$data = $db->fetch("\n\t\t\t\t\t\tSELECT DISTINCT IF(c.userid, u.email, c.email) AS email\n\t\t\t\t\t\tFROM " . PRE . "_comments AS c\n\t\t\t\t\t\tLEFT JOIN " . PRE . "_user AS u USING(userid)\n\t\t\t\t\t\tWHERE c.module='" . addslashes($_POST['module']) . "' AND c.mid='" . addslashes($_POST['mid']) . "' AND c.notify=1 AND c.id!='" . $comid . "'\n\t\t\t\t\t");
if (count($data)) {
foreach ($data as $res) {
$input = array('URL' => HTTP, 'GOTO' => HTTP_HOST . $_SERVER['REQUEST_URI']);
sendmail($res['email'], 'NOTIFYCOM', $input);
}
}
//Notify zurücksetzen
$db->query("UPDATE " . PRE . "_comments SET notify=0 WHERE module='" . addslashes($_POST['module']) . "' AND mid='" . addslashes($_POST['mid']) . "' AND id!='" . $comid . "'");
}
//Captcha löschen
if ($this->set['captcha'] && !$user->info['userid']) {
$captcha->remove();
}
message($apx->lang->get('MSG_COM_OK'), str_replace('&', '&', $_SERVER['REQUEST_URI']));
}
}
}
}
function filexist($filename)
{
if (file_exists('../cache/' . $filename)) {
unlink('../cache/' . $filename);
echo '0';
} else {
echo '1';
}
}
if (isset($_REQUEST['f']) && $_REQUEST['f'] == 'user1') {
echo checkuser($_REQUEST['captcha']);
}
if (isset($_REQUEST['f']) && $_REQUEST['f'] == 'user') {
echo checkuser($_REQUEST['username']);
}
if (isset($_REQUEST['f']) && $_REQUEST['f'] == 'mail') {
echo checkmail($_REQUEST['email']);
}
if (isset($_REQUEST['f']) && $_REQUEST['f'] == 'userc') {
echo checkuserc($_REQUEST['username']);
}
if (isset($_REQUEST['f']) && $_REQUEST['f'] == 'mailc') {
echo checkmailc($_REQUEST['email']);
}
if (isset($_REQUEST['f']) && $_REQUEST['f'] == 'df') {
echo deletfile($_REQUEST['df']);
}
if (isset($_REQUEST['f']) && $_REQUEST['f'] == 'fe') {
echo filexist($_REQUEST['fe']);
}
setcookie("proxy", "", TIME_NOW - 3600);
setcookie("proxyuser", "", TIME_NOW - 3600);
setcookie("proxypass", "", TIME_NOW - 3600);
setcookie("split", "", TIME_NOW - 3600);
setcookie("partSize", "", TIME_NOW - 3600);
setcookie("savesettings", "", TIME_NOW - 3600);
setcookie("clearsettings", "", TIME_NOW - 3600);
setcookie("premium_acc", "", TIME_NOW - 3600);
setcookie("premium_user", "", TIME_NOW - 3600);
setcookie("premium_pass", "", TIME_NOW - 3600);
}
if (isset($_REQUEST["savesettings"]) && $_REQUEST["savesettings"] == "on") {
setcookie("savesettings", TRUE, TIME_NOW + 800600);
if ($_REQUEST["domail"] == "on") {
setcookie("domail", TRUE, TIME_NOW + 800600);
if (checkmail($_REQUEST["email"])) {
setcookie("email", $_REQUEST["email"], TIME_NOW + 800600);
} else {
setcookie("email", "", TIME_NOW - 3600);
}
if ($_REQUEST["split"] == "on") {
setcookie("split", TRUE, TIME_NOW + 800600);
if (is_numeric($_REQUEST["partSize"])) {
setcookie("partSize", $_REQUEST["partSize"], TIME_NOW + 800600);
} else {
setcookie("partSize", "", TIME_NOW - 3600);
}
if (in_array($_REQUEST["method"], array("tc", "rfc"))) {
setcookie("method", $_REQUEST["method"], TIME_NOW + 800600);
} else {
setcookie("method", "", TIME_NOW - 3600);
$captcha = new captcha();
$captchafailed = $captcha->check();
}
if ($captchafailed) {
message($apx->lang->get('MSG_WRONGCODE'), 'javascript:history.back()');
} elseif (!$_POST['username'] || !$_POST['pwd1'] || !$_POST['pwd2'] || !$_POST['email1'] || !$_POST['email2']) {
message('back');
} elseif ($_POST['pwd1'] != $_POST['pwd2']) {
message($apx->lang->get('MSG_PWNOMATCH'), 'javascript:history.back()');
} elseif ($set['user']['userminlen'] && strlen($_POST['username']) < $set['user']['userminlen']) {
message($apx->lang->get('MSG_USERLENGTH', array('LENGTH' => $set['user']['userminlen'])), 'javascript:history.back()');
} elseif ($set['user']['pwdminlen'] && strlen($_POST['pwd1']) < $set['user']['pwdminlen']) {
message($apx->lang->get('MSG_PWDLENGTH', array('LENGTH' => $set['user']['pwdminlen'])), 'javascript:history.back()');
} elseif ($_POST['email1'] != $_POST['email2']) {
message($apx->lang->get('MSG_EMAILNOMATCH'), 'javascript:history.back()');
} elseif (!checkmail($_POST['email1'])) {
message($apx->lang->get('MSG_NOMAIL'), 'javascript:history.back()');
} elseif ($blockname) {
message($apx->lang->get('MSG_USERNOTALLOWED', array('STRING' => $blockname)), 'javascript:history.back()');
} elseif ($check) {
message($apx->lang->get('MSG_USEREXISTS'), 'javascript:history.back()');
} elseif (!$set['user']['mailmultiacc'] && $check2) {
message($apx->lang->get('MSG_MAILEXISTS'), 'javascript:history.back()');
} else {
//Captcha löschen
if ($set['user']['captcha']) {
$captcha->remove();
}
if (substr($_POST['homepage'], 0, 4) == 'www.') {
$_POST['homepage'] = 'http://' . $_POST['homepage'];
}
function edit()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send'] == 1) {
$emails = explode(',', $_POST['email']);
foreach ($emails as $one) {
if (!checkmail(trim($one))) {
$wrongmail = true;
break;
}
}
if (!checkToken()) {
infoInvalidToken();
} elseif (!$_POST['title'] || !$_POST['email']) {
infoNotComplete();
} elseif ($wrongmail) {
info($apx->lang->get('INFO_NOEMAIL', array('EMAIL' => $one)));
} else {
$db->dupdate(PRE . '_contact', 'title,email', " WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
logit('CONTACT_EDIT', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('contact.show'));
}
} else {
list($_POST['title'], $_POST['email']) = $db->first("SELECT title,email FROM " . PRE . "_contact WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$apx->tmpl->assign('TITLE', compatible_hsc($_POST['title']));
$apx->tmpl->assign('EMAIL', compatible_hsc($_POST['email']));
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('ACTION', 'edit');
$apx->tmpl->parse('add_edit');
}
}
<?php
include "./config.php";
$message = "";
$uname = $_POST["uname"];
$mail = $_POST["mail"];
$blog = $_POST["blog"];
$address = $_POST["address"];
$gid = $_GET["gid"];
if (checkmail($mail) == true) {
$md5string = md5($uname . $mail . $gid . "adbcde");
if (isSameMail($mail) == true) {
//用update,已有mail 資訊
$sql = "UPDATE `subscription_user` SET `name` = '{$uname}',\r\n\t\t\t\t`md5` = '{$md5string}',\r\n\t\t\t\t`blog` = '{$blog}',\r\n\t\t\t\t`address` = '{$address}',\r\n\t\t\t\t`user_disable` = '0' WHERE CONVERT( `subscription_user`.`Email` USING utf8 ) = '{$mail}' and `subscription_user`.gid = {$gid} LIMIT 1 ";
$rs =& $conn->Execute($sql);
} else {
// 用add
$sql = "INSERT INTO `subscription_user` (`name` ,`Email` ,`blog`,`address`,`md5` ,`active` ,`user_disable`,`gid`)\r\n\t\t\t\tVALUES ('{$uname}', '{$mail}','{$blog}','{$address}', '{$md5string}', '0', '0',{$gid})";
$rs =& $conn->Execute($sql);
}
} else {
$message = "E-mail填寫錯誤";
}
if ($message == "") {
$groupObj = get_group_content($conn, $gid);
$to = $mail;
$authenticateURL = __SITE_URL . "authenticate.php?key=" . $md5string;
$authenticateURL = "<a href=\"{$authenticateURL}\">{$authenticateURL}</a>";
$body = $groupObj["checkMail"];
$body = str_replace('{$uname}', $uname, $body);
$body = str_replace('{$umail}', $mail, $body);
tmessage('noright', array(), false, false);
}
check_forum_password($foruminfo);
/////////////////////////////////////////////////////////////////////////////////////// Seite empfehlen
if ($_POST['send']) {
//Captcha prüfen
if ($set['main']['tellcaptcha'] && !$user->info['userid']) {
require BASEDIR . 'lib/class.captcha.php';
$captcha = new captcha();
$captchafailed = $captcha->check();
}
if ($captchafailed) {
message($apx->lang->get('MSG_WRONGCODE'), 'javascript:history.back()');
} elseif (!$_POST['username'] || !$_POST['email'] || !$_POST['toemail'] || !$_POST['subject'] || !$_POST['text']) {
message('back');
} elseif (!checkmail($_POST['email']) || !checkmail($_POST['toemail'])) {
message($apx->lang->get('MSG_MAILNOTVALID'), 'back');
} else {
$goto = HTTP . $set['forum']['directory'] . '/' . mkrellink('thread.php?id=' . $threadinfo['threadid'], 'thread,' . $threadinfo['threadid'] . ',1' . urlformat($threadinfo['title']) . '.html');
mail($_POST['toemail'], $_POST['subject'], $_POST['text'], 'From: ' . $_POST['username'] . '<' . $_POST['email'] . '>');
message($apx->lang->get('MSG_OK'), $goto);
}
} else {
$url = HTTP . $set['forum']['directory'] . '/' . mkrellink('thread.php?id=' . $threadinfo['threadid'], 'thread,' . $threadinfo['threadid'] . ',1' . urlformat($threadinfo['title']) . '.html');
//Captcha erstellen
if ($set['main']['tellcaptcha'] && !$user->info['userid']) {
require BASEDIR . 'lib/class.captcha.php';
$captcha = new captcha();
$captchacode = $captcha->generate();
}
$apx->tmpl->assign('POSTTO', $_SERVER['REQUEST_URI']);
/** update a crontab,
* @return boolean TRUE if the crontab has been edited
*/
private function _update_one($url, $user, $password, $email, $schedule, $id = null)
{
global $db, $err, $quota, $cuid;
$err->log("cron", "update_one");
if (empty($url) && !is_null($id)) {
return $this->delete_one($id);
}
if (filter_var($url, FILTER_VALIDATE_URL) === false) {
$err->raise("cron", _("URL not valid"));
return false;
}
$url = urlencode($url);
$user = urlencode($user);
if (empty($user)) {
$password = '';
}
$password = urlencode($password);
//@todo remove checkmail cf functions.php
if (!empty($email) && !checkmail($email) == 0) {
$err->raise("cron", _("Email address is not valid"));
return false;
}
$email = urlencode($email);
if (!$this->valid_schedule($schedule)) {
return false;
}
if (is_null($id)) {
// if a new insert, quotacheck
$q = $quota->getquota("cron");
if ($q["u"] >= $q["t"]) {
$err->raise("cron", _("You quota of cron entries is over. You cannot create more cron entries"));
return false;
}
} else {
// if not a new insert, check the $cuid
$db->query("SELECT uid FROM cron WHERE id = {$id};");
if (!$db->next_record()) {
return "false";
}
// return false if pb
if ($db->f('uid') != $cuid) {
$err->raise("cron", _("Identity problem"));
return false;
}
}
$query = "REPLACE INTO cron (id, uid, url, user, password, schedule, email) VALUES ('{$id}', '{$cuid}', '{$url}', '{$user}', '{$password}', '{$schedule}', '{$email}') ;";
return $db->query("{$query}");
}
function mail_go()
{
global $list, $options, $fromaddr;
require_once CLASS_DIR . "mail.php";
if (!checkmail($_POST["email"])) {
echo lang(166) . "<br /><br />";
} else {
$_POST["partSize"] = isset($_POST["partSize"]) & $_POST["split"] == "on" ? $_POST["partSize"] * 1024 * 1024 : FALSE;
for ($i = 0; $i < count($_POST["files"]); $i++) {
$file = $list[$_POST["files"][$i]];
if (file_exists($file["name"])) {
if (xmail("{$fromaddr}", $_POST['email'], "File " . basename($file["name"]), "File: " . basename($file["name"]) . "\r\n" . "Link: " . $file["link"] . ($file["comment"] ? "\r\nComments: " . str_replace("\\r\\n", "\r\n", $file["comment"]) : ""), $file["name"], $_POST["partSize"], $_POST["method"])) {
if ($_POST["del_ok"] && !$options['disable_deleting']) {
if (@unlink($file["name"])) {
$v_ads = " and deleted.";
unset($list[$_POST["files"][$i]]);
} else {
$v_ads = ", but <b>not deleted!</b>";
}
} else {
$v_ads = " !";
}
echo '<script type="text/javascript">' . "<!--\r\nmail('File <b>" . basename($file["name"]) . "</b> it is sent for the address <b>" . $_POST["email"] . "</b>" . $v_ads . "', '" . md5(basename($file["name"])) . "');//-->\r\n</script>\r\n<br />";
} else {
echo lang(12) . "<br />";
}
} else {
printf(lang(145), $file['name']);
echo "<br /><br />";
}
}
}
}
function boxes_go()
{
global $list, $options, $fromaddr, $L;
require_once CLASS_DIR . "mail.php";
$_POST["partSize"] = isset($_POST["partSize"]) & $_POST["split"] == "on" ? $_POST["partSize"] * 1024 * 1024 : FALSE;
$v_mails = explode("\n", $_POST['emails']);
$v_min = count(count($_POST["files"]) < count($v_mails) ? $_POST["files"] : $v_mails);
for ($i = 0; $i < $v_min; $i++) {
$file = $list[$_POST["files"][$i]];
$v_mail = trim($v_mails[$i]);
if (!checkmail($v_mail)) {
echo $L->sprintf($L->say['invalid_email_addr'], $v_mail) . "<br /><br />";
} elseif (file_exists($file["name"])) {
if (xmail("{$fromaddr}", $v_mail, "File " . basename($file["name"]), "File: " . basename($file["name"]) . "\r\n" . "Link: " . $file["link"] . ($file["comment"] ? "\r\nComments: " . str_replace("\\r\\n", "\r\n", $file["comment"]) : ""), $file["name"], $_POST["partSize"], $_POST["method"])) {
if ($_POST["del_ok"] && !$options['disable_to']['act_del']) {
if (@unlink($file["name"])) {
$v_ads = " " . $L->says['_and_del'];
unset($list[$_POST["files"][$i]]);
} else {
$v_ads = ", " . $L->say['_but'] . " <b>" . $L->say['_not_del'] . "</b>";
}
} else {
$v_ads = " !";
}
echo '<script type="text/javascript">' . "mail('File <b>" . basename($file["name"]) . "</b> it is sent for the address <b>" . $v_mail . "</b>" . $v_ads . "', '" . md5(basename($file["name"])) . "');</script>\r\n<br />";
} else {
echo "<b class=\"r\">" . $L->say['error_send'] . "</b><br />";
}
} else {
echo $L->sprintf($L->say['not_found'], $file['name']) . "<br /><br />";
}
}
if (count($_POST["files"]) < count($v_mails)) {
for ($i = count($_POST["files"]); $i < count($v_mails); $i++) {
$v_mail = trim($v_mails[$i]);
echo "{$v_mail}.</b><br /><br />";
}
echo "</b><br />";
} elseif (count($_POST["files"]) > count($v_mails)) {
for ($i = count($v_mails); $i < count($_POST["files"]); $i++) {
$file = $list[$_POST["files"][$i]];
if (file_exists($file["name"])) {
echo $file["name"] . "<br /><br />";
} else {
echo $L->sprintf($L->say['not_found'], $file['name']) . "<br /><br />";
}
}
echo "<br />";
}
if ($_POST["del_ok"]) {
if (!updateListInFile($list)) {
echo $L->say['error_upd_list'] . "<br /><br />";
}
}
}
}
if ($options['ref_check']) {
check_referer();
}
// Detect if it doesn't have a protocol assigned
if (stripos($LINK, '://') === false || strtolower(substr($LINK, 0, 7)) != 'http://' && strtolower(substr($LINK, 0, 6)) != 'ftp://' && strtolower(substr($LINK, 0, 6)) != 'ssl://' && strtolower(substr($LINK, 0, 8)) != 'https://') {
// Automatically assign http://
$LINK = 'http://' . $LINK;
}
if (!empty($_GET['saveto']) && empty($_GET['path'])) {
html_error(lang(6));
}
if (empty($_GET['useproxy'])) {
$_GET['proxy'] = '';
}
if (!empty($_GET['domail']) && !checkmail($_GET['email'])) {
html_error(lang(3));
if (!empty($_GET['split']) && !is_numeric($_GET['partSize'])) {
html_error(lang(4));
}
// T-8: Check this.
}
$Url = parse_url($LINK);
$Url['scheme'] = strtolower($Url['scheme']);
$Url['path'] = empty($Url['path']) ? '/' : str_replace('%7C', '|', $Url['path']);
$LINK = rebuild_url($Url);
if (empty($_GET['referer'])) {
$Referer = $Url;
$Referer['scheme'] = strtolower($Referer['scheme']);
// Remove login from Referer
unset($Referer['user'], $Referer['pass']);
{
$sql = "SELECT count(1) FROM `mail` WHERE \n\t\t\t\tnew_mail=1 AND `to_user`='" . $_SESSION['user_id'] . "'";
$result = mysql_query($sql);
if (!$result) {
return false;
}
$row = mysql_fetch_row($result);
$retmsg = "<span id=red>(" . $row[0] . ")</span>";
mysql_free_result($result);
return $retmsg;
}
$profile = "";
if (isset($_SESSION['user_id'])) {
$sid = $_SESSION['user_id'];
$profile .= "<i class=icon-user></i><a href=./modifypage.php>{$MSG_USERINFO}</a> <a href='./userinfo.php?user={$sid}'><span id=red>{$sid}</span></a>";
$mail = checkmail();
if ($mail) {
$profile .= " <i class=icon-envelope></i><a href=./mail.php>{$mail}</a>";
}
$profile .= " <a href='./status.php?user_id={$sid}'><span id=red>Recent</span></a>";
$profile .= " <a href=./logout.php>{$MSG_LOGOUT}</a> ";
} else {
if ($OJ_WEIBO_AUTH) {
$profile .= "<a href=./login_weibo.php>{$MSG_LOGIN}(WEIBO)</a> ";
}
if ($OJ_RR_AUTH) {
$profile .= "<a href=./login_renren.php>{$MSG_LOGIN}(RENREN)</a> ";
}
if ($OJ_QQ_AUTH) {
$profile .= "<a href=./login_qq.php>{$MSG_LOGIN}(QQ)</a> ";
}
function eimport()
{
global $set, $db, $apx;
if ($_POST['catid'][0] == 'all' || !isset($_POST['catid'])) {
$_POST['catid'] = array('all');
}
if ($_POST['send'] == 1) {
$emails = explode("\n", $_POST['email']);
$emails = array_map('trim', $emails);
$wrongmails = array();
foreach ($emails as $email) {
if (!strlen($email)) {
continue;
}
if ($email && !checkmail($email)) {
$wrongmails[] = $email;
}
}
if (!checkToken()) {
infoInvalidToken();
} elseif (!$_POST['catid']) {
infoNotComplete();
} elseif ($wrongmails) {
info($apx->lang->get('INFO_WRONGSYNTAX', array('EMAILS' => implode(', ', $wrongmails))));
} else {
//Kategorien
if ($_POST['catid'][0] == 'all') {
$catids = array_keys($set['newsletter']['categories']);
} else {
$catids = array_unique(array_map('intval', $_POST['catid']));
}
foreach ($emails as $email) {
if (!strlen($email)) {
continue;
}
list($aboId) = $db->first("SELECT id FROM " . PRE . "_newsletter_emails WHERE email LIKE '" . addslashes_like($email) . "' LIMIT 1");
//Email bereits vorhanden
if ($aboId) {
foreach ($catids as $catid) {
$db->query("\n\t\t\t\t\t\t\tINSERT IGNORE INTO " . PRE . "_newsletter_emails_cat\n\t\t\t\t\t\t\t(eid, catid, active, html) VALUES\n\t\t\t\t\t\t\t('" . $aboId . "', '" . $catid . "', '1', '" . ($_POST['html'] ? true : false) . "')\n\t\t\t\t\t\t");
if ($db->affected_rows() == 0) {
$db->query("\n\t\t\t\t\t\t\t\tUPDATE " . PRE . "_newsletter_emails_cat\n\t\t\t\t\t\t\t\tSET active=1, html='" . ($_POST['html'] ? 1 : 0) . "', incode=''\n\t\t\t\t\t\t\t\tWHERE eid='" . $aboId . "' AND catid='" . $catid . "'\n\t\t\t\t\t\t\t\tLIMIT 1\n\t\t\t\t\t\t\t");
}
}
} else {
$db->query("INSERT INTO " . PRE . "_newsletter_emails (email) VALUES ('" . addslashes($email) . "')");
$nid = $db->insert_id();
foreach ($catids as $catid) {
$db->query("\n\t\t\t\t\t\t\tINSERT INTO " . PRE . "_newsletter_emails_cat\n\t\t\t\t\t\t\t(eid, catid, active, html) VALUES\n\t\t\t\t\t\t\t('" . $nid . "', '" . $catid . "', '1', '" . ($_POST['html'] ? true : false) . "')\n\t\t\t\t\t\t");
}
}
logit('NEWSLETTER_EADD', 'ID #' . $nid);
}
logit('NEWSLETTER_EIMPORT');
printJSRedirect(get_index('newsletter.eshow'));
}
} else {
//Kategorien
$catinfo = $set['newsletter']['categories'];
asort($catinfo);
$catlist = '<option value="all"' . iif($_POST['catid'][0] == 'all', 'selected="selected"') . ' style="font-weight:bold;">' . $apx->lang->get('ALL') . '</option>';
foreach ($catinfo as $id => $name) {
$catlist .= '<option value="' . $id . '"' . iif(in_array($id, $_POST['catid']), 'selected="selected"') . '>' . replace($name) . '</option>';
}
$apx->tmpl->assign('CATLIST', $catlist);
$apx->tmpl->assign('EMAIL', '');
$apx->tmpl->assign('HTML', 0);
$apx->tmpl->parse('eimport');
}
}
