Example #1
0
function data()
{
    checktoken();
    global $db;
    $usertable = TABLE_PREFIX . DB_USERTABLE;
    $usertable_username = DB_USERTABLE_NAME;
    $usertable_userid = DB_USERTABLE_USERID;
    $response = array();
    $messages = array();
    $criteria = "cometchat.id > '" . mysql_real_escape_string($_POST['timestamp']) . "' and ";
    $criteria2 = 'desc';
    if (empty($_POST['timestamp'])) {
        $criteria = '';
        $criteria2 = 'desc limit 20';
    }
    $sql = "select cometchat.id, cometchat.from, cometchat.to, cometchat.message, cometchat.sent, cometchat.read, f.{$usertable_username} fromu, t.{$usertable_username} tou from cometchat, {$usertable} f, {$usertable} t where {$criteria} f.{$usertable_userid} = cometchat.from and t.{$usertable_userid} = cometchat.to order by cometchat.id {$criteria2}";
    $query = mysql_query($sql);
    $timestamp = $_POST['timestamp'];
    while ($chat = mysql_fetch_array($query)) {
        if (function_exists('processName')) {
            $chat['fromu'] = processName($chat['fromu']);
            $chat['tou'] = processName($chat['tou']);
        }
        $time = date('g:iA M dS', $chat['sent']);
        array_unshift($messages, array('id' => $chat['id'], 'from' => $chat['from'], 'to' => $chat['to'], 'fromu' => $chat['fromu'], 'tou' => $chat['tou'], 'message' => $chat['message'], 'time' => $time));
        if ($chat['id'] > $timestamp) {
            $timestamp = $chat['id'];
        }
    }
    $response['timestamp'] = $timestamp;
    if (!empty($messages)) {
        $response['messages'] = $messages;
    }
    header('Content-type: application/json; charset=utf-8');
    echo json_encode($response);
    exit;
}
function searchlogs()
{
    checktoken();
    global $usertable_userid;
    global $usertable_username;
    global $usertable;
    global $navigation;
    global $body;
    $username = $_POST['susername'];
    if (empty($username)) {
        // Base 64 Encoded
        $username = '******';
    }
    $sql = "select {$usertable_userid} id, {$usertable_username} username from {$usertable} where {$usertable_username} LIKE '%" . mysql_real_escape_string(sanitize_core($username)) . "%'";
    $query = mysql_query($sql);
    $userslist = '';
    while ($user = mysql_fetch_array($query)) {
        if (function_exists('processName')) {
            $user['username'] = processName($user['username']);
        }
        $userslist .= '<li class="ui-state-default"><span style="font-size:11px;float:left;margin-top:2px;margin-left:5px;">' . $user['username'] . ' - ' . $user['id'] . '</span><div style="clear:both"></div></li>';
    }
    $body = <<<EOD
\t{$navigation}

\t<div id="rightcontent" style="float:left;width:720px;border-left:1px dotted #ccc;padding-left:20px;">
\t\t<h2>Search results</h2>
\t\t<h3>Please find the user id next to each username. <a href="?module=chatrooms&action=finduser">Click here to search again</a></h3>

\t\t<div>
\t\t\t<ul id="modules_logs">
\t\t\t\t{$userslist}
\t\t\t</ul>
\t\t</div>

\t\t<div style="clear:both;padding:7.5px;"></div>
\t</div>

\t<div style="clear:both"></div>

EOD;
    template();
}
function checkfile($p_path, $p_file, $p_quiet = false)
{
    if (!$p_quiet) {
        echo "Testing language file '{$p_file}' (phase 1)...<br />";
        flush();
    }
    $file = $p_path . $p_file;
    set_error_handler('lang_error_handler');
    $result = checktoken($file, $p_file == STRINGS_ENGLISH);
    restore_error_handler();
    if (!$result) {
        print_error("Language file '{$p_file}' failed at phase 1.", 'FAILED');
        if ($p_quiet) {
            return false;
        }
    }
    if (!$p_quiet) {
        echo "Testing language file '{$p_file}' (phase 2)...<br />";
        flush();
    } else {
        return true;
    }
    set_error_handler('lang_error_handler');
    ob_start();
    $result = eval("require_once( '{$file}' );");
    $data = ob_get_contents();
    ob_end_clean();
    restore_error_handler();
    if ($result === false) {
        print_error("Language file '{$p_file}' failed at eval", 'FAILED');
        if ($p_quiet) {
            return false;
        }
    }
    if (!empty($data)) {
        print_error("Language file '{$p_file}' failed at require_once (data output: " . var_export($data, true) . ")", 'FAILED');
        if ($p_quiet) {
            return false;
        }
    }
    return true;
}
Example #4
0
function uploadthemeprocess()
{
    checktoken();
    global $db;
    global $body;
    global $trayicon;
    global $navigation;
    global $themes;
    $extension = '';
    $error = '';
    if (!empty($_FILES["file"]["size"])) {
        if ($_FILES["file"]["error"] > 0) {
            $error = "Theme corrupted. Please try again.";
        } else {
            if (file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $_FILES["file"]["name"])) {
                unlink(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $_FILES["file"]["name"]);
            }
            if (!move_uploaded_file($_FILES["file"]["tmp_name"], dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $_FILES["file"]["name"])) {
                $error = "Unable to copy to temp folder. Please CHMOD temp folder to 777.";
            }
        }
    } else {
        $error = "Theme not found. Please try again.";
    }
    if (!empty($error)) {
        $_SESSION['cometchat']['error'] = $error;
        header("Location: ?module=themes&action=uploadtheme");
        exit;
    }
    require_once 'pclzip.lib.php';
    $filename = $_FILES['file']['name'];
    $archive = new PclZip(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $_FILES["file"]["name"]);
    if ($archive->extract(PCLZIP_OPT_PATH, dirname(dirname(__FILE__))) == 0) {
        $error = "Unable to unzip archive. Please upload the contents of the zip file to themes folder.";
    }
    if (!empty($error)) {
        $_SESSION['cometchat']['error'] = $error;
        header("Location: ?module=themes&action=uploadtheme");
        exit;
    }
    unlink(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $_FILES["file"]["name"]);
    header("Location: ?module=themes");
    exit;
}
function newannouncementprocess()
{
    checktoken();
    $announcement = $_POST['announcement'];
    $zero = '0';
    if ($_POST['sli'] == 0) {
        $zero = '-1';
    }
    $sql = "insert into cometchat_announcements (announcement,time,`to`) values ('" . mysql_real_escape_string($announcement) . "', '" . getTimeStamp() . "','" . $zero . "')";
    $query = mysql_query($sql);
    header("Location: ?module=announcements");
}
Example #6
0
     setmsg(t("No such package defined."), 'warning', 'package.php');
 }
 $op = $_REQUEST['op'];
 if (checktoken() && 'remove' == $op) {
     if (ZPackage::removePackage($id)) {
         setmsg(t('Package Removed.'), 'notice');
     }
 }
 if (checktoken() && 'suspend' == $_REQUEST['op']) {
     if (ZPackage::suspendPackage($id, !intval($_REQUEST['suspend']))) {
         setmsg('', 'notice');
     } else {
         setmsg(t('Error'));
     }
 }
 if (checktoken() && 'edit' == $op) {
     $package = array();
     $package['name'] = strip_tags($_REQUEST['name']);
     $package['desc'] = strip_tags($_REQUEST['desc']);
     $package['space'] = $_REQUEST['space'];
     $package['bandwidth'] = $_REQUEST['bandwidth'];
     $package['site'] = intval($_REQUEST['site']);
     $package['ftp'] = intval($_REQUEST['ftp']);
     $package['sql'] = intval($_REQUEST['sql']);
     $package['state'] = intval($_REQUEST['state']);
     $package['updated'] = date('Y-m-d H:i:s');
     if (ZPackage::updatePackage($id, $package)) {
         setmsg(t("Package Updated."), 'notice', 'package.php');
     }
 }
 break;
Example #7
0
function createmoduleprocess()
{
    checktoken();
    $extension = '';
    $error = '';
    $modulename = createslug($_POST['title'], true);
    if ($_FILES["file"]["type"] == "image/gif" || $_FILES["file"]["type"] == "image/jpeg" || $_FILES["file"]["type"] == "image/pjpeg" || $_FILES["file"]["type"] == "image/png") {
        if ($_FILES["file"]["error"] > 0) {
            $error = "Module icon incorrect. Please try again.";
        } else {
            if (file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $modulename)) {
                unlink(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $modulename);
            }
            $extension = extension($_FILES["file"]["name"]);
            if (!move_uploaded_file($_FILES["file"]["tmp_name"], dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $modulename)) {
                $error = "Unable to copy to temp folder. Please CHMOD temp folder to 777.";
            }
        }
    } else {
        $error = "Module icon not found. Please try again.";
    }
    if (empty($_POST['title'])) {
        $error = "Module title is empty. Please try again.";
    }
    if (empty($_POST['link'])) {
        $error = "Module link is empty. Please try again.";
    }
    if (!empty($error)) {
        $_SESSION['cometchat']['error'] = $error;
        header("Location: ?module=modules&action=createmodule");
        exit;
    }
    mkdir(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'modules' . DIRECTORY_SEPARATOR . $modulename);
    copy(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $modulename, dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'modules' . DIRECTORY_SEPARATOR . $modulename . DIRECTORY_SEPARATOR . 'icon.png');
    unlink(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . "temp" . DIRECTORY_SEPARATOR . $modulename);
    $code = "\$trayicon[] = array('" . $modulename . "','" . addslashes(addslashes(addslashes(str_replace('"', '', $_POST['title'])))) . "','" . $_POST['link'] . "','" . $_POST['type'] . "','" . $_POST['width'] . "','" . $_POST['height'] . "','','');";
    configeditor('ICONS', $code, 1);
    header("Location:?module=modules");
}
$nowTimestamp = $date->getTimestamp();
$date->modify('first day of next month');
$et = $date->getTimestamp() - 300;
//cuối tháng chọn in timespan format
//$et = strtotime('first day of next month'))-300;
$datestring = $tmp . ' first day of last month';
$dt = date_create($datestring);
$lastmon = $dt->format('Y-m-d');
$lastmonthstr = explode('-', $lastmon);
//echo '<pre>'; print_r($lastmonthstr);
$lmstr = (int) $lastmonthstr[0] . '-' . (int) $lastmonthstr[1];
//tháng trước in Y-m format
//echo $st.' == '.$et.'  ==  '.$lmstr; exit();
CONNECT_DB();
mysql_query("SET NAMES utf8");
$checktoken = checktoken($userid, $token);
if (!$checktoken) {
    die('404');
}
$data['dauky'] = null;
$data['cuoiky'] = null;
/*
 *	Khởi tạo giá trị confirm ban đầu, nếu tồn tại thì rewrite lại confirm
 */
$confirminfo = array('month' => '', 'sub_confirm' => 0, 'pc_confirm' => 0, 'fullname_sub_confirm' => '', 'fullname_pc_confirm' => '', 'date_pc_confirm' => '', 'date_confirm' => '', 'edit_date_confirm' => '', 'edit_count' => 0);
//tạm ẩn đi để xem nguồn h1 lấy ở đâu
$data['confirminfo'] = $confirminfo;
/*
 *	Lây các thông số unit, số sau dấu phẩy, hệ số nhân, hệ số tổn thất ĐZ của meter
 */
$unitmeter = 0;
Example #9
0
function addchatroomplugin()
{
    checktoken();
    global $crplugins;
    if (!empty($_GET['data'])) {
        $plugindata = '$crplugins = array(';
        foreach ($crplugins as $plugin) {
            $plugindata .= "'{$plugin}',";
        }
        $plugindata .= "'{$_GET['data']}',";
        $plugindata = substr($plugindata, 0, -1) . ');';
        configeditor('CHATROOMPLUGINS', $plugindata);
    }
    header("Location:?module=plugins&action=chatroomplugins");
}
Example #10
0
function getlanguage($lang)
{
    checktoken();
    global $db;
    global $body;
    global $trayicon;
    global $navigation;
    $filestoedit = array("" => "", "i" => "i", "m" => "m", "desktop" => "desktop");
    if ($handle = opendir(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'modules')) {
        while (false !== ($file = readdir($handle))) {
            if ($file != "." && $file != ".." && is_dir(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'modules' . DIRECTORY_SEPARATOR . $file) && file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'modules' . DIRECTORY_SEPARATOR . $file . DIRECTORY_SEPARATOR . 'code.php') && file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'modules' . DIRECTORY_SEPARATOR . $file . DIRECTORY_SEPARATOR . 'lang' . DIRECTORY_SEPARATOR . 'en.php')) {
                $filestoedit["modules" . DIRECTORY_SEPARATOR . $file] = $file;
            }
        }
        closedir($handle);
    }
    if ($handle = opendir(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'plugins')) {
        while (false !== ($file = readdir($handle))) {
            if ($file != "." && $file != ".." && is_dir(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR . $file) && file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR . $file . DIRECTORY_SEPARATOR . 'code.php') && file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'plugins' . DIRECTORY_SEPARATOR . $file . DIRECTORY_SEPARATOR . 'lang' . DIRECTORY_SEPARATOR . 'en.php')) {
                $filestoedit["plugins" . DIRECTORY_SEPARATOR . $file] = $file;
            }
        }
        closedir($handle);
    }
    if ($handle = opendir(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'extensions')) {
        while (false !== ($file = readdir($handle))) {
            if ($file != "." && $file != ".." && is_dir(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'extensions' . DIRECTORY_SEPARATOR . $file) && file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'extensions' . DIRECTORY_SEPARATOR . $file . DIRECTORY_SEPARATOR . 'code.php') && file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'extensions' . DIRECTORY_SEPARATOR . $file . DIRECTORY_SEPARATOR . 'lang' . DIRECTORY_SEPARATOR . 'en.php')) {
                $filestoedit["extensions" . DIRECTORY_SEPARATOR . $file] = $file;
            }
        }
        closedir($handle);
    }
    $data = '<?php ' . "\r\n" . '// CometChat Language File - ' . $lang . "\r\n" . "\r\n";
    foreach ($filestoedit as $name => $file) {
        if (empty($name)) {
            $namews = $name;
        } else {
            $namews = $name . '/';
        }
        if (file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . $namews . 'lang' . DIRECTORY_SEPARATOR . 'en.php')) {
            if (file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . $namews . 'lang' . DIRECTORY_SEPARATOR . $lang . '.php')) {
                if (!empty($file)) {
                    $file .= '_';
                }
                $array = $file . 'language';
                $file = dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . $namews . 'lang' . DIRECTORY_SEPARATOR . $lang . '.php';
                $fh = fopen($file, 'r');
                $readdata = @fread($fh, filesize($file));
                fclose($fh);
                $data .= '$file["' . $name . '"]=\'' . base64_encode($readdata) . '\';' . "\r\n\r\n";
            }
        }
    }
    $data .= ' ?>';
    return $data;
}
Example #11
0
function viewuserconversation()
{
    checktoken();
    global $db;
    global $body;
    global $trayicon;
    global $navigation;
    global $usertable_userid;
    global $usertable_username;
    global $usertable;
    $userid = $_GET['data'];
    $userid2 = $_GET['data2'];
    $sql = "select {$usertable_username} username from {$usertable} where {$usertable_userid} = '" . mysql_real_escape_string($userid) . "'";
    $query = mysql_query($sql);
    $usern = mysql_fetch_array($query);
    $sql = "select {$usertable_username} username from {$usertable} where {$usertable_userid} = '" . mysql_real_escape_string($userid2) . "'";
    $query = mysql_query($sql);
    $usern2 = mysql_fetch_array($query);
    $sql = "(select m.*  from cometchat m where  (m.from = '" . mysql_real_escape_string($userid) . "' and m.to = '" . mysql_real_escape_string($userid2) . "') or (m.to = '" . mysql_real_escape_string($userid) . "' and m.from = '" . mysql_real_escape_string($userid2) . "'))\n\torder by id desc";
    $query = mysql_query($sql);
    $userslist = '';
    while ($chat = mysql_fetch_array($query)) {
        $time = date('g:iA M dS', $chat['sent']);
        if ($userid == $chat['from']) {
            $dir = '>';
        } else {
            $dir = '<';
        }
        $userslist .= '<li class="ui-state-default"><span style="font-size:11px;float:left;margin-top:2px;margin-left:0px;width:10px;margin-right:10px;color:#fff;background-color:#333;padding:0px;-moz-border-radius:5px;-webkit-border-radius:5px;"><b>' . $dir . '</b></span><span style="font-size:11px;float:left;margin-top:2px;margin-left:5px;width:560px;">&nbsp; ' . $chat['message'] . '</span><span style="font-size:11px;float:right;width:100px;overflow:hidden;margin-top:2px;margin-left:10px;">' . $time . '</span><div style="clear:both"></div></li>';
    }
    if (function_exists('processName')) {
        $usern['username'] = processName($usern['username']);
        $usern2['username'] = processName($usern2['username']);
    }
    $body = <<<EOD
\t{$navigation}
\t<form action="?module=logs&action=newlogprocess" method="post" enctype="multipart/form-data">
\t<div id="rightcontent" style="float:left;width:720px;border-left:1px dotted #ccc;padding-left:20px;">
\t\t<h2>Log between {$usern['username']} and {$usern2['username']}</h2>
\t\t<h3>To see other conversations of {$usern['username']}, <a href="?module=logs&action=viewuser&data={$userid}">click here</a></h3>

\t\t<div>
\t\t\t<ul id="modules_logslong">
\t\t\t\t{$userslist}
\t\t\t</ul>
\t\t</div>
\t</div>

\t<div style="clear:both"></div>

EOD;
    template();
}
Example #12
0
function action_checktokens()
{
    #  -- CHECKTOKENS --
    # validate callsigns and tokens (clears tokens)
    global $link, $checktokens, $groups;
    debug("  :::::  ", 2);
    if ($checktokens != '') {
        function remove_empty($value)
        {
            return empty($value) ? false : true;
        }
        $garray = array_filter(explode("\r\n", $groups), 'remove_empty');
        foreach (array_filter(explode("\r\n", $checktokens), 'remove_empty') as $checktoken) {
            list($callsign, $rest) = explode('@', $checktoken);
            if ($rest) {
                list($ip, $token) = explode('=', $rest);
            } else {
                $ip = '';
                list($callsign, $token) = explode('=', $checktoken);
            }
            if ($token) {
                checktoken($callsign, $ip, $token, $garray);
            }
        }
    }
}
Example #13
0
     $dbhost = $host;
     // overwrites the global $dbhost
     // create user
     if (ZDatabase::addmysqluser($user)) {
         $sql = "DROP USER '{$user}'@'{$old_host}'";
         $res = mysql_query($sql);
         if (!$res) {
             setmsg(mysql_error());
             break;
         }
         setmsg(t('Updated.'), 'notice');
     } else {
         setmsg(t('Database Error. ') . mysql_error(), 'error');
     }
 }
 if (checktoken() && ('deluser' == $op || 'remove' == $op)) {
     $deldb = isset($_REQUEST['deldb']);
     $host = $_REQUEST['host'];
     $host || ($host = 'localhost');
     $user = $name;
     // delete user
     $sql = "DROP USER '{$user}'@'{$host}'";
     $res = mysql_query($sql);
     if (!$res) {
         setmsg(mysql_error());
         break;
     }
     if ($deldb) {
         foreach ($databases as $dbname) {
             $sql = "DROP DATABASE `{$dbname}`;";
             $res = mysql_query($sql);
Example #14
0
function newchatroomprocess()
{
    checktoken();
    $chatroom = $_POST['chatroom'];
    $type = $_POST['type'];
    $password = $_POST['ppassword'];
    if (!empty($password) && ($type == 1 || $type == 2)) {
        $password = md5($password);
    } else {
        $password = '';
    }
    $sql = "insert into cometchat_chatrooms (name,createdby,lastactivity,password,type) values ('" . mysql_real_escape_string(sanitize_core($chatroom)) . "', '0','" . getTimeStamp() . "','" . mysql_real_escape_string($password) . "','" . mysql_real_escape_string($type) . "')";
    $query = mysql_query($sql);
    header("Location: ?module=chatrooms");
}
Example #15
0
function data()
{
    if (USE_COMET == 1 && SAVE_LOGS == 0) {
        echo 0;
    } else {
        checktoken();
        global $db;
        global $guestsMode;
        global $guestnamePrefix;
        $usertable = TABLE_PREFIX . DB_USERTABLE;
        $usertable_username = DB_USERTABLE_NAME;
        $usertable_userid = DB_USERTABLE_USERID;
        $guestpart = "";
        $criteria = "cometchat.id > '" . mysql_real_escape_string($_POST['timestamp']) . "' and ";
        $criteria2 = 'desc';
        if ($guestsMode) {
            $guestpart = "UNION (select cometchat.id id, cometchat.from, cometchat.to, cometchat.message, cometchat.sent, cometchat.read,CONCAT('{$guestnamePrefix}',' ',f.name) fromu, CONCAT('{$guestnamePrefix}',' ',t.name) tou from cometchat, cometchat_guests f, cometchat_guests t where {$criteria} f.id = cometchat.from and t.id = cometchat.to) UNION (select cometchat.id id, cometchat.from, cometchat.to, cometchat.message, cometchat.sent, cometchat.read, f." . $usertable_username . " fromu, CONCAT('{$guestnamePrefix}',' ',t.name) tou from cometchat, " . $usertable . " f, cometchat_guests t where {$criteria} f." . $usertable_userid . " = cometchat.from and t.id = cometchat.to) UNION (select cometchat.id id, cometchat.from, cometchat.to, cometchat.message, cometchat.sent, cometchat.read, CONCAT('{$guestnamePrefix}',' ',f.name) fromu, t." . $usertable_username . " tou from cometchat, cometchat_guests f, " . $usertable . " t where {$criteria} f.id = cometchat.from and t." . $usertable_userid . " = cometchat.to) ";
        }
        $response = array();
        $messages = array();
        if (empty($_POST['timestamp'])) {
            $criteria = '';
            $criteria2 = 'desc limit 20';
        }
        $sql = "(select cometchat.id id, cometchat.from, cometchat.to, cometchat.message, cometchat.sent, cometchat.read, f.{$usertable_username} fromu, t.{$usertable_username} tou from cometchat, {$usertable} f, {$usertable} t where {$criteria} f.{$usertable_userid} = cometchat.from and t.{$usertable_userid} = cometchat.to ) " . $guestpart . " order by id {$criteria2}";
        $query = mysql_query($sql);
        $timestamp = $_POST['timestamp'];
        while ($chat = mysql_fetch_array($query)) {
            if (function_exists('processName')) {
                $chat['fromu'] = processName($chat['fromu']);
                $chat['tou'] = processName($chat['tou']);
            }
            $time = date('g:iA M dS', $chat['sent']);
            array_unshift($messages, array('id' => $chat['id'], 'from' => $chat['from'], 'to' => $chat['to'], 'fromu' => $chat['fromu'], 'tou' => $chat['tou'], 'message' => $chat['message'], 'time' => $time));
            if ($chat['id'] > $timestamp) {
                $timestamp = $chat['id'];
            }
        }
        $response['timestamp'] = $timestamp;
        $response['online'] = onlineusers();
        if (!empty($messages)) {
            $response['messages'] = $messages;
        }
        header('Content-type: application/json; charset=utf-8');
        echo json_encode($response);
    }
    exit;
}
Example #16
0
    if (!checktoken($args['user_id'], $args['token'])) {
        //request not authorised
        $newresponse = $newresponse->withStatus(401);
        //return $newresponse;
        return $newresponse;
    }
    $tmp = json_encode(scandirectory("."));
    $newresponse->getBody()->write($tmp);
    return $newresponse;
});
//API function:GET:Download specific file
$app->get('/getfile/{id}/{token}/{user_id}', function (Request $request, Response $response, $args) use($app) {
    //set output header: content-type
    $newresponse = $response->withHeader('Content-type', 'application/json');
    //check if token is expired or invalid
    if (!checktoken($args['user_id'], $args['token'])) {
        //request not authorised
        $newresponse = $newresponse->withStatus(401);
        //return $newresponse;
        return $newresponse;
    }
    //id is id of file from database
    //here you should put functionality for getting file path from database by id
    $filepath = "./download/test.jpg";
    //setting test value
    //set output headers
    //content headers
    $newresponse = $newresponse->withHeader('Content-type', 'application/octet-stream');
    //rewriting content type from application/json to application/octet-stream for sending file
    $newresponse = $newresponse->withHeader('Content-Description', 'File Transfer');
    $newresponse = $newresponse->withHeader('Content-Disposition', 'attachment; filename=' . basename($filepath));
Example #17
0
function addextension()
{
    checktoken();
    global $extensions;
    if (!empty($_GET['data'])) {
        $extensiondata = '$extensions = array(';
        foreach ($extensions as $extension) {
            $extensiondata .= "'{$extension}',";
        }
        $extensiondata .= "'{$_GET['data']}',";
        $extensiondata = substr($extensiondata, 0, -1) . ');';
        configeditor('EXTENSIONS', $extensiondata);
    }
    header("Location:?module=extensions");
}
Example #18
0
function updateorder()
{
    checktoken();
    if (!empty($_POST['order'])) {
        $extensiondata = '$extensions = array(';
        $extensiondata .= $_POST['order'];
        $extensiondata = substr($extensiondata, 0, -1) . ');';
        configeditor('EXTENSIONS', $extensiondata);
    } else {
        $extensiondata = '$extensions = array();';
        configeditor('EXTENSIONS', $extensiondata);
    }
    echo "1";
}
Example #19
0
     foreach ($sites as $v) {
         chmod("/home/{$v->owner}", 0711);
         chgrp($v->root, 'www');
         chmod($v->root, 0750);
     }
     setmsg(t('saved'), 'notice');
     break;
 case 'errdoc':
     $name = preg_replace("/[^0-9a-z\\-\\.]/", '', $_REQUEST['name']);
     $do = preg_replace("/[^0-9a-z\\-\\.]/", '', $_REQUEST['do']);
     $token = token();
     $vhost = ZVhosts::getVhost($name);
     $item = intval($_REQUEST['item']);
     $doc = (in_array($item, $error_documents) ? $item : 404) . '.shtml';
     $file = "{$home}/{$vhost->owner}/{$name}/{$doc}";
     if (checktoken()) {
         $content = $_REQUEST['content'];
         $written = file_put_contents($file, $content);
         if ($written) {
             chown($file, $vhost->owner);
             chgrp($file, $vhost->owner);
             chmod($file, 0755);
             setmsg(t('Saved'), 'notice', "?task=edit&name={$name}");
         }
     }
     if ($do == 'reset') {
         $def_dir = ZH . "/data/errdoc";
         $user_dir = "{$home}/{$vhost->owner}/{$name}";
         foreach ($error_documents as $doc) {
             $docfile = intval($doc) . '.shtml';
             if (file_exists($def_dir . "/{$docfile}")) {
Example #20
0
$fullname = isset($_REQUEST['fullname']) ? $_REQUEST['fullname'] : '';
$kdstatus = (int) isset($_REQUEST['kdstatus']) ? $_REQUEST['kdstatus'] : 0;
$fullname = clean_text($fullname);
$dauky = clean_text($dauky);
$cuoiky = clean_text($cuoiky);
$token = clean_text($token);
$serial = clean_text($serial);
$month = clean_text($month);
//$userid = (int)(clean_text($userid));
//if (!checktoken($userid, $token)){die ('201')}
/*
* chưa có token
*/
CONNECT_DB();
mysql_query("SET NAMES utf8");
if (!checktoken($userid, $token)) {
    die('201');
}
function record_exist($serial, $month, $kdstatus)
{
    $sql = 'SELECT * FROM `h1_confirm` 
				WHERE `meter_serial` = "' . $serial . '" AND `month_confirm` = "' . $month . '" AND `type` = ' . $kdstatus;
    $result = mysql_query($sql) or die('500');
    $row = 0;
    while ($rows = mysql_fetch_array($result)) {
        $row = $rows['ID'];
    }
    if ($row == null || $row == '') {
        $returnvalue = 0;
    } else {
        $returnvalue = 1;
Example #21
0
function importlanguage()
{
    checktoken();
    if (!empty($_POST['data'])) {
        $lang = $_POST['data']['name'];
        $data = $_POST['data']['data'];
        $data = str_replace('<?php', '', $data);
        $data = str_replace('?>', '', $data);
        eval($data);
        if (file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'lang' . DIRECTORY_SEPARATOR . strtolower($lang) . ".php")) {
            $_SESSION['cometchat']['error'] = 'Language already exists. Please remove it and then import the language.';
        } else {
            foreach ($file as $f => $d) {
                if (!empty($f)) {
                    $f .= '/';
                }
                if (is_dir(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . $f . 'lang') && !file_exists(dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . $f . 'lang' . DIRECTORY_SEPARATOR . strtolower($lang) . ".php")) {
                    $file = dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . $f . 'lang' . DIRECTORY_SEPARATOR . strtolower($lang) . ".php";
                    $fh = fopen($file, 'w');
                    if (fwrite($fh, base64_decode($d)) === FALSE) {
                        echo "Cannot write to file ({$file})";
                        exit;
                    }
                    fclose($fh);
                    chmod($file, 0777);
                }
            }
        }
    }
    echo "1";
}
Example #22
0
/**
 * Check Language File
 *
 * @param string  $p_path  Path.
 * @param string  $p_file  File.
 * @param boolean $p_quiet Quiet output.
 * @return boolean
 */
function checkfile($p_path, $p_file, $p_quiet = false)
{
    if (!$p_quiet) {
        echo 'Testing language file \'' . $p_file . '\' (phase 1)...<br />';
        flush();
    }
    $t_file = $p_path . $p_file;
    set_error_handler('lang_error_handler');
    $t_result = checktoken($t_file, $p_file == STRINGS_ENGLISH);
    restore_error_handler();
    if (!$t_result) {
        print_error('Language file \'' . $p_file . '\' failed at phase 1.', 'FAILED');
        if ($p_quiet) {
            return false;
        }
    }
    if (!$p_quiet) {
        echo 'Testing language file \'' . $p_file . '\' (phase 2)...<br />';
        flush();
    } else {
        return true;
    }
    set_error_handler('lang_error_handler');
    ob_start();
    $t_result = eval('require_once( \'' . $t_file . '\' );');
    $t_data = ob_get_contents();
    ob_end_clean();
    restore_error_handler();
    if ($t_result === false) {
        print_error('Language file \'' . $p_file . '\' failed at eval', 'FAILED');
        if ($p_quiet) {
            return false;
        }
    }
    if (!empty($t_data)) {
        print_error('Language file \'' . $p_file . '\' failed at require_once (data output: ' . var_export($t_data, true) . ')', 'FAILED');
        if ($p_quiet) {
            return false;
        }
    }
    return true;
}