function GetDNSsecRecordsFromDnsshop($domain, $type)
{
// DNS mysql database
global $mysqli_dns;
if (!isset($mysqli_dns) || empty($mysqli_dns)) {
create_db_connection('mysqli_dns', 'dns');
}
global $mysqli_dns;
$sql = 'SELECT domains.id, domains.name, dnssec.type, dnssec.record FROM domains INNER JOIN dnssec ON (domains.id = dnssec.domainid) WHERE domains.name LIKE "' . $mysqli_dns->real_escape_string($domain) . '" AND dnssec.type LIKE "' . $mysqli_dns->real_escape_string($type) . '"';
$query = $mysqli_dns->query($sql);
if (!isset($query) || empty($query) || $query->num_rows == "0") {
return FALSE;
} else {
$num = 0;
while ($row = $query->fetch_array(MYSQLI_ASSOC)) {
$array[$num] = $row['record'];
$num++;
}
if ($num === 0) {
return FALSE;
} else {
return $array;
}
}
}
function writeDbDeleteCheck($sql)
{
if (getUserConfig('dbsynchron') != "") {
//check for delete items to play on sync
if (substr($sql, 0, 12) == "delete from ") {
$table = trim(strtok(substr($sql, 12), " "));
if ($table != "junk_items") {
$where = strtok(" ");
$where = strtok("");
$del = create_db_connection();
$del->openselect("select id from " . $table . " where " . $where);
$delids = "";
while (!$del->eof()) {
if ($delids != "") {
$delids .= ",";
}
$delids .= $del->getvalue("id");
$del->movenext();
}
$del = create_db_connection();
$del->addnew("junk_items");
$del->setvalue("fromtable", $table);
$del->setvalue("delid", $delids);
$del->setvalue("operation", 3);
$del->update();
}
}
}
}
function getNextNumberFromSql($sql, $field, $starting = '')
{
$newconn = create_db_connection();
$newconn->openselect(parseAndReplaceAll($sql));
$maxvalue = $starting;
if (!$newconn->eof()) {
$maxvalue = $newconn->getvalue($field);
$newconn->close();
}
return getNextNumber($maxvalue);
}
<?php
require_once 'lib/template_lib.php';
require_once 'lib/license_lib.php';
require_once 'lib/security_lib.php';
require_once 'lib/db_lib.php';
$serial_number = FALSE;
$registration_key = FALSE;
$db_conn = create_db_connection();
$serial_number = null;
$registration_key = null;
//verify the serial number and registration key don't contain any dangerous characters
if (isset($_POST['serial_number'])) {
if (validate_alphanumeric_pattern($_POST['serial_number'])) {
$serial_number = $_POST['serial_number'];
}
}
if (isset($_POST['registration_key'])) {
if (validate_registration_key($_POST['registration_key'])) {
$registration_key = $_POST['registration_key'];
}
}
$result = false;
if ($serial_number != null && $registration_key != null) {
//test registration key decoding
$result = DecodeRegistrationKey($serial_number, $registration_key);
if ($result !== false) {
$smarty->assign('serial_number', $result->serialNumber);
$smarty->assign('registration_key', $result->registrationKey);
if ($result->numberOfLicensesPurchased == 0) {
$smarty->assign('license_count', 'site_license');
function makecontact_execute($action, $slot)
{
global $_POST;
global $_GET;
global $_CONFIG;
require_once "config/db.php";
global $conn;
global $_local_error;
$_local_error = "";
global $_local_reloadform;
$_local_reloadform = "";
global $render_current_slot;
global $current_slots;
//mark slot on execution stack
$render_current_slot++;
$current_slots[$render_current_slot] = $slot;
if (getUserConfig("pageprotection") == "yes") {
if (isset($_POST['fprotection']) && $_POST['fprotection'] != "") {
if (isset($_GET['ajax']) && $_GET['ajax'] == 1) {
if (intval(session_getvalue("protection_page")) != intval($_POST['fprotection'])) {
$_local_error = getLT("protectionerror");
}
} else {
if (intval(session_getvalue("protection_page")) != intval($_POST['fprotection']) + 1) {
$_local_error = getLT("protectionerror");
}
}
}
}
//set default filter
$control_filter = "";
$control_name = "makecontact";
$control_table = "projectissues";
$control_id = "id";
//check for rights
if (getUserConfig('dinsec_makecontact_cando', $action) == 'no') {
$_local_error = getLT('nopermissions');
}
if (getUserConfig('dinsec_makecontact_canpost', $action) == 'no') {
$_local_error = getLT('nopermissions');
}
if (session_getvalue("blockaccess_makecontact") == "yes") {
$_local_error = getLT('nopermissions');
}
if (session_getvalue("blockaccess_projectissues") == "yes") {
$_local_error = getLT('nopermissions');
}
if ($_local_error == "") {
switch ($action) {
case 'add':
if (isset($_POST['cancel_button']) && $_POST['cancel_button'] == getLT('cancel')) {
$_local_error = 'usercanceled';
setSlotView($slot, "add");
break;
}
if ($_local_error == '') {
if (!isset($_POST['iname']) || $_POST['iname'] == '' || strip_tags($_POST['iname']) == '') {
$_local_error .= getLT('iname') . ' ' . getLT('shouldbefilled');
}
}
if ($_local_error == '') {
if (!isset($_POST['iemail']) || $_POST['iemail'] == '' || strip_tags($_POST['iemail']) == '') {
$_local_error .= getLT('iemail') . ' ' . getLT('shouldbefilled');
}
}
if ($_local_error == '') {
if (!isset($_POST['icontactname']) || $_POST['icontactname'] == '' || strip_tags($_POST['icontactname']) == '') {
$_local_error .= getLT('icontactname') . ' ' . getLT('shouldbefilled');
}
}
if ($_local_error == '') {
if (!isset($_POST['useraddress'])) {
$_local_error .= getLT('javascript?');
} else {
$ab_def = strtok($_POST['useraddress'], "-");
$ab_test = $ab_def . '-' . number_format(floatVal($ab_def . '.12') * 0.34, 4, '.', '');
if ($ab_test !== $_POST['useraddress']) {
$_local_error .= getLT('antiboterror?');
}
}
}
if ($_local_error == "") {
$conn->addnew($control_table);
$conn->setvalue('iname', correctPostValue($_POST['iname']));
$conn->setvalue('iemail', correctPostValue($_POST['iemail']));
$conn->setvalue('icontactname', correctPostValue($_POST['icontactname']));
$html = correctPostValue($_POST['idesc']);
$html = str_ireplace("<script", "[script", $html);
$html = str_ireplace("<link", "[link", $html);
$html = str_ireplace("<style", "[style", $html);
$conn->setvalue('idesc', $html);
$conn->setvalue('projectid', $_CONFIG['projectid']);
$conn->setvalue('idate', date("Y-m-d H:i:s"));
$id = $conn->update();
if ($id != "") {
session_addvalue($slot . '_info', getLT('wblank'));
session_setvalue($slot . "_viewid", $id);
setSlotView($slot, "add");
} else {
$_local_error = getLT('unableadd');
break;
}
}
case 'sendemail':
if (isset($_POST['cancel_button']) && $_POST['cancel_button'] == getLT('cancel')) {
$_local_error = 'usercanceled';
break;
}
if ($_local_error == "") {
ob_start();
require_once "config/htmlreport.php";
require_once "config/templates.php";
require_once "config/mail.php";
global $_templates;
require_once "config/utils.php";
$_control_replace_sql = "parseAndReplaceAll";
$pdf = new HtmlReport("");
$emailbody = ob_get_contents();
ob_end_clean();
$emailbody = html_entity_decode($emailbody);
$emailsubject = getLT('emailcontact');
global $mails_sql_conn;
$mails_sql_conn = create_db_connection();
$mails_sql_conn->openselect($_control_replace_sql("select pemails as email from projects where id=0[config.projectid]"));
$noemail = false;
if ($mails_sql_conn->eof()) {
$noemail = true;
}
while (!$mails_sql_conn->eof()) {
$mailman = createMailObject();
$mailman->IsHTML(true);
$emailto = $mails_sql_conn->getvalue("email");
$emailreply = "";
$emailbcc = "";
$emailcc = "";
$emailfrom = "";
$emailbody = getFileContent(getFilePathFor('html', 'makecontact'));
require_once "config/utils.php";
$emailbody = parseAndReplaceAll($emailbody);
$emailreply = correctPostValue($_POST["iemail"]);
$mailman->Body = $emailbody;
$mailman->Subject = $emailsubject;
$mailman->ClearAddresses();
$mailman->AddAddress($emailto);
if ($emailbcc != "") {
$mailman->AddBCC($emailbcc);
}
if ($emailcc != "") {
$mailman->AddCC($emailcc);
}
if ($emailfrom != "") {
$mailman->FromName = "";
$mailman->From = $emailfrom;
}
if ($emailreply != '') {
$mailman->AddReplyTo($emailreply);
}
$mailman->send();
$mails_sql_conn->movenext();
}
$mails_sql_conn->close();
if ($noemail) {
session_addvalue($slot . '_error', getLT('noemailfound'));
} else {
session_addvalue($slot . '_info', getLT('yourmessageissent'));
}
}
break;
default:
//$_local_error="slot:".$slot." unknown post action: ".$action;
setSlotView($slot, "");
break;
}
}
if (isset($_POST['cancel_button']) && $_POST['cancel_button'] == getLT('cancel')) {
//if($_local_error!="") session_addvalue($slot.'_error',getLT($_local_error));
$_local_error = '';
} else {
if ($_local_reloadform != "" || $_local_error != "" || $action == "justreloadform") {
//save post for later use
foreach ($_POST as $key => $val) {
if (is_array($val)) {
session_setvalue('savedpost_makecontact_' . $key, correctPostValue(implode(",", str_replace(',', ' ', $_POST[$key]))));
} else {
session_setvalue('savedpost_makecontact_' . $key, correctPostValue($val));
}
}
if ($_local_error != "") {
session_addvalue($slot . '_error', $_local_error);
}
}
}
$render_current_slot--;
return $_local_error;
}
function stream_do_action_toevoegen($account, $admin = 2)
{
global $lang;
global $stream_bitrates;
global $stream_host_poorten;
global $mysqli;
if (!isset($mysqli) || empty($mysqli)) {
create_db_connection('mysqli', 'central');
}
global $mysqli;
$bitrate = FALSE;
$host = FALSE;
$poort = FALSE;
$admin_user = FALSE;
$admin_pass = FALSE;
$name = FALSE;
$max_listeners = FALSE;
foreach ($stream_bitrates as $type) {
if (get_value_post('bitrate') == $type) {
$bitrate = $type;
}
}
$post_port = get_value_post('poort');
if ($post_port !== FALSE) {
$post_port2 = explode(':', $post_port);
foreach ($stream_host_poorten as $hostname => $ports) {
if ($post_port2[0] == $hostname) {
foreach ($ports as $port) {
if ($post_port2[1] == $port) {
$sql = 'SELECT * FROM `stream_streams` WHERE `host` LIKE "' . $mysqli->real_escape_string($hostname) . '" AND `poort` LIKE "' . $mysqli->real_escape_string($port) . '" LIMIT 1';
$query = $mysqli->query($sql);
if (!isset($query) || empty($query) || $query->num_rows == "0") {
$poort = $port;
$host = $hostname;
}
}
}
}
}
}
$admin_user = get_value_post('admin_user');
$admin_pass = get_value_post('admin_pass');
$name = get_value_post('name');
$max_listeners = get_value_post('max_listeners');
$genre = get_value_post('genre');
$description = get_value_post('description');
$url = get_value_post('url');
$source_pass = get_value_post('source_pass');
$relay_pass = get_value_post('relay_pass');
$mountpoint = get_value_post('mountpoint');
$master_server = get_value_post('master_server');
$master_port = get_value_post('master_port');
$master_user = get_value_post('master_user');
$master_pass = get_value_post('master_pass');
$ftp_pass = get_value_post('ftp_pass');
$streamtype = get_value_post('streamtype');
$shoutcastkey = get_value_post('shoutcastkey');
if ($bitrate === FALSE || $host === FALSE || $poort === FALSE || $admin_user === FALSE || $admin_pass === FALSE || $name === FALSE || $max_listeners === FALSE) {
$html = '<br /><br />' . $lang->translate(929) . '<br /><br />';
} else {
$availablelisteners = pakketten_get_value_size_stream(get_value_session('from_db', 'id'), 'listeners') - pakketten_get_value_used_stream(get_value_session('from_db', 'id'), 'listeners');
if ($max_listeners < $availablelisteners) {
$sql2 = 'INSERT INTO `stream_streams` (`poort`,`admin_user`,`admin_pass`,`max_listeners`,`bitrate`,`account`,`name`,`host`,`genre`,`description`,`url`,`source_pass`,`relay_pass`,`mountpoint`,`master_server`,`master_port`,`master_user`,`master_pass`,`changed2`,`changed`,`type`,`shoutcastkey`) VALUES ("' . $mysqli->real_escape_string($poort) . '","' . $mysqli->real_escape_string($admin_user) . '","' . $mysqli->real_escape_string($admin_pass) . '","' . $mysqli->real_escape_string($max_listeners) . '","' . $mysqli->real_escape_string($bitrate) . '","' . $mysqli->real_escape_string($account) . '","' . $mysqli->real_escape_string($name) . '","' . $mysqli->real_escape_string($host) . '","' . $mysqli->real_escape_string($genre) . '","' . $mysqli->real_escape_string($description) . '","' . $mysqli->real_escape_string($url) . '","' . $mysqli->real_escape_string($source_pass) . '","' . $mysqli->real_escape_string($relay_pass) . '","' . $mysqli->real_escape_string($mountpoint) . '","' . $mysqli->real_escape_string($master_server) . '","' . $mysqli->real_escape_string($master_port) . '","' . $mysqli->real_escape_string($master_user) . '","' . $mysqli->real_escape_string($master_pass) . '","1","1","' . $mysqli->real_escape_string($streamtype) . '","' . $mysqli->real_escape_string($shoutcastkey) . '")';
$mysqli->query($sql2);
$id = $mysqli->insert_id;
if (get_value_post('ftp_pass') != FALSE && get_value_post('ftp_pass') != '') {
$sql = 'INSERT INTO `stream_ftpuser` (`userid`,`passwd`,`homedir`) VALUES ("stream' . $id . '","' . $mysqli->real_escape_string(get_value_post('ftp_pass')) . '","/home/icecast/stream' . $id . '")';
$mysqli->query($sql);
$sql = 'INSERT INTO `stream_ftpquotalimits` (`name`,`limit_type`) VALUES ("stream' . $id . '","hard")';
$mysqli->query($sql);
}
$html = '<br /><br />' . $lang->translate(930) . '<br /><br />';
} else {
$html = '<br /><br />' . $lang->translate(931) . '<br /><br />';
}
}
return $html;
}
function dns_do_action_superontkoppelen($id, $account, $admin = 2)
{
global $lang;
$data = dns_get_value_domain($id);
if (pakketten_check_is_allowed($data['account'], 'DNS', $admin)) {
global $mysqli_dns;
if (!isset($mysqli_dns) || empty($mysqli_dns)) {
create_db_connection('mysqli_dns', 'dns');
}
global $mysqli_dns;
$sql = 'UPDATE `domains` SET `type` = "NATIVE", `master` = NULL, `last_check` = NULL WHERE `id` = "' . $mysqli_dns->real_escape_string($id) . '"';
$mysqli_dns->query($sql);
$html = '<br /><br /><p>' . $lang->translate(798) . '</p><br /><br />';
} else {
$html = '<br /><br />';
$html .= $lang->translate(792) . '<br /><br />';
}
return $html;
}
function resetUniqueValue($md5, $value, $user, $userid = 0)
{
$connf = create_db_connection();
$connf->execute("update " . getUserConfig("dbprefix") . "uniquevalues set util='" . $connf->escape($value) . "' where md5='" . $connf->escape($md5) . "' and user='******' and userid=0" . intval($userid));
return $value;
}
if (check_user_subuser(get_value_session('from_db', 'id'), $pakket['user_id'], $type = 3) !== FALSE || $pakket['user_id'] == get_value_session('from_db', 'id') || get_value_session('from_db', 'is_admin') == '1') {
if (pakketten_do_action_verwijder($pakket['user_id'], get_value_get('id')) == FALSE) {
$html .= '<br /><p><b>' . $lang->translate(676) . '</b></p><br /><br />';
} else {
$html .= '<br /><p><b>' . $lang->translate(677) . '</b></p><br /><br />';
}
}
}
} elseif (get_value_get('type') == 'bewerken' && check_user_right(get_value_session('from_db', 'id'), 'pakketbewerken', get_value_session('from_db', 'is_admin')) !== FALSE) {
$pakket = pakketten_get_value_details(get_value_session('from_db', 'id'), get_value_get('id'), get_value_session('from_db', 'is_admin'));
if ($pakket !== FALSE) {
if (check_user_subuser(get_value_session('from_db', 'id'), $pakket['user_id'], $type = 3) !== FALSE || $pakket['user_id'] == get_value_session('from_db', 'id') || get_value_session('from_db', 'is_admin') == '1') {
if (get_value_get('p') == "dns") {
if (get_value_post('submit')) {
if (!isset($mysqli) || empty($mysqli)) {
create_db_connection('mysqli', 'central');
}
$domlimiet = get_value_post('domlimit');
$temlimiet = get_value_post('temlimit');
if ($domlimiet !== FALSE && $temlimiet !== FALSE) {
$sql = "UPDATE `pakketten_dns` SET `max_domain` = '" . $mysqli->real_escape_string($domlimiet) . "', `max_templates` = '" . $mysqli->real_escape_string($temlimiet) . "' WHERE `id` LIKE '" . $mysqli->real_escape_string($pakket['pakket_id']) . "'";
$query = $mysqli->query($sql);
$html .= '<br /><p><b>' . $lang->translate(673) . '</b></p><br /><br />';
} else {
$html .= '<br /><p><b>' . $lang->translate(674) . '</b></p><br /><br />';
}
} else {
$pakket_name = $pakket['pakket_name'];
$domain_pakket_limit = dns_get_value_pakket($pakket['pakket_id'], 'domain');
$template_pakket_limit = dns_get_value_pakket($pakket['pakket_id'], 'template');
$domain_pakket_used = dns_get_value_current_usage($pakket['pakket_id'], 'domain');
function pakketten_do_action_create_stream()
{
global $mysqli;
if (!isset($mysqli) || empty($mysqli)) {
create_db_connection('mysqli', 'central');
}
global $mysqli;
$temp = 1;
if (get_value_session('from_db', 'is_admin') == 1) {
$sql = 'INSERT INTO `pakketten_stream` (`max_listeners`) VALUES ("' . $mysqli->real_escape_string(get_value_post('listeners')) . '")';
$mysqli->query($sql);
$id = $mysqli->insert_id;
if ($id != 0) {
$sql = 'INSERT INTO `pakketten` (`type`,`user_id`,`pakket_id`) VALUES ("stream","' . $mysqli->real_escape_string(get_value_post('klant')) . '","' . $mysqli->real_escape_string($id) . '")';
$mysqli->query($sql);
$id2 = $mysqli->insert_id;
if ($id2 != 0) {
return TRUE;
} else {
return FALSE;
}
} else {
return FALSE;
}
} else {
if (check_user_subuser(get_value_session('from_db', 'id'), get_value_post('klant'))) {
$availablelisteners = pakketten_get_value_size_stream(get_value_session('from_db', 'id'), 'listeners') - pakketten_get_value_used_stream(get_value_session('from_db', 'id'), 'listeners');
if (get_value_post('listeners') < $availablelisteners) {
$sql = 'INSERT INTO `pakketten_stream` (`max_listeners`) VALUES ("' . $mysqli->real_escape_string(get_value_post('listeners')) . '")';
$mysqli->query($sql);
$id = $mysqli->insert_id;
if ($id != 0) {
$sql = 'INSERT INTO `pakketten` (`type`,`user_id`,`pakket_id`) VALUES ("stream","' . $mysqli->real_escape_string(get_value_post('klant')) . '","' . $mysqli->real_escape_string($id) . '")';
$mysqli->query($sql);
$id2 = $mysqli->insert_id;
if ($id2 != 0) {
return TRUE;
} else {
return FALSE;
}
} else {
return FALSE;
}
} else {
return FALSE;
}
} else {
return FALSE;
}
}
}
function matchExists($match_id)
{
$user = array();
$matchExists = false;
$mysqli = create_db_connection();
if (!($stmt = $mysqli->prepare("SELECT match_id FROM matches WHERE match_id = ?"))) {
error_log("Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error, 3, "leagueweb.error");
}
if (!$stmt->bind_param("i", $match_id)) {
error_log("Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error, 3, "leagueweb.error");
}
if (!$stmt->execute()) {
error_log("Execute failed: (" . $stmt->errno . ") " . $stmt->error, 3, "leagueweb.error");
} else {
$stmt->bind_result($matchId);
$stmt->fetch();
//we just want the first one
$someId = $matchId;
}
if ($match_id == $someId) {
$matchExists = true;
}
return $matchExists;
}
