function cs_pictures_upload($file, $mod, $fid, $ajaxclean = 1) { if (!empty($_POST['del_picture'])) { cs_pictures_delete($_POST['del_picture']); } if (empty($file['tmp_name'])) { return true; } settype($fid, 'integer'); $types_allowed = array('image/jpeg', 'image/png', 'image/pjpeg', 'image/x-png'); if (!in_array($file['type'], $types_allowed)) { return false; } $exts = array('image/jpeg' => 'jpg', 'image/png' => 'png', 'image/pjpeg' => 'jpg', 'image/x-png' => 'png'); $ext = $exts[$file['type']]; $where = "pictures_fid = '" . $fid . "' AND pictures_mod = '" . $mod . "'"; $already = cs_sql_select(__FILE__, 'pictures', 'pictures_id', $where); $pictures_id = $already['pictures_id']; if (empty($already)) { $vars = array(); $vars['pictures_mod'] = $mod; $vars['pictures_fid'] = $fid; cs_sql_insert(__FILE__, 'pictures', array_keys($vars), array_values($vars)); $pictures_id = cs_sql_insertid(__FILE__); } if (!cs_upload('pictures', 'picture-' . $pictures_id . '.' . $ext, $file['tmp_name'], $ajaxclean)) { cs_sql_delete(__FILE__, 'pictures', $pictures_id); return false; } $cells = array('pictures_file'); $content = array('picture-' . $pictures_id . '.' . $ext); cs_sql_update(__FILE__, 'pictures', $cells, $content, $pictures_id); return true; }
function create_user($access, $nick, $pwd, $lang, $email, $country, $timezone, $dst, $newsletter = 0, $active = 1, $empty = 0, $regkey = '') { global $cs_db, $cs_main; if ($cs_db['hash'] == 'md5') { $sec_pwd = md5($pwd); } elseif ($cs_db['hash'] == 'sha1') { $sec_pwd = sha1($pwd); } $op_users = cs_sql_option(__FILE__, 'users'); $picture = empty($op_users['def_picture']) ? '' : 'nopicture.jpg'; $time = cs_time(); $limit = empty($cs_main['data_limit']) ? 20 : $cs_main['data_limit']; $users_cells = array('access_id', 'users_nick', 'users_pwd', 'users_lang', 'users_email', 'users_emailregister', 'users_country', 'users_register', 'users_laston', 'users_timezone', 'users_dstime', 'users_newsletter', 'users_active', 'users_limit', 'users_regkey', 'users_picture', 'users_hidden'); $users_save = array($access, $nick, $sec_pwd, $lang, $email, $email, $country, $time, $time, $timezone, $dst, $newsletter, $active, $limit, $regkey, $picture, 'users_email'); cs_sql_insert(__FILE__, 'users', $users_cells, $users_save); return cs_sql_insertid(__FILE__); }
$thread_save = array_values($board); cs_sql_insert(__FILE__, 'threads', $thread_cells, $thread_save); $thread_now = cs_sql_select(__FILE__, 'threads', 'threads_id', 'threads_id = \'' . cs_sql_insertid(__FILE__) . '\''); #if thread voting -> save vote to boardvotes if ($votes == 1) { $bv['users_id'] = $board['users_id']; $bv['threads_id'] = $thread_now['threads_id']; $bv['boardvotes_time'] = $board['threads_time']; $bv_cells = array_keys($bv); $bv_save = array_values($bv); cs_sql_insert(__FILE__, 'boardvotes', $bv_cells, $bv_save); } for ($run = 0; $run < $run_loop_files; $run++) { $num = $run + 1; $files_cells = array('users_id', 'threads_id', 'boardfiles_time', 'boardfiles_name'); $files_save = array($board['users_id'], $thread_now['threads_id'], $board['threads_time'], $file_name[$num]); cs_sql_insert(__FILE__, 'boardfiles', $files_cells, $files_save); $files_select_new_id = cs_sql_insertid(__FILE__); $ext = substr($file_name[$num], strlen($file_name[$num]) + 1 - strlen(strrchr($file_name[$num], '.'))); $path = $cs_main['def_path'] . '/uploads/board/files/'; $target = $path . $file_upload_name[$num]; $target2 = $path . $files_select_new_id . '.' . $ext; $fileHand = fopen($target, 'r'); fclose($fileHand); rename($target, $target2); } # Update board entry to get correct threads and comments count include_once 'mods/board/repair.php'; cs_board_threads($board_id); cs_redirect($cs_lang['create_done'], 'board', 'thread', 'where=' . $thread_now['threads_id']); }
$run = 0; $run2 = 0; foreach ($cs_rounds as $round) { $run2++; $data['maps'][$run]['name'] = $round['maps_name']; $data['maps'][$run]['result'] = $round['rounds_score1'] . ' : ' . $round['rounds_score2']; $data['maps'][$run]['rounds_id'] = $round['rounds_id']; $up = $run2 != 1 ? cs_link($img_up, 'wars', 'rounds', 'id=' . $wars_id . '&up=' . $round['rounds_id']) : '-'; $down = $run2 != $count ? cs_link($img_down, 'wars', 'rounds', 'id=' . $wars_id . '&down=' . $round['rounds_id']) : '-'; $data['maps'][$run]['up_down'] = $up . ' ' . $down; $run++; } } else { $data['if']['rounds'] = false; } echo cs_subtemplate(__FILE__, $data, 'wars', 'rounds'); } else { if (!empty($new_map)) { $get_game_id = cs_sql_select(__FILE__, 'wars', 'games_id', 'wars_id = \'' . $cs_rounds['wars_id'] . '\''); $cells1 = array('maps_name', 'games_id'); $values1 = array($_POST['new_map'], $get_game_id['games_id']); cs_sql_insert(__FILE__, 'maps', $cells1, $values1); $cs_rounds['maps_id'] = cs_sql_insertid(__FILE__); } else { $cs_rounds['maps_id'] = (int) $_POST['maps_id']; } $cells2 = array_keys($cs_rounds); $values2 = array_values($cs_rounds); cs_sql_insert(__FILE__, 'rounds', $cells2, $values2); cs_redirect($cs_lang['create_done'], 'wars', 'rounds', 'id=' . $cs_rounds['wars_id']); }
$clans_pwd = isset($_POST['clans_pwd']) ? $_POST['clans_pwd'] : ''; $data = array(); $data['if']['gamesmod'] = empty($account['access_games']) ? FALSE : TRUE; $img_filetypes = array('gif', 'jpg', 'png'); if (isset($_POST['submit'])) { $cs_squads['clans_id'] = $_POST['clans_id']; $cs_squads['games_id'] = empty($_POST['games_id']) ? 0 : $_POST['games_id']; $cs_squads['squads_name'] = $_POST['squads_name']; $cs_squads['squads_order'] = empty($_POST['squads_order']) ? $op_squads['def_order'] : $_POST['squads_order']; $cs_squads['squads_pwd'] = $_POST['squads_pwd']; $error = ''; if (!empty($_POST['new_clan']) && !empty($clans_pwd)) { $cells = array('clans_name', 'clans_short', 'clans_pwd', 'users_id'); $values = array($_POST['new_clan'], $_POST['new_clan'], $clans_pwd, $account['users_id']); cs_sql_insert(__FILE__, 'clans', $cells, $values); $cs_squads['clans_id'] = cs_sql_insertid(__FILE__); } $img_size = false; if (!empty($files['picture']['tmp_name'])) { $img_size = getimagesize($files['picture']['tmp_name']); } if (!empty($files['picture']['tmp_name']) and empty($img_size) or $img_size[2] > 3) { $error .= $cs_lang['ext_error'] . cs_html_br(1); } elseif (!empty($files['picture']['tmp_name'])) { switch ($img_size[2]) { case 1: $extension = 'gif'; break; case 2: $extension = 'jpg'; break;
$extension = 'png'; break; } if (empty($extension)) { $error .= cs_html_br(1) . $cs_lang['wrong_ext']; } else { $save['medals_extension'] = $extension; } } } if (!empty($_POST['submit']) && empty($error)) { $cells = array_keys($save); $values = array_values($save); cs_sql_insert(__FILE__, 'medals', $cells, $values); if (!empty($files_gl['medals_picture']['tmp_name'])) { $id = cs_sql_insertid(__FILE__); $filename = 'medal-' . $id . '.' . $extension; cs_upload('medals', $filename, $files_gl['medals_picture']['tmp_name']); } cs_redirect($cs_lang['create_done'], 'medals'); } if (empty($_POST['submit'])) { $data['medals']['medals_name'] = ''; $data['medals']['medals_text'] = ''; } else { $data['medals']['medals_name'] = $save['medals_name']; $data['medals']['medals_text'] = $save['medals_text']; } $data['medals']['message'] = empty($error) ? $cs_lang['errors_here'] : $cs_lang['error_occured'] . $error; $data['form']['abcode'] = cs_abcode_features('medals_text'); $data['form']['dirname'] = $cs_main['php_self']['dirname'];
$fetch_me = array(); $fetch_me['count_id'] = $_SESSION['count_id']; $fetch_me['count_time'] = $_SESSION['count_time']; } $time_lock = isset($fetch_me['count_time']) ? $fetch_me['count_time'] + 43200 : 0; $_SESSION['count_time'] = $time; if ($time > $_SESSION['count_last'] + 30) { if ($time < $time_lock) { $counter_cells = array('count_time', 'count_location'); $counter_content = array($time, $cs_main['mod'] . '/' . $cs_main['action']); cs_sql_update(__FILE__, 'count', $counter_cells, $counter_content, $fetch_me['count_id'], 0, 0); } else { $counter_cells = array('count_ip', 'count_time', 'count_location'); $counter_save = array($ip, $time, $cs_main['mod'] . '/' . $cs_main['action']); cs_sql_insert(__FILE__, 'count', $counter_cells, $counter_save); $_SESSION['count_id'] = cs_sql_insertid(__FILE__); } $_SESSION['count_last'] = $time; } //Backup the files in counter $op_counter = cs_sql_option(__FILE__, 'counter'); $month = cs_datereal('n'); $yesterday = cs_datereal('d') - 1; if ($op_counter['last_archiv_day'] < $yesterday) { $days_max = cs_datereal('t'); $year = cs_datereal('Y'); $timer = mktime(0, 0, 0, $month, $op_counter['last_archiv_day'] - 1, $year); for ($day = $op_counter['last_archiv_day']; $day < $yesterday; $day++) { $timer2 = $timer + 86400; $cond = "count_time > '" . $timer . "' AND count_time < '" . $timer2 . "'"; $count_day = cs_sql_count(__FILE__, 'count', $cond);
$last['users_id'] = $comment['users_id']; } $save = array(); $save['users_id'] = (int) $comment['users_id']; $save['threads_time'] = $comment['comments_time']; $save['threads_text'] = $_POST['threads_text']; $save['threads_headline'] = $_POST['threads_headline']; $save['threads_edit'] = $comment['comments_edit']; $save['board_id'] = (int) $_POST['board_id']; $save['threads_last_user'] = (int) $last['users_id']; $save['threads_last_time'] = $last['comments_time']; $save['threads_comments'] = $count_comments; $cells = array_keys($save); $values = array_values($save); cs_sql_insert(__FILE__, 'threads', $cells, $values); $threads_id = cs_sql_insertid(__FILE__); if (empty($threads_id)) { cs_redirect($cs_lang['error'] . '.', 'board', 'thread', 'where=' . $comment['comments_fid']); } cs_sql_delete(__FILE__, 'comments', $comments_id); // Move selected comments if (!empty($_POST['comments'])) { $cells = array('comments_fid'); $content = array($threads_id); $cond_files = ''; foreach ($_POST['comments'] as $comment_id) { settype($comment_id, 'integer'); cs_sql_update(__FILE__, 'comments', $cells, $content, $comment_id); $cond_files .= ' OR comments_id = ' . (int) $comment_id; } // Move attachments of the comments
function make_folders_create($mod, $folders_name, $users_id = 0) { $get = "folders_mod = '" . $mod . "' AND folders_name = '" . cs_sql_escape($folders_name) . "' AND users_id = '" . (int) $users_id . "'"; $count = cs_sql_count(__FILE__, 'folders', $get); if (!empty($count)) { return false; } else { $columns = array('folders_mod', 'folders_name', 'users_id'); $values = array($mod, $folders_name, $users_id); cs_sql_insert(__FILE__, 'folders', $columns, $values); return cs_sql_insertid(__FILE__); } }
} } elseif (!empty($data['if']['form'])) { if (empty($account['users_id'])) { global $cs_db; if ($cs_db['hash'] == 'md5') { $data['join']['users_pwd'] = md5($data['join']['users_pwd']); } elseif ($cs_db['hash'] == 'sha1') { $data['join']['users_pwd'] = sha1($data['join']['users_pwd']); } } settype($data['join']['joinus_icq'], 'integer'); $data['join']['joinus_since'] = cs_time(); $joinus_cells = array_keys($data['join']); $joinus_save = array_values($data['join']); cs_sql_insert(__FILE__, 'joinus', $joinus_cells, $joinus_save); $joinus_id = cs_sql_insertid(__FILE__); cs_cache_delete('count_joinus'); require_once 'mods/notifymods/functions.php'; notifymods_mail('joinus', $account['users_id']); $tables = "joinus ju INNER JOIN {pre}_members mem ON ju.squads_id = mem.squads_id AND mem.members_admin = '1' "; $tables .= 'INNER JOIN {pre}_squads sq ON ju.squads_id = sq.squads_id'; $cells = 'ju.squads_id AS squads_id, mem.users_id AS users_id, sq.squads_name AS squads_name'; $select = cs_sql_select(__FILE__, $tables, $cells, "ju.joinus_id = '" . $joinus_id . "'", 0, 0, 0); $select_count = count($select); for ($run = 0; $run < $select_count; $run++) { $user = cs_sql_select(__FILE__, 'users', 'users_id', "users_id = '" . $select[$run]['users_id'] . "'"); $message['users_id'] = '1'; $message['users_id_to'] = $user['users_id']; $message['messages_time'] = cs_time(); $message['messages_subject'] = $cs_lang['new_joinus'] . $select[$run]['squads_name']; $message['messages_text'] = $cs_lang['new_joinus_text'] . $select[$run]['squads_name'] . $cs_lang['new_joinus_text2'];
if (empty($data['art']['articles_headline'])) { $errormsg .= $cs_lang['no_headline'] . cs_html_br(1); } if (empty($data['art']['articles_text'])) { $errormsg .= $cs_lang['no_text'] . cs_html_br(1); } if (isset($_POST['preview'])) { $data['if']['preview'] = true; $data['if']['catimg'] = empty($categories['categories_picture']) ? false : true; $data['cat']['url_catimg'] = empty($data['if']['catimg']) ? '' : 'uploads/categories/' . $categories['categories_picture']; $data['art']['articles_text_preview'] = cs_secure($data['art']['articles_text'], 1, 1, 1, 1); } elseif (empty($errormsg)) { $articles_cells = array_keys($data['art']); $articles_save = array_values($data['art']); cs_sql_insert(__FILE__, 'articles', $articles_cells, $articles_save); $articles_id = cs_sql_insertid(__FILE__); if (!empty($files['picture'])) { cs_pictures_upload($files['picture'], 'articles', $articles_id); } cs_redirect($cs_lang['create_done'], 'articles'); } else { $data['head']['body'] = $errormsg; } } else { $data['art']['articles_com'] = ''; $data['art']['articles_navlist'] = ''; $data['art']['articles_fornext'] = ''; $data['art']['articles_headline'] = ''; $data['art']['articles_text'] = ''; $data['art']['articles_time'] = cs_time(); $data['art']['users_id'] = $account['users_id'];