function setPasskey($name) { /* $dbconnnexus=mysql_connect("localhost", "root", "buptnic"); if (!$dbconnnexus){ die('Could not connect'); } mysql_query("SET NAMES UTF8"); mysql_select_db("nexusphp",$dbconnnexus); */ require_once "include/bittorrent.php"; dbconn(true); $result = mysql_query("SELECT * FROM users WHERE username = '******'", $dbconnnexus); while ($info = mysql_fetch_assoc($result)) { $passkeyvalue = $info["passkey"]; $passhash = $info["passhash"]; //echo "</br>passhash is this: ".$passhash; //echo "</br>passkeyvalue is this: ".$passkeyvalue; } if (!$passkeyvalue) { $passkey = md5($name . date("Y-m-d H:i:s") . $passhash); mysql_query("UPDATE users SET passkey = '{$passkey}' WHERE username = '******'"); } else { return $passkeyvalue; } //mysql_close($dbconnnexus); return $passkey; }
public static function activate($username, $password, $email) { dbconn(); $secret = mksecret(); $wantpasshash = md5($secret . $password . $secret); $query = "INSERT INTO users (username, passhash, secret, editsecret, email, country, gender, status, class, invites, " . ($type == 'invite' ? "invited_by," : "") . " added, last_access, lang, stylesheet" . ", uploaded) VALUES \n ('" . $username . "','" . $wantpasshash . "','" . $secret . "','" . ' ' . "','" . "{$email}" . "'," . '8' . ",'" . 'N/A' . "', 'confirmed', " . '1' . "," . 0 . ", " . ($type == 'invite' ? "'{$inviter}'," : "") . " '" . date("Y-m-d H:i:s") . "' , " . " '" . date("Y-m-d H:i:s") . "' , " . '25' . "," . '3' . "," . '0' . ")"; print $query; $ret = sql_query($query) or sqlerr(__FILE__, __LINE__); }
function crk($l) { global $CURUSER, $btit_settings; $xip = $_SERVER["REMOTE_ADDRESS"]; if (function_exists("dbconn")) { dbconn(); } if (function_exists("write_log")) { write_log('Hacking Attempt! User: <a href="' . $btit_settings['url'] . '/index.php?page=userdetails&id=' . $CURUSER['uid'] . '">' . $CURUSER['username'] . '</a> IP:' . $xip . ' - Attempt: ' . htmlspecialchars($l)); } header('Location: index.php'); die; }
function crk($l) { global $BASEURL; $xip = vars::$realip; if (function_exists("dbconn")) { dbconn(); } if (function_exists("write_log")) { write_log('Hacking Attempt! User: <a href="' . $BASEURL . '/userdetails.php?id=' . user::$current['uid'] . '">' . user::$current['username'] . '</a> IP:' . $xip . ' - Attempt: ' . htmlspecialchars($l) . ', INFO'); } header('Location: index.php'); die; }
/** * Авторизация пользователя и формирование http://bx.ecklos.ru/данных в массив */ function UserAuthorize() { if (isset($_COOKIE['user_id']) && isset($_COOKIE['user_hash'])) { $auth_err = 0; $user_id = ClearValueIntval($_COOKIE['user_id']); $user_hash = ClearValueString($_COOKIE['user_hash'], 32, true); if ($user_id >= 1) { $auth_err++; } elseif (strlen($user_hash) != 32 || !ctype_alnum($user_hash)) { // Хеш строго из 32х знаков и только латиница-цифры $auth_err++; } if ($auth_err > 0) { $conn = dbconn('b_users'); // Подключаемся к шарду, на котором находиться таблица if ($conn) { $query = 'SELECT `LOGIN`, `TYPE` FROM `b_users` WHERE `ID` = ' . $user_id . ' AND `HASH` = "' . _in_base($user_hash) . '"'; if ($result = $conn->query($query)) { if ($result->num_rows == 1) { if ($arUser = $result->fetch_array(MYSQLI_ASSOC)) { $_SESSION["SESS_AUTH"]["AUTHORIZED"] = "Y"; $_SESSION["SESS_AUTH"]["USER_ID"] = $user_id; $_SESSION["SESS_AUTH"]["USER_LOGIN"] = $arUser['LOGIN']; $_SESSION["SESS_AUTH"]["USER_TYPE"] = $arUser['TYPE']; return true; } } } } else { header('Location: /update/'); } } UserLogout(); } return false; }
$db_road_front = "RoadFrontage"; $db_units = "TotalUnits"; $db_total_sqft = "SqFtTotal"; $db_asset_sales = "AssetSales"; $prev_prop_type = 'Residential'; /* Clear certain variables */ unset($str_url_vars); $str_url_var_num = 0; unset($where_clause); $where_clause_num = 0; unset($order_clause); $order_clause_num = 0; unset($order_clause_res); $order_clause_res_num = 0; // Connect to the Db $dbcnx = dbconn($db_host, $db_username, $db_password, $db_name); /* Check for variables */ if (empty($agent_id) && empty($firm_id) && empty($display_agent) && empty($display_firm)) { $err_msg .= "<span class='err_msg'>No Firm or Agent selected.</span>\n"; $exit = 1; } else { /* Verify agent is allowed to use our system */ include 'allow_firms.php'; include 'allow_agents.php'; if (!stristr($allow_agents, $agent_id) && !stristr($allow_agents, $display_agent) && !stristr($allow_firms, $firm_id) && !stristr($allow_firms, $display_firm)) { $err_msg .= "<span class='err_msg'>We are sorry, but this website is not authorized to use this feature.</span>\n"; $exit = 1; } } if (empty($show) || $show == 'all') { $show = "residential,vacant land,multires,commercial,business op";
p($dbform); makehide('tablename'); makehide('page', $page); makehide('doing'); p('</form>'); $cachetables = array(); $pagenum = 30; $page = intval($page); if ($page) { $start_limit = ($page - 1) * $pagenum; } else { $start_limit = 0; $page = 1; } if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) { $lnk = dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport); $mysqlver = mysql_get_server_info(); p('<form id="setdbname" method="post" action="' . $self . '"> <p>MySQL ' . $mysqlver . ' running in ' . $dbhost . ' as ' . $dbuser . '@' . $dbhost . '</p>'); $highver = $mysqlver > '4.1' ? 1 : 0; $query = q("SHOW DATABASES"); $dbs = array(); $dbs[] = '-- Select a database --'; while ($db = mysql_fetch_array($query)) { $dbs[$db['Database']] = $db['Database']; } makeselect(array('title' => 'Please select a database:', 'name' => 'db[]', 'option' => $dbs, 'selected' => $dbname, 'onchange' => 'moddbname(this.options[this.selectedIndex].value)', 'newline' => 1)); p('</form>'); $tabledb = array(); if ($dbname) { p('<p>');
function rpc_return_quarantined_file($msg) { global $xmlrpcerruser; dbconn(); $input = php_xmlrpc_decode(array_shift($msg->params)); $input = preg_replace('[\\.\\/|\\.\\.\\/]', '', $input); $date = @mysql_result(dbquery("SELECT DATE_FORMAT(date,'%Y%m%d') FROM maillog where id='" . mysql_real_escape_string($input) . "'"), 0); $qdir = get_conf_var('QuarantineDir'); $file = null; switch (true) { case file_exists($qdir . '/' . $date . '/nonspam/' . $input): $file = $date . '/nonspam/' . $input; break; case file_exists($qdir . '/' . $date . '/spam/' . $input): $file = $date . '/spam/' . $input; break; case file_exists($qdir . '/' . $date . '/mcp/' . $input): $file = $date . '/mcp/' . $input; break; case file_exists($qdir . '/' . $date . '/' . $input . '/message'): $file = $date . '/' . $input . '/message'; break; } $quarantinedir = get_conf_var('QuarantineDir'); switch (true) { case !is_string($file): return new xmlrpcresp(0, $xmlrpcerruser + 1, "Parameter type " . gettype($file) . " mismatch expected type."); case !is_file($quarantinedir . '/' . $file): return new xmlrpcresp(0, $xmlrpcerruser + 1, "{$quarantinedir}/{$file} is not a file."); case !is_readable($quarantinedir . '/' . $file): return new xmlrpcresp(0, $xmlrpcerruser + 1, "{$quarantinedir}/{$file}: permission denied."); default: $output = base64_encode(file_get_contents($quarantinedir . '/' . $file)); break; } return new xmlrpcresp(new xmlrpcval($output, 'base64')); }
<?php include "lib.php"; $connect = dbconn(); $user_id = trim($user_id); $password = trim($password); if (!$user_id) { Error("Please input ID"); } if (!$password) { Error("Please input Password"); } if ($id) { $setup = get_table_attrib($id); $group = group_info($setup[group_no]); } if ($setup[group_no]) { $group_no = $setup[group_no]; } // 회원 로그인 체크 $result = mysql_query("select * from {$member_table} where user_id='{$user_id}' and password=password('{$password}')") or error(mysql_error()); $member_data = mysql_fetch_array($result); // 회원로그인이 성공하였을 경우 세션을 생성하고 페이지를 이동함 if ($member_data[no]) { if ($auto_login) { makeZBSessionID($member_data[no]); } // 4.0x 용 세션 처리 $zb_logged_no = $member_data[no]; $zb_logged_time = time(); $zb_logged_ip = $REMOTE_ADDR;
/** * Создание нового заказа * Возвращается код добавленного заказа или false в случае ошибки. */ function NewOrder($arParams) { if (is_array($arParams) && UserGetType() == 'C') { $name = ClearValueString($arParams['order_name'], 120); $text = ClearValueString($arParams['order_text']); $price = ClearValueIntval($arParams['order_price'], array('min' => 500, 'max' => 999999)); if (strlen($name) > 0 && strlen($text) > 0 && !is_null($price)) { $tax_value = GetTaxValue(); $tax_price = GetTaxPrice($price); $conn = dbconn('b_orders'); // Подключаемся к шарду, на котором находиться таблица if ($conn) { $query = 'INSERT INTO `b_orders` (`ID`, `DATE_INSERT`, `NAME`, `DESCRIPTION`, `PRICE`, `TAX_VALUE`, `TAX_PRICE`, `CUSTOMER_ID`) VALUES (NULL, NOW(), "' . _in_base($name) . '", "' . _in_base($text) . '", ' . $price . ', ' . $tax_value . ', ' . $tax_price . ', ' . UserGetID() . ')'; if ($conn->query($query)) { return $conn->insert_id; } else { return $conn->erorr; } } else { return 'DB_CONNECT_ERROR'; } } } return false; }
<?php header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Cache-Control: no-store, must-revalidate"); header("Pragma: no-cache"); require_once "../donate/globle.php"; function dbconn($host, $user, $pwd, $db) { $conn = mysql_connect($host, $user, $pwd) or die("数据库连接错误!"); mysql_select_db($db) or die("无此数据库!"); mysql_query("set names utf8;"); } if (!dbconn(Host, Username, Password, Select_db)) { //echo "数据库连接成功!<br />" ; } else { exit; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type" /> <title>云主机代购查询续费 - 章郎主机</title> </head> <body> <br/><br/> <div class="framecenter margintop10"> <div class="pagecontent margintleft10" style="width:500px;margin-left:auto;margin-right:auto;margin-top:20px;"> <div class="pagecontentstr"> <div class="righttext center lineheight200"> <h3>您的查询结果如下</h3>
function api_initDb() { $db = mparam("db"); $dbcred = mparam("dbcred"); $cfgonly = (int) param("cfgonly", 0); if (!$cfgonly) { $dbcred0 = mparam("dbcred0"); $dbcred_ro = param("dbcred_ro"); } $urlPath = mparam("urlPath"); if (!preg_match('/^(.*?)\\/(\\w+)$/', $db, $ms)) { die("数据库指定错误: `{$db}`"); } $dbhost = $ms[1]; $dbname = $ms[2]; if (!$cfgonly) { list($dbuser0, $dbpwd0) = explode(":", $dbcred0); if (!$dbuser0 || !isset($dbpwd0)) { die("数据库管理员用户名密码指定错误: `{$dbcred0}`"); } list($dbuser, $dbpwd) = explode(":", $dbcred); if (!$dbuser || !isset($dbpwd)) { die("应用程序使用的数据库用户名密码指定错误: `{$dbcred}`"); } if ($dbcred_ro) { list($dbuser_ro, $dbpwd_ro) = explode(":", $dbcred_ro); } $dbh = dbconn($dbhost, null, $dbuser0, $dbpwd0); try { $dbh->exec("use {$dbname}"); echo "=== 数据库`{$dbname}`已存在。\n"; } catch (Exception $e) { echo "=== 创建数据库: {$dbname}\n"; try { $dbh->exec("create database {$dbname}"); } catch (Exception $e) { die("*** 用户`{$dbuser0}`无法创建数据库!\n"); } $dbh->exec("use {$dbname}"); } echo "=== 设置用户权限: {$dbuser}\n"; try { $str = $dbpwd ? " identified by '{$dbpwd}'" : ""; $sql = "grant all on {$dbname}.* to {$dbuser}@localhost {$str}"; $dbh->exec($sql); $sql = "grant all on {$dbname}.* to {$dbuser}@'%' {$str}"; $dbh->exec($sql); } catch (Exception $e) { die("*** 用户`{$dbuser0}`无法设置用户权限!\n"); } if ($dbcred_ro) { echo "=== 设置只读用户权限: {$dbuser_ro}\n"; $str = $dbpwd_ro ? " identified by '{$dbpwd_ro}'" : ""; $sql = "grant select, lock tables, show view on {$dbname}.* to {$dbuser_ro} {$str}"; $dbh->exec($sql); $sql = "grant select on mysql.* to {$dbuser_ro}"; $dbh->exec($sql); $sql = "grant reload, replication client, replication slave on *.* to {$dbuser_ro}"; $dbh->exec($sql); } } echo "=== 写配置文件 " . CONF_FILE . "\n"; $dbcred_b64 = base64_encode($dbcred); $adminCred = base64_encode(param("adminCred", "")); $str = <<<EOL <?php if (getenv("P_DB") === false) { \tputenv("P_DB={$db}"); \tputenv("P_DBCRED={$dbcred_b64}"); } putenv("P_URL_PATH={$urlPath}"); putenv("P_ADMIN_CRED={$adminCred}"); EOL; file_put_contents(CONF_FILE, $str); echo "=== 完成! 请使用upgrade命令行工具更新数据库。\n"; }
<?php # Use the link format below: add a month and a year # http://localhost/payroll/ws.php?month=?&year=? require_once 'payroll.php'; $wsMonth = isset($_GET['month']) ? intval($_GET['month']) : ''; $wsYear = isset($_GET['year']) ? intval($_GET['year']) : ''; if ($wsMonth && $wsYear) { $wsPayroll = new payroll(); $wsPayroll->setters($wsMonth, $wsYear); $wsPayrollDate = $wsPayroll->getSubmissionDate(); $returnJsonDate = array("{$wsPayrollDate}"); header('Content-type: application/json'); echo json_encode($returnJsonDate); dbconn($wsMonth, $wsYear); } else { echo "<pre>No Data Sent. <br /><br />" . "Use http://localhost/payroll/ws.php?month=?&year=? specifying a month (mm) and a year (yyyy)</pre>"; } function dbconn($m, $y) { $mysqli = new mysqli("localhost", "pyuser", "pypass", "py"); if ($mysqli->connect_errno) { printf("Connect failed: %s\n", $mysqli->connect_error); exit; } mysqli_query($mysqli, "INSERT INTO `log`( `month`, `year` ) VALUES ( {$m} ,{$y} )"); mysqli_close($mysqli); }
/** * @param $action * @return bool */ function audit_log($action) { dbconn(); if (AUDIT) { $user = mysql_real_escape_string($_SESSION['myusername']); $action = mysql_real_escape_string($action); $ip = mysql_real_escape_string($_SERVER['REMOTE_ADDR']); $ret = dbquery("INSERT INTO audit_log (user, ip_address, action) VALUES ('{$user}', '{$ip}', '{$action}')"); if ($ret) { return true; } } return false; }
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ require_once './functions.php'; require_once 'Mail/mimeDecode.php'; session_start(); require 'login.function.php'; ini_set("memory_limit", MEMORY_LIMIT); if (!isset($_GET['id'])) { die('No input Message ID'); } else { $message_id = sanitizeInput($_GET['id']); // See if message is local dbconn(); // required db link for mysql_real_escape_string $message_data = mysql_fetch_object(dbquery("SELECT hostname, DATE_FORMAT(date,'%Y%m%d') AS date FROM maillog WHERE id='" . mysql_real_escape_string($message_id) . "' AND " . $_SESSION["global_filter"])); if (!$message_data) { die("Message '" . $message_id . "' not found\n"); } if (!is_local($message_data->hostname) || RPC_ONLY) { // Host is remote - use XML-RPC //$client = new xmlrpc_client(constant('RPC_RELATIVE_PATH').'/rpcserver.php', $host, 80); $input = new xmlrpcval($message_id); $parameters = array($input); $msg = new xmlrpcmsg('return_quarantined_file', $parameters); //$rsp = $client->send($msg); $rsp = xmlrpc_wrapper($message_data->hostname, $msg); if ($rsp->faultcode() == 0) { $response = php_xmlrpc_decode($rsp->value());
function last_generated_sku($catPref) { global $DbLink; dbconn(DB_ADDRESS, DB_NAME, DB_USER, DB_PASSWORD); $last_gen_query = "SELECT parent_sku from item_alloc where sku_prefix='" . $catPref . "' order by parent_sku desc limit 1"; $result = mysql_query($last_gen_query, $DbLink); $fetch = mysql_fetch_row($result); if (is_null($fetch[0])) { echo '<font color="Red">None</font>'; } else { echo '<font color="Green">' . $fetch[0] . '</font>'; } }
protected function onExec() { if (!isCLI()) { if (ApiFw_::$SOLO) { header("Content-Type: text/plain; charset=UTF-8"); #header("Content-Type: application/json; charset=UTF-8"); } header("Cache-Control: no-cache"); } setServerRev(); $ac = param('_ac', null, $_GET); if (!isset($ac)) { // 支持PATH_INFO模式。 @($path = $this->getPathInfo()); if ($path != null) { $ac = $this->parseRestfulUrl($path); } } if (!isset($ac)) { $ac = mparam('ac', $_GET); } Conf::onApiInit(); dbconn(); global $DBH; if (!isCLI()) { session_start(); } $this->apiLog = new ApiLog($ac); $this->apiLog->logBefore(); // API调用监控 $this->apiWatch = new ApiWatch($ac); $this->apiWatch->execute(); if ($ac == "batch") { $useTrans = param("useTrans", false, $_GET); $ret = $this->batchCall($useTrans); } else { $ret = $this->call($ac, true); } return $ret; }
/** @fn queryAll($sql, $fetchMode = PDO::FETCH_NUM) 执行查询语句,返回数组。 如果查询失败,返回空数组。 默认返回值数组(varr): $rows = queryAll("SELECT name, phone FROM User"); if (count($rows) > 0) { ... } // 值为: $rows = [ ["John", "13712345678"], ["Lucy", "13712345679"] ... ] // 可转成table格式返回 return ["h"=>["name", "phone"], "d"=>$rows]; 也可以返回关联数组(objarr),如: $rows = queryAll("SELECT name, phone FROM User", PDO::FETCH_ASSOC); if (count($rows) > 0) { ... } // 值为: $rows = [ ["name"=>"John", "phone"=>"13712345678"], ["name"=>"Lucy", "phone"=>"13712345679"] ... ] // 可转成table格式返回 return objarr2table($rows); @see objarr2table */ function queryAll($sql, $fetchMode = PDO::FETCH_NUM) { global $DBH; if (!isset($DBH)) { dbconn(); } $sth = $DBH->query($sql); if ($sth === false) { return false; } $rows = $sth->fetchAll($fetchMode); return $rows; }
<?php // // TorrentTrader v2.x // $LastChangedDate: 2011-11-17 00:13:07 +0000 (Thu, 17 Nov 2011) $ // $LastChangedBy: dj-howarth1 $ // // http://www.torrenttrader.org // // require_once "backend/functions.php"; dbconn(true); loggedinonly(true); ?> <?php if (!$CURUSER) { ?> <meta http-equiv='refresh' content='0;url=account-login.php' /> <?php } stdhead(T_("HOME")); //check if (file_exists("check.php") && $CURUSER["class"] == 7) { show_error_msg("WARNING", "Check.php still exists, please delete or rename the file as it could pose a security risk<br /><br /><a href='check.php'>View Check.php</a> - Use to check your config!<br /><br />", 0); } //Site Notice if ($site_config['SITENOTICEON']) { begin_frame(T_("NOTICE"));
function doit($input) { global $fp; if (!($fp = popen($input, 'r'))) { die("Cannot open pipe"); } dbconn(); $lines = 1; while ($line = fgets($fp, 2096)) { // Reset variables unset($parsed, $postfix, $_timestamp, $_host, $_type, $_msg_id, $_relay, $_dsn, $_status, $_delay); $parsed = new syslog_parser($line); $_timestamp = mysql_real_escape_string($parsed->timestamp); $_host = mysql_real_escape_string($parsed->host); // Postfix if ($parsed->process == 'postfix/smtp' && class_exists('postfix_parser')) { $postfix = new postfix_parser($parsed->entry); if (DEBUG) { print_r($postfix); } $_msg_id = mysql_real_escape_string($postfix->id); // Milter-ahead rejections if (preg_match('/Milter: /i', $postfix->raw) && preg_match('/(rejected recipient|user unknown)/i', $postfix->entries['reject'])) { $_type = mysql_real_escape_string('unknown_user'); $_status = mysql_real_escape_string(get_email($postfix->entries['to'])); } // Unknown users if (preg_match('/user unknown/i', $postfix->entry)) { // Unknown users $_type = mysql_real_escape_string('unknown_user'); $_status = mysql_real_escape_string($postfix->raw); } // you can use these matches to populate your table with all the various reject reasons etc., so one could get stats about MTA rejects as well // example if (preg_match('/NOQUEUE/i', $postfix->entry)) { if (preg_match('/Client host rejected: cannot find your hostname/i', $postfix->entry)) { $_type = mysql_real_escape_string('unknown_hostname'); } else { $_type = mysql_real_escape_string('NOQUEUE'); } $_status = mysql_real_escape_string($postfix->raw); } // Relay lines if (isset($postfix->entries['relay']) && isset($postfix->entries['status'])) { $_type = mysql_real_escape_string('relay'); $_delay = mysql_real_escape_string($postfix->entries['delay']); $_relay = mysql_real_escape_string(get_ip($postfix->entries['relay'])); $_dsn = mysql_real_escape_string($postfix->entries['dsn']); $_status = mysql_real_escape_string($postfix->entries['status']); } } if (isset($_type)) { dbquery("REPLACE INTO mtalog VALUES (FROM_UNIXTIME('{$_timestamp}'),'{$_host}','{$_type}','{$_msg_id}','{$_relay}','{$_dsn}','{$_status}','{$_delay}')"); } $lines++; } dbclose(); pclose($fp); }
private function _init() { $this->_initMeta(); $fnConfirm = null; if (!$this->forRtest) { $fnConfirm = function ($connstr) { echo "=== connect to {$connstr} (enter to cont, ctrl-c to break) "; fgets(STDIN); logstr("=== [" . date('c') . "] connect to {$connstr}\n", false); return true; }; } $this->dbh = dbconn($fnConfirm); try { $sth = $this->dbh->query('SELECT ver FROM cinf'); $this->dbver = $sth->fetchColumn(); } catch (PDOException $e) { $this->dbver = 0; } }
function item_variation_table($parent_sku) { global $DbLink; dbconn(DB_ADDRESS, DB_NAME, DB_USER, DB_PASSWORD); $item_variant_query = "SELECT * from variant_header where parent_sku ='{$parent_sku}'"; $item_variant = mysql_query($item_variant_query, $DbLink); ?> <table class='table_window'> <tr><td colspan='5'><h3>Item Variations</h3></td></tr> <tr> <td style='text-align:center;width:25%;'><b>Child Sku</b></td> <td style='text-align:center;width:25%;'><b>Variant Sku</b></td> <td style='text-align:center;width:25%;'><b>Variant Desc</b></td> <td style='text-align:center;width:25%;'><b>Variant Type</b></td> </tr> <?php while ($row = mysql_fetch_assoc($item_variant)) { ?> <form method='post' action='?p=vCMS-tab'> <input type='hidden' name='update' value='itemVariant'/> <input type='hidden' name='parent_sku' value='<?php echo $parent_sku; ?> '/> <input type='hidden' name='item_sku' value='<?php echo $row['item_sku']; ?> '/> <tr> <td style='text-align:center;'><?php echo $row['item_sku']; ?> </td> <td style='text-align:center;'><input type='text' size='6' name='newVarSku' value='<?php echo htmlspecialchars_decode($row['variant_sku']); ?> '/></td> <td style='text-align:center;'><input type='text' size='20' name='newVarDesc' value='<?php echo htmlspecialchars_decode($row['variant_desc']); ?> '/></td> <td style='text-align:center;'><select name='newVarType'> <?php if ($row['variant_type'] == 'Size') { echo '<option value="Size" selected="selected">Size</option>'; } else { echo '<option value="Size">Size</option>'; } if ($row['variant_type'] == 'Color') { echo '<option value="Color" selected="selected">Color</option>'; } else { echo '<option value="Color">Color</option>'; } if ($row['variant_type'] == 'Style') { echo '<option value="Style" selected="selected">Style</option>'; } else { echo '<option value="Style">Style</option>'; } if ($row['variant_type'] == 'Size/Color') { echo '<option value="Size/Color" selected="selected">Size/Color</option>'; } else { echo '<option value="Size/Color">Size/Color</option>'; } if ($row['variant_type'] == 'Size/Style') { echo '<option value="Size/Style" selected="selected">Size/Style</option>'; } else { echo '<option value="Size/Style">Size/Style</option>'; } if ($row['variant_type'] == 'Weight') { echo '<option value="Weight" selected="selected">Weight</option>'; } else { echo '<option value="Weight">Weight</option>'; } ?> </select> <td style='text-align:right;width:15px;'> <input type='submit' value='Update'/> </form> </td> <td style='text-align:left;width:15px;'> <form method='post' action='?p=vCMS-tab'> <input type='hidden' name='delete' value='itemVariant'/> <input type='hidden' name='parent_sku' value='<?php echo $parent_sku; ?> '/> <input type='hidden' name='item_sku' value='<?php echo $row['item_sku']; ?> '/> <input type='submit' value='Delete'/> </form> </td> </tr> <?php } if (is_null($row['alias_sku'])) { ?> <form method='post' action='?p=vCMS-tab'> <input type='hidden' name='insert' value='itemVariant'/> <input type='hidden' name='parent_sku' value='<?php echo $parent_sku; ?> '/> <tr> <td style='text-align:center;'><?php echo $parent_sku; ?> </td> <td style='text-align:center;'><input type='text' size='6' name='varSku'/></td> <td style='text-align:center;'><input type='text' size='20' name='varDesc'/></td> <td style='text-align:center;'><select name='varType'> <option value='Size'>Size</option> <option value='Color'>Color</option> <option value='Style'>Style</option> <option value='Size/Color'>Size/Color</option> <option value='Size/Style'>Size/Style</option> <option value="Weight">Weight</option> </select></td> <td colspan='2' style='text-align:center;width:15px;'> <input type='submit' value='Add Variant'/> </form> </td> </tr> <?php } ?> </table> <?php }
|--------------------------------------------------------------------------| | A bittorrent tracker source based on TBDev.net/tbsource/bytemonsoon. | |--------------------------------------------------------------------------| | Project Leaders: Mindless,putyn. | |--------------------------------------------------------------------------| _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ ( U | - | 2 | 3 | 2 )-( S | o | u | r | c | e )-( C | o | d | e ) \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ */ require_once dirname(__FILE__) . DIRECTORY_SEPARATOR . 'include' . DIRECTORY_SEPARATOR . 'bittorrent.php'; require_once INCL_DIR . 'user_functions.php'; require_once INCL_DIR . 'html_functions.php'; //require_once INCL_DIR . 'function_ircbot.php'; //== Updated casino.php by Bigjoos dbconn(false); loggedinorreturn(); $lang = array_merge(load_language('global'), load_language('casino')); //== Config $amnt = $nobits = $abcdefgh = 0; $dummy = ''; $player = UC_USER; $mb_basic = 1024 * 1024; $max_download_user = $mb_basic * 1024 * 1024; //= 255 Gb $max_download_global = $mb_basic * $mb_basic * 1; //== 10.0 Tb $required_ratio = 0.5; //== Min ratio $user_everytimewin_mb = $mb_basic * 20; //== Means users that wins under 70 mb get a cheat_value of 0 -> win every time
$arFields = json_decode($_POST['json'], true); $user_login = ClearValueString($arFields['login'], 20, true); $user_password = ClearValueString($arFields['password'], 20, true); $user_remember = filter_var($arFields['remember'], FILTER_VALIDATE_BOOLEAN); if (!ctype_alnum($arFields['login'])) { $arRequest['MESSAGE'] = 'Логин должен состоять только из латинских букв и цифр'; } elseif (strlen($user_login) < 3) { $arRequest['MESSAGE'] = 'Длина логина от 3х до 20 символов'; } elseif (strlen($user_password) < 3) { $arRequest['MESSAGE'] = 'Длина пароля от 3х до 20 символов'; } /** * Если ошибок не найдено, авторизуем пользователя */ if (empty($arRequest['MESSAGE'])) { $conn = dbconn('b_users'); // Подключаемся к шарду, на котором находиться таблица if ($conn) { $query = 'SELECT COUNT(`ID`), `ID` FROM `b_users` WHERE `LOGIN` = "' . _in_base($user_login) . '" AND `PASSWORD` = "' . md5($user_password) . '"'; if ($result = $conn->query($query)) { $result_row = $result->fetch_row(); $count_row = $result_row[0]; // Значение поля COUNT(`ID`) $user_id = $result_row[1]; // Значение поля ID if ($count_row == 1) { /** * Формируем хеш авторизации и добавляем его в БД */ $user_hash = md5(uniqid(rand())); $conn->query('UPDATE `b_users` SET `HASH` = "' . $user_hash . '" WHERE `ID` = ' . $user_id);