function doit() { global $HTTP_POST_VARS, $nodeinfo; if (!defined("RED_NOTIFICATION_INC")) { } include "messages/red_notification.inc"; if (!defined("USER_INC")) { } include "dbapi/user.inc"; $errstr = '<ul>'; if ($HTTP_POST_VARS['expert_type'] == 'auto') { delete_expert($nodeinfo['id']); if ($HTTP_POST_VARS['old_expert'] != "") { $user = get_user_from_name($HTTP_POST_VARS['old_expert']); if ($user != -1) { if (isset($HTTP_POST_VARS['field_notify_user'])) { send_red_notification(LTMSG_FETERMN, $user['User_ID'], $nodeinfo['id']); } } } } else { if ($HTTP_POST_VARS['field_expert'] == "") { $errstr .= '<li>You have to enter an expert'; } else { if (!is_valid_expert($HTTP_POST_VARS['field_expert'])) { $errstr .= '<li>The expert you specified could not be found in the database.'; } } if ($HTTP_POST_VARS['field_description'] == "") { $errstr .= '<li>Please enter a descripiton for your expert.'; } if ($errstr != '<ul>') { $predef['Name'] = $HTTP_POST_VARS['field_expert']; $predef['About'] = $HTTP_POST_VARS['field_description']; print_error($errstr . '</ul>', $predef); } $currexp = get_def_expert($nodeinfo['id']); $newexp_id = get_user_from_name($HTTP_POST_VARS['field_expert']); $newexp_id = $newexp_id['User_ID']; if (is_array($currexp)) { edit_expert($nodeinfo['id'], $HTTP_POST_VARS['field_expert'], $HTTP_POST_VARS['field_description']); if ($HTTP_POST_VARS['old_expert'] != "") { $user = get_user_from_name($HTTP_POST_VARS['old_expert']); if ($user != -1) { if (isset($HTTP_POST_VARS['field_notify_user'])) { send_red_notification(LTMSG_FETERMN, $user['User_ID'], $nodeinfo['id']); } } } if (isset($HTTP_POST_VARS['field_notify_user'])) { send_red_notification(LTMSG_FEELECT, $newexp_id, $nodeinfo['id']); } } else { add_expert($nodeinfo['id'], $HTTP_POST_VARS['field_expert'], $HTTP_POST_VARS['field_description']); if (isset($HTTP_POST_VARS['field_notify_user'])) { send_red_notification(LTMSG_FEELECT, $newexp_id, $nodeinfo['id']); } } } go_back(); }
function do_send_message($userdata) { global $HTTP_POST_VARS, $ltrstr; $errstr = $ltrstr['Errors occurred'] . "<ul>\n"; $error = 0; if ($HTTP_POST_VARS['field_subject'] == "" and $HTTP_POST_VARS['field_message'] == "") { $error = $error | 1; $errstr .= '<li>' . $ltrstr['Subject missing']; } $target_user = $HTTP_POST_VARS['field_friend'] != "-1" ? get_user_from_name($HTTP_POST_VARS['field_friend']) : get_user_from_name($HTTP_POST_VARS['field_username']); if ($target_user == "-1") { //cannot happen if we are not hacked... $error = $error | 2; $errstr .= '<li>' . $ltrstr['User not found']; } else { $target_user = $target_user['User_ID']; } if ($error != 0) { $errorh['msg'] = $errstr . '</ul>'; $errorh['subject'] = ($error & 1) != 0; $errorh['username'] = ($error & 2) != 0; $errorh['predef_message'] = $HTTP_POST_VARS['field_message']; $errorh['predef_subject'] = $HTTP_POST_VARS['field_subject']; $errorh['predef_user'] = $HTTP_POST_VARS['field_username']; display_form(false, $errorh); } else { if (!defined("TALK_INC")) { include "messages/talk.inc"; } talk($userdata['Username'], $target_user, $HTTP_POST_VARS['field_subject'], $HTTP_POST_VARS['field_message']); display_form(false, 999); } }
--> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Create User Test!</title> </head> <body> <h1> Login Test </h1> <?php $username = $HTTP_POST_VARS['username']; $password = $HTTP_POST_VARS['password']; $user = get_user_from_name($username); if (isset($_POST['submit'])) { if (check_user_error($username, $password, "empty", false)) { $session_id = session_id(); $_SESSION['user'] = $user; } } ?> <form action="test_login.php" method="post"> <fieldset> <legend>Login</legend> <p> <label for="username">Username</label> <br / > <input type="text" name="username" / > </p>