make_secure_form PHP Code Examples

Example #1

0

Show file

File: ticket.php Project: Shadowss/gnuworld-website

 echo "<table width=100% border=1 cellpadding=5 cellspacing=0>";
 echo initial_complaint($_GET["ID"]);
 echo "</table>\n";
 if ($_GET["RT"] > 0) {
     show_ticket_events($da_id);
     echo "<br>";
 } else {
     echo "<b><u>You are replying to the initial complaint of this ticket :</u></b><br>";
     echo db2disp($daobj->complaint_text);
     if ($daobj->complaint_logs != "") {
         echo "<br><br><b><u>optional logs :</u></b><br>";
         echo db2disp($daobj->complaint_logs);
     }
     echo "<br><br>";
 }
 make_secure_form("do_reply_admin" . $_GET["ID"] . $_GET["RT"]);
 echo "<script language=\"JavaScript\">\n";
 echo "<!--\n";
 $comc = "";
 $coml = "";
 $rcom = pg_safe_exec("SELECT * FROM default_msgs WHERE type=3");
 $yy = 0;
 $opt = "";
 while ($rcomo = pg_fetch_object($rcom)) {
     $yy++;
     $opt .= "<option value=\"" . $yy . "\">" . $rcomo->label . "</option>\n";
     $coml .= ",'" . post2db($rcomo->label) . "'";
     $comc .= ",'" . post2db($rcomo->content) . "'";
 }
 echo "\tvar com_msgs_c = [''" . $comc . "];\n";
 echo "\tvar com_msgs_l = [''" . $coml . "];\n";

Example #2

0

Show file

File: users.php Project: Shadowss/gnuworld-website

            echo cs_time($log->ts) . " [" . $log->ts . "]</td><td>";
            echo htmlentities($log->message) . "</td>\n";
            if ($admin >= 800) {
                echo "<td><a href=\"admin_user_comment.php?uid=" . $id . "&ts=" . $log->ts . "&spcmode=remove\">Delete</a></td>\n";
            }
            echo "</tr>";
        }
        echo "</table><br><br>";
    } else {
        echo "There are no admin comments for this user\n<br><br>";
    }
}
if ($edit && $delBtn) {
    // deletion secured form
    echo "<form name=deleteusername action=wipeuser.php method=post>\n";
    make_secure_form("deleteuser!!!" . CRC_SALT_0008 . $user->user_name);
    echo "<input type=hidden name=username value=\"" . $user->user_name . "\">\n";
    echo "<input type=hidden name=id value=\"" . $user->id . "\">\n";
    echo "</form>\n";
}
if ($admin < 1 && $id != $user_id) {
    //echo("You do not have access to see this users channels");
} else {
    $levels = pg_safe_exec("SELECT " . "  channel_id, " . "  user_id," . "  access," . "  levels.flags," . "  last_modif," . "  suspend_expires,suspend_by," . "  name " . " FROM " . "  levels," . "  channels " . " WHERE " . "  user_id = {$id} and " . " channels.id=levels.channel_id AND channels.registered_ts>0 ORDER BY access DESC");
    echo "\n        <TABLE WIDTH=100% border=1 cellspacing=0 cellpadding=2 BORDER=0 BGCOLOR=#" . $cTheme->table_bgcolor . ">\n        <tr>\n        <td colspan=6>\n        <center><h2>Channels</h2></center>\n        </td></tr>";
    if (pg_numrows($levels) == 0) {
        echo "<tr bgcolor=#" . $cTheme->table_sepcolor . "><td colspan=5><center><font color=#" . $cTheme->table_septextcolor . " size=-1><b><em>~ This user has no access on any channel ~</b></em></td></tr>";
    } else {
        echo " <tr bgcolor=#" . $cTheme->table_sepcolor . ">\n<td width=250><font color=" . $cTheme->table_septextcolor . " size=-1><b><em>Channel</em></b></font></td>\n<td width=70 align=center><font color=" . $cTheme->table_septextcolor . " size=-1><b><em>Access</font></td>\n<td width=70 align=center><font color=" . $cTheme->table_septextcolor . " size=-1><b><em>Auto-Op</font></td>\n<td width=70 align=center><font color=" . $cTheme->table_septextcolor . " size=-1k><b><em>Auto-Voice</font></td>\n<td width=70 align=center><font color=" . $cTheme->table_septextcolor . " size=-1k><b><em>Auto-Invite</font></td>\n<td>&nbsp</td>\n</tr>";
        for ($row = 0; $row < pg_numrows($levels); $row++) {
            $level = pg_fetch_object($levels, $row);

Example #3

0

Show file

File: index.php Project: Shadowss/gnuworld-website

                ?>
			<?php 
            }
            ?>
		<?php 
        }
        ?>
	<?php 
    }
}
?>
	if (state) {
		if (f.description.value.length>300) {
			alert('Description exceeds 300 chars.\n');
			return(false);
		}
	}
	if (!state) {
		alert('** Missing Required Fields **\n\n'+mf);
	}
	return(state);
}
//-->
</script>
<?php 
make_secure_form(CRC_SALT_0002);
?>
</form>
</body>
</html>

Example #4

0

Show file

File: ip_restrict.php Project: Shadowss/gnuworld-website

		if (f.t2ip2.value == '') { all_ok = false; }
	}
	if (f.rtype[2].checked) { // hostmask
		one_chk = true;
		if (f.t3mask.value == '') { all_ok = false; }
	}
	if (!one_chk) { all_ok = false; }
	if (!all_ok) {
		alert('Please, fill in all the required fields !');
	}
	return all_ok;
}
function del_id( id ) {
	if (confirm('Are you sure you want to delete this IP restriction ?')) {
		document.forms[1].delid.value = parseInt(id);
		document.forms[1].submit();
	}
}
//-->
</script>
</form>
<form name=delfrm method=POST>
<?php 
make_secure_form("delfrm" . $usr->id);
echo "<input type=hidden name=user_id value=\"" . $usr->id . "\">";
?>
<input type=hidden name=delid value=0>
</form>
</body>
</html>

Example #5

0

Show file

File: admin.php Project: Shadowss/gnuworld-website

         pg_safe_exec($q3);
     } else {
         if (check_secure_form("modifycomplaint" . $_GET["view"])) {
             echo "<a href=\"admin.php\"><b>&lt;&nbsp;back</b></a><br><br>\n";
         } else {
             echo "<a href=\"javascript:history.go(-1);\"><b>&lt;&nbsp;back</b></a><br><br>\n";
         }
     }
 }
 $idt = explode("-", $_GET["view"]);
 $r = pg_safe_exec("SELECT * FROM complaints WHERE id='" . (int) $idt[0] . "' AND ticket_number='" . $_GET["view"] . "'");
 if ($o = pg_fetch_object($r)) {
     echo "<h3>Details on TICKET #" . $_GET["view"] . " <font size=+0>(<b>" . $cmp_status[$o->status] . "</b>)</font></h3>";
     echo "<form name=modify method=post action=admin.php?view=" . $_GET["view"] . ">";
     echo "<input type=hidden name=compid value=" . $o->id . ">\n";
     make_secure_form("modifycomplaint" . $_GET["view"]);
     echo "<table width=100% border=1 cellpadding=5 cellspacing=0>";
     echo initial_complaint($_GET["view"], 0);
     /*
     		echo "<tr>";
     		echo "<td bgcolor=#990000 valign=top align=right><font color=#ffffff>";
     		echo "Status</font></td>";
     		echo "<td width=99% valign=top>";
     		echo $o->status . " (" . $cmp_status[$o->status] . ")";
     		echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
     		echo "Switch to : <select name=switchto><option value=0>---</option><option value=2>(2) being processed</option><option value=3>(3) resolved</option><option value=4>(4) abandonned</option><option value=99>(99) deleted</option></select>&nbsp;<input type=submit value=Go!>";
     		echo "</td></tr>\n";
     */
     echo "<tr>";
     echo "<td bgcolor=#990000 valign=top align=right><font color=#ffffff>";
     echo "Currently&nbsp;owned&nbsp;by</font></td>";

Example #6

0

Show file

File: complaints.php Project: Shadowss/gnuworld-website

     if ($_GET["email"] != "" && $_GET["email2"] != "") {
         if (strtolower(trim($_GET["email"])) == strtolower(trim($_GET["email2"]))) {
             $from_email = strtolower(trim($_GET["email"]));
             if (!preg_match("/^[A-Za-z0-9_+-.]+@[A-Za-z0-9.-]+\\.[A-Za-z][A-Za-z]+\$/", $from_email)) {
                 echo "<big>e-mail syntax is invalid</big>.";
                 die("</td></tr></table></body></html>");
             } else {
             }
         } else {
             echo "<big>Please check your e-mail, both entries do not match</big>.";
             die("</td></tr></table></body></html>");
         }
     }
 }
 echo "<form name=complaintreq method=post action=record.php>\n";
 make_secure_form("complaintreq" . $from_email . ($user_id + 0), 1800);
 if ($user_id == 0) {
     echo "<input type=hidden name=from_mail value=\"" . $from_email . "\">\n";
     echo "<input type=hidden name=from_id value=0>\n";
 } else {
     //echo "<INPUT TYPE=hidden name=\"MAX_FILE_SIZE\" value=102400>";
     echo "<input type=hidden name=from_mail value=\"" . $from_email . "\">\n";
     echo "<input type=hidden name=from_id value=" . ($user_id + 0) . ">\n";
 }
 echo "<input type=hidden name=ct value=\"" . $_GET["ct"] . "\">\n";
 switch ($_GET["ct"]) {
     case 1:
         // username suspended
         if ($user_id == 0) {
             echo "<b>Your username</b> :<br><input type=text name=login size=20 maxlength=12><br><b>Your password</b> :<br><input type=password name=passwd size=20 maxlength=255><br><i>This check will work even if the login page says you're suspended</i><br><br>\n";
             echo "<b>Complaint summary</b> :<br><textarea name=complaint_text cols=60 rows=10 wrap></textarea><br><br>\n";

Example #7

0

Show file

File: newuser.php Project: Shadowss/gnuworld-website

}
if ($curr_step == 8) {
    if ($_POST["rCRC"] == md5($_POST["username"] . CRC_SALT_0011 . $_SERVER["REMOTE_ADDR"] . $_POST["email"] . $_POST["gfxcode_val"] . CRC_SALT_0007)) {
        // sets cookie so user cannot create another username within 4 hours.
        if (UNETUB_TIME > 0) {
            $expire = time() + UNETUB_TIME;
            $cookie = md5($expire . "Undernet User Block");
            setcookie("UNETUB", $cookie, $expire, "/");
        }
    }
}
std_theme_styles(1);
std_theme_body();
echo "<form name=newUsr method=POST onSubmit=\"return stepChk(this)\">\n";
echo "<input type=hidden name=showStep value=\"" . (int) ((int) $curr_step + 1) . "\">\n";
make_secure_form("step" . (int) ((int) $curr_step + 1));
echo "<center>";
echo "<h1>New Username</h1>";
echo "<table width=500 bgcolor=#" . $cTheme->main_textcolor . "><tr><td>\n";
echo "<table cellpadding=5 bgcolor=#" . $cTheme->table_bgcolor . " width=100%><tr><td><font color=#" . $cTheme->main_textcolor . ">";
if ($curr_step <= 7) {
    echo "<font size=+2>Step " . (int) $curr_step . " / " . (int) $max_step . "</font><br><br>\n";
} else {
    echo "<font size=+2>Congratulations !</font><br><br>\n";
}
// step data START
$jsf = "";
$err = "";
$hackpc = 0;
switch ((int) $curr_step) {
    default:

PHP make_secure_form Examples