Example #1
0
 function AddModule()
 {
     $name = substr($_POST['module_file'], 0, strrpos($_POST['module_file'], '.instructions'));
     $file = mysql_clean($_POST['module_file']);
     $active = mysql_clean($_POST['active']);
     if (empty($name)) {
         $msg[] = "Module Name Is Empty";
     } elseif (!$this->isValidModule($name)) {
         $msg[] = "Module Name Is Not Valid";
     }
     $data = $this->GetModuleDetails($name);
     if (!empty($data['module_name'])) {
         $msg[] = "Module Already Exists";
     }
     if (empty($file)) {
         $msg[] = "No File Selected";
     }
     if (!file_exists(MODULEDIR . '/' . $file)) {
         $msg[] = "Specified File Does not Exists";
     }
     if (empty($msg)) {
         mysql_query("INSERT INTO modules(module_name,module_file,active)VALUES('" . $name . "','" . $file . "','" . $active . "')");
         $msg = "Module Has Been Added";
     }
     return $msg;
 }
Example #2
0
function cb_verify_honeypot()
{
    global $eh;
    $salt = mysql_clean(post('cb_verifier'));
    if ($salt) {
        $timestamp_name = cb_honeypot_hash_fieldname('cb_timestamp', $salt);
        $timestamp = mysql_clean(post($timestamp_name));
        if ($timestamp) {
            $difference = time() - $timestamp;
            if ($difference < CB_HONEYPOT_FORM_SUBMISSION_WINDOW) {
                e(lang(sprintf('Submitting form in %d %s. Are you even a human ?', $difference, $difference == 1 ? 'second' : 'seconds')));
                return false;
            }
            $honeypot_name = cb_honeypot_hash_fieldname('cb_honeypot', $salt);
            $honeypot = mysql_clean(post($honeypot_name));
            if (CB_HONEYPOT_DEFAULT_VALUE == '') {
                if ($honeypot != '') {
                    e(lang('Someone is tampering with forms. Can not process further.'));
                    return false;
                }
            } else {
                if (!$honeypot or $honeypot != CB_HONEYPOT_DEFAULT_VALUE) {
                    e(lang('Someone is tampering with forms. Can not process further.'));
                    return false;
                }
            }
            return true;
        } else {
            e(lang('Unable to locate timestamp. Can not process further.'));
        }
    } else {
        e(lang('No verification code provided. Can not process further.'));
    }
    return false;
}
function findContact($email)
{
    global $db;
    $email = mysql_clean($email);
    $info = $db->query("SELECT id FROM people WHERE email = {$email}");
    return $info->id;
}
Example #4
0
 function editors_pick()
 {
     if ($_GET['add_editor_pick']) {
         $vid = mysql_clean($_GET['add_editor_pick']);
         add_to_editor_pick($vid);
     }
     if ($_GET['remove_editor_pick']) {
         $vid = mysql_clean($_GET['remove_editor_pick']);
         remove_vid_editors_pick($vid);
     }
 }
Example #5
0
 /**
  * Function is used to get session
  */
 function get_user_session($user, $session_name = false, $phpsess = false)
 {
     global $db;
     if ($session_name) {
         $session_cond = " session_string='" . mysql_clean($session_name) . "'";
     }
     if ($phpsess) {
         if ($session_cond) {
             $session_cond .= " AND ";
         }
         $session_cond .= " session ='" . $this->id . "' ";
     }
     $results = $db->select(tbl($this->tbl), '*', $session_cond);
     return $results;
 }
Example #6
0
 /**
  * Function used to edit advertisment
  * @params Array
  */
 function EditAd($array = NULL)
 {
     global $db;
     if (!$array) {
         $array = $_POST;
     }
     $placement = mysql_clean($array['placement']);
     $name = mysql_clean($array['name']);
     $code = mysql_real_escape_string(htmlspecialchars($array['code']));
     $category = mysql_clean(@$array['category']);
     $id = $array['ad_id'];
     if (!$this->ad_exists($id)) {
         e(lang("ad_exists_error1"));
     } elseif (empty($name)) {
         e(lang('ad_name_error'));
     } else {
         $db->update(tbl("ads_data"), array("ad_placement", "ad_name", "ad_category", "ad_code", "ad_status"), array($placement, $name, $category, "|no_mc|" . $code, $array['status'], $id), " ad_id='{$id}' ");
         e(lang('ad_update_msg'), "m");
     }
 }
Example #7
0
 /**
  * Function used to add custom field in upload form
  */
 function add_custom_field($array)
 {
     global $db, $LANG;
     foreach ($array as $key => $attr) {
         if ($key == 'name' || $key == 'title') {
             if (empty($attr)) {
                 e(sprintf(lang('cust_field_err'), $key));
             }
         }
         if (!error_list()) {
             if (!empty($attr)) {
                 $fields_array[] = 'custom_field_' . $key;
                 $value_array[] = mysql_clean($attr);
             }
             if ($key == 'db_field') {
                 $db->execute("ALTER TABLE " . tbl('video') . " ADD `" . $attr . "` TEXT NOT NULL");
             }
         }
     }
     if (!error_list()) {
         $db->insert(tbl("custom_fields"), $fields_array, $value_array);
     }
 }
Example #8
0
/* 
 *************************************************************
 | Copyright (c) 2007-2010 Clip-Bucket.com. All rights reserved.
 | @ Author	   : ArslanHassan									
 | @ Software  : ClipBucket , © PHPBucket.com					
 *************************************************************
*/
define("THIS_PAGE", 'edit_group');
define("PARENT_PAGE", 'groups');
require 'includes/config.inc.php';
$userquery->logincheck();
$udetails = $userquery->get_user_details(userid());
assign('user', $udetails);
assign('p', $userquery->get_user_profile($udetails['userid']));
$gid = mysql_clean($_GET['group_id']);
//get group details
$gdetails = $cbgroup->get_group_details($gid);
$gArray = array('group' => $gdetails, 'groupid' => $gid, 'uid' => userid(), 'user' => $userquery->udetails, 'checkowner' => 'yes');
if (!$cbgroup->is_admin($gArray) && !has_access('admin_access', true)) {
    e(lang("you_cant_edit_group"));
    $Cbucket->show_page = false;
} else {
    //Updating Video Details
    if (isset($_POST['update_group'])) {
        $_POST['group_id'] = $gid;
        $cbgroup->update_group();
        $gdetails = $cbgroup->get_group_details($gid);
    }
    assign('group', $gdetails);
}
Example #9
0
 | @ Author : ArslanHassan										
 | @ Software : ClipBucket , © PHPBucket.com					
 ****************************************************************
*/
require_once '../includes/admin_config.php';
$userquery->admin_login_check();
$pages->page_redir();
if (!defined('MAIN_PAGE')) {
    define('MAIN_PAGE', 'Videos');
}
if (!defined('SUB_PAGE')) {
    define('SUB_PAGE', "Editor's Pick");
}
//Removing
if (isset($_GET['remove'])) {
    $id = mysql_clean($_GET['remove']);
    remove_vid_editors_pick($id);
}
if (isset($_POST['delete_selected'])) {
    for ($id = 0; $id <= count($_POST['check_video']); $id++) {
        remove_vid_editors_pick($_POST['check_video'][$id]);
    }
    $eh->flush();
    e("Selected videos have been removed from editors pick", "m");
}
$ep_videos = get_ep_videos();
if (isset($_POST['update_order'])) {
    if (is_array($ep_videos)) {
        foreach ($ep_videos as $epvid) {
            $order = $_POST['ep_order_' . $epvid['pick_id']];
            move_epick($epvid['videoid'], $order);
Example #10
0
         $feed = $cbfeeds->get_feed($fid);
         assign('feed', $feed);
         if ($object_type) {
             $template = get_template('single_feed_' . $object_type);
         }
         if (!$template) {
             $template = get_template('single_feed');
         }
         $array = array('success' => 'ok', 'template' => $template, 'fid' => $fid);
         echo json_encode($array);
     } catch (Exception $e) {
         exit(json_encode(array('err' => array($e->getMessage()))));
     }
     break;
 case "get_notifications":
     $uid = mysql_clean(post('userid'));
     if (!$uid) {
         $uid = userid();
     }
     $notifications = $cbfeeds->get_notifications('unread');
     $updates = array();
     if ($notifications) {
         $total_new = 0;
         $the_notifications = array();
         $notification_template = '';
         foreach ($notifications as $notification) {
             $the_notifications['ids'][] = $notification['notification_id'];
             //Lets create a template and append to it..
             assign('notification', $notification);
             $notification_template .= get_template('notification_block');
             $total_new++;
Example #11
0
}
switch ($mode) {
    case "view":
    default:
        assign("mode", "view");
        //Getting Video List
        $page = mysql_clean($_GET['page']);
        $get_limit = create_query_limit($page, 5);
        $photos = $cbphoto->action->get_flagged_objects($get_limit);
        assign('photos', $photos);
        //Collecting Data for Pagination
        $total_rows = $cbphoto->action->count_flagged_objects();
        $total_pages = count_pages($total_rows, 5);
        //Pagination
        $pages->paginate($total_pages, $page);
        break;
    case "view_flags":
        assign("mode", "view_flags");
        $pid = mysql_clean($_GET['pid']);
        $pdetails = $cbphoto->get_photo($pid);
        if ($pdetails) {
            $flags = $cbphoto->action->get_flags($pid);
            assign('flags', $flags);
            assign('photo', $pdetails);
        } else {
            e("Photo does not exist");
        }
}
subtitle("Flagged Photos");
template_files('flagged_photos.html');
display_it();
Example #12
0
 /**
  * Function used to update email template
  */
 function update_template($params)
 {
     global $db;
     $id = mysql_clean($params['id']);
     $subj = mysql_clean($params['subj']);
     $msg = mysql_real_escape_string($params['msg']);
     if (!$this->template_exists($id)) {
         e(lang("email_template_not_exist"));
     } elseif (empty($subj)) {
         e(lang("email_subj_empty"));
     } elseif (empty($msg)) {
         e(lang("email_msg_empty"));
     } else {
         $db->update(tbl($this->db_tpl), array("email_template_subject", "email_template"), array($subj, '|no_mc|' . $msg), " email_template_id='{$id}'");
         e(lang("email_tpl_has_updated"), "m");
     }
 }
Example #13
0
                        $login_success = lang('welcome_back') . ", {$_SESSION['user_name']}";
                        break;
                }
            } else {
                // Incase your server doesn't classify booleans as numbers. Just incase.
                $login_success = lang('welcome_back') . ", {$_SESSION['user_name']}";
            }
        } else {
            $login_error = lang('error_invalid_user_pass');
        }
    }
} else {
    if (isset($login_cookie)) {
        $data = explode(":", $login_cookie);
        $username = mysql_clean($data[0]);
        $password = mysql_clean($data[1]);
        $sql = "SELECT * FROM users WHERE username = '******' AND password = '******'";
        $result = @$database->query($sql) or die("No.");
        // Huge error
        // Cookies don't match and no session, so tell them to logout!
        if ($database->num($result) < 1) {
            session_destroy();
            unset($username);
            unset($password);
            include $config['template_path'] . "header.php";
            print_out(lang('error_with_cookies'), lang_parse('error_cookie_body', array($config['url_path'] . '/logout.php')), false);
        } else {
            if ($database->num($result) > 0) {
                // Get the users data
                $user_data = $database->fetch($result);
                // What is this user classified as?
Example #14
0
<?php

$userquery->get_user_details();
$adminemail = $userquery->get_user_field_only(1, 'email');
$title = mysql_clean(post('title'));
$slogan = mysql_clean(post('slogan'));
$baseurl = mysql_clean(post('baseurl'));
//First update website settings
$myquery->Set_Website_Details('site_title', $title);
$myquery->Set_Website_Details('site_slogan', $slogan);
$myquery->Set_Website_Details('baseurl', $baseurl);
?>
</div>
<div class="nav_des clearfix">
    <div class="cb_container">
    <h4 style="color:#fff">Registeration (Optional)</h4>
    <p style="color:#fff; font-size:13px;">As you have installed ClipBucket Succesffuly, we highly recommend you to register your website on our Clipbucket. its really simple, just click on Register and continue and your website will be register on Clipbucket website</p>



</div><!--cb_container-->
</div><!--nav_des-->
<!--<h2>Registeration (Optional)</h2>
As you have installed ClipBucket Succesffuly, we highly recommend you to register your website on our Clipbucket. its really simple, just click on Register and continue and your website will be register on Clipbucket website<br />
<br />-->



<div id="sub_container" class="br5px">
<h3>Why we suggest registeration?</h3>
<div class="register">
    header("Location: " . URL . "standard/{$_GET['table']}/saved");
    exit;
}
$list = $db->query("SELECT * FROM {$table_name} WHERE active = 1 ORDER BY id");
if ($id) {
    $info = $db->query("SELECT * FROM {$table_name} WHERE id = {$id}");
}
if ($_GET['saved']) {
    $print = "Information has been saved";
}
if ($_GET['action'] == "mailchimp") {
    require_once 'mailchimp.php';
    $MailChimp = new \Drewm\MailChimp(MAILCHIMP_API_KEY);
    $return = $MailChimp->call('lists/segment-add', array('id' => MAILCHIMP_LIST, 'opts' => array('type' => 'static', 'name' => $info->name)));
    if ($return['id']) {
        $post = array('mailchimp_id' => mysql_clean($return['id']));
        $db->update($table_name, $post, "id = {$id}", 1);
        header("Location: " . URL . "standard/mailinglist/edit/{$id}");
        exit;
    } else {
        $error = "Segment was not created! <br />Error: " . $return['error'];
    }
}
$mainorganizations = $db->query("SELECT * FROM organization_main_types WHERE active = 1 ORDER BY name");
?>
<!doctype html>
<html>
<head>
<title><?php 
echo SITENAME;
?>
Example #16
0
}
switch ($mode) {
    case "view":
    default:
        assign("mode", "view");
        //Getting Video List
        $page = mysql_clean($_GET['page']);
        $get_limit = create_query_limit($page, 5);
        $videos = $cbvid->action->get_flagged_objects($get_limit);
        Assign('videos', $videos);
        //Collecting Data for Pagination
        $total_rows = $cbvid->action->count_flagged_objects();
        $total_pages = count_pages($total_rows, 5);
        //Pagination
        $pages->paginate($total_pages, $page);
        break;
    case "view_flags":
        assign("mode", "view_flags");
        $vid = mysql_clean($_GET['vid']);
        $vdetails = $cbvid->get_video($vid);
        if ($vdetails) {
            $flags = $cbvid->action->get_flags($vid);
            assign('flags', $flags);
            assign('video', $vdetails);
        } else {
            e("Video does not exist");
        }
}
subtitle("Flagged Videos");
template_files('flagged_videos.html');
display_it();
Example #17
0
$pages->page_redir();
/* Assigning page and subpage */
if (!defined('MAIN_PAGE')) {
    define('MAIN_PAGE', 'Users');
}
if (!defined('SUB_PAGE')) {
    define('SUB_PAGE', 'Manage categories');
}
//Form Processing
if (isset($_POST['add_cateogry'])) {
    $userquery->thumb_dir = 'users';
    $userquery->add_category($_POST);
}
//Making Categoyr as Default
if (isset($_GET['make_default'])) {
    $cid = mysql_clean($_GET['make_default']);
    $userquery->make_default_category($cid);
}
//Edit Categoty
if (isset($_GET['category'])) {
    assign("edit_category", "show");
    if (isset($_POST['update_category'])) {
        $userquery->thumb_dir = 'users';
        $userquery->update_category($_POST);
    }
    assign('cat_details', $userquery->get_category($_GET['category']));
}
//Delete Category
if (isset($_GET['delete_category'])) {
    $userquery->delete_category($_GET['delete_category']);
}
/* Assigning page and subpage */
if (!defined('MAIN_PAGE')) {
    define('MAIN_PAGE', 'Advertisement');
}
if (!defined('SUB_PAGE')) {
    define('SUB_PAGE', 'Manage Placements');
}
//Removing Placement
if (isset($_GET['remove'])) {
    $placement = mysql_clean($_GET['remove']);
    $msg = $ads_query->RemovePlacement($placement);
}
//Adding Placement
if (isset($_POST['AddPlacement'])) {
    $placement_name = mysql_clean($_POST['placement_name']);
    $placement_code = mysql_clean($_POST['placement_code']);
    $array = array($placement_name, $placement_code);
    $msg = $ads_query->AddPlacement($array);
}
//Getting List Of Placement
$sql = "SELECT * FROM " . tbl("ads_placements");
$ads_placements = db_select($sql);
$total_placements = $db->num_rows;
//Getting total Ads in each placement
for ($id = 0; $id <= $total_placements; $id++) {
    $ads_placements[$id]['total_ads'] = $adsObj->count_ads_in_placement($ads_placements[$id]['placement']);
}
Assign('ads_placements', $ads_placements);
//pr($ads_placements,true);
subtitle("Add Advertisment Placement");
template_files('ads_add_placements.html');
Example #19
0
 /**
  * Function used to Delete data in database
  * @param : table name
  * @param : fields array
  * @param : values array
  * @params : Extra params
  */
 function delete($tbl, $flds, $vls, $ep = NULL)
 {
     //dbDelete($tbl,$flds,$vls,$ep);
     global $db;
     $total_fields = count($flds);
     $count = 0;
     for ($i = 0; $i < $total_fields; $i++) {
         $count++;
         $val = mysql_clean($vls[$i]);
         $needle = substr($val, 0, 3);
         if ($needle != '|f|') {
             $fields_query .= $flds[$i] . "='" . $val . "'";
         } else {
             $val = substr($val, 3, strlen($val));
             $fields_query .= $flds[$i] . "=" . $val . "";
         }
         if ($total_fields != $count) {
             $fields_query .= ' AND ';
         }
     }
     //Complete Query
     $query = "DELETE FROM {$tbl} WHERE {$fields_query} {$ep}";
     $this->write($query);
     /*//if(!mysql_query($query)) die(mysql_error());
     		$this->total_queries++;
     		$this->total_queries_sql[] = $query;
     		$this->Execute($query);
     		if(mysql_error()) die ($this->db_query.'<br>'.mysql_error());*/
 }
Example #20
0
    $msg = $cbplugin->pluginActive($id, 'no', $folder);
}
/**
 * dectivating Multiple
 */
if ($_POST['action-mode'] == 'deactivate') {
    $plugs = count($_POST['check_plugin']);
    for ($i = 0; $i < $plugs; $i++) {
        $itr = $_POST['check_plugin'][$i];
        $cbplugin->pluginActive($_POST['plugin_file_' . $itr], 'no', $_POST['plugin_folder_' . $itr]);
    }
}
//Installing Plugin
if (isset($_GET['install_plugin'])) {
    $folder = $_GET['f'];
    $installed = $cbplugin->installPlugin(mysql_clean($_GET['install_plugin']), $folder);
    if ($installed) {
        include $installed;
    }
}
/**
 * Installing Multiple Plugins
 */
if ($_POST['action-mode'] == 'install') {
    $plugs = count($_POST['check_plugin']);
    for ($i = 0; $i < $plugs; $i++) {
        $itr = $_POST['check_plugin'][$i];
        $installed = $cbplugin->installPlugin($_POST['plugin_file_' . $itr], $_POST['plugin_folder_' . $itr]);
        if ($installed) {
            include $installed;
        }
Example #21
0
<?php

/* 
 ***************************************************************
 | Copyright (c) 2007-2010 Clip-Bucket.com. All rights reserved.						
 | @ Author : ArslanHassan													
 | @ Software : ClipBucket , © PHPBucket.com								
 ***************************************************************
*/
define("THIS_PAGE", "invite_group");
define("PARENT_PAGE", "groups");
require 'includes/config.inc.php';
$pages->page_redir();
$url = mysql_clean($_GET['url']);
$details = $cbgroup->group_details_url($url);
assign('group', $details);
if (!$cbgroup->is_owner($details)) {
    e(lang("you_cant_invite_mems"));
} else {
    if ($details) {
        assign('friends', $userquery->get_contacts(userid(), 0));
    }
    //Inviting Friends
    if (isset($_POST['invite_friends'])) {
        $cbgroup->invite_members($_POST['friend'], $details['group_id']);
    }
    assign('mode', "invite_group");
    template_files('view_group.html');
    subtitle(lang("grp_invite_msg"));
    display_it();
}
Example #22
0
        $val = $_POST['exif'];
        if (empty($pid) || !$cbphoto->photo_exists($pid)) {
            $response = array('error' => lang('Photo does not exist'));
        }
        if (strtolower($val) != 'yes' || strtolower($val) != 'no') {
            $response = array('error' => lang('Invalid value provided'));
        }
        if ($db->update(tbl('photos'), array('view_exif'), array($val), " photo_id = '" . $pid . "' ")) {
            $response = array('success' => 'Exif privacy setting updated.');
        } else {
            $response = array('error' => 'Unable to update setting. Please try again');
        }
        echo json_encode($response);
        break;
    case "get_colors":
        $pid = mysql_clean($_POST['id']);
        $colors = get_photo_meta_value($pid, 'colors');
        if ($colors) {
            $colors = json_decode($colors, true);
            assign('colors', $colors);
            assign('photo', $cbphoto->get_photo($pid, true));
            $template = Fetch('/global/colors.html', STYLES_DIR);
            $response = array('success' => true, 'template' => $template);
        } else {
            $response = array('error' => 'No colors found for this photo.');
        }
        echo json_encode($response);
        break;
    default:
        exit(json_encode(array('err' => lang('Invalid request'))));
}
Example #23
0
    $eh->flush();
    e($total . " photos has been deleted successfully", "m");
}
if (isset($_POST['move_to_selected'])) {
    $total = count($_POST['check_photo']);
    for ($i = 0; $i < $total; $i++) {
        $id_array[] = $_POST['check_photo'][$i];
    }
    //$eh->flush();
}
if (isset($_GET['search'])) {
    $array = array('title' => $_GET['title'], 'pid' => $_GET['photoid'], 'key' => $_GET['photokey'], 'tags' => $_GET['tags'], 'featured' => $_GET['featured'], 'active' => $_GET['active'], 'user' => $_GET['userid'], 'extension' => $_GET['extension'], 'order' => $_GET['order']);
}
$parr = $array;
// Creating Limit
$page = mysql_clean($_GET['page']);
$get_limit = create_query_limit($page, RESULTS);
$parr['limit'] = $get_limit;
if (!$parr['order']) {
    $parr['order'] = " date_added DESC ";
} else {
    $parr['order'] = $parr['order'] . " DESC";
}
$collections = $cbcollection->get_collections(array("type" => "photos"));
$photos = $cbphoto->get_photos($parr);
Assign('photos', $photos);
assign('c', $collections);
$pcount = $parr;
$pcount['count_only'] = true;
$total_rows = $cbphoto->get_photos($pcount);
$total_pages = count_pages($total_rows, RESULTS);
Example #24
0
    case 'spam_comment':
        $cid = mysql_clean($_POST['cid']);
        $rating = $myquery->spam_comment($cid);
        if (msg()) {
            $msg = msg_list();
            $msg = $msg[0];
        }
        if (error()) {
            $err = error_list();
            $err = $err[0];
        }
        $ajax['msg'] = $msg;
        $ajax['err'] = $err;
        echo json_encode($ajax);
        break;
    case 'remove_spam':
        $cid = mysql_clean($_POST['cid']);
        $rating = $myquery->remove_spam($cid);
        if (msg()) {
            $msg = msg_list();
            $msg = $msg[0];
        }
        if (error()) {
            $err = error_list();
            $err = $err[0];
        }
        $ajax['msg'] = $msg;
        $ajax['err'] = $err;
        echo json_encode($ajax);
        break;
}
$relationships = $db->query("SELECT * FROM event_relationships WHERE active = 1 ORDER BY name");
$types = $db->query("SELECT * FROM event_types WHERE active = 1 ORDER BY name");
$mailinglists = $db->query("SELECT * FROM mailinglist_options WHERE active = 1 ORDER BY name");
if ($_POST) {
    $relationship = (int) $_POST['relationship'];
    if ($_POST['link'] == "new") {
        if (!$_POST['eventname']) {
            die("You wanted to add a new event but did not enter a name. Please go back and review.");
        }
        if (!$_POST['type']) {
            die("You wanted to add a new event but did not select an event type. Please go back and review.");
        }
        if (!$relationship) {
            die("You must set a relationship. Please go back and review.");
        }
        $post = array('name' => html($_POST['eventname']), 'place' => html($_POST['place']), 'date' => mysql_clean(format_date("Y-m-d", $_POST['date'])), 'type' => (int) $_POST['type'], 'parent_event' => $_POST['parent_event'] ? (int) $_POST['parent_event'] : "NULL");
        $db->insert("events", $post);
        $event = $db->insert_id;
    } elseif ($_POST['link'] == "existing") {
        $event = (int) $_POST['event'];
        if (!$event) {
            die("You must select an event!");
        }
    }
    foreach ($_POST['firstname'] as $key => $value) {
        if ($_POST['firstname'][$key] || $_POST['lastname'][$key] || $_POST['organization'][$key] || $_POST['email'][$key]) {
            $id = findContact($_POST['email'][$key]);
            if ($id) {
                $post = false;
                $print[$key] = "<strong>Contact <a href='people/{$id}'>#{$id}</a> identified by e-mail ({$_POST['email'][$key]}).</strong><br />";
                if ($_POST['firstname'][$key]) {
Example #26
0
        $title = "Recently Added Videos";
        break;
    case 'views':
        $videos = get_videos(array('limit' => $limit, 'order' => 'views DESC'));
        $title = "Most Viewed Videos";
        break;
    case 'rating':
        $videos = get_videos(array('limit' => $limit, 'order' => 'rating DESC'));
        $title = "Top Rated Videos";
        break;
    case 'watching':
        $videos = get_videos(array('limit' => $limit, 'order' => 'last_viewed DESC'));
        $title = "Videos Being Watched";
        break;
    case 'user':
        $user = mysql_clean($_GET['username']);
        //Get userid from username
        $uid = $userquery->get_user_field_only($user, 'userid');
        $uid = $uid ? $uid : 'x';
        $videos = get_videos(array('limit' => $limit, 'user' => $uid, 'order' => 'date_added DESC'));
        //Count Total Videos of this user
        $total_vids = get_videos(array('count_only' => true, 'user' => $uid));
        $title = "Videos uploaded by " . $user;
        break;
}
subtitle($title);
?>

<rss version="2.0" xmlns:media="http://search.yahoo.com/mrss/">
<channel>
<title><?php 
 function openid_login($url, $update = false)
 {
     $db = new DB();
     $mysql_url = mysql_clean($url);
     if (defined("IPCHECK") && !IPCHECK) {
         $ip = $_SERVER["REMOTE_ADDR"];
     } else {
         $ip = "123.123.123.123";
         // Use a static IP; i.e. do not check for a constant IP
     }
     $user_agent = $_SERVER["HTTP_USER_AGENT"];
     $login = $db->query("SELECT * FROM openid_identities WHERE url = {$mysql_url}");
     if ($login->num_rows) {
         $data = encrypt($url . $user_agent . $ip) . $login->id;
         setcookie("openid_session", $data, false, "/");
         if ($update) {
             $db->query("UPDATE openid_identities SET url = '{$update}' WHERE id = " . $login->id);
         }
         $db->query("UPDATE openid_users SET last_login = NOW() WHERE id = " . $login->id);
         return $login->userid;
     } else {
         return false;
     }
 }
Example #28
0
/**
 * Update specific field rather than whole post
 * @param integer $id post we are editing
 * @param string $field post field
 * @param string $value new data to enter into post
 * @return string|int
 */
function update_field($id, $field, $value)
{
    // Error codes
    //	905		- Invalid id
    if (!is_numeric($id)) {
        return 905;
    } else {
        // Clean value, fields are clean as WE set them
        $value = mysql_clean($value);
        // Update the forum with the new value
        $result = mysql_query("UPDATE `forum` SET `{$field}` = '{$value}' WHERE `id` = '{$id}' LIMIT 1");
        // Did it work?
        if ($result) {
            return true;
        } else {
            return false;
        }
    }
}
Example #29
0
        $u_cond['order'] = " total_comments DESC";
        break;
}
//Getting User List
$page = mysql_clean($_GET['page']);
$get_limit = create_query_limit($page, CLISTPP);
$count_query = $ulist = $u_cond;
$ulist['limit'] = $get_limit;
$users = get_users($ulist);
Assign('users', $users);
if ($_GET['cat']) {
    $category = $userquery->get_category_field(mysql_clean(get('cat')), 'category_name');
    assign('category', $category);
}
if ($_GET['sort']) {
    $vsort = mysql_clean(get('sort'));
    $vsort = str_replace('most_comment', 'comment', $vsort);
    $sort = lang($vsort);
    if ($sort != $vsort) {
        assign('sort', $vsort);
    } else {
        $sort = false;
    }
    if ($vsort == 'most_recent') {
        $sort = false;
    }
}
$counter = get_counter('channel', $count_query);
if (!$counter) {
    //Collecting Data for Pagination
    $ucount = $u_cond;
Example #30
0
 function delete($tbl, $flds, $vls, $ep = NULL)
 {
     //dbDelete($tbl,$flds,$vls,$ep);
     global $db;
     $total_fields = count($flds);
     $fields_query = "";
     $count = 0;
     for ($i = 0; $i < $total_fields; $i++) {
         $count++;
         $val = mysql_clean($vls[$i]);
         $needle = substr($val, 0, 3);
         if ($needle != '|f|') {
             $fields_query .= $flds[$i] . "='" . $val . "'";
         } else {
             $val = substr($val, 3, strlen($val));
             $fields_query .= $flds[$i] . "=" . $val . "";
         }
         if ($total_fields != $count) {
             $fields_query .= ' AND ';
         }
     }
     //Complete Query
     $query = "DELETE FROM {$tbl} WHERE {$fields_query} {$ep}";
     //if(!mysql_query($query)) die(mysql_error());
     if (isset($this->total_queries)) {
         $this->total_queries++;
     }
     $this->total_queries_sql[] = $query;
     try {
         $this->mysqli->query($query);
     } catch (DB_Exception $e) {
         $e->getError();
     }
 }