function create_user($arr) { // Required: { username, nickname, email } or { openid_url } $a = get_app(); $result = array('success' => false, 'user' => null, 'password' => '', 'message' => ''); $using_invites = get_config('system', 'invitation_only'); $num_invites = get_config('system', 'number_invites'); $invite_id = x($arr, 'invite_id') ? notags(trim($arr['invite_id'])) : ''; $username = x($arr, 'username') ? notags(trim($arr['username'])) : ''; $nickname = x($arr, 'nickname') ? notags(trim($arr['nickname'])) : ''; $email = x($arr, 'email') ? notags(trim($arr['email'])) : ''; $openid_url = x($arr, 'openid_url') ? notags(trim($arr['openid_url'])) : ''; $photo = x($arr, 'photo') ? notags(trim($arr['photo'])) : ''; $password = x($arr, 'password') ? trim($arr['password']) : ''; $blocked = x($arr, 'blocked') ? intval($arr['blocked']) : 0; $verified = x($arr, 'verified') ? intval($arr['verified']) : 0; $publish = x($arr, 'profile_publish_reg') && intval($arr['profile_publish_reg']) ? 1 : 0; $netpublish = strlen(get_config('system', 'directory_submit_url')) ? $publish : 0; $tmp_str = $openid_url; if ($using_invites) { if (!$invite_id) { $result['message'] .= t('An invitation is required.') . EOL; return $result; } $r = q("select * from register where `hash` = '%s' limit 1", dbesc($invite_id)); if (!results($r)) { $result['message'] .= t('Invitation could not be verified.') . EOL; return $result; } } if (!x($username) || !x($email) || !x($nickname)) { if ($openid_url) { if (!validate_url($tmp_str)) { $result['message'] .= t('Invalid OpenID url') . EOL; return $result; } $_SESSION['register'] = 1; $_SESSION['openid'] = $openid_url; require_once 'library/openid.php'; $openid = new LightOpenID(); $openid->identity = $openid_url; $openid->returnUrl = $a->get_baseurl() . '/openid'; $openid->required = array('namePerson/friendly', 'contact/email', 'namePerson'); $openid->optional = array('namePerson/first', 'media/image/aspect11', 'media/image/default'); try { $authurl = $openid->authUrl(); } catch (Exception $e) { $result['message'] .= t("We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.") . EOL . EOL . t("The error message was:") . $e->getMessage() . EOL; return $result; } goaway($authurl); // NOTREACHED } notice(t('Please enter the required information.') . EOL); return; } if (!validate_url($tmp_str)) { $openid_url = ''; } $err = ''; // collapse multiple spaces in name $username = preg_replace('/ +/', ' ', $username); if (mb_strlen($username) > 48) { $result['message'] .= t('Please use a shorter name.') . EOL; } if (mb_strlen($username) < 3) { $result['message'] .= t('Name too short.') . EOL; } // I don't really like having this rule, but it cuts down // on the number of auto-registrations by Russian spammers // Using preg_match was completely unreliable, due to mixed UTF-8 regex support // $no_utf = get_config('system','no_utf'); // $pat = (($no_utf) ? '/^[a-zA-Z]* [a-zA-Z]*$/' : '/^\p{L}* \p{L}*$/u' ); // So now we are just looking for a space in the full name. $loose_reg = get_config('system', 'no_regfullname'); if (!$loose_reg) { $username = mb_convert_case($username, MB_CASE_TITLE, 'UTF-8'); if (!strpos($username, ' ')) { $result['message'] .= t("That doesn't appear to be your full (First Last) name.") . EOL; } } if (!allowed_email($email)) { $result['message'] .= t('Your email domain is not among those allowed on this site.') . EOL; } if (!valid_email($email) || !validate_email($email)) { $result['message'] .= t('Not a valid email address.') . EOL; } // Disallow somebody creating an account using openid that uses the admin email address, // since openid bypasses email verification. We'll allow it if there is not yet an admin account. $adminlist = explode(",", str_replace(" ", "", strtolower($a->config['admin_email']))); //if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url)) { if (x($a->config, 'admin_email') && in_array(strtolower($email), $adminlist) && strlen($openid_url)) { $r = q("SELECT * FROM `user` WHERE `email` = '%s' LIMIT 1", dbesc($email)); if (count($r)) { $result['message'] .= t('Cannot use that email.') . EOL; } } $nickname = $arr['nickname'] = strtolower($nickname); if (!preg_match("/^[a-z][a-z0-9\\-\\_]*\$/", $nickname)) { $result['message'] .= t('Your "nickname" can only contain "a-z", "0-9", "-", and "_", and must also begin with a letter.') . EOL; } $r = q("SELECT `uid` FROM `user`\n \tWHERE `nickname` = '%s' LIMIT 1", dbesc($nickname)); if (count($r)) { $result['message'] .= t('Nickname is already registered. Please choose another.') . EOL; } // Check deleted accounts that had this nickname. Doesn't matter to us, // but could be a security issue for federated platforms. $r = q("SELECT * FROM `userd`\n \tWHERE `username` = '%s' LIMIT 1", dbesc($nickname)); if (count($r)) { $result['message'] .= t('Nickname was once registered here and may not be re-used. Please choose another.') . EOL; } if (strlen($result['message'])) { return $result; } $new_password = strlen($password) ? $password : autoname(6) . mt_rand(100, 9999); $new_password_encoded = hash('whirlpool', $new_password); $result['password'] = $new_password; require_once 'include/crypto.php'; $keys = new_keypair(4096); if ($keys === false) { $result['message'] .= t('SERIOUS ERROR: Generation of security keys failed.') . EOL; return $result; } $default_service_class = get_config('system', 'default_service_class'); if (!$default_service_class) { $default_service_class = ''; } $prvkey = $keys['prvkey']; $pubkey = $keys['pubkey']; /** * * Create another keypair for signing/verifying * salmon protocol messages. We have to use a slightly * less robust key because this won't be using openssl * but the phpseclib. Since it is PHP interpreted code * it is not nearly as efficient, and the larger keys * will take several minutes each to process. * */ $sres = new_keypair(512); $sprvkey = $sres['prvkey']; $spubkey = $sres['pubkey']; $r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`,\n\t\t`pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked`, `timezone`, `service_class`, `default-location` )\n\t\tVALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, 'UTC', '%s', '' )", dbesc(generate_user_guid()), dbesc($username), dbesc($new_password_encoded), dbesc($email), dbesc($openid_url), dbesc($nickname), dbesc($pubkey), dbesc($prvkey), dbesc($spubkey), dbesc($sprvkey), dbesc(datetime_convert()), intval($verified), intval($blocked), dbesc($default_service_class)); if ($r) { $r = q("SELECT * FROM `user`\n\t\t\tWHERE `username` = '%s' AND `password` = '%s' LIMIT 1", dbesc($username), dbesc($new_password_encoded)); if ($r !== false && count($r)) { $u = $r[0]; $newuid = intval($r[0]['uid']); } } else { $result['message'] .= t('An error occurred during registration. Please try again.') . EOL; return $result; } /** * if somebody clicked submit twice very quickly, they could end up with two accounts * due to race condition. Remove this one. */ $r = q("SELECT `uid` FROM `user`\n \tWHERE `nickname` = '%s' ", dbesc($nickname)); if (count($r) > 1 && $newuid) { $result['message'] .= t('Nickname is already registered. Please choose another.') . EOL; q("DELETE FROM `user` WHERE `uid` = %d", intval($newuid)); return $result; } if (x($newuid) !== false) { $r = q("INSERT INTO `profile` ( `uid`, `profile-name`, `is-default`, `name`, `photo`, `thumb`, `publish`, `net-publish` )\n\t\t\tVALUES ( %d, '%s', %d, '%s', '%s', '%s', %d, %d ) ", intval($newuid), t('default'), 1, dbesc($username), dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"), intval($publish), intval($netpublish)); if ($r === false) { $result['message'] .= t('An error occurred creating your default profile. Please try again.') . EOL; // Start fresh next time. $r = q("DELETE FROM `user` WHERE `uid` = %d", intval($newuid)); return $result; } $r = q("INSERT INTO `contact` ( `uid`, `created`, `self`, `name`, `nick`, `photo`, `thumb`, `micro`, `blocked`, `pending`, `url`, `nurl`,\n\t\t\t`request`, `notify`, `poll`, `confirm`, `poco`, `name-date`, `uri-date`, `avatar-date`, `closeness` )\n\t\t\tVALUES ( %d, '%s', 1, '%s', '%s', '%s', '%s', '%s', 0, 0, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', 0 ) ", intval($newuid), datetime_convert(), dbesc($username), dbesc($nickname), dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/photo/micro/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/profile/{$nickname}"), dbesc(normalise_link($a->get_baseurl() . "/profile/{$nickname}")), dbesc($a->get_baseurl() . "/dfrn_request/{$nickname}"), dbesc($a->get_baseurl() . "/dfrn_notify/{$nickname}"), dbesc($a->get_baseurl() . "/dfrn_poll/{$nickname}"), dbesc($a->get_baseurl() . "/dfrn_confirm/{$nickname}"), dbesc($a->get_baseurl() . "/poco/{$nickname}"), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert())); // Create a group with no members. This allows somebody to use it // right away as a default group for new contacts. require_once 'include/group.php'; group_add($newuid, t('Friends')); $r = q("SELECT id FROM `group` WHERE uid = %d AND name = '%s'", intval($newuid), dbesc(t('Friends'))); if ($r && count($r)) { $def_gid = $r[0]['id']; q("UPDATE user SET def_gid = %d WHERE uid = %d", intval($r[0]['id']), intval($newuid)); } if (get_config('system', 'newuser_private') && $def_gid) { q("UPDATE user SET allow_gid = '%s' WHERE uid = %d", dbesc("<" . $def_gid . ">"), intval($newuid)); } } // if we have no OpenID photo try to look up an avatar if (!strlen($photo)) { $photo = avatar_img($email); } // unless there is no avatar-plugin loaded if (strlen($photo)) { require_once 'include/Photo.php'; $photo_failure = false; $filename = basename($photo); $img_str = fetch_url($photo, true); // guess mimetype from headers or filename $type = guess_image_type($photo, true); $img = new Photo($img_str, $type); if ($img->is_valid()) { $img->scaleImageSquare(175); $hash = photo_new_resource(); $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 4); if ($r === false) { $photo_failure = true; } $img->scaleImage(80); $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 5); if ($r === false) { $photo_failure = true; } $img->scaleImage(48); $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 6); if ($r === false) { $photo_failure = true; } if (!$photo_failure) { q("UPDATE `photo` SET `profile` = 1 WHERE `resource-id` = '%s' ", dbesc($hash)); } } } call_hooks('register_account', $newuid); $result['success'] = true; $result['user'] = $u; return $result; }
function send($id) { $form = is_array($id) ? $id : get($id); $results = results($id); if (!$results) { return false; } if (!is_array($form['template']) || !strlen($form['template']['recipient'])) { return false; } $smarty = new \Smarty(); $smarty->compile_check = true; $smarty->debugging = false; foreach ($results as $nm => $val) { $smarty->assign($nm, $val); } $mail = new \PHPMailer(); $mail->CharSet = 'UTF-8'; $mail->Subject = $smarty->fetch('string:' . $form['template']['subject']); $addresses = explode(',', $form['template']['recipient']); foreach ($addresses as $a) { $mail->AddAddress(trim($a)); } $mail->MsgHTML($smarty->fetch('string:' . $form['template']['body'])); return $mail->Send(); }
function check_account_invite($invite_code) { $result = array('error' => false, 'message' => ''); $using_invites = get_config('system', 'invitation_only'); if ($using_invites) { if (!$invite_code) { $result['message'] .= t('An invitation is required.') . EOL; } $r = q("select * from register where `hash` = '%s' limit 1", dbesc($invite_code)); if (!results($r)) { $result['message'] .= t('Invitation could not be verified.') . EOL; } } if (strlen($result['message'])) { $result['error'] = true; } $arr = array('invite_code' => $invite_code, 'result' => $result); call_hooks('check_account_invite', $arr); return $arr['result']; }
function register_post(&$a) { global $lang; $verified = 0; $blocked = 1; switch ($a->config['register_policy']) { case REGISTER_OPEN: $blocked = 0; $verified = 1; break; case REGISTER_APPROVE: $blocked = 1; $verified = 0; break; default: case REGISTER_CLOSED: if (!x($_SESSION, 'authenticated') && !x($_SESSION, 'administrator')) { notice(t('Permission denied.') . EOL); return; } $blocked = 1; $verified = 0; break; } $using_invites = get_config('system', 'invitation_only'); $num_invites = get_config('system', 'number_invites'); $invite_id = x($_POST, 'invite_id') ? notags(trim($_POST['invite_id'])) : ''; $username = x($_POST, 'username') ? notags(trim($_POST['username'])) : ''; $nickname = x($_POST, 'nickname') ? notags(trim($_POST['nickname'])) : ''; $email = x($_POST, 'email') ? notags(trim($_POST['email'])) : ''; $openid_url = x($_POST, 'openid_url') ? notags(trim($_POST['openid_url'])) : ''; $photo = x($_POST, 'photo') ? notags(trim($_POST['photo'])) : ''; $publish = x($_POST, 'profile_publish_reg') && intval($_POST['profile_publish_reg']) ? 1 : 0; $netpublish = strlen(get_config('system', 'directory_submit_url')) ? $publish : 0; $tmp_str = $openid_url; if ($using_invites) { if (!$invite_id) { notice(t('An invitation is required.') . EOL); return; } $r = q("select * from register where `hash` = '%s' limit 1", dbesc($invite_id)); if (!results($r)) { notice(t('Invitation could not be verified.') . EOL); return; } } if (!x($username) || !x($email) || !x($nickname)) { if ($openid_url) { if (!validate_url($tmp_str)) { notice(t('Invalid OpenID url') . EOL); return; } $_SESSION['register'] = 1; $_SESSION['openid'] = $openid_url; require_once 'library/openid.php'; $openid = new LightOpenID(); $openid->identity = $openid_url; $openid->returnUrl = $a->get_baseurl() . '/openid'; $openid->required = array('namePerson/friendly', 'contact/email', 'namePerson'); $openid->optional = array('namePerson/first', 'media/image/aspect11', 'media/image/default'); goaway($openid->authUrl()); // NOTREACHED } notice(t('Please enter the required information.') . EOL); return; } if (!validate_url($tmp_str)) { $openid_url = ''; } $err = ''; // collapse multiple spaces in name $username = preg_replace('/ +/', ' ', $username); if (mb_strlen($username) > 48) { $err .= t('Please use a shorter name.') . EOL; } if (mb_strlen($username) < 3) { $err .= t('Name too short.') . EOL; } // I don't really like having this rule, but it cuts down // on the number of auto-registrations by Russian spammers // Using preg_match was completely unreliable, due to mixed UTF-8 regex support // $no_utf = get_config('system','no_utf'); // $pat = (($no_utf) ? '/^[a-zA-Z]* [a-zA-Z]*$/' : '/^\p{L}* \p{L}*$/u' ); // So now we are just looking for a space in the full name. $loose_reg = get_config('system', 'no_regfullname'); if (!$loose_reg) { $username = mb_convert_case($username, MB_CASE_TITLE, 'UTF-8'); if (!strpos($username, ' ')) { $err .= t("That doesn't appear to be your full (First Last) name.") . EOL; } } if (!allowed_email($email)) { $err .= t('Your email domain is not among those allowed on this site.') . EOL; } if (!valid_email($email) || !validate_email($email)) { $err .= t('Not a valid email address.') . EOL; } // Disallow somebody creating an account using openid that uses the admin email address, // since openid bypasses email verification. We'll allow it if there is not yet an admin account. if (x($a->config, 'admin_email') && strcasecmp($email, $a->config['admin_email']) == 0 && strlen($openid_url)) { $r = q("SELECT * FROM `user` WHERE `email` = '%s' LIMIT 1", dbesc($email)); if (count($r)) { $err .= t('Cannot use that email.') . EOL; } } $nickname = $_POST['nickname'] = strtolower($nickname); if (!preg_match("/^[a-z][a-z0-9\\-\\_]*\$/", $nickname)) { $err .= t('Your "nickname" can only contain "a-z", "0-9", "-", and "_", and must also begin with a letter.') . EOL; } $r = q("SELECT `uid` FROM `user`\n \tWHERE `nickname` = '%s' LIMIT 1", dbesc($nickname)); if (count($r)) { $err .= t('Nickname is already registered. Please choose another.') . EOL; } if (strlen($err)) { notice($err); return; } $new_password = autoname(6) . mt_rand(100, 9999); $new_password_encoded = hash('whirlpool', $new_password); $res = openssl_pkey_new(array('digest_alg' => 'sha1', 'private_key_bits' => 4096, 'encrypt_key' => false)); // Get private key if (empty($res)) { notice(t('SERIOUS ERROR: Generation of security keys failed.') . EOL); return; } $prvkey = ''; openssl_pkey_export($res, $prvkey); // Get public key $pkey = openssl_pkey_get_details($res); $pubkey = $pkey["key"]; /** * * Create another keypair for signing/verifying * salmon protocol messages. We have to use a slightly * less robust key because this won't be using openssl * but the phpseclib. Since it is PHP interpreted code * it is not nearly as efficient, and the larger keys * will take several minutes each to process. * */ $sres = openssl_pkey_new(array('digest_alg' => 'sha1', 'private_key_bits' => 512, 'encrypt_key' => false)); // Get private key $sprvkey = ''; openssl_pkey_export($sres, $sprvkey); // Get public key $spkey = openssl_pkey_get_details($sres); $spubkey = $spkey["key"]; $r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`,\n\t\t`pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked` )\n\t\tVALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d )", dbesc(generate_user_guid()), dbesc($username), dbesc($new_password_encoded), dbesc($email), dbesc($openid_url), dbesc($nickname), dbesc($pubkey), dbesc($prvkey), dbesc($spubkey), dbesc($sprvkey), dbesc(datetime_convert()), intval($verified), intval($blocked)); if ($r) { $r = q("SELECT `uid` FROM `user` \n\t\t\tWHERE `username` = '%s' AND `password` = '%s' LIMIT 1", dbesc($username), dbesc($new_password_encoded)); if ($r !== false && count($r)) { $newuid = intval($r[0]['uid']); } } else { notice(t('An error occurred during registration. Please try again.') . EOL); return; } /** * if somebody clicked submit twice very quickly, they could end up with two accounts * due to race condition. Remove this one. */ $r = q("SELECT `uid` FROM `user`\n \tWHERE `nickname` = '%s' ", dbesc($nickname)); if (count($r) > 1 && $newuid) { $err .= t('Nickname is already registered. Please choose another.') . EOL; q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1", intval($newuid)); notice($err); return; } if (x($newuid) !== false) { $r = q("INSERT INTO `profile` ( `uid`, `profile-name`, `is-default`, `name`, `photo`, `thumb`, `publish`, `net-publish` )\n\t\t\tVALUES ( %d, '%s', %d, '%s', '%s', '%s', %d, %d ) ", intval($newuid), 'default', 1, dbesc($username), dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"), intval($publish), intval($netpublish)); if ($r === false) { notice(t('An error occurred creating your default profile. Please try again.') . EOL); // Start fresh next time. $r = q("DELETE FROM `user` WHERE `uid` = %d", intval($newuid)); return; } $r = q("INSERT INTO `contact` ( `uid`, `created`, `self`, `name`, `nick`, `photo`, `thumb`, `micro`, `blocked`, `pending`, `url`, `nurl`,\n\t\t\t`request`, `notify`, `poll`, `confirm`, `poco`, `name-date`, `uri-date`, `avatar-date` )\n\t\t\tVALUES ( %d, '%s', 1, '%s', '%s', '%s', '%s', '%s', 0, 0, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", intval($newuid), datetime_convert(), dbesc($username), dbesc($nickname), dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/photo/micro/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/profile/{$nickname}"), dbesc(normalise_link($a->get_baseurl() . "/profile/{$nickname}")), dbesc($a->get_baseurl() . "/dfrn_request/{$nickname}"), dbesc($a->get_baseurl() . "/dfrn_notify/{$nickname}"), dbesc($a->get_baseurl() . "/dfrn_poll/{$nickname}"), dbesc($a->get_baseurl() . "/dfrn_confirm/{$nickname}"), dbesc($a->get_baseurl() . "/poco/{$nickname}"), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert())); } $use_gravatar = get_config('system', 'no_gravatar') ? false : true; // if we have an openid photo use it. // otherwise unless it is disabled, use gravatar if ($use_gravatar || strlen($photo)) { require_once 'include/Photo.php'; if ($use_gravatar && !strlen($photo)) { $photo = gravatar_img($email); } $photo_failure = false; $filename = basename($photo); $img_str = fetch_url($photo, true); $img = new Photo($img_str); if ($img->is_valid()) { $img->scaleImageSquare(175); $hash = photo_new_resource(); $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 4); if ($r === false) { $photo_failure = true; } $img->scaleImage(80); $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 5); if ($r === false) { $photo_failure = true; } $img->scaleImage(48); $r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 6); if ($r === false) { $photo_failure = true; } if (!$photo_failure) { q("UPDATE `photo` SET `profile` = 1 WHERE `resource-id` = '%s' ", dbesc($hash)); } } } if ($netpublish && $a->config['register_policy'] != REGISTER_APPROVE) { $url = $a->get_baseurl() . "/profile/{$nickname}"; proc_run('php', "include/directory.php", "{$url}"); } call_hooks('register_account', $newuid); if ($a->config['register_policy'] == REGISTER_OPEN) { if ($using_invites && $invite_id) { q("delete * from register where hash = '%s' limit 1", dbesc($invite_id)); set_pconfig($newuid, 'system', 'invites_remaining', $num_invites); } $email_tpl = get_intltext_template("register_open_eml.tpl"); $email_tpl = replace_macros($email_tpl, array('$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$username' => $username, '$email' => $email, '$password' => $new_password, '$uid' => $newuid)); $res = mail($email, sprintf(t('Registration details for %s'), $a->config['sitename']), $email_tpl, 'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit'); if ($res) { info(t('Registration successful. Please check your email for further instructions.') . EOL); goaway(z_root()); } else { notice(t('Failed to send email message. Here is the message that failed.') . $email_tpl . EOL); } } elseif ($a->config['register_policy'] == REGISTER_APPROVE) { if (!strlen($a->config['admin_email'])) { notice(t('Your registration can not be processed.') . EOL); goaway(z_root()); } $hash = random_string(); $r = q("INSERT INTO `register` ( `hash`, `created`, `uid`, `password`, `language` ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ", dbesc($hash), dbesc(datetime_convert()), intval($newuid), dbesc($new_password), dbesc($lang)); $r = q("SELECT `language` FROM `user` WHERE `email` = '%s' LIMIT 1", dbesc($a->config['admin_email'])); if (count($r)) { push_lang($r[0]['language']); } else { push_lang('en'); } if ($using_invites && $invite_id) { q("delete * from register where hash = '%s' limit 1", dbesc($invite_id)); set_pconfig($newuid, 'system', 'invites_remaining', $num_invites); } $email_tpl = get_intltext_template("register_verify_eml.tpl"); $email_tpl = replace_macros($email_tpl, array('$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$username' => $username, '$email' => $email, '$password' => $new_password, '$uid' => $newuid, '$hash' => $hash)); $res = mail($a->config['admin_email'], sprintf(t('Registration request at %s'), $a->config['sitename']), $email_tpl, 'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit'); pop_lang(); if ($res) { info(t('Your registration is pending approval by the site owner.') . EOL); goaway(z_root()); } } return; }
function games($groupGames) { global $db_connect; $query = "SELECT T1.team_name as team_home, T2.team_name as team_away, \r\n\t \t\t\t\tT1.team_flag as home_flag, T2.team_flag as away_flag, \r\n\t \t\t\t\tT1.group_nr as home_team_number, T2.group_nr as away_team_number, \r\n\t \t\t\t\tgame_match.*\r\n\t\t\t\t\tFROM game_match, teams T1, teams T2\r\n\t\t\t\t\tWHERE T1.team_id=game_match.home_team_id AND T2.team_id=game_match.away_team_id "; $result = mysqli_query($db_connect, $query); while ($row = mysqli_fetch_assoc($result)) { // print_r($row); $game_id = $row["game_id"]; $group_nr = $row["home_team_number"]; $home_name = $row["team_home"]; $away_name = $row["team_away"]; $home_flag = $row["home_flag"]; $away_flag = $row["away_flag"]; $game_start = $row['game_start']; if ($group_nr == $groupGames) { ?> <table> <tbody> <tr> <td style="width:100px"><?php echo date("d M H:i", strtotime($game_start)); ?> </td> <td class="mobile_hide tablet_hide" style="width:100px; text-align:right;"><?php echo $home_name; ?> </td> <td style="width:30px; text-align:right;"><img class="flag" src="img/<?php echo $home_flag; ?> " /></td> <td style="width:40px; text-align:center;"> VS </td> <td style="width:30px"><img class="flag" src="img/<?php echo $away_flag; ?> " /></td> <td class="mobile_hide tablet_hide" style="width:100px"><?php echo $away_name; ?> </td> <td style="width:120px"><?php echo results($game_id); ?> </td> </tr> </tbody> </table> <?php } } }
* v1.1.1 * * Controls data to be be sent through API. * ****************************************************************************/ require_once "/libs/engine.php"; require_once "/libs/functions.php"; session_start(); $xml = "<result><code>"; if (checkVariable("key")) { $key = $_REQUEST['key']; $check_key = CheckKey($key); if (!empty($check_key)) { $engine = new HydroEngine("hydro"); if ($_REQUEST["f"] == "results") { $xml .= results($engine); } else { if ($_REQUEST["f"] == "heartbeat") { $xml .= heartbeat($engine); } else { $xml .= "3</code><codedesc>Invalid format"; } } } else { $xml .= "1</code><codedesc>Invalid key"; } } else { $xml .= "2</code><codedesc>Required parameter missing"; } $xml .= "</codedesc></result>"; echo $xml;
echo results($data); break; /* File methods ****************************************************************************/ /* File methods ****************************************************************************/ case 'alert.markAsRead': requireAuthentication($POD); $alert->markAsRead(); if (!$alert->success()) { $data['error'] = $alert->error(); } echo results($data); break; /*******************************************************************************************/ /*******************************************************************************************/ default: echo results(array('error' => "No valid API method specified! (method = {$method})")); break; } function requireAuthentication($POD) { if (!$POD->isAuthenticated()) { echo json_encode(array('error' => 'Access denied! Please login first!')); exit; } } function results($data, $format = 'json') { // if a callback function has been passed in as a parameter, this is a jsonP request if (isset($_GET['callback']) && ($func = $_GET['callback'])) { return "{$func}(" . json_encode($data) . ")"; } else {
$octaveString .= "]; b = [" . $userProtein * $numberOfServings . "; "; $octaveString .= $userCarbs * $numberOfServings . "; "; $octaveString .= $userFat * $numberOfServings . "]; "; } $octaveString .= "a \\ b' | egrep '[-]*[0-9]+\\.[0-9]{3,}\$' "; if ($errorReporting) { echo $octaveString . "<br>"; } //$result=shell_exec("octave --eval 'a = [1 3 6; 4 6 3; 4 6 9]; b = [3; 6; 9]; a \ b' | egrep '[-]*[0-9]+\.[0-9]{3,}$' "); $result = shell_exec($octaveString); $aString = preg_split("/[\\s,]+/", $result); if ($errorReporting) { echo "<br>Octave's results look like:<br>"; echo print_r($aString) . "<br>"; } results($aString); //Close the connection ?> </div> <script src="http://cdn.jsdelivr.net/jquery.validation/1.13.1/jquery.validate.min.js"></script> <script> $(document).ready(function(){ jQuery.validator.addMethod("titleReg", function(value, element, param) { return value.match(new RegExp("^" + param + "$")); }, "Your input cannot have special characters."); $('#foods').validate({
curl_setopt($ch, CURLOPT_USERAGENT, 'SMSPI CATS'); curl_setopt($ch, CURLOPT_POST, count($fields)); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields); //execute post $result = curl_exec($ch); //close connection curl_close($ch); // uncomment the line below if your are not getting the SMS. echo $result; } $sel = $pdo->prepare('SELECT * FROM `cats`'); $sel->execute(); $count = $sel->rowCount(); //Restock DB if only one result letft. if ($count == "0") { $me = results(); $flickr = json_decode($me, TRUE); foreach ($flickr['photos']['photo'] as $photo) { $cat = $photo['url_m']; insert2db($cat); } } //Select Flickr url $getcat = $pdo->prepare('SELECT * FROM `cats` LIMIT 0 , 1'); $getcat->execute(); $result = $getcat->fetch(PDO::FETCH_ASSOC); $caturl = $result['url']; //Convert to biy.ly $newurl = shortURL($caturl); //Send SMS $message = "Hello Cat Lady - here is today's Cat Picture " . $newurl . "";
if($user->AsPostfixAdministrator==false){ $tpl=new templates(); echo "alert('". $tpl->javascript_parse_text("{ERROR_NO_PRIVS}")."');"; die();exit(); } if(isset($_GET["tabs"])){tabs();exit;} if(isset($_GET["popup"])){rbls();exit;} if(isset($_GET["rbl-popup"])){rbl_add_popup();exit;} if(isset($_GET["rbl-list"])){rbl_list();exit;} if(isset($_POST["rbls-save"])){rbls_add();exit;} if(isset($_GET["keywords-edit"])){keywords_edit();exit;} if(isset($_GET["keywords-edit-save"])){keywords_edit_save();exit;} if(isset($_GET["RBLDisable"])){RBLDisable();exit;} if(isset($_GET["RBLDelete"])){RBLDelete();exit;} if(isset($_GET["results"])){results();exit;} if(isset($_GET["params"])){parameters();exit;} if(isset($_GET["PublicIPAddress"])){SaveParams();exit;} if(isset($_GET["CheckRBLNow"])){CheckRBLNow();exit;} if(isset($_GET["others-ip-list"])){other_ip_list();exit;} if(isset($_GET["OtherIpClient-add"])){other_ip_add();exit;} if(isset($_GET["OtherIpClient-del"])){other_ip_del();exit;} js(); function js(){ $tpl=new templates(); $page=CurrentPageName();
<form action="./" method="post" name="search"> <input name="a" type="hidden" value="search"/> <input name="q" type="text" value=""/> <select name="t" size=1> <option value="upc_description_sku">UPC/Description/Item Number</option> <option selected value="upc">UPC</option> <option value="description">Description</option> <option disabled value="item number">Item Number</option> <option disabled value="brand">Brand</option> <option value="section">Section</option> <option disabled value="vendor">Vendor</option> <option disabled value="ask">You can ask for more</option> </select> <input type="submit" value="search"/> </form>'; $html .= form(&$backoffice); $html .= results(&$backoffice); $html .= ' <div id="page_panel_statuses">'; foreach ($backoffice['status'] as $msg) { $html .= ' <p class="status">' . $msg . '</p>'; } $html .= ' </div> </div>'; $html .= foot(); $html .= ' </body> </html>'; print_r($html);
function test18() { echo "<p>Testing helper functions... "; \Minify\setBase("scripts", "scripts/"); \Minify\addFiles("scripts", ["script1.js", "script2.js"]); \Minify\addGroup("styles", "style1"); results(\Minify\createUri("scripts") == "/min/b=scripts&f=script1.js,script2.js" && \Minify\createUri("styles") == "/min/g=style1"); echo "</p>"; }
<span style="color: #efefef;">' . $category->name . '</span> Coupons <div class="shareico" style="position: relative; float: right;" data-ttip="RSS Feed"><a href="' . tlink('plugin/rss2.xml', 'cat=' . $category->ID) . '"></a></div> </div> <div style="margin-bottom: 20px;"> <ul class="category"> <li class="active">Coupons</li>'; if (theme_has_products()) { echo '<li><a href="' . get_update(array('page' => 1, 'type' => 'products')) . '">Products</a></li>'; } echo '</ul>'; if (!empty($category->description)) { echo '<article class="array_item category_box" style="border-top: 0;">' . $category->description . '</article>'; } echo '</div>'; if (results()) { foreach (items(array('orderby' => 'active desc')) as $item) { echo '<article class="array_item"> <div class="table"> <div class="left"> <img src="' . store_avatar($item->store_img) . '" alt=""> <span class="rating"><span style="width:' . $item->stars * 16 . 'px;"></span></span> <a href="' . $item->store_reviews_link . '">' . $item->reviews . ' reviews</a>'; echo !empty($item->cashback) ? '<span class="cashback-points" data-ttip="Great! Use it and you\'ll receive ' . $item->cashback . ' points.">' . $item->cashback . '</span> ' : ''; echo '</div> <div class="right"> <a href="' . $item->link . '" class="title">' . $item->title . '</a> More coupons for <a href="' . $item->store_link . '">' . $item->store_name . '</a>
<?php //This script will update all records in the movieinfo table define('FS_ROOT', realpath(dirname(__FILE__))); require_once FS_ROOT . "/../../www/config.php"; require_once FS_ROOT . "/../../www/lib/framework/db.php"; require_once FS_ROOT . "/../../www/lib/music.php"; $music = new Music(true); $db = new Db(); $albums = results(); shuffle($albums); foreach ($albums as $album) { $artist = $music->parseArtist($album); echo $artist['releasename'] . '<br />'; $result = $music->updateMusicInfo($artist['artist'], $artist['album'], $artist['year']); if ($result !== false) { echo '<pre>'; print_r($result); echo '</pre><br /><br />'; } die; } function results() { $str = 'Processing 260 music releases Looking up: Disintegration [The Cure-Disintegration-3CD-Deluxe Edition-2010-EOS] Looking up: Build And Destroy Euro Retail 2CD [Royce Da 59-Build And Destroy Euro Retail 2CD-2003-FTD] Looking up: Dream Dance Vol 48 [VA - Dream Dance Vol 48-2CD-2011-QMI] Looking up: Electro House Alarm Vol 8 [VA - Electro House Alarm Vol 8-2CD-2010-QMI] Looking up: Om Himlen Och Osterlen [Danne Strahed-Om Himlen Och Osterlen-2CD-SE-2010-LoKET] Looking up: Walk On Water Spacesynth Odyssey [Galaxy Hunter-Walk On Water Spacesynth Odyssey-(Rerip)-2CD-2010-BFHMP3]
function manage_surveys() { global $table_prefix, $wpdb; $survey_table = $table_prefix . "surveys"; if (isset($_REQUEST["wpsurv_submit"])) { require_once 'functions.php'; if ($_POST["wpsurv_submit"] == __('Edit', 'wp-surveys') || $_POST["wpsurv_submit"] == __('Cancel', 'wp-surveys') || $_POST["wpsurv_submit"] == __('Back to Edit Survey', 'wp-surveys')) { edit($_POST['survey_id']); } elseif ($_POST["wpsurv_submit"] == __('Update', 'wp-surveys')) { update($_POST['survey_id']); } elseif ($_POST["wpsurv_submit"] == __('Update Options', 'wp-surveys')) { update_options($_POST['survey_id'], $_POST['question_id']); } elseif ($_POST["wpsurv_submit"] == __('Activate', 'wp-surveys') || $_POST["wpsurv_submit"] == __('Make Active', 'wp-surveys')) { activate($_POST['survey_id']); } elseif ($_POST["wpsurv_submit"] == __('Retire', 'wp-surveys')) { retire($_POST['survey_id']); } elseif ($_POST["wpsurv_submit"] == __('Update Leaderboard', 'wp-surveys')) { recach_utility($_POST['survey_id']); } elseif ($_POST["wpsurv_submit"] == __('Edit Options', 'wp-surveys') || $_POST["wpsurv_submit"] == __('Add Some Options', 'wp-surveys') || $_POST["wpsurv_submit"] == __('Edit or Add more Options', 'wp-surveys')) { edit_options($_POST['survey_id'], $_POST['question_id']); } elseif ($_POST["wpsurv_submit"] == __('Add More Questions', 'wp-surveys') || $_POST["wpsurv_submit"] == __('Add Some Questions', 'wp-surveys')) { add_question($_POST['survey_id']); } elseif ($_POST["wpsurv_submit"] == __('Step 2', 'wp-surveys')) { step2($_POST['survey_id']); } elseif ($_POST["wpsurv_submit"] == __('Create Question', 'wp-surveys')) { create_quest($_POST['survey_id']); } elseif ($_POST["wpsurv_submit"] == __('Change Survey', 'wp-surveys') || $_POST["wpsurv_submit"] == __('Add Survey', 'wp-surveys')) { survey($_POST['survey_id']); } elseif ($_POST["wpsurv_submit"] == __('Add This Survey', 'wp-surveys')) { add_survey($_POST['survey_id']); } elseif ($_POST["wpsurv_submit"] == __('View Survey Results', 'wp-surveys')) { results($_POST['survey_id']); } //elseif($_POST["wpsurv_submit"] == __('View Survey Results in CSV File', 'wp-surveys')) //results_CSV($_POST['survey_id']); //elseif($_POST["wpsurv_submit"] == __('Delete File', 'wp-surveys')) //delete_file($_POST['survey_id']); } else { $current_plugins = get_option('active_plugins'); if (file_exists(ABSPATH . PLUGINDIR . '/polyglot.php') && in_array('polyglot.php', $current_plugins)) { $polyglot = true; } echo '<div class="wrap">'; $open_surveys = $wpdb->get_results("SELECT * FROM `" . $survey_table . "` WHERE `survey_open`='1' LIMIT 1;", ARRAY_A); echo '<h2>' . __('Survey Management', 'wp-surveys') . '</h2><h3><u>' . __('Active Survey', 'wp-surveys') . '</u>:</h3>'; if ($open_surveys) { echo '<table class="widefat" width="100%" cellpadding="4" cellspacing="4">'; echo '<tr><th align="left">' . __('Title', 'wp-surveys') . '</th><th align="left">' . __('Description', 'wp-surveys') . '</th><th></th><th></th><th></th></tr>'; foreach ($open_surveys as $survey) { echo '<tr class="alternate">'; if ($polyglot) { echo '<td><b>' . polyglot_filter(stripcslashes($survey['survey_name'])) . '</b></td><td>' . polyglot_filter(stripcslashes($survey['survey_describe'])) . '</td>'; } elseif (!$polyglot) { echo '<td><b>' . stripcslashes($survey['survey_name']) . '</b></td><td>' . stripcslashes($survey['survey_describe']) . '</td>'; } echo '<td class="submit" align="center"><form method="post" action=""><input type="hidden" name="survey_id" value="' . $survey['survey_id'] . '" />'; echo '<input type="submit" name="wpsurv_submit" value="' . __('Edit', 'wp-surveys') . '" /></form></td>'; echo '<td class="submit" align="center"><form method="post" action=""><input type="hidden" name="survey_id" value="' . $survey['survey_id'] . '" />'; echo '<input type="submit" name="wpsurv_submit" value="' . __('Retire', 'wp-surveys') . '" /></form></td>'; echo '<td class="submit" align="center"><form method="post" action=""><input type="hidden" name="survey_id" value="' . $survey['survey_id'] . '" />'; echo '<input type="submit" name="wpsurv_submit" value="' . __('View Survey Results', 'wp-surveys') . '" /></form></td>'; //echo '<td align="center"><form method="post" action=""><input type="hidden" name="survey_id" value="'.$survey['survey_id'].'" />'; //echo '<input type="submit" name="wpsurv_submit" value="'.__('View Survey Results in CSV File', 'wp-surveys').'" /></form></td>'; echo '</tr>'; } echo '</table>'; $next = ++$survey['survey_id']; echo '<br /><form method="post" action=""><input type="hidden" name="survey_id" value="' . $next . '" /><input class="button" type="submit" name="wpsurv_submit" value="' . __('Change Survey', 'wp-surveys') . '" title="' . __('Current Survey will be saved as Retired', 'wp-surveys') . '" /></form>'; } else { echo __('There are no open tournaments or contests.', 'wp-surveys') . '.'; //$last = $wpdb->get_var("SELECT COUNT(`survey_id`) FROM `".$survey_table."`;"); $last = $wpdb->get_var("SELECT `survey_id` FROM `" . $survey_table . "` ORDER BY `survey_id` DESC LIMIT 1;"); $next = ++$last; echo '<br /><br /><form method="post" action=""><input type="hidden" name="survey_id" value="' . $next . '" /><input class="button" type="submit" name="wpsurv_submit" value="' . __('Add Survey', 'wp-surveys') . '" /></form>'; } $closed_surveys = $wpdb->get_results("SELECT * FROM `" . $survey_table . "` WHERE `survey_open`='0';", ARRAY_A); echo '<h3><u>' . __('Retired Surveys', 'wp-surveys') . '</u>:</h3>'; if ($closed_surveys) { echo '<table class="widefat" width="100%" cellpadding="4" cellspacing="4">'; echo '<tr><th align="left">' . __('Title', 'wp-surveys') . '</th><th align="left">' . __('Description', 'wp-surveys') . '</th><th></th><th></th><th></th></tr>'; foreach ($closed_surveys as $survey) { echo '<tr class="alternate">'; if ($polyglot) { echo '<td><b>' . polyglot_filter(stripcslashes($survey['survey_name'])) . '</b></td><td>' . polyglot_filter(stripcslashes($survey['survey_describe'])) . '</td>'; } elseif (!$polyglot) { echo '<td><b>' . stripcslashes($survey['survey_name']) . '</b></td><td>' . stripcslashes($survey['survey_describe']) . '</td>'; } echo '<td class="submit" align="center"><form method="post" action=""><input type="hidden" name="survey_id" value="' . $survey['survey_id'] . '" />'; echo '<input type="submit" name="wpsurv_submit" value="' . __('Edit', 'wp-surveys') . '" /></form></td>'; echo '<td class="submit" align="center"><form method="post" action=""><input type="hidden" name="survey_id" value="' . $survey['survey_id'] . '" />'; echo '<input type="submit" name="wpsurv_submit" value="' . __('Make Active', 'wp-surveys') . '" /></form></td>'; echo '<td class="submit" align="center"><form method="post" action=""><input type="hidden" name="survey_id" value="' . $survey['survey_id'] . '" />'; echo '<input type="submit" name="wpsurv_submit" value="' . __('View Survey Results', 'wp-surveys') . '" /></form></td>'; //echo '<td align="center"><form method="post" action=""><input type="hidden" name="survey_id" value="'.$survey['survey_id'].'" />'; //echo '<input type="submit" name="wpsurv_submit" value="'.__('View Survey Results in CSV File', 'wp-surveys').'" /></form></td>'; echo '</tr>'; } echo '</table>'; } else { echo __('There are no retired surveys', 'wp-surveys') . '.'; } echo '</div>'; } }
exit; } if (isset($_GET["keywords-edit-save"])) { keywords_edit_save(); exit; } if (isset($_GET["RBLDisable"])) { RBLDisable(); exit; } if (isset($_GET["RBLDelete"])) { RBLDelete(); exit; } if (isset($_GET["results"])) { results(); exit; } if (isset($_GET["params"])) { parameters(); exit; } if (isset($_GET["PublicIPAddress"])) { SaveParams(); exit; } if (isset($_GET["CheckRBLNow"])) { CheckRBLNow(); exit; } if (isset($_GET["others-ip-list"])) {
} if ($_SESSION['decade'] == "70s") { $query = "SELECT DISTINCT movtest.poster FROM tagtest, pairingtest, movtest WHERE pairingtest.tag_id = tagtest.id AND pairingtest.movie_id = movtest.id AND movtest.rating = '" . $_SESSION['rating'] . "' AND movtest.year BETWEEN 1970 and 1980 AND tagtest.name LIKE '" . $_SESSION['subgenre'] . "'"; } if ($_SESSION['decade'] == "80s") { $query = "SELECT DISTINCT movtest.poster FROM tagtest, pairingtest, movtest WHERE pairingtest.tag_id = tagtest.id AND pairingtest.movie_id = movtest.id AND movtest.rating = '" . $_SESSION['rating'] . "' AND movtest.year BETWEEN 1980 and 1990 AND tagtest.name LIKE '" . $_SESSION['subgenre'] . "'"; } if ($_SESSION['decade'] == "90s") { $query = "SELECT DISTINCT movtest.poster FROM tagtest, pairingtest, movtest WHERE pairingtest.tag_id = tagtest.id AND pairingtest.movie_id = movtest.id AND movtest.rating = '" . $_SESSION['rating'] . "' AND movtest.year BETWEEN 1990 and 2000 AND tagtest.name LIKE '" . $_SESSION['subgenre'] . "'"; } if ($_SESSION['decade'] == "2000s") { $query = "SELECT DISTINCT movtest.poster FROM tagtest, pairingtest, movtest WHERE pairingtest.tag_id = tagtest.id AND pairingtest.movie_id = movtest.id AND movtest.rating = '" . $_SESSION['rating'] . "' AND movtest.year BETWEEN 2000 and 2010 AND tagtest.name LIKE '" . $_SESSION['subgenre'] . "'"; } if ($_SESSION['decade'] == "recent") { $query = "SELECT DISTINCT movtest.poster FROM tagtest, pairingtest, movtest WHERE pairingtest.tag_id = tagtest.id AND pairingtest.movie_id = movtest.id AND movtest.rating = '" . $_SESSION['rating'] . "' AND movtest.year BETWEEN 2010 and 2016 AND tagtest.name LIKE '" . $_SESSION['subgenre'] . "'"; } } // center the description print "<center> "; // prints the user's selected options echo "You want to watch a " . $_SESSION['genre'] . " with some " . $_SESSION['subgenre'] . " that was rated " . $_SESSION['rating'] . " and was released in " . $_SESSION['decade'] . "."; print "</center>"; $result = mysql_query($query); error_check($result); results($result); ?> </h3> </body> </html>
<?php //this is the results that displays on usermain. you can call form here :) $item = array(); $eachitem = results(); if (!empty($eachitem)) { ?> <form method="post"> <table class="table"> <tr> <td><b>Name</b></td> <td><b>Address</b></td> <td></td> </tr> <?php foreach ($eachitem as $item) { ?> <tr> <td><a href="tel:<?php echo $item["phone"]; ?> "><img src="./img/calls.png"></a><?php echo $item["fullname"]; ?> </td> <td><a target="_blank" href="https://www.google.com/maps?=<?php echo $item["address"]; ?> "><?php echo $item["address"]; ?>