function create_user($arr)
{
// Required: { username, nickname, email } or { openid_url }
$a = get_app();
$result = array('success' => false, 'user' => null, 'password' => '', 'message' => '');
$using_invites = get_config('system', 'invitation_only');
$num_invites = get_config('system', 'number_invites');
$invite_id = x($arr, 'invite_id') ? notags(trim($arr['invite_id'])) : '';
$username = x($arr, 'username') ? notags(trim($arr['username'])) : '';
$nickname = x($arr, 'nickname') ? notags(trim($arr['nickname'])) : '';
$email = x($arr, 'email') ? notags(trim($arr['email'])) : '';
$openid_url = x($arr, 'openid_url') ? notags(trim($arr['openid_url'])) : '';
$photo = x($arr, 'photo') ? notags(trim($arr['photo'])) : '';
$password = x($arr, 'password') ? trim($arr['password']) : '';
$blocked = x($arr, 'blocked') ? intval($arr['blocked']) : 0;
$verified = x($arr, 'verified') ? intval($arr['verified']) : 0;
$publish = x($arr, 'profile_publish_reg') && intval($arr['profile_publish_reg']) ? 1 : 0;
$netpublish = strlen(get_config('system', 'directory_submit_url')) ? $publish : 0;
$tmp_str = $openid_url;
if ($using_invites) {
if (!$invite_id) {
$result['message'] .= t('An invitation is required.') . EOL;
return $result;
}
$r = q("select * from register where `hash` = '%s' limit 1", dbesc($invite_id));
if (!results($r)) {
$result['message'] .= t('Invitation could not be verified.') . EOL;
return $result;
}
}
if (!x($username) || !x($email) || !x($nickname)) {
if ($openid_url) {
if (!validate_url($tmp_str)) {
$result['message'] .= t('Invalid OpenID url') . EOL;
return $result;
}
$_SESSION['register'] = 1;
$_SESSION['openid'] = $openid_url;
require_once 'library/openid.php';
$openid = new LightOpenID();
$openid->identity = $openid_url;
$openid->returnUrl = $a->get_baseurl() . '/openid';
$openid->required = array('namePerson/friendly', 'contact/email', 'namePerson');
$openid->optional = array('namePerson/first', 'media/image/aspect11', 'media/image/default');
try {
$authurl = $openid->authUrl();
} catch (Exception $e) {
$result['message'] .= t("We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.") . EOL . EOL . t("The error message was:") . $e->getMessage() . EOL;
return $result;
}
goaway($authurl);
// NOTREACHED
}
notice(t('Please enter the required information.') . EOL);
return;
}
if (!validate_url($tmp_str)) {
$openid_url = '';
}
$err = '';
// collapse multiple spaces in name
$username = preg_replace('/ +/', ' ', $username);
if (mb_strlen($username) > 48) {
$result['message'] .= t('Please use a shorter name.') . EOL;
}
if (mb_strlen($username) < 3) {
$result['message'] .= t('Name too short.') . EOL;
}
// I don't really like having this rule, but it cuts down
// on the number of auto-registrations by Russian spammers
// Using preg_match was completely unreliable, due to mixed UTF-8 regex support
// $no_utf = get_config('system','no_utf');
// $pat = (($no_utf) ? '/^[a-zA-Z]* [a-zA-Z]*$/' : '/^\p{L}* \p{L}*$/u' );
// So now we are just looking for a space in the full name.
$loose_reg = get_config('system', 'no_regfullname');
if (!$loose_reg) {
$username = mb_convert_case($username, MB_CASE_TITLE, 'UTF-8');
if (!strpos($username, ' ')) {
$result['message'] .= t("That doesn't appear to be your full (First Last) name.") . EOL;
}
}
if (!allowed_email($email)) {
$result['message'] .= t('Your email domain is not among those allowed on this site.') . EOL;
}
if (!valid_email($email) || !validate_email($email)) {
$result['message'] .= t('Not a valid email address.') . EOL;
}
// Disallow somebody creating an account using openid that uses the admin email address,
// since openid bypasses email verification. We'll allow it if there is not yet an admin account.
$adminlist = explode(",", str_replace(" ", "", strtolower($a->config['admin_email'])));
//if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url)) {
if (x($a->config, 'admin_email') && in_array(strtolower($email), $adminlist) && strlen($openid_url)) {
$r = q("SELECT * FROM `user` WHERE `email` = '%s' LIMIT 1", dbesc($email));
if (count($r)) {
$result['message'] .= t('Cannot use that email.') . EOL;
}
}
$nickname = $arr['nickname'] = strtolower($nickname);
if (!preg_match("/^[a-z][a-z0-9\\-\\_]*\$/", $nickname)) {
$result['message'] .= t('Your "nickname" can only contain "a-z", "0-9", "-", and "_", and must also begin with a letter.') . EOL;
}
$r = q("SELECT `uid` FROM `user`\n \tWHERE `nickname` = '%s' LIMIT 1", dbesc($nickname));
if (count($r)) {
$result['message'] .= t('Nickname is already registered. Please choose another.') . EOL;
}
// Check deleted accounts that had this nickname. Doesn't matter to us,
// but could be a security issue for federated platforms.
$r = q("SELECT * FROM `userd`\n \tWHERE `username` = '%s' LIMIT 1", dbesc($nickname));
if (count($r)) {
$result['message'] .= t('Nickname was once registered here and may not be re-used. Please choose another.') . EOL;
}
if (strlen($result['message'])) {
return $result;
}
$new_password = strlen($password) ? $password : autoname(6) . mt_rand(100, 9999);
$new_password_encoded = hash('whirlpool', $new_password);
$result['password'] = $new_password;
require_once 'include/crypto.php';
$keys = new_keypair(4096);
if ($keys === false) {
$result['message'] .= t('SERIOUS ERROR: Generation of security keys failed.') . EOL;
return $result;
}
$default_service_class = get_config('system', 'default_service_class');
if (!$default_service_class) {
$default_service_class = '';
}
$prvkey = $keys['prvkey'];
$pubkey = $keys['pubkey'];
/**
*
* Create another keypair for signing/verifying
* salmon protocol messages. We have to use a slightly
* less robust key because this won't be using openssl
* but the phpseclib. Since it is PHP interpreted code
* it is not nearly as efficient, and the larger keys
* will take several minutes each to process.
*
*/
$sres = new_keypair(512);
$sprvkey = $sres['prvkey'];
$spubkey = $sres['pubkey'];
$r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`,\n\t\t`pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked`, `timezone`, `service_class`, `default-location` )\n\t\tVALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, 'UTC', '%s', '' )", dbesc(generate_user_guid()), dbesc($username), dbesc($new_password_encoded), dbesc($email), dbesc($openid_url), dbesc($nickname), dbesc($pubkey), dbesc($prvkey), dbesc($spubkey), dbesc($sprvkey), dbesc(datetime_convert()), intval($verified), intval($blocked), dbesc($default_service_class));
if ($r) {
$r = q("SELECT * FROM `user`\n\t\t\tWHERE `username` = '%s' AND `password` = '%s' LIMIT 1", dbesc($username), dbesc($new_password_encoded));
if ($r !== false && count($r)) {
$u = $r[0];
$newuid = intval($r[0]['uid']);
}
} else {
$result['message'] .= t('An error occurred during registration. Please try again.') . EOL;
return $result;
}
/**
* if somebody clicked submit twice very quickly, they could end up with two accounts
* due to race condition. Remove this one.
*/
$r = q("SELECT `uid` FROM `user`\n \tWHERE `nickname` = '%s' ", dbesc($nickname));
if (count($r) > 1 && $newuid) {
$result['message'] .= t('Nickname is already registered. Please choose another.') . EOL;
q("DELETE FROM `user` WHERE `uid` = %d", intval($newuid));
return $result;
}
if (x($newuid) !== false) {
$r = q("INSERT INTO `profile` ( `uid`, `profile-name`, `is-default`, `name`, `photo`, `thumb`, `publish`, `net-publish` )\n\t\t\tVALUES ( %d, '%s', %d, '%s', '%s', '%s', %d, %d ) ", intval($newuid), t('default'), 1, dbesc($username), dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"), intval($publish), intval($netpublish));
if ($r === false) {
$result['message'] .= t('An error occurred creating your default profile. Please try again.') . EOL;
// Start fresh next time.
$r = q("DELETE FROM `user` WHERE `uid` = %d", intval($newuid));
return $result;
}
$r = q("INSERT INTO `contact` ( `uid`, `created`, `self`, `name`, `nick`, `photo`, `thumb`, `micro`, `blocked`, `pending`, `url`, `nurl`,\n\t\t\t`request`, `notify`, `poll`, `confirm`, `poco`, `name-date`, `uri-date`, `avatar-date`, `closeness` )\n\t\t\tVALUES ( %d, '%s', 1, '%s', '%s', '%s', '%s', '%s', 0, 0, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', 0 ) ", intval($newuid), datetime_convert(), dbesc($username), dbesc($nickname), dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/photo/micro/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/profile/{$nickname}"), dbesc(normalise_link($a->get_baseurl() . "/profile/{$nickname}")), dbesc($a->get_baseurl() . "/dfrn_request/{$nickname}"), dbesc($a->get_baseurl() . "/dfrn_notify/{$nickname}"), dbesc($a->get_baseurl() . "/dfrn_poll/{$nickname}"), dbesc($a->get_baseurl() . "/dfrn_confirm/{$nickname}"), dbesc($a->get_baseurl() . "/poco/{$nickname}"), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert()));
// Create a group with no members. This allows somebody to use it
// right away as a default group for new contacts.
require_once 'include/group.php';
group_add($newuid, t('Friends'));
$r = q("SELECT id FROM `group` WHERE uid = %d AND name = '%s'", intval($newuid), dbesc(t('Friends')));
if ($r && count($r)) {
$def_gid = $r[0]['id'];
q("UPDATE user SET def_gid = %d WHERE uid = %d", intval($r[0]['id']), intval($newuid));
}
if (get_config('system', 'newuser_private') && $def_gid) {
q("UPDATE user SET allow_gid = '%s' WHERE uid = %d", dbesc("<" . $def_gid . ">"), intval($newuid));
}
}
// if we have no OpenID photo try to look up an avatar
if (!strlen($photo)) {
$photo = avatar_img($email);
}
// unless there is no avatar-plugin loaded
if (strlen($photo)) {
require_once 'include/Photo.php';
$photo_failure = false;
$filename = basename($photo);
$img_str = fetch_url($photo, true);
// guess mimetype from headers or filename
$type = guess_image_type($photo, true);
$img = new Photo($img_str, $type);
if ($img->is_valid()) {
$img->scaleImageSquare(175);
$hash = photo_new_resource();
$r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 4);
if ($r === false) {
$photo_failure = true;
}
$img->scaleImage(80);
$r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 5);
if ($r === false) {
$photo_failure = true;
}
$img->scaleImage(48);
$r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 6);
if ($r === false) {
$photo_failure = true;
}
if (!$photo_failure) {
q("UPDATE `photo` SET `profile` = 1 WHERE `resource-id` = '%s' ", dbesc($hash));
}
}
}
call_hooks('register_account', $newuid);
$result['success'] = true;
$result['user'] = $u;
return $result;
}
function send($id)
{
$form = is_array($id) ? $id : get($id);
$results = results($id);
if (!$results) {
return false;
}
if (!is_array($form['template']) || !strlen($form['template']['recipient'])) {
return false;
}
$smarty = new \Smarty();
$smarty->compile_check = true;
$smarty->debugging = false;
foreach ($results as $nm => $val) {
$smarty->assign($nm, $val);
}
$mail = new \PHPMailer();
$mail->CharSet = 'UTF-8';
$mail->Subject = $smarty->fetch('string:' . $form['template']['subject']);
$addresses = explode(',', $form['template']['recipient']);
foreach ($addresses as $a) {
$mail->AddAddress(trim($a));
}
$mail->MsgHTML($smarty->fetch('string:' . $form['template']['body']));
return $mail->Send();
}
function check_account_invite($invite_code)
{
$result = array('error' => false, 'message' => '');
$using_invites = get_config('system', 'invitation_only');
if ($using_invites) {
if (!$invite_code) {
$result['message'] .= t('An invitation is required.') . EOL;
}
$r = q("select * from register where `hash` = '%s' limit 1", dbesc($invite_code));
if (!results($r)) {
$result['message'] .= t('Invitation could not be verified.') . EOL;
}
}
if (strlen($result['message'])) {
$result['error'] = true;
}
$arr = array('invite_code' => $invite_code, 'result' => $result);
call_hooks('check_account_invite', $arr);
return $arr['result'];
}
function register_post(&$a)
{
global $lang;
$verified = 0;
$blocked = 1;
switch ($a->config['register_policy']) {
case REGISTER_OPEN:
$blocked = 0;
$verified = 1;
break;
case REGISTER_APPROVE:
$blocked = 1;
$verified = 0;
break;
default:
case REGISTER_CLOSED:
if (!x($_SESSION, 'authenticated') && !x($_SESSION, 'administrator')) {
notice(t('Permission denied.') . EOL);
return;
}
$blocked = 1;
$verified = 0;
break;
}
$using_invites = get_config('system', 'invitation_only');
$num_invites = get_config('system', 'number_invites');
$invite_id = x($_POST, 'invite_id') ? notags(trim($_POST['invite_id'])) : '';
$username = x($_POST, 'username') ? notags(trim($_POST['username'])) : '';
$nickname = x($_POST, 'nickname') ? notags(trim($_POST['nickname'])) : '';
$email = x($_POST, 'email') ? notags(trim($_POST['email'])) : '';
$openid_url = x($_POST, 'openid_url') ? notags(trim($_POST['openid_url'])) : '';
$photo = x($_POST, 'photo') ? notags(trim($_POST['photo'])) : '';
$publish = x($_POST, 'profile_publish_reg') && intval($_POST['profile_publish_reg']) ? 1 : 0;
$netpublish = strlen(get_config('system', 'directory_submit_url')) ? $publish : 0;
$tmp_str = $openid_url;
if ($using_invites) {
if (!$invite_id) {
notice(t('An invitation is required.') . EOL);
return;
}
$r = q("select * from register where `hash` = '%s' limit 1", dbesc($invite_id));
if (!results($r)) {
notice(t('Invitation could not be verified.') . EOL);
return;
}
}
if (!x($username) || !x($email) || !x($nickname)) {
if ($openid_url) {
if (!validate_url($tmp_str)) {
notice(t('Invalid OpenID url') . EOL);
return;
}
$_SESSION['register'] = 1;
$_SESSION['openid'] = $openid_url;
require_once 'library/openid.php';
$openid = new LightOpenID();
$openid->identity = $openid_url;
$openid->returnUrl = $a->get_baseurl() . '/openid';
$openid->required = array('namePerson/friendly', 'contact/email', 'namePerson');
$openid->optional = array('namePerson/first', 'media/image/aspect11', 'media/image/default');
goaway($openid->authUrl());
// NOTREACHED
}
notice(t('Please enter the required information.') . EOL);
return;
}
if (!validate_url($tmp_str)) {
$openid_url = '';
}
$err = '';
// collapse multiple spaces in name
$username = preg_replace('/ +/', ' ', $username);
if (mb_strlen($username) > 48) {
$err .= t('Please use a shorter name.') . EOL;
}
if (mb_strlen($username) < 3) {
$err .= t('Name too short.') . EOL;
}
// I don't really like having this rule, but it cuts down
// on the number of auto-registrations by Russian spammers
// Using preg_match was completely unreliable, due to mixed UTF-8 regex support
// $no_utf = get_config('system','no_utf');
// $pat = (($no_utf) ? '/^[a-zA-Z]* [a-zA-Z]*$/' : '/^\p{L}* \p{L}*$/u' );
// So now we are just looking for a space in the full name.
$loose_reg = get_config('system', 'no_regfullname');
if (!$loose_reg) {
$username = mb_convert_case($username, MB_CASE_TITLE, 'UTF-8');
if (!strpos($username, ' ')) {
$err .= t("That doesn't appear to be your full (First Last) name.") . EOL;
}
}
if (!allowed_email($email)) {
$err .= t('Your email domain is not among those allowed on this site.') . EOL;
}
if (!valid_email($email) || !validate_email($email)) {
$err .= t('Not a valid email address.') . EOL;
}
// Disallow somebody creating an account using openid that uses the admin email address,
// since openid bypasses email verification. We'll allow it if there is not yet an admin account.
if (x($a->config, 'admin_email') && strcasecmp($email, $a->config['admin_email']) == 0 && strlen($openid_url)) {
$r = q("SELECT * FROM `user` WHERE `email` = '%s' LIMIT 1", dbesc($email));
if (count($r)) {
$err .= t('Cannot use that email.') . EOL;
}
}
$nickname = $_POST['nickname'] = strtolower($nickname);
if (!preg_match("/^[a-z][a-z0-9\\-\\_]*\$/", $nickname)) {
$err .= t('Your "nickname" can only contain "a-z", "0-9", "-", and "_", and must also begin with a letter.') . EOL;
}
$r = q("SELECT `uid` FROM `user`\n \tWHERE `nickname` = '%s' LIMIT 1", dbesc($nickname));
if (count($r)) {
$err .= t('Nickname is already registered. Please choose another.') . EOL;
}
if (strlen($err)) {
notice($err);
return;
}
$new_password = autoname(6) . mt_rand(100, 9999);
$new_password_encoded = hash('whirlpool', $new_password);
$res = openssl_pkey_new(array('digest_alg' => 'sha1', 'private_key_bits' => 4096, 'encrypt_key' => false));
// Get private key
if (empty($res)) {
notice(t('SERIOUS ERROR: Generation of security keys failed.') . EOL);
return;
}
$prvkey = '';
openssl_pkey_export($res, $prvkey);
// Get public key
$pkey = openssl_pkey_get_details($res);
$pubkey = $pkey["key"];
/**
*
* Create another keypair for signing/verifying
* salmon protocol messages. We have to use a slightly
* less robust key because this won't be using openssl
* but the phpseclib. Since it is PHP interpreted code
* it is not nearly as efficient, and the larger keys
* will take several minutes each to process.
*
*/
$sres = openssl_pkey_new(array('digest_alg' => 'sha1', 'private_key_bits' => 512, 'encrypt_key' => false));
// Get private key
$sprvkey = '';
openssl_pkey_export($sres, $sprvkey);
// Get public key
$spkey = openssl_pkey_get_details($sres);
$spubkey = $spkey["key"];
$r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`,\n\t\t`pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked` )\n\t\tVALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d )", dbesc(generate_user_guid()), dbesc($username), dbesc($new_password_encoded), dbesc($email), dbesc($openid_url), dbesc($nickname), dbesc($pubkey), dbesc($prvkey), dbesc($spubkey), dbesc($sprvkey), dbesc(datetime_convert()), intval($verified), intval($blocked));
if ($r) {
$r = q("SELECT `uid` FROM `user` \n\t\t\tWHERE `username` = '%s' AND `password` = '%s' LIMIT 1", dbesc($username), dbesc($new_password_encoded));
if ($r !== false && count($r)) {
$newuid = intval($r[0]['uid']);
}
} else {
notice(t('An error occurred during registration. Please try again.') . EOL);
return;
}
/**
* if somebody clicked submit twice very quickly, they could end up with two accounts
* due to race condition. Remove this one.
*/
$r = q("SELECT `uid` FROM `user`\n \tWHERE `nickname` = '%s' ", dbesc($nickname));
if (count($r) > 1 && $newuid) {
$err .= t('Nickname is already registered. Please choose another.') . EOL;
q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1", intval($newuid));
notice($err);
return;
}
if (x($newuid) !== false) {
$r = q("INSERT INTO `profile` ( `uid`, `profile-name`, `is-default`, `name`, `photo`, `thumb`, `publish`, `net-publish` )\n\t\t\tVALUES ( %d, '%s', %d, '%s', '%s', '%s', %d, %d ) ", intval($newuid), 'default', 1, dbesc($username), dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"), intval($publish), intval($netpublish));
if ($r === false) {
notice(t('An error occurred creating your default profile. Please try again.') . EOL);
// Start fresh next time.
$r = q("DELETE FROM `user` WHERE `uid` = %d", intval($newuid));
return;
}
$r = q("INSERT INTO `contact` ( `uid`, `created`, `self`, `name`, `nick`, `photo`, `thumb`, `micro`, `blocked`, `pending`, `url`, `nurl`,\n\t\t\t`request`, `notify`, `poll`, `confirm`, `poco`, `name-date`, `uri-date`, `avatar-date` )\n\t\t\tVALUES ( %d, '%s', 1, '%s', '%s', '%s', '%s', '%s', 0, 0, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", intval($newuid), datetime_convert(), dbesc($username), dbesc($nickname), dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/photo/micro/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/profile/{$nickname}"), dbesc(normalise_link($a->get_baseurl() . "/profile/{$nickname}")), dbesc($a->get_baseurl() . "/dfrn_request/{$nickname}"), dbesc($a->get_baseurl() . "/dfrn_notify/{$nickname}"), dbesc($a->get_baseurl() . "/dfrn_poll/{$nickname}"), dbesc($a->get_baseurl() . "/dfrn_confirm/{$nickname}"), dbesc($a->get_baseurl() . "/poco/{$nickname}"), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert()));
}
$use_gravatar = get_config('system', 'no_gravatar') ? false : true;
// if we have an openid photo use it.
// otherwise unless it is disabled, use gravatar
if ($use_gravatar || strlen($photo)) {
require_once 'include/Photo.php';
if ($use_gravatar && !strlen($photo)) {
$photo = gravatar_img($email);
}
$photo_failure = false;
$filename = basename($photo);
$img_str = fetch_url($photo, true);
$img = new Photo($img_str);
if ($img->is_valid()) {
$img->scaleImageSquare(175);
$hash = photo_new_resource();
$r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 4);
if ($r === false) {
$photo_failure = true;
}
$img->scaleImage(80);
$r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 5);
if ($r === false) {
$photo_failure = true;
}
$img->scaleImage(48);
$r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 6);
if ($r === false) {
$photo_failure = true;
}
if (!$photo_failure) {
q("UPDATE `photo` SET `profile` = 1 WHERE `resource-id` = '%s' ", dbesc($hash));
}
}
}
if ($netpublish && $a->config['register_policy'] != REGISTER_APPROVE) {
$url = $a->get_baseurl() . "/profile/{$nickname}";
proc_run('php', "include/directory.php", "{$url}");
}
call_hooks('register_account', $newuid);
if ($a->config['register_policy'] == REGISTER_OPEN) {
if ($using_invites && $invite_id) {
q("delete * from register where hash = '%s' limit 1", dbesc($invite_id));
set_pconfig($newuid, 'system', 'invites_remaining', $num_invites);
}
$email_tpl = get_intltext_template("register_open_eml.tpl");
$email_tpl = replace_macros($email_tpl, array('$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$username' => $username, '$email' => $email, '$password' => $new_password, '$uid' => $newuid));
$res = mail($email, sprintf(t('Registration details for %s'), $a->config['sitename']), $email_tpl, 'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit');
if ($res) {
info(t('Registration successful. Please check your email for further instructions.') . EOL);
goaway(z_root());
} else {
notice(t('Failed to send email message. Here is the message that failed.') . $email_tpl . EOL);
}
} elseif ($a->config['register_policy'] == REGISTER_APPROVE) {
if (!strlen($a->config['admin_email'])) {
notice(t('Your registration can not be processed.') . EOL);
goaway(z_root());
}
$hash = random_string();
$r = q("INSERT INTO `register` ( `hash`, `created`, `uid`, `password`, `language` ) VALUES ( '%s', '%s', %d, '%s', '%s' ) ", dbesc($hash), dbesc(datetime_convert()), intval($newuid), dbesc($new_password), dbesc($lang));
$r = q("SELECT `language` FROM `user` WHERE `email` = '%s' LIMIT 1", dbesc($a->config['admin_email']));
if (count($r)) {
push_lang($r[0]['language']);
} else {
push_lang('en');
}
if ($using_invites && $invite_id) {
q("delete * from register where hash = '%s' limit 1", dbesc($invite_id));
set_pconfig($newuid, 'system', 'invites_remaining', $num_invites);
}
$email_tpl = get_intltext_template("register_verify_eml.tpl");
$email_tpl = replace_macros($email_tpl, array('$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$username' => $username, '$email' => $email, '$password' => $new_password, '$uid' => $newuid, '$hash' => $hash));
$res = mail($a->config['admin_email'], sprintf(t('Registration request at %s'), $a->config['sitename']), $email_tpl, 'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" . 'Content-transfer-encoding: 8bit');
pop_lang();
if ($res) {
info(t('Your registration is pending approval by the site owner.') . EOL);
goaway(z_root());
}
}
return;
}
function games($groupGames)
{
global $db_connect;
$query = "SELECT T1.team_name as team_home, T2.team_name as team_away, \r\n\t \t\t\t\tT1.team_flag as home_flag, T2.team_flag as away_flag, \r\n\t \t\t\t\tT1.group_nr as home_team_number, T2.group_nr as away_team_number, \r\n\t \t\t\t\tgame_match.*\r\n\t\t\t\t\tFROM game_match, teams T1, teams T2\r\n\t\t\t\t\tWHERE T1.team_id=game_match.home_team_id AND T2.team_id=game_match.away_team_id ";
$result = mysqli_query($db_connect, $query);
while ($row = mysqli_fetch_assoc($result)) {
// print_r($row);
$game_id = $row["game_id"];
$group_nr = $row["home_team_number"];
$home_name = $row["team_home"];
$away_name = $row["team_away"];
$home_flag = $row["home_flag"];
$away_flag = $row["away_flag"];
$game_start = $row['game_start'];
if ($group_nr == $groupGames) {
?>
<table>
<tbody>
<tr>
<td style="width:100px"><?php
echo date("d M H:i", strtotime($game_start));
?>
</td>
<td class="mobile_hide tablet_hide" style="width:100px; text-align:right;"><?php
echo $home_name;
?>
</td>
<td style="width:30px; text-align:right;"><img class="flag" src="img/<?php
echo $home_flag;
?>
" /></td>
<td style="width:40px; text-align:center;"> VS </td>
<td style="width:30px"><img class="flag" src="img/<?php
echo $away_flag;
?>
" /></td>
<td class="mobile_hide tablet_hide" style="width:100px"><?php
echo $away_name;
?>
</td>
<td style="width:120px"><?php
echo results($game_id);
?>
</td>
</tr>
</tbody>
</table>
<?php
}
}
}
* v1.1.1
*
* Controls data to be be sent through API.
*
****************************************************************************/
require_once "/libs/engine.php";
require_once "/libs/functions.php";
session_start();
$xml = "<result><code>";
if (checkVariable("key")) {
$key = $_REQUEST['key'];
$check_key = CheckKey($key);
if (!empty($check_key)) {
$engine = new HydroEngine("hydro");
if ($_REQUEST["f"] == "results") {
$xml .= results($engine);
} else {
if ($_REQUEST["f"] == "heartbeat") {
$xml .= heartbeat($engine);
} else {
$xml .= "3</code><codedesc>Invalid format";
}
}
} else {
$xml .= "1</code><codedesc>Invalid key";
}
} else {
$xml .= "2</code><codedesc>Required parameter missing";
}
$xml .= "</codedesc></result>";
echo $xml;
echo results($data);
break;
/* File methods ****************************************************************************/
/* File methods ****************************************************************************/
case 'alert.markAsRead':
requireAuthentication($POD);
$alert->markAsRead();
if (!$alert->success()) {
$data['error'] = $alert->error();
}
echo results($data);
break;
/*******************************************************************************************/
/*******************************************************************************************/
default:
echo results(array('error' => "No valid API method specified! (method = {$method})"));
break;
}
function requireAuthentication($POD)
{
if (!$POD->isAuthenticated()) {
echo json_encode(array('error' => 'Access denied! Please login first!'));
exit;
}
}
function results($data, $format = 'json')
{
// if a callback function has been passed in as a parameter, this is a jsonP request
if (isset($_GET['callback']) && ($func = $_GET['callback'])) {
return "{$func}(" . json_encode($data) . ")";
} else {
$octaveString .= "]; b = [" . $userProtein * $numberOfServings . "; ";
$octaveString .= $userCarbs * $numberOfServings . "; ";
$octaveString .= $userFat * $numberOfServings . "]; ";
}
$octaveString .= "a \\ b' | egrep '[-]*[0-9]+\\.[0-9]{3,}\$' ";
if ($errorReporting) {
echo $octaveString . "<br>";
}
//$result=shell_exec("octave --eval 'a = [1 3 6; 4 6 3; 4 6 9]; b = [3; 6; 9]; a \ b' | egrep '[-]*[0-9]+\.[0-9]{3,}$' ");
$result = shell_exec($octaveString);
$aString = preg_split("/[\\s,]+/", $result);
if ($errorReporting) {
echo "<br>Octave's results look like:<br>";
echo print_r($aString) . "<br>";
}
results($aString);
//Close the connection
?>
</div>
<script src="http://cdn.jsdelivr.net/jquery.validation/1.13.1/jquery.validate.min.js"></script>
<script>
$(document).ready(function(){
jQuery.validator.addMethod("titleReg", function(value, element, param) {
return value.match(new RegExp("^" + param + "$"));
},
"Your input cannot have special characters.");
$('#foods').validate({
curl_setopt($ch, CURLOPT_USERAGENT, 'SMSPI CATS');
curl_setopt($ch, CURLOPT_POST, count($fields));
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
// uncomment the line below if your are not getting the SMS.
echo $result;
}
$sel = $pdo->prepare('SELECT * FROM `cats`');
$sel->execute();
$count = $sel->rowCount();
//Restock DB if only one result letft.
if ($count == "0") {
$me = results();
$flickr = json_decode($me, TRUE);
foreach ($flickr['photos']['photo'] as $photo) {
$cat = $photo['url_m'];
insert2db($cat);
}
}
//Select Flickr url
$getcat = $pdo->prepare('SELECT * FROM `cats` LIMIT 0 , 1');
$getcat->execute();
$result = $getcat->fetch(PDO::FETCH_ASSOC);
$caturl = $result['url'];
//Convert to biy.ly
$newurl = shortURL($caturl);
//Send SMS
$message = "Hello Cat Lady - here is today's Cat Picture " . $newurl . "";
if($user->AsPostfixAdministrator==false){
$tpl=new templates();
echo "alert('". $tpl->javascript_parse_text("{ERROR_NO_PRIVS}")."');";
die();exit();
}
if(isset($_GET["tabs"])){tabs();exit;}
if(isset($_GET["popup"])){rbls();exit;}
if(isset($_GET["rbl-popup"])){rbl_add_popup();exit;}
if(isset($_GET["rbl-list"])){rbl_list();exit;}
if(isset($_POST["rbls-save"])){rbls_add();exit;}
if(isset($_GET["keywords-edit"])){keywords_edit();exit;}
if(isset($_GET["keywords-edit-save"])){keywords_edit_save();exit;}
if(isset($_GET["RBLDisable"])){RBLDisable();exit;}
if(isset($_GET["RBLDelete"])){RBLDelete();exit;}
if(isset($_GET["results"])){results();exit;}
if(isset($_GET["params"])){parameters();exit;}
if(isset($_GET["PublicIPAddress"])){SaveParams();exit;}
if(isset($_GET["CheckRBLNow"])){CheckRBLNow();exit;}
if(isset($_GET["others-ip-list"])){other_ip_list();exit;}
if(isset($_GET["OtherIpClient-add"])){other_ip_add();exit;}
if(isset($_GET["OtherIpClient-del"])){other_ip_del();exit;}
js();
function js(){
$tpl=new templates();
$page=CurrentPageName();
<form action="./" method="post" name="search">
<input name="a" type="hidden" value="search"/>
<input name="q" type="text" value=""/>
<select name="t" size=1>
<option value="upc_description_sku">UPC/Description/Item Number</option>
<option selected value="upc">UPC</option>
<option value="description">Description</option>
<option disabled value="item number">Item Number</option>
<option disabled value="brand">Brand</option>
<option value="section">Section</option>
<option disabled value="vendor">Vendor</option>
<option disabled value="ask">You can ask for more</option>
</select>
<input type="submit" value="search"/>
</form>';
$html .= form(&$backoffice);
$html .= results(&$backoffice);
$html .= '
<div id="page_panel_statuses">';
foreach ($backoffice['status'] as $msg) {
$html .= '
<p class="status">' . $msg . '</p>';
}
$html .= '
</div>
</div>';
$html .= foot();
$html .= '
</body>
</html>';
print_r($html);
function test18()
{
echo "<p>Testing helper functions... ";
\Minify\setBase("scripts", "scripts/");
\Minify\addFiles("scripts", ["script1.js", "script2.js"]);
\Minify\addGroup("styles", "style1");
results(\Minify\createUri("scripts") == "/min/b=scripts&f=script1.js,script2.js" && \Minify\createUri("styles") == "/min/g=style1");
echo "</p>";
}
<span style="color: #efefef;">' . $category->name . '</span> Coupons <div class="shareico" style="position: relative; float: right;" data-ttip="RSS Feed"><a href="' . tlink('plugin/rss2.xml', 'cat=' . $category->ID) . '"></a></div>
</div>
<div style="margin-bottom: 20px;">
<ul class="category">
<li class="active">Coupons</li>';
if (theme_has_products()) {
echo '<li><a href="' . get_update(array('page' => 1, 'type' => 'products')) . '">Products</a></li>';
}
echo '</ul>';
if (!empty($category->description)) {
echo '<article class="array_item category_box" style="border-top: 0;">' . $category->description . '</article>';
}
echo '</div>';
if (results()) {
foreach (items(array('orderby' => 'active desc')) as $item) {
echo '<article class="array_item">
<div class="table">
<div class="left">
<img src="' . store_avatar($item->store_img) . '" alt="">
<span class="rating"><span style="width:' . $item->stars * 16 . 'px;"></span></span>
<a href="' . $item->store_reviews_link . '">' . $item->reviews . ' reviews</a>';
echo !empty($item->cashback) ? '<span class="cashback-points" data-ttip="Great! Use it and you\'ll receive ' . $item->cashback . ' points.">' . $item->cashback . '</span> ' : '';
echo '</div>
<div class="right">
<a href="' . $item->link . '" class="title">' . $item->title . '</a>
More coupons for <a href="' . $item->store_link . '">' . $item->store_name . '</a>
<?php
//This script will update all records in the movieinfo table
define('FS_ROOT', realpath(dirname(__FILE__)));
require_once FS_ROOT . "/../../www/config.php";
require_once FS_ROOT . "/../../www/lib/framework/db.php";
require_once FS_ROOT . "/../../www/lib/music.php";
$music = new Music(true);
$db = new Db();
$albums = results();
shuffle($albums);
foreach ($albums as $album) {
$artist = $music->parseArtist($album);
echo $artist['releasename'] . '<br />';
$result = $music->updateMusicInfo($artist['artist'], $artist['album'], $artist['year']);
if ($result !== false) {
echo '<pre>';
print_r($result);
echo '</pre><br /><br />';
}
die;
}
function results()
{
$str = 'Processing 260 music releases
Looking up: Disintegration [The Cure-Disintegration-3CD-Deluxe Edition-2010-EOS]
Looking up: Build And Destroy Euro Retail 2CD [Royce Da 59-Build And Destroy Euro Retail 2CD-2003-FTD]
Looking up: Dream Dance Vol 48 [VA - Dream Dance Vol 48-2CD-2011-QMI]
Looking up: Electro House Alarm Vol 8 [VA - Electro House Alarm Vol 8-2CD-2010-QMI]
Looking up: Om Himlen Och Osterlen [Danne Strahed-Om Himlen Och Osterlen-2CD-SE-2010-LoKET]
Looking up: Walk On Water Spacesynth Odyssey [Galaxy Hunter-Walk On Water Spacesynth Odyssey-(Rerip)-2CD-2010-BFHMP3]
function manage_surveys()
{
global $table_prefix, $wpdb;
$survey_table = $table_prefix . "surveys";
if (isset($_REQUEST["wpsurv_submit"])) {
require_once 'functions.php';
if ($_POST["wpsurv_submit"] == __('Edit', 'wp-surveys') || $_POST["wpsurv_submit"] == __('Cancel', 'wp-surveys') || $_POST["wpsurv_submit"] == __('Back to Edit Survey', 'wp-surveys')) {
edit($_POST['survey_id']);
} elseif ($_POST["wpsurv_submit"] == __('Update', 'wp-surveys')) {
update($_POST['survey_id']);
} elseif ($_POST["wpsurv_submit"] == __('Update Options', 'wp-surveys')) {
update_options($_POST['survey_id'], $_POST['question_id']);
} elseif ($_POST["wpsurv_submit"] == __('Activate', 'wp-surveys') || $_POST["wpsurv_submit"] == __('Make Active', 'wp-surveys')) {
activate($_POST['survey_id']);
} elseif ($_POST["wpsurv_submit"] == __('Retire', 'wp-surveys')) {
retire($_POST['survey_id']);
} elseif ($_POST["wpsurv_submit"] == __('Update Leaderboard', 'wp-surveys')) {
recach_utility($_POST['survey_id']);
} elseif ($_POST["wpsurv_submit"] == __('Edit Options', 'wp-surveys') || $_POST["wpsurv_submit"] == __('Add Some Options', 'wp-surveys') || $_POST["wpsurv_submit"] == __('Edit or Add more Options', 'wp-surveys')) {
edit_options($_POST['survey_id'], $_POST['question_id']);
} elseif ($_POST["wpsurv_submit"] == __('Add More Questions', 'wp-surveys') || $_POST["wpsurv_submit"] == __('Add Some Questions', 'wp-surveys')) {
add_question($_POST['survey_id']);
} elseif ($_POST["wpsurv_submit"] == __('Step 2', 'wp-surveys')) {
step2($_POST['survey_id']);
} elseif ($_POST["wpsurv_submit"] == __('Create Question', 'wp-surveys')) {
create_quest($_POST['survey_id']);
} elseif ($_POST["wpsurv_submit"] == __('Change Survey', 'wp-surveys') || $_POST["wpsurv_submit"] == __('Add Survey', 'wp-surveys')) {
survey($_POST['survey_id']);
} elseif ($_POST["wpsurv_submit"] == __('Add This Survey', 'wp-surveys')) {
add_survey($_POST['survey_id']);
} elseif ($_POST["wpsurv_submit"] == __('View Survey Results', 'wp-surveys')) {
results($_POST['survey_id']);
}
//elseif($_POST["wpsurv_submit"] == __('View Survey Results in CSV File', 'wp-surveys'))
//results_CSV($_POST['survey_id']);
//elseif($_POST["wpsurv_submit"] == __('Delete File', 'wp-surveys'))
//delete_file($_POST['survey_id']);
} else {
$current_plugins = get_option('active_plugins');
if (file_exists(ABSPATH . PLUGINDIR . '/polyglot.php') && in_array('polyglot.php', $current_plugins)) {
$polyglot = true;
}
echo '<div class="wrap">';
$open_surveys = $wpdb->get_results("SELECT * FROM `" . $survey_table . "` WHERE `survey_open`='1' LIMIT 1;", ARRAY_A);
echo '<h2>' . __('Survey Management', 'wp-surveys') . '</h2><h3><u>' . __('Active Survey', 'wp-surveys') . '</u>:</h3>';
if ($open_surveys) {
echo '<table class="widefat" width="100%" cellpadding="4" cellspacing="4">';
echo '<tr><th align="left">' . __('Title', 'wp-surveys') . '</th><th align="left">' . __('Description', 'wp-surveys') . '</th><th></th><th></th><th></th></tr>';
foreach ($open_surveys as $survey) {
echo '<tr class="alternate">';
if ($polyglot) {
echo '<td><b>' . polyglot_filter(stripcslashes($survey['survey_name'])) . '</b></td><td>' . polyglot_filter(stripcslashes($survey['survey_describe'])) . '</td>';
} elseif (!$polyglot) {
echo '<td><b>' . stripcslashes($survey['survey_name']) . '</b></td><td>' . stripcslashes($survey['survey_describe']) . '</td>';
}
echo '<td class="submit" align="center"><form method="post" action=""><input type="hidden" name="survey_id" value="' . $survey['survey_id'] . '" />';
echo '<input type="submit" name="wpsurv_submit" value="' . __('Edit', 'wp-surveys') . '" /></form></td>';
echo '<td class="submit" align="center"><form method="post" action=""><input type="hidden" name="survey_id" value="' . $survey['survey_id'] . '" />';
echo '<input type="submit" name="wpsurv_submit" value="' . __('Retire', 'wp-surveys') . '" /></form></td>';
echo '<td class="submit" align="center"><form method="post" action=""><input type="hidden" name="survey_id" value="' . $survey['survey_id'] . '" />';
echo '<input type="submit" name="wpsurv_submit" value="' . __('View Survey Results', 'wp-surveys') . '" /></form></td>';
//echo '<td align="center"><form method="post" action=""><input type="hidden" name="survey_id" value="'.$survey['survey_id'].'" />';
//echo '<input type="submit" name="wpsurv_submit" value="'.__('View Survey Results in CSV File', 'wp-surveys').'" /></form></td>';
echo '</tr>';
}
echo '</table>';
$next = ++$survey['survey_id'];
echo '<br /><form method="post" action=""><input type="hidden" name="survey_id" value="' . $next . '" /><input class="button" type="submit" name="wpsurv_submit" value="' . __('Change Survey', 'wp-surveys') . '" title="' . __('Current Survey will be saved as Retired', 'wp-surveys') . '" /></form>';
} else {
echo __('There are no open tournaments or contests.', 'wp-surveys') . '.';
//$last = $wpdb->get_var("SELECT COUNT(`survey_id`) FROM `".$survey_table."`;");
$last = $wpdb->get_var("SELECT `survey_id` FROM `" . $survey_table . "` ORDER BY `survey_id` DESC LIMIT 1;");
$next = ++$last;
echo '<br /><br /><form method="post" action=""><input type="hidden" name="survey_id" value="' . $next . '" /><input class="button" type="submit" name="wpsurv_submit" value="' . __('Add Survey', 'wp-surveys') . '" /></form>';
}
$closed_surveys = $wpdb->get_results("SELECT * FROM `" . $survey_table . "` WHERE `survey_open`='0';", ARRAY_A);
echo '<h3><u>' . __('Retired Surveys', 'wp-surveys') . '</u>:</h3>';
if ($closed_surveys) {
echo '<table class="widefat" width="100%" cellpadding="4" cellspacing="4">';
echo '<tr><th align="left">' . __('Title', 'wp-surveys') . '</th><th align="left">' . __('Description', 'wp-surveys') . '</th><th></th><th></th><th></th></tr>';
foreach ($closed_surveys as $survey) {
echo '<tr class="alternate">';
if ($polyglot) {
echo '<td><b>' . polyglot_filter(stripcslashes($survey['survey_name'])) . '</b></td><td>' . polyglot_filter(stripcslashes($survey['survey_describe'])) . '</td>';
} elseif (!$polyglot) {
echo '<td><b>' . stripcslashes($survey['survey_name']) . '</b></td><td>' . stripcslashes($survey['survey_describe']) . '</td>';
}
echo '<td class="submit" align="center"><form method="post" action=""><input type="hidden" name="survey_id" value="' . $survey['survey_id'] . '" />';
echo '<input type="submit" name="wpsurv_submit" value="' . __('Edit', 'wp-surveys') . '" /></form></td>';
echo '<td class="submit" align="center"><form method="post" action=""><input type="hidden" name="survey_id" value="' . $survey['survey_id'] . '" />';
echo '<input type="submit" name="wpsurv_submit" value="' . __('Make Active', 'wp-surveys') . '" /></form></td>';
echo '<td class="submit" align="center"><form method="post" action=""><input type="hidden" name="survey_id" value="' . $survey['survey_id'] . '" />';
echo '<input type="submit" name="wpsurv_submit" value="' . __('View Survey Results', 'wp-surveys') . '" /></form></td>';
//echo '<td align="center"><form method="post" action=""><input type="hidden" name="survey_id" value="'.$survey['survey_id'].'" />';
//echo '<input type="submit" name="wpsurv_submit" value="'.__('View Survey Results in CSV File', 'wp-surveys').'" /></form></td>';
echo '</tr>';
}
echo '</table>';
} else {
echo __('There are no retired surveys', 'wp-surveys') . '.';
}
echo '</div>';
}
}
exit;
}
if (isset($_GET["keywords-edit-save"])) {
keywords_edit_save();
exit;
}
if (isset($_GET["RBLDisable"])) {
RBLDisable();
exit;
}
if (isset($_GET["RBLDelete"])) {
RBLDelete();
exit;
}
if (isset($_GET["results"])) {
results();
exit;
}
if (isset($_GET["params"])) {
parameters();
exit;
}
if (isset($_GET["PublicIPAddress"])) {
SaveParams();
exit;
}
if (isset($_GET["CheckRBLNow"])) {
CheckRBLNow();
exit;
}
if (isset($_GET["others-ip-list"])) {
}
if ($_SESSION['decade'] == "70s") {
$query = "SELECT DISTINCT movtest.poster FROM tagtest, pairingtest, movtest WHERE pairingtest.tag_id = tagtest.id AND pairingtest.movie_id = movtest.id AND movtest.rating = '" . $_SESSION['rating'] . "' AND movtest.year BETWEEN 1970 and 1980 AND tagtest.name LIKE '" . $_SESSION['subgenre'] . "'";
}
if ($_SESSION['decade'] == "80s") {
$query = "SELECT DISTINCT movtest.poster FROM tagtest, pairingtest, movtest WHERE pairingtest.tag_id = tagtest.id AND pairingtest.movie_id = movtest.id AND movtest.rating = '" . $_SESSION['rating'] . "' AND movtest.year BETWEEN 1980 and 1990 AND tagtest.name LIKE '" . $_SESSION['subgenre'] . "'";
}
if ($_SESSION['decade'] == "90s") {
$query = "SELECT DISTINCT movtest.poster FROM tagtest, pairingtest, movtest WHERE pairingtest.tag_id = tagtest.id AND pairingtest.movie_id = movtest.id AND movtest.rating = '" . $_SESSION['rating'] . "' AND movtest.year BETWEEN 1990 and 2000 AND tagtest.name LIKE '" . $_SESSION['subgenre'] . "'";
}
if ($_SESSION['decade'] == "2000s") {
$query = "SELECT DISTINCT movtest.poster FROM tagtest, pairingtest, movtest WHERE pairingtest.tag_id = tagtest.id AND pairingtest.movie_id = movtest.id AND movtest.rating = '" . $_SESSION['rating'] . "' AND movtest.year BETWEEN 2000 and 2010 AND tagtest.name LIKE '" . $_SESSION['subgenre'] . "'";
}
if ($_SESSION['decade'] == "recent") {
$query = "SELECT DISTINCT movtest.poster FROM tagtest, pairingtest, movtest WHERE pairingtest.tag_id = tagtest.id AND pairingtest.movie_id = movtest.id AND movtest.rating = '" . $_SESSION['rating'] . "' AND movtest.year BETWEEN 2010 and 2016 AND tagtest.name LIKE '" . $_SESSION['subgenre'] . "'";
}
}
// center the description
print "<center> ";
// prints the user's selected options
echo "You want to watch a " . $_SESSION['genre'] . " with some " . $_SESSION['subgenre'] . " that was rated " . $_SESSION['rating'] . " and was released in " . $_SESSION['decade'] . ".";
print "</center>";
$result = mysql_query($query);
error_check($result);
results($result);
?>
</h3>
</body>
</html>
<?php
//this is the results that displays on usermain. you can call form here :)
$item = array();
$eachitem = results();
if (!empty($eachitem)) {
?>
<form method="post">
<table class="table">
<tr>
<td><b>Name</b></td>
<td><b>Address</b></td>
<td></td>
</tr>
<?php
foreach ($eachitem as $item) {
?>
<tr>
<td><a href="tel:<?php
echo $item["phone"];
?>
"><img src="./img/calls.png"></a><?php
echo $item["fullname"];
?>
</td>
<td><a target="_blank" href="https://www.google.com/maps?=<?php
echo $item["address"];
?>
"><?php
echo $item["address"];
?>
