require $config['BASE_DIR'] . '/include/compat/json.php';
$data = array('status' => 1, 'msg' => '');
if (isset($_POST['user_id'])) {
if (isset($_SESSION['uid'])) {
$uid = intval($_SESSION['uid']);
$filter = new VFilter();
$user_id = $filter->get('user_id', 'INTEGER');
if ($uid == $user_id) {
$data['msg'] = show_err('Invalid request!?');
} else {
$sql = "SELECT UID FROM video_subscribe WHERE UID = " . $uid . " AND SUID = " . $user_id . " LIMIT 1";
$conn->execute($sql);
if ($conn->Affected_Rows() != 1) {
$data['msg'] = show_err($lang['ajax.remove_sub_exists']);
} else {
$data['status'] = 1;
$data['msg'] = show_msg($lang['ajax.remove_sub_success']);
$sql = "DELETE FROM video_subscribe WHERE UID = " . $uid . " AND SUID = " . $user_id . " LIMIT 1";
$conn->execute($sql);
$sql = "UPDATE signup SET popularity = popularity-1, points = points-2 WHERE UID = " . $uid . " LIMIT 1";
$conn->execute($sql);
}
}
} else {
$data['msg'] = show_err($lang['ajax.remove_sub_login']);
}
} else {
$data['msg'] = show_err('Invalid request!');
}
echo json_encode($data);
die;
$code .= '<div class="row">';
$code .= '<div class="pull-left">';
$code .= '<a href="' . $config['BASE_URL'] . '/user/' . $username . '">';
$code .= '<img src="' . $config['BASE_URL'] . '/media/users/' . $photo . '" title="' . $username . '\'s avatar" alt="' . $username . '\'s avatar" class="img-responsive comment-avatar" />';
$code .= '</a>';
$code .= '</div>';
$code .= '<div class="comment new-comment">';
$code .= '<div class="comment-info">';
$code .= '<a href="' . $config['BASE_URL'] . '/user/' . $username . '">' . $username . '</a> - <span class="">' . $lang['global.right_now'] . '</span>';
$code .= '</div>';
$code .= '<div class="comment-body overflow-hidden">' . nl2br($comment) . '</div>';
$code .= '<div class="comment-actions">';
$code .= '<a href="#delete_comment" id="delete_comment_notice_' . $cid . '_' . $nid . '">' . $lang['global.delete'] . '</a> <span id="delete_response_' . $cid . '" style="display: none;"></span>';
$code .= '</div>';
$code .= '</div>';
$code .= '<div class="clearfix"></div>';
$code .= '</div>';
$code .= '</div>';
$data['code'] = $code;
$data['cid'] = $cid;
$data['nid'] = $nid;
$data['status'] = 1;
$data['msg'] = show_msg($lang['global.comment_success']);
$_SESSION['n_comment_added'] = time();
}
} else {
$data['msg'] = show_err($lang['ajax.notice_comment_login']);
}
}
echo json_encode($data);
die;
require $config['BASE_DIR'] . '/include/adodb/adodb.inc.php';
require $config['BASE_DIR'] . '/include/dbconn.php';
$data = array('status' => 0, 'msg' => '');
if (isset($_POST['video_id'])) {
$filter = new VFilter();
$video_id = $filter->get('video_id', 'INTEGER');
if (isset($_SESSION['uid'])) {
$sql = "SELECT VID FROM favourite WHERE VID = " . $video_id . " AND UID = " . intval($_SESSION['uid']) . " LIMIT 1";
$conn->execute($sql);
if ($conn->Affected_Rows() == 1) {
$data['msg'] = show_err($lang['ajax.favorite_video_exists']);
} else {
$sql = "SELECT VID FROM video WHERE VID = " . $video_id . " AND UID = " . intval($_SESSION['uid']) . " LIMIT 1";
$conn->execute($sql);
if ($conn->Affected_Rows() == 1) {
$data['msg'] = show_err($lang['ajax.favorite_video_self']);
} else {
$sql = "INSERT INTO favourite SET VID = " . $video_id . ", UID = " . intval($_SESSION['uid']);
$conn->execute($sql);
$sql = "UPDATE video SET fav_num = fav_num+1 WHERE VID = " . $video_id . " LIMIT 1";
$conn->execute($sql);
$data['msg'] = show_msg($lang['ajax.favorite_video_success']);
$data['status'] = 1;
}
}
} else {
$data['msg'] = show_err($lang['ajax.favorite_video_login']);
}
}
echo json_encode($data);
die;
function user_edit()
{
global $html_main_content, $DBH, $title;
//check access
if ($_SESSION['rules'] == 'admin') {
//Update info
if (isset($_POST['submit'])) {
$img = image_upload();
if ($_SESSION['err'] == '') {
if ($img == '') {
$img = $_POST['avatar'];
}
$login = $_POST['login'];
$lastname = $_POST['lastname'];
$name = $_POST['name'];
$surname = $_POST['surname'];
$sql = "UPDATE user SET";
if ($_POST['password'] !== '') {
$password = md5(trim($_POST['password']));
$sql .= " password=:password,";
}
if ($_POST['email'] !== '') {
$sql .= " email=:email,";
}
$sql .= " lastname=:lastname, name=:name, surname=:surname,\n avatar=:avatar, date_reg=:date_reg, date_login=:date_login,\n rules=:rules WHERE login=:login";
$STH = $DBH->prepare($sql);
if ($_POST['password'] !== '') {
$STH->bindParam(':password', $password);
}
if ($_POST['email'] !== '') {
$STH->bindParam(':email', $_POST['email']);
}
$STH->bindParam(':lastname', $lastname);
$STH->bindParam(':name', $name);
$STH->bindParam(':surname', $surname);
$STH->bindParam(':avatar', $img);
$STH->bindParam(':date_reg', $_POST['date_reg']);
$STH->bindParam(':date_login', $_POST['date_login']);
$STH->bindParam(':rules', $_POST['rules']);
$STH->bindParam(':login', $login);
$STH->execute();
$_SESSION['err'] = print_lg('Your information update sucsesful', $_SESSION['lang']) . '<br>';
}
$_FILES['file']['error'] = '';
show_err();
}
// Show html.
$STH = $DBH->prepare("Select * FROM user WHERE login = :login");
$data = array('login' => $_GET['id']);
$STH->execute($data);
$row = $STH->fetch(PDO::FETCH_ASSOC);
$html_main_content .= '<div class="post"><h2 class="title">' . $title . '</h2><form method="post" enctype="multipart/form-data">
<table><tr><td><b>' . print_lg('Avatar', $_SESSION['lang']) . '
: </b></td><td><img src="/news/images/';
if ($row['avatar'] == '') {
$html_main_content .= 'noimage.jpeg';
} else {
$html_main_content .= $row['avatar'];
}
$html_main_content .= '"width="150px" height="150px"></td></tr><tr><td><b>' . print_lg('Login', $_SESSION['lang']) . ': </b></td><td>
<input type="text" name="login" disabled="true" value="' . $row['login'] . '">
</td></tr><tr><td><b>' . print_lg('Email', $_SESSION['lang']) . ': </b>
</td><td><input type=text name="email" value=""></td>
</tr><tr><td><b>' . print_lg('Surname', $_SESSION['lang']) . ': </b></td>
<td><input type=text name="surname" value="' . $row['surname'] . '"></td>
</tr><tr><td><b>' . print_lg('Name', $_SESSION['lang']) . ': </b></td><td>
<input type=text name="name" value="' . $row['name'] . '"></td></tr><tr>
<td><b>' . print_lg('Lastname', $_SESSION['lang']) . ': </b></td><td>
<input type=text name="lastname"value="' . $row['lastname'] . '"></td>
</tr><tr><td><b>' . print_lg('Registration date', $_SESSION['lang']) . ': </b></td><td><input type=text name="date_reg"value="' . $row['date_reg'] . '"></td></tr><tr><td><b>' . print_lg('Last login', $_SESSION['lang']) . ': </b></td><td>
<input type=text name="date_login" value="' . $row['date_login'] . '"></td></tr><tr><td><b>' . print_lg('Rules', $_SESSION['lang']) . ': </b></td><td>
<select name="rules"><option ';
if ($row['rules'] == 'user') {
$html_main_content .= 'selected ';
}
$html_main_content .= 'value="user">user</option><option ';
if ($row['rules'] == 'editor') {
$html_main_content .= 'selected ';
}
$html_main_content .= 'value="editor">editor</option><option ';
if ($row['rules'] == 'baned') {
$html_main_content .= 'selected ';
}
$html_main_content .= 'value="baned">baned</option><option ';
if ($row['rules'] == 'admin') {
$html_main_content .= 'selected ';
}
$html_main_content .= 'value="admin">admin</option>';
$html_main_content .= ' </select></td></tr><tr><td><b>' . print_lg('Password', $_SESSION['lang']) . ': </b></td>
<td><input type="Password" name="password" ></td>
</tr><tr><td><b>' . print_lg('Retry password', $_SESSION['lang']) . ': </b></td><td>
<input type="Password" name="rpassword"></td>
</tr><tr><td><b>' . print_lg('Edit avatar', $_SESSION['lang']) . ': </b></td><td>
<input type="file" name="file" size="26" /></td></tr>
<input type="hidden" name="avatar" value="' . $row['avatar'] . '"></td>
</tr><tr><td colspan="2"><b><input type="submit" value="ok" name="submit"
onclick="return validateUserEdit();">
</td></tr></table></form> </div>';
}
}
require $config['BASE_DIR'] . '/include/dbconn.php';
$data = array('status' => 0, 'msg' => '');
if (isset($_POST['game_id'])) {
$filter = new VFilter();
$game_id = $filter->get('game_id', 'INTEGER');
if (isset($_SESSION['uid'])) {
$uid = intval($_SESSION['uid']);
$sql = "SELECT GID FROM game_favorites WHERE GID = " . $game_id . " AND UID = " . $uid . " LIMIT 1";
$conn->execute($sql);
if ($conn->Affected_Rows() == 1) {
$data['msg'] = show_err($lang['ajax.favorite_game_exists']);
} else {
$sql = "SELECT GID, type FROM game WHERE GID = " . $game_id . " AND UID = " . $uid . " LIMIT 1";
$conn->execute($sql);
if ($conn->Affected_Rows() == 1) {
$data['msg'] = show_err($lang['ajax.favorite_game_self']);
} else {
$sql = "INSERT INTO game_favorites SET GID = " . $game_id . ", UID = " . $uid;
$conn->execute($sql);
$sql = "UPDATE game SET total_favorites = total_favorites+1 WHERE GID = " . $game_id . " LIMIT 1";
$conn->execute($sql);
$data['msg'] = show_msg($lang['ajax.favorite_game_success']);
$data['status'] = 1;
}
}
} else {
$data['msg'] = show_err($lang['ajax.favorite_game_login']);
}
}
echo json_encode($data);
die;
$search = array('{$site_title}', '{$username}', '{$baseurl}', '{$site_name}', '{$receiver}');
$replace = array($config['site_title'], $username, $config['BASE_URL'], $config['site_name'], $receiver);
$mail = new VMail();
$mail->sendPredefined($to, 'request_approved', $search, $replace);
}
}
} else {
$sql = "INSERT INTO friends ( UID, FID, message, invite_date, status )\n \t VALUES (" . $user_id . ", " . $uid . ", '" . mysql_real_escape_string($msg) . "', '" . date('Y-m-d') . "', 'Pending')";
$conn->execute($sql);
$sql = "SELECT p.friend_request, s.email, s.username FROM users_prefs AS p, signup AS s\n \t WHERE p.UID = " . $user_id . " AND p.UID = s.UID LIMIT 1";
$rs = $conn->execute($sql);
$friend_request = $rs->fields['friend_request'];
$to = $rs->fields['email'];
$receiver = $rs->fields['username'];
if ($friend_request == '1') {
require $config['BASE_DIR'] . '/classes/email.class.php';
$search = array('{$username}', '{$site_name}', '{$baseurl}', '{$receiver}');
$replace = array($_SESSION['username'], $config['site_name'], $config['BASE_URL'], $receiver);
$mail = new VMail();
$mail->sendPredefined($to, 'friend_request', $search, $replace);
}
$response = show_msg($lang['ajax.invite_friend_sent']);
}
}
}
} else {
$response = show_err($lang['ajax.invite_friend_login']);
}
}
echo $response;
die;
<?php
defined('_VALID') or die('Restricted Access!');
require $config['BASE_DIR'] . '/classes/filter.class.php';
require $config['BASE_DIR'] . '/include/compat/json.php';
require $config['BASE_DIR'] . '/include/adodb/adodb.inc.php';
require $config['BASE_DIR'] . '/include/dbconn.php';
$data = array('status' => 0, 'msg' => '', 'debug' => '');
if (isset($_POST['user_id']) && isset($_POST['other']) && isset($_POST['reason'])) {
if (isset($_SESSION['uid'])) {
$filter = new VFilter();
$uid = intval($_SESSION['uid']);
$user_id = $filter->get('user_id', 'INTEGER');
$reason = $filter->get('reason');
$other = $filter->get('other');
if ($uid == $user_id) {
$data['msg'] = show_err($lang['ajax.report_user_self']);
} else {
$sql = "INSERT INTO users_flags (UID, RID, reason, message, addtime)\n VALUES (" . $user_id . ", " . $uid . ", '" . mysql_real_escape_string($reason) . "',\n '" . mysql_real_escape_string($other) . "', '" . time() . "')";
$conn->execute($sql);
$data['status'] = 1;
$data['msg'] = show_msg($lang['ajax.report_user_success']);
}
} else {
$data['msg'] = show_err($lang['ajax.report_user_login']);
}
}
echo json_encode($data);
die;
require $config['BASE_DIR'] . '/include/compat/json.php';
require $config['BASE_DIR'] . '/include/adodb/adodb.inc.php';
require $config['BASE_DIR'] . '/include/dbconn.php';
$data = array('status' => 0, 'msg' => '', 'debug' => '');
if (isset($_POST['item_id']) && isset($_POST['flag_id']) && isset($_POST['message'])) {
$filter = new VFilter();
$video_id = $filter->get('item_id', 'INTEGER');
$flag_id = $filter->get('flag_id');
$flag_message = $filter->get('message');
if (isset($_SESSION['uid'])) {
$uid = intval($_SESSION['uid']);
if (strlen($flag_id) > 14) {
$data['msg'] = show_err($lang['ajax.flag_invalid']);
} else {
$sql = "SELECT VID FROM video_flags WHERE VID = " . $video_id . " AND UID = " . $uid . " LIMIT 1";
$conn->execute($sql);
if ($conn->Affected_Rows() == 1) {
$data['msg'] = show_err($lang['ajax.flag_video_exists']);
} else {
$sql = "INSERT INTO video_flags (VID, UID, reason, message, add_date)\n VALUES (" . $video_id . ", " . $uid . ", '" . mysql_real_escape_string($flag_id) . "',\n '" . mysql_real_escape_string($flag_message) . "', '" . date('Y-m-d') . "')";
$conn->execute($sql);
$data['status'] = 1;
$data['msg'] = show_msg($lang['ajax.flag_video_success']);
}
}
} else {
$data['msg'] = show_err($lang['ajax.flag_video_login']);
}
}
echo json_encode($data);
die;
defined('_VALID') or die('Restricted Access!');
require $config['BASE_DIR'] . '/classes/filter.class.php';
require $config['BASE_DIR'] . '/include/compat/json.php';
require $config['BASE_DIR'] . '/include/adodb/adodb.inc.php';
require $config['BASE_DIR'] . '/include/dbconn.php';
$response = array('status' => 0, 'msg' => show_msg($lang['ajax.unblock_user_success']));
if (isset($_POST['user_id'])) {
if (isset($_SESSION['uid'])) {
$filter = new VFilter();
$uid = intval($_SESSION['uid']);
$user_id = $filter->get('user_id', 'INTEGER');
if ($uid == $user_id) {
$response['msg'] = show_err($lang['ajax.block_user_self']);
} else {
$sql = "SELECT UID FROM users_blocks WHERE UID = " . $uid . " AND BID = " . $user_id . " LIMIT 1";
$conn->execute($sql);
if ($conn->Affected_Rows() == 0) {
$response['msg'] = show_err('This user is already unblocked!');
} else {
$sql = "DELETE FROM users_blocks WHERE UID = " . $uid . " AND BID = " . $user_id . " LIMIT 1";
}
$conn->execute($sql);
$response['status'] = 1;
}
} else {
$response['msg'] = show_err($lang['ajax.block_user_login']);
}
}
echo json_encode($response);
die;
$fieldset->add(show_err($pageviewsonvisit_report));
} else {
$rep_val = $pageviewsonvisit_report['item'][0]['c'][1] + 0;
$fieldset->add(NETCAT_MODULE_STATS_OPENSTAT_FAILURES_NUM . ": <big>" . ($rep_val ? $rep_val . "</big>%" : "-</big>") . "</td>\n");
if ($sessions_num) {
$average = $pageviewsonvisit_report['item'][0]['c'][0] + $pageviewsonvisit_report['item'][1]['c'][0] * 2 + $pageviewsonvisit_report['item'][2]['c'][0] * 3 + $pageviewsonvisit_report['item'][3]['c'][0] * 4 + $pageviewsonvisit_report['item'][4]['c'][0] * 5 + $pageviewsonvisit_report['item'][5]['c'][0] * 6 + $pageviewsonvisit_report['item'][6]['c'][0] * 7 + $pageviewsonvisit_report['item'][7]['c'][0] * 8 + $pageviewsonvisit_report['item'][8]['c'][0] * 9 + $pageviewsonvisit_report['item'][9]['c'][0] * 12 + $pageviewsonvisit_report['item'][10]['c'][0] * 17 + $pageviewsonvisit_report['item'][11]['c'][0] * 24.5 + $pageviewsonvisit_report['item'][12]['c'][0] * 39.5 + $pageviewsonvisit_report['item'][13]['c'][0] * 59.5 + $pageviewsonvisit_report['item'][14]['c'][0] * 84.5 + $pageviewsonvisit_report['item'][15]['c'][0] * 149.5 + $pageviewsonvisit_report['item'][16]['c'][0] * 249.5 + $pageviewsonvisit_report['item'][17]['c'][0] * 399.5 + $pageviewsonvisit_report['item'][18]['c'][0] * 750 + $pageviewsonvisit_report['item'][19]['c'][0] * 1500;
$res = $average / $sessions_num;
}
$fieldset->add("<td>" . NETCAT_MODULE_STATS_OPENSTAT_AVERAGE_PAGEVIEWS_PER_SESSION . ": <big>" . ($res ? $res > 1 ? round($res) : round($res, 2) : "-") . "</big></td>\n");
}
unset($pageviewsonvisit_report);
// средняя длительность визитов
$columns = array("0%0Dsessions_sum", "0%0Dsessions_sum_verticalpercent");
$timeonsite_report = $openstat->get_counter_report($counter->Openstat_Counter_Id, "TimeOnSite", $from, $to, "day", $columns, 0, $lang);
if (!is_array($timeonsite_report)) {
$fieldset->add(show_err($timeonsite_report));
} else {
if ($sessions_num) {
$average = $timeonsite_report['item'][0]['c'][0] * 5 + $timeonsite_report['item'][1]['c'][0] * 20.5 + $timeonsite_report['item'][2]['c'][0] * 45.5 + $timeonsite_report['item'][3]['c'][0] * 2 * 60 + $timeonsite_report['item'][4]['c'][0] * 6.5 * 60 + $timeonsite_report['item'][5]['c'][0] * 20 * 60 + $timeonsite_report['item'][6]['c'][0] * 60 * 60;
$res = $average / $sessions_num;
}
$fieldset->add("<td>" . NETCAT_MODULE_STATS_OPENSTAT_AVERAGE_TIME_SITE . ": <big>" . ($res ? $res > 60 ? round($res / 60) . "</big> " . NETCAT_MODULE_STATS_OPENSTAT_MIN : round($res) . "</big> " . NETCAT_MODULE_STATS_OPENSTAT_SEC : "-</big>") . "</td>\n");
}
$fieldset->add("</td></tr>");
$fieldset->add("</table>");
echo $fieldset->result();
unset($fieldset);
// --------------------------- Другие отчеты ------------------------------
// "Страницы" - попул. страницы и точки входа
$columns = array("0%0Dpageviews_sum");
$report = $openstat->get_counter_report($counter->Openstat_Counter_Id, "TopPages", $from, $to, "day", $columns, 5, $lang, "level=2");
$code .= '</div>';
$code .= '</div>';
$data['code'] = $code;
$data['cid'] = $cid;
$data['wid'] = $oid;
$data['status'] = 1;
$data['msg'] = show_msg($lang['global.comment_success']);
$_SESSION['w_comment_added'] = time();
$sql = "SELECT s.username, s.email, u.wall_write\n FROM signup AS s, users_prefs AS u\n WHERE s.UID = " . $oid . "\n AND s.UID = u.UID\n LIMIT 1";
$rs = $conn->execute($sql);
if ($conn->Affected_Rows() === 1) {
$prefs_w_comment = $rs->fields['wall_write'];
if ($prefs_w_comment == '1') {
$email = $rs->fields['email'];
$username = $rs->fields['username'];
require $config['BASE_DIR'] . '/classes/file.class.php';
require $config['BASE_DIR'] . '/classes/email.class.php';
$wall_link = $config['BASE_URL'] . '/user/' . $username . '/wall';
$search = array('{$username}', '{$site_title}', '{$site_name}', '{$baseurl}', '{$wall_link}');
$replace = array($_SESSION['username'], $config['site_title'], $config['site_name'], $config['BASE_URL'], $wall_link);
$mail = new VMail();
$mail->sendPredefined($email, 'wall_comment', $search, $replace);
}
}
}
} else {
$data['msg'] = show_err($lang['ajax.wall_comment_login']);
}
}
echo json_encode($data);
die;
$code .= '<div class="clearfix"></div>';
$code .= '</div>';
$code .= '</div>';
$data['code'] = $code;
$data['cid'] = $cid;
$data['pid'] = $pid;
$data['status'] = 1;
$data['msg'] = show_msg($lang['global.comment_success']);
$_SESSION['p_comment_added'] = time();
$sql = "SELECT a.UID, s.email, u.photo_comment \n FROM albums AS a, users_prefs AS u, signup AS s\n WHERE a.AID = " . $aid . "\n AND a.UID = u.UID\n AND a.UID = s.UID\n LIMIT 1";
$rs = $conn->execute($sql);
if ($conn->Affected_Rows() === 1) {
$prefs_p_comment = $rs->fields['photo_comment'];
if ($prefs_p_comment == '1') {
$email = $rs->fields['email'];
require $config['BASE_DIR'] . '/classes/file.class.php';
require $config['BASE_DIR'] . '/classes/email.class.php';
$photo_link = $config['BASE_URL'] . '/photo/' . $pid;
$search = array('{$username}', '{$site_title}', '{$site_name}', '{$baseurl}', '{$photo_link}');
$replace = array($_SESSION['username'], $config['site_title'], $config['site_name'], $config['BASE_URL'], $photo_link);
$mail = new VMail();
$mail->sendPredefined($email, 'photo_comment', $search, $replace);
}
}
}
} else {
$data['msg'] = show_err($lang['ajax.photo_comment_login']);
}
}
echo json_encode($data);
die;