function loadPage($url)
{
global $MARKET_mode;
if ($this->options['enable_pages']) {
if (preg_match('@^\\d+$@', $url)) {
$sql = "SELECT page_template.name AS template_name, page.id, title, summary, text, is_type, market_user.name, market_user.surname, market_user.user_email, DATE_FORMAT(updated, '%d/%m/%Y %H:%i') AS date FROM page LEFT JOIN page_ml USING (id) LEFT JOIN page_ps USING (id) LEFT JOIN market_user ON market_user.user_id=creator LEFT JOIN page_template ON page_template.id=page_template_id WHERE page.id='" . sqlEscape($url) . "' AND publish='1' AND page_ml.lang='" . MARKET_LANG . "'";
} else {
$sql = "SELECT page_template.name AS template_name, page.id, title, summary, text, is_type, market_user.name, market_user.surname, market_user.user_email, DATE_FORMAT(updated, '%d/%m/%Y %H:%i') AS date FROM page LEFT JOIN page_ml USING (id) LEFT JOIN page_ps USING (id) LEFT JOIN market_user ON market_user.user_id=creator LEFT JOIN page_template ON page_template.id=page_template_id WHERE url='" . sqlEscape($url) . "' AND publish='1' AND page_ml.lang='" . MARKET_LANG . "'";
}
if (sqlQuery($sql, $res)) {
$row = sqlFetchAssoc($res);
$this->assignGlobal(array('PAGE.Id' => $row['id'], 'PAGE.Summary' => $row['summary'], 'PAGE.Title' => $row['title'], 'PAGE.Text' => $row['text'], 'PAGE.Author' => $row['name'] . ' ' . $row['surname'] . ', ' . MARKET_Filter::noSpam($row['email']), 'PAGE.Mtime' => $row['date']));
if ($row['is_type'] == 'passthrough') {
return substr($url, 0, strrpos($url, '.'));
} else {
if ($row['is_type'] == 'template') {
$tname = substr($url, 0, strrpos($url, '.'));
$this->preParseTemplate($tname, explode("\n", $row['text']));
$this->parseTemplate('PAGE.Text', $tname, MARKET_DO_NOT_APPEND);
}
}
return $row['template_name'];
}
}
return preg_replace('@\\.html$@', '', $url);
}
function sendResetEmail( $username ) {
$username = sqlEscape( $username );
$sql = "SELECT * FROM users WHERE username='******'";
$result = tmbo_query( $sql );
if( mysql_num_rows( $result ) == 1 ) {
$row = mysql_fetch_assoc( $result );
$code = hashFromUserRow( $row );
$message = "Someone (hopefully you) wants to reset your [this might be offensive] password. To reset your password, please visit the following link:
https://".$_SERVER['HTTP_HOST']."/offensive/pwreset.php?x=$code
";
if( isValidEmail( $row['email'] ) ) {
mail( $row['email'], "resetting your [this might be offensive] password", $message, "From: offensive@thismight.be (this might be offensive)\r\n"/*bcc:ray@mysocalled.com"*/) or trigger_error("could not send email", E_USER_ERROR);
echo "An email has been sent containing instructions for resetting your password.";
}
else {
echo "Unfortunately, we don't have a valid email address for that account. There's nothing we can do for you.";
}
}
}
function getReferrerId( $refcode ) {
$sql = "SELECT * FROM referrals WHERE referral_code = '".sqlEscape($refcode)."' LIMIT 1";
$result = tmbo_query( $sql );
if( mysql_num_rows( $result ) == 1 ) {
$row = mysql_fetch_assoc( $result );
return $row['userid'];
}
return -1;
}
function saveUserData($var, $val)
{
if ($_SESSION['User']['is_loggedin']) {
if ($val) {
$_SESSION['User']['data'][$var] = $val;
} else {
unset($_SESSION['User']['data'][$var]);
}
$sql = "UPDATE market_user SET data='" . sqlEscape(serialize($_SESSION['User']['data'])) . "' WHERE user_id='" . $_SESSION['User']['user_id'] . "'";
sqlQuery($sql, $res, EXT_DEBUG);
return true;
}
return false;
}
$update_category = true;
}
if ($_POST['existing_service'][$i]["'description'"] !== $check_services[$i]['name']) {
$new_description = sqlEscape($_POST['existing_service'][$i]["'description'"]);
$update_description_text .= " WHEN {$current} THEN '{$new_description}'";
$rowsToUpdate .= $current . ',';
$update_description = true;
}
if ($_POST['existing_service'][$i]["'price'"] !== $check_services[$i]['price']) {
$new_price = sqlEscape($_POST['existing_service'][$i]["'price'"]);
$update_price_text .= " WHEN {$current} THEN {$new_price}";
$rowsToUpdate .= $current . ',';
$update_price = true;
}
if ($_POST['existing_service'][$i]["'time'"] !== $check_services[$i]['time']) {
$new_time = sqlEscape($_POST['existing_service'][$i]["'time'"]);
$update_time_text .= " WHEN {$current} THEN {$new_time}";
$rowsToUpdate .= $current . ',';
$update_time = true;
}
// }
}
if ($update_description || $update_price || $update_time || $update_category) {
$update = "UPDATE services SET ";
if ($update_description) {
$update .= "name = CASE id {$update_description_text} END, ";
}
if ($update_price) {
$update .= "price = CASE id {$update_price_text} END, ";
}
if ($update_time) {
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
session_start();
require '../../../mysql/query.php';
$news_type = sqlEscape($_POST['news_type']);
$userNews = sqlSelect("SELECT users_news_feed.id, have_read, news_type.type, groups.id AS group_id, name AS group_name, story.story_id, title, users.user_id, username FROM users_news_feed LEFT JOIN groups ON groups.id = users_news_feed.group_id LEFT JOIN story ON story.story_id = users_news_feed.story_id LEFT JOIN users ON users.user_id = users_news_feed.writer_id INNER JOIN `news_type` ON news_type.id = users_news_feed.type_id WHERE users_news_feed.user_id = {$_SESSION['me']['id']} AND news_type.type = '{$news_type}' AND have_read = 0;");
if ($userNews) {
echo json_encode($userNews);
die;
} else {
echo 'no news';
}
}
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
session_start();
require '../../../mysql/query.php';
if (!isset($_SESSION['user']) && !is_numeric($_POST['group_id'])) {
die;
}
$group_id = sqlEscape($_POST['group_id']);
$groupMembers = sqlSelect("SELECT user_id FROM group_members WHERE group_id = {$group_id};");
if ($groupMembers) {
echo json_encode($groupMembers);
die;
}
}
<?php
// Categories
$sql = "SELECT category FROM directory_ml WHERE lang='" . MARKET_LANG . "' AND category <> '' GROUP BY category ORDER BY category";
if (sqlQuery($sql, $res)) {
$i = 1;
while ($row = sqlFetchAssoc($res)) {
$str = '';
$sql = "SELECT prof1, prof2, prof3 FROM directory_ml WHERE lang='" . MARKET_LANG . "' AND category='" . sqlEscape($row['category']) . "'";
if (sqlQuery($sql, $res1)) {
$tags = array();
while ($row1 = sqlFetchAssoc($res1)) {
for ($j = 1; $j <= 3; $j++) {
if ($row1['prof' . $j] && !in_array($row1['prof' . $j], $tags)) {
$tags[] = $row1['prof' . $j];
}
}
}
asort($tags);
if ($_COOKIE['mplace_menu'] & pow(2, $i - 1)) {
$str = '<ul id="ul' . $i . '" class="tags in collapse">';
} else {
$str = '<ul id="ul' . $i . '" class="tags collapse">';
}
foreach ($tags as $tag) {
$str .= '<li><a href="index.html?content=tag&q=' . urlencode($tag) . '">' . htmlspecialchars($tag) . '</a></li>';
}
$str .= '</ul>';
}
$this->assignLocal('category', 'ROW', array('ndx' => $i, 'title' => $row['category'], 'tags' => $str));
$this->lightParseTemplate('CATEGORY', 'category');
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
session_start();
require '../../../mysql/query.php';
require '../../../lang/config.php';
$group_id = sqlEscape($_POST['group_id']);
$group_name = sqlEscape($_POST['group_name']);
$group_members = sqlEscape($_POST['group_members']);
$_SESSION['errors'] = array();
if (!is_numeric($group_id)) {
$_SESSION['errors'] = true;
}
if (empty($group_members)) {
array_push($_SESSION['errors'], "<span class=\"ion-android-warning\"> Fyll i fältet");
header("Location: ../../../groups/{$group_id}/invite");
}
if (!empty($group_members)) {
$users_exists = sqlSelect("SELECT user_id, username FROM `users` WHERE type = 1 AND user_id IN ({$group_members}) OR username IN ('{$group_members}');");
if (!$users_exists) {
if (strlen($group_members) >= 3) {
array_push($_SESSION['errors'], "<span class=\"ion-android-warning\"> Spelarna finns inte");
}
if (strlen($group_members) == 1) {
array_push($_SESSION['errors'], "<span class=\"ion-android-warning\"> Spelaren finns inte");
}
} else {
$members_exists = sqlSelect("SELECT users.user_id, users.username, group_members.status FROM users INNER JOIN `group_members` ON users.user_id = group_members.user_id WHERE group_members.group_id = {$group_id} AND group_members.user_id IN ({$group_members});");
if ($members_exists) {
foreach ($members_exists as $member) {
if ($member['status'] == 1) {
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
session_start();
require '../../../mysql/query.php';
require '../../../lib/Pusher/config.php';
$words = sqlEscape($_POST['words']);
$story = $_POST['story'];
if (strlen($words) >= 1 && strlen($words) <= 50 && is_numeric($story)) {
// Check if my turn
$my_turn = sqlSelect("SELECT id, on_turn, round, story.rounds FROM story_writers INNER JOIN story ON story_writers.story_id = story.story_id WHERE story_writers.story_id = {$story} AND user_id = {$_SESSION['me']['id']};");
if ($my_turn[0]['on_turn'] != 1) {
die;
}
$insertWords = "INSERT INTO row (user_id, words, story_id, date) VALUES ({$_SESSION['me']['id']}, '{$words}', {$story}, now());";
$finishMyTurn = "UPDATE `story_writers` SET `on_turn` = 0, round = round + 1, `date` = now() WHERE story_id = {$story} AND user_id = {$_SESSION['me']['id']};";
$ok = '';
if (sqlAction($insertWords) && sqlAction($finishMyTurn)) {
$ok = true;
} else {
die;
}
// $round = sqlSelect("SELECT MIN(round) AS current, rounds AS end FROM story_writers INNER JOIN story ON story_writers.story_id = story.story_id WHERE story_writers.story_id = {$story};");
$round = sqlSelect("SELECT round AS current, rounds AS end FROM story_writers INNER JOIN story ON story_writers.story_id = story.story_id WHERE story_writers.story_id = {$story} ORDER BY story_writers.id DESC LIMIT 1;");
// Check if story is finished
// $rounds_left = $my_turn[0]['rounds'] - $my_turn[0]['round'] - 1;
$rounds_left = $round[0]['end'] - $round[0]['current'];
if ($rounds_left == -1) {
if (sqlAction("UPDATE story SET status = 2 WHERE story_id = {$story};")) {
$story_writers = sqlSelect("SELECT user_id FROM `story_writers` WHERE story_id = {$story} AND user_id != {$_SESSION['me']['id']};");
if ($story_writers) {
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST['group_id']) && is_numeric($_POST['group_id'])) {
$groupId = $_POST['group_id'];
} else {
die;
}
session_start();
require '../../../mysql/query.php';
require '../../../lang/config.php';
$num_of_errors = 0;
$title = sqlEscape($_POST['title']);
$text = sqlEscape($_POST['text']);
$rounds = sqlEscape($_POST['rounds']);
$current_round = 1;
$max_writers = 'null';
$nonsensmode = 1;
$public = 'null';
$with_group = $groupId;
$story = sqlAction("INSERT INTO story (title, rounds, current_round, max_writers, nonsens_mode, join_public, with_group, status, started_by_user, views) VALUES ('{$title}', {$rounds}, {$current_round}, {$max_writers}, {$nonsensmode}, {$public}, {$with_group}, 1, {$_SESSION['me']['id']}, 0);", $getLastId = true);
if ($story) {
if (sqlAction("INSERT INTO row (user_id, words, story_id, date) VALUES ({$_SESSION['me']['id']}, '{$text}', {$story}, now());")) {
$story_writers = "INSERT INTO story_writers (story_id, user_id, on_turn, round, date) VALUES ({$story}, {$_SESSION['me']['id']}, 0, 2, now()), ";
$writers = sqlSelect("SELECT user_id FROM group_members WHERE group_id = {$groupId} AND user_id != {$_SESSION['me']['id']};");
$i = 0;
foreach ($writers as $writer) {
if ($i == 0) {
$on_turn = 1;
} else {
$on_turn = 0;
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
session_start();
require '../../../mysql/query.php';
require '../../../lang/config.php';
$friends = sqlEscape($_POST['friends']);
$_SESSION['errors'] = array();
if (empty($friends)) {
array_push($_SESSION['errors'], "<span class=\"ion-android-warning\"> Fyll i fältet");
header('Location: ../../../profile?view=friends');
}
if (!empty($friends)) {
$users = sqlSelect("SELECT user_id, username FROM `users` WHERE type = 1 AND user_id IN ({$friends}) OR username IN ({$friends});");
if (!$users) {
if (strlen($friends) >= 3) {
array_push($_SESSION['errors'], "<span class=\"ion-android-warning\"> Spelarna finns inte");
}
if (strlen($friends) == 1) {
array_push($_SESSION['errors'], "<span class=\"ion-android-warning\"> Spelaren finns inte");
}
} else {
$already_friends = sqlSelect("SELECT users.user_id, users.username, friends.status, friends.sender FROM users INNER JOIN `friends` ON users.user_id = friends.user_id WHERE friends.user_id IN ({$friends}) UNION SELECT users.user_id, users.username, friends.status, friends.sender FROM users INNER JOIN `friends` ON users.user_id = friends.friend_user_id WHERE friends.friend_user_id IN ({$friends});");
if ($already_friends) {
foreach ($already_friends as $friend) {
if ($friend['status'] == 1) {
array_push($_SESSION['errors'], "<span class=\"ion-android-warning\"> Du är redan vän med <a href=\"profile?view={$friend['user_id']}\">{$friend['username']}</a>");
}
if ($friend['status'] == 0 && $friend['sender'] == $_SESSION['user']['id']) {
array_push($_SESSION['errors'], "<span class=\"ion-android-warning\"> Du har redan skickat vänförfrågan till <a href=\"profile?view={$friend['user_id']}\">{$friend['username']}</a>");
}
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
session_start();
if (isset($_SESSION['company']['id']) && is_numeric($_SESSION['company']['id']) && isset($_SESSION['me']['id']) && is_numeric($_SESSION['me']['id']) && is_numeric($_POST['id'])) {
require '../../mysql/query.php';
$start = sqlEscape($_POST['start']);
if (sqlAction("DELETE FROM bookings WHERE id = {$_POST['id']} AND start = '{$start}';")) {
echo 1;
die;
} else {
echo 0;
die;
}
// $times = sqlSelect("SELECT id, booked_at, start, end, invoice, webpay, in_place FROM `bookings` WHERE DATE(`start`) = '{$day}' AND company_id = {$_SESSION['company']['id']} AND employer_id = {$_SESSION['me']['id']};");
// if ($times)
// echo json_encode($times);
// else
// echo 0;
// die;
}
}
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
session_start();
require '../../../mysql/query.php';
$old = sqlEscape($_POST['password']);
$new = sqlEscape($_POST['new_password']);
$new_repeat = sqlEscape($_POST['password_confirm']);
if (strlen($old) > 5 && strlen($old) < 25 && strlen($new) > 5 && strlen($new) < 25 && strlen($new_repeat) > 5 && strlen($new_repeat) < 25 && $new === $new_repeat) {
$password = sqlSelect("SELECT password FROM users WHERE user_id = {$_SESSION['user']['id']};");
if (password_verify($old, $password[0]['password'])) {
$pass = password_hash($new, PASSWORD_DEFAULT);
if (sqlAction("UPDATE users SET password = '******' WHERE user_id = {$_SESSION['user']['id']};")) {
echo json_encode(array('success' => true));
die;
}
}
}
}
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
session_start();
require '../../../mysql/query.php';
if (strlen($_POST['new_password']) < 6) {
echo json_encode(array('password_too_short' => true));
die;
}
if (strlen($_POST['new_password']) > 25) {
echo json_encode(array('password_too_long' => true));
die;
}
$password = sqlEscape($_POST['new_password']);
$email = sqlEscape($_POST['email']);
$token = sqlEscape($_POST['token']);
$getUser = sqlSelect("SELECT user_id FROM users WHERE email = '{$email}' AND reset_password_key = '{$token}';");
if ($getUser) {
$newPassword = password_hash($password, PASSWORD_DEFAULT);
if (sqlAction("UPDATE users SET password = '******', reset_password_key = null WHERE user_id = {$getUser[0]['user_id']} AND email = '{$email}' AND reset_password_key = '{$token}';")) {
echo json_encode(array('success' => true));
die;
}
}
}
function getSql($mode, $part)
{
switch ($part) {
case 'FULL':
$sql = 'SELECT ' . $this->cmd['RETURN'] . ' FROM ' . $this->cmd['OF'] . ' WHERE ' . $this->cmd['WHERE'] . ' AND (';
break;
case 'WHERE':
$sql = ' AND (';
break;
}
$tokens = $this->search_for;
if (preg_match('@^CONCAT@', $this->cmd['SEARCH IN'])) {
$search_in = array(trim($this->cmd['SEARCH IN']));
} else {
$search_in = $this->arrayTrim(explode(',', $this->cmd['SEARCH IN']));
}
$search_as = $this->arrayTrim(explode(',', $this->search_as));
if ($mode == 'multiple') {
$counti = count($tokens);
for ($i = 0; $i < $counti; $i++) {
$in[$i][] = $search_in[$i];
$as[$i][] = $search_as[$i];
}
} else {
$in[0] = $search_in;
$as[0] = $search_as;
}
$counti = count($tokens);
for ($i = 0; $i < $counti; $i++) {
$sql .= "(";
$countk = count($in[$i]);
for ($k = 0; $k < $countk; $k++) {
$countj = count($tokens[$i]);
for ($j = 0; $j < $countj; $j++) {
if (preg_match('@\\*@', $tokens[$i][$j]['token'])) {
$tokens[$i][$j]['token'] = preg_replace('@\\*@', '%', $tokens[$i][$j]['token']);
}
/*
if (preg_match('@(.+)_ids$@', $search_in[$j], $matches)) {
$keyword_sql = "SELECT $matches[1].id FROM $matches[1] WHERE title='$tokens[0][$i]'";
$sqp =& $this->getRef('Sql_Parser');
$sqp->parseSQL($keyword_sql);
$keyword_sql = $sqp->getSQL();
if (sqlQuery($keyword_sql, $res)) {
$token = ',' . sqlResult($res, 0) . ',';
}
else {
$token = $tokens[0][$i];
}
}
else {
$token = $tokens[$i][$j];
}
*/
if ($tokens[$i][$j]['logic'] == 'NOT') {
$token = $tokens[$i][$j]['token'];
$equal = '<>';
$like = 'NOT LIKE';
$and = 'AND';
} else {
$token = preg_replace('@^\\+@', '', $tokens[$i][$j]['token']);
$equal = '=';
$like = 'LIKE';
if ($mode == 'multiple') {
$and = 'OR';
} else {
if ($mode == 'allwords') {
$and = 'OR';
} else {
$and = 'AND';
}
}
}
if (preg_match('@\\%@', $token)) {
$search_as = 'nochange';
} else {
$search_as = $as[$i][$k];
}
switch ($search_as) {
case 'exact':
$sql .= $in[$i][$k] . " {$like} '" . sqlEscape($token) . "'";
break;
case 'nochange':
$sql .= $in[$i][$k] . " {$like} '" . sqlEscape($token) . "'";
break;
case 'start':
$sql .= $in[$i][$k] . " {$like} '" . sqlEscape($token) . "%'";
break;
case 'end':
$sql .= $in[$i][$k] . " {$like} '%" . sqlEscape($token) . "'";
break;
case 'both':
default:
$sql .= $in[$i][$k] . " {$like} '%" . sqlEscape($token) . "%'";
}
if ($j < $countj - 1) {
$sql .= " {$and} ";
}
}
if ($k < $countk - 1) {
$sql .= ') OR (';
} else {
$sql .= ')';
}
}
if ($i < $counti - 1) {
$sql .= ') AND (';
} else {
$sql .= ')';
}
}
if ($part == 'FULL') {
if ($this->cmd['GROUP BY']) {
$sql .= ' GROUP BY ' . $this->cmd['GROUP BY'];
}
if ($this->cmd['ORDER BY']) {
$sql .= ' ORDER BY ' . $this->cmd['ORDER BY'];
}
}
return $sql;
}
function rawQuery($query)
{
global $queries, $querytext, $loguser, $dblink, $debugMode, $logSqlErrors, $dbpref, $loguserid, $mysqlCellClass;
// if($debugMode)
// $queryStart = usectime();
$res = @$dblink->query($query);
if (!$res) {
$theError = $dblink->error;
if ($logSqlErrors) {
$thequery = sqlEscape($query);
$ip = sqlEscape($_SERVER["REMOTE_ADDR"]);
$time = time();
if (!$loguserid) {
$loguserid = 0;
}
$get = sqlEscape(var_export($_GET, true));
$post = sqlEscape(var_export($_POST, true));
$cookie = sqlEscape(var_export($_COOKIE, true));
$theError = sqlEscape($theError);
$logQuery = "INSERT INTO {$dbpref}queryerrors (`user`,`ip`,`time`,`query`,`get`,`post`,`cookie`, `error`) VALUES ({$loguserid}, '{$ip}', {$time}, '{$thequery}', '{$get}', '{$post}', '{$cookie}', '{$theError}')";
$res = @$dblink->query($logQuery);
}
if ($debugMode) {
$bt = "";
if (function_exists("backTrace")) {
$bt = backTrace();
}
die(nl2br($bt) . "<br /><br />" . htmlspecialchars($theError) . "<br /><br />Query was: <code>" . htmlspecialchars($query) . "</code>");
/* <br />This could have been caused by a database layout change in a recent git revision. Try running the installer again to fix it. <form action=\"install/doinstall.php\" method=\"POST\"><br />
<input type=\"hidden\" name=\"action\" value=\"Install\" />
<input type=\"hidden\" name=\"existingSettings\" value=\"true\" />
<input type=\"submit\" value=\"Click here to re-run the installation script\" /></form>");*/
}
trigger_error("MySQL Error.", E_USER_ERROR);
die("MySQL Error.");
}
$queries++;
if ($debugMode) {
$mysqlCellClass = ($mysqlCellClass + 1) % 2;
$querytext .= "<tr class=\"cell{$mysqlCellClass}\"><td><pre style=\"white-space:pre-wrap;\">" . htmlspecialchars(preg_replace('/^\\s*/m', "", $query)) . "</pre></td><td>";
if (function_exists("backTrace")) {
$querytext .= backTrace();
}
}
return $res;
}
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
session_start();
if (isset($_SESSION['company']['id']) && is_numeric($_SESSION['company']['id']) && isset($_SESSION['me']['id']) && is_numeric($_SESSION['me']['id'])) {
require '../../mysql/query.php';
$day = sqlEscape($_POST['day']);
$times = sqlSelect("SELECT bookings.id AS booking_id, booked_at, start, end, invoice, webpay, in_place, customers.id AS customer_id, customers.first_name, customers.last_name, category.name FROM `bookings` INNER JOIN customers INNER JOIN services INNER JOIN category ON bookings.customer_id = customers.id AND bookings.service_id = services.id AND services.category_id = category.id WHERE DATE(`start`) = '{$day}' AND bookings.company_id = {$_SESSION['company']['id']} AND employer_id = {$_SESSION['me']['id']};");
// echo "SELECT id, booked_at, start, end, invoice, webpay, in_place, customers.id, customers.first_name, customers.last_name FROM `bookings` INNER JOIN customers ON bookings.customer_id = customers.id WHERE DATE(`start`) = '{$day}' AND company_id = {$_SESSION['company']['id']} AND employer_id = {$_SESSION['me']['id']};";
// die;
// echo "SELECT bookings.id AS booking_id, booked_at, start, end, invoice, webpay, in_place, customers.id AS customer_id, customers.first_name, customers.last_name, services.name FROM `bookings` INNER JOIN customers INNER JOIN services ON bookings.customer_id = customers.id AND bookings.service_id = services.id WHERE DATE(`start`) = '{$day}' AND company_id = {$_SESSION['company']['id']} AND employer_id = {$_SESSION['me']['id']};";
// die;
if ($times) {
echo json_encode($times);
} else {
echo 0;
}
die;
}
}
case "label":
break;
case "text":
case "textarea":
case 'themeselector':
$sets[] = $field . " = '" . SqlEscape($_POST[$field]) . "'";
break;
case "password":
if ($_POST[$field]) {
$sets[] = $field . " = '" . SqlEscape($_POST[$field]) . "'";
}
break;
case "select":
$val = $_POST[$field];
if (array_key_exists($val, $item['options'])) {
$sets[] = $field . " = '" . sqlEscape($val) . "'";
}
break;
case "number":
$num = (int) $_POST[$field];
if ($num < 1) {
$num = $item['min'];
} elseif ($num > $item['max']) {
$num = $item['max'];
}
$sets[] = $field . " = " . $num;
break;
case "datetime":
if ($_POST[$item['presetname']] != -1) {
$_POST[$field] = $_POST[$item['presetname']];
}
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
session_start();
if (isset($_SESSION['company']['id']) && is_numeric($_SESSION['company']['id']) && isset($_SESSION['me']['id']) && is_numeric($_SESSION['me']['id'])) {
require '../../mysql/query.php';
$open = sqlEscape($_POST['open']);
$close = sqlEscape($_POST['close']);
$start = new DateTime($open);
$end = new DateTime($close);
$hourDiff = $start->diff($end);
if ($hourDiff->i == 30) {
$hourDiff->h++;
}
$array = array();
for ($i = 1; $i <= $hourDiff->h * 2; $i++) {
if ($start->format('Y-m-d H:i') != '2016-03-21 12:00' && $start->format('Y-m-d H:i') != '2016-03-21 12:30') {
array_push($array, $start->format('Y-m-d H:i'));
}
$start = $start->modify('+30 minutes');
}
echo json_encode($array);
die;
}
}
<?php
set_include_path("..");
require_once( 'offensive/assets/header.inc' );
// Include, and check we've got a connection to the database.
require_once( 'admin/mysqlConnectionInfo.inc' );
if(!isset($link) || !$link) $link = openDbConnection();
require_once('offensive/assets/functions.inc');
$sql = "SELECT userid FROM users WHERE username LIKE '" . sqlEscape($_REQUEST['finduser']) . "'";
$result = tmbo_query($sql);
$row = mysql_fetch_array( $result );
if( mysql_num_rows( $result ) == 1 ) {
header("Location: ".Link::user($row['userid']));
}
else {
header("Location: ".$_SERVER['HTTP_REFERER']);
}
?>
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
session_start();
require '../../../mysql/query.php';
if (isset($_POST['description'])) {
$text = sqlEscape($_POST['description']);
if (sqlAction("UPDATE users SET personal_text = '{$text}' WHERE user_id = {$_SESSION['user']['id']};")) {
echo json_encode(array('success' => true));
die;
}
}
}
<?php
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: X-Requested-With, Content-Type');
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$postdata = file_get_contents('php://input');
$request = json_decode($postdata);
require '../../../mysql/query.php';
require '../../../lang/config.php';
$user = sqlEscape($request->user);
$password = sqlEscape($request->password);
$user_exists = sqlSelect("SELECT user_id, username, password, profile_img FROM `users` WHERE type = 1 AND username = '******' OR email = '{$user}';");
if (!$user_exists) {
echo 'Fel användarnamn';
} else {
$pwd = $user_exists[0]['password'];
if (password_verify($password, $pwd)) {
$data['user']['id'] = $user_exists[0]['user_id'];
$data['user']['name'] = $user_exists[0]['username'];
$data['user']['img'] = $user_exists[0]['profile_img'];
echo json_encode($data['user']);
} else {
echo 'Fel lösenord';
}
}
}
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
session_start();
require '../../../mysql/query.php';
require '../../../lang/config.php';
$group_id = sqlEscape($_POST['group_id']);
$group_name = sqlEscape($_POST['group_name']);
$group_description = sqlEscape($_POST['group_description']);
if (sqlAction("UPDATE groups SET description = '{$group_description}' WHERE id = {$group_id};") && sqlAction("INSERT INTO group_news_feed (group_id, user_id, type, what, date) VALUES ({$group_id}, {$_SESSION['user']['id']}, 'edited_description', 'null', now());")) {
// require '../../group_members.php';
// $members = getGroupMembers($group_id);
header("Location: ../../../groups/{$group_id}/description");
}
}
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
session_start();
require '../../mysql/query.php';
$mail = sqlEscape($_POST['mail']);
$password = sqlEscape($_POST['password']);
// $company_exists = sqlSelect("SELECT id, Bolagsnamn, password FROM companies WHERE Bolagsnamn = 'Testfrisör';");
$user_exists = sqlSelect("SELECT companies_employers.id, first_name, last_name, mail, companies_employers.password, companies.id AS company_id, companies.Bolagsnamn FROM `companies_employers` INNER JOIN companies ON companies_employers.company_id = companies.id WHERE mail = '{$mail}';");
if ($user_exists) {
$pwd = $user_exists[0]['password'];
if (password_verify($password, $pwd)) {
$_SESSION['me'] = array('id' => $user_exists[0]['id'], 'first_name' => $user_exists[0]['first_name'], 'last_name' => $user_exists[0]['last_name'], 'mail' => $user_exists[0]['mail']);
$_SESSION['company'] = array('id' => $user_exists[0]['company_id'], 'name' => $user_exists[0]['Bolagsnamn']);
header('Location: ../../company/todo');
} else {
header('Location: ../../login');
}
} else {
header('Location: ../../login');
}
}
echo "[{\"id\":\"{$term}\",\"name\":\"{$term}\"}]";
// echo '[{"id":0,"name":"Test"}]';
// echo json_encode(array('id' => $services['id'], 'name' => $services['name']));
}
}
if ($search == 'my_services') {
$my_services = sqlSelect("SELECT services.id, services.name AS service_name, price, time, category.name AS category_name FROM `companies_employers_services` INNER JOIN services INNER JOIN category ON companies_employers_services.service_id = services.id AND services.category_id = category.id WHERE companies_employers_services.employer_id = {$_SESSION['me']['id']} AND category.name LIKE '%{$term}%';");
if ($my_services) {
echo json_encode($my_services);
}
}
if ($search == 'timestamp' && !empty($_POST['timestamp'])) {
$date = sqlEscape($_POST['timestamp']);
$times = sqlSelect("SELECT schedule.id, timestamp, booked, customers.first_name, customers.last_name, customers.mail FROM `schedule` LEFT JOIN customers ON schedule.customer_id = customers.id WHERE DATE(timestamp) = '{$date}' AND company_id = {$_SESSION['company']['id']} ORDER BY timestamp;");
if ($times) {
echo json_encode($times);
} else {
echo 0;
}
}
if ($search == 'personnr') {
$personnr = sqlEscape($_POST['term']);
$customer = sqlSelect("SELECT id, first_name, last_name, mail, tel FROM customers WHERE person_nr = '{$personnr}';");
if ($customer) {
echo json_encode($customer);
} else {
echo 0;
}
}
}
}
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
session_start();
require '../../mysql/query.php';
$input = json_decode($_POST['login']);
$user = sqlEscape($input->user);
$password = sqlEscape($input->password);
$user_exists = sqlSelect("SELECT id, person_nr, first_name, last_name, mail, tel, password FROM customers WHERE person_nr = '{$user}' OR mail = '{$user}';");
if ($user_exists) {
$pwd = $user_exists[0]['password'];
if (password_verify($password, $pwd)) {
$_SESSION['me'] = array('id' => $user_exists[0]['id'], 'personnr' => $user_exists[0]['person_nr'], 'first_name' => $user_exists[0]['first_name'], 'last_name' => $user_exists[0]['last_name'], 'mail' => $user_exists[0]['mail'], 'tel' => $user_exists[0]['id']);
echo 1;
} else {
echo 'wrong password';
}
} else {
echo 'wrong username';
}
}
function bb2_db_escape($string)
{
// return mysql_real_escape_string($string);
return sqlEscape($string);
// No-op when database not in use.
}
function logEvent($type, $str, $user_id = 0)
{
if (!$user_id) {
$user_id = $_SESSION['User']['user_id'];
}
$sql = "INSERT INTO log (id, user_id, type, text, tstamp) VALUES ('', '" . sqlEscape($user_id) . "', '" . sqlEscape($type) . "', '" . sqlEscape($str) . "', NOW())";
sqlQuery($sql, $res);
}
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
session_start();
require '../../mysql/query.php';
if (isset($_SESSION['company']['id']) && is_numeric($_SESSION['company']['id']) && isset($_POST['timestamp'])) {
$timestamp = sqlEscape($_POST['timestamp']);
$insert = sqlAction("INSERT INTO schedule (timestamp, booked, company_id, employer_id) VALUES ('{$timestamp}', 0, {$_SESSION['company']['id']}, {$_SESSION['me']['id']});", true);
if (is_numeric($insert)) {
echo $insert;
}
}
}