function update_post_stats(&$mode, &$post_data, &$forum_id, &$topic_id, &$post_id, &$user_id) { $sign = ($mode == 'delete') ? '- 1' : '+ 1'; $forum_update_sql = "forum_posts = forum_posts $sign"; $topic_update_sql = ''; if ($mode == 'delete') { if ($post_data['last_post']) { if ($post_data['first_post']) { $forum_update_sql .= ', forum_topics = forum_topics - 1'; } else { $topic_update_sql .= 'topic_replies = topic_replies - 1'; $sql = 'SELECT MAX(post_id) AS last_post_id FROM _forum_posts WHERE topic_id = ?'; if ($last_post_id = sql_field(sql_filter($sql, $topic_id), 'last_post_id', 0)) { $topic_update_sql .= sql_filter(', topic_last_post_id = ?', $last_post_id); } } if ($post_data['last_topic']) { $sql = 'SELECT MAX(topic_id) AS last_topic_id FROM _forum_posts WHERE forum_id = ?'; if ($last_topic_id = sql_field(sql_filter($sql, $forum_id), 'last_topic_id', 0)) { $forum_update_sql .= ($last_topic_id) ? ', forum_topic_post_id = ' . $last_topic_id : ', forum_last_topic_id = 0'; } } } else if ($post_data['first_post']) { $sql = 'SELECT MIN(post_id) AS first_post_id FROM _forum_posts WHERE topic_id = ?'; if ($first_post_id = sql_field(sql_filter($sql, $topic_id), 'first_post_id', 0)) { $topic_update_sql .= 'topic_replies = topic_replies - 1, topic_first_post_id = ' . $first_post_id; } } else { $topic_update_sql .= 'topic_replies = topic_replies - 1'; } } else if ($mode != 'poll_delete') { $forum_update_sql .= ", forum_last_topic_id = $topic_id" . (($mode == 'newtopic') ? ", forum_topics = forum_topics $sign" : ""); $topic_update_sql = "topic_last_post_id = $post_id" . (($mode == 'reply') ? ", topic_replies = topic_replies $sign" : ", topic_first_post_id = $post_id"); } else { $topic_update_sql .= 'topic_vote = 0'; } $sql = 'UPDATE _forums SET ' . $forum_update_sql . ' WHERE forum_id = ' . $forum_id; sql_query($sql); if ($topic_update_sql != '') { $sql = "UPDATE _forum_topics SET $topic_update_sql WHERE topic_id = $topic_id"; sql_query($sql); } if ($mode != 'poll_delete') { $sql = "UPDATE _members SET user_posts = user_posts $sign WHERE user_id = $user_id"; sql_query($sql); } $current_time = time(); $minutes = date('is', $current_time); $hour_now = $current_time - (60 * ($minutes[0] . $minutes[1])) - ($minutes[2] . $minutes[3]); $sql = "UPDATE _site_stats SET " . (($mode == 'newtopic' || $post_data['first_post']) ? 'new_topics = new_topics' : 'new_posts = new_posts') . $sign . ' WHERE date = ' . intval($hour_now); sql_query($sql); if (!sql_affectedrows()) { $sql = 'INSERT INTO _site_stats (date, '.(($mode == 'newtopic' || $post_data['first_post']) ? 'new_topics': 'new_posts').') VALUES (' . $hour_now . ', 1)'; sql_query($sql); } $sql = 'SELECT ug.user_id, g.group_id as g_id, u.user_posts, g.group_count, g.group_count_max FROM _groups g, _members u LEFT JOIN _members_group ug ON g.group_id = ug.group_id AND ug.user_id = ? WHERE u.user_id = ? AND g.group_single_user = 0 AND g.group_count_enable = 1 AND g.group_moderator <> ?'; $result = sql_rowset(sql_filter($sql, $user_id, $user_id, $user_id)); foreach ($result as $group_data) { $user_already_added = (empty($group_data['user_id'])) ? false : true; $user_add = ($group_data['group_count'] == $group_data['user_posts'] && $user_id!=GUEST) ? true : false; $user_remove = ($group_data['group_count'] > $group_data['user_posts'] || $group_data['group_count_max'] < $group_data['user_posts']) ? true : false; //user join a autogroup if ($user_add && !$user_already_added) { $sql_insert = array( 'group_id' => $group_data['g_id'], 'user_id' => $user_id, 'user_pending' => 0 ); sql_insert('members_group', $sql_insert); } else if ( $user_already_added && $user_remove) { //remove user from auto group $sql = 'DELETE FROM _members_group WHERE group_id = ? AND user_id = ?'; sql_query(sql_filter($sql, $group_data['g_id'], $user_id)); } } return; }
public function dl_vote() { if (!$this->auth['user']) { do_login(); } global $user; $option_id = request_var('vote_id', 0); $url = s_link('a', $this->data['subdomain'], 'downloads', $this->dl_data['id']); if ($this->auth['adm'] || $this->auth['mod'] || !in_array($option_id, $this->voting['ud'])) { redirect($url); } $user_voted = false; $sql = 'SELECT user_id FROM _dl_voters WHERE ud = ? AND user_id = ?'; if (sql_field(sql_filter($sql, $this->dl_data['id'], $user->d('user_id')), 'user_id', 0)) { $user_voted = true; } if ($user_voted) { redirect($url); } $sql = 'UPDATE _dl_vote SET vote_result = vote_result + 1 WHERE ud = ? AND option_id = ?'; sql_query(sql_filter($sql, $this->dl_data['id'], $option_id)); if (!sql_affectedrows()) { $sql_insert = array( 'ud' => $this->dl_data['id'], 'option_id' => $option_id, 'vote_result' => 1 ); sql_insert('dl_vote', $sql_insert); } $sql_insert = array( 'ud' => $this->dl_data['id'], 'user_id' => $user->d('user_id'), 'user_option' => $option_id ); sql_insert('dl_voters', $sql_insert); $sql = 'UPDATE _dl SET votes = votes + 1 WHERE id = ?'; sql_query(sql_filter($sql, $this->dl_data['id'])); redirect($url); }
protected function _gallery_remove() { global $bio, $warning; if (_button()) { $v = $this->__(array('picture' => array(0))); if (!count($v->picture)) { $warning->now(); } $sql = 'SELECT * FROM _bio_images WHERE image_bio = ? AND image_assoc IN (??) ORDER BY image_id'; if (!($images = sql_rowset(sql_filter($sql, $bio->v('bio_id'), _implode(',', $v->picture))))) { $warning->now(); } $filepath = array('original' => _lib(), 'thumbnail' => _lib()); foreach ($images as $row) { foreach ($filepath as $path) { } } } if ($submit) { $v = $this->__(array('s_images' => array(0))); $s_images = $v->s_images; if (sizeof($s_images)) { if ($row = $db->sql_fetchrow($result)) { $delete_images = w(); do { $gfile = array($gallery_path . $row['image'] . '.jpg', $thumbs_path . $row['image'] . '.jpg'); foreach ($gfile as $image) { if (@is_file($image) && @is_readable($image)) { @chmod($image, 0777); if (@unlink($image)) { if (!@file_exists($image)) { if (!isset($delete_images[$row['image']])) { $delete_images[$row['image']] = true; } } } } } } while ($row = $db->sql_fetchrow($result)); if (sizeof($delete_images)) { $sql = 'DELETE FROM _bio_pictures WHERE picture_bio = ? AND picture_id IN (??)'; sql_query(sql_filter($sq, $bio->v('bio_id'), _implode(',', array_keys($delete_images)))); if ($deleted_count = sql_affectedrows()) { $sql = 'UPDATE _bio_store SET store_value = store_value - ?? WHERE store_bio = ?'; sql_query(sql_filter($sql, $deleted_count, $bio->v('bio_id'))); } } } $db->sql_freeresult($result); } } if (!$error) { redirect(_link_control('a', array('a' => $bio->v('bio_alias'), 'x1' => $this->x(1)))); } }
<?php define('IN_EX', true); include '../includes/common.php'; $user->session_start(); $user->plogin(); $user->session_auth(); $sql = "SELECT *\n\tFROM _prov\n\tWHERE p_nit LIKE '%-%'"; $result = sql_rowset($sql); foreach ($result as $row) { $new_nit = str_replace(array('-', ' '), array('', ''), $row['p_nit']); $sql = 'SELECT * FROM _prov WHERE p_nit = ?'; if (!($row2 = sql_fieldrow(sql_filter($sql, $new_nit)))) { $sql_insert = array('p_nit' => $new_nit, 'p_name' => $row['p_name']); $sql = 'INSERT INTO _prov' . sql_build('INSERT', $sql_insert); sql_query($sql); echo $sql . '*' . sql_affectedrows() . '<br />'; } $sql = 'UPDATE _constancia SET c_nit = ? WHERE c_nit = ?'; sql_query(sql_filter($sql, $new_nit, $row['p_nit'])); echo $sql . '*' . sql_affectedrows() . '<br />'; $sql = 'DELETE FROM _prov WHERE p_nit = ?'; sql_query(sql_filter($sql, $row['p_nit'])); echo $sql . '*' . sql_affectedrows() . '<br />'; echo '<br />'; }
private function remove() { global $config; $s_images = request_var('ls_images', array(0)); if (sizeof($s_images)) { $common_path = $config['artists_path'] . $this->object['ub'] . '/'; $path = array( $common_path . 'x1/', $common_path . 'gallery/', $common_path . 'thumbnails/', ); $sql = 'SELECT * FROM _artists_images WHERE ub = ? AND image IN (??) ORDER BY image'; $result = sql_rowset(sql_filter($sql, $this->object['ub'], implode(',', $s_images))); $affected = w(); foreach ($result as $row) { foreach ($path as $path_row) { $filepath = $path_row . $row['image'] . '.jpg'; _rm($filepath); } $affected[] = $row['image']; } if (count($affected)) { $sql = 'DELETE FROM _artists_images WHERE ub = ? AND image IN (??)'; sql_query(sql_filter($sql, $this->object['ub'], implode(',', $affected))); $sql = 'UPDATE _artists SET images = images - ?? WHERE ub = ?'; sql_query(sql_filter($sql, sql_affectedrows(), $this->object['ub'])); } } return redirect(s_link('acp', array('artist_gallery', 'a' => $this->object['subdomain']))); }
function session_create($user_id = false) { global $db, $config; $this->data = array(); // Garbage collection ... remove old sessions updating user information // if necessary. It means (potentially) 11 queries but only infrequently if ($this->time_now > $config['session_last_gc'] + $config['session_gc']) { $this->session_gc(); } if ($user_id !== false) { $this->cookie_data['u'] = $user_id; $sql = 'SELECT * FROM _users WHERE user_id = ?'; $this->data = sql_fieldrow(sql_filter($sql, $this->cookie_data['u'])); } // If no data was returned one or more of the following occured: // Key didn't match one in the DB // User does not exist if (!sizeof($this->data)) { $this->cookie_data['u'] = 1; $sql = 'SELECT * FROM _users WHERE user_id = ?'; $this->data = sql_fieldrow(sql_filter($sql, $this->cookie_data['u'])); } if ($this->data['user_id'] != 1) { $sql = 'SELECT session_time, session_id FROM _sessions WHERE session_user_id = ? ORDER BY session_time DESC LIMIT 1'; if ($sdata = sql_fieldrow(sql_filter($sql, $this->data['user_id']))) { $this->data = array_merge($sdata, $this->data); unset($sdata); $this->session_id = $this->data['session_id']; } $this->data['session_last_visit'] = isset($this->data['session_time']) && $this->data['session_time'] ? $this->data['session_time'] : ($this->data['user_lastvisit'] ? $this->data['user_lastvisit'] : time()); } else { $this->data['session_last_visit'] = time(); } // // Do away with ultimately? $this->data['is_user'] = $this->data['user_id'] != 1 ? true : false; // // // Create or update the session $sql_ary = array('session_user_id' => (int) $this->data['user_id'], 'session_start' => (int) $this->time_now, 'session_last_visit' => (int) $this->data['session_last_visit'], 'session_time' => (int) $this->time_now, 'session_page' => (string) $this->page, 'session_ip' => (string) $this->ip); $sql = 'UPDATE _sessions SET ?? WHERE session_id = ?'; sql_query(sql_filter($sql, sql_build('UPDATE', $sql_ary), $this->session_id)); if (!$this->session_id || !sql_affectedrows()) { $this->session_id = $this->data['session_id'] = md5(unique_id()); $sql_ary['session_id'] = (string) $this->session_id; sql_query('INSERT INTO _sessions' . sql_build('INSERT', $sql_ary)); } $cookie_expire = $this->time_now + 31536000; $this->set_cookie('u', $this->cookie_data['u'], $cookie_expire); $this->set_cookie('sid', $this->session_id, 0); return true; }
/** * Create a new session * * If upon trying to start a session we discover there is nothing existing we * jump here. Additionally this method is called directly during login to regenerate * the session for the specific user. In this method we carry out a number of tasks; * garbage collection, (search)bot checking, banned user comparison. Basically * though this method will result in a new session for a specific user. */ public function session_create($bio_id = false, $_update = true) { global $core; $this->base = w(); // Garbage collection. Remove old sessions updating user information // if necessary. It means (potentially) 11 queries but only infrequently if (time() > $core->v('session_last_gc') + $core->v('session_gc')) { $this->session_gc(); } // If we've been passed a bio_id we'll grab data based on that if ($bio_id !== false) { $this->cookie['u'] = $bio_id; $this->base = $this->select($this->cookie['u']); } // If no data was returned one or more of the following occured: // User does not exist // User is inactive // User is bot if (!count($this->base) || !is_object($this->base)) { $this->cookie['u'] = 1; $this->base = $this->select($this->cookie['u']); } $this->base->session_last_visit = time(); if ($this->base->bio_id != 1) { $sql = 'SELECT session_time, session_id FROM _sessions WHERE session_bio_id = ? ORDER BY session_time DESC LIMIT 1'; if ($result = sql_fieldrow(sql_filter($sql, $this->base->bio_id))) { $result2 = w(); foreach ($result as $result_k => $result_v) { $result2[$result_k] = $result_v; } $result3 = w(); foreach ($this->base as $result_k => $result_v) { $result3[$result_k] = $result_v; } $this->base = (object) array_merge($result3, $result2); $this->session = $this->base->session_id; unset($result); } $this->base->session_last_visit = isset($this->base->session_time) && $this->base->session_time ? $this->base->session_time : ($this->base->bio_lastvisit ? $this->base->bio_lastvisit : time()); } // Create or update the session $sql_ary = array('session_bio_id' => $this->base->bio_id, 'session_start' => time(), 'session_last_visit' => $this->base->session_last_visit, 'session_time' => time(), 'session_browser' => (string) $this->browser, 'session_ip' => (string) $this->ip); if ($_update) { $sql_ary['session_page'] = (string) $this->page; $this->base->session_page = $sql_ary['session_page']; } $run_update = false; if ($this->session) { $run_update = true; $sql = 'UPDATE _sessions SET ' . sql_build('UPDATE', $sql_ary) . sql_filter(' WHERE session_id = ?', $this->session); sql_query($sql); } if (!$this->session || $run_update && !sql_affectedrows()) { $this->session = $this->base->session_id = $sql_ary['session_id'] = (string) md5(unique_id()); $sql = 'INSERT INTO _sessions' . sql_build('INSERT', $sql_ary); sql_query($sql); } $this->set_cookie('u', $this->cookie['u'], time() + 31536000); $this->set_cookie('sid', $this->session, 0); return true; }
public function update_config($config_name, $config_value) { $update = array('config_value' => $config_value); $sql = 'UPDATE _config SET ?? WHERE config_name = ?'; sql_query(sql_filter($sql, sql_build('UPDATE', $update), $config_name)); if (!sql_affectedrows() && !isset($this->config[$config_name])) { $update['config_name'] = $config_name; $sql = 'INSERT INTO _config' . sql_build('INSERT', $update); sql_query($sql); } $this->config[$config_name] = $config_value; }
public function _panel() { global $user, $config, $template; $this->data['layout'] = request_var('layout', ''); $this->_auth(); if (!$this->data['layout']) { $this->data['layout'] = 'main'; } switch ($this->data['layout']) { case 'website': case 'favorites': case 'vote': $this->call_layout(); break; default: $this->_make(true); /* Build nav menu */ /*$s_layout = w(); $s_layout['a']['_01'] = true; $s_layout['a']['_02'] = ($this->data['bio'] != '') ? true : false; $s_layout['a']['_04'] = ($this->data['images'] > 1) ? true : false; $s_layout['a']['_06'] = ($this->data['lirics'] > 0) ? true : false; $s_layout['a']['_09'] = ($this->data['layout'] == 9) ? true : false; $s_layout['a']['_12'] = ($this->data['layout'] == 12) ? true : false; $s_layout['a']['_18'] = ($this->data['a_video'] > 0) ? true : false; */ $available = w(); foreach ($this->layout as $i => $row) { if ($this->data['layout'] == $row['tpl']) { $this->data['template'] = $row['tpl']; } if ($this->{'_' . $row['tpl']}()) { $available[$row['tpl']] = true; _style('nav', array( 'LANG' => lang($row['text'])) ); if ($this->data['layout'] == $row['tpl']) { _style('nav.strong'); } else { $tpl = ($row['tpl'] == 'main') ? '' : $row['tpl']; _style('nav.a', array( 'URL' => s_link('a', $this->data['subdomain'], $tpl)) ); } } } if (!isset($available[$this->data['layout']])) { redirect(s_link('a', $this->data['subdomain'])); } $this->_make(); //_pre($available, true); /*foreach ($this->layout as $item => $data) { $s_layout['x'][$item] = $data['code']; if ($data['text'] == '') { $s_layout['e'][$item] = $data['code']; } if (isset($s_layout['a'][$item]) && $s_layout['a'][$item] && $data['tpl'] != '') { $s_layout['s'][$data['code']] = $data; } if (($this->data['layout'] == $data['code']) && $data['tpl'] != '') { $this->data['template'] = $data['tpl']; } } if (!in_array($this->data['layout'], $s_layout['x']) || (!isset($s_layout['s'][$this->data['layout']]) && !in_array($this->data['layout'], $s_layout['e']))) { redirect(s_link('a', $this->data['subdomain'])); }*/ // // Call selected layout // $this->call_layout(); // // Build nav // /*foreach ($s_layout['s'] as $data) { _style('nav', array( 'LANG' => lang($data['text'])) ); if ($this->data['layout'] == $data['code']) { _style('nav.strong'); continue; } if ($data['code'] === 1) $data['code'] = ''; _style('nav.a', array( 'URL' => s_link('a', $this->data['subdomain'], $data['code'])) ); }*/ // // Update stats // if (!$this->auth['mod']) { $update_views = false; $current_time = time(); $current_month = date('Ym', $current_time); if ($this->auth['user']) { $sql_viewers = array( 'datetime' => (int) $current_time, 'user_ip' => $user->ip ); $sql_viewers2 = array( 'ub' => (int) $this->data['ub'], 'user_id' => (int) $user->d('user_id') ); $sql = 'UPDATE _artists_viewers SET ?? WHERE ??'; sql_query(sql_filter($sql, sql_build('UPDATE', $sql_viewers), sql_build('SELECT', $sql_viewers2))); if (!sql_affectedrows()) { $update_views = true; $sql_stats = array('ub' => (int) $this->data['ub'], 'date' => (int) $current_month); sql_insert('artists_viewers', $sql_viewers + $sql_viewers2); $sql = 'UPDATE _artists_stats SET members = members + 1 WHERE ??'; sql_query(sql_filter($sql, sql_build('SELECT', $sql_stats))); if (!sql_affectedrows()) { $sql_insert = array( 'members' => 1, 'guests' => 0 ); sql_insert('artists_stats', $sql_stats + $sql_insert); } $sql = 'SELECT user_id FROM _artists_viewers WHERE ub = ? ORDER BY datetime DESC LIMIT 10, 1'; if ($row = sql_fieldrow(sql_filter($sql, $this->data['ub']))) { $sql = 'DELETE FROM _artists_viewers WHERE ub = ? AND user_id = ?'; sql_query(sql_filter($sql, $this->data['ub'], $row['user_id'])); } } } $_ps = request_var('ps', 0); if ((($this->auth['user'] && $update_views) || (!$this->auth['user'] && $this->data['layout'] == 1)) && !$_ps) { $sql = 'UPDATE _artists SET views = views + 1 WHERE ub = ?'; sql_query(sql_filter($sql, $this->data['ub'])); $this->data['views']++; if ((!$this->auth['user'] && $this->data['layout'] == 1) && !$_ps) { $sql_stats = array( 'ub' => (int) $this->data['ub'], 'date' => (int) $current_month ); $sql = 'UPDATE _artists_stats SET guests = guests + 1 WHERE ??'; sql_query(sql_filter($sql, sql_build('SELECT', $sql_stats))); if (!sql_affectedrows()) { $sql_insert = array( 'members' => 0, 'guests' => 1 ); sql_insert('artists_stats', $sql_stats + $sql_insert); } } } } // // Own events // $timezone = $config['board_timezone'] * 3600; list($d, $m, $y) = explode(' ', gmdate('j n Y', time() + $user->timezone + $user->dst)); $midnight = gmmktime(0, 0, 0, $m, $d, $y) - $user->timezone - $user->dst; $g = getdate($midnight); $week = mktime(0, 0, 0, $m, ($d + (7 - ($g['wday'] - 1)) - (!$g['wday'] ? 7 : 0)), $y) - $timezone; $sql = 'SELECT * FROM _events e, _artists_events ae WHERE ae.a_artist = ? AND ae.a_event = e.id ORDER BY e.date'; $result = sql_rowset(sql_filter($sql, $this->data['ub'])); $events = w(); foreach ($result as $row) { if ($row['date'] >= $midnight) { if ($row['date'] >= $midnight && $row['date'] < $midnight + 86400) { $events['is_today'][] = $row; } else if ($row['date'] >= $midnight + 86400 && $row['date'] < $midnight + (86400 * 2)) { $events['is_tomorrow'][] = $row; } else if ($row['date'] >= $midnight + (86400 * 2) && $row['date'] < $week) { $events['is_week'][] = $row; } else { $events['is_future'][] = $row; } } else if ($row['images']) { $events['is_gallery'][] = $row; } } if (isset($events['is_gallery']) && sizeof($events['is_gallery'])) { $gallery = $events['is_gallery']; @krsort($gallery); _style('events_gallery'); foreach ($gallery as $row) { _style('events_gallery.item', array( 'URL' => s_link('events', $row['event_alias']), 'TITLE' => $row['title'], 'DATETIME' => $user->format_date($row['date'], lang('date_format'))) ); } unset($events['is_gallery']); } if (sizeof($events)) { _style('events_future'); foreach ($events as $is_date => $data) { _style('events_future.set', array( 'L_TITLE' => lang('ue_' . $is_date)) ); foreach ($data as $item) { _style('events_future.set.row', array( 'ITEM_ID' => $item['id'], 'TITLE' => $item['title'], 'DATE' => $user->format_date($item['date']), 'THUMBNAIL' => $config['events_url'] . 'future/thumbnails/' . $item['id'] . '.jpg', 'SRC' => $config['events_url'] . 'future/' . $item['id'] . '.jpg') ); } } } // // Poll // $user_voted = false; if ($this->auth['user'] && !$this->auth['mod']) { $sql = 'SELECT * FROM _artists_voters WHERE ub = ? AND user_id = ?'; if (sql_fieldrow(sql_filter($sql, $this->data['ub'], $user->d('user_id')))) { $user_voted = true; } } _style('ub_poll'); if ($this->auth['mod'] || !$this->auth['user'] || $user_voted) { $sql = 'SELECT option_id, vote_result FROM _artists_votes WHERE ub = ? ORDER BY option_id'; $results = sql_rowset(sql_filter($sql, $this->data['ub']), 'option_id', 'vote_result'); _style('ub_poll.results'); foreach ($this->voting['ub'] as $item) { $vote_result = (isset($results[$item])) ? intval($results[$item]) : 0; $vote_percent = ($this->data['votes'] > 0) ? $vote_result / $this->data['votes'] : 0; _style('ub_poll.results.item', array( 'CAPTION' => lang('ub_vc' . $item), 'RESULT' => $vote_result, 'PERCENT' => sprintf("%.1d", ($vote_percent * 100))) ); } } else { _style('ub_poll.options', array( 'S_VOTE_ACTION' => s_link('a', $this->data['subdomain'], 'vote')) ); foreach ($this->voting['ub'] as $item) { _style('ub_poll.options.item', array( 'ID' => $item, 'CAPTION' => lang('ub_vc' . $item)) ); } } // // Downloads // if ($this->data['um'] || $this->data['uv']) { $sql = 'SELECT * FROM _dl WHERE ub = ? ORDER BY ud, title'; $this->ud_song = sql_rowset(sql_filter($sql, $this->data['ub']), 'ud', false, true); foreach ($this->ud_song as $key => $data) { $download_type = $this->dl_type($key); _style('ud_block', array('LANG' => $download_type['lang'])); foreach ($data as $song) { _style('ud_block.item', array( 'TITLE' => $song['title']) ); if (isset($this->dl_data['id']) && ($song['id'] == $this->dl_data['id'])) { _style('ud_block.item.strong'); continue; } _style('ud_block.item.a', array( 'URL' => s_link('a', $this->data['subdomain'], 'downloads', $song['id'])) ); } } } // // Fan count // $sql = 'SELECT COUNT(user_id) AS fan_count FROM _artists_fav WHERE ub = ? ORDER BY joined DESC'; $fan_count = sql_field(sql_filter($sql, $this->data['ub']), 'fan_count', 0); // // Make fans // if (!$this->auth['mod'] && !$this->auth['smod']) { _style('make_fans', array( 'FAV_URL' => s_link('a', $this->data['subdomain'], 'favorites'), 'FAV_LANG' => ($this->auth['fav']) ? '' : lang('ub_fav_add')) ); } // // Set template // v_style(array( 'INACTIVE' => !$this->data['a_active'], 'UNAME' => $this->data['name'], 'GENRE' => $this->data['genre'], 'POSTS' => number_format($this->data['posts']), 'VOTES' => number_format($this->data['votes']), 'FANS' => $fan_count, 'L_FANS' => ($fan_count == 1) ? lang('fan') : lang('fans'), 'LOCATION' => ($this->data['local']) ? (($this->data['location'] != '') ? $this->data['location'] . ', ' : '') . 'Guatemala' : $this->data['location']) ); $template->set_filenames(array( 'a_body' => 'artists.' . $this->data['template'] . '.htm') ); $template->assign_var_from_handle('UB_BODY', 'a_body'); break; } return; }
function set_config($config_name, $config_value) { global $config; $sql = 'UPDATE _application SET config_value = ? WHERE config_name = ?'; sql_query(sql_filter($sql, $config_value, $config_name)); if (!sql_affectedrows() && !isset($config[$config_name])) { $sql_insert = array( 'config_name' => $config_name, 'config_value' => $config_value ); sql_insert('application', $sql_insert); } $config[$config_name] = $config_value; }
function set_config($config_name, $config_value) { global $db, $config; $sql = 'UPDATE _config SET config_value = ? WHERE config_name = ?'; sql_query(sql_filter($sql, $config_value, $config_name)); if (!sql_affectedrows() && !isset($config[$config_name])) { $sql = 'INSERT INTO _config' . sql_build('INSERT', array('config_name' => $config_name, 'config_value' => $config_value)); sql_query($sql); } $config[$config_name] = $config_value; }
/** * Create a new session * * If upon trying to start a session we discover there is nothing existing we * jump here. Additionally this method is called directly during login to regenerate * the session for the specific user. In this method we carry out a number of tasks; * garbage collection, (search)bot checking, banned user comparison. Basically * though this method will result in a new session for a specific user. */ public function session_create($user_id = false, $set_admin = false, $update_page = true, $is_inactive = false) { global $config; $this->data = w(); if (strpos($this->page, 'signin')) { $this->page = ''; } // Garbage collection ... remove old sessions updating user information // if necessary. It means (potentially) 11 queries but only infrequently if ($this->time > $config['session_last_gc'] + $config['session_gc']) { $this->session_gc(); } /** * Here we do a bot check. We loop through the list of bots defined by * the admin and see if we have any useragent and/or IP matches. If we * do, this is a bot, act accordingly */ $bot = false; $active_bots = w(); obtain_bots($active_bots); foreach ($active_bots as $row) { if ($row['bot_agent'] && strpos(strtolower($this->browser), strtolower($row['bot_agent'])) !== false) { $bot = $row['user_id']; } // If ip is supplied, we will make sure the ip is matching too... if ($row['bot_ip'] && ($bot || !$row['bot_agent'])) { // Set bot to false, then we only have to set it to true if it is matching $bot = false; foreach (explode(',', $row['bot_ip']) as $bot_ip) { if (strpos($this->ip, $bot_ip) === 0) { $bot = (int) $row['user_id']; break; } } } if ($bot) { break; } } // If we've been passed a user_id we'll grab data based on that if ($user_id !== false) { $this->cookie_data['u'] = $user_id; $sql = 'SELECT * FROM _members WHERE user_id = ? AND user_type <> ?'; $this->data = sql_fieldrow(sql_filter($sql, $this->cookie_data['u'], USER_INACTIVE)); } // If no data was returned one or more of the following occured: // User does not exist // User is inactive // User is bot if (!sizeof($this->data) || !is_array($this->data)) { $this->cookie_data['u'] = ($bot) ? $bot : GUEST; $sql = 'SELECT * FROM _members WHERE user_id = ?'; $this->data = sql_fieldrow(sql_filter($sql, $this->cookie_data['u'])); } if ($this->data['user_id'] != 1) { $sql = 'SELECT session_time, session_id FROM _sessions WHERE session_user_id = ? ORDER BY session_time DESC LIMIT 1'; if ($sdata = sql_fieldrow(sql_filter($sql, $this->data['user_id']))) { $this->data = array_merge($sdata, $this->data); unset($sdata); $this->session_id = $this->data['session_id']; } $this->data['session_last_visit'] = (isset($this->data['session_time']) && $this->data['session_time']) ? $this->data['session_time'] : (($this->data['user_lastvisit']) ? $this->data['user_lastvisit'] : $this->time); } else { $this->data['session_last_visit'] = $this->time; } // At this stage we should have a filled data array, defined cookie u and k data. // data array should contain recent session info if we're a real user and a recent // session exists in which case session_id will also be set // Is user banned? Are they excluded? Won't return on ban, exists within method // @todo Change to !$this->data['user_type'] & USER_FOUNDER && !$this->data['user_type'] & USER_BOT in time // Fix 1 day problem //if ($this->data['user_type'] != USER_FOUNDER) { //$this->check_ban(); //} // // Do away with ultimately? $this->data['is_member'] = (!$bot && $this->data['user_id'] != 1) ? true : false; $this->data['is_bot'] = ($bot) ? true : false; $this->data['is_founder'] = ($this->data['user_id'] != 1 && $this->data['user_type'] == USER_FOUNDER && !$this->data['is_bot']) ? true : false; // // // Create or update the session $sql_ary = array( 'session_user_id' => (int) $this->data['user_id'], 'session_start' => (int) $this->time, 'session_last_visit' => (int) $this->data['session_last_visit'], 'session_time' => (int) $this->time, 'session_browser' => (string) $this->browser, 'session_ip' => (string) $this->ip, 'session_admin' => ($set_admin) ? 1 : 0 ); if ($update_page) { $sql_ary['session_page'] = (string) $this->page; $this->data['session_page'] = $sql_ary['session_page']; } $sql = 'UPDATE _sessions SET ?? WHERE session_id = ?'; sql_query(sql_filter($sql, sql_build('UPDATE', $sql_ary), $this->session_id)); if (!$this->session_id || !sql_affectedrows()) { $this->session_id = $this->data['session_id'] = md5(unique_id()); $sql_ary['session_id'] = (string) $this->session_id; sql_insert('sessions', $sql_ary); } if (!$bot) { $cookie_expire = $this->time + 31536000; $this->set_cookie('u', $this->cookie_data['u'], $cookie_expire); $this->set_cookie('sid', $this->session_id, 0); if ($this->data['is_member']) { $this->register_ip(); } unset($cookie_expire); } return true; }