function show_profile_edit_form($db)
{
//require 'CUsers.php';
// Get information of logged user.
$cUsers = new CUsers($db);
$ret = $cUsers->getUserInfo($_SESSION['id']);
// Create birthdate in correct format.
$tmp = explode('-', $ret[0]['birthdate']);
$ret[0]['birthdate'] = $tmp[2] . '.' . $tmp[1] . '.' . $tmp[0];
// Fields to add in form
$fields = array('id' => 'hidden', 'firstname' => 'text', 'lastname' => 'text', 'city' => 'text', 'homepage' => 'text', 'birthdate' => 'text', 'email' => 'text', 'password' => 'password', 'password_again' => 'password');
// Field names
$field_names = array('firstname' => 'Etunimi', 'lastname' => 'Sukunimi', 'password' => 'Salasana', 'password_again' => 'Salasana uudelleen', 'city' => 'Kaupunki', 'homepage' => 'Kotisivu', 'birthdate' => 'Syntymäpäivä (pv.kk.vvvv)', 'email' => 'Sähköposti');
echo '<div class="edit_profile">';
// Show message if there is any.
// For example message will be shown if user has changed
// his/her profile.
show_message();
echo '<form action="edit_profile.php" method="post">';
echo '<table>';
// Add every field in the form.
foreach ($fields as $key => $value) {
echo '<tr>';
// We do not want add empty input boxes for hidden values!
if ($value != 'hidden') {
echo '<td>';
echo $field_names[$key];
echo '</td>';
echo '<td>';
// If text field is other than password, then we
// should get user information as an default value.
if ($key != 'password' && $key != 'password_again') {
// If we are going to show birthdate, let's check
// if it is empty value, eg. 00.00.0000. If it is,
// then we want to show just empty string instead
// of that 00.00.0000.
if ($key == 'birthdate' && $ret[0][$key] == '00.00.0000') {
$ret[0][$key] = '';
}
echo '<input type="' . $value . '" value="' . $ret[0][$key] . '" name="' . $key . '">';
} else {
echo '<input type="' . $value . '" name="' . $key . '">';
}
echo '</td>';
}
echo '</tr>';
}
// "Päivitä tiedot" -button.
echo '<tr>';
echo '<td colspan="2">';
echo '<input type="submit" value="Päivitä">';
echo '</td>';
echo '</tr>';
echo '</table>';
echo '<div class="bottom_note">';
echo 'Huom! Jos jätät salasanakentät tyhjäksi, salasana ' . 'pysyy muuttamattomana!';
echo '</div>';
echo '</form>';
echo '</div>';
}
function show_poet_information($db, $data)
{
$cUsers = new CUsers($db);
echo '<div class="poet_info">';
echo '<div class="textblock">';
echo '<h3>Runoilijan tiedot</h3>';
echo '</div>';
// Get user ID.
if (isset($data['id'])) {
$id = mysql_real_escape_string($data['id']);
} else {
echo 'Käyttäjän ID:tä ei olla annettu!';
}
$ret = $cUsers->getUserInfo($id);
// Fields to add in form
$fields = array('username' => 'Käyttäjätunnus', 'firstname' => 'Etunimi', 'lastname' => 'Sukunimi', 'city' => 'Kaupunki', 'homepage' => 'Kotisivu', 'birthdate' => 'Syntymäpäivä', 'email' => 'Sähköposti', 'num_poems' => 'Runoja');
// Count number of poems
$cPoem = new CPoem($db, $_SESSION);
if ($_SESSION['id'] == $id) {
$ret[0]['num_poems'] = $cPoem->numPoems($ret[0]['id'], true);
} else {
$ret[0]['num_poems'] = $cPoem->numPoems($ret[0]['id'], false);
}
echo '<table>';
foreach ($ret[0] as $key => $value) {
// Convert birthdate to correct format
if ($key == 'birthdate' && $value != '') {
$tmp = explode('-', $value);
$value = $tmp[2] . '.' . $tmp[1] . '.' . $tmp[0];
}
// Show only fields what are listed in array $fiels
if (isset($fields[$key])) {
echo '<tr>';
echo '<td>';
echo $fields[$key];
echo '</td>';
echo '<td>';
echo $value;
echo '</td>';
echo '</tr>';
}
}
echo '</table>';
// Link back to poems
echo '<div class="back_to_poems">';
echo '<a href="poet.php?id=' . $ret[0]['id'] . '">' . 'Takaisin runoilijan runoihin</a>';
echo '</div>';
echo '</div>';
}
function check_post_values($db, $data)
{
// Is there username and password given in POST-data?
if (isset($data['username']) && isset($data['password'])) {
// No SQL-injections!
$username = mysql_real_escape_string($data['username']);
$password = mysql_real_escape_string($data['password']);
// Get user information by username
$q = 'SELECT id, username, password FROM rs_users WHERE ' . 'username="******"';
try {
$ret = $db->query($q);
} catch (Exception $e) {
echo 'Virhe tietokantakyselyssä!';
die;
}
// If we found in database user, then check password
if ($db->numRows($ret) > 0) {
$row = $db->fetchAssoc($ret);
// Is password correct? If it is, then set
// session variables.
if ($row[0]['password'] == sha1($password)) {
$_SESSION['id'] = $row[0]['id'];
$_SESSION['username'] = $row[0]['username'];
// Icon to show
$_SESSION['message_icon'] = 'graphics/32px-Crystal_Clear_app_clean.png';
$_SESSION['message'] = 'Olet kirjautunut sisään ' . 'käyttäjätunnuksella "' . $username . '"';
$cUsers = new CUsers($db, $_SESSION);
$_SESSION['unseen_comments'] = $cUsers->countUnseenComments($_SESSION['id']);
} else {
// Icon to show
$_SESSION['message_icon'] = 'graphics/32px-Crystal_Clear_app_logout.png';
// Someting went wrong! Show error.
$_SESSION['message'] = 'Virheellinen salasana!';
}
} else {
// Icon to show
$_SESSION['message_icon'] = 'graphics/32px-Crystal_Clear_app_logout.png';
// Someting went wrong! Show error.
$_SESSION['message'] = 'Käyttäjätunnusta ei löytynyt!';
}
}
}
<?php
/**
* Login-sida
*
*/
// Inkludera config-filen
include __DIR__ . '/config.php';
//Erbjud logout om inloggad
$login = new CUsers($mz['database']);
$login->logout();
// Koppla upp till databasen
$db = new CUsers($mz['database']);
$loginForm = $db->loginForm();
// Skapa nödvändigt innehåll och spara i mz-variabeln
$mz['title'] = "Nyheter";
$mz['main'] = <<<EOD
<div class="container">
\t<h1>Logga in</h1>
\t{$loginForm}
</div>
EOD;
// När alla variabler är satta, inkludera templaten
include MZ_THEME_PATH;
OUT("?p={$p}&act={$act}&action={$action}&show={$show}&page={$page}&sort=fio");
?>
">ФИО</a></td>
<td class=tbl1><a href="<?php
OUT("?p={$p}&act={$act}&action={$action}&show={$show}&page={$page}&sort=traffic");
?>
">Трафик</a></td>
<td class=tbl1><a href="<?php
OUT("?p={$p}&act={$act}&action={$action}&show={$show}&page={$page}&sort=time");
?>
">Время</a></td>
<td class=tbl1>Действия</td>
</tr>
<?php
}
$USR = new CUsers($DIRS["users_data"], $DIRS["users_list"], $DIRS["users_private"], $DIRS["users_groups"], $DIRS["users_online"]);
$USR->SetSeparators($GV["sep1"], $GV["sep2"]);
for ($i = 0; $i < count($list); ++$i) {
$data = $BILL->GetUserData($list[$i]);
$adata = $BILL->GetUserTotalAcctsData($list[$i]);
if (isset($show) && $show == "tbl") {
?>
<tr>
<td class=tbl1><?php
OUT($i + 1);
?>
</td>
<td class=tbl1><a href="?p=users&act=userinfo&id=<?php
OUT($data["uid"]);
?>
"><?php
}
$tarlist = $BILL->GetTarifs();
//$tarlist=array(array("id"=>"0","title"=>"Без доступа в интернет"),array("id"=>"1","title"=>"Пользовательский"));
$tarselect = "<select name=vars[] style=\"width:100%;\" class=inputbox><option value=\"0\" style=\"background-color:#DD9999\">Без доступа в интернет</option>";
for ($i = 0; $i < count($tarlist); ++$i) {
if ($tr == $tarlist[$i]["gid"]) {
$sel = " selected";
} else {
$sel = "";
}
$tarselect .= "<option value=\"" . $tarlist[$i]["gid"] . "\"{$sel}>" . $tarlist[$i]["packet"] . "</option>\r\n";
}
$tarselect .= "</select>";
global $MDL;
$MDL->Load("users");
$USR = new CUsers($DIRS["users_data"], $DIRS["users_list"], $DIRS["users_private"], $DIRS["users_groups"], $DIRS["users_online"]);
$USR->SetSeparators($GV["sep1"], $GV["sep2"]);
$groupssel = "<select name=vars[] style=\"width:100%;\" class=inputbox>";
$glist = $USR->GetGroups();
for ($i = 0; $i < count($glist); ++$i) {
if ($glist[$i]["level"] <= $CURRENT_USER["level"]) {
if ($gr == $glist[$i]["id"]) {
$sel = " selected";
} else {
$sel = "";
}
$groupssel .= "<option value=\"" . $glist[$i]["id"] . "\"{$sel}>" . $glist[$i]["name"] . "</option>";
}
}
$groupssel .= "</select>";
if ($gender == 0) {
function authenticate()
{
global $MDL, $DIRS, $GV, $CURRENT_USER, $_SESSION;
if ($MDL->IsModuleExists('users')) {
$MDL->Load("users");
$USR = new CUsers($DIRS["users_data"], $DIRS["users_list"], $DIRS["users_private"], $DIRS["users_groups"], $DIRS["users_online"]);
$USR->SetSeparators($GV["sep1"], $GV["sep2"]);
} else {
$USR = NULL;
}
if (check_auth() && $USR && !_isrootdef()) {
$CURRENT_USER["login"] = $_SESSION["login"];
$CURRENT_USER["passwd"] = $_SESSION["passwd"];
$CURRENT_USER["id"] = $USR->GetUserId($_SESSION["login"]);
$data = $USR->GetUserData($CURRENT_USER["id"]);
$CURRENT_USER["nick"] = $data["nick"];
$CURRENT_USER["email"] = $data["email"];
$CURRENT_USER["url"] = $data["url"];
$CURRENT_USER["level"] = $USR->GetUserLevel($CURRENT_USER["id"]);
if ($CURRENT_USER["level"] >= 8) {
$_SESSION["rootacc"] = true;
} else {
$_SESSION["rootacc"] = false;
}
} elseif (_isrootdef()) {
$CURRENT_USER["level"] = 10;
$CURRENT_USER["nick"] = $GV["site_owner"];
$CURRENT_USER["id"] = "!ROOT!";
} else {
$CURRENT_USER["level"] = 0;
$CURRENT_USER["id"] = "!GUEST!";
}
$CURRENT_USER["ip"] = get_ip_address();
$CURRENT_USER["browser"] = $_SERVER['HTTP_USER_AGENT'];
if ($USR) {
$MDL->Load("users");
$USR->UpdateOnline($CURRENT_USER);
}
}
<?php
/**
* MZ 404-sida
*
*/
// Inkludera config-filen
include __DIR__ . '/config.php';
//Skydda sidan med loginfunktioner
$login = new CUsers($mz['database']);
$login->loginProtected();
//samt erbjud logout
$login->logout();
// Koppla upp till databasen
$login->deleteUser();
$userList = $login->generateUserList();
// Skapa nödvändigt innehåll och spara i mz-variabeln
$mz['title'] = "Nyheter";
$mz['main'] = <<<EOD
<div class="container">
\t<h1>Användare på sidan:</h1>
\t{$userList}
</div>
EOD;
// När alla variabler är satta, inkludera templaten
include MZ_THEME_PATH;
$_GET['num_poems'] = 50;
}
// Maximum is 100 poems per page. We do not want
// to make whole server lag because of this.
if ($_GET['num_poems'] > 100) {
$_GET['num_poems'] = 100;
}
echo '<div class="poems">';
echo '<table width="100%">';
echo '<tr><td><h3>' . $_GET['num_poems'] . ' uusinta runoa</h3></td>';
echo '<td>';
echo '<a href="rss.php?special=newest"><img src="graphics/rss.gif" class="rss">';
echo '</a></td></tr></table>';
// Get 50 newest poems
$cPoem = new CPoem($db, $_SESSION);
$cUsers = new CUsers($db, $_SESSION);
$poems = $cPoem->getNewestPoems($_GET['num_poems']);
echo '<table>';
echo '<tr>';
echo '<td><b>Runoilija</b></td>';
echo '<td><b>Runon nimi</b></td>';
echo '<td><b>Lisätty</b></td>';
echo '</tr>';
$poems_per_page = $cPoem->getPoemsPerPage();
foreach ($poems as $poem) {
echo '<tr>';
echo '<td>';
echo '<a href="poet.php?id=' . $poem['user_id'] . '">';
echo $cUsers->getUsername($poem['user_id']);
echo '</a>';
echo '</td>';
$cPoem = new CPoem($db, $_SESSION);
if ($type == 'newest') {
$poems = $cPoem->getNewestPoems(10);
create_rss($poems, 'Uusimmat runot', 'http://www.runosydan.net/rss.php?special=newest');
}
}
require 'general_functions.php';
// We must get poet ID OR special-action, so we have something to show.
if (!isset($_GET['poet_id']) && !isset($_GET['special'])) {
header('Location: index.php');
}
// In special feeds (newest poems) call function which will create
// correct RSS-feed for this.
if (isset($_GET['special'])) {
create_special_feed($db, $_GET['special']);
} else {
// Get poet username
$cUsers = new CUsers($db);
$poet_username = $cUsers->getUsername($_GET['poet_id']);
if ($poet_username == '') {
header('Location: index.php');
}
// Get poet poems on first page
require 'CPoem.php';
$cPoems = new CPoem($db, $_SESSION);
$poems = $cPoems->getPoems($_GET['poet_id'], 1, false);
// Feed title
$RSS_feed_title = 'Runoilijan ' . $poet_username . ' uusimmat runot';
$RSS_feed_url = 'http://www.runosydan.net/rss.php?poet_id=' . $_GET['poet_id'];
create_rss($poems, $RSS_feed_title, $url);
}
//зона по √ринвичу (ћосковское врем¤)
$zone = $vars['time_zone'];
//ћес¤ц
$month = gmdate("n", time() + $zone);
//echo("<br>month=".$months[$month-1]);
//ƒень недели
$dayweek = gmdate("w", time() + $zone);
//echo("<br>dayweek=".$daysweek[$dayweek]);
//“екуща¤ дата по √ринвичу (¬–≈ћя ћќ— ќ¬— ќ≈)
$date = $daysweek[$dayweek];
$date .= gmdate(", j ", time() + $zone);
$date .= $months[$month];
$date .= gmdate(", H:i", time() + $zone);
//$date=gmdate("$daysweek[$dayweek], j $months[$month], H:i", $zone);
if (check_auth()) {
$USR = new CUsers($DIRS["users_data"], $DIRS["users_list"], $DIRS["users_private"], $DIRS["users_groups"], $DIRS["users_online"]);
$USR->SetSeparators($GV["sep1"], $GV["sep2"]);
$nick = $CURRENT_USER['login'];
$g = 0;
while ($users_info['login'][$g] != $nick && $g < count($users_info)) {
$g++;
}
$user_index = $g;
$users_info['count'][$user_index]++;
$data = get_forum_user_data($users_info['id'][$user_index]);
$data['count'] = $users_info['count'][$user_index];
save_forum_user_data($users_info['id'][$user_index], $data);
$spec_rang = true;
for ($i = 0; $i < $vars['rangs_count']; $i++) {
if ($users_info['rang'][$user_index] == $rangs[$i]['rang']) {
$spec_rang = false;
<?php
if ($MDL->IsModuleExists("users")) {
global $usr_id, $CURRENT_USER;
$USR = new CUsers($DIRS["users_data"], $DIRS["users_list"], $DIRS["users_private"], $DIRS["users_groups"], $DIRS["users_online"]);
$USR->SetSeparators($GV["sep1"], $GV["sep2"]);
$list = $USR->GetUsers();
for ($i = 0; $i < count($list); ++$i) {
$ud = $list[$i];
$all_users[$i] = $list[$i]["id"];
$users_info['login'][$i] = $ud["login"];
$users_info['pass'][$i] = $ud["passwd"];
$users_info['nick'][$i] = $ud["nick"];
$users_info['city'][$i] = $ud["city"];
$users_info['sex'][$i] = make_gender_str($ud["gender"]);
$users_info['email'][$i] = $ud["email"];
$users_info['url'][$i] = $ud["url"];
$users_info['id'][$i] = $all_users[$i];
$users_info['date'][$i] = date_dmy($ud["regdate"]);
$users_info['rang'][$i] = $ud["rang"];
$fud = get_forum_user_data($all_users[$i]);
$users_info['count'][$i] = $fud["count"];
//echo($list[$i]["id"]."==($i)".$CURRENT_USER["id"]."<br>");
if ($list[$i]["id"] == $CURRENT_USER["id"]) {
$usr_id = $i;
}
$users_info['raiting'][$i] = $ud["raiting"];
$users_info['rights'][$i] = $ud["level"];
$users_info['sign'][$i] = $ud["signature"];
$users_info['info'][$i] = $ud["info"];
}
"</small></li>
<?php
}
}
?>
</td></tr>
<?php
}
?>
<?php
for ($i = 0; $i < $ncnt; ++$i) {
if ($MDL->IsModuleExists("users")) {
$MDL->Load("users");
$USR = new CUsers($DIRS["users_data"], $DIRS["users_list"], $DIRS["users_private"], $DIRS["users_groups"], $DIRS["users_online"]);
$USR->SetSeparators($GV["sep1"], $GV["sep2"]);
$authorselect = "<select name=authorsnew[] style=\"width:100%\">";
$udata = $USR->GetUsers();
for ($j = 0; $j < count($udata); ++$j) {
if ($USR->GetUserLevel($udata[$j]["id"]) < $CURRENT_USER["level"]) {
$authorselect .= "<option value=\"" . $udata[$j]["id"] . "\">" . $udata[$j]["nick"] . "</option>";
}
}
$authorselect .= "<option value=\"" . $CURRENT_USER["id"] . "\" selected>" . $CURRENT_USER["nick"] . "</option>";
$authorselect .= "</select>";
} else {
$authorselect = "root";
}
?>
<tr><td class=tbl1>
<?php
OUT("{$i}: " . $list[$i]["login"] . "<br>");
?>
<?php
}
// }
}
// }
} else {
include SK_DIR . "/users.php";
}
} else {
if (!file_exists(SK_DIR . "/userssbar.php")) {
// skin doesn't support this module admin, let's draw all by ourself
// {
$USR = new CUsers($DIRS["users_data"], $DIRS["users_list"], $DIRS["users_private"], $DIRS["users_groups"], $DIRS["users_online"]);
$list = $USR->GetUsers();
$week = 0;
$month = 0;
$day = 0;
for ($i = 0; $i < count($list); ++$i) {
if (time() - 24 * 60 * 60 < $list[$i]["regdate"]) {
$day++;
}
if (time() - 24 * 60 * 60 * 7 < $list[$i]["regdate"]) {
$week++;
}
if (time() - 24 * 60 * 60 * 30 < $list[$i]["regdate"]) {
$month++;
}
}
$mz['database']['password'] = '******';
$mz['database']['driver_options'] = array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'UTF8'");
//Header
$movie = new CMovies($mz['database']);
$showSearchBar = $movie->searchHeader();
$mz['header'] = <<<EOD
<div id="heading">
\t<img id="logo" src="images/logo.png" alt="logo-moviezone">
\t<h2 id="slogan">DIN FILMBUTIK PÅ NÄTET</h2>
\t<nav>
\t\t{$showSearchBar}
\t\t<a href="hem.php">Hem</a>
\t\t<a href="filmer.php">Filmer</a>
\t\t<a href="nyheter.php">Nyheter</a>
\t\t<a href="omoss.php">Om Oss</a>
\t</nav>
</div>
EOD;
//Footer
$login = new CUsers($mz['database']);
$showLogin = $login->showLogin();
$mz['footer'] = <<<EOD
<div id="footerContent">
\t<a href="http://validator.w3.org/unicorn/check?ucn_uri=referer&ucn_task=conformance">Unicorn</a>
\t{$showLogin}
\t<p>Copyright 2015 - MovieZone</p>
</div>
EOD
;
<?php
/**
* MZ 404-sida
*
*/
// Inkludera config-filen
include __DIR__ . '/config.php';
//Skydda sidan med loginfunktioner
$login = new CUsers($mz['database']);
$login->loginProtected();
//samt erbjud logout
$login->logout();
// Koppla upp till databasen
$db = new CMovies($mz['database']);
$db->updateMovie();
$edit = $db->editMovie();
// Skapa nödvändigt innehåll och spara i mz-variabeln
$mz['title'] = "Film";
$mz['main'] = <<<EOD
<div class="container">
\t<h1>Editering av Film</h1>
\t{$edit}
</div>
EOD;
// När alla variabler är satta, inkludera templaten
include MZ_THEME_PATH;
<?php
/**
* MZ 404-sida
*
*/
// Inkludera config-filen
include __DIR__ . '/config.php';
//Erbjud logout om inloggad
$login = new CUsers($mz['database']);
$login->logout();
// Koppla upp till databasen
$db = new CBlog($mz['database']);
$thePost = $db->showPost();
// Skapa nödvändigt innehåll och spara i mz-variabeln
$mz['title'] = "Nyheter";
$mz['main'] = <<<EOD
<div class="container">
\t{$thePost}
</div>
EOD;
// När alla variabler är satta, inkludera templaten
include MZ_THEME_PATH;
function is_group_allowed($group, $uid)
{
global $GV, $CURRENT_USER, $MDL, $DIRS;
if (_isroot()) {
return true;
}
$MDL->Load("users");
$USR = new CUsers($DIRS["users_data"], $DIRS["users_list"], $DIRS["users_private"], $DIRS["users_groups"], $DIRS["users_online"]);
$USR->SetSeparators($GV["sep1"], $GV["sep2"]);
$gdata = $USR->GetGroupData($group);
return $CURRENT_USER["level"] >= $gdata["level"] || $CURRENT_USER["id"] == $uid;
}
//----------EDIT-----------//
//-------------------------//
//-------------------------//
//----------EDIT-----------//
//-------------------------//
case "edit":
global $MDL;
$news_info = $news->get_news_info($id);
$fulltext = $news->get_news_text($id);
$author = $news_info["name"];
if (!isset($editor)) {
$editor = "html";
}
if ($MDL->IsModuleExists("users")) {
$MDL->Load("users");
$USR = new CUsers($DIRS["users_data"], $DIRS["users_list"], $DIRS["users_private"], $DIRS["users_groups"], $DIRS["users_online"]);
$USR->SetSeparators($GV["sep1"], $GV["sep2"]);
if ($USR->GetUserLevel($author) < $CURRENT_USER["level"] || $author == $CURRENT_USER["id"]) {
$authorselect = "<select name=art style=\"width:100%\">";
$udata = $USR->GetUsers();
for ($j = 0; $j < count($udata); ++$j) {
if ($udata[$j]["id"] == $author) {
$sel = " selected";
} else {
$sel = "";
}
if ($USR->GetUserLevel($udata[$j]["id"]) < $CURRENT_USER["level"] || $udata[$j]["id"] == $CURRENT_USER["id"]) {
$authorselect .= "<option value=\"" . $udata[$j]["id"] . "\"{$sel}>" . $udata[$j]["nick"] . "</option>";
}
}
$authorselect .= "</select>";
<?php
/**
* MZ 404-sida
*
*/
// Inkludera config-filen
include __DIR__ . '/config.php';
//Skydda sidan med loginfunktioner
$login = new CUsers($mz['database']);
$login->loginProtected();
//samt erbjud logout
$login->logout();
// Koppla upp till databasen
$userForm = $login->createUser();
$userFormUpdate = $login->updateUser();
// Skapa nödvändigt innehåll och spara i mz-variabeln
$mz['title'] = "Användare";
$mz['main'] = <<<EOD
<div class="container">
\t<h1>Skapa Användare</h1>
\t{$userForm}
\t{$userFormUpdate}
</div>
EOD;
// När alla variabler är satta, inkludera templaten
include MZ_THEME_PATH;
