static function news_feed()
{
$p = plugins::getinst();
header("Content-type: text/xml");
echo "<?xml version=\"1.0\"?>";
echo "<rss version=\"2.0\">";
echo "<channel>";
echo "<title>News di OpenGdr </title>";
echo "<link>http://mtgforum.altervista.org/</link>";
echo "<description>News di opengdr</description>";
echo "<copyright>Copyright 2009 Bacis Marco </copyright>\n";
echo "<docs>http://blogs.law.harvard.edu/tech/rss</docs>\n";
echo "<managingEditor>" . config::email . "</managingEditor>\n";
echo "<webMaster>" . config::email . "</webMaster>\n";
echo "<language>IT-it</language>\n";
$newss = $p->d->getresults('SELECT * FROM news ORDER BY id DESC;');
foreach ($newss as $news) {
$data = explode(' ', $news->date);
$data = $data[0];
$text = stripslashes(htmlentities(substr($news->text, 0, 50)));
$text = str_replace('<', '', $text);
$text = str_replace('>', '', $text);
echo "<item>\r\n\t\t<title>Aggiornamento del " . $data . "</title>\r\n\t\t<pubDate>" . $news->date . "</pubDate>\r\n\t\t<link>http://mtgforum.altervista.org/</link>\r\n\t\t<description>" . $text . "...</description>\r\n\t\t</item>\n";
}
echo "</channel></rss>";
}
static function mod_pg($pg)
{
$p = plugins::getinst();
$user = $p->d->getrow('SELECT * FROM users WHERE name="' . $pg . '";');
if ($user->account_id == $_SESSION['datiaccount']['id']) {
$t = new template('template/mod_pg.tpl');
$t->assign_var('PG_NAME', $pg);
if ($_POST) {
$query = 'UPDATE users SET description="' . $_POST['desc'] . '",image="' . $_POST['image'] . '" WHERE name="' . $pg . '";';
$upd = $p->d->query($query);
if (!$upd) {
$t->start_block('mod_failed');
$t->end_block('mod_failed');
} else {
$t->start_block('mod_success');
$t->end_block('mod_success');
}
} else {
$t->start_block('mod_failed');
$t->end_block('mod_failed');
}
$p->action('mod_pg');
$t->out();
}
}
static function guestbook_page()
{
$p = plugins::getinst();
$t = new template('template/guestbook.tpl');
//Eseguo l'azione "guestbook_page"
$p->action('guestbook_page');
//Se il messaggio non è vuoto
if (!empty($_POST['message'])) {
//Variabili
$username = mysql_real_escape_string(htmlentities($_POST['username']));
$text = mysql_real_escape_string(htmlentities($_POST['message']));
//Imposto un filtro sul messaggio
$text = $p->filter('guestbook_message_send', $text);
//Eseguo la query e ne controllo l'esito
$query = 'INSERT INTO guestbook SET username="******",text="' . $text . '",time=NOW();';
if ($p->d->query($query)) {
$t->block_null('new_success');
}
}
//Eseguo la query per selezionare tutti i messaggi
$select = 'SELECT * FROM guestbook ORDER BY time DESC;';
$messaggi = $p->d->getresults($select);
//Aggiungo i messaggi al template
foreach ($messaggi as $m) {
$t->block_assign('message', array('USERNAME' => $m->username, 'MESSAGE' => $m->text));
}
$t->out();
}
static function master_adm_page()
{
global $t;
$p = plugins::getinst();
//controllo che l'utente sia master
control_access(MASTER_ACCESS) != 1 ? header('Location: ../logout') : NULL;
$t = new template('template/master.tpl');
//eseguo l'azione master_menu
$p->action('master_menu');
@$t->out();
}
function online()
{
$p = plugins::getinst();
$t = new template('template/online.tpl');
//seleziono distintamente le stanze dove si trovano i pg
$stanze = $p->d->getresults('SELECT DISTINCT chat_name,chat_id FROM sessioni GROUP BY chat_id ASC;');
//per ogni stanza aggiungo al template i pg presenti
for ($i = 0; $i < count($stanze); $i++) {
$chat = $stanze[$i];
$t->start_block('online_chat');
$t->assign_block_vars(array('CHAT_ID' => $chat->chat_id, 'CHAT_NAME' => $chat->chat_name));
$users = $p->d->getcol('SELECT pg_id FROM sessioni WHERE chat_id="' . $chat->chat_id . '";');
foreach ($users as $user) {
$username = $p->d->getvar('SELECT name FROM users WHERE id="' . $user . '";');
$t->start_block('online_row');
$t->assign_block_var('USERNAME', $username);
$t->end_block('online_row');
}
$t->end_block('online_chat');
}
@$t->out();
}
static function password_rec()
{
$p = plugins::getinst();
$t = new template('template/rec_password.tpl');
//se è stata scritta in POST l'email
if ($_POST['mail']) {
$mail = mysql_real_escape_string($_POST['mail']);
//controllo che si trovi nel database
$user = $p->d->getrow('SELECT * FROM accounts WHERE email="' . $mail . '";');
if ($user) {
//creo la nuova password
$lettere = array('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '$', '£');
for ($i = 0; $i < 8; $i++) {
$password .= $lettere[rand(0, 65)];
}
$to = $user->email;
$object = "Recupero password di " . $user->username . " su " . config::game_name . " .";
$text = 'Questa mail ti é stata inviata perché hai richiesto il recupero della tua password per il login al gioco.
<br/><br/>Username:'******'<br/>Password Nuova:' . htmlentities($password) . '<br/>
Ti ricordiamo di cambiarla ogni 6 mesi e di usare caratteri alfanumerici, maiuscole e segni in modo da renderla più sicura.';
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'To:' . $user->username . '<"' . $user->email . '">' . "\r\n";
$headers .= 'From: ' . config::game_name . '' . "\r\n";
if (!mail($to, $object, $text, $headers)) {
$t->block_null('rec_password_failed');
} else {
$t->block_null('rec_password_success');
$p->d->query('UPDATE accounts SET password="******" WHERE id="' . $user->id . '";');
}
} else {
$t->block_null('rec_password_failed');
}
} else {
$t->block_null('rec_password_form');
}
$t->out();
}
static function account_edit($what = NULL, $pg_id = NULL)
{
$p = plugins::getinst();
if ($what != NULL && $_REQUEST['value'] != NULL && $pg_id != NULL) {
$new = mysql_real_escape_string($_REQUEST['value']);
$user = $p->d->getrow('SELECT * FROM users WHERE id="' . $pg_id . '";');
if ($user->account_id == $_SESSION['datiaccount']['id']) {
switch ($what) {
case 'surname':
$p->d->query('UPDATE users SET surname="' . $new . '" WHERE id="' . $pg_id . '";') or die('modifica non effettuata!');
break;
case 'description':
$p->d->query('UPDATE users SET description="' . nl2br(htmlspecialchars($new)) . '" WHERE id="' . $pg_id . '";') or die('modifica non effettuata!');
break;
default:
break;
}
}
echo $new;
}
}
static function mp_view($id = 0)
{
global $t;
$p = plugins::getinst();
$t = new template('template/mp_view.tpl');
$mess = $p->d->getrow('SELECT * FROM messaggi WHERE id="' . $id . '" AND (mittente="' . $_SESSION['datiuser']['id'] . '" OR dest="' . $_SESSION['datiuser']['id'] . '");');
if (!$mess) {
$t->to_comp['if_message_dont_exist'][0] = array();
$p->action('mp_view_error');
} else {
$t->to_comp['if_message_exist'][0] = array();
$t->assign_vars(array('TIME' => $mess->time, 'FROM' => $p->d->getvar('SELECT name FROM users WHERE id="' . $mess->mittente . '";'), 'TO' => $p->d->getvar('SELECT name FROM users WHERE id="' . $mess->dest . '";'), 'TEXT' => stripslashes($mess->text)));
if ($mess->dest == $_SESSION['datiuser']['id']) {
$t->to_comp['if_message_exist'][0]['if_message_arrived'][0] = array();
$p->d->query('UPDATE messaggi SET letto=1 WHERE id="' . $mess->id . '";');
}
$p->action('mp_view');
}
@$t->out();
}
static function chat_add()
{
global $t;
$p = plugins::getinst();
$t = new template('template/new_chat.tpl');
$access = control_access(ADMIN_ACCESS);
if (!$access) {
$t->to_comp['not_admin'][] = array();
$t->out();
exit;
}
$name = mysql_real_escape_string($_POST['name']);
$img = mysql_real_escape_string($_POST['img']);
$desc = mysql_real_escape_string($_POST['desc']);
$query = 'INSERT INTO stanze SET name="' . $name . '",image="' . $img . '",description="' . $desc . '";';
$new = $p->d->query($query);
if (!$new) {
$t->to_comp['is_admin'][0]['new_failed'][] = array();
} else {
$t->to_comp['is_admin'][0]['new_success'][] = array();
}
$p->action('chat_new');
$t->out();
}
static function edit_post($forum_id = 0, $id = 0)
{
$p = plugins::getinst();
if ($id != 0) {
$t = new template('template/forum_message.tpl');
$t->assign_var('FORUM_ID', $forum_id);
//controllo se la bacheca è riservata al master e in caso controllo che l'utente lo sia
if ($p->d->getvar('SELECT master FROM forums WHERE id="' . $forum_id . '";') == 1 && control_access(MASTER_ACCESS) != 1) {
$t->start_block('access_denied');
$t->end_block('access_denied');
} else {
$post = $p->d->getrow('SELECT * FROM posts WHERE id="' . $id . '"');
if (!$_POST) {
$t->start_block('message_form');
if ($post->title != NULL && $post->topic_id == 0) {
$t->block_assign('is_topic', 'TOPIC_TITLE', $post->title);
}
$t->assign_block_var('TEXT', $post->text);
$t->assign_block_var('SUBMIT_TEXT', 'modifica messaggio');
$t->assign_block_var('ACTION', '{ROOT}/plugins.php/edit_post/' . $forum_id . '/' . $id);
$t->end_block('message_form');
} else {
if (isset($_POST['title'])) {
$title = mysql_real_escape_string(htmlentities($_POST['title']));
} else {
$title = $post->title;
}
$text = $p->filter('topic_message_edited', mysql_real_escape_string(htmlentities($_POST['text'])));
$query = 'UPDATE posts SET title="' . $title . '",text="' . $text . '" WHERE id="' . $id . '"';
$res = $p->d->query($query);
if ($res > 0) {
$t->block_assign('success', 'TEXT_SUCCESS', 'Messaggio modificato!');
} else {
$t->block_assign('failed', 'TEXT_FAILED', 'Messaggio NON modificato: ' . mysql_error());
}
}
}
$t->out();
}
}
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
session_start();
include 'class.db.php';
include 'config.php';
include 'functions.php';
include 'class.template.php';
include 'class.plugins.php';
//Istanzio le classi
$d = new db(config::db_user, config::db_password, config::db_host, config::db_name);
$t = new template('template/index_body.tpl');
$p = plugins::getinst();
function __autoload($name)
{
global $d;
$plugin_file = $d->getvar('SELECT file FROM plugins WHERE name="' . $name . '" AND active=1;');
include_once $plugin_file . '.php';
}
//Eseguo l'azione "index"
$p->action('index');
//Visualizzo l'output del template
$t->out();
static function send_chat($time = 0)
{
$p = plugins::getinst();
if ($_POST) {
$text = $p->filter('chat_message_send', mysql_real_escape_string(htmlspecialchars($_POST['text'])));
$query = 'INSERT INTO messaggi_chat SET user="******",text="' . $text . '",time="' . $time . '",chat_id="' . $_SESSION['stanza'] . '";';
$p->d->query($query);
}
}
static function logout()
{
$p = plugins::getinst();
$t = new template('template/logout.tpl');
//Elimino l'utente dalle sessioni
$query = 'DELETE FROM sessioni WHERE session_id="' . session_id() . '";';
$p->d->query($query);
//Elimino le variabili di sessione resettando $_SESSION
$_SESSION = array();
$t->start_block('logout');
//Eseguo l'azione "logout"
$p->action('logout');
$t->end_block('logout');
$t->out();
}
