<?php
ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\User;
use NERDZ\Core\System;
$user = new User();
ob_start(array('NERDZ\\Core\\Utils', 'minifyHTML'));
if (!$user->isLogged()) {
die($user->lang('REGISTER'));
}
$vals = [];
$vals['tok_n'] = NERDZ\Core\Security::getCsrfToken('edit');
$longlangs = System::getAvailableLanguages(1);
$vals['langs_a'] = [];
$i = 0;
foreach ($longlangs as $id => $val) {
$vals['langs_a'][$i]['longlang_n'] = $val;
$vals['langs_a'][$i]['shortlang_n'] = $id;
++$i;
}
$vals['mylang_n'] = $user->getLanguage($_SESSION['id']);
$vals['myboardlang_n'] = $user->getBoardLanguage($_SESSION['id']);
$user->getTPL()->assign($vals);
$user->getTPL()->draw('preferences/language');
<?php
ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\User;
use NERDZ\Core\Config;
use NERDZ\Core\System;
$user = new User();
ob_start(array('NERDZ\\Core\\Utils', 'minifyHTML'));
if (!$user->isLogged()) {
die($user->lang('REGISTER'));
}
$vals = [];
$vals['tok_n'] = NERDZ\Core\Security::getCsrfToken('edit');
$vals['themes_a'] = [];
$i = 0;
$templates = System::getAvailableTemplates();
foreach ($templates as $val) {
$vals['themes_a'][$i]['tplno_n'] = $val['number'];
$vals['themes_a'][$i]['tplname_n'] = $val['name'];
++$i;
}
$vals['mytplno_n'] = $user->getTemplate($_SESSION['id']);
$vals['mobile_b'] = User::isOnMobileHost();
$user->getTPL()->assign($vals);
$user->getTPL()->draw('preferences/themes');
$vals = [];
function sortbyusername($a, $b)
{
return strtolower($a) < strtolower($b) ? -1 : 1;
}
$vals['photo_n'] = $info->photo;
$vals['website_n'] = $info->website;
$vals['name_n'] = $info->name;
$mem = $project->getMembers($info->counter);
$vals['members_n'] = count($mem);
$vals['members_a'] = [];
foreach ($mem as &$uid) {
$uid = User::getUsername($uid);
}
$vals['members_a'] = $mem;
usort($vals['members_a'], 'sortbyusername');
$vals['tok_n'] = NERDZ\Core\Security::getCsrfToken('edit');
$vals['id_n'] = $info->counter;
$vals['description_a'] = explode("\n", $info->description);
foreach ($vals['description_a'] as &$val) {
$val = trim($val);
}
$vals['goal_a'] = explode("\n", $info->goal);
foreach ($vals['goal_a'] as &$val) {
$val = trim($val);
}
$vals['openproject_b'] = $project->isOpen($info->counter);
$vals['visibleproject_b'] = $info->visible;
$vals['privateproject_b'] = $info->private;
$user->getTPL()->assign($vals);
$user->getTPL()->draw('preferences/projects/manage');
use NERDZ\Core\Utils;
$validFields = ['username', 'name', 'surname', 'birth_date', 'last', 'counter', 'registration_time'];
$limit = isset($_GET['lim']) ? NERDZ\Core\Security::limitControl($_GET['lim'], 20) : 20;
$order = isset($_GET['desc']) && $_GET['desc'] == 1 ? 'DESC' : 'ASC';
$q = empty($_GET['q']) ? '' : htmlspecialchars($_GET['q'], ENT_QUOTES, 'UTF-8');
$orderby = isset($_GET['orderby']) ? NERDZ\Core\Security::fieldControl($_GET['orderby'], $validFields, 'username') : 'username';
$user = new User();
$i = 0;
$ret = [];
foreach ($users as $fid) {
$ret[$i] = $user->getBasicInfo($fid);
$ret[$i]['since_n'] = $dateExtractor($fid, $ret[$i]['since_n']);
++$i;
}
usort($ret, 'NERDZ\\Core\\Utils::sortByUsername');
$myvals = [];
$myvals['list_a'] = $ret;
$startFrom = 0;
if (!is_numeric($limit)) {
$matches = [];
preg_match('/\\d+$/', $limit, $matches);
if (isset($matches[0])) {
$startFrom = $matches[0];
}
}
$myvals['displayedusers_n'] = count($ret) + $startFrom;
$myvals['totalusers_n'] = $total;
$myvals['type_n'] = $type;
NERDZ\Core\Security::setNextAndPrevURLs($myvals, $limit, ['order' => $order, 'query' => $q, 'field' => empty($_GET['orderby']) ? '' : $_GET['orderby'], 'validFields' => $validFields]);
$user->getTPL()->assign($myvals);
return $user->getTPL()->draw('base/userslist', true);
$conv = null;
if (isset($_POST['start']) && isset($_POST['num']) && is_numeric($_POST['start']) && is_numeric($_POST['num'])) {
$conv = $pms->readConversation($from, $to, false, $_POST['num'], $_POST['start']);
} else {
if (isset($_POST['pmid']) && is_numeric($_POST['pmid'])) {
$conv = $pms->readConversation($from, $to, $_POST['pmid']);
} else {
$conv = $pms->readConversation($from, $to);
}
}
$doShowForm = !isset($_POST['pmid']) && (!isset($_POST['start']) || $_POST['start'] == 0) && !isset($_POST['forceNoForm']);
if (!$doShowForm && empty($conv)) {
die;
}
$vals['toid_n'] = $_SESSION['id'] != $to ? $to : $from;
$vals['to_n'] = User::getUsername($vals['toid_n']);
if (!$vals['to_n']) {
die($user->lang('ERROR'));
}
$vals['list_a'] = $conv;
$vals['pmcount_n'] = $pms->count($from, $to);
$vals['needmorebtn_b'] = $doShowForm && $vals['pmcount_n'] > 10;
$vals['needeverymsgbtn_b'] = $doShowForm && $vals['pmcount_n'] > 20;
$vals['showform_b'] = $doShowForm;
$user->getTPL()->assign($vals);
$user->getTPL()->draw('pm/conversation');
break;
default:
die($user->lang('ERROR'));
break;
}
}
$vals = [];
$vals['interests_a'] = explode("\n", $obj->interests);
foreach ($vals['interests_a'] as &$val) {
$val = trim($val);
}
$vals['biography_n'] = $obj->biography;
$vals['quotes_a'] = explode("\n", $obj->quotes);
foreach ($vals['quotes_a'] as &$val) {
$val = trim($val);
}
$vals['website_n'] = $obj->website;
$vals['jabber_n'] = $obj->jabber;
$vals['yahoo_n'] = $obj->yahoo;
$vals['facebook_n'] = $obj->facebook;
$vals['twitter_n'] = $obj->twitter;
$vals['steam_n'] = $obj->steam;
$vals['skype_n'] = $obj->skype;
$vals['github_n'] = $obj->github;
$vals['userscript_n'] = $obj->userscript;
$vals['closedprofile_b'] = $user->hasClosedProfile($_SESSION['id']);
$vals['canshowwhitelist_b'] = $vals['closedprofile_b'];
$wl = $user->getWhitelist($_SESSION['id']);
$i = 0;
foreach ($wl as &$val) {
$vals['whitelist_a'][$i++] = User::getUsername($val);
}
$vals['tok_n'] = NERDZ\Core\Security::getCsrfToken('edit');
$vals['dateformat_n'] = $obj->dateformat;
$user->getTPL()->assign($vals);
$user->getTPL()->draw('preferences/profile');
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Comments;
use NERDZ\Core\User;
$user = new User();
$message = new Comments();
if (!$user->isLogged() || empty($_GET['message'])) {
$_GET['message'] = $user->lang('ERROR');
}
$vals = [];
$vals['message_n'] = $message->bbcode($message->parseQuote(htmlspecialchars($_GET['message'], ENT_QUOTES, 'UTF-8')));
$user->getTPL()->assign($vals);
$user->getTPL()->draw('base/preview');
die($user->lang('REGISTER'));
}
switch (isset($_GET['action']) ? strtolower($_GET['action']) : '') {
case 'get':
$hcid = isset($_POST['hcid']) && is_numeric($_POST['hcid']) ? $_POST['hcid'] : false;
if (!$hcid) {
die($user->lang('ERROR') . ': no hcid');
}
$vals = [];
$vals['list_a'] = $comments->get($hcid, $prj);
$vals['showform_b'] = false;
$vals['needmorebtn_b'] = false;
$vals['commentcount_n'] = 0;
$vals['hpid_n'] = 0;
$vals['onerrorimgurl_n'] = System::getResourceDomain() . '/static/images/red_x.png';
$user->getTPL()->assign($vals);
$user->getTPL()->draw(($prj ? 'project' : 'profile') . '/comments');
break;
case 'show':
$hpid = isset($_POST['hpid']) && is_numeric($_POST['hpid']) ? $_POST['hpid'] : false;
if (!$hpid) {
die($user->lang('ERROR') . ': no hpid');
}
$_list = null;
if (isset($_POST['start']) && isset($_POST['num']) && is_numeric($_POST['start']) && is_numeric($_POST['num'])) {
$_list = $comments->getLastComments($hpid, $_POST['num'], $_POST['start'], $prj);
} else {
if (isset($_POST['hcid']) && is_numeric($_POST['hcid'])) {
$_list = $comments->getCommentsAfterHcid($hpid, $_POST['hcid'], $prj);
} else {
$_list = $comments->getAll($hpid, $prj);
<?php
ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\User;
use NERDZ\Core\Db;
$user = new User();
ob_start(array('NERDZ\\Core\\Utils', 'minifyHTML'));
if (!$user->isLogged()) {
die($user->lang('REGISTER'));
}
if (!($o = Db::query(['SELECT "private" FROM "users" WHERE "counter" = :id', [':id' => $_SESSION['id']]], Db::FETCH_OBJ))) {
die($user->lang('ERROR'));
}
$vals['private_b'] = $o->private;
$vals['tok_n'] = NERDZ\Core\Security::getCsrfToken('edit');
$user->getTPL()->assign($vals);
$user->getTPL()->draw('preferences/guests');
<?php
if (!isset($id)) {
die('$id required');
}
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Project;
use NERDZ\Core\User;
use NERDZ\Core\Db;
use NERDZ\Core\Utils;
$user = new User();
$prj = isset($prj);
$entity = $prj ? new Project() : new User();
$limit = isset($_GET['lim']) ? NERDZ\Core\Security::limitControl($_GET['lim'], 20) : 20;
$order = isset($_GET['desc']) && $_GET['desc'] == 1 ? 'DESC' : 'ASC';
$myvals = [];
$myvals['me_n'] = $_SESSION['id'];
$myvals['list_a'] = $entity->getInteractions($id, $limit);
if ($prj) {
$myvals['to_n'] = Project::getName($id);
$myvals['to4link_n'] = Utils::projectLink($myvals['to_n']);
} else {
$myvals['to_n'] = $myvals['to4link_n'] = '';
}
$validFields = ['time'];
NERDZ\Core\Security::setNextAndPrevURLs($myvals, $limit, ['order' => $order, 'field' => empty($_GET['orderby']) ? '' : $_GET['orderby'], 'validFields' => $validFields]);
$user->getTPL()->assign($myvals);
return $user->getTPL()->draw(($prj ? 'project' : 'profile') . '/interactions', true);
use NERDZ\Core\Config;
use NERDZ\Core\Messages;
$project = new Project($gid);
$messages = new Messages();
$user = new User();
$vals = [];
$enter = true;
$vals['logged_b'] = $user->isLogged();
$vals['singlepost_b'] = isset($pid) && isset($gid) && is_numeric($pid);
$vals['followers_b'] = isset($action) && $action == 'followers';
$vals['members_b'] = isset($action) && $action == 'members';
$vals['interactions_b'] = isset($action) && $action == 'interactions';
if ($info->private && !$vals['logged_b'] || !$info->visible && !$vals['logged_b'] || $vals['interactions_b'] && !$vals['logged_b']) {
$included = true;
require_once $_SERVER['DOCUMENT_ROOT'] . '/pages/register.php';
$user->getTPL()->assign($vals);
require_once $_SERVER['DOCUMENT_ROOT'] . '/pages/common/vars.php';
$user->getTPL()->draw('project/private');
} else {
$mem = $project->getMembers($info->counter);
$icansee = true;
if ($vals['logged_b'] && !$info->visible) {
$icansee = $_SESSION['id'] == $project->getOwner() || in_array($_SESSION['id'], $mem);
}
if (!$icansee) {
$user->getTPL()->assign($vals);
require_once $_SERVER['DOCUMENT_ROOT'] . '/pages/common/vars.php';
$user->getTPL()->draw('project/invisible');
} else {
$vals['photo_n'] = !empty($info->photo) ? Utils::getValidImageURL($info->photo) : 'https://www.gravatar.com/avatar/';
$vals['onerrorimgurl_n'] = '/static/images/onErrorImg.php';
<?php
ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Pms;
use NERDZ\Core\User;
$user = new User();
ob_start(array('NERDZ\\Core\\Utils', 'minifyHTML'));
if (!$user->isLogged()) {
die($user->lang('REGISTER'));
}
$pms = new Pms();
$vals = [];
$vals['list_a'] = $pms->getList();
$user->getTPL()->assign($vals);
$user->getTPL()->draw('pm/inbox');
<?php
ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Notification;
use NERDZ\Core\User;
ob_start(array('NERDZ\\Core\\Utils', 'minifyHTML'));
$user = new User();
$notification = new Notification();
// group notification by default
if ($user->isLogged()) {
$vals = [];
$vals['list_a'] = $notification->show('all', !isset($_POST['doNotDelete']));
if (!count($vals['list_a'])) {
$vals['list_a'] = $notification->story();
} else {
$notification->updateStory($vals['list_a']);
}
$user->getTPL()->assign($vals);
$user->getTPL()->draw('profile/notify');
} else {
echo $user->lang('REGISTER');
}
}
if (!($key = Db::query(['SELECT counter FROM reset_requests WHERE token = :token AND "to" = :to AND remote_addr = :remote_addr', [':remote_addr' => $_SERVER['REMOTE_ADDR'], ':token' => $token, ':to' => $obj->counter]], Db::FETCH_OBJ))) {
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . '(4): ' . $user->lang('TRY_LATER')));
}
$vals['reseturl_n'] = 'http://' . Config\SITE_HOST . '/reset.php?tok=' . $token . '&id=' . $key->counter;
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/vendor/autoload.php';
try {
$mail = new PHPMailer();
$mail->IsSMTP();
$mail->SMTPAuth = true;
$mail->Host = 'tls://' . trim(Config\SMTP_SERVER) . ':' . trim(Config\SMTP_PORT);
$mail->Username = Config\SMTP_USER;
$mail->Password = Config\SMTP_PASS;
$mail->SetFrom(Config\SMTP_USER, Config\SITE_NAME);
$mail->Subject = $user->lang('RESET_YOUR_PASSWORD');
$user->getTPL()->assign($vals);
$mail->MsgHTML($user->getTPL()->draw("langs/{$user->getLanguage()}/reset-mail", true));
$mail->AddAddress($email);
if ($mail->Send()) {
die(NERDZ\Core\Utils::jsonResponse('ok', 'OK'));
}
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': ' . $mail->ErrorInfo));
} catch (phpmailerException $e) {
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': ' . $e->errorMessage() . "\n contact support@nerdz.eu or retry"));
}
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': contact support@nerdz.eu or retry'));
} else {
if ($password !== false && $token !== false && $key !== false) {
//3rd step
switch (Security::passwordControl($password)) {
case 'PASSWORD_SHORT':
