/**
$a[0] = $_SERVER['REQUEST_URI'];
//$a[1] = '<script>alert(12313)</script>';
//$a[2] = '<script>alert(12313)</script>';
//$a[3] = '<script>alert(12313)</script>';
echo "<pre>";
echo $a[0];
print_r(DetectXSS($a));
echo "</pre>";
**/
function DetectXSS($val)
{
if (!is_array($val)) {
if (RemoveXSS($val) != $val) {
log(htmlspecialchars($val));
die('warning:found xss attack !');
}
} else {
foreach ($val as $k => $v) {
DetectXSS($v);
}
}
}
function cevapOy($deger, $userID, $cevapID)
{
global $yol1, $currentFile;
if (!empty($userID) && !empty($cevapID)) {
if (cevapOyVar($userID, $cevapID)) {
$sql2 = "UPDATE eo_askanswerrate \r\n\t\t\t\t\tSET degeri='{$deger}'\r\n\t\t\t\t\tWHERE userID='{$userID}' and cevapID='{$cevapID}'\t\t\t\t\t\r\n\t\t\t\t\t";
} else {
$sql2 = "INSERT INTO eo_askanswerrate \r\n\t\t\t\t\t(degeri,userID,cevapID)\r\n\t\t\t \t\tVALUES\r\n\t\t\t\t\t('{$deger}','{$userID}', '{$cevapID}')\r\n\t\t\t\t\t";
}
$result2 = mysql_query($sql2, $yol1);
if ($result2) {
echo "Oy verdiniz.";
trackUser($currentFile, "success,QuesVote", RemoveXSS($_SESSION["usern"]));
} else {
echo "Oy verilemedi!";
trackUser($currentFile, "fail,QuesVote", RemoveXSS($_SESSION["usern"]));
}
} else {
echo "Oy verilemedi!";
}
}
Demo Site: http://yunus.sourceforge.net/eogr
Source Track: http://eogr.googlecode.com
Support: http://www.ohloh.net/p/eogr
This project is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 3 of the License, or any later version. See the GNU
Lesser General Public License for more details.
*/
@session_start();
header("Content-Type: text/html; charset=iso-8859-9");
require "conf.php";
checkLoginLang(true, true, "askForFriendship2.php");
$kisi = RemoveXSS($_POST["kisi"]);
$kabul = RemoveXSS($_POST["kabul"]);
/*
baglan2: parametresiz,
veritabaný baðlantýsý
*/
function baglan2()
{
global $_host;
global $_username;
global $_password;
return @mysql_connect($_host, $_username, $_password);
}
if (!baglan2()) {
die("<font id='hata'> Lüften, 'veritabanı' <a href=install.php>kurulumunu (installation)</a> yapınız!</font>");
}
$yol1 = baglan2();
} else {
@unlink((string) $MW->getConfig->generic->avatar_path . $user['id'] . '.' . $ext);
}
}
}
}
} elseif ($_POST['deleteavatar'] == 1 && preg_match("/\\d+\\.\\w+/i", $_POST['avatarfile'])) {
if (@unlink((string) $MW->getConfig->generic->avatar_path . $_POST['avatarfile'])) {
$DB->query("UPDATE account_extend SET avatar=NULL WHERE account_id=?d LIMIT 1", $user['id']);
}
}
if (isset($_POST['profile']['g_id'])) {
unset($_POST['profile']['g_id']);
}
$_POST['profile']['signature'] = htmlspecialchars($_POST['profile']['signature']);
$DB->query("UPDATE account_extend SET ?a WHERE account_id=?d LIMIT 1", RemoveXSS($_POST['profile']), $user['id']);
redirect('index.php?n=account&sub=manage', 1);
} elseif ($_GET['action'] == 'changesecretq') {
if (check_for_symbols($_POST['secreta1']) == FALSE && check_for_symbols($_POST['secreta2']) == FALSE && $_POST[secretq1] != '0' && $_POST[secretq2] != '0' && isset($_POST[secreta1]) && isset($_POST[secreta2]) && strlen($_POST[secreta1]) > 4 && strlen($_POST[secreta2]) > 4 && $_POST['secreta1'] != $_POST['secreta2'] && $_POST['secretq1'] != $_POST['secretq2']) {
$DB->query("UPDATE account_extend SET secretq1=?,secretq2=?,secreta1=?,secreta2=? WHERE account_id=?d", strip_if_magic_quotes($_POST['secretq1']), strip_if_magic_quotes($_POST['secretq2']), strip_if_magic_quotes($_POST['secreta1']), strip_if_magic_quotes($_POST['secreta2']), $user['id']);
output_message('notice', '<b>' . $lang['changed_secretq'] . '</b><meta http-equiv=refresh content="4;url=index.php?n=account&sub=manage">');
} else {
output_message('alert', '<b>' . $lang['fail_change_secretq'] . '</b><meta http-equiv=refresh content="3;url=index.php?n=account&sub=manage">');
}
} elseif ($_GET['action'] == 'resetsecretq') {
if ($_POST['reset_secretq']) {
$DB->query("UPDATE account_extend SET secretq1='0',secretq2='0',secreta1='0',secreta2='0' WHERE account_id=?d", $user['id']);
output_message('notice', '<b>' . $lang['reset_succ_secretq'] . '</b><meta http-equiv=refresh content="4;url=index.php?n=account&sub=manage">');
}
} elseif ($_GET['action'] == 'change_gameplay') {
if ($_POST['switch_wow_type'] == 'wotlk') {
if (!empty($_GET['siraYap']) and $_GET["yonU"] != "dur" && $_GET['siraYap'] == "OK") {
$siraYonu = $_SESSION["siraYonu2"] == "desc" ? "asc" : "desc";
$_SESSION["siraYonu2"] = $siraYonu;
} else {
$siraYonu = $_SESSION["siraYonu2"];
}
}
$sirAlan = temizle(isset($_GET['order']) ? $_GET['order'] : "");
if ($sirAlan != "") {
$query_eoUsers = "SELECT eo_comments.id as id, eo_comments.konuID as konuID, eo_users.id as userID, eo_comments.active, eo_comments.comment, eo_comments.commentDate,eo_users.userName as userName, eo_4konu.konuAdi as konuAdi FROM eo_comments {$filtr2} ORDER BY {$sirAlan} {$siraYonu}";
} else {
$query_eoUsers = "SELECT eo_comments.id as id, eo_comments.konuID as konuID, eo_users.id as userID, eo_comments.active,eo_comments.comment, eo_comments.commentDate, eo_users.userName as userName, eo_4konu.konuAdi as konuAdi FROM eo_comments {$filtr2} ORDER BY eo_comments.commentDate DESC";
$sirAlan = "commentDate";
}
if (!empty($_GET["upd"]) and $_GET["upd"] == "1") {
$query_limit_eoUsers = "SELECT eo_comments.id as id, eo_comments.comment FROM eo_comments where id='" . RemoveXSS($_GET["id"]) . "'";
} else {
$query_limit_eoUsers = sprintf("%s LIMIT %d, %d", $query_eoUsers, $startRow_eoUsers, $maxRows_eoUsers);
}
$eoUsers = mysql_query($query_limit_eoUsers, $yol);
if (!$eoUsers) {
echo mysql_error();
}
$row_eoUsers = @mysql_fetch_assoc($eoUsers);
$totalRows_eoUsers = @mysql_num_rows($eoUsers);
if (isset($_GET['totalRows_eoUsers'])) {
$totalRows_eoUsers = $_GET['totalRows_eoUsers'];
} else {
$all_eoUsers = mysql_query($query_eoUsers);
$totalRows_eoUsers = @mysql_num_rows($all_eoUsers);
}
if (!$userid){
write_log("Someone is hacking shoutbox. - IP : ".getip(),'mod');
die($lang_shoutbox['text_no_permission_to_shoutbox']);
}
if ($_GET["toguest"]){
$type ='hb';
}else{
if(strpos($text,"@游客") > 0)
$type = 'hb';
else
$type = 'sb';
}
}
$date=sqlesc(time());
sql_query("INSERT INTO shoutbox (userid, date, text, type, ip) VALUES (" . sqlesc($userid) . ", $date, " . sqlesc(RemoveXSS($text)) . ", ".sqlesc($type).", ".sqlesc(getip()).")") or sqlerr(__FILE__, __LINE__);
file_put_contents("shoutbox_new.html",mysql_insert_id());
if ($memcache->get('robotname') == ''){
$robotname = sql_query("SELECT username from users where id=11") or sqlerr(__FILE__,__LINE__);
$robotname = mysql_fetch_array($robotname);
$memcache->set('robotname',$robotname[0],false,3600*24*7);
}
else
$robot = $memcache->get('robotname');
if (!$memcache->get('app_shoutbox_shoutup'))
{
if(preg_match( "/\[\@$robot\](.*?)(开奖|中奖|彩票)/",$text))
sendshoutbox("[@$CURUSER[username]]:最近一期的彩票是第".($memcache->get('drawid'))."期,中奖号码。。忘记了。。。[url=/lottery.php?action=drawlog]here,here~[/url]","","",$date+5);
elseif(preg_match( "/\[\@$robot\](.*?)(不|别|没|无|非)/",$text))
//sendshoutbox("[@$CURUSER[username]]:我不认识否定词哎,不明白你说的啥意思,不过我的意思是你说的话的意思可能不是本来的意思。要是一直没人喂我的话我就要自己去偷麦粒了(。·`ω´·)[url=steal.php]你偷过麦粒么[/url] ","","",$date+5);
begin_main_frame();
insert_compose_frame($postid, 'edit');
end_main_frame();
stdfoot();
die;
}
//-------- Action: Post
if ($action == "post") {
if ($CURUSER["forumpost"] == 'no') {
stderr($lang_forums['std_sorry'], $lang_forums['std_unauthorized_to_post'], false);
die;
}
$id = $_POST["id"];
$type = $_POST["type"];
$subject = RemoveXSS($_POST["subject"]);
$body = RemoveXSS(trim($_POST["body"]));
$onlyauthor = $_POST["onlyauthor"] + 0;
$hassubject = false;
switch ($type) {
case 'new':
check_whether_exist($id, 'forum');
$forumid = $id;
$hassubject = true;
break;
case 'reply':
check_whether_exist($id, 'topic');
$topicid = $id;
$forumid = get_single_value("topics", "forumid", "WHERE id=" . sqlesc($topicid));
break;
case 'quote':
check_whether_exist($id, 'topic');
//Vars
require_once '../include/functions.inc.php';
require_once '../include/globalvar.inc.php';
require_once '../include/dbinfo.inc.php';
require_once '../include/loginstate.inc.php';
$tid = $_POST['TopicID'];
//send comment
if (isset($name)) {
$content = $_POST['content'];
if (get_magic_quotes_gpc()) {
$name = stripslashes($name);
$tid = stripslashes($tid);
$content = stripslashes($content);
}
//$content= SafeHTML(UBB2HTML($content));
$content = RemoveXSS(UBB2HTML(strip_tags($content)));
$name = $pdo->quote($name);
$tid = $pdo->quote($tid);
$content = $pdo->quote($content);
$sql = $pdo->prepare("insert into tb_reply(TopicID,Name,content,Time,ip)\n\t\t\t\t\t\tvalues({$tid},{$name},{$content},now(),'127.0.0.1')");
if (!$sql->execute()) {
$pmstate = "0";
} else {
$sql = $pdo->prepare("UPDATE `{$DB_NAME}`.`tb_topic` SET `Lastreply_Time` = now(), `Lastreply_Name`= {$name}, `ReplyCount` = `ReplyCount`+1 WHERE `tb_topic`.`TopicID` = {$tid}");
$sql->execute();
$pmstate = "1";
}
}
echo $pmstate;
if ($hadLogin) {
echo "<script language='javascript'>\n";
/**
* 执行发布帖子
*/
public function doPost()
{
//检测用户是否被禁言
if ($isDisabled = model('DisableUser')->isDisableUser($this->mid, 'post')) {
return array('status' => 0, 'msg' => '您已经被禁言了');
}
if ($_GET['post_type'] == 'index') {
$type = false;
} else {
$type = true;
}
$weibaid = intval($_POST['weiba_id']);
if (!CheckPermission('weiba_normal', 'weiba_post')) {
$this->error('对不起,您没有权限进行该操作!', $type);
}
$is_lock = M('weiba_blacklist')->where('weiba_id=' . $weibaid . ' and uid=' . $this->mid)->find();
if ($is_lock) {
$this->error('您是黑名单用户没有发帖权限', $type);
}
$weibaid = intval($_POST['weiba_id']);
if (!$weibaid) {
$this->error('请选择微吧,等待返回选择微吧', $type);
}
$weiba = D('weiba')->where('weiba_id=' . $weibaid)->find();
//黑名单功能添加
if (!CheckPermission('core_admin', 'admin_login')) {
switch ($weiba['who_can_post']) {
case 1:
$map['weiba_id'] = $weibaid;
$map['follower_uid'] = $this->mid;
$res = D('weiba_follow')->where($map)->find();
if (!$res && !CheckPermission('core_admin', 'admin_login')) {
$this->error('对不起,您没有发帖权限,请关注该微吧!', $type);
}
break;
case 2:
$map['weiba_id'] = $weibaid;
$map['level'] = array('in', '2,3');
$weiba_admin = D('weiba_follow')->where($map)->order('level desc')->field('follower_uid')->findAll();
if (!in_array($this->mid, getSubByKey($weiba_admin, 'follower_uid')) && !CheckPermission('core_admin', 'admin_login')) {
$this->error('对不起,您没有发帖权限,仅限该吧管理员发帖!', $type);
}
break;
case 3:
$map['weiba_id'] = $weibaid;
$map['level'] = 3;
$weiba_admin = D('weiba_follow')->where($map)->order('level desc')->field('follower_uid')->find();
if ($this->mid != $weiba_admin['follower_uid'] && !CheckPermission('core_admin', 'admin_login')) {
$this->error('对不起,您没有发帖权限,仅限该吧吧主发帖!', $type);
}
break;
}
}
$checkContent = str_replace(' ', '', $_POST['content']);
$checkContent = str_replace('<br />', '', $checkContent);
$checkContent = str_replace('<p>', '', $checkContent);
$checkContent = str_replace('</p>', '', $checkContent);
$checkContents = preg_replace('/<img(.*?)src=/i', 'img', $checkContent);
$checkContents = preg_replace('/<embed(.*?)src=/i', 'img', $checkContents);
$checkContents = RemoveXSS($checkContents);
if (strlen(t($_POST['title'])) == 0) {
$this->error('帖子标题不能为空,等待返回添加标题', $type);
}
if (strlen(t($checkContents)) == 0) {
$this->error('帖子内容不能为空,等待返回添加内容', $type);
}
preg_match_all('/./us', t($_POST['title']), $match);
if (count($match[0]) > 25) {
//汉字和字母都为一个字
$this->error('帖子标题不能超过25个字,等待返回修改标题', $type);
}
/* # 帖子内容 */
$content = h($_POST['content']);
if (get_str_length($content) >= 20000) {
$this->error('帖子内容过长!无法发布!');
}
unset($content);
if ($_POST['attach_ids']) {
$attach = explode('|', $_POST['attach_ids']);
foreach ($attach as $k => $a) {
if (!$a) {
unset($attach[$k]);
}
}
$attach = array_map('intval', $attach);
$data['attach'] = serialize($attach);
}
$data['weiba_id'] = $weibaid;
$data['title'] = t($_POST['title']);
$data['content'] = h($_POST['content']);
$data['post_uid'] = $this->mid;
$data['post_time'] = time();
$data['last_reply_uid'] = $this->mid;
$data['last_reply_time'] = $data['post_time'];
$data['feed_id'] = 0;
/* # 格式化emoji */
$data['title'] = formatEmoji(true, $data['title']);
$data['content'] = formatEmoji(true, $data['content']);
$filterTitleStatus = filter_words($data['title']);
if (!$filterTitleStatus['status']) {
$this->error($filterTitleStatus['data'], $type);
}
$data['title'] = $filterTitleStatus['data'];
$filterContentStatus = filter_words($data['content']);
if (!$filterContentStatus['status']) {
$this->error($filterContentStatus['data'], $type);
}
$data['content'] = addslashes($filterContentStatus['data']);
$res = D('weiba_post')->add($data);
if ($res) {
D('Weiba')->setNewcount($weibaid);
D('weiba')->where('weiba_id=' . $data['weiba_id'])->setInc('thread_count');
//同步到分享
// $feed_id = D('weibaPost')->syncToFeed($res,$data['title'],t($checkContent),$this->mid);
$feed_id = model('Feed')->syncToFeed('weiba', $this->mid, $res);
D('weiba_post')->where('post_id=' . $res)->setField('feed_id', $feed_id);
//$this->assign('jumpUrl', U('weiba/Index/postDetail',array('post_id'=>$res)));
//$this->success('发布成功');
$result['id'] = $res;
$result['feed_id'] = $feed_id;
//添加积分
model('Credit')->setUserCredit($this->mid, 'publish_topic');
//更新发帖数
D('UserData')->updateKey('weiba_topic_count', 1);
if ($_GET['post_type'] == 'index') {
$this->success('发布成功');
} else {
return $this->ajaxReturn($result, '发布成功', 1);
}
} else {
$this->error('发布失败,等待返回修改发布', $type);
}
}
<td align="right" nowrap="nowrap"><?php
echo $metin[26];
?>
:</td>
<td><?php
echo $row_eoUsers['id'];
?>
</td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap"><label for="wall"> <?php
echo $metin[597];
?>
:</label></td>
<td bgcolor="#CCFFFF"><textarea name="wall" id="wall" cols="60" rows="8"><?php
echo RemoveXSS($row_eoUsers['duvarYazisi']);
?>
</textarea></td>
</tr>
<tr valign="baseline">
<td colspan="2" align="center" bgcolor="#CCFFFF" class="tabloAlt"><input type="submit" value="<?php
echo $metin[25];
?>
" />
<input name="geri" type="button" id="geri" onclick="location.href = "dataFriendActions.php";" value="<?php
echo $metin[28];
?>
" /></td>
</tr>
</table>
<input type="hidden" name="MM_update" value="form3" />
}
foreach ($_GET as $key => $value) {
$_GET[$key] = RemoveXSS($value);
}
foreach ($_POST as $key => $value) {
$_POST[$key] = RemoveXSS($value);
}
$typeid = 5;
//景点栏目
require_once SLINEINC . "/listview.class.php";
if (isset($pageno)) {
$pageno = intval(preg_replace("/[^\\d]/", '', $pageno));
}
//当前页
///没有设置,则默认为全部
$dest_id = RemoveXSS($dest_id);
//防止跨站攻击
$attrid = $attrid ? $attrid : 0;
//防止跨站攻击
$priceid = $priceid ? $priceid : 0;
$sorttype = $sorttype ? $sorttype : 0;
//这里增加子站判断
if ($GLOBALS['sys_child_webid'] != 0 && empty($dest_id)) {
$dest_id = $GLOBALS['sys_child_webid'];
}
if (!is_numeric($dest_id)) {
if ($dest_id != 'all') {
$d_id = Helper_Archive::getDestIdByPinYin($dest_id);
$dest_id = !empty($d_id) ? $d_id : $dest_id;
} else {
$dest_id = 0;
$siraYonu = $_SESSION["siraYonu2"] == "desc" ? "asc" : "desc";
$_SESSION["siraYonu2"] = $siraYonu;
} else {
$siraYonu = $_SESSION["siraYonu2"];
}
}
$sirAlan = temizle(isset($_GET['order']) ? $_GET['order'] : "");
if ($sirAlan != "") {
$query_eoUsers = "SELECT * FROM eo_shoutbox {$filtr2} ORDER BY {$sirAlan} {$siraYonu}";
} else {
$query_eoUsers = "SELECT * FROM eo_shoutbox {$filtr2} ORDER BY date DESC";
$sirAlan = "date";
}
//echo $query_eoUsers ;
if (!empty($_GET["upd"]) and $_GET["upd"] == "1") {
$query_limit_eoUsers = "SELECT * FROM eo_shoutbox where messageid='" . RemoveXSS($_GET["messageid"]) . "'";
} else {
$query_limit_eoUsers = sprintf("%s LIMIT %d, %d", $query_eoUsers, $startRow_eoUsers, $maxRows_eoUsers);
}
$eoUsers = mysql_query($query_limit_eoUsers, $yol) or die(mysql_error());
$row_eoUsers = mysql_fetch_assoc($eoUsers);
$totalRows_eoUsers = mysql_num_rows($eoUsers);
if (isset($_GET['totalRows_eoUsers'])) {
$totalRows_eoUsers = $_GET['totalRows_eoUsers'];
} else {
$all_eoUsers = mysql_query($query_eoUsers);
$totalRows_eoUsers = mysql_num_rows($all_eoUsers);
}
$totalPages_eoUsers = ceil($totalRows_eoUsers / $maxRows_eoUsers) - 1;
$queryString_eoUsers = "";
if (!empty($_SERVER['QUERY_STRING'])) {
</div>
<form name='register' id='register' method='get' action='contact_us_exe.php' class='form' style='margin-left:50px;'>
<?if (strlen($_GET["missing_info"]) > 0) {?>
<p><font color=#FF0000>Required information is missing</font></p>
<div align="left">
<?}?>
<?if (strlen($_GET["email_problem"]) > 0) {?>
</div>
<p align="left"><font color=#FF0000>The email address entered appears to be invalid</font></p>
<p>
<?}?>
</p>
<textarea name='comments' rows='8' cols='50'><?php
echo RemoveXSS($_GET["comments"]);
?>
</textarea>
<p align="left"> </p>
<div align="left">
<table width="370" border="0" align="left" cellpadding="2">
<tr>
<td width="77" align="left" class="labelset"><div align="left"><span class="asterix">*</span>Name:</div></td>
<td width="279"><input type='text' name='fullname' value="<?php
echo formFieldSafe($_GET["fullname"]);
?>
" class='field' style='width:250px;'></td>
</tr>
<tr>
<td align="left" class="labelset"><div align="left"><span class="asterix">*</span>Email:</div></td>
echo $metin[478] . "<p class='ozetBilgi'>" . $bilg_6 . "</p>";
}
$bilg_7 = sonBilgileriGetir("soru", $geceliKullID);
if (!empty($bilg_7)) {
echo $metin[644] . "<p class='ozetBilgi'>" . $bilg_7 . "</p>";
}
if (empty($bilg_1) and empty($bilg_2) and empty($bilg_3) and empty($bilg_4) and empty($bilg_6) and empty($bilg_7)) {
echo "<font id='uyari'>{$metin['586']}</font>";
}
?>
</div>
<div id="tab3" class="tabContent">
<?php
//ARKADAS
if (isset($_SESSION["seciliArkadas"])) {
$seciliKisi = RemoveXSS($_SESSION["seciliArkadas"]);
} else {
$seciliKisi = "";
}
if ($seciliKisi != "" and getUserName($seciliKisi) != "-") {
echo "<p>{$metin['584']} : <strong><a href='profil.php?kim=" . $seciliKisi . "' rel='facebox'>" . getUserName($seciliKisi) . "</a></strong></p>";
$bil_1 = sonBilgileriGetir("sohbet", $seciliKisi);
if (!empty($bil_1)) {
echo $metin[474] . "<p class='ozetBilgi'>" . $bil_1 . "</p>";
}
$bil_2 = sonBilgileriGetir("yorum", $seciliKisi);
if (!empty($bil_2)) {
echo $metin[475] . "<p class='ozetBilgi'>" . $bil_2 . "</p>";
}
$bil_3 = sonBilgileriGetir("oy", $seciliKisi);
if (!empty($bil_3)) {
function cevapSil($cevapID, $userID)
{
global $yol1, $tur, $currentFile;
if (!empty($userID) && !empty($cevapID)) {
if ($tur == "2" or cevapSahibi($cevapID) == $userID) {
$sql2 = "DELETE FROM eo_askanswerrate \r\n\t\t\t\t\t WHERE cevapID = {$cevapID}";
$result2 = mysql_query($sql2, $yol1);
$sql2 = "DELETE FROM eo_askanswer \r\n\t\t\t\t\t WHERE id = {$cevapID}";
$result2 = mysql_query($sql2, $yol1);
if ($result2) {
echo "Cevap ve oylar silindi.";
trackUser($currentFile, "success,DelAnsw", RemoveXSS($_SESSION["usern"]));
} else {
echo "Cevap ve oylar silinemedi!";
trackUser($currentFile, "fail,DelAnsw", RemoveXSS($_SESSION["usern"]));
}
}
} else {
echo "Cevap ve oylar silinemiyor!";
}
}
$_GET = XSSClean($_GET);
$_POST = XSSClean($_POST);
$_REQUEST = XSSClean($_REQUEST);
$_COOKIE = XSSClean($_COOKIE);
require_once dirname(__FILE__) . '/../include/common.inc.php';
require_once DEDEINC . '/filter.inc.php';
require_once DEDEINC . '/memberlogin.class.php';
require_once DEDEINC . '/dedetemplate.class.php';
//获得当前脚本名称,如果你的系统被禁用了$_SERVER变量,请自行更改这个选项
$dedeNowurl = $s_scriptName = '';
$dedeNowurl = GetCurUrl();
$dedeNowurls = explode('?', $dedeNowurl);
$s_scriptName = $dedeNowurls[0];
$menutype = '';
$menutype_son = '';
$gourl = empty($gourl) ? "" : RemoveXSS($gourl);
//检查是否开放会员功能
if ($cfg_mb_open == 'N') {
ShowMsg("系统关闭了会员功能,因此你无法访问此页面!", "javascript:;");
exit;
}
$keeptime = isset($keeptime) && is_numeric($keeptime) ? $keeptime : -1;
$cfg_ml = new MemberLogin($keeptime);
//判断用户是否登录
$myurl = '';
if ($cfg_ml->IsLogin()) {
$myurl = $cfg_memberurl . "/index.php?uid=" . urlencode($cfg_ml->M_LoginID);
if (!preg_match("#^http:#i", $myurl)) {
$myurl = $cfg_basehost . $myurl;
}
}
$sql = "update `mail` set new_mail=0 WHERE `mail_id`=" . $vid;
mysql_query($sql);
}
//send mail page
//send mail
if (isset($_POST['to_user'])) {
$to_user = $_POST['to_user'];
$title = $_POST['title'];
$content = $_POST['content'];
$from_user = $_SESSION['user_id'];
if (get_magic_quotes_gpc()) {
$to_user = stripslashes($to_user);
$title = stripslashes($title);
$content = stripslashes($content);
}
$title = RemoveXSS($title);
$to_user = mysql_real_escape_string($to_user);
$title = mysql_real_escape_string($title);
$content = mysql_real_escape_string($content);
$from_user = mysql_real_escape_string($from_user);
$sql = "select 1 from users where user_id='{$to_user}' ";
$res = mysql_query($sql);
if ($res && mysql_num_rows($res) < 1) {
mysql_free_result($res);
$view_title = "No Such User!";
} else {
if ($res) {
mysql_free_result($res);
}
$sql = "insert into mail(to_user,from_user,title,content,in_date)\n\t\t\t\t\t\tvalues('{$to_user}','{$from_user}','{$title}','{$content}',now())";
if (!mysql_query($sql)) {
print "</table>";
stdfoot();
die;
break;
case "forum":
if ($enabletooltip_tweak == 'yes') {
$showtooltipsetting = true;
} else {
$showtooltipsetting = false;
}
if ($type == 'save') {
$updateset = array();
$avatars = $_POST["avatars"] != "" ? "yes" : "no";
$ttlastpost = $_POST["ttlastpost"] != "" ? "yes" : "no";
$signatures = $_POST["signatures"] != "" ? "yes" : "no";
$signature = htmlspecialchars(RemoveXSS(trim($_POST["signature"])));
$updateset[] = "topicsperpage = " . min(100, 0 + $_POST["topicsperpage"]);
$updateset[] = "postsperpage = " . min(100, 0 + $_POST["postsperpage"]);
$updateset[] = "avatars = " . sqlesc($avatars);
if ($showtooltipsetting) {
$updateset[] = "showlastpost = " . sqlesc($ttlastpost);
}
$updateset[] = "signatures = " . sqlesc($signatures);
$clicktopic = $_POST["clicktopic"];
$updateset[] = "clicktopic = " . sqlesc($clicktopic);
$updateset[] = "signature = " . sqlesc($signature);
$query = "UPDATE users SET " . implode(",", $updateset) . " WHERE id =" . sqlesc($CURUSER["id"]);
$result = sql_query($query);
if (!$result) {
sqlerr(__FILE__, __LINE__);
} else {
<?php
require_once dirname(__FILE__) . "/../include/common.inc.php";
require_once SLINEROOT . '/jieban/func.php';
require_once dirname(__FILE__) . '/config.php';
require_once SLINEINC . "/view.class.php";
$pv = new View($typeid);
if (!isset($id)) {
exit('Wrong Id');
}
$id = RemoveXSS($id);
//防止跨站攻击
$row = JieBan::getProductInfo($id);
if (empty($row['id'])) {
head404();
}
if (is_array($row)) {
JieBan::updateVisit($row['id']);
$memberinfo = Helper_Archive::getMemberInfo($row['memberid']);
$row['title'] = JieBan::getJiebanTitle($row);
$row['kindnamelist'] = JieBan::getKindnameList($row, '-');
$row['membername'] = $memberinfo['nickname'];
$row['memberlitpic'] = $memberinfo['litpic'] ? $memberinfo['litpic'] : $GLOBALS['cfg_templets_skin'] . '/images/member_default.gif';
$row['url'] = $GLOBALS['cfg_cmsurl'] . '/jieban/show_' . $row['id'] . '.html';
$row['attrlist'] = JieBan::getAttrList($row['attrid']);
$row['joinnum'] = JieBan::getJoinNumber($row['id']);
$row['memo'] = $row['memo'] == 'null' ? '' : $row['memo'];
$row['vartime'] = empty($row['vartime']) ? 0 : $row['vartime'];
$row['pkname'] = get_par_value($row['kindlist'], $typeid);
$row['destid'] = array_remove_value($row['kindlist']);
$row['pinyin'] = Helper_Archive::getDestPinyin($row['destid']);
<?php
/**
* @version $Id: index.php 1 8:24 2014年2月17日 netman $
* @package Smore.User
*/
require_once dirname(__FILE__) . "/config.php";
if (!$User->isLogin()) {
header("Location: " . $cfg_cmsurl . "/member/login.php");
exit;
}
$uid = empty($uid) ? "" : RemoveXSS($uid);
$pv = new View(0);
//会员中心首页
if (!isset($dopost)) {
Helper_Archive::loadModule('common');
$_model = new CommonModule('#@__member_order');
$pv->Fields['unpinlun'] = $_model->getCount("memberid='{$uid}' and ispinlun=0 and status=2 and pid=0");
//未评论订单数量
$pv->Fields['unpay'] = $_model->getCount("memberid='{$uid}' and ispay=0 and pid=0");
//未付款
$pv->Fields['complete'] = $_model->getCount("memberid='{$uid}' and status=2 and pid=0");
//已完成
$userinfo = $User->getInfoByMid($uid);
foreach ($userinfo as $key => $value) {
$pv->Fields[$key] = $value;
}
$pv->Fields['litpic'] = empty($pv->Fields['litpic']) ? $GLOBALS['cfg_templets_skin'] . '/images/member_default.gif' : $pv->Fields['litpic'];
$pv->SetTemplet(MEMBERTEMPLET . "index.htm");
$pv->Display();
exit;
yorumGonder: kullanýcý adý,konu no ve yorum
kullanýcý adý ile belli bir konuya yorum eklenir
*/
function yorumGonder($userID, $konuID, $yorum)
{
global $yol1;
$datem = date("Y-n-j H:i:s");
if (!empty($yorum) && !empty($konuID) && !empty($userID)) {
$yorum = iconv("UTF-8", "ISO-8859-9", $yorum);
$uyeTur = getUserType($_SESSION["usern"]);
//üye öðretmen veya yönetici ise onay ver
if ($uyeTur >= 1) {
$sql2 = "insert into eo_comments VALUES (NULL , '{$userID}', '{$konuID}' , '{$yorum}', '{$datem}' , 1)";
} else {
$sql2 = "insert into eo_comments VALUES (NULL , '{$userID}', '{$konuID}' , '{$yorum}', '{$datem}' , 0)";
}
$result2 = mysql_query($sql2, $yol1);
return $result2;
}
return false;
}
$yorumGel = str_replace("'", "`", $_POST['yorum']);
if (isset($_POST['yorum']) && !empty($_POST['yorum']) && getUserIDcomment($_SESSION["usern"], $_SESSION["userp"]) != "") {
if (yorumGonder(getUserIDcomment($_SESSION["usern"], $_SESSION["userp"]), temizle($_POST['konu']), RemoveXSS($yorumGel))) {
echo iconv("ISO-8859-9", "UTF-8", $metin[293]);
} else {
echo "Error!";
}
} else {
echo "";
}
header("Content-Type: image/gif");
} elseif (file_ext($dosya) == "jpeg") {
header("Content-Type: image/jpeg");
}
echo $content;
downloadSayac(RemoveXSS($_GET["id"]));
die('');
} else {
header('Content-Type: application/octet-stream');
//header('Content-type: application/force-download');
header('Content-Disposition: attachment; filename="' . $dosya . '"');
header('Content-Length: ' . (string) filesize($physicalFileName));
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Pragma: no-cache');
header('Expires: 0');
downloadSayac(RemoveXSS($_GET["id"]));
//readfile($physicalFileName);
flush();
$download_rate = 1;
// set the download rate limit (=> 1024 kb/s)
$file = fopen($physicalFileName, "r");
while (!feof($file)) {
print fread($file, round($download_rate * 1024));
//flush();
//sleep(1);
}
flush();
// close file stream
fclose($file);
die("");
}
}
}
//会员的默认金币
$dfscores = 0;
$dfmoney = 0;
$dfrank = $dsql->GetOne("SELECT money,scores FROM `#@__arcrank` WHERE rank='10' ");
if (is_array($dfrank)) {
$dfmoney = $dfrank['money'];
$dfscores = $dfrank['scores'];
}
$jointime = time();
$logintime = time();
$joinip = GetIP();
$loginip = GetIP();
$pwd = md5($userpwd);
$mtype = RemoveXSS(HtmlReplace($mtype, 1));
$safeanswer = HtmlReplace($safeanswer);
$safequestion = HtmlReplace($safequestion);
$spaceSta = $cfg_mb_spacesta < 0 ? $cfg_mb_spacesta : 0;
$inQuery = "INSERT INTO `#@__member` (`mtype` ,`userid` ,`pwd` ,`uname` ,`sex` ,`rank` ,`money` ,`email` ,`scores` ,\n `matt`, `spacesta` ,`face`,`safequestion`,`safeanswer` ,`jointime` ,`joinip` ,`logintime` ,`loginip` )\n VALUES ('{$mtype}','{$userid}','{$pwd}','{$uname}','{$sex}','10','{$dfmoney}','{$email}','{$dfscores}',\n '0','{$spaceSta}','','{$safequestion}','{$safeanswer}','{$jointime}','{$joinip}','{$logintime}','{$loginip}'); ";
if ($dsql->ExecuteNoneQuery($inQuery)) {
$mid = $dsql->GetLastID();
//写入默认会员详细资料
if ($mtype == '个人') {
$space = 'person';
} else {
if ($mtype == '企业') {
$space = 'company';
} else {
$space = 'person';
}
$content['subject'] = '';
$content['sender'] = '';
if ($_POST['owner'] && $_POST['title'] && $_POST['message']) {
$title = trim($_POST['title']);
$message = my_preview($_POST['message']);
$sender_id = $user['id'];
$sender_ip = $user['ip'];
$owner_id = $auth->getid($_POST['owner']);
if ($owner_id > 0) {
$DB->query("INSERT INTO `pms` (`owner_id`,`subject`,`message`,`sender_id`,`posted`,`sender_ip`)\r\n VALUES (?d,?,?,?d,?d,?)", $owner_id, $title, $message, $sender_id, time(), $sender_ip);
redirect('index.php?n=account&sub=pms', 1);
} else {
output_message('alert', $lang['no_such_addr']);
}
}
if ($_GET['reply']) {
$content = $DB->selectRow("SELECT pms.*, account.username AS sender FROM pms LEFT JOIN account ON pms.sender_id=account.id WHERE owner_id=?d AND pms.id=?d", $user['id'], $_GET['reply']);
$content['message'] = '[blockquote="' . $content['sender'] . ' | ' . date('d-m-Y, H:i:s', $content['posted']) . '"] ' . my_previewreverse($content['message']) . '[/blockquote]';
$pathway_info[] = array('title' => $lang['post_reply_to'] . '"' . $content['subject'] . '"', 'link' => '');
$content['subject'] = '[re:] ' . $content['subject'];
} else {
$pathway_info[] = array('title' => $lang['newmessage'], 'link' => '');
if ($_GETVARS['to']) {
$content['sender'] = RemoveXSS($_GETVARS['to']);
}
if ($_GETVARS['topic']) {
$content['subject'] = RemoveXSS($_GETVARS['topic']);
}
}
}
}
}
} else {
if ($fmdo == 'moodmsg') {
//用户登录
if ($dopost == "sendmsg") {
if (!empty($content)) {
$ip = GetIP();
$dtime = time();
$ischeck = $cfg_mb_msgischeck == 'Y' ? 0 : 1;
if ($cfg_soft_lang == 'gb2312') {
$content = utf82gb(nl2br($content));
}
$content = cn_substrR(HtmlReplace($content, 1), 360);
//对表情进行解析
$content = addslashes(preg_replace("/\\[face:(\\d{1,2})\\]/is", "<img src='" . $cfg_memberurl . "/templets/images/smiley/\\1.gif' style='cursor: pointer; position: relative;'>", $content));
$content = RemoveXSS($content);
$inquery = "INSERT INTO `#@__member_msg`(`mid`,`userid`,`ip`,`ischeck`,`dtime`, `msg`)\n VALUES ('{$cfg_ml->M_ID}','{$cfg_ml->M_LoginID}','{$ip}','{$ischeck}','{$dtime}', '{$content}'); ";
$rs = $dsql->ExecuteNoneQuery($inquery);
if (!$rs) {
$output['type'] = 'error';
$output['data'] = '更新失败,请重试.';
exit;
}
$output['type'] = 'success';
if ($cfg_soft_lang == 'gb2312') {
$content = utf82gb(nl2br($content));
}
$output['data'] = stripslashes($content);
exit(json_encode($output));
}
}
function getprofile($acct_id = false)
{
$res = $this->DB->selectRow("\r\n SELECT * FROM account\r\n LEFT JOIN account_extend ON account.id=account_extend.account_id\r\n LEFT JOIN account_groups ON account_extend.g_id=account_groups.g_id\r\n WHERE id=?d", $acct_id);
return RemoveXSS($res);
}
$tag = RemoveXSS($tag);
//防止跨站攻击
$sql = "select tagname from #@__tmptag where id='{$tag}' and webid='0'";
$row = $dsql->GetOne($sql);
$tagword = $row['tagname'];
$alllist['tag'] = $tag;
if ($tagword != "") {
$alllist['seotitle'] = $tagword . "相关信息";
$alllist['tagname'] = $tagword . "相关信息";
} else {
$alllist['seotitle'] = "查询不到相关内容";
$alllist['tagname'] = "<span style='color:red;'>查找不出相关的tag信息</span>";
}
//listid为栏目typeid
if (isset($listid) && $listid != 0) {
$listid = RemoveXSS($listid);
//防止跨站攻击
$pv = new View($typeid);
require_once SLINEINC . "/listview.class.php";
$sql = "select shortname from #@__nav where typeid={$listid} and webid=0";
$row = $dsql->GetOne($sql);
$alllist['seotitle'] = $tagword . "-" . $row['shortname'] . "相关信息";
if ($listid == 10) {
$listid = 7;
}
$article = "";
if (!$tagword == "") {
$where = " where webid=0 and tagword like '%{$tagword}%'";
$listid = $listid != '10' ? $listid : 7;
$sql = "select {$name[$listid]} as name,aid from #@__{$lanmu[$listid]} {$where} order by aid desc";
$dsql->SetQuery($sql);
function make_clean(&$var, $gpc = false)
{
if (is_array($var)) {
foreach ($var as $key => $val) {
make_clean($var[$key], $gpc);
}
} else {
if ($gpc) {
$var = stripslashes($var);
}
if (!isset($_SERVER['SCRIPT_FILENAME']) || basename($_SERVER['SCRIPT_FILENAME']) != 'tiki-admin.php') {
$var = RemoveXSS($var);
}
}
}
<?php
require_once dirname(__FILE__) . "/../include/common.inc.php";
require_once dirname(__FILE__) . "/linecontent.php";
$typeid = 1;
//线路栏目
require_once SLINEINC . "/view.class.php";
$pv = new View($typeid);
if (!isset($aid)) {
exit('Wrong Id');
}
$aid = RemoveXSS($aid);
//防止跨站攻击
$sql = "select * from #@__line where webid=0 and aid={$aid}";
$row = $dsql->GetOne($sql);
if (empty($row[id])) {
head404();
}
if (is_array($row)) {
if (!empty($row['storeprice']) || $row['storeprice'] > $row['price']) {
$row['cheap'] = $row['storeprice'] - $row['price'];
} else {
$row['cheap'] = 0;
}
$row['price'] = !empty($row['price']) ? "<span class=\"rmb_1\">¥</span>" . $row['price'] . "</span>" : "电询</span>";
$row['storeprice'] = !empty($row['storeprice']) ? $row['storeprice'] . "</span>" : "无</span>";
$row['litpic'] = empty($row['litpic']) ? getDefaultImage() : $row['litpic'];
$row['description'] = !empty($row['description']) ? "<meta name=\"description\" content=\"" . $row['description'] . "\"/>" : "";
$row['keywords'] = !empty($row['keyword']) ? "<meta name=\"keywords\" content=\"" . $row['keyword'] . "\"/>" : "";
$row['subname'] = $row['title'];
$row['id'] = strlen($row['id']) == 1 ? "0" . $row['id'] : $row['id'];
* @link http://www.dedecms.com
*/
if (!defined('DEDEMEMBER')) {
exit('dedecms');
}
//检查是否开放会员功能
if ($cfg_mb_open == 'N') {
ShowMsg("系统关闭了会员功能,因此你无法访问此页面!", "javascript:;");
exit;
}
//对uid进行过滤
if (preg_match("/'/", $uid)) {
ShowMsg("您的用户名中含有非法字符!", "-1");
exit;
} else {
$uid = RemoveXSS($uid);
}
$_vars = GetUserSpaceInfos();
$_vars['bloglinks'] = $_vars['curtitle'] = '';
//---------------------------
//用户权限检查
//被禁言用户
if ($_vars['spacesta'] == -2) {
ShowMsg("用户:{$_vars['userid']} 被禁言,因此个人空间禁止访问!", "-1");
exit;
}
//未审核用户
if ($_vars['spacesta'] < 0) {
ShowMsg("用户:{$_vars['userid']} 的资料尚未通过审核,因此空间禁止访问!", "-1");
exit;
}
