function check_regist_form($id, $passwd, $passwd2, $name, $email, $comment)
{
if (check_id($id) && check_passwd($passwd) && check_retype_passwd($passwd, $passwd2) && check_email($email) && check_comment($comment)) {
return TRUE;
// check_name($name) &&
} else {
return FALSE;
}
}
include_once "inc/utility_email_audit.php";
$TO_WEBMAIL = str_replace("(", "<", $TO_WEBMAIL);
$TO_WEBMAIL = str_replace(")", ">", $TO_WEBMAIL);
$EXCLUDE_UID_STR = "";
$TO_ID = strip_tags($TO_ID);
$COPY_TO_ID = strip_tags($COPY_TO_ID);
$SECRET_TO_ID = strip_tags($SECRET_TO_ID);
$TO_ID_MERGE = $TO_ID . $COPY_TO_ID . $SECRET_TO_ID;
if ($EXCLUDE_UID_STR != "") {
$EXCLUDE_USER_ID_STR = getuserinfobyuid($EXCLUDE_UID_STR, "USER_ID");
$TO_ID = check_id($EXCLUDE_USER_ID_STR, $TO_ID, FALSE);
$COPY_TO_ID = check_id($EXCLUDE_USER_ID_STR, $COPY_TO_ID, FALSE);
$SECRET_TO_ID = check_id($EXCLUDE_USER_ID_STR, $SECRET_TO_ID, FALSE);
$TO_ID_MERGE2 = $TO_ID . $COPY_TO_ID . $SECRET_TO_ID;
if ($TO_ID_MERGE2 != "") {
$TO_ID_MERGE_NOT = check_id($TO_ID_MERGE2, $TO_ID_MERGE, FALSE);
}
if ($TO_ID_MERGE_NOT != "") {
$TO_NAME_NOT_STR = td_trim(getusernamebyid($TO_ID_MERGE_NOT));
}
if ($TO_ID_MERGE_NOT != "") {
if ($TO_ID == "") {
$MSG1 = sprintf(_("您不能给%s 发送邮件,不在其通讯范围内"), $TO_NAME_NOT_STR);
message(_("提示"), $MSG1);
echo " \r\n <center>\r\n <input type=\"button\" value=\"";
echo _("返回");
echo "\" class=\"BigButton\" onClick=\"location='../outbox/?BOX_ID=0&FIELD=";
echo $FIELD;
echo "&ASC_DESC=";
echo $ASC_DESC;
echo "'\">\r\n </center>\r\n ";
<?php
/**
* Created by PhpStorm.
* User: ferry francois
* Date: 29/11/2015
* Time: 16:27
*/
session_start();
include '../contr/controller.php';
$err = "";
$num_compte = "";
$i = 4;
$un = cutString(htmlspecialchars($_POST['nom']), $i);
$creat = check_id($_COOKIE['technicien']);
$check = check_mail($_POST['email']);
$num_compte .= '411' . $un;
$check1 = check_num_compte($num_compte);
if ($num_compte == $check1['num_compte']) {
$i = $i + 1;
$num_compte = "";
$num_compte .= '411' . cutString(htmlspecialchars($_POST['nom']), $i);
}
if ($check['email'] == $_POST['email']) {
$err .= "<li class='btn btn-warning'>Votre client exite deja</li>";
header('Location:../technicien/cree_client.php?code_retour=' . $err);
} else {
if (cree_client($num_compte, htmlspecialchars($_POST['nom']), $un, htmlspecialchars($_POST['qualite']), htmlspecialchars($_POST['adres']), htmlspecialchars($_POST['compl']), htmlspecialchars($_POST['cpv']), htmlspecialchars($_POST['pays']), htmlspecialchars($_POST['id']), htmlspecialchars($_POST['tel']), htmlspecialchars($_POST['email']), htmlspecialchars($_POST['site']), $creat['id'])) {
$err .= "<li class='btn btn-success'>Votre client est bien crée</li>";
header('Location:../technicien/cree_client.php?code_retour=' . $err);
} else {
function check_id($conn, $uid)
{
$sql = "select count(*) from users where uid = {$uid}";
$result = mysqli_query($conn, $sql);
$row = mysqli_fetch_row($result);
return !$row[0];
}
if (isset($_POST['uid']) && isset($_POST['username']) && isset($_POST['password'])) {
if (!is_numeric($_POST['uid'])) {
echo 'uid must be numeric';
exit;
}
$uid = mysqli_escape_string($conn, $_POST['uid']);
$username = mysqli_escape_string($conn, $_POST['username']);
$password = md5($_POST['password']);
if (check_id($conn, $uid)) {
$sql = "insert into users(`uid`,`username`,`password`) values ({$uid},'{$username}','{$password}')";
mysqli_query($conn, $sql);
header("Location:./login.php");
} else {
$alert = true;
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Do you know is_numeric</title>
<meta charset="utf-8">
<link type="text/css" href="../../css/bootstrap-combined.min.css" rel="stylesheet">
</head>
public function game_cate($params)
{
$id = check_id($params);
$this->data['game'] = $this->m_wap->jqxGetId('game_app', array('cate' => $id, 'type' => 'game', 'status' => 'active'), 'id_game_app, name, icon, slide_image, description, content, count_download, size, download_url', $this->limit);
$this->data['cate'] = $this->m_wap->jqxGetId('cate', array('id_cate' => $id, 'status' => 'active'), 'title');
$this->template->write_view('content', 'game/view_game_cate', $this->data);
$this->template->render();
}
<?php
/**
* Created by PhpStorm.
* User: ferry francois
* Date: 27/11/2015
* Time: 01:59
*/
session_start();
include '../contr/controller.php';
$err = "";
$num_compte = "";
$i = 4;
$un = cutString(htmlspecialchars($_POST['nom']), $i);
$creat = check_id($_COOKIE['installateur']);
$check = check_mail($_POST['email']);
$num_compte .= '411' . $un;
$check1 = check_num_compte($num_compte);
if ($num_compte == $check1['num_compte']) {
$i = $i + 1;
$num_compte = "";
$num_compte .= '411' . cutString(htmlspecialchars($_POST['nom']), $i);
}
if ($check['email'] == $_POST['email']) {
$err .= "<li class='btn btn-warning'>Votre client exite deja</li>";
header('Location:../installateur/cree_client.php?code_retour=' . $err);
} else {
if (cree_client($num_compte, htmlspecialchars($_POST['nom']), $un, htmlspecialchars($_POST['qualite']), htmlspecialchars($_POST['adres']), htmlspecialchars($_POST['compl']), htmlspecialchars($_POST['cpv']), htmlspecialchars($_POST['pays']), htmlspecialchars($_POST['id']), htmlspecialchars($_POST['tel']), htmlspecialchars($_POST['email']), htmlspecialchars($_POST['site']), $creat['id'])) {
$err .= "<li class='btn btn-success'>Votre client est bien crée</li>";
header('Location:../installateur/cree_client.php?code_retour=' . $err);
} else {
<?php
/**
* Created by PhpStorm.
* User: ferry francois
* Date: 17/11/2015
* Time: 13:50
*/
session_start();
include '../contr/controller.php';
$err = "";
$num_compte = "";
$i = 4;
$un = cutString(htmlspecialchars($_POST['nom']), $i);
$creat = check_id($_COOKIE['admin']);
$check = check_mail($_POST['email']);
$num_compte .= '411' . $un;
$check1 = check_num_compte($num_compte);
if ($num_compte == $check1['num_compte']) {
$i = $i + 1;
$num_compte = "";
$num_compte .= '411' . cutString(htmlspecialchars($_POST['nom']), $i);
}
if ($check['email'] == $_POST['email']) {
$err .= "<li class='btn btn-warning'>Votre client exite deja</li>";
header('Location:../moi/cree_client.php?code_retour=' . $err);
} else {
if (cree_client($num_compte, htmlspecialchars($_POST['nom']), $un, htmlspecialchars($_POST['qualite']), htmlspecialchars($_POST['adres']), htmlspecialchars($_POST['compl']), htmlspecialchars($_POST['cpv']), htmlspecialchars($_POST['pays']), htmlspecialchars($_POST['id']), htmlspecialchars($_POST['tel']), htmlspecialchars($_POST['email']), htmlspecialchars($_POST['site']), $creat['id'])) {
$err .= "<li class='btn btn-success'>Votre client est bien crée</li>";
header('Location:../moi/cree_client.php?code_retour=' . $err);
} else {
$result = mysqli_query($con, "SELECT problem_id,title,source,accepted,submit,res,tags from\n (select problem.problem_id,title,source,tags,defunct,accepted,submit,has_tex from problem left join user_notes on (user_id='{$user_id}' and user_notes.problem_id=problem.problem_id))pt\n LEFT JOIN (select problem_id as pid,MIN(result) as res from solution where user_id='{$user_id}' and problem_id group by problem_id) as temp on(pid=problem_id)\n where (title like '%{$keyword}%' or source like '%{$keyword}%' or tags like '%{$keyword}%') " . $addt_cond . "\n order by problem_id limit " . ($page_id - 1) * 20 . ",20");
} else {
$result = mysqli_query($con, "SELECT problem_id,title,source,accepted,submit,defunct from\n problem\n where defunct='N' and (title like '%{$keyword}%' or source like '%{$keyword}%') " . $addt_cond . "\n order by problem_id limit " . ($page_id - 1) * 20 . ",20");
}
break;
case 2:
check_id($req, $type);
if (isset($_SESSION['user'])) {
$user_id = $_SESSION['user'];
$result = mysqli_query($con, "SELECT contest_id,title,source,res,start_time,end_time,defunct from contest\n LEFT JOIN (select contest_id as cid,1 as res from contest_status where user_id='{$user_id}') as fuckzk on (cid=contest_id)\n where (title like '%{$keyword}%' or source like '%{$keyword}%') " . $addt_cond . "\n order by contest_id limit " . ($page_id - 1) * 20 . ",20");
} else {
$result = mysqli_query($con, "SELECT contest_id,title,source,defunct,start_time,end_time from contest\n where (title like '%{$keyword}%' or source like '%{$keyword}%') " . $addt_cond . "\n order by contest_id limit " . ($page_id - 1) * 20 . ",20");
}
break;
case 3:
check_id($req, $type);
$result = mysqli_query($con, "select wiki_id,title,tags,revision,in_date from wiki \n where is_max='Y' and title like '%{$keyword}%' or tags like '%{$keyword}%'\n order by wiki_id desc limit " . ($page_id - 1) * 20 . ",20");
break;
case 4:
$result = mysqli_query($con, "select user_id,nick,solved,submit,accesstime from users \n where user_id like '%{$keyword}%' or nick like '%{$keyword}%'\n order by solved desc limit " . ($page_id - 1) * 20 . ",20");
break;
}
if (mysqli_num_rows($result) == 0) {
$info = _('Looks like we can\'t find what you want');
}
}
}
$inTitle = _('Search Result');
$Title = $inTitle . ' - ' . $oj_name;
?>
<!DOCTYPE html>
<?php
include_once "lib/dbaccess.php";
include_once "lib/logcontent.php";
echo "<?xml version='1.0'?>\n";
echo "<vxml version='2.0'>\n";
?>
<form>
<block>
<?php
// Here we call check_id() function from dbaccess.php
if (isset($_REQUEST["id"]) && check_id($_REQUEST["id"])) {
echo "<prompt>Your user identification number is valid.\n";
echo "Starting session";
echo "You entered " . $_REQUEST["id"] . ".\n";
echo "You entered " . $_REQUEST["city"] . ". </prompt>\n";
//echo("<goto next='begin_session.vxml'/>\n");
} else {
echo "<prompt>Your user identification number is not valid.\n";
echo "You entered " . $_REQUEST["id"] . ".\n";
echo "You entered " . $_REQUEST["city"] . ". </prompt>\n";
//echo("<goto next='getid.vxml'/>\n");
}
?>
</block>
</form>
</vxml>
<?php
require_once FILE_CLASS_OPTIONS;
session_start();
// ** OPEN CONNECTION TO THE DATABASE **
$db_link = openDatabase($db_hostname, $db_username, $db_password, $db_name);
// ** CHECK FOR LOGIN **
checkForLogin("admin", "user");
// ** RETRIEVE OPTIONS THAT PERTAIN TO THIS PAGE **
$options = new Options();
// ** CHECK FOR ID **
$mode = $_GET['mode'];
if ($mode == 'new') {
$id = '0';
// this is to create empty variables from the database
} else {
$mode = 'edit';
$id = check_id();
}
// ** END INITIALIZATION *******************************************************
// RETRIEVE ENTRY INFORMATION GIVEN AN ID
if (isset($id)) {
$r_contact = mysql_query("SELECT * FROM " . TABLE_CONTACT . " AS contact WHERE contact.id={$id}", $db_link) or die(reportSQLError());
$r_additionalData = mysql_query("SELECT * FROM " . TABLE_ADDITIONALDATA . " AS additionaldata WHERE additionaldata.id={$id}", $db_link);
$r_address = mysql_query("SELECT * FROM " . TABLE_ADDRESS . " AS address WHERE address.id={$id}", $db_link);
$r_email = mysql_query("SELECT * FROM " . TABLE_EMAIL . " AS email WHERE email.id={$id}", $db_link);
$r_messaging = mysql_query("SELECT * FROM " . TABLE_MESSAGING . " AS messaging WHERE messaging.id={$id}", $db_link);
$r_otherPhone = mysql_query("SELECT * FROM " . TABLE_OTHERPHONE . " AS otherphone WHERE otherphone.id={$id}", $db_link);
$r_websites = mysql_query("SELECT * FROM " . TABLE_WEBSITES . " AS websites WHERE websites.id={$id}", $db_link);
$r_lastUpdate = mysql_query("SELECT DATE_FORMAT(lastUpdate, \"%W, %M %e %Y (%h:%i %p)\") AS lastUpdate FROM " . TABLE_CONTACT . " AS contact WHERE contact.id={$id}", $db_link);
// NOTE: Groups is determined with a special query that will be run at the bottom of the page.
// Turns query results into an array from where variables can then be extracted from it.
$tbl_contact = mysql_fetch_array($r_contact);
<?php
/*
회원관리 (회원등록)
2001.06 by Jungjoon Oh
*/
require "mem-lib.php";
require "db-lib.php";
if ($id) {
if (strlen($id) < 3) {
print_msg("ID를 3글자 이상 입력해 주세요.", 'check_id', -1);
} elseif (check_id($id)) {
print_msg("<font color=RED>{$id}</font>는 사용 가능합니다.", 'check_id', 1);
} else {
print_msg("<font color=RED>{$id}</font>는 이미 사용하고 있습니다.", 'check_id', 2);
}
} elseif ($idnum != '-') {
if (check_idnum($idnum)) {
print_msg("<font color=RED>{$idnum}</font>는 사용 가능합니다.", 'check_idnum', 1);
} else {
print_msg("<font color=RED>{$idnum}</font>는 이미 등록되어 있습니다.", 'check_idnum', 2);
}
} else {
print_msg("내용을 입력하신 후에 버튼을 누르세요. ", 'check_id', '');
}
exit;
function print_msg($message, $name, $value)
{
echo "\n<html>\n<head>\n<title>중복 확인</title>\n</head>\n<body>\n<center>\n<font color=BLUE size=2><b>{$message}</b></font>\n\n<form name=f>\n<input type=button name=close OnClick='window.close();' value=\" 닫기 \">\n</center>\n\n<SCRIPT LANGUAGE=JavaScript>\n\tdocument.f.close.focus();\n\topener.document.f.{$name}.value='{$value}';\n</SCRIPT>\n\n</body>\n</html>\n";
exit;
}
$msg .= "PLZ: " . $arr_in["address_zip"] . "<br />";
$msg .= "Land: " . $arr_in["address_country"] . "<br />";
$msg .= "Email: " . $arr_in["payer_email"] . "<br />";
for ($i = 1; $i <= $arr_in["num_cart_items"]; $i++) {
$msg .= "<br />......................................<br />";
$msg .= "ITEM " . $i;
$msg .= "<br />......................................<br />";
$msg .= "Artikelnummer: " . $arr_in["item_number" . $i] . "<br />";
$msg .= "Menge: " . $arr_in["quantity" . $i] . "<br />";
$msg .= "Betrag: " . $arr_in["mc_gross_" . $i] . " " . $arr_in["mc_currency"] . "<br />";
}
$msg .= "<br />";
$msg .= "Gesambetrag: " . $arr_in["mc_gross"] . "<br />";
if (!mail($seller_notification_mail, "Test", $msg, "From: Site Test \nContent-Type: text/html; charset=ISO-8859-1") === FALSE) {
//echo "ERROR";
check_id(error_get_last());
}
}
// close if (!check_id($arr_in["txn_id"]))
header("Location: " . $site_link . "/index.php");
die;
/*
The transaction id is unique.
* For technical problems the server can send two times the data of a transaction.
* The following function check whether the ID has already been handled.
* Usually all information are saved on database. Hier I use a file.
* */
function check_id($id)
{
$fp = fopen("transactionsid.txt", "a+") or die("Unable to open file!");
$check = false;
if (!$sjk) {
echo "bu cun zai";
} else {
mysql_select_db("app_chwdywp1", $con);
mysql_query("CREATE TABLE IF NOT EXISTS nmb_save ( num int(30),board int(30),id varchar(30),time varchar(30), text varchar(1000))");
mysql_query("CREATE TABLE IF NOT EXISTS nmb_id ( id float(30), name varchar(40),status int(30),time int(30))");
mysql_query("CREATE TABLE IF NOT EXISTS nmb_set ( item varchar(50), value varchar(30))");
init_set();
if (isset($_COOKIE['id'])) {
br();
br();
br();
echo "欢迎回来 " . $_COOKIE['name'];
} else {
if (check_cookie()) {
$new_id = check_id();
$new_time = time();
$new_name = "user_{$new_id}";
$cookie_expire = $new_time + 36000;
mysql_query("INSERT INTO nmb_id VALUES({$new_id},'{$new_name}',1,{$cookie_expire})");
setcookie('id', $new_id, $new_time + 36000);
setcookie('name', $new_name, $new_time + 36000);
br();
br();
br();
echo "已获得新身份 " . $new_name;
}
}
}
}
?>
}
$ID = $PWD = $name = $mail = $file = $Type = $phone = $addr = '';
$ErrID = $birth = $picno = $upload_failed = 0;
$sex = 'M';
if (isset($_POST)) {
extract($_POST, EXTR_OVERWRITE);
}
$db_conn = connect2db($DBMS, $dbhost, $dbuser, $dbpwd, $dbname);
chdir("upload");
//echo getcwd();
if (isset($Submit)) {
// Press Submit
if (empty($ID)) {
$ErrID = 1;
} else {
if ($ID != addslashes($ID) || !check_id($ID)) {
$ErrID = 2;
} else {
$sqlcmd = "SELECT * FROM Member WHERE id='{$ID}'";
$rs = querydb($sqlcmd, $db_conn);
if (count($rs) > 0) {
$ErrID = 3;
}
}
}
if ($ErrID < 1) {
if (empty($PWD)) {
$ErrID = 4;
} else {
if ($PWD != addslashes($PWD) || !check_pwd($PWD)) {
$ErrID = 5;
<?php
/*
회원관리 (회원등록)
2001.06 by Jungjoon Oh
*/
require "mem-lib.php";
require "db-lib.php";
if (!$id) {
$errmsg .= "* ID를 입력해주세요.\\n";
} elseif (!check_id($id)) {
$errmsg .= "* 이미 사용중인 ID입니다.\\n";
}
if (!$name) {
$errmsg .= "* 성명을 입력해주세요.\\n";
}
if (!$idnum1 || !$idnum2) {
$errmsg .= "* 주민등록번호를 입력해주세요.\\n";
} elseif (!check_idnum("{$idnum1}{$idnum2}")) {
$errmsg .= "* 이미 등록된 주민등록번호입니다.\\n";
}
if ($errmsg) {
$errmsg = "- 아래의 사항을 확인하세요\\n\\n" . $errmsg;
print_alert($errmsg, 'back');
}
$dbh = dbconnect();
if ($zip1 && $zip2) {
$zip = "{$zip1}-{$zip2}";
}
// Make Query
$query = "insert into member_data " . "(mem_id,mem_pw,mem_date,mem_name,mem_idnum,mem_email," . "mem_url,mem_tel,mem_hp,mem_addr1,mem_addr2,mem_zip) values " . "('{$id}','{$passwd}',sysdate(),'{$name}','{$idnum1}-{$idnum2}','{$email}'," . "'{$url}','{$tel}','{$hp}','{$addr1}','{$addr2}','{$zip}')";