of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ require "headers.php"; include "upper.php"; print '<h2>' . $trash_name[$lang] . '</h2>'; print '<small>' . $trash_desc[$lang] . '</small></h2>'; $action = $_GET['a']; // decompose link $variables = decode_url2($action, $token, $url_key); $tslice = $variables[tslice]; $talker = $variables[talker]; $server = $variables[server]; $action = $variables[action]; $lnk = $variables[lnk]; // validation $talker = mysql_escape_string($talker); $server = mysql_escape_string($server); if (validate_date($tslice) == "f") { unset($action); $unset($tslice); } if ($action == "undelete") { if (undo_deleted_chat($talker, $server, $user_id, $tslice, $xmpp_host, $lnk) == "t") { $back_link = "{$tslice}@{$talker}@{$server}@";
$resource_id = mysql_escape_string($_GET['b']); // validate resource_id if (!ctype_digit($resource_id)) { unset($resource_id); } $start = $_GET['start']; if ($jump_to != "") { $mo = $jump_to; } if ($mo == "jump") { unset($mo); } $e_string = mysql_escape_string($_GET['a']); // decompose link if ($e_string) { $variables = decode_url2($e_string, $token, $url_key); $tslice = $variables[tslice]; $talker = $variables[talker]; $server = $variables[server]; $action = $variables[action]; $lnk = $variables[lnk]; } // validation $talker = mysql_escape_string($talker); $server = mysql_escape_string($server); if (validate_date($tslice) == "f") { unset($tslice); unset($e_string); unset($talker); unset($left); unset($right);
} } // terminate script exit; } if ($process_id == "2") { // remove first seq as this is always request_id... array_shift($_POST); // control $num = count($_POST); $i = 0; while (array_keys($_POST)) { $i++; $enc_data = array_shift($_POST); // decompose data $variables = decode_url2($enc_data, $token, $url_key); $tslice = $variables[tslice]; $talker = $variables[talker]; $server = $variables[server]; // validate if (validate_date($tslice) == "f" or !ctype_digit($talker) or !ctype_digit($server)) { print '<div class="message" style="width: 400px;">'; print $ajax_error[$lang] . '<br><a href="#" onClick="$(\'#fav_result\').fadeOut(\'slow\');" ><u>' . $fav_discard[$lang] . '</u></a></div>'; exit; } $query = "delete from jorge_favorites where owner_id='{$user_id}' and peer_name_id='{$talker}' and peer_server_id='{$server}' and tslice='{$tslice}'"; mysql_query($query); // stop on any error if (mysql_errno() > 0) { print '<div class="message" style="width: 400px;">'; print $ajax_error[$lang] . '<br><a style="font-weight: normal;" href="#" onClick="$(\'#fav_result\').fadeOut(\'slow\');" ><u>' . $fav_discard[$lang] . '</u></a>';
} } if ($peer_server) { if (!ctype_digit($peer_server)) { print 'Ooops...'; exit; } } if ($link_id) { if (!ctype_digit($link_id)) { print 'Ooops...'; exit; } } include "upper.php"; $variables = decode_url2($_GET[a], $token, $url_key); // ...and validation $talker = mysql_escape_string($talker); $server = mysql_escape_string($server); if (validate_date($tslice) == "f") { unset($del); unset($tigger); unset($variables); } if ($del == "t") { if (!ctype_digit($link_id)) { print 'Dont play with that...'; exit; } $query = "delete from jorge_mylinks where owner_id='{$user_id}' and id_link='{$link_id}'"; $result = mysql_query($query) or die("Ooops...Error");