Exemple #1
0
function finish_auth($username, $auth_key, $url)
{
    // not a good design
    if (mb_strlen($auth_key, 'utf-8') != 32) {
        return json_encode(array('errorno' => 1));
    }
    $result = get_user_information($username);
    if ($result == null) {
        return json_encode(array('errorno' => 2));
    }
    if (process_auth_key($result['auth_key'], $result['last_time'], $url) != $auth_key) {
        return json_encode(array('errorno' => 3));
    }
    // not good design +1
    $new_auth_key = rand_string();
    $sql = "UPDATE `account` SET `auth_key`= ? WHERE username= ? LIMIT 1";
    $params = array($new_auth_key, $username);
    $count = (new MysqlDAO())->execute($sql, $params, 'ss');
    $username = $result['username'];
    $email = $result['email'];
    $verified = $result['verified'];
    $reg_time = $result['reg_time'];
    $res = array('errorno' => 0, 'user' => array('username' => $username, 'email' => $email, 'verified' => $verified, 'reg_time' => $reg_time));
    return json_encode($res);
}
Exemple #2
0
function start_auth($username, $url)
{
    $result = get_user_information($username);
    if ($result == null) {
        return '(null)';
    }
    $auth_key = $result['auth_key'];
    $last_time = $result['last_time'];
    $auth_key = process_auth_key($auth_key, $last_time, $url);
    return $auth_key;
}
function draw_mini_comments()
{
    $user_info = get_user_information($_SESSION['user_id']);
    $username = $user_info['username'];
    //Query grabs comments made in last 7 days
    $sqlquery = " SELECT * FROM `performance_comments` WHERE username ='******' AND TIMESTAMPDIFF(DAY , `timestamp` , NOW( ) ) < '7'";
    $result = mysql_query($sqlquery) or die("Select failed: " . mysql_error() . " on query: " . $sqlquery);
    $o .= "<ul>";
    while ($data = mysql_fetch_array($result)) {
        $o .= "<li>" . $data['username_commenter'] . " - " . $data['comment'] . "</li>";
    }
    $o .= "</ul>";
    return $o;
}
function chk_cookie($username, $pwd)
{
    if (!ENABLE_COOKIE) {
        return;
    }
    if (mb_strlen($username, 'utf8') < 1 || mb_strlen($username, 'utf8') > 12) {
        return;
    }
    $result = get_user_information($username);
    if ($result == null) {
        setcookie('username', '', time() - 1);
        setcookie('sid', '', time() - 1);
        return;
    } else {
        if (crypt_pwd_client($result['password']) == $pwd) {
            $_SESSION['username'] = $result['username'];
            $_SESSION['loged'] = false;
            return;
        } else {
            setcookie('username', '', time() - 1);
            setcookie('sid', '', time() - 1);
            return;
        }
        return;
    }
}
Exemple #5
0
/**
* View private message
*/
function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row)
{
    global $user, $template, $auth, $db, $cache, $src_container;
    global $src_root_path, $request, $phpEx, $config, $src_dispatcher;
    $user->add_lang(array('viewtopic', 'memberlist'));
    $msg_id = (int) $msg_id;
    $folder_id = (int) $folder_id;
    $author_id = (int) $message_row['author_id'];
    $view = request_var('view', '');
    // Not able to view message, it was deleted by the sender
    if ($message_row['pm_deleted']) {
        $meta_info = append_sid("{$src_root_path}ucp.{$phpEx}", "i=pm&amp;folder={$folder_id}");
        $message = $user->lang['NO_AUTH_READ_REMOVED_MESSAGE'];
        $message .= '<br /><br />' . sprintf($user->lang['RETURN_FOLDER'], '<a href="' . $meta_info . '">', '</a>');
        trigger_error($message);
    }
    // Do not allow hold messages to be seen
    if ($folder_id == PRIVMSGS_HOLD_BOX) {
        trigger_error('NO_AUTH_READ_HOLD_MESSAGE');
    }
    // Grab icons
    $icons = $cache->obtain_icons();
    // Load the custom profile fields
    if ($config['load_cpf_pm']) {
        $cp = $src_container->get('profilefields.manager');
        $profile_fields = $cp->grab_profile_fields_data($author_id);
    }
    // Assign TO/BCC Addresses to template
    write_pm_addresses(array('to' => $message_row['to_address'], 'bcc' => $message_row['bcc_address']), $author_id);
    $user_info = get_user_information($author_id, $message_row);
    // Parse the message and subject
    $parse_flags = ($message_row['bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;
    $message = generate_text_for_display($message_row['message_text'], $message_row['bbcode_uid'], $message_row['bbcode_bitfield'], $parse_flags, true);
    // Replace naughty words such as farty pants
    $message_row['message_subject'] = censor_text($message_row['message_subject']);
    // Editing information
    if ($message_row['message_edit_count'] && $config['display_last_edited']) {
        if (!$message_row['message_edit_user']) {
            $display_username = get_username_string('full', $author_id, $user_info['username'], $user_info['user_colour']);
        } else {
            $edit_user_info = get_user_information($message_row['message_edit_user'], false);
            $display_username = get_username_string('full', $message_row['message_edit_user'], $edit_user_info['username'], $edit_user_info['user_colour']);
        }
        $l_edited_by = '<br /><br />' . $user->lang('EDITED_TIMES_TOTAL', (int) $message_row['message_edit_count'], $display_username, $user->format_date($message_row['message_edit_time'], false, true));
    } else {
        $l_edited_by = '';
    }
    // Pull attachment data
    $display_notice = false;
    $attachments = array();
    if ($message_row['message_attachment'] && $config['allow_pm_attach']) {
        if ($auth->acl_get('u_pm_download')) {
            $sql = 'SELECT *
				FROM ' . ATTACHMENTS_TABLE . "\n\t\t\t\tWHERE post_msg_id = {$msg_id}\n\t\t\t\t\tAND in_message = 1\n\t\t\t\tORDER BY filetime DESC, post_msg_id ASC";
            $result = $db->sql_query($sql);
            while ($row = $db->sql_fetchrow($result)) {
                $attachments[] = $row;
            }
            $db->sql_freeresult($result);
            // No attachments exist, but message table thinks they do so go ahead and reset attach flags
            if (!sizeof($attachments)) {
                $sql = 'UPDATE ' . PRIVMSGS_TABLE . "\n\t\t\t\t\tSET message_attachment = 0\n\t\t\t\t\tWHERE msg_id = {$msg_id}";
                $db->sql_query($sql);
            }
        } else {
            $display_notice = true;
        }
    }
    // Assign inline attachments
    if (!empty($attachments)) {
        $update_count = array();
        parse_attachments(false, $message, $attachments, $update_count);
        // Update the attachment download counts
        if (sizeof($update_count)) {
            $sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
				SET download_count = download_count + 1
				WHERE ' . $db->sql_in_set('attach_id', array_unique($update_count));
            $db->sql_query($sql);
        }
    }
    $user_info['sig'] = '';
    $signature = $message_row['enable_sig'] && $config['allow_sig'] && $auth->acl_get('u_sig') && $user->optionget('viewsigs') ? $user_info['user_sig'] : '';
    // End signature parsing, only if needed
    if ($signature) {
        $parse_flags = ($user_info['user_sig_bbcode_bitfield'] ? OPTION_FLAG_BBCODE : 0) | OPTION_FLAG_SMILIES;
        $signature = generate_text_for_display($signature, $user_info['user_sig_bbcode_uid'], $user_info['user_sig_bbcode_bitfield'], $parse_flags, true);
    }
    $url = append_sid("{$src_root_path}ucp.{$phpEx}", 'i=pm');
    // Number of "to" recipients
    $num_recipients = (int) preg_match_all('/:?(u|g)_([0-9]+):?/', $message_row['to_address'], $match);
    $bbcode_status = $config['allow_bbcode'] && $config['auth_bbcode_pm'] && $auth->acl_get('u_pm_bbcode') ? true : false;
    // Get the profile fields template data
    $cp_row = array();
    if ($config['load_cpf_pm'] && isset($profile_fields[$author_id])) {
        // Filter the fields we don't want to show
        foreach ($profile_fields[$author_id] as $used_ident => $profile_field) {
            if (!$profile_field['data']['field_show_on_pm']) {
                unset($profile_fields[$author_id][$used_ident]);
            }
        }
        if (isset($profile_fields[$author_id])) {
            $cp_row = $cp->generate_profile_fields_template_data($profile_fields[$author_id]);
        }
    }
    $u_pm = $u_jabber = '';
    if ($config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($user_info['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_'))) {
        $u_pm = append_sid("{$src_root_path}ucp.{$phpEx}", 'i=pm&amp;mode=compose&amp;u=' . $author_id);
    }
    if ($config['jab_enable'] && $user_info['user_jabber'] && $auth->acl_get('u_sendim')) {
        $u_jabber = append_sid("{$src_root_path}memberlist.{$phpEx}", 'mode=contact&amp;action=jabber&amp;u=' . $author_id);
    }
    $msg_data = array('MESSAGE_AUTHOR_FULL' => get_username_string('full', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'MESSAGE_AUTHOR_COLOUR' => get_username_string('colour', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'MESSAGE_AUTHOR' => get_username_string('username', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'U_MESSAGE_AUTHOR' => get_username_string('profile', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'RANK_TITLE' => $user_info['rank_title'], 'RANK_IMG' => $user_info['rank_image'], 'AUTHOR_AVATAR' => isset($user_info['avatar']) ? $user_info['avatar'] : '', 'AUTHOR_JOINED' => $user->format_date($user_info['user_regdate']), 'AUTHOR_POSTS' => (int) $user_info['user_posts'], 'U_AUTHOR_POSTS' => $config['load_search'] && $auth->acl_get('u_search') ? append_sid("{$src_root_path}search.{$phpEx}", "author_id={$author_id}&amp;sr=posts") : '', 'CONTACT_USER' => $user->lang('CONTACT_USER', get_username_string('username', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username'])), 'ONLINE_IMG' => !$config['load_onlinetrack'] ? '' : (isset($user_info['online']) && $user_info['online'] ? $user->img('icon_user_online', $user->lang['ONLINE']) : $user->img('icon_user_offline', $user->lang['OFFLINE'])), 'S_ONLINE' => !$config['load_onlinetrack'] ? false : (isset($user_info['online']) && $user_info['online'] ? true : false), 'DELETE_IMG' => $user->img('icon_post_delete', $user->lang['DELETE_MESSAGE']), 'INFO_IMG' => $user->img('icon_post_info', $user->lang['VIEW_PM_INFO']), 'PROFILE_IMG' => $user->img('icon_user_profile', $user->lang['READ_PROFILE']), 'EMAIL_IMG' => $user->img('icon_contact_email', $user->lang['SEND_EMAIL']), 'QUOTE_IMG' => $user->img('icon_post_quote', $user->lang['POST_QUOTE_PM']), 'REPLY_IMG' => $user->img('button_pm_reply', $user->lang['POST_REPLY_PM']), 'REPORT_IMG' => $user->img('icon_post_report', 'REPORT_PM'), 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['POST_EDIT_PM']), 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['PM']), 'SENT_DATE' => $view == 'print' ? $user->format_date($message_row['message_time'], false, true) : $user->format_date($message_row['message_time']), 'SUBJECT' => $message_row['message_subject'], 'MESSAGE' => $message, 'SIGNATURE' => $message_row['enable_sig'] ? $signature : '', 'EDITED_MESSAGE' => $l_edited_by, 'MESSAGE_ID' => $message_row['msg_id'], 'U_PM' => $u_pm, 'U_JABBER' => $u_jabber, 'U_DELETE' => $auth->acl_get('u_pm_delete') ? "{$url}&amp;mode=compose&amp;action=delete&amp;f={$folder_id}&amp;p=" . $message_row['msg_id'] : '', 'U_EMAIL' => $user_info['email'], 'U_REPORT' => $config['allow_pm_report'] ? append_sid("{$src_root_path}report.{$phpEx}", "pm=" . $message_row['msg_id']) : '', 'U_QUOTE' => $auth->acl_get('u_sendpm') && $author_id != ANONYMOUS ? "{$url}&amp;mode=compose&amp;action=quote&amp;f={$folder_id}&amp;p=" . $message_row['msg_id'] : '', 'U_EDIT' => ($message_row['message_time'] > time() - $config['pm_edit_time'] * 60 || !$config['pm_edit_time']) && $folder_id == PRIVMSGS_OUTBOX && $auth->acl_get('u_pm_edit') ? "{$url}&amp;mode=compose&amp;action=edit&amp;f={$folder_id}&amp;p=" . $message_row['msg_id'] : '', 'U_POST_REPLY_PM' => $auth->acl_get('u_sendpm') && $author_id != ANONYMOUS ? "{$url}&amp;mode=compose&amp;action=reply&amp;f={$folder_id}&amp;p=" . $message_row['msg_id'] : '', 'U_POST_REPLY_ALL' => $auth->acl_get('u_sendpm') && $author_id != ANONYMOUS ? "{$url}&amp;mode=compose&amp;action=reply&amp;f={$folder_id}&amp;reply_to_all=1&amp;p=" . $message_row['msg_id'] : '', 'U_PREVIOUS_PM' => "{$url}&amp;f={$folder_id}&amp;p=" . $message_row['msg_id'] . "&amp;view=previous", 'U_NEXT_PM' => "{$url}&amp;f={$folder_id}&amp;p=" . $message_row['msg_id'] . "&amp;view=next", 'U_PM_ACTION' => $url . '&amp;mode=compose&amp;f=' . $folder_id . '&amp;p=' . $message_row['msg_id'], 'S_HAS_ATTACHMENTS' => sizeof($attachments) ? true : false, 'S_DISPLAY_NOTICE' => $display_notice && $message_row['message_attachment'], 'S_AUTHOR_DELETED' => $author_id == ANONYMOUS ? true : false, 'S_SPECIAL_FOLDER' => in_array($folder_id, array(PRIVMSGS_NO_BOX, PRIVMSGS_OUTBOX)), 'S_PM_RECIPIENTS' => $num_recipients, 'S_BBCODE_ALLOWED' => $bbcode_status ? 1 : 0, 'S_CUSTOM_FIELDS' => !empty($cp_row['row']) ? true : false, 'U_PRINT_PM' => $config['print_pm'] && $auth->acl_get('u_pm_printpm') ? "{$url}&amp;f={$folder_id}&amp;p=" . $message_row['msg_id'] . "&amp;view=print" : '', 'U_FORWARD_PM' => $config['forward_pm'] && $auth->acl_get('u_sendpm') && $auth->acl_get('u_pm_forward') ? "{$url}&amp;mode=compose&amp;action=forward&amp;f={$folder_id}&amp;p=" . $message_row['msg_id'] : '');
    /**
     * Modify pm and sender data before it is assigned to the template
     *
     * @event core.ucp_pm_view_messsage
     * @var	mixed	id			Active module category (can be int or string)
     * @var	string	mode		Active module
     * @var	int		folder_id	ID of the folder the message is in
     * @var	int		msg_id		ID of the private message
     * @var	array	folder		Array with data of user's message folders
     * @var	array	message_row	Array with message data
     * @var	array	cp_row		Array with senders custom profile field data
     * @var	array	msg_data	Template array with message data
     * @since 3.1.0-a1
     */
    $vars = array('id', 'mode', 'folder_id', 'msg_id', 'folder', 'message_row', 'cp_row', 'msg_data');
    extract($src_dispatcher->trigger_event('core.ucp_pm_view_messsage', compact($vars)));
    $template->assign_vars($msg_data);
    $contact_fields = array(array('ID' => 'pm', 'NAME' => $user->lang['SEND_PRIVATE_MESSAGE'], 'U_CONTACT' => $u_pm), array('ID' => 'email', 'NAME' => $user->lang['SEND_EMAIL'], 'U_CONTACT' => $user_info['email']), array('ID' => 'jabber', 'NAME' => $user->lang['JABBER'], 'U_CONTACT' => $u_jabber));
    foreach ($contact_fields as $field) {
        if ($field['U_CONTACT']) {
            $template->assign_block_vars('contact', $field);
        }
    }
    // Display the custom profile fields
    if (!empty($cp_row['row'])) {
        $template->assign_vars($cp_row['row']);
        foreach ($cp_row['blockrow'] as $cp_block_row) {
            $template->assign_block_vars('custom_fields', $cp_block_row);
            if ($cp_block_row['S_PROFILE_CONTACT']) {
                $template->assign_block_vars('contact', array('ID' => $cp_block_row['PROFILE_FIELD_IDENT'], 'NAME' => $cp_block_row['PROFILE_FIELD_NAME'], 'U_CONTACT' => $cp_block_row['PROFILE_FIELD_CONTACT']));
            }
        }
    }
    // Display not already displayed Attachments for this post, we already parsed them. ;)
    if (isset($attachments) && sizeof($attachments)) {
        foreach ($attachments as $attachment) {
            $template->assign_block_vars('attachment', array('DISPLAY_ATTACHMENT' => $attachment));
        }
    }
    if (!isset($_REQUEST['view']) || $request->variable('view', '') != 'print') {
        // Message History
        if (message_history($msg_id, $user->data['user_id'], $message_row, $folder)) {
            $template->assign_var('S_DISPLAY_HISTORY', true);
        }
    }
}
/**
* View private message
*/
function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row)
{
    global $user, $template, $auth, $db, $cache;
    global $phpbb_root_path, $phpEx, $config;
    $user->add_lang(array('viewtopic', 'memberlist'));
    $msg_id = (int) $msg_id;
    $folder_id = (int) $folder_id;
    $author_id = (int) $message_row['author_id'];
    $view = request_var('view', '');
    // Not able to view message, it was deleted by the sender
    if ($message_row['pm_deleted']) {
        $meta_info = append_sid("{$phpbb_root_path}ucp.{$phpEx}", "i=pm&amp;folder={$folder_id}");
        $message = $user->lang['NO_AUTH_READ_REMOVED_MESSAGE'];
        $message .= '<br /><br />' . sprintf($user->lang['RETURN_FOLDER'], '<a href="' . $meta_info . '">', '</a>');
        trigger_error($message);
    }
    // Do not allow hold messages to be seen
    if ($folder_id == PRIVMSGS_HOLD_BOX) {
        trigger_error('NO_AUTH_READ_HOLD_MESSAGE');
    }
    // Grab icons
    $icons = $cache->obtain_icons();
    $bbcode = false;
    // Instantiate BBCode if need be
    if ($message_row['bbcode_bitfield']) {
        include $phpbb_root_path . 'includes/bbcode.' . $phpEx;
        $bbcode = new bbcode($message_row['bbcode_bitfield']);
    }
    // Assign TO/BCC Addresses to template
    write_pm_addresses(array('to' => $message_row['to_address'], 'bcc' => $message_row['bcc_address']), $author_id);
    $user_info = get_user_information($author_id, $message_row);
    // Parse the message and subject
    $message = censor_text($message_row['message_text']);
    // Second parse bbcode here
    if ($message_row['bbcode_bitfield']) {
        $bbcode->bbcode_second_pass($message, $message_row['bbcode_uid'], $message_row['bbcode_bitfield']);
    }
    // Always process smilies after parsing bbcodes
    $message = bbcode_nl2br($message);
    $message = smiley_text($message);
    // Replace naughty words such as farty pants
    $message_row['message_subject'] = censor_text($message_row['message_subject']);
    // Editing information
    if ($message_row['message_edit_count'] && $config['display_last_edited']) {
        $l_edit_time_total = $message_row['message_edit_count'] == 1 ? $user->lang['EDITED_TIME_TOTAL'] : $user->lang['EDITED_TIMES_TOTAL'];
        $l_edited_by = '<br /><br />' . sprintf($l_edit_time_total, !$message_row['message_edit_user'] ? $message_row['username'] : $message_row['message_edit_user'], $user->format_date($message_row['message_edit_time'], false, true), $message_row['message_edit_count']);
    } else {
        $l_edited_by = '';
    }
    // Pull attachment data
    $display_notice = false;
    $attachments = array();
    if ($message_row['message_attachment'] && $config['allow_pm_attach']) {
        if ($auth->acl_get('u_pm_download')) {
            $sql = 'SELECT *
				FROM ' . ATTACHMENTS_TABLE . "\n\t\t\t\tWHERE post_msg_id = {$msg_id}\n\t\t\t\t\tAND in_message = 1\n\t\t\t\tORDER BY filetime DESC, post_msg_id ASC";
            $result = $db->sql_query($sql);
            while ($row = $db->sql_fetchrow($result)) {
                $attachments[] = $row;
            }
            $db->sql_freeresult($result);
            // No attachments exist, but message table thinks they do so go ahead and reset attach flags
            if (!sizeof($attachments)) {
                $sql = 'UPDATE ' . PRIVMSGS_TABLE . "\n\t\t\t\t\tSET message_attachment = 0\n\t\t\t\t\tWHERE msg_id = {$msg_id}";
                $db->sql_query($sql);
            }
        } else {
            $display_notice = true;
        }
    }
    // Assign inline attachments
    if (!empty($attachments)) {
        $update_count = array();
        parse_attachments(false, $message, $attachments, $update_count);
        // Update the attachment download counts
        if (sizeof($update_count)) {
            $sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
				SET download_count = download_count + 1
				WHERE ' . $db->sql_in_set('attach_id', array_unique($update_count));
            $db->sql_query($sql);
        }
    }
    $user_info['sig'] = '';
    $signature = $message_row['enable_sig'] && $config['allow_sig'] && $auth->acl_get('u_sig') && $user->optionget('viewsigs') ? $user_info['user_sig'] : '';
    // End signature parsing, only if needed
    if ($signature) {
        $signature = censor_text($signature);
        if ($user_info['user_sig_bbcode_bitfield']) {
            if ($bbcode === false) {
                include $phpbb_root_path . 'includes/bbcode.' . $phpEx;
                $bbcode = new bbcode($user_info['user_sig_bbcode_bitfield']);
            }
            $bbcode->bbcode_second_pass($signature, $user_info['user_sig_bbcode_uid'], $user_info['user_sig_bbcode_bitfield']);
        }
        $signature = bbcode_nl2br($signature);
        $signature = smiley_text($signature);
    }
    $url = append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm');
    // Number of "to" recipients
    $num_recipients = (int) preg_match_all('/:?(u|g)_([0-9]+):?/', $message_row['to_address'], $match);
    $template->assign_vars(array('MESSAGE_AUTHOR_FULL' => get_username_string('full', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'MESSAGE_AUTHOR_COLOUR' => get_username_string('colour', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'MESSAGE_AUTHOR' => get_username_string('username', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'U_MESSAGE_AUTHOR' => get_username_string('profile', $author_id, $user_info['username'], $user_info['user_colour'], $user_info['username']), 'RANK_TITLE' => $user_info['rank_title'], 'RANK_IMG' => $user_info['rank_image'], 'AUTHOR_AVATAR' => isset($user_info['avatar']) ? $user_info['avatar'] : '', 'AUTHOR_JOINED' => $user->format_date($user_info['user_regdate']), 'AUTHOR_POSTS' => (int) $user_info['user_posts'], 'AUTHOR_FROM' => !empty($user_info['user_from']) ? $user_info['user_from'] : '', 'ONLINE_IMG' => !$config['load_onlinetrack'] ? '' : (isset($user_info['online']) && $user_info['online'] ? $user->img('icon_user_online', $user->lang['ONLINE']) : $user->img('icon_user_offline', $user->lang['OFFLINE'])), 'S_ONLINE' => !$config['load_onlinetrack'] ? false : (isset($user_info['online']) && $user_info['online'] ? true : false), 'DELETE_IMG' => $user->img('icon_post_delete', $user->lang['DELETE_MESSAGE']), 'INFO_IMG' => $user->img('icon_post_info', $user->lang['VIEW_PM_INFO']), 'PROFILE_IMG' => $user->img('icon_user_profile', $user->lang['READ_PROFILE']), 'EMAIL_IMG' => $user->img('icon_contact_email', $user->lang['SEND_EMAIL']), 'QUOTE_IMG' => $user->img('icon_post_quote', $user->lang['POST_QUOTE_PM']), 'REPLY_IMG' => $user->img('button_pm_reply', $user->lang['POST_REPLY_PM']), 'REPORT_IMG' => $user->img('icon_post_report', 'REPORT_PM'), 'EDIT_IMG' => $user->img('icon_post_edit', $user->lang['POST_EDIT_PM']), 'MINI_POST_IMG' => $user->img('icon_post_target', $user->lang['PM']), 'SENT_DATE' => $view == 'print' ? $user->format_date($message_row['message_time'], false, true) : $user->format_date($message_row['message_time']), 'SUBJECT' => $message_row['message_subject'], 'MESSAGE' => $message, 'SIGNATURE' => $message_row['enable_sig'] ? $signature : '', 'EDITED_MESSAGE' => $l_edited_by, 'MESSAGE_ID' => $message_row['msg_id'], 'U_PM' => $config['allow_privmsg'] && $auth->acl_get('u_sendpm') && ($user_info['user_allow_pm'] || $auth->acl_gets('a_', 'm_') || $auth->acl_getf_global('m_')) ? append_sid("{$phpbb_root_path}ucp.{$phpEx}", 'i=pm&amp;mode=compose&amp;u=' . $author_id) : '', 'U_WWW' => !empty($user_info['user_website']) ? $user_info['user_website'] : '', 'U_ICQ' => $user_info['user_icq'] ? 'http://www.icq.com/people/webmsg.php?to=' . urlencode($user_info['user_icq']) : '', 'U_AIM' => $user_info['user_aim'] && $auth->acl_get('u_sendim') ? append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=contact&amp;action=aim&amp;u=' . $author_id) : '', 'U_YIM' => $user_info['user_yim'] ? 'http://edit.yahoo.com/config/send_webmesg?.target=' . urlencode($user_info['user_yim']) . '&amp;.src=pg' : '', 'U_MSN' => $user_info['user_msnm'] && $auth->acl_get('u_sendim') ? append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=contact&amp;action=msnm&amp;u=' . $author_id) : '', 'U_JABBER' => $user_info['user_jabber'] && $auth->acl_get('u_sendim') ? append_sid("{$phpbb_root_path}memberlist.{$phpEx}", 'mode=contact&amp;action=jabber&amp;u=' . $author_id) : '', 'U_DELETE' => $auth->acl_get('u_pm_delete') ? "{$url}&amp;mode=compose&amp;action=delete&amp;f={$folder_id}&amp;p=" . $message_row['msg_id'] : '', 'U_EMAIL' => $user_info['email'], 'U_REPORT' => $config['allow_pm_report'] ? append_sid("{$phpbb_root_path}report.{$phpEx}", "pm=" . $message_row['msg_id']) : '', 'U_QUOTE' => $auth->acl_get('u_sendpm') && $author_id != ANONYMOUS ? "{$url}&amp;mode=compose&amp;action=quote&amp;f={$folder_id}&amp;p=" . $message_row['msg_id'] : '', 'U_EDIT' => ($message_row['message_time'] > time() - $config['pm_edit_time'] * 60 || !$config['pm_edit_time']) && $folder_id == PRIVMSGS_OUTBOX && $auth->acl_get('u_pm_edit') ? "{$url}&amp;mode=compose&amp;action=edit&amp;f={$folder_id}&amp;p=" . $message_row['msg_id'] : '', 'U_POST_REPLY_PM' => $auth->acl_get('u_sendpm') && $author_id != ANONYMOUS ? "{$url}&amp;mode=compose&amp;action=reply&amp;f={$folder_id}&amp;p=" . $message_row['msg_id'] : '', 'U_POST_REPLY_ALL' => $auth->acl_get('u_sendpm') && $author_id != ANONYMOUS ? "{$url}&amp;mode=compose&amp;action=reply&amp;f={$folder_id}&amp;reply_to_all=1&amp;p=" . $message_row['msg_id'] : '', 'U_PREVIOUS_PM' => "{$url}&amp;f={$folder_id}&amp;p=" . $message_row['msg_id'] . "&amp;view=previous", 'U_NEXT_PM' => "{$url}&amp;f={$folder_id}&amp;p=" . $message_row['msg_id'] . "&amp;view=next", 'U_PM_ACTION' => $url . '&amp;mode=compose&amp;f=' . $folder_id . '&amp;p=' . $message_row['msg_id'], 'S_HAS_ATTACHMENTS' => sizeof($attachments) ? true : false, 'S_DISPLAY_NOTICE' => $display_notice && $message_row['message_attachment'], 'S_AUTHOR_DELETED' => $author_id == ANONYMOUS ? true : false, 'S_SPECIAL_FOLDER' => in_array($folder_id, array(PRIVMSGS_NO_BOX, PRIVMSGS_OUTBOX)), 'S_PM_RECIPIENTS' => $num_recipients, 'U_PRINT_PM' => $config['print_pm'] && $auth->acl_get('u_pm_printpm') ? "{$url}&amp;f={$folder_id}&amp;p=" . $message_row['msg_id'] . "&amp;view=print" : '', 'U_FORWARD_PM' => $config['forward_pm'] && $auth->acl_get('u_sendpm') && $auth->acl_get('u_pm_forward') ? "{$url}&amp;mode=compose&amp;action=forward&amp;f={$folder_id}&amp;p=" . $message_row['msg_id'] : ''));
    // Display not already displayed Attachments for this post, we already parsed them. ;)
    if (isset($attachments) && sizeof($attachments)) {
        foreach ($attachments as $attachment) {
            $template->assign_block_vars('attachment', array('DISPLAY_ATTACHMENT' => $attachment));
        }
    }
    if (!isset($_REQUEST['view']) || $_REQUEST['view'] != 'print') {
        // Message History
        if (message_history($msg_id, $user->data['user_id'], $message_row, $folder)) {
            $template->assign_var('S_DISPLAY_HISTORY', true);
        }
    }
}
Exemple #7
0
function get_signin_log($username)
{
    $profile = get_user_information($username);
    if ($profile == null) {
        return array();
    }
    $sql = 'SELECT * FROM `ewu_signin_log` WHERE `account` = ? OR `account` = ? ORDER BY `log_id` DESC LIMIT 20';
    $a_params = array($profile['username'], $profile['email']);
    /* the following line aims to make php happy
     * when the table has few rows, db may choose to scan the whole table,which is fater
     *while php force us to use index
     */
    mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
    $result = (new MysqlPDO())->executeQuery($sql, $a_params);
    return $result;
}
Exemple #8
0
    signout();
    header('location:login.php?a=signout');
    exit;
}
switch ($page_type) {
    case 'profile':
        $profile = get_user_information($username);
        if ($profile == null) {
            header('location:index.php?a=notloged');
            exit;
        }
        break;
    case 'changepwd':
        break;
    case 'verify':
        $profile = get_user_information($username);
        break;
    case 'logs':
        $logs = get_log_by_username($username);
        break;
    default:
        break;
}
?>
<!DOCTYPE html>
<html lang="en-US">
  <head>
    <meta charset="utf-8"/>
    <meta http-equiv="X-UA-Compatible" content="IE=edge"/>
    <meta name="viewport" content="width=device-width, initial-scale=1"/>
    <!-- 上述3个meta标签*必须*放在最前面,任何其他内容都*必须*跟随其后! -->
Exemple #9
0
        }
    }
} else {
    $pid = 0;
}
if ($pid == 0) {
    header('HTTP/1.1 404 Not Found');
    echo '<html>';
    echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>';
    echo '<h1>啊哦,该商品不存在或已经下架,记得下次早点哦</h1>';
    echo '<h2><a href="index.php">返回首页</a></h2>';
    echo '</html>';
    exit;
}
$goods = get_all_products(1, 2, false, true);
$profile = get_user_information($detail['owner']);
if ($profile != null) {
    $owner = htmlspecialchars($profile['username']);
    $u_campus = $area_array[$profile['campus']];
    $gender = $profile['gender'];
    switch ($gender) {
        case 'm':
            $gender = '帅哥';
            break;
        case 'f':
            $gender = '美女';
            break;
        default:
            $gender = '保密';
            break;
    }
Exemple #10
0
<?php

include_once "./includes/application_top.php";
if (!@wrap_session_is_registered('valid_user')) {
    header('Location: ' . href_link(FILENAME_LOGIN, 'origin=' . FILENAME_UPDATE, 'NONSSL'));
    wrap_exit();
}
$page_title = "Update User Information";
$page_error_message = '';
$update_result = false;
// default
if ($_POST['update'] == "") {
    $user_info_fields = get_user_information($_SESSION['valid_user']);
    if (!(count($user_info_fields) > 0)) {
        $page_error_message = "Your user information could not be found! Please try again. " . $_SESSION['valid_user'] . "";
        $update_result = false;
    } else {
        // Set the $_POST variable for the Form fields below.
        foreach (array_keys($user_info_fields) as $key) {
            $_POST[$key] = addslashes($user_info_fields[$key]);
        }
    }
} else {
    if ($_POST['update'] != "") {
        // Update Form Submit
        if ($_POST['username'] == "" || $_POST['email'] == "") {
            // check forms filled in - required fields
            $page_title = "Problem Updating User Information!";
            $page_error_message = "You have not filled the form out correctly. " . "Please make sure to fill out all required fields.";
        } elseif (!validate_email($_POST['email'])) {
            // email address not valid
Exemple #11
0
是否支持还价:
如何交易:(例如:当面交易)
详细介绍一下你的宝贝
		    </textarea>
                  </div>
                </div>


	    </div>
          </div>

    <?php 
$phone = '';
$campus = 0;
if (isset($_SESSION['ewu_username'])) {
    $profile = get_user_information($_SESSION['ewu_username']);
    if ($profile != null) {
        $phone = $profile['phone'];
        $campus = $profile['campus'];
    }
}
?>
	  <div id="contact-info" class="panel panel-default">
	    <div class="panel-heading">联系信息</div>
	    <div class="panel-body">
	        <div class="form-group">
                  <label class="sr-only" for="inputArea">goods Campus</label>
                  <div class="input-group">
                    <div class="input-group-addon">
                      <span>交易区域</span>
                    </div>