<?php
require_once 'lib/utils.php';
require_once 'lib/config.php';
session_start();
authenticate();
$automessage = trim(clean($_POST['automessage'], MAXMSGLENGTH));
$sql_insert_automessage = "INSERT INTO automessages (automessage, user_id, date) VALUES ('" . $automessage . "', " . $_SESSION['id'] . ", NOW())";
if (@mysql_query($sql_insert_automessage)) {
incrementStat($_SESSION['id'], 'automessages');
myLog('AUTOMESS', $_SESSION['id']);
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/automessage.php?success=true");
exit;
} else {
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/automessage.php?success=false");
exit;
}
*/
if (!isset($req['alias']) or !isset($req['password'])) {
myLog('BADPW', getUserID($req['alias']), $req['password']);
$_SESSION['error'] = "Bad user name and/or password.";
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']));
exit;
}
$sql_check_password = "******" . $req['alias'] . "'";
$sth_check_password = @mysql_query($sql_check_password);
if ($sth_check_password) {
$row = @mysql_fetch_assoc($sth_check_password);
if (md5(crypt($req['password'], substr($req['alias'], 0, 2))) == $row['password']) {
$_SESSION['alias'] = $req['alias'];
$_SESSION['id'] = $row['id'];
$_SESSION['logged_in'] = 1;
$_SESSION['sl'] = $row['sl'];
$_SESSION['sub'] = 1;
incrementStat($row['id'], 'logins');
myLog('LOGIN', $row['id']);
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/main_frames.php?login=true&newscan=true&sub=1");
exit;
} else {
myLog('BADPW', getUserID($req['alias']), $req['password']);
$_SESSION['error'] = "Bad user name and/or password.";
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']));
exit;
}
}
$_SESSION['error'] = "Bad user name and/or password.";
myLog('BADPW', getUserID($req['alias']), $req['password']);
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']));
<?php
require_once 'lib/utils.php';
session_start();
authenticate();
foreach ($_POST as $name => $value) {
$req[$name] = trim(clean($value, 255));
}
if (!isset($req['motto']) or $req['motto'] == '') {
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/motto.php?badmotto=true");
exit;
}
$req['motto'] = clean($req['motto'], 255);
$sql_put_motto = "INSERT INTO mottos (motto) VALUES ('" . $req['motto'] . "')";
if (@mysql_query($sql_put_motto)) {
myLog('MOTTO', $_SESSION['id'], $req['motto']);
incrementStat($_SESSION['id'], 'mottos');
$_SESSION['success'] = "Motto added!";
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/motto.php");
exit;
} else {
$_SESSION['error'] = "Could not add motto.";
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/motto.php");
exit;
}
case LOOP:
$sql_get_tagline = "SELECT t.id FROM taglines t, users u WHERE u.last_tagline = t.id AND u.id = " . $_SESSION['id'];
$sth_get_tagline = @mysql_query($sql_get_tagline);
if ($sth_get_tagline and @mysql_num_rows($sth_get_tagline) > 0) {
$row_get_tagline = @mysql_fetch_assoc($sth_get_tagline);
$tagline = $row_get_tagline['id'];
} else {
$sql_get_tagline = "SELECT t.id FROM taglines t WHERE user_id = " . $_SESSION['id'];
if ($sth_get_tagline and @mysql_num_rows($sth_get_tagline) > 0) {
$row_get_tagline = @mysql_fetch_assoc($sth_get_tagline);
$tagline = $row_get_tagline['id'];
}
}
break;
}
if ($tagline) {
$sql_post = "INSERT INTO messages (sub_id, user_id, message, date, tag_id) VALUES (" . $_SESSION['sub'] . ", " . $_SESSION['id'] . ", '" . $message . "', NOW(), " . $tagline . " )";
} else {
$sql_post = "INSERT INTO messages (sub_id, user_id, message, date) VALUES (" . $_SESSION['sub'] . ", " . $_SESSION['id'] . ", '" . $message . "', NOW())";
}
if (@mysql_query($sql_post)) {
incrementStat($_SESSION['id'], 'posts');
myLog('POST', $_SESSION['id'], $_SESSION['sub']);
$_SESSION['success'] = "Message posted!";
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/main.php?newscan=true¤t=true&nojump=true&sub=" . $_SESSION['sub']);
exit;
} else {
$_SESSION['error'] = "Post failed.";
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/main.php?newscan=true¤t=true&nojump=true&sub=" . $_SESSION['sub']);
exit;
}
session_start();
authenticate();
foreach ($_POST as $name => $value) {
$req[$name] = trim(clean($value, 64));
}
if (isset($req['sub'])) {
$sql_insert_sub = "INSERT INTO subs (name, created_by_user_id) \n\t\t\tVALUES ('" . $req['sub'] . "', " . $_SESSION['id'] . ")";
@mysql_query($sql_insert_sub);
$sql_get_sub_id = "SELECT id FROM subs WHERE name = '" . $req['sub'] . "'";
$sth_get_sub_id = @mysql_query($sql_get_sub_id);
$row_get_sub_id = @mysql_fetch_assoc($sth_get_sub_id);
$sub_id = $row_get_sub_id['id'];
$sql_get_users = "SELECT id FROM users";
$sth_get_users = @mysql_query($sql_get_users);
$sql_insert_ptrs = "INSERT INTO pointers (user_id, sub_id) VALUES ";
while ($row_get_users = @mysql_fetch_assoc($sth_get_users)) {
$sql_insert_ptrs .= "(" . $row_get_users['id'] . "," . $sub_id . "), ";
}
$sql_insert_ptrs = rtrim($sql_insert_ptrs);
$sql_insert_ptrs = substr($sql_insert_ptrs, 0, -1);
if ($sth_insert_ptrs = @mysql_query($sql_insert_ptrs)) {
incrementStat($_SESSION['id'], 'subs');
myLog('NEWSUB', $_SESSION['id'], $req['sub']);
$_SESSION['success'] = "Sub added!";
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/addsub.php");
exit;
}
}
$_SESSION['error'] = "Could not add sub.";
header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/addsub.php");
exit;
