if (empty($confirm_code)) {
$smarty->assign('no_code', true);
$smarty->display('confirm.tpl');
} else {
if (!empty($_POST['submit'])) {
if (empty($username)) {
$smarty->assign('empty_user', true);
$smarty->display('confirm.tpl');
} else {
$db = connect_to_db();
if (!select_p($db, 'select username from user where username = ?', array($username), 'getOne')) {
$smarty->assign('username', stripslashes($username));
$smarty->assign('incorrect_user', true);
$smarty->display('confirm.tpl');
} else {
$real_code = select_p($db, 'select code from user_confirm where username = ?', array($username), 'getOne');
if (!$real_code) {
$smarty->assign('already', true);
$smarty->display('confirm.tpl');
} else {
if ($confirm_code == $real_code) {
query_p($db, 'delete from user_confirm where username = ?', array($username));
query_p($db, 'update user set registered = 1 where username = ?', array($username));
$smarty->assign('username', stripslashes($username));
$smarty->assign('success', true);
$smarty->display('confirm.tpl');
} else {
$smarty->assign('username', stripslashes($username));
$smarty->assign('incorrect_code', true);
$smarty->display('confirm.tpl');
}
<?php
/** main page */
include 'includes/wc.main.inc.php';
$db = connect_to_db();
if ($signed_in) {
$who_you_want = select_p($db, "select crushee_id, (select name from wes_users where username = (select username from user where user_id = crushee_id)) as name from crushes where crusher_id = ?", array($signed_in_id), 'getAll');
$who_want_you = select_p($db, "select crusher_id, crusher_alias from crushes where crushee_id = ?", array($signed_in_id), 'getAll');
for ($i = 0; $i < count($who_you_want); $i++) {
$crushee_id = $who_you_want[$i]['crushee_id'];
$match = select_p($db, "select count(*) from crushes where crusher_id = ? and crushee_id = ?", array($crushee_id, $signed_in_id), 'getOne');
$who_you_want[$i]['match'] = $match;
}
for ($i = 0; $i < count($who_want_you); $i++) {
$crusher_id = $who_want_you[$i]['crusher_id'];
$match = select_p($db, "select count(*) from crushes where crusher_id = ? and crushee_id = ?", array($signed_in_id, $crusher_id), 'getOne');
// the big reveal... don't f**k up this code
if ($match) {
$name = select_p($db, "select name from wes_users where username = (select username from user where user_id = ?)", array($crusher_id), 'getOne');
$who_want_you[$i]['name'] = $name;
}
$who_want_you[$i]['match'] = $match;
}
$smarty->assign('who_you_want', $who_you_want);
$smarty->assign('who_want_you', $who_want_you);
$quote = select_p($db, "select * from quotes order by rand() limit 1", array(), 'getRow');
$smarty->assign('quote', $quote['quote']);
$smarty->assign('quoted', $quote['quoted']);
}
$smarty->display('index.tpl');
close_db($db);
if ($they_like_you) {
$to_name = select_p($db, 'select crusher_alias from crushes where crusher_id = ? and crushee_id = ?', array($to_id, $signed_in_id), 'getOne');
}
}
if ($you_like_them && $they_like_you) {
$from_name = $signed_in_name;
} else {
if ($they_like_you) {
$from_name = select_p($db, 'select name from wes_users where username = (select username from user where user_id = ?)', array($signed_in_id), 'getOne');
} else {
if ($you_like_them) {
$from_name = select_p($db, 'select crusher_alias from crushes where crusher_id = ? and crushee_id = ?', array($signed_in_id, $to_id), 'getOne');
}
}
}
$to_username = select_p($db, 'select username from wes_users where username = (select username from user where user_id = ?)', array($to_id), 'getOne');
/** start e-mail */
if ($message_body) {
require_once "/home/syn/swift/swift_required.php";
$transport = Swift_MailTransport::newInstance();
$mailer = Swift_Mailer::newInstance($transport);
$message = Swift_Message::newInstance()->setSubject("Wescam - {$from_name} has messaged you")->setFrom(array('*****@*****.**' => 'Wescam'))->setTo(array("{$to_username}@wesleyan.edu"))->setBody("{$from_name} sent you the following message. Sign in to respond!\n-----------\n\n{$message_body}\n\n-----------\nhttp://cam.weshub.com/");
$result = $mailer->send($message);
$smarty->assign('sent_message', true);
}
/** end e-mail */
}
close_db($db);
$smarty->assign('to_id', $to_id);
$smarty->assign('to_name', $to_name);
$smarty->assign('errors', $errors);
<?php
include 'includes/wc.main.inc.php';
$stats_file = '../../private/stats.txt';
$diff = time() - filemtime($stats_file);
if ($diff > 60 * 60) {
$db = connect_to_db();
$students_registered = select_p($db, 'select count(*) from user where registered = 1', array(), 'getOne');
$students_added = select_p($db, 'select count(distinct crushee_id) from crushes', array(), 'getOne');
$matches_made = select_p($db, 'select count(c1.crusher_id) from crushes c1, crushes c2 where c1.crusher_id = c2.crushee_id and c1.crushee_id = c2.crusher_id', array(), 'getOne');
close_db($db);
$stats = "{$students_registered},{$students_added},{$matches_made}";
$fh = fopen($stats_file, 'w');
fwrite($fh, $stats);
fclose($fh);
} else {
$fh = fopen($stats_file, 'r');
$stats = fread($fh, filesize($stats_file));
fclose($fh);
$stats = explode(',', $stats);
$students_registered = $stats[0];
$students_added = $stats[1];
$matches_made = $stats[2];
}
query_p($db, "insert into user (username, password, registered) values (?,'hashed',0)", array($crushee));
}
do {
$adjective = ucfirst(select_p($db, "select word from words where type = 'adjective' order by rand() limit 1", array(), 'getOne'));
$noun = ucfirst(select_p($db, "select word from words where type = 'noun' order by rand() limit 1", array(), 'getOne'));
$num = rand(1, select_p($db, "select count(*) from wes_users", array(), 'getOne'));
$crusher_alias = "{$adjective} {$noun} {$num}";
$already = select_p($db, 'select crusher_alias from crushes where crusher_alias = ?', array($crusher_alias), 'getOne');
} while ($already);
$crushee_id = select_p($db, 'select user_id from user where username = ?', array($crushee), 'getOne');
query_p($db, 'insert into crushes (crusher_id, crusher_alias, crushee_id) values (?,?,?)', array($signed_in_id, $crusher_alias, $crushee_id));
/** send e-mail */
$they_like_you = select_p($db, 'select * from crushes where crusher_id = ? and crushee_id = ?', array($crushee_id, $signed_in_id), 'getOne');
$successful_match = false;
if ($they_like_you) {
$successful_match = select_p($db, 'select user_id from user where username = ?', array($crushee), 'getOne');
$email_subject = "Wescam - {$signed_in_name} likes you, too!";
$email_body = "Wow... I mean, we always thought Wescam was a great idea, but we never thought it would actually, you know, *work*!. From everyone at Wescam, congrats!\n\n-Wescam";
} else {
$email_subject = "Wescam - Someone on campus has added you";
$email_body = "Wescam 2010 is a site developed by Wesleyan students for seniors on campus interested in meeting up and someone has added you! Sign in below to learn more!\n\nhttp://cam.weshub.com/";
}
require_once "/home/syn/swift/swift_required.php";
$transport = Swift_MailTransport::newInstance();
$mailer = Swift_Mailer::newInstance($transport);
$message = Swift_Message::newInstance()->setSubject($email_subject)->setFrom(array('*****@*****.**' => 'Wescam'))->setTo(array("{$crushee}@wesleyan.edu"))->setBody($email_body);
$mailer->send($message);
/** end e-mail */
$return = array('name' => "{$name}", 'successful_match' => $successful_match, 'error' => false);
}
}
}
}
close_db($db);
if (empty($password)) {
$errors['password'] = '******';
} else {
if (strlen($password) > 32) {
$errors['password'] = '******';
}
}
if (!empty($errors)) {
$smarty->assign('username', stripslashes($username));
$smarty->assign('errors', $errors);
$smarty->display('login.tpl');
} else {
$db = connect_to_db();
$db_pass = select_p($db, 'select password from user where username = ?', array($username), 'getOne');
if (generateHash($password, $db_pass) != $db_pass) {
$errors['username'] = '******';
$smarty->assign('username', stripslashes($username));
$smarty->assign('errors', $errors);
$smarty->display('login.tpl');
} else {
$_SESSION['signed_in'] = stripslashes($username);
$_SESSION['signed_in_id'] = select_p($db, 'select user_id from user where username = ?', array($username), 'getOne');
$_SESSION['signed_in_name'] = select_p($db, 'select name from wes_users where username = ?', array($username), 'getOne');
$_SESSION['signed_in_division'] = select_p($db, 'select division from wes_users where username = ?', array($username), 'getOne');
header('Location: ' . SITE);
}
}
}
$db = connect_to_db();
if (count(select_p($db, "select * from user_confirm where username = ?", array($username), 'getAll')) > 0) {
$errors['username'] = '******';
displayWithErrors($errors);
} else {
if (count(select_p($db, "select * from user where username = ? and registered = 1", array($username), 'getAll')) > 0) {
$errors['username'] = '******';
displayWithErrors($errors);
} else {
if (!preg_match('/[0-9][0-9][0-9][0-9]/', select_p($db, 'select division from wes_users where username = ?', array($username), 'getOne'))) {
$errors['username'] = '******';
displayWithErrors($errors);
} else {
$password = generateHash($password);
$code = randomString();
$has_dummy_account = select_p($db, "select * from user where username = ? and registered = 0", array($username), 'getOne');
query_p($db, 'start transaction');
if ($has_dummy_account) {
query_p($db, 'update user set password = ? where username = ?', array($password, $username));
} else {
query_p($db, 'insert into user (username, password, registered) values (?,?,0)', array($username, $password));
}
query_p($db, 'insert into user_confirm (username, code) values (?,?)', array($username, $code));
query_p($db, 'commit');
/** start e-mail */
require_once "/home/syn/swift/swift_required.php";
$transport = Swift_MailTransport::newInstance();
$mailer = Swift_Mailer::newInstance($transport);
$message = Swift_Message::newInstance()->setSubject("Wescam Confirmation - You did it!")->setFrom(array('*****@*****.**' => 'Wescam'))->setTo(array("{$username}@wesleyan.edu"))->setBody("You're almost there! Just click on the link below!\n\nhttp://cam.weshub.com/confirm/{$code}/");
$result = $mailer->send($message);
/** end e-mail */
