function db_connect($dbdata, $die = 'db connect error. please notify the administrator.') { if (is_array($dbdata) && count($dbdata) > 0 && !array_key_exists('name', $dbdata)) { // try each and every dbdata settings in array for ($i = 0; $i < count($dbdata); $i++) { if (@db_connect($dbdata[$i], false)) { return true; } } if (!empty($die)) { die($die); } return false; } else { if (array_key_exists('type', $dbdata) && $dbdata['type'] != '' && $dbdata['type'] != "mysql") { trigger_error("Unhandled server type={$dbdata['type']} (only mysql currently supported)", E_USER_WARNING); if (!empty($die)) { die($die); } return false; } if (!mysql_connect($dbdata['host'], $dbdata['user'], $dbdata['pass'])) { trigger_error("Failed to Connect to MySql Server: host={$dbdata['host']} user={$dbdata['user']} pass #" . strlen($dbdata['pass']), E_USER_WARNING); if (!empty($die)) { die($die); } return false; } if (!empty($dbdata['collation']) || !empty($dbdata['collation'])) { sqlSetCollation($dbdata['collation'], $dbdata['charset']); } if (!empty($dbdata['name'])) { if (!mysql_select_db($dbdata['name'])) { // failed to select so try to create it if (sqlRun("CREATE DATABASE `{$dbdata['name']}`")) { trigger_error("DB Created {$dbdata['name']}", E_USER_NOTICE); } else { trigger_error("Failed to Create DB {$dbdata['name']}", E_USER_WARNING); } if (!mysql_select_db($dbdata['name'])) { trigger_error("Failed to Select DB {$dbdata['name']}", E_USER_WARNING); if (!empty($die)) { die($die); } return false; } } } return true; } }
function process_login() { $username = strtolower(trim($_POST['username'])); $password = trim($_POST['password']); include _DOCROOT . '/inc/sql-core.php'; include _DOCROOT . '/html/pre-header.php'; include _DOCROOT . '/inc/functions.class.php'; include _DOCROOT . '/modules/site/site-data.php'; $fn = new Functions(); $err = false; // 1. check value fields. $existingUser = getUserByUsernameOrEmailAndPassword($username, $password); if (count($existingUser) == 0) { $err = true; $htmls['#username_err'] = "Username or email and password incorrect"; } else { $existingUser = $existingUser[0]; } if ($err) { echo json_encode(array('htmls' => $htmls)); } else { $salt = md5($username . time()); $token = md5($existingUser['email'] . $salt); $_SESSION['site_user_username'] = $username; $_SESSION['site_user_salt'] = $salt; $_SESSION['site_user_token'] = $token; if (isset($_POST['rememberme']) && $_POST['rememberme'] == 'true') { setcookie('site_user_username', $_SESSION['site_user_username'], 10 * 365 * 24 * 60 * 60, '/'); setcookie('site_user_salt', $_SESSION['site_user_salt'], 10 * 365 * 24 * 60 * 60, '/'); setcookie('site_user_token', $_SESSION['site_user_token'], 10 * 365 * 24 * 60 * 60, '/'); } $sql_t = "UPDATE signup SET salt = ?, token = ? WHERE username LIKE ?"; sqlRun($sql_t, 'sss', array($salt, $token, $username)); // exit(0); echo json_encode(array('closevbox' => true, 'redirect' => '/' . $username)); } }
function expire($id) { global $conn, $updir, $prefix; $qry = 'SELECT * FROM upload WHERE id = ' . $id; $rs = sqlite_query($conn, $qry); $row = sqlite_fetch_array($rs); if (file_exists($updir . $prefix . padNum($id) . '.' . $row['ext'])) { unlink($updir . $prefix . padNum($id) . '.' . $row['ext']); } $qry = 'UPDATE upload SET utime=0 WHERE id = ' . $id; sqlRun($qry); }