$conf->query(mysqli_query($db, "SELECT * FROM `" . TB_CONF . "` WHERE `id`='1'")); $user = new user($db); $user->sessionName('login', 'password'); $obj = new glowna($db); $theme = $conf->pobierz("theme"); $lang = 'lt'; $contentFileName = 'themes/' . $theme . '/content_' . $lang . '.ini'; $content = new Content($contentFileName, $lang); if ($user->verifyLogin()) { $tentego_glowna = mysqli_num_rows(mysqli_query($db, "SELECT * FROM `{$img_table}` WHERE `is_waiting`='0' AND `author`='" . $user->userInfo('id') . "'")); $tentego_poczekalnia = mysqli_num_rows(mysqli_query($db, "SELECT * FROM `{$img_table}` WHERE `is_waiting`='1' AND `author`='" . $user->userInfo('id') . "'")); $tentego_last_uploaded = mysqli_fetch_array(mysqli_query($db, "SELECT * FROM `{$img_table}` WHERE `author`='" . $user->userInfo('id') . "' ORDER BY `id` DESC")); if (isset($_POST['zmien'])) { $info = NULL; if (empty($_POST['stare_haslo']) || empty($_POST['nowe_haslo'])) { $info = $content->getValue("global", "niewypelniono") . "</span>"; } else { $old_pass = md5($_POST['stare_haslo']); if (!mysqli_num_rows(mysqli_query($db, "SELECT * FROM `user` WHERE `login`='" . $user->userInfo('login') . "' and `haslo`='" . $old_pass . "'"))) { $info = $content->getValue("profil", "zleHaslo"); } else { $new_pass = md5($_POST['nowe_haslo']); $user_login = $user->userInfo('login'); if (!mysqli_query($db, "UPDATE `user` SET `haslo` = '" . $new_pass . "' WHERE `login`='" . $user_login . "';")) { $info = $content->getValue("profil", "nieudalosie"); } else { $user->sessionRelog($user_login, $_POST['nowe_haslo']); $info = $content->getValue("profil", "zminiono"); } } }
require_once 'include/module/Content.class.php'; require_once 'include/module/dett.php'; $conf = new conf(); $conf->query(mysqli_query($db, "SELECT * FROM `" . TB_CONF . "` WHERE `id`='1'")); $user = new user($db); $user->sessionName('login', 'password'); $obj = new glowna($db); $theme = $conf->pobierz("theme"); $lang = 'lt'; $contentFileName = 'themes/' . $theme . '/content_' . $lang . '.ini'; $content = new Content($contentFileName, $lang); if (isset($_POST['submit_tresc'])) { if (($error = $obj->genericValidation($_POST)) != 0) { switch ($error) { case 1: echo '<b>' . $content->getValue("dodaj", "niewypelniono") . '</b><br/><a href="dodaj.php">« ' . $content->getValue("global", "powrot") . '</a>'; exit; break; } } $tresc = @htmlspecialchars(mysqli_real_escape_string($db, $_POST['tresc'])); $tytul = @htmlspecialchars(mysqli_real_escape_string($db, $_POST['tytul'])); $zrodlo = @htmlspecialchars(mysqli_real_escape_string($db, $_POST['zrodlo'])); $autor = $user->userInfo("id"); $data = date('Y-m-d H:i:s'); $image = new SimpleImage(); switch ($_POST['type']) { case 'tekst': if (!$image->create($tresc)) { echo '<b>' . $content->getValue("dodaj", "zadlugiText") . '</b><br/><a href="dodaj.php">« ' . $content->getValue("global", "powrot") . '</a>'; exit;
require_once 'include/module/user.class.php'; require_once 'include/module/Content.class.php'; require_once 'include/module/dett.php'; $conf = new conf(); $conf->query(mysqli_query($db, "SELECT * FROM `" . TB_CONF . "` WHERE `id`='1'")); $obj = new glowna($db); $user = new user($db); $user->sessionName('login', 'password'); $theme = $conf->pobierz("theme"); $lang = 'lt'; $contentFileName = 'themes/' . $theme . '/content_' . $lang . '.ini'; $content = new Content($contentFileName, $lang); if (isset($_POST['submit'])) { $info = NULL; if (!$_POST['login'] || !$_POST['password'] || !$_POST['password2'] || !$_POST['email']) { $info = $content->getValue("global", "niewypelniono") . '<br/><a href="rejestracja.php">' . $content->getValue("global", "powrot") . ' « </a>'; } else { if ($_SESSION['security_code'] == $_POST['security_code']) { if (isset($_POST['regulamin'])) { if ($_POST['password'] == $_POST['password2']) { $account = htmlspecialchars(mysqli_real_escape_string($db, $_POST['login'])); $password = md5($_POST['password']); $email = htmlspecialchars(mysqli_real_escape_string($db, $_POST['email'])); if ($conf->pobierz('req_code')) { $code = rand(10000000, 99999999); } else { $code = 0; } $is_exists = mysqli_num_rows(mysqli_query($db, "SELECT * FROM `user` WHERE login = '******'")); if ($is_exists == 0) { $to = $email;
require_once 'include/module/index.class.php'; require_once 'include/module/dett.php'; $conf = new conf(); $conf->query(mysqli_query($db, "SELECT * FROM `" . TB_CONF . "` WHERE `id`='1'")); $user = new user($db); $user->sessionName('login', 'password'); $obj = new glowna($db); $theme = $conf->pobierz("theme"); $lang = 'lt'; $contentFileName = 'themes/' . $theme . '/content_' . $lang . '.ini'; $content = new Content($contentFileName, $lang); $info = NULL; if (isset($_GET['code']) && is_numeric($_GET['code'])) { $_GET['code'] = mysql_escape_string($_GET['code']); if (mysqli_query($db, "UPDATE `user` SET `code`='0' WHERE code='" . $_GET['code'] . "'")) { $info = $content->getValue("aktywacja", "aktywowane") . '<a href="login.php">' . $content->getValue("global", "loguj") . '</a>'; } else { $info = $content->getValue("aktywacja", "niepowiodlosie"); } } else { header("LOCATION:index.php"); } require_once 'themes/' . $theme . '/header.php'; //LOAD header echo '<div id="content" class="background">'; require_once 'themes/' . $theme . '/activate.php'; //LOAD content echo '</div>'; require_once 'themes/' . $theme . '/footer.php'; //LOAD footer ob_end_flush();
require_once 'include/module/dett.php'; $conf = new conf(); $conf->query(mysqli_query($db, "SELECT * FROM `" . TB_CONF . "` WHERE `id`='1'")); $user = new user($db); $user->sessionName('login', 'password'); $obj = new glowna($db); $theme = $conf->pobierz("theme"); $lang = 'lt'; $contentFileName = 'themes/' . $theme . '/content_' . $lang . '.ini'; $content = new Content($contentFileName, $lang); if (isset($_POST['submit'])) { if (!empty($_POST['tresc']) && !empty($_POST['imie']) && !empty($_POST['email'])) { $message = "Wysłał: " . clean($_POST['imie']) . "\ne-mail: " . clean($_POST['email']) . "\n\n----------Treść wiadomości----------\n\n" . clean($_POST['tresc']); $header = "From: " . clean($_POST['imie']) . " <" . clean($_POST['email']) . ">"; if (!@mail($conf->pobierz("email"), "Wiadomosc z " . $conf->pobierz("tytul"), $message, $header)) { $info = $content->getValue("kontakt", "kontakt"); } else { $info = "<div align=\"center\"><strong>" . $content->getValue("kontakt", "wyslano") . "</strong></div>"; } } else { $info = $content->getValue("global", "niewypelniono"); } $info .= '<br/><a href="kontakt.php">« ' . $content->getValue("global", "powrot") . '</a>'; } function clean($str) { $injections = array('/(\\n+)/i', '/(\\r+)/i', '/(\\t+)/i', '/(%0A+)/i', '/(%0D+)/i', '/(%08+)/i', '/(%09+)/i'); $str = preg_replace($injections, '', $str); return $str; } require_once 'themes/' . $theme . '/header.php';