} else { $title = "Your Email Change Link!"; $getrandom = misc::genRandomString(); $datetime = gmDate('Y-m-d H:i:s'); $content = "HolySro Email Change Link : http://holysro.com/?pg=cem&uid={$getrandom} \n Get inside to change your Email \n if you didnt request it , please ignore this mail.!"; mail($email, "[HolySro Email Change] " . $title, $content . "\nEmail sent from: www.holysro.com"); core::$sql->changeDB('acc'); $ZsCheck = core::$sql->numRows("select UserID from Email_Change where UserID = '{$user}'"); if ($ZsCheck == 1) { core::$sql->exec("update Email_Change set RandomPASS ='******' ,createtime = '{$datetime}',ipaddr = '{$_SERVER['REMOTE_ADDR']}' where UserID = '{$user}'"); } else { core::$sql->exec("insert into Email_Change(UserID,RandomPASS,createtime,ipaddr) values('{$user}','{$getrandom}','{$datetime}','{$_SERVER['REMOTE_ADDR']}')"); } echo "instructions to Email Change sent to your mailbox [ {$email} ] - please check your mailbox! <br /> In case you haven't received the email from us - check your spam folder! <br /><a href='?pg=index'>Return to main page</a>"; unset($_POST['replacemail1']); misc::redirect("?pg=news", 2); } } } } else { echo 'Change your email:'; echo '<br />'; echo '<br />'; echo '<form action="" method="post">'; echo 'Your Username:'******'username']; echo '<br /><br />'; echo 'Enter your email:<br />'; echo '<input autocomplete="off" onfocus="clearText(this);" style="background: rgba(0,0,0,0.5);width:220px;border-radius: 6px 6px 6px 6px;" type="text" maxlength="32" name="email" placeholder="*****@*****.**" />'; echo '<br />'; echo '<br />'; echo '<input class="button" type="submit" name="replacemail1" value="Send Me Link To Mail" />';
$errors[] = "Password [new] too long"; } if (strlen($_POST['password_new']) < 6) { $errors[] = "Passwrod [new] too short"; } if ($_POST['password_new'] !== $_POST['password_new_confirm']) { $errors[] = "New Passwords does not match!."; } if (count($errors) > 0) { foreach ($errors as $nElement) { echo $nElement . ".<br/>"; } misc::back(); } else { //verify if (user::RestorePass($_GET['uid'], $_POST['password_new'])) { echo "Password changed successfully. <br/>"; misc::redirect('?pg=news', 1); } else { echo "Invalid old password specified.<br/>"; misc::back(); } } } else { core::$ucp->ForgotpwForm(); } } } } else { echo 'Entry is invalid.'; }
} break; case 'settings': if ($_POST['submit'] != 'Save') { echo "<table id='table-3' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t<form method='post'>\r\n\t\t\t<td>ValueName</td><td>Value</td><tr/>"; $hSettings = core::$sql->exec("select * from srcms_settings"); while ($row = mssql_fetch_array($hSettings)) { echo "<td>{$row['valueName']}</td><td><input type='text' name='{$row['valueName']}' value='{$row['value']}'></td><tr/>"; } echo "<td></td><td><input type='submit' name='submit' value='Save'></td></form></table>"; } else { foreach ($_POST as $nElement => $nElementValue) { core::$sql->exec("update srcms_settings set value='{$nElementValue}' where valueName='{$nElement}'"); } echo "Settings saved.<br/>"; misc::redirect('?pg=admin&act=settings', 1); } break; case 'epin': if (!isset($_GET['subact'])) { echo "<a href='?pg=admin&act=epin&subact=gen'><b>Generate new epin code</b></a><br/>\r\n\t\t\t\t <a href='?pg=admin&act=epin&subact=lookup'><b>Lookup codes</b></a>"; } else { switch ($_GET['subact']) { case 'gen': if (!isset($_POST['submit'])) { echo "\t<table id='table-3' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t\t\t<td>Silk amount</td>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\t\t\t\t<td><input type='text' name='silkAmount' value='10'></td>\r\n\t\t\t\t\t\t\t\t\t</table><br/>\r\n\t\t\t\t\t\t\t\t\t<input type='submit' name='submit' value='Generate new epin'>\r\n\t\t\t\t\t\t\t\t</form>"; } else { $nRandCode = rand(1000000000, 2000000000); if (core::$sql->numRows("select * from srcms_epin where code='{$nRandCode}'") == 0) { $nSilk = (int) $_POST['silkAmount']; core::$sql->exec("insert into srcms_epin(code,silkAmount) values('{$nRandCode}','{$nSilk}')");
if (!isset($_POST['code']) && !isset($_POST['sure'])) { echo "<table id='table-3' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t\t\t\t<td><input type='text' name='code' value='type your EPIN code here'></td><tr/>\r\n\t\t\t\t\t\t\t\t\t\t<td><center><input type='submit' name='submit' value='Use'></center></td>\r\n\t\t\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t\t\t\t</table>"; } else { $nCodeNumber = (int) $_POST['code']; if (core::$sql->numRows("select * from srcms_epin where code='{$nCodeNumber}'") > 0) { $aPinData = core::$sql->exec("select * from srcms_epin where code='{$nCodeNumber}'"); $aPinData = mssql_fetch_array($aPinData); if (!isset($_POST['sure'])) { echo "Do you really want to use this code ? It will give you [{$aPinData['silkAmount']}] silk.<br/>\r\n\t\t\t\t\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t\t\t\t\t<input type='hidden' name='code' value='{$nCodeNumber}'>\r\n\t\t\t\t\t\t\t\t\t\t\t<input type='submit' name='sure' value='Yes'>\r\n\t\t\t\t\t\t\t\t\t\t\t</form><br/>"; misc::back(); } else { core::$sql->exec("update SK_Silk set silk_own=(silk_own + {$aPinData['silkAmount']}) where JID='" . user::accountJIDbyUsername($_SESSION['username']) . "'"); //delete used code core::$sql->exec("delete from srcms_epin where code='{$nCodeNumber}'"); echo "You got your [{$aPinData['silkAmount']}] silk."; misc::redirect('?pg=ucp&act=epin', 1); } } else { echo "Invalid EPIN code ! Please, try again.<br/>"; misc::back(); } } } break; default: echo "Invalid module name specified.<br/>"; break; } } } else { echo "You are not logged in ! <br/>";
echo "<a href='?pg=news&comment={$nID}&page={$a}'>{$a}</a> "; $a++; $nPages++; } } if ($_GET['page'] < $nPages) { echo "<a class='pageblue' href='?pg=news&comment={$nID}&page=" . ($_GET['page'] + 1) . "'>></a>"; } if (isset($_SESSION['username'])) { if (!isset($_POST['submit'])) { echo " \r\n\t\t\t\t\t<br/>\r\n\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t<textarea id = 'commentTextBox' name='commentText' rows='5' cols='100'>Type your message here</textarea><br/>\r\n\t\t\t\t\t\t\t<input type='submit' name='submit' value='Submit'>\r\n\t\t\t\t\t\t</form>\r\n\t\t\t\t<script>CKEDITOR.replace( 'commentText' );</script>\r\n\t\t\t\t\t "; } else { //$cleanText = misc::applyAttributesToText($_POST['commentText']); $cleanText = stripslashes(security::toHTML($_POST['commentText'])); if (strlen($cleanText) < $core->aConfig['minNewsCommentLen'] || strlen($cleanText) > $core->aConfig['maxNewsCommentLen']) { echo "<br/>Your message is too short or too long. It has to be at least <b>" . $core->aConfig['minNewsCommentLen'] . "</b> \r\n\t\t\t\t\tsymbols long, your one is just <b>" . strlen($cleanText) . "</b> symbols long. Max length is " . $core->aConfig['maxNewsCommentLen'] . ".<br/>"; misc::back(); } else { $datetime = misc::getDateTime(); core::$sql->exec("insert into srcms_newscomments(newsID, author, text, time) values('{$nID}','{$_SESSION['username']}', '{$cleanText}', '{$datetime}')"); echo "<br/><br/><b>Your comment has been successfully added</b>"; misc::redirect("?pg=news&comment={$nID}", 1); } } } else { echo "<br/><br/>You must be logged in to post comments"; } } else { echo "<br/>You can't comment news article that doesn't exist."; } }
<?php global $core; echo "Redirecting..."; misc::redirect($core->aConfig['forumLink'], 2);
public static function sendWebPrivMsg($to, $from, $title, $text) { global $core; $msgTitle = security::toHTML($title); $msgText = security::toHTML($text); $senderJID = user::accountJIDbyUsername($from); $receiverJID = user::accountJIDbyUsername($to); if ($senderJID != $receiverJID) { if (core::$sql->numRows("select * from srcms_privatemessages where receiver='{$receiverJID}'") >= $core->aConfig['maxPrivMsg']) { echo "Receiver inbox is full.<br/>"; } else { if (strlen($msgTitle) < $core->aConfig['minPrivMsgTitleLen'] || strlen($msgTitle) > $core->aConfig['maxPrivMsgTitleLen'] || strlen($msgText) < $core->aConfig['minPrivMsgBodyLen'] || strlen($msgText) > $core->aConfig['maxPrivMsgBodyLen']) { echo "Message text, or title is too long or too short. Minimum title length is " . $core->aConfig['minPrivMsgTitleLen'] . " and " . $core->aConfig['maxPrivMsgTitleLen'] . "symbols\r\n\t\t\t\t\t\t\t\tmaximum. Message content minimum length is " . $core->aConfig['minPrivMsgBodyLen'] . " and " . $core->aConfig['maxPrivMsgBodyLen'] . " symbols maximum.<br/>"; misc::back(); } else { $datetime = misc::getDateTime(); core::$sql->exec("insert into srcms_privatemessages(sender,receiver, title, msg, viewed, time) values('{$senderJID}', '{$receiverJID}', '{$msgTitle}', '{$msgText}', '0', '{$datetime}')"); echo "<br/>Message sent.<br/>"; misc::redirect("?pg=ucp&act=mailbox", 2); } } } else { echo "You can't send message to yourself.<br/>"; misc::back(); } }