/**
* reminder post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Reminder
* @author Henry Ruhs
*/
function reminder_post()
{
$emailValidator = new Redaxscript\Validator\Email();
$captchaValidator = new Redaxscript\Validator\Captcha();
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/reminder'] == 'visited') {
$email = clean($_POST['email'], 3);
$task = $_POST['task'];
$solution = $_POST['solution'];
}
/* validate post */
if ($email == '') {
$error = l('email_empty');
} else {
if ($emailValidator->validate($email) == Redaxscript\Validator\Validator::FAILED) {
$error = l('email_incorrect');
} else {
if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\Validator::FAILED) {
$error = l('captcha_incorrect');
} else {
if (retrieve('id', 'users', 'email', $email) == '') {
$error = l('email_unknown');
} else {
/* query users */
$query = 'SELECT id, user, password FROM ' . PREFIX . 'users WHERE email = \'' . $email . '\' && status = 1';
$result = mysql_query($query);
if ($result) {
while ($r = mysql_fetch_assoc($result)) {
if ($r) {
foreach ($r as $key => $value) {
${$key} = stripslashes($value);
}
}
/* send reminder information */
$passwordResetRoute = ROOT . '/' . REWRITE_ROUTE . 'password_reset/' . $id . '/' . $password;
$passwordResetLink = anchor_element('external', '', '', $passwordResetRoute, $passwordResetRoute);
$toArray = array(s('author') => s('email'));
$fromArray = array($name => $email);
$subject = l('reminder');
$bodyArray = array('<strong>' . l('user') . l('colon') . '</strong> ' . $user, '<br />', '<strong>' . l('password_reset') . l('colon') . '</strong> ' . $passwordResetLink);
/* mailer object */
$mailer = new Redaxscript\Mailer($toArray, $fromArray, $subject, $bodyArray);
$mailer->send();
}
}
}
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
notification(l('error_occurred'), $error, l('back'), 'reminder');
} else {
notification(l('operation_completed'), l('reminder_sent'), l('login'), 'login');
}
$_SESSION[ROOT . '/reminder'] = '';
}
/**
* Return checkbox link
*
* @access public
* @param string $link
* @param boolean $checked
* @param string $hint
* @return string
*/
function checkbox_link($link, $checked = false, $hint = null)
{
$title_attribute = is_null($hint) ? '' : 'title="' . clean($hint) . '"';
$icon_url = $checked ? icon_url('checked.jpg') : icon_url('not-checked.jpg');
return "<a class=\"internalLink\" href=\"{$link}\" {$title_attribute}><img src=\"{$icon_url}\" alt=\"\" /></a>";
//return "<a class=\"checkboxLink\" href=\"$link\" $title_attribute onclick=\"og.openLink(this.href);\"><img src=\"$icon_url\" alt=\"\" /></a>";
}
function clean($str = '', $html = false)
{
if (empty($str)) {
return;
}
if (is_array($str)) {
foreach ($str as $key => $value) {
$str[$key] = clean($value, $html);
}
} else {
if (get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
if (is_array($html)) {
$str = strip_tags($str, implode('', $html));
} elseif (preg_match('|<([a-z]+)>|i', $html)) {
$str = strip_tags($str, $html);
} elseif ($html !== true) {
$str = strip_tags($str);
}
$str = trim($str);
$str = str_replace(".", "", $str);
$str = str_replace("/", "", $str);
}
return $str;
}
/**
* Display user name with a link to users profile
*
* - user - User - We create link for this User
* - short - boolean - Use short display name
*
* @param array $params
* @param Smarty $smarty
* @return string
*/
function smarty_function_user_link($params, &$smarty)
{
static $cache = array();
$user = array_var($params, 'user');
$short = array_var($params, 'short', false);
// User instance
if (instance_of($user, 'User')) {
if (!isset($cache[$user->getId()])) {
//BOF:mod 20121030
/*
//EOF:mod 20121030
$cache[$user->getId()] = '<a href="' . $user->getViewUrl() . '" class="user_link">' . clean($user->getDisplayName($short)) . '</a>';
//BOF:mod 20121030
*/
$cache[$user->getId()] = '<a href="' . $user->getViewUrl() . '" class="user_link">' . clean($user->getDisplayName()) . '</a>';
//EOF:mod 20121030
}
// if
return $cache[$user->getId()];
// AnonymousUser instance
} elseif (instance_of($user, 'AnonymousUser') && trim($user->getName()) && is_valid_email($user->getEmail())) {
return '<a href="mailto:' . $user->getEmail() . '" class="anonymous_user_link">' . clean($user->getName()) . '</a>';
// Unknown user
} else {
return '<span class="unknow_user_link unknown_object_link">' . clean(lang('Unknown user')) . '</span>';
}
// if
}
/**
* Returns the searched words placed in a context, already cleaned and formatted in HTML
*
* @param $content The content where the words were found
* @param $search_for The searched words
* @return String
*/
function getContext($content, $search_for)
{
$context = '';
$context_length = 80;
$content_lc = strtolower($content);
$search_for_lc = strtolower($search_for);
$pos = strpos($content_lc, $search_for_lc);
if ($pos !== false) {
$beginning = substr($content, 0, $pos);
//Get the beginning of the context
if (strlen($beginning) > $context_length) {
$short_beginning = substr($beginning, strlen($beginning) - $context_length);
// Shorten the part
$beginning = '…' . clean(substr($short_beginning, strpos($short_beginning, ' ') + 1));
// Do not cut words in half
} else {
$beginning = clean($beginning);
}
// Get the word searched for
$middle = clean(substr($content, $pos, strlen($search_for)));
//Get the end part of the context
$ending = substr($content, $pos + strlen($search_for));
if (strlen($ending) > $context_length) {
$short_ending = substr($ending, 0, $context_length);
$ending = clean(substr($short_ending, 0, strrpos($short_ending, ' '))) . '…';
} else {
$ending = clean($ending);
}
//Form the sentence
$context = $beginning . '<b>' . $middle . '</b>' . $ending;
}
return $context;
}
function post($nickname, $message)
{
global $prefs;
if ($this->banned(ip())) {
return false;
}
if (!$this->validate($message, $prefs['messageLength'])) {
return false;
}
if (!$this->validate($nickname, $prefs['nicknameLength'])) {
return false;
}
$message = trim(clean($message));
$nickname = trim(clean($nickname));
if ($message == '') {
return false;
}
if ($nickname == '') {
return false;
}
$timestamp = ts();
$message = $this->censor($message);
$nickname = $this->censor($nickname);
$post = array('nickname' => $nickname, 'message' => $message, 'timestamp' => $timestamp, 'admin' => $this->admin, 'uid' => md5($timestamp . ' ' . $nickname), 'adminInfo' => array('ip' => ip()));
$s = $this->storage->open(true);
$s['posts'][] = $post;
if (sizeof($s['posts']) > $prefs['history']) {
$this->truncate($s['posts']);
}
$s['info']['latestTimestamp'] = $post['timestamp'];
$this->storage->close($s);
$this->postProcess($post);
return $post;
}
function post($POST)
{
foreach ($POST as $key => $value) {
$post2[$key] = clean($value);
}
return $post2;
}
/**
* This function will return clean variable info
*
* @param mixed $var
* @param string $indent Indent is used when dumping arrays recursivly
* @param string $indent_close_bracet Indent close bracket param is used
* internally for array output. It is shorter that var indent for 2 spaces
* @return null
*/
function clean_var_info($var, $indent = ' ', $indent_close_bracet = '')
{
if (is_object($var)) {
return 'Object (class: ' . get_class($var) . ')';
} elseif (is_resource($var)) {
return 'Resource (type: ' . get_resource_type($var) . ')';
} elseif (is_array($var)) {
$result = 'Array (';
if (count($var)) {
foreach ($var as $k => $v) {
$k_for_display = is_integer($k) ? $k : "'" . clean($k) . "'";
$result .= "\n" . $indent . '[' . $k_for_display . '] => ' . clean_var_info($v, $indent . ' ', $indent_close_bracet . $indent);
}
// foreach
}
// if
return $result . "\n{$indent_close_bracet})";
} elseif (is_int($var)) {
return '(int)' . $var;
} elseif (is_float($var)) {
return '(float)' . $var;
} elseif (is_bool($var)) {
return $var ? 'true' : 'false';
} elseif (is_null($var)) {
return 'NULL';
} else {
return "(string) '" . clean($var) . "'";
}
// if
}
public function CREATE($PARAM, $MODENEWS)
{
$this->AR['LOG']->LSET("NEWSClass: CREATE(..., " . $MODENEWS . ")");
$FULL = clean($this->AR, $PARAM['FULL'], "I");
// Id for full news
$CAT = clean($this->AR, $PARAM['CAT'], "I");
// All news by cat id
$CUR_PAGE = clean($this->AR, $PARAM['PAGE'], "I");
// Текущая страница
if ($MODENEWS == 0) {
// Index template
$this->TPLm = $this->AR['TPL']->TPLF['NEWS'];
preg_match("/\\[_ifindex\\](.*?)\\[_ifindex\\]/s", $this->TPLm, $CUT_INDEX);
$this->TPLm = preg_replace("/\\[_ifnews\\].*?\\[_ifnews\\]/s", $CUT_INDEX[1], $this->TPLm);
}
if ($MODENEWS == 1) {
// Admin template for allnews out
$this->TPLm = $this->AR['TPL']->TPLF['NEWS'];
preg_match("/\\[_ifadmin\\](.*?)\\[_ifadmin\\]/s", $this->TPLm, $CUT_INDEX);
$this->TPLm = preg_replace("/\\[_ifnews\\].*?\\[_ifnews\\]/s", $CUT_INDEX[1], $this->TPLm);
}
$STNEWS = $this->paginationcomposer($FULL, $CAT, $CUR_PAGE);
$NWSRAW = API_NEWS_GET($this->AR, $FULL, $CAT, $STNEWS, $this->CONF['NEWS_PERPAGE']);
if ($NWSRAW) {
while ($R_NEWS = $this->AR['DB']->FETCHARRAY($NWSRAW)) {
$this->ONEWS .= $this->composenws($R_NEWS, $FULL, $CAT);
}
} else {
// Новостей нет
$this->AR['MSG']->SHOW($this->AR['LNG']->LP['w_nonews'], "W");
}
}
private function navLabel($node)
{
$nodetype = $node->has('nodetype_name') ? $node->get('nodetype_name') : $node->getNodetype()->displayField();
$icon = $node->has('nodetype_icon') ? $node->get('nodetype_icon') : $node->getNodetype()->getIcon();
$label = '<span class="badge-icon" title="' . esc($nodetype) . '"><i class="' . $icon . '"></i></span>';
return $label . ' <span class="title">' . clean($node->getTitle()) . '</span>';
}
/**
* Render object tags
*
* Parameters:
*
* - object - Selected object
* - project - Selected project, if not present we'll get it from
* $object->getProject()
*
* @param array $params
* @param Smarty $smarty
* @return string
*/
function smarty_function_object_tags($params, &$smarty)
{
$object = array_var($params, 'object');
if (!instance_of($object, 'ProjectObject')) {
return new InvalidParamError('object', $object, '$object is expected to be an instance of ProjectObject class', true);
}
// if
$project = array_var($params, 'project');
if (!instance_of($project, 'Project')) {
$project = $object->getProject();
}
// if
if (!instance_of($project, 'Project')) {
return new InvalidParamError('project', $project, '$project is expected to be an instance of Project class', true);
}
// if
$tags = $object->getTags();
if (is_foreachable($tags)) {
$prepared = array();
foreach ($tags as $tag) {
if (trim($tag)) {
$prepared[] = '<a href="' . Tags::getTagUrl($tag, $project) . '">' . clean($tag) . '</a>';
}
// if
}
// if
return implode(', ', $prepared);
} else {
return '<span class="no_tags">' . lang('-- No tags --') . '</span>';
}
// if
}
/**
* @param int $id
* @param String $username
* @param String $email
*/
function __construct($id, $username, $email, $con)
{
global $table_prefix;
$this->id = $id;
$this->username = $username;
$this->email = $email;
if ($this->id > 0) {
$result = mysql_query("SELECT * FROM {$table_prefix}users WHERE ID={$this->id} LIMIT 1", $con);
$row = mysql_fetch_array($result);
if ($row["ID"] > 0) {
$this->posts = intval($row["Posts"]);
$this->moderate = unserialize($row["Moderate"]);
if (!is_array($this->moderate)) {
$this->moderate = array();
}
$this->unreadPosts = unserialize($row["Unread"]);
if (!is_array($this->unreadPosts)) {
$this->unreadPosts = array();
}
$this->watching = unserialize($row["Watching"]);
if (!is_array($this->watching)) {
$this->watching = array();
}
$this->privacy = $row["Privacy"];
$this->signature = clean(str_replace("\\r\\n", "", $row["Signature"]));
}
$this->save($con);
}
}
function bugInfo($argv)
{
global $BUG_OBJECT;
global $USER_OBJECT;
$argc = sizeof($argv[1]);
if ($argc >= 1) {
$BUG_OBJECT->getAllByPK(clean($argv[1]));
$bug = $BUG_OBJECT->getNext();
if (isset($bug['bID'])) {
$USER_OBJECT->getAllByPK($bug['reporter']);
$reporter = $USER_OBJECT->getNext();
$USER_OBJECT->getAllByPK($bug['owner']);
$owner = $USER_OBJECT->getNext();
echo "Title: " . $bug['title'] . "\n";
echo "This bug was reported by " . $reporter['real_name'] . " ( " . $reporter['username'] . " )\n";
if (isset($owner['uID'])) {
echo $owner['real_name'] . " is working on this\n";
} else {
echo "This bug has no owner\n";
}
} else {
echo "Whoh there champ. That's not a real bug!";
}
} else {
echo "Read the man page!";
}
}
public function setup($db)
{
mb_internal_encoding('UTF-8');
mb_http_output('UTF-8');
mb_http_input('UTF-8');
foreach ($this->tables as $what) {
$this->format($what);
}
$mysql = $db->get_mysql();
echo '<pre>';
echo '<h2>luontikäskyt</h2>';
mysqli_query($mysql->connection(), "SET NAMES 'utf8'") or die(mysqli_error($mysql->connection()));
foreach ($this->tables as $value) {
$table = $mysql->etuliite . $value;
$query = "CREATE TABLE IF NOT EXISTS " . "\n" . $table . "( id INT NOT NULL AUTO_INCREMENT, PRIMARY KEY (id)" . "\n";
foreach ($this->{$value} as $key => $value) {
$query .= ", ";
if (strpos($key, '_id') !== false) {
$query .= clean($key) . " INT" . "\n";
} else {
$query .= clean($key) . " VARCHAR(" . $value . ")" . "\n";
}
}
$query .= ", aika timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP" . "\n";
$query .= " )";
echo $query . "\n" . "\n";
mysqli_query($mysql->connection(), $query) or die(mysqli_error($mysql->connection()));
}
echo '</pre>';
}
function log_truncate()
{
global $COLLATE;
global $dbo;
include "include/validation_functions.php";
if (isset($_GET['action'])) {
$action = clean($_GET['action']);
} else {
$action = "show warning";
}
if ($action != "truncate") {
// Show confirmation form
require_once './include/header.php';
echo $COLLATE['languages']['selected']['confirmtruncate'] . " \n" . "<br /><br /><a href=\"logs.php?op=truncate&action=truncate\">" . "<img src=\"./images/apply.gif\" alt=\"" . $COLLATE['languages']['selected']['altconfirm'] . "\" /></a> <a href=\"logs.php\">" . "<img src=\"./images/cancel.gif\" alt=\"" . $COLLATE['languages']['selected']['altcancel'] . "\" /></a>";
require_once './include/footer.php';
exit;
}
// They've confirmed they want to truncate the logs.
$sql = "SELECT MAX(id) FROM logs";
$result = $dbo->query($sql);
$maxid = $result->fetchColumn();
$id = $maxid - 500;
$sql = "DELETE FROM logs WHERE id<'{$id}'";
$dbo->query($sql);
$level = "5";
$message = "LOGS TRUNCATED";
collate_log($level, $message);
$notice = "truncatesuccess-notice";
header("Location: logs.php?notice={$notice}");
exit;
}
/**
* Render object assignees list
*
* @param array $params
* @param Smarty $smarty
* @return string
*/
function smarty_function_mobile_access_object_assignees($params, &$smarty)
{
$object = array_var($params, 'object');
if (!instance_of($object, 'ProjectObject')) {
return new InvalidParamError('object', $object, '$object is expected to be an instance of ProjectObject class', true);
}
// if
$owner = $object->getResponsibleAssignee();
if (!instance_of($owner, 'User')) {
Assignments::deleteByObject($object);
return lang('No one is responsible');
}
// if
require_once SYSTEM_MODULE_PATH . '/helpers/function.user_link.php';
$other_assignees = array();
$assignees = $object->getAssignees();
if (is_foreachable($assignees)) {
foreach ($assignees as $assignee) {
if ($assignee->getId() != $owner->getId()) {
$other_assignees[] = '<a href="' . mobile_access_module_get_view_url($assignee) . '">' . clean($assignee->getName()) . '</a>';
}
// if
}
// foreach
}
// if
if (count($other_assignees)) {
return '<a href="' . mobile_access_module_get_view_url($owner) . '">' . clean($owner->getName()) . '</a> ' . lang('is responsible') . '. ' . lang('Other assignees') . ': ' . implode(', ', $other_assignees);
} else {
return '<a href="' . mobile_access_module_get_view_url($owner) . '">' . clean($owner->getName()) . '</a> ' . lang('is responsible') . '.';
}
// if
}
function render($region = "")
{
$out = "";
if ($region == "script") {
$out .= "var Light = function( threephp ){\n";
$out .= "\tvar light;\n";
$out .= "\tthis.light = new THREE.DirectionalLight( threephp.color, 1 );\n";
$out .= "\tthis.light.userData = threephp;\n";
$out .= "\tthis.light.name = threephp.name;\n";
$out .= "\tthis.light.position.x = threephp.x;\n";
$out .= "\tthis.light.position.y = threephp.y;\n";
$out .= "\tthis.light.position.z = threephp.z;\n";
if ($this->shadow) {
$out .= "\tthis.light.castShadow = true; \n";
$out .= "\tthis.light.shadowMapWidth = threephp.size; \n";
$out .= "\tthis.light.shadowMapHeight = threephp.size; \n";
$out .= "\tthis.light.shadowCameraLeft = 0 - threephp.size; \n";
$out .= "\tthis.light.shadowCameraRight = threephp.size; \n";
$out .= "\tthis.light.shadowCameraTop = threephp.size; \n";
$out .= "\tthis.light.shadowCameraBottom = 0 - threephp.size; \n";
$out .= "\tthis.light.shadowCameraFar = threephp.size; \n";
$out .= "\tthis.light.shadowDarkness = 0.45; \n";
}
if ($this->box) {
$out .= "\tthis.light.shadowCameraVisible = true; \n";
}
$out .= "\treturn this.light; \n";
$out .= "} \n";
}
if ($region == "main") {
$out .= "scene.add( new Light( " . json_encode(clean($this)) . " ) );\n";
}
return $out;
}
/**
* Open HTML tag
*
* @access public
* @param string $name Tag name
* @param array $attributes Array of tag attributes
* @param boolean $empty If tag is empty it will be automaticly closed
* @return string
*/
function open_html_tag($name, $attributes = null, $empty = false)
{
$attribute_string = '';
if (is_array($attributes) && count($attributes)) {
$prepared_attributes = array();
foreach ($attributes as $k => $v) {
if (trim($k) != '') {
if (is_bool($v)) {
if ($v) {
$prepared_attributes[] = "{$k}=\"{$k}\"";
}
} else {
$prepared_attributes[] = $k . '="' . clean($v) . '"';
}
// if
}
// if
}
// foreach
$attribute_string = implode(' ', $prepared_attributes);
}
// if
$empty_string = $empty ? ' /' : '';
// Close?
return "<{$name} {$attribute_string}{$empty_string}>";
// And done...
}
/**
* Add sidebars to project overview page
*
* @param array $sidebars
* @param Project $project
* @param User $user
* @return null
*/
function system_handle_on_project_overview_sidebars(&$sidebars, &$project, &$user)
{
// only project leader, system administrators and project manages can see last activity
$can_see_last_activity = $user->isProjectLeader($project) || $user->isAdministrator() || $user->isProjectManager();
$project_users = $project->getUsers();
if (is_foreachable($project_users)) {
$smarty =& Smarty::instance();
require_once SYSTEM_MODULE_PATH . '/helpers/function.user_link.php';
require_once SMARTY_PATH . '/plugins/modifier.ago.php';
$output = '';
$sorted_users = Users::groupByCompany($project_users);
foreach ($sorted_users as $sorted_user) {
$company = $sorted_user['company'];
$users = $sorted_user['users'];
if (is_foreachable($users)) {
$output .= '<h3><a href="' . $company->getViewUrl() . '">' . clean($company->getName()) . '</a></h3>';
$output .= '<ul class="company_users">';
foreach ($users as $current_user) {
$last_seen = '';
if ($can_see_last_activity && $user->getId() != $current_user->getId()) {
$last_seen = smarty_modifier_ago($current_user->getLastActivityOn());
}
// if
$output .= '<li><span class="icon_holder"><img src="' . $current_user->getAvatarUrl() . '" /></span> ' . smarty_function_user_link(array('user' => $current_user), $smarty) . ' ' . $last_seen . '</li>';
}
// foreach
$output .= '</ul>';
}
// if
}
// foreach
$sidebars[] = array('label' => lang('People on This Project'), 'is_important' => false, 'id' => 'project_people', 'body' => $output);
}
// if
}
/**
* Render object assignees list
*
* @param array $params
* @param Smarty $smarty
* @return string
*/
function smarty_function_object_owner($params, &$smarty)
{
$object = array_var($params, 'object');
if (!instance_of($object, 'ProjectObject')) {
return new InvalidParamError('object', $object, '$object is expected to be an instance of ProjectObject class', true);
}
// if
$users_table = TABLE_PREFIX . 'users';
$assignments_table = TABLE_PREFIX . 'assignments';
$rows = db_execute_all("SELECT {$assignments_table}.is_owner AS is_assignment_owner, {$users_table}.id AS user_id, {$users_table}.company_id, {$users_table}.first_name, {$users_table}.last_name, {$users_table}.email FROM {$users_table}, {$assignments_table} WHERE {$users_table}.id = {$assignments_table}.user_id AND {$assignments_table}.object_id = ? and {$assignments_table}.is_owner='1' ORDER BY {$assignments_table}.is_owner DESC", $object->getId());
if (is_foreachable($rows)) {
$owner = null;
foreach ($rows as $row) {
if (empty($row['first_name']) && empty($row['last_name'])) {
$user_link = '<a href="' . assemble_url('people_company', array('company_id' => $row['company_id'])) . '#user' . $row['user_id'] . '">' . clean($row['email']) . '</a>';
} else {
$user_link = '<a href="' . assemble_url('people_company', array('company_id' => $row['company_id'])) . '#user' . $row['user_id'] . '">' . clean($row['first_name']) . '</a>';
}
// if
$owner .= $user_link . ' ';
}
// foreach
}
// if
if (empty($owner)) {
$owner = '--';
}
// if
return $owner;
}
/**
* Render single feed item
*
* @param Angie_Feed_Item $item
* @return string
*/
private function renderItem(Angie_Feed_Item $item)
{
$result = "<item>\n";
$result .= '<title>' . clean($item->getTitle()) . "</title>\n";
$link = externalUrl(clean($item->getLink()));
$result .= '<link>' . $link . "</link>\n";
//$result .= '<guid>' . $link . "</guid>\n";
if ($description = trim($item->getDescription())) {
$description = "empty";
}
// if
$result .= '<description>' . clean($description) . "</description>\n";
$author = $item->getAuthor();
if ($author instanceof Angie_Feed_Author) {
$result .= '<author>' . clean($author->getEmail()) . ' (' . clean($author->getName()) . ")</author>\n";
}
// if
$timestamp = NULL;
$pubdate = $item->getPublicationDate();
if ($pubdate instanceof DateTimeValue) {
$result .= '<pubDate>' . $pubdate->toRSS() . "</pubDate>\n";
$timestamp = $pubdate->getTimestamp();
}
// if
$result .= '<guid>' . $this->buildGuid(clean($item->getLink()), $timestamp) . "</guid>\n";
$result .= '</item>';
return $result;
}
function get($v)
{
if (isset($_GET[$v])) {
return clean($_GET[$v]);
}
return false;
}
function main()
{
global $db;
if (isset($_REQUEST['id'])) {
$result = $db->Execute("SELECT * FROM `Obsedb_Mods` WHERE `id` = '{$_REQUEST['id']}' LIMIT 1");
while ($row = $result->FetchNextObject()) {
do_header();
$header = new Template();
$header->open_template('cheats_header');
$header->addvar('{id}', $row->ID);
$header->addvar('{title}', stripslashes($row->TITLE));
$header->parse_template();
$header->print_template();
$cheats = $db->Execute("SELECT id,Modid,title,cheat FROM `Obsedb_cheats` WHERE `Modid` = '{$_REQUEST['id']}' ORDER BY `title`");
while ($cheat = $cheats->FetchNextObject()) {
// CHEAT HTML
echo "<b>" . clean($cheat->TITLE) . "</b><br />\n \t\t\t " . stripslashes($cheat->CHEAT) . "<br /><br />";
// END CHEAT HTML
}
do_footer();
}
} else {
do_header();
echo "<b>System Error Message</b><br />";
echo "You cannot access this page directly, please go back and select a Mod.<br />";
echo "If the problem persists, please contact the webmaster.";
do_footer();
}
}
/**
* Добавить комментарий
* @param Request $request
* @return $this|\Illuminate\Http\RedirectResponse
*/
public function create(Request $request, $category_id, $content_id)
{
//Authenticates
if (!$request->user()) {
//Пользователь не прошел аутентификацию
return redirect()->back()->with('error', 'Необходима авторизация!!!');
}
//Проверяем ввод
$validator = Validator::make($request->all(), $this->rules, $this->messages);
if ($validator->fails()) {
//Валидация не пройдена
return redirect()->back()->withErrors($validator->errors())->withInput();
} else {
//Сохраняем комментарий
$comment = new Comment();
$comment->category_id = $category_id;
$comment->content_id = $content_id;
$comment->active = config('mycomment.active');
$comment->users_id = $request->user()->id;
$comment->comment = clean($request->input('comment'), ['HTML.Allowed' => '']);
//Очищаем текст от тегов и т.п.
$comment->save();
return redirect()->back();
}
}
function clean_all($form_vars)
{
foreach ($form_vars as $key => $value) {
$form_vars[$key] = clean($value);
}
return $form_vars;
}
/**
* reminder post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Reminder
* @author Henry Ruhs
*/
function reminder_post()
{
$emailValidator = new Redaxscript\Validator\Email();
$captchaValidator = new Redaxscript\Validator\Captcha();
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/reminder'] == 'visited') {
$email = clean($_POST['email'], 3);
$task = $_POST['task'];
$solution = $_POST['solution'];
}
/* validate post */
if ($email == '') {
$error = l('email_empty');
} else {
if ($emailValidator->validate($email) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('email_incorrect');
} else {
if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('captcha_incorrect');
} else {
if (Redaxscript\Db::forTablePrefix('users')->where('email', $email)->findOne()->id == '') {
$error = l('email_unknown');
} else {
/* query users */
$result = Redaxscript\Db::forTablePrefix('users')->where(array('email' => $email, 'status' => 1))->findArray();
if ($result) {
foreach ($result as $r) {
if ($r) {
foreach ($r as $key => $value) {
${$key} = stripslashes($value);
}
}
/* send reminder information */
$passwordResetRoute = ROOT . '/' . REWRITE_ROUTE . 'password_reset/' . $id . '/' . sha1($password);
$passwordResetLink = anchor_element('external', '', '', $passwordResetRoute, $passwordResetRoute);
$toArray = array(s('author') => s('email'));
$fromArray = array($name => $email);
$subject = l('reminder');
$bodyArray = array('<strong>' . l('user') . l('colon') . '</strong> ' . $user, '<br />', '<strong>' . l('password_reset') . l('colon') . '</strong> ' . $passwordResetLink);
/* mailer object */
$mailer = new Redaxscript\Mailer();
$mailer->init($toArray, $fromArray, $subject, $bodyArray);
$mailer->send();
}
}
}
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
notification(l('error_occurred'), $error, l('back'), 'reminder');
} else {
notification(l('operation_completed'), l('reminder_sent'), l('login'), 'login');
}
$_SESSION[ROOT . '/reminder'] = '';
}
function read_cookie()
{
global $config;
$this->ip = $_SERVER['REMOTE_ADDR'];
if (isset($_COOKIE['nsamblr_session'])) {
$cookie = explode('!', base64_decode($_COOKIE['nsamblr_session']));
} else {
return false;
}
if ($cookie[0] == 'nsamblr') {
$id = intval($cookie[1]);
$password = clean($cookie[2]);
$query = mysql_query("SELECT id, nick, password, ip, mail, salt FROM users WHERE id = '{$id}' LIMIT 1");
$result = mysql_fetch_row($query, MYSQL_ASSOC);
if (empty($result)) {
return 1;
}
// no such user
$bdpassword = md5($result['password'] . $config['site_id']);
if ($bdpassword == $password) {
// Authed
$this->id = $result['id'];
$this->nick = $result['nick'];
$this->password = $result['password'];
mysql_query('UPDATE users SET ip = \'' . $this->ip . '\' WHERE id = ' . $this->id);
$mail = $result['mail'];
return true;
}
}
}
function writebody()
{
global $db, $domain, $suserid, $sitename, $cachelife, $template, $gamesfolder, $thumbsfolder, $limitboxgames, $seo_on, $blogentriesshown, $enabledcode_on, $comments_on, $directorypath, $autoapprovecomments, $gamesonpage, $abovegames, $belowgames, $showwebsitelimit, $supportemail, $showblog, $blogentriesshown, $blogcharactersshown, $blogcommentpermissions, $blogcommentsshown, $blogfollowtags, $blogcharactersrss, $usrdata, $userid;
if (!isset($suserid)) {
echo '<div class=\'error\'>Please login first.</div>';
exit;
}
$current_email = clean($_GET['oldemail']);
$new_email = clean($_GET['newemail']);
$id = clean($_GET['id']);
if (!$current_email || !$new_email || !$id) {
echo 'Something was missing within your url. Please try again!';
exit;
}
$userid = $usrdata['userid'];
$ir = $db->query(sprintf('SELECT * FROM fas_users WHERE userid=\'%u\'', $userid));
$r2 = $db->fetch_row($ir);
$email = $r2['email'];
$new_email_key = $r2['new_email_key'];
if ($current_email == $email && $new_email_key == $id) {
mysql_query("UPDATE dd_users SET `email`='{$new_email}', `new_email_key`='0' WHERE userid='{$usrdata['userid']}'");
echo '<div class=\'msg\'>Your email has been changed!</div>';
} else {
echo 'ERROR!!';
}
}
function clean($str = '', $html = false)
{
//is String Empty?
if (empty($str)) {
return false;
}
//is String an array? If so, run clean with each item.
if (is_array($str)) {
foreach ($str as $key => $value) {
$str[$key] = clean($value, $html);
}
} else {
// get magic quotes
if (get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
//is HTML an Array?
if (is_array($html)) {
$str = strip_tags($str, implode('', $html));
} elseif (preg_match('|<([a-z]+)>|i', $html)) {
$str = strip_tags($str, $html);
} elseif ($html !== true) {
$str = strip_tags($str);
}
$str = trim($str);
}
return $str;
}
/**
* Render submit button
*
* @param array $params
* @param string $content
* @param Smarty $smarty
* @param boolean $repeat
* @return string
*/
function smarty_block_submit($params, $content, &$smarty, &$repeat)
{
$params['type'] = 'submit';
$accesskey = array_var($params, 'accesskey', 's');
if ($accesskey) {
$params['accesskey'] = 's';
}
// if
$caption = clean(isset($params['not_lang']) ? $content : lang($content));
if ($accesskey) {
$first = null;
$first_pos = null;
$to_highlight = array(strtolower($accesskey), strtoupper($accesskey));
foreach ($to_highlight as $accesskey_to_highlight) {
if (($pos = strpos($caption, $accesskey_to_highlight)) === false) {
continue;
}
// if
if ($first_pos === null || $pos < $first_pos) {
$first = $accesskey_to_highlight;
$first_pos = $pos;
}
// if
}
// foreach
if ($first !== null) {
$caption = str_replace_first($first, "<u>{$first}</u>", $caption);
}
// if
}
// if
// And done...
return open_html_tag('button', $params) . '<span><span>' . $caption . '</span></span></button>';
}
