function shownews($id) { global $list_prefix, $NEWS, $MAIN; $sql = "SELECT * FROM " . $list_prefix . "news WHERE id = '" . $id . "';"; $result = db_query($sql); $rows = db_num_rows($result); if ($rows != 0) { $row = db_fetch_array($result); $postedby = getuser($row['posted_by']); //lets insert the prayerrequest into our working copy of this template. $WORK = insert_into_template($NEWS, "{NEWSTITLE}", stripslashes($row['news_title'])); $WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser'])); $WORK = insert_into_template($WORK, "{NEWSID}", $row['id']); $WORK = insert_into_template($WORK, "{POSTEDBY}", $postedby); $WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']); $WORK = insert_into_template($WORK, "{DATE}", date("m/d/Y", $row['date'])); $WORK = insert_into_template($WORK, "{CATEGORY}", getcatname($row['category'])); $WORK = insert_into_template($WORK, "{NEWS}", stripslashes($row['news'])); $i++; //now lets add this request to the CONTENT. $WORK = insert_into_template($MAIN, "{CONTENT}", $WORK); $WORK = filltemplate($WORK, striphtml($row['news_title'])); printf("%s", striptemplate($WORK)); } }
function forum_notify() { global $form, $db, $tab, $login, $threadid, $postid, $thisthread, $thisboard, $httpurl, $sendmail; $userq = $db->query_str("SELECT * FROM {$tab['forum_notify']} WHERE threadid='{$threadid}' AND userid!='{$login['id']}'"); while ($notify = $db->fetch_array($userq)) { $user = getuser($notify[userid]); eval("\$mail[header] = \"" . gettemplate("forum.notify.mail.header") . "\";"); eval("\$mail[subject] = \"" . gettemplate("forum.notify.mail.subject") . "\";"); eval("\$mail[body] = \"" . gettemplate("forum.notify.mail.body") . "\";"); $sendmail->mail($user[user_email], $mail[subject], $mail[body], $mail[header]); } }
function all_action() { global $session; $uid = $session->get('uid'); //前20个推荐的采集 $pins = bidcms_encode(getallpins()); $userinfo = array(); if ($uid > 0) { $userinfo = getuser($uid, 0, 1); } include template('index_all'); }
function getarticles($perpage) { global $list_prefix; $ARTICLES = loadtmplate("articles.mod"); $CONTENT = ""; //lets calculate our query $sql = "SELECT * FROM " . $list_prefix . "articles ORDER BY `date` DESC LIMIT 0," . $perpage . ";"; //now lets show the prayerlist entries. $result = db_query($sql); if ($result) { $rows = db_num_rows($result); } else { $rows = 0; } if ($rows != 0) { $j = 0; while ($j < $rows) { //lets fetch our prayer request from the database. $row = db_fetch_array($result); $postedby = getuser($row['posted_by']); //lets insert the prayerrequest into our working copy of this template. $WORK = insert_into_template($ARTICLES, "{ARTICLETITLE}", stripslashes($row['article_title'])); $WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser'])); $WORK = insert_into_template($WORK, "{ARTICLEID}", $row['id']); $WORK = insert_into_template($WORK, "{POSTEDBY}", $postedby); $WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']); $WORK = insert_into_template($WORK, "{DATE}", date("m/d/Y", $row['date'])); $WORK = insert_into_template($WORK, "{CATEGORY}", getcatname($row['category'])); $j++; //now lets add this request to the CONTENT. $CONTENT .= $WORK; } } else { $CONTENT .= "There are no active articles at this time.<BR>\r\n"; } //when we output this lets make sure that the output is stripped of any template elements that are not used. return striptemplate($CONTENT); }
<?php include "../lib/mainfunc.php"; $bid = @$_GET['bid']; $tid = @$_GET['tid']; $page = @$_GET['p']; $see_lz = @$_GET['see_lz']; $users = getuser(); $currentuser = $users['username']; if (!$page) { $page = 1; } if (!$bid) { $bid = 1; } if (!$tid) { $tid = 1; } $data = mainfunc(array("bid" => $bid, "tid" => $tid, "p" => $page, "see_lz" => $see_lz), null); $tdata = mainfunc(array("bid" => $bid, "tid" => $tid, "ask" => "tidinfo")); $floordata = ""; if ($see_lz != "") { $floordata = mainfunc(array("bid" => $bid, "tid" => $tid, "ask" => "getlznum")); $floordata = $floordata[0]; } if (count($tdata) == 0) { $tdata = null; } else { $tdata = $tdata[0]; } if ($floordata != "") {
include 'function.php'; ?> <?php include 'header.php'; ?> <div class='container'> <?php $pid = $_GET['pid']; if (isset($_GET['uid']) && !empty($_GET['uid'])) { $uid = $_GET['uid']; } else { $uid = $_SESSION['myid']; } $myid = $_SESSION['myid']; $username = getuser($uid, 'user_name'); ?> <h3><?php echo $username; ?> </h3> <?php $query = "select location from pins where pid = '{$pid}'"; $result = $conn->query($query); $run = $result->fetch_array(); $location = $run['location']; ?> <h4>Pin from: <a href='locphoto.php?location=<?php echo $location; ?> '><?php
<?php include 'connect.php'; ?> <?php include 'functions.php'; ?> <?php include 'header.php'; ?> <div class="container"> <h3>Friends</h3> <?php $my_id = $_SESSION['user_id']; $req_query = mysql_query("SELECT user_one, user_two FROM friends WHERE user_one='{$my_id}' OR user_two='{$my_id}'"); while ($run_req = mysql_fetch_array($req_query)) { $user_one = $run_req['user_one']; $user_two = $run_req['user_two']; if ($user_one == $my_id) { $user = $user_two; } else { $user = $user_one; } $username = getuser($user, 'username'); echo "<a class='box' style='display: block;' href='profile.php?user={$user}'>{$username}</a>"; } ?> </div> </body> </html>
?> <div class="container"> <div class="row"> <div class=" col-sm-8 col-sm-offset-2"> <div class="panel panel-primary"> <div class="panel-heading" > <?php echo $post['title']; ?> by <a href="user.php?id=<?php echo $post['user_id']; ?> "> <?php $c = getuser($post['user_id']); echo $c['username']; ?> </a> <span style="float:right"> <?php echo " posted on " . $post['created']; ?> </span> </div> <div class="panel-body" style="color:#191970"> <p class="text-center"> <?php $a = getimage($post['image_id']); if ($a) { echo '<img class="panel" src="images/' . $a['filename'] . '">';
<?php require_once '../inc/common.php'; $type = isset($_GET['type']) ? (int) $_GET['type'] : 0; $user = getuser('mid,name,headimgurl'); $user['headimgurl'] = empty($user['headimgurl']) ? '../images/touxiang.png' : $user['headimgurl']; $pageSize = 5; $sql = "SELECT count(1) as count FROM m_comment WHERE mid = '{$user['mid']}' AND type = 0"; $sth = $db->prepare($sql); $sth->execute(); $count = $sth->fetchColumn(); $pageTotal = ceil($count / $pageSize); if (isset($_GET['aj_comm'])) { if ($type == 0) { $table = 'm_goods'; } elseif ($type == 1) { $table = 'm_activites'; } $page = isset($_GET['page']) ? intval($_GET['page']) : 1; //获取请求的页数 $start = ($page - 1) * $pageSize; $sql = "SELECT c.cid,c.pid,c.ctime,c.nice,c.imgs,c.content,g.name FROM m_comment as c\r\n\t\t\t\tLEFT JOIN {$table} as g ON c.pid = g.gid\r\n\t\t\t\tWHERE c.mid = '{$user['mid']}' AND c.type = '{$type}' ORDER BY c.ctime DESC LIMIT {$start}, {$pageSize}"; $sth = $db->prepare($sql); $sth->execute(); $data = $sth->fetchAll(PDO::FETCH_ASSOC); foreach ($data as $k => $v) { $data[$k]['ctime'] = date('Y-m-d', $v['ctime']); $data[$k]['imgs'] = explode('|', $v['imgs']); } die(json_encode($data)); //转换为json数据输出
href="#collapseOne"> <span class="glyphicon glyphicon-chevron-down"></span> </a> </div> </div> <div class="panel-collapse collapse" id="collapseOne"> <div class="panel-body" > <?php require_once 'include/db_connect.php'; if (isset($_GET['user']) and isset($_GET['hash'])) { $hash = $_GET['hash']; $user = $_GET['user']; $ext = mysql_query("select * from conversation where chash='{$hash}' "); while ($row = mysql_fetch_array($ext)) { $cfrom = $row['cfrom']; $cfrom1 = getuser($cfrom, 'user_name'); $msg = $row['msg']; echo "<ul class='chat'>\n <li class='left clearfix'><span class='chat-img pull-left'>\n <img src='img/user.png' height='50' width='50' alt='User Avatar' class='img-circle' />\n </span>\n <div class='chat-body clearfix'>\n <div class='header'>\n <strong class='primary-font'>" . $cfrom1 . "</strong> <small class='pull-right text-muted'>\n <span class='glyphicon glyphicon-time'></span></small>\n </div>\n <p>\n " . $msg . "\n </p>\n </div>\n </li>\n </ul>"; } } ?> </div> <form action="chatupdate.php" method="post"> <div class="panel-footer"> <div class="input-group"> <input id="btn-input" type="text" class="form-control input-sm" name="message" placeholder="Type your message here..." /> <input type="hidden" name="user" value="<?php echo $user; ?>
$ava1 = getavatar($row['user_id'], 'avatar'); $ava = "<img src='{$ava1}' height='30' width='30' class=>"; $tim = $row['time']; $hash = $row['ghash']; echo "<div class='post'><div class='panel panel-default'>\n <div class='panel-heading'>" . $ava . $postn . "</div>\n <div class='panel-body'>" . $row['message'] . "\n \n </div><div class='panel-footer'>Posted at  " . $tim . "</div>\n</div>\n </div></div>"; } if ($type == 'image') { $postn = getuser($row['user_id'], 'fname'); $ava1 = getavatar($row['user_id'], 'avatar'); $ava = "<img src='{$ava1}' height='30' width='30'>"; $pim = $row['pimage']; $pim1 = "<img src='{$pim}' class='img-responsive center-block'>"; echo "<div class='post'><div class='panel panel-default'>\n <div class='panel-heading'>" . $ava . $postn . "</div>\n <div class='panel-body'>" . $row['message'] . $pim1 . "\n \n </div>\n </div></div>"; } if ($type == 'video') { $postn = getuser($row['user_id'], 'fname'); $ava1 = getavatar($row['user_id'], 'avatar'); $ava = "<img src='{$ava1}' height='30' width='30'>"; $url = $row['url']; $vi = " <iframe src='{$url}'\n frameborder='0' width='476' height='400'\n allowfullscreen ></iframe >"; echo "<div class='post'><div class='panel panel-default'>\n <div class='panel-heading'>" . $ava . $postn . "</div>\n <div class='panel-body'>" . $row['message'] . $vi . "\n \n </div>\n </div></div>"; } if ($type == 'location') { $postn = getuser($row['user_id'], 'fname'); $ava1 = getavatar($row['user_id'], 'avatar'); $ava = "<img src='{$ava1}' height='30' width='30'>"; $pla = $row['place']; echo "<div class='post'><div class='panel panel-default'>\n <div class='panel-heading'>" . $ava . $postn . "</div>\n <div class='panel-body'>" . $row['message'] . "<br>" . $pla . "\n \n </div>\n </div></div>"; } } require_once 'footer.php';
<?php require_once 'header.php'; ?> <div id="bo"> <?php require_once 'include/db_connect.php'; require_once 'include/essential.php'; ?> <?php require_once 'include/db_connect.php'; require_once 'functions.php'; require_once 'include/essential.php'; echo "<h1>Chat List</h1><br>"; $fr = mysql_query("select user_one,user_two from frnd where user_one='{$pid1}' or user_two='{$pid1}'"); while ($frn = mysql_fetch_array($fr)) { if ($frn['user_one'] == $pid1) { $frnid = $frn['user_two']; } else { $frnid = $frn['user_one']; } $frname = getuser($frnid, 'user_name'); echo "<a href='chatbox.php?user={$frnid}'class='btn btn-default btn-lg'style=margin:5px;>{$frname}</a><br><br>"; } ?> </div> </body> <?php require_once 'footer.php'; ?> </html>
function t_fanli($uid, $money) { global $_G; $org_money = $money; if ($uid == $this->user['uid']) { $user = $this->user; } else { $user = getuser($uid, 'uid'); } //if($user['uid'] == $this->user[uid]) return $money; //if($user['t_uid'] && $user['t_uid'] == $this->user[uid]) return $money; //防止死循环 //4,3,1,1,2 $rank = $user['rank']; if (!$rank || !$_G['rank'][$rank]) { return $money; } $group = $_G['rank'][$rank]; $bili = intval($group['bili']); //当前推荐者所在推荐的返利比例 if ($bili <= 0) { return $money; } $yongjin = fix($money * ($bili / 100), 2); $money = $money - $yongjin; //给佣金表,增加记录,供用户查询 $log = array(); //第'.($k+1).'级 if (!$this->order['price'] || $yongjin <= 0) { return $money; } $log['desc'] = '您推荐的用户' . $this->user['username'] . '购物消费,您获得:' . $yongjin . '元(' . $bili . '%)'; $add_money = $user['money'] + $yongjin; update_member(array('money' => $add_money), $user['uid']); $log['org_money'] = $user['money']; $log['money'] = $yongjin; $log['status'] = 1; $log['uid'] = $user['uid']; $log['username'] = $user['username']; $this->write_log($log); //无限上级推荐人返利 /*if($user['t_uid']>0){ if($user['t_uid'] == $this->user['uid'] || $user['t_uid'] == $user['uid'])continue; //防止死循环 $money = $this->t_fanli($user['t_uid'],$org_money); }*/ return $money; }
<div id="wrap"> <div id="header"></div> <div id="main"><p> <p><span class="pagetitle">User Account</span></p> <?php connect(); //printf('<br />roleid: '.$_SESSION['role_id'].''); if ($_SESSION['role_id'] == 1) { printf('Only editors may view this page.'); printf('<script type="text/javascript"> location.replace("author.php"); </script>'); } $uid = $_GET['perid']; $arruser = getuser($uid); $fname = $arruser['fname']; $lname = $arruser['lname']; $street = $arruser['street']; $city = $arruser['city']; $province = $arruser['province']; $postal = $arruser['postal']; $email = $arruser['email']; $uid = $arruser['per_id']; $active = $arruser['active']; printf('<span class="edituser">'); printf('<form name="reg" action="updateuser.php" onsubmit="return validateForm();" method="post" >'); printf('<table>'); printf('<tr><td></td><td><input type=hidden name="uid" value="' . $uid . '"></td></tr>'); printf('<tr><td>Username:</td><td>' . $arruser['uname'] . '</td></tr>'); printf('<tr><td>First name:</td><td><input type=text name="ufname" value="' . $fname . '" size="50"></td></tr>');
function delete_account($usrid) { // ------------------ DELETE ACCOUNT --------------- $usr = @getuser($usrid); if ($usr !== false) { $c = $usr['cluster']; if ($c != '') { $c = @mysql_num_rows(@db_query('SELECT * FROM users WHERE cluster=' . mysql_escape_string($c))); if ($c < 2) { deletecluster($c, true); } else { $r = db_query('SELECT id FROM users WHERE cluster=' . mysql_escape_string($usr['cluster']) . ' AND clusterstat=' . CS_ADMIN . ';'); $admins = @mysql_num_rows($r); if ($usr['clusterstat'] == CS_ADMIN && $admins < 2) { $r = db_query('SELECT * FROM users WHERE cluster=' . mysql_escape_string($usr['cluster']) . ';'); db_query('UPDATE users SET clusterstat=' . CS_ADMIN . ' WHERE id=' . mysql_result($r, 0, 'id') . ';'); } } } db_query('DELETE FROM mails WHERE user=\'' . mysql_escape_string($usrid) . '\';'); db_query('DELETE FROM sysmsgs WHERE user=\'' . mysql_escape_string($usrid) . '\';'); db_query('DELETE FROM users WHERE id=\'' . mysql_escape_string($usrid) . '\';'); db_query('DELETE FROM abooks WHERE user=\'' . mysql_escape_string($usrid) . '\';'); return $usr; } else { return false; } }
<?php require_once 'include/essential.php'; ?> <?php require_once 'include/db_connect.php'; require_once 'functions.php'; if (isset($_GET['user']) && !empty($_GET['user'])) { $lid = $_GET['user']; } else { $lid = $pid1; } $my_id = $pid1; $luser = getuser($lid, 'user_name'); echo '<h2>' . $luser . '</h2>'; ?> <?php if ($lid != $my_id) { $checkfriends = mysql_query("select id from frnd where(user_one='{$my_id}' and user_two='{$lid}') or (user_one='{$lid}' and user_two='{$my_id}')"); if (mysql_num_rows($checkfriends) == 1) { echo "<a href='#'class='btn btn-primary btn-lg'style=margin:5px;>already friends</a>   " . "<a href='action.php?action=unfriend&user={$lid}'class='btn btn-primary btn-lg'style=margin:5px;>unfriend</a>"; } else { $from = mysql_query("select id from frnd_req where from1='{$lid}' and to1='{$my_id}'"); $to = mysql_query("select id from frnd_req where from1='{$my_id}' and to1='{$lid}'"); if (mysql_num_rows($from) == 1) { echo "<a href='action.php?action=accept&user={$lid}'class='btn btn-primary btn-lg'style=margin:5px;>accept</a>   <a href='action.php?action=reject&user={$lid}'class='btn btn-primary btn-lg'style=margin:5px;>decline</a>"; } elseif (mysql_num_rows($to) == 1) { echo "<a href='action.php?action=cancel&user={$lid}'class='btn btn-primary btn-lg'style=margin:5px;>cancel request</a>"; } else {
function duihuan_main() { global $_G, $assign; $and = ''; //if($assign[goods][tag]) $and .=' AND `tag` ='.$assign[goods][tag]; if ($assign[goods][id]) { $and .= ' AND id != ' . $assign[goods][id]; $duihuan_success = D(array('and' => ' AND duihuan_id = ' . $assign[goods][id] . " AND status=4", 'order' => 'id DESC ', 'table' => 'duihuan_apply', 'limit' => 80, 'key' => 'duihuan_main_' . $assign[goods][id])); foreach ($duihuan_success as $k => $v) { $duihuan_success[$k][user] = getuser($v[uid], 'uid'); } } $and_time .= " AND start_time < " . TIMESTAMP; $and_time .= " AND ( end_time = 0 or end_time > " . TIMESTAMP . ")"; $and .= ' AND `hide`=0 ' . $and_time; $duihuan_goods = D(array('and' => $and, 'order' => ' `sort` DESC,id DESC ', 'table' => 'duihuan', 'limit' => 4, 'key' => 'duihuan_goods')); return array('duihuan_goods' => $duihuan_goods, 'duihuan_success' => $duihuan_success); }
require_once '../functions.php'; $tab = mysql_query("select * from frnd_req"); echo " <table class='table'>\r\n <caption><h1>Pending Requests Table</h1></caption>\r\n <tr>\r\n <th>From</th>\r\n <th>To</th>\r\n \r\n </tr>"; while ($row = mysql_fetch_array($tab)) { $user = getuser($row['from1'], 'user_name'); $pas = getuser($row['to1'], 'user_name'); echo "<tr>"; echo " <td>{$user}</td>"; echo " <td>{$pas}</td>"; echo "</tr>"; } ?> <hr style="background: black; color: black; height: 1px;"> <?php require_once '../include/db_connect.php'; require_once '../functions.php'; $tab = mysql_query("select * from frnd"); echo " <table class='table'>\r\n <caption><h1>Friends Table</h1></caption>\r\n <tr>\r\n <th>User</th>\r\n <th>User</th>\r\n \r\n </tr>"; while ($row = mysql_fetch_array($tab)) { $user = getuser($row['user_one'], 'user_name'); $pas = getuser($row['user_two'], 'user_name'); echo "<tr>"; echo " <td>{$user}</td>"; echo " <td>{$pas}</td>"; echo "</tr>"; } ?> <hr style="background: black; color: black; height: 1px;"> </body> </html>
function shownews($category) { global $HTTP_GET_VARS, $NEWS, $list_prefix, $MAIN; $CONTENT = ""; if (isset($HTTP_GET_VARS['perpage']) && is_numeric($HTTP_GET_VARS['perpage'])) { $perpage = $HTTP_GET_VARS['perpage']; } else { $perpage = 3; } //lets see if the user has specified to show all requests on a single page. if (isset($HTTP_GET_VARS['onepage'])) { $onepage = 1; } else { $onepage = 0; } //lets see what page we are on if (!isset($HTTP_GET_VARS['page']) || !is_numeric($HTTP_GET_VARS['page'])) { $page = 1; } else { $page = $HTTP_GET_VARS['page']; } //lets calculate our start position for our query if needed. $start = ($page - 1) * $perpage; //lets calculate our query $sql = "SELECT * FROM " . $list_prefix . "news"; if ($category != 0) { $sql .= " WHERE category = '" . $category . "'"; } if ($onepage == 0) { $sql .= " ORDER BY `date` DESC LIMIT " . $start . "," . $perpage . ";"; } else { $sql .= " ORDER BY `date` DESC;"; } //now lets show the prayerlist entries. $result = db_query($sql); $rows = db_num_rows($result); if ($rows != 0) { $i = 0; while ($i < $rows) { //lets fetch our prayer request from the database. $row = db_fetch_array($result); $postedby = getuser($row['posted_by']); //lets insert the prayerrequest into our working copy of this template. $WORK = insert_into_template($NEWS, "{NEWSTITLE}", stripslashes($row['news_title'])); $WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser'])); $WORK = insert_into_template($WORK, "{NEWSID}", $row['id']); $WORK = insert_into_template($WORK, "{POSTEDBY}", $postedby); $WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']); $WORK = insert_into_template($WORK, "{DATE}", date("m/d/Y", $row['date'])); $WORK = insert_into_template($WORK, "{CATEGORY}", getcatname($row['category'])); $i++; //now lets add this request to the CONTENT. $CONTENT .= $WORK; } $sql = "SELECT * FROM " . $list_prefix . "news;"; $result = db_query($sql); $rows = db_num_rows($result); $pages = ($rows - $rows % $perpage) / $perpage; //this is the number of complete pages. if ($rows % $perpage > 0) { $pages++; } //this will take care of incomplete pages. //lets list a previous page link if needed. if ($pages > 1 && $onepage == 0) { $i = 0; if ($page != 1) { $CONTENT .= "<a href='news.php?page" . ($page - 1) . "'>prev</a> \r\n"; } //lets list all pages a user can click on. while ($i < $pages) { $i++; if ($i != $page) { $CONTENT .= "<a href='news.php?page=" . $i . "'>" . $i . "</a> \r\n"; } else { $CONTENT .= $i . " "; } } //lets create a next page link if needed if ($page != $pages) { $CONTENT .= "<a href='news.php?page=" . ($page + 1) . "'>next</a>\r\n"; } $CONTENT .= "<div align=\"right\"><a href='news.php?onepage=1'>Show all requests on one page.</a></div><br />\r\n"; } } else { $CONTENT .= "There are no active news at this time.<BR>\r\n"; } $WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT); $WORK = filltemplate($WORK, "News"); //when we output this lets make sure that the output is stripped of any template elements that are not used. printf("%s", striptemplate($WORK)); }
$blocked = "blocked"; } if (!$news[activated]) { $activated = "inactiv"; } $countcoms = $db->query("SELECT COUNT(*) FROM {$tab['news_comment']} WHERE newsid='{$news['id']}'"); $comments = $countcoms[0]; eval("\$inc[newsselect] .= \"" . gettemplate("news.edit.selectnews.bit") . "\";"); } eval("\$inc[action] = \"" . gettemplate("news.edit.selectnews") . "\";"); } ############################ if ($adminaction == "news_new" || $fail_new) { if (!$login) { eval("\$inc[action] = \"" . gettemplate("fail.access.notloggedin") . "\";"); } else { $fail = $fail_new; $user = getuser($login[id]); $smilies = getsmiliesbit("news.newsform.smilie.bit"); $user_name = mkuser("user_name", 0, $login); $thisaction = "new_new_save"; eval("\$admin \t= \"" . gettemplate("news.newsform.admin") . "\";"); eval("\$inc[action] = \t\"" . gettemplate("news.admin.newsform") . "\";"); } } ################ if ($adminaction == "news_config" || $fail_config) { $fail = $fail_config; eval("\$inc[action] = \"" . gettemplate("news.admin.config.main") . "\";"); } ################
<?php require_once '../inc/common.php'; $type = isset($_GET['type']) ? (int) $_GET['type'] : 0; $user = getuser('mid,headimgurl'); $pageSize = 5; $sql = "SELECT count(1) as count FROM m_comment WHERE mid = '{$user['mid']}' AND type = 0"; $sth = $db->prepare($sql); $sth->execute(); $count = $sth->fetchColumn(); $pageTotal = ceil($count / $pageSize); if (isset($_GET['aj_comm'])) { if ($type == 0) { $table = 'm_goods'; } elseif ($type == 1) { $table = 'm_activites'; } $page = isset($_GET['page']) ? intval($_GET['page']) : 1; //获取请求的页数 $start = ($page - 1) * $pageSize; $sql = "SELECT c.cid,c.pid,c.ctime,c.nice,c.imgs,c.content,g.name FROM m_comment as c\r\n\t\t\t\tLEFT JOIN {$table} as g ON c.pid = g.gid\r\n\t\t\t\tWHERE c.mid = '{$user['mid']}' AND c.type = '{$type}' ORDER BY c.ctime DESC LIMIT {$start}, {$pageSize}"; $sth = $db->prepare($sql); $sth->execute(); $data = $sth->fetchAll(PDO::FETCH_ASSOC); foreach ($data as $k => $v) { $data[$k]['ctime'] = date('Y-m-d', $v['ctime']); $data[$k]['imgs'] = explode('|', $v['imgs']); } die(json_encode($data)); //转换为json数据输出 }
if ($right[boardid] == "0" && $right[section] == $sec[forum][id]) { $board = "<i>ALL BOARDS</i>"; } elseif ($right[boardid]) { $board = getboard($right[boardid]); $board = $board[board_name]; } else { $board = "-----"; } eval("\$moderators .= \"" . gettemplate("user.admin.rights.listmoderators.bit") . "\";"); } eval("\$inc[action] = \"" . gettemplate("user.admin.rights") . "\";"); } ####################################### if ($adminaction == "showuser" || $fail_useredit) { $fail = $fail_useredit; $form = getuser($userid); $form[user_gender] - 2 ? $male = " selected" : ($female = " selected"); $birthday = mkdate($form[user_birth], "d-m-Y"); eval("\$inc[action] = \"" . gettemplate("user.admin.edituser") . "\";"); } ####################################### if ($adminaction == "showusers") { if (strtolower($sort) != "desc" && strtolower($sort) != "asc") { $sort = "ASC"; } if (strtolower($order) != "user_name" && strtolower($order) != "id") { $order = "id"; } if (!$start || !is_numeric($start)) { $start = 0; }
} } savetraffic(strlen($zip->file())); $dateiname = "PMs-Backup " . date("d-m-Y") . ".zip"; header("Content-Type: application/octetstream"); header("Content-Disposition: attachment; filename=" . $dateiname); header("Pragma: no-cache"); header("Expires: 0"); echo $zip->file(); exit; } ##### if ($dlsection == "pm" && !is_array($sourceid)) { $pm = getpm($sourceid); if ($pm[toid] != $login[id] && $pm[autid] != $login[id]) { eval("\$inc[action] = \"" . gettemplate("fail.access.noaccess") . "\";"); } else { $user = getuser($pm[autid]); $dateiname = "PM-Backup " . date("m-Y") . ".zip"; eval("\$pmdl = \"" . gettemplate("pm.dl") . "\";"); $zip->addFile($pmdl, "PM von {$user['user_name']}.txt"); savetraffic(strlen($zip->file())); header("Content-Type: application/octetstream"); header("Content-Disposition: attachment; filename=" . $dateiname); header("Pragma: no-cache"); header("Expires: 0"); echo $zip->file(); exit; } } ####
function main() { global $_G; $message = ''; $ip = str_replace('.', '_', $_G[clientip]); $time = $_SESSION[$ip . '_time'] ? TIMESTAMP - $_SESSION[$ip . '_time'] : 0; if ($_GET[username] && $_GET[login_submit] && check()) { if ($_SESSION[$ip] >= 5) { if ($time <= 0) { $old_time = intval(0 - $time / 60); $message = "由于您的密码重试次数太多,您的IP已被禁止,您可在" . $old_time . '分钟后重新登录'; $this->add(array('message' => $message)); $this->show(); exit; } else { unset($_SESSION[$ip]); unset($_SESSION[$ip . '_time']); } } $username = trim($_GET[username]); $password = trim($_GET[password]); $user = getuser($username, 'username'); if ($user[uid] > 0 && authcode($user[password], 'decode', $user['key']) == $password) { $update = array('login_time' => TIMESTAMP, 'login_ip' => $_G['clientip'], 'login_count' => $user[login_count] + 1); $_G[member] = $user; $_G[member][group] = $_G[group][$user[groupid]]; $_G[uid] = $user[uid]; $id = $_G[groupid] = $user[groupid]; if ($user[groupid] != 1 && $_G[group][$id]['login_admin'] != 1) { //权限验证 $message = '您所在用户组无权登录后台'; $this->add(array('message' => $message)); $this->show(); exit; } if ($user[groupid] == 1) { $_G[adminid] = 1; } $_G[username] = $user[username]; //登录成功 $auth = authcode($user[uid] . '|' . $user[password], 'encode', '', 86400); DB::update('member', $update, "uid=" . $user[uid]); dsetcookie("auth", $auth, 86400); $_SESSION['auth'] = $auth; unset($_SESSION[$ip]); unset($_SESSION[$ip . '_time']); $url = URL; header("Location:" . $url); echo '<script type="text/javascript">window.location.href = "' . $url . '";</script>'; exit; } else { $message = '用户不存在或密码不正确'; if (!$_SESSION[$ip]) { $_SESSION[$ip] = 0; } $_SESSION[$ip] += 1; if ($_SESSION[$ip] >= 5) { $message = "由于您的密码重试次数太多,您在30分钟禁止登录"; $_SESSION[$ip . '_time'] = TIMESTAMP + 1800; } else { if ($_SESSION[$ip] > 2 && $_SESSION[$ip] < 5) { $message = "您还有" . (5 - $_SESSION[$ip]) . '次机会,否则您将会在30分钟禁止登录'; } } } } $_G['title'] = '欢迎登录优淘TAE后台'; $this->add(array('message' => $message)); $this->show(); }
<td width="15%" >PostgreSQL: <?php echo postgresql(); ?> </td> <td width="15%" >WGet: <?php echo testwget(); ?> </td> <td width="25%" >Free space: <?php echo view_size(diskfreespace(getcwd())); ?> </td> </tr> <tr> <td width="35%" >User: <font size=2 color=#ff4500><b><?php echo getuser(); ?> </b></font></td> <td width="15%" >MSSQL: <?php echo testmssql(); ?> </td> <td width="15%" >Perl: <?php echo testperl(); ?> </td> <td width="25%" >Server time: <?php echo date('H:i d-m-Y'); ?> </td> </tr>
function dir_list_form() { global $fm_root_atual, $dir_atual, $quota_mb, $resolveIDs, $order_dir_list_by, $islinux, $cmd_name, $ip, $is_reachable, $path_info, $fm_color; $ti = getmicrotime(); clearstatcache(); $out = "<table border=0 cellspacing=1 cellpadding=4 width=\"100%\" bgcolor=\"#eeeeee\">\n"; if ($opdir = @opendir($dir_atual)) { $entry_count = 0; $file_count = 0; $dir_count = 0; $total_size = 0; $uplink = ""; $entry_list = array(); $highlight_cols = 0; while ($file = readdir($opdir)) { if ($file != "." && $file != "..") { if (is_file($dir_atual . $file)) { $ext = strtolower(strrchr($file, ".")); $entry_list[$entry_count]["type"] = "file"; // Função filetype() returns only "file"... $entry_list[$entry_count]["size"] = filesize($dir_atual . $file); $entry_list[$entry_count]["sizet"] = getsize($dir_atual . $file); if (strstr($ext, ".")) { $entry_list[$entry_count]["ext"] = $ext; $entry_list[$entry_count]["extt"] = $ext; } else { $entry_list[$entry_count]["ext"] = ""; $entry_list[$entry_count]["extt"] = " "; } $file_count++; } elseif (is_dir($dir_atual . $file)) { // Recursive directory size disabled // $entry_list[$entry_count]["size"] = total_size($dir_atual.$file); $entry_list[$entry_count]["size"] = 0; $entry_list[$entry_count]["sizet"] = 0; $entry_list[$entry_count]["type"] = "dir"; $dir_count++; } $entry_list[$entry_count]["name"] = $file; $entry_list[$entry_count]["date"] = date("Ymd", filemtime($dir_atual . $file)); $entry_list[$entry_count]["time"] = date("his", filemtime($dir_atual . $file)); $entry_list[$entry_count]["datet"] = date("d/m/Y h:i:s", filemtime($dir_atual . $file)); if ($islinux && $resolveIDs) { $entry_list[$entry_count]["p"] = show_perms(fileperms($dir_atual . $file)); $entry_list[$entry_count]["u"] = getuser(fileowner($dir_atual . $file)); $entry_list[$entry_count]["g"] = getgroup(filegroup($dir_atual . $file)); } else { $entry_list[$entry_count]["p"] = base_convert(fileperms($dir_atual . $file), 10, 8); $entry_list[$entry_count]["p"] = substr($entry_list[$entry_count]["p"], strlen($entry_list[$entry_count]["p"]) - 3); $entry_list[$entry_count]["u"] = fileowner($dir_atual . $file); $entry_list[$entry_count]["g"] = filegroup($dir_atual . $file); } $total_size += $entry_list[$entry_count]["size"]; $entry_count++; } } closedir($opdir); if ($file_count) { $highlight_cols = $islinux ? 7 : 5; } else { $highlight_cols = $islinux ? 6 : 4; } if ($entry_count) { $or1 = "1A"; $or2 = "2D"; $or3 = "3A"; $or4 = "4A"; $or5 = "5A"; $or6 = "6D"; $or7 = "7D"; switch ($order_dir_list_by) { case "1A": $entry_list = array_csort($entry_list, "type", SORT_STRING, SORT_ASC, "name", SORT_STRING, SORT_ASC); $or1 = "1D"; break; case "1D": $entry_list = array_csort($entry_list, "type", SORT_STRING, SORT_ASC, "name", SORT_STRING, SORT_DESC); $or1 = "1A"; break; case "2A": $entry_list = array_csort($entry_list, "type", SORT_STRING, SORT_ASC, "p", SORT_STRING, SORT_ASC, "g", SORT_STRING, SORT_ASC, "u", SORT_STRING, SORT_ASC); $or2 = "2D"; break; case "2D": $entry_list = array_csort($entry_list, "type", SORT_STRING, SORT_ASC, "p", SORT_STRING, SORT_DESC, "g", SORT_STRING, SORT_ASC, "u", SORT_STRING, SORT_ASC); $or2 = "2A"; break; case "3A": $entry_list = array_csort($entry_list, "type", SORT_STRING, SORT_ASC, "u", SORT_STRING, SORT_ASC, "g", SORT_STRING, SORT_ASC); $or3 = "3D"; break; case "3D": $entry_list = array_csort($entry_list, "type", SORT_STRING, SORT_ASC, "u", SORT_STRING, SORT_DESC, "g", SORT_STRING, SORT_ASC); $or3 = "3A"; break; case "4A": $entry_list = array_csort($entry_list, "type", SORT_STRING, SORT_ASC, "g", SORT_STRING, SORT_ASC, "u", SORT_STRING, SORT_DESC); $or4 = "4D"; break; case "4D": $entry_list = array_csort($entry_list, "type", SORT_STRING, SORT_ASC, "g", SORT_STRING, SORT_DESC, "u", SORT_STRING, SORT_DESC); $or4 = "4A"; break; case "5A": $entry_list = array_csort($entry_list, "type", SORT_STRING, SORT_ASC, "size", SORT_NUMERIC, SORT_ASC); $or5 = "5D"; break; case "5D": $entry_list = array_csort($entry_list, "type", SORT_STRING, SORT_ASC, "size", SORT_NUMERIC, SORT_DESC); $or5 = "5A"; break; case "6A": $entry_list = array_csort($entry_list, "type", SORT_STRING, SORT_ASC, "date", SORT_STRING, SORT_ASC, "time", SORT_STRING, SORT_ASC, "name", SORT_STRING, SORT_ASC); $or6 = "6D"; break; case "6D": $entry_list = array_csort($entry_list, "type", SORT_STRING, SORT_ASC, "date", SORT_STRING, SORT_DESC, "time", SORT_STRING, SORT_DESC, "name", SORT_STRING, SORT_ASC); $or6 = "6A"; break; case "7A": $entry_list = array_csort($entry_list, "type", SORT_STRING, SORT_ASC, "ext", SORT_STRING, SORT_ASC, "name", SORT_STRING, SORT_ASC); $or7 = "7D"; break; case "7D": $entry_list = array_csort($entry_list, "type", SORT_STRING, SORT_ASC, "ext", SORT_STRING, SORT_DESC, "name", SORT_STRING, SORT_ASC); $or7 = "7A"; break; } } $out .= "\r\n <script language=\"Javascript\" type=\"text/javascript\">\r\n <!--\r\n function getCookieVal (offset) {\r\n var endstr = document.cookie.indexOf (';', offset);\r\n if (endstr == -1) endstr = document.cookie.length;\r\n return unescape(document.cookie.substring(offset, endstr));\r\n }\r\n function getCookie (name) {\r\n var arg = name + '=';\r\n var alen = arg.length;\r\n var clen = document.cookie.length;\r\n var i = 0;\r\n while (i < clen) {\r\n var j = i + alen;\r\n if (document.cookie.substring(i, j) == arg) return getCookieVal (j);\r\n i = document.cookie.indexOf(' ', i) + 1;\r\n if (i == 0) break;\r\n }\r\n return null;\r\n }\r\n function setCookie (name, value) {\r\n var argv = SetCookie.arguments;\r\n var argc = SetCookie.arguments.length;\r\n var expires = (argc > 2) ? argv[2] : null;\r\n var path = (argc > 3) ? argv[3] : null;\r\n var domain = (argc > 4) ? argv[4] : null;\r\n var secure = (argc > 5) ? argv[5] : false;\r\n document.cookie = name + '=' + escape (value) +\r\n ((expires == null) ? '' : ('; expires=' + expires.toGMTString())) +\r\n ((path == null) ? '' : ('; path=' + path)) +\r\n ((domain == null) ? '' : ('; domain=' + domain)) +\r\n ((secure == true) ? '; secure' : '');\r\n }\r\n function delCookie (name) {\r\n var exp = new Date();\r\n exp.setTime (exp.getTime() - 1);\r\n var cval = GetCookie (name);\r\n document.cookie = name + '=' + cval + '; expires=' + exp.toGMTString();\r\n }\r\n function go(arg) {\r\n document.location.href='" . $path_info["basename"] . "?frame=3&dir_atual={$dir_atual}'+arg+'/';\r\n }\r\n function resolveIDs() {\r\n document.location.href='" . $path_info["basename"] . "?frame=3&set_resolveIDs=1&dir_atual={$dir_atual}';\r\n }\r\n var entry_list = new Array();\r\n // Custom object constructor\r\n function entry(name, type, size, selected){\r\n this.name = name;\r\n this.type = type;\r\n this.size = size;\r\n this.selected = false;\r\n }\r\n // Declare entry_list for selection procedures"; foreach ($entry_list as $i => $data) { $out .= "\nentry_list['entry{$i}'] = new entry('" . $data["name"] . "', '" . $data["type"] . "', " . $data["size"] . ", false);"; } $out .= "\r\n // Select/Unselect Rows OnClick/OnMouseOver\r\n var lastRows = new Array(null,null);\r\n function selectEntry(Row, Action){\r\n var MarkColor = '#" . $fm_color['Mark'] . "';\r\n var Cells = Row.getElementsByTagName('td');\r\n if (multipleSelection){\r\n // Avoid repeated onmouseover events from same Row ( cell transition )\r\n if (Row != lastRows[0]){\r\n if (Action == 'over') {\r\n if (entry_list[Row.id].selected){\r\n if (entry_list[Row.id].type == 'dir') DefaultColor = '#" . $fm_color['Dir'] . "';\r\n else DefaultColor = '#" . $fm_color['File'] . "';\r\n if (unselect(entry_list[Row.id])) {\r\n for (var c=0; c < " . (int) $highlight_cols . "; c++) {\r\n if (c == 0 && entry_list[Row.id].type=='file' && !entry_list[Row.id].selected) Cells[c].style.backgroundColor = '#" . $fm_color['FileFirstCell'] . "';\r\n else Cells[c].style.backgroundColor = DefaultColor;\r\n }\r\n }\r\n // Change the last Row when you change the movement orientation\r\n if (lastRows[0] != null && lastRows[1] != null){\r\n var LastRowID = lastRows[0].id;\r\n var LastRowDefaultColor;\r\n if (entry_list[LastRowID].type == 'dir') LastRowDefaultColor = '#" . $fm_color['Dir'] . "';\r\n else LastRowDefaultColor = '#" . $fm_color['File'] . "';\r\n if (Row.id == lastRows[1].id){\r\n var LastRowCells = lastRows[0].getElementsByTagName('td');\r\n if (unselect(entry_list[LastRowID])) {\r\n for (var c=0; c < " . (int) $highlight_cols . "; c++) {\r\n if (c == 0 && entry_list[LastRowID].type=='file' && !entry_list[LastRowID].selected) LastRowCells[c].style.backgroundColor = '#" . $fm_color['FileFirstCell'] . "';\r\n else LastRowCells[c].style.backgroundColor = LastRowDefaultColor;\r\n }\r\n }\r\n }\r\n }\r\n } else {\r\n if (select(entry_list[Row.id])){\r\n for (var c=0; c < " . (int) $highlight_cols . "; c++) {\r\n if (c == 0 && entry_list[Row.id].type=='file' && !entry_list[Row.id].selected) Cells[c].style.backgroundColor = '#" . $fm_color['FileFirstCell'] . "';\r\n else Cells[c].style.backgroundColor = MarkColor;\r\n }\r\n }\r\n // Change the last Row when you change the movement orientation\r\n if (lastRows[0] != null && lastRows[1] != null){\r\n var LastRowID = lastRows[0].id;\r\n if (Row.id == lastRows[1].id){\r\n var LastRowCells = lastRows[0].getElementsByTagName('td');\r\n if (select(entry_list[LastRowID])) {\r\n for (var c=0; c < " . (int) $highlight_cols . "; c++) {\r\n if (c == 0 && entry_list[LastRowID].type=='file' && !entry_list[LastRowID].selected) LastRowCells[c].style.backgroundColor = '#" . $fm_color['FileFirstCell'] . "';\r\n else LastRowCells[c].style.backgroundColor = MarkColor;\r\n }\r\n }\r\n }\r\n }\r\n }\r\n lastRows[1] = lastRows[0];\r\n lastRows[0] = Row;\r\n }\r\n }\r\n } else {\r\n if (Action == 'click') {\r\n var newColor = null;\r\n if (entry_list[Row.id].selected){\r\n var DefaultColor;\r\n if (entry_list[Row.id].type == 'dir') DefaultColor = '#" . $fm_color['Dir'] . "';\r\n else DefaultColor = '#" . $fm_color['File'] . "';\r\n if (unselect(entry_list[Row.id])) newColor = DefaultColor;\r\n } else {\r\n if (select(entry_list[Row.id])) newColor = MarkColor;\r\n }\r\n if (newColor) {\r\n lastRows[0] = lastRows[1] = Row;\r\n for (var c=0; c < " . (int) $highlight_cols . "; c++) {\r\n if (c == 0 && entry_list[Row.id].type=='file' && !entry_list[Row.id].selected) Cells[c].style.backgroundColor = '#" . $fm_color['FileFirstCell'] . "';\r\n else Cells[c].style.backgroundColor = newColor;\r\n }\r\n }\r\n }\r\n }\r\n return true;\r\n }\r\n // Disable text selection and bind multiple selection flag\r\n var multipleSelection = false;\r\n if (is.ie) {\r\n document.onselectstart=new Function('return false');\r\n document.onmousedown=switch_flag_on;\r\n document.onmouseup=switch_flag_off;\r\n // Event mouseup is not generated over scrollbar.. curiously, mousedown is.. go figure.\r\n window.onscroll=new Function('multipleSelection=false');\r\n } else {\r\n if (document.layers) window.captureEvents(Event.MOUSEDOWN);\r\n if (document.layers) window.captureEvents(Event.MOUSEUP);\r\n window.onmousedown=switch_flag_on;\r\n window.onmouseup=switch_flag_off;\r\n }\r\n // Using same function and a ternary operator couses bug on double click\r\n function switch_flag_on(e) {\r\n lastRows[0] = lastRows[1] = null;\r\n if (is.ie){\r\n multipleSelection = (event.button == 1);\r\n } else {\r\n multipleSelection = (e.which == 1);\r\n }\r\n return false;\r\n }\r\n function switch_flag_off(e) {\r\n if (is.ie){\r\n multipleSelection = (event.button != 1);\r\n } else {\r\n multipleSelection = (e.which != 1);\r\n }\r\n return false;\r\n }\r\n var total_dirs_selected = 0;\r\n var total_files_selected = 0;\r\n function unselect(Entry){\r\n if (!Entry.selected) return false;\r\n Entry.selected = false;\r\n sel_totalsize -= Entry.size;\r\n if (Entry.type == 'dir') total_dirs_selected--;\r\n else total_files_selected--;\r\n update_sel_status();\r\n return true;\r\n }\r\n function select(Entry){\r\n if(Entry.selected) return false;\r\n Entry.selected = true;\r\n sel_totalsize += Entry.size;\r\n if(Entry.type == 'dir') total_dirs_selected++;\r\n else total_files_selected++;\r\n update_sel_status();\r\n return true;\r\n }\r\n function is_anything_selected(){\r\n var selected_dir_list = new Array();\r\n var selected_file_list = new Array();\r\n for(var x=0;x<" . (int) count($entry_list) . ";x++){\r\n if(entry_list['entry'+x].selected){\r\n if(entry_list['entry'+x].type == 'dir') selected_dir_list.push(entry_list['entry'+x].name);\r\n else selected_file_list.push(entry_list['entry'+x].name);\r\n }\r\n }\r\n document.form_action.selected_dir_list.value = selected_dir_list.join('<|*|>');\r\n document.form_action.selected_file_list.value = selected_file_list.join('<|*|>');\r\n return (total_dirs_selected>0 || total_files_selected>0);\r\n }\r\n function formatsize (arg) {\r\n var resul = '';\r\n if (arg>0){\r\n var j = 0;\r\n var ext = new Array(' bytes',' Kb',' Mb',' Gb',' Tb');\r\n while (arg >= Math.pow(1024,j)) ++j;\r\n resul = (Math.round(arg/Math.pow(1024,j-1)*100)/100) + ext[j-1];\r\n } else resul = '0 Mb';\r\n return resul;\r\n }\r\n var sel_totalsize = 0;\r\n function update_sel_status(){\r\n var t = total_dirs_selected+' " . et('Dir_s') . " " . et('And') . " '+total_files_selected+' " . et('File_s') . " " . et('Selected_s') . " = '+formatsize(sel_totalsize);\r\n document.getElementById(\"sel_status\").innerHTML = t;\r\n }\r\n // Select all/none/inverse\r\n function selectANI(Butt){\r\n var MarkColor = '#" . $fm_color['Mark'] . "';\r\n for(var x=0;x<" . (int) count($entry_list) . ";x++){\r\n if (entry_list['entry'+x].type == 'dir'){\r\n var DefaultColor = '#" . $fm_color['Dir'] . "';\r\n } else {\r\n var DefaultColor = '#" . $fm_color['File'] . "';\r\n }\r\n var Row = document.getElementById('entry'+x);\r\n var Cells = Row.getElementsByTagName('td');\r\n var newColor = null;\r\n switch (Butt.value){\r\n case '" . et('SelAll') . "':\r\n if (select(entry_list[Row.id])) newColor = MarkColor;\r\n break;\r\n case '" . et('SelNone') . "':\r\n if (unselect(entry_list[Row.id])) newColor = DefaultColor;\r\n break;\r\n case '" . et('SelInverse') . "':\r\n if (entry_list[Row.id].selected){\r\n if (unselect(entry_list[Row.id])) newColor = DefaultColor;\r\n } else {\r\n if (select(entry_list[Row.id])) newColor = MarkColor;\r\n }\r\n break;\r\n }\r\n if (newColor) {\r\n for (var c=0; c < " . (int) $highlight_cols . "; c++) {\r\n if (entry_list[Row.id].type=='file' && c==0 && !entry_list[Row.id].selected) Cells[c].style.backgroundColor = '#" . $fm_color['FileFirstCell'] . "';\r\n else Cells[c].style.backgroundColor = newColor;\r\n }\r\n }\r\n }\r\n if (Butt.value == '" . et('SelAll') . "'){\r\n Butt.value = '" . et('SelNone') . "';\r\n } else if (Butt.value == '" . et('SelNone') . "'){\r\n Butt.value = '" . et('SelAll') . "';\r\n }\r\n return true;\r\n }\r\n function download(arg){\r\n parent.frame1.location.href='" . $path_info["basename"] . "?action=3&dir_atual={$dir_atual}&filename='+escape(arg);\r\n }\r\n function upload(){\r\n var w = 400;\r\n var h = 200;\r\n window.open('" . $path_info["basename"] . "?action=10&dir_atual={$dir_atual}', '', 'width='+w+',height='+h+',fullscreen=no,scrollbars=no,resizable=yes,status=no,toolbar=no,menubar=no,location=no');\r\n }\r\n function execute(){\r\n document.form_action.cmd_arg.value = prompt('" . et('TypeCmd') . ".');\r\n if(document.form_action.cmd_arg.value.length>0){\r\n if(confirm('" . et('ConfExec') . " \\' '+document.form_action.cmd_arg.value+' \\' ?')) {\r\n var w = 800;\r\n var h = 600;\r\n window.open('" . $path_info["basename"] . "?action=6&dir_atual={$dir_atual}&cmd='+escape(document.form_action.cmd_arg.value), '', 'width='+w+',height='+h+',fullscreen=no,scrollbars=yes,resizable=yes,status=no,toolbar=no,menubar=no,location=no');\r\n }\r\n }\r\n }\r\n function decompress(arg){\r\n if(confirm('" . strtoupper(et('Decompress')) . " \\' '+arg+' \\' ?')) {\r\n document.form_action.action.value = 72;\r\n document.form_action.cmd_arg.value = arg;\r\n document.form_action.submit();\r\n }\r\n }\r\n function edit_file(arg){\r\n var w = 800;\r\n var h = 600;\r\n if(confirm('" . strtoupper(et('Edit')) . " \\' '+arg+' \\' ?')) window.open('" . $path_info["basename"] . "?action=7&dir_atual={$dir_atual}&filename='+escape(arg), '', 'width='+w+',height='+h+',fullscreen=no,scrollbars=no,resizable=yes,status=no,toolbar=no,menubar=no,location=no');\r\n }\r\n function config(){\r\n var w = 600;\r\n var h = 400;\r\n window.open('" . $path_info["basename"] . "?action=2', 'win_config', 'width='+w+',height='+h+',fullscreen=no,scrollbars=yes,resizable=yes,status=no,toolbar=no,menubar=no,location=no');\r\n }\r\n function server_info(arg){\r\n var w = 800;\r\n var h = 600;\r\n window.open('" . $path_info["basename"] . "?action=5', 'win_serverinfo', 'width='+w+',height='+h+',fullscreen=no,scrollbars=yes,resizable=yes,status=no,toolbar=no,menubar=no,location=no');\r\n }\r\n function shell(){\r\n var w = 800;\r\n var h = 600;\r\n window.open('" . $path_info["basename"] . "?action=9', '', 'width='+w+',height='+h+',fullscreen=no,scrollbars=yes,resizable=yes,status=no,toolbar=no,menubar=no,location=no');\r\n }\r\n function view(arg){\r\n var w = 800;\r\n var h = 600;\r\n if(confirm('" . strtoupper(et('View')) . " \\' '+arg+' \\' ?')) window.open('" . $path_info["basename"] . "?action=4&dir_atual={$dir_atual}&filename='+escape(arg), '', 'width='+w+',height='+h+',fullscreen=no,scrollbars=yes,resizable=yes,status=yes,toolbar=no,menubar=no,location=yes');\r\n }\r\n function rename(arg){\r\n var nome = '';\r\n if (nome = prompt('" . strtoupper(et('Ren')) . " \\' '+arg+' \\' " . et('To') . " ...')) document.location.href='" . $path_info["basename"] . "?frame=3&action=3&dir_atual={$dir_atual}&old_name='+escape(arg)+'&new_name='+escape(nome);\r\n }\r\n function set_dir_dest(arg){\r\n document.form_action.dir_dest.value=arg;\r\n if (document.form_action.action.value.length>0) test(document.form_action.action.value);\r\n else alert('" . et('JSError') . ".');\r\n }\r\n function sel_dir(arg){\r\n document.form_action.action.value = arg;\r\n document.form_action.dir_dest.value='';\r\n if (!is_anything_selected()) alert('" . et('NoSel') . ".');\r\n else {\r\n if (!getCookie('sel_dir_warn')) {\r\n alert('" . et('SelDir') . ".');\r\n document.cookie='sel_dir_warn'+'='+escape('true')+';';\r\n }\r\n parent.frame2.set_flag(true);\r\n }\r\n }\r\n function set_chmod_arg(arg){\r\n document.form_action.chmod_arg.value=arg;\r\n if (document.form_action.action.value.length>0) test(document.form_action.action.value);\r\n else alert('" . et('JSError') . "');\r\n }\r\n function chmod(arg){\r\n document.form_action.action.value = arg;\r\n document.form_action.dir_dest.value='';\r\n document.form_action.chmod_arg.value='';\r\n if (!is_anything_selected()) alert('" . et('NoSel') . ".');\r\n else {\r\n var w = 280;\r\n var h = 180;\r\n window.open('" . $path_info["basename"] . "?action=8', '', 'width='+w+',height='+h+',fullscreen=no,scrollbars=no,resizable=yes,status=no,toolbar=no,menubar=no,location=no');\r\n }\r\n }\r\n function test_action(){\r\n if (document.form_action.action.value != 0) return true;\r\n else return false;\r\n }\r\n function test_prompt(arg){\r\n var erro='';\r\n var conf='';\r\n if (arg == 1){\r\n document.form_action.cmd_arg.value = prompt('" . et('TypeDir') . ".');\r\n } else if (arg == 2){\r\n document.form_action.cmd_arg.value = prompt('" . et('TypeArq') . ".');\r\n } else if (arg == 71){\r\n if (!is_anything_selected()) erro = '" . et('NoSel') . ".';\r\n else document.form_action.cmd_arg.value = prompt('" . et('TypeArqComp') . "');\r\n }\r\n if (erro!=''){\r\n document.form_action.cmd_arg.focus();\r\n alert(erro);\r\n } else if(document.form_action.cmd_arg.value.length>0) {\r\n document.form_action.action.value = arg;\r\n document.form_action.submit();\r\n }\r\n }\r\n function strstr(haystack,needle){\r\n var index = haystack.indexOf(needle);\r\n return (index==-1)?false:index;\r\n }\r\n function valid_dest(dest,orig){\r\n return (strstr(dest,orig)==false)?true:false;\r\n }\r\n // ArrayAlert - Selection debug only\r\n function aa(){\r\n var str = 'selected_dir_list:\\n';\r\n for (x=0;x<selected_dir_list.length;x++){\r\n str += selected_dir_list[x]+'\\n';\r\n }\r\n str += '\\nselected_file_list:\\n';\r\n for (x=0;x<selected_file_list.length;x++){\r\n str += selected_file_list[x]+'\\n';\r\n }\r\n alert(str);\r\n }\r\n function test(arg){\r\n var erro='';\r\n var conf='';\r\n if (arg == 4){\r\n if (!is_anything_selected()) erro = '" . et('NoSel') . ".\\n';\r\n conf = '" . et('RemSel') . " ?\\n';\r\n } else if (arg == 5){\r\n if (!is_anything_selected()) erro = '" . et('NoSel') . ".\\n';\r\n else if(document.form_action.dir_dest.value.length == 0) erro = '" . et('NoDestDir') . ".';\r\n else if(document.form_action.dir_dest.value == document.form_action.dir_atual.value) erro = '" . et('DestEqOrig') . ".';\r\n else if(!valid_dest(document.form_action.dir_dest.value,document.form_action.dir_atual.value)) erro = '" . et('InvalidDest') . ".';\r\n conf = '" . et('CopyTo') . " \\' '+document.form_action.dir_dest.value+' \\' ?\\n';\r\n } else if (arg == 6){\r\n if (!is_anything_selected()) erro = '" . et('NoSel') . ".';\r\n else if(document.form_action.dir_dest.value.length == 0) erro = '" . et('NoDestDir') . ".';\r\n else if(document.form_action.dir_dest.value == document.form_action.dir_atual.value) erro = '" . et('DestEqOrig') . ".';\r\n else if(!valid_dest(document.form_action.dir_dest.value,document.form_action.dir_atual.value)) erro = '" . et('InvalidDest') . ".';\r\n conf = '" . et('MoveTo') . " \\' '+document.form_action.dir_dest.value+' \\' ?\\n';\r\n } else if (arg == 9){\r\n if (!is_anything_selected()) erro = '" . et('NoSel') . ".';\r\n else if(document.form_action.chmod_arg.value.length == 0) erro = '" . et('NoNewPerm') . ".';\r\n conf = '" . et('AlterPermTo') . " \\' '+document.form_action.chmod_arg.value+' \\' ?\\n';\r\n }\r\n if (erro!=''){\r\n document.form_action.cmd_arg.focus();\r\n alert(erro);\r\n } else if(conf!='') {\r\n if(confirm(conf)) {\r\n document.form_action.action.value = arg;\r\n document.form_action.submit();\r\n }\r\n } else {\r\n document.form_action.action.value = arg;\r\n document.form_action.submit();\r\n }\r\n }\r\n //-->\r\n </script>"; $out .= "\r\n <form name=\"form_action\" action=\"" . $path_info["basename"] . "\" method=\"post\" onsubmit=\"return test_action();\">\r\n <input type=hidden name=\"frame\" value=3>\r\n <input type=hidden name=\"action\" value=0>\r\n <input type=hidden name=\"dir_dest\" value=\"\">\r\n <input type=hidden name=\"chmod_arg\" value=\"\">\r\n <input type=hidden name=\"cmd_arg\" value=\"\">\r\n <input type=hidden name=\"dir_atual\" value=\"{$dir_atual}\">\r\n <input type=hidden name=\"dir_antes\" value=\"{$dir_antes}\">\r\n <input type=hidden name=\"selected_dir_list\" value=\"\">\r\n <input type=hidden name=\"selected_file_list\" value=\"\">"; $out .= "\r\n <tr>\r\n <td bgcolor=\"#DDDDDD\" colspan=20><nobr>\r\n <input type=button onclick=\"config()\" value=\"" . et('Config') . "\">\r\n <input type=button onclick=\"server_info()\" value=\"" . et('ServerInfo') . "\">\r\n <input type=button onclick=\"test_prompt(1)\" value=\"" . et('CreateDir') . "\">\r\n <input type=button onclick=\"test_prompt(2)\" value=\"" . et('CreateArq') . "\">\r\n <input type=button onclick=\"execute()\" value=\"" . et('ExecCmd') . "\">\r\n <input type=button onclick=\"upload()\" value=\"" . et('Upload') . "\">\r\n <input type=button onclick=\"shell()\" value=\"" . et('Shell') . "\">\r\n <b>{$ip}</b>\r\n </nobr>"; if ($dir_atual != $fm_root_atual) { $mat = explode("/", $dir_atual); $dir_antes = ""; for ($x = 0; $x < count($mat) - 2; $x++) { $dir_antes .= $mat[$x] . "/"; } $uplink = "<a href=\"" . $path_info["basename"] . "?frame=3&dir_atual={$dir_antes}\"><<</a> "; } if ($entry_count) { $out .= "\r\n <tr><td bgcolor=\"#DDDDDD\" colspan=20><nobr>{$uplink} <a href=\"" . $path_info["basename"] . "?frame=3&dir_atual={$dir_atual}\">{$dir_atual}</a></nobr>\r\n <tr>\r\n <td bgcolor=\"#DDDDDD\" colspan=20><nobr>\r\n <input type=\"button\" style=\"width:60\" onclick=\"selectANI(this)\" value=\"" . et('SelAll') . "\">\r\n <input type=\"button\" style=\"width:60\" onclick=\"selectANI(this)\" value=\"" . et('SelInverse') . "\">\r\n <input type=\"button\" style=\"width:60\" onclick=\"test(4)\" value=\"" . et('Rem') . "\">\r\n <input type=\"button\" style=\"width:60\" onclick=\"sel_dir(5)\" value=\"" . et('Copy') . "\">\r\n <input type=\"button\" style=\"width:60\" onclick=\"sel_dir(6)\" value=\"" . et('Move') . "\">\r\n <input type=\"button\" style=\"width:100\" onclick=\"test_prompt(71)\" value=\"" . et('Compress') . "\">"; if ($islinux) { $out .= "\r\n <input type=\"button\" style=\"width:100\" onclick=\"resolveIDs()\" value=\"" . et('ResolveIDs') . "\">"; } $out .= "\r\n <input type=\"button\" style=\"width:100\" onclick=\"chmod(9)\" value=\"" . et('Perms') . "\">"; $out .= "\r\n </nobr>\r\n <tr><td bgcolor=\"#DDDDDD\" colspan=20><DIV ID=\"sel_status\"></DIV></td></tr>"; $dir_out = ""; $file_out = ""; foreach ($entry_list as $ind => $dir_entry) { $file = $dir_entry["name"]; if ($dir_entry["type"] == "dir") { $dir_out .= "\r\n <tr ID=\"entry{$ind}\" onmouseover=\"selectEntry(this, 'over');\" onmousedown=\"selectEntry(this, 'click');\">\r\n <td align=left bgcolor=\"#" . $fm_color['Dir'] . "\"><nobr><a href=\"JavaScript:go('{$file}')\">{$file}</a></nobr>\r\n <td bgcolor=\"#" . $fm_color['Dir'] . "\">" . $dir_entry["p"]; if ($islinux) { $dir_out .= "<td bgcolor=\"#" . $fm_color['Dir'] . "\">" . $dir_entry["u"] . "<td bgcolor=\"#" . $fm_color['Dir'] . "\">" . $dir_entry["g"]; } $dir_out .= "\r\n <td bgcolor=\"#" . $fm_color['Dir'] . "\">" . $dir_entry["sizet"] . "\r\n <td bgcolor=\"#" . $fm_color['Dir'] . "\">" . $dir_entry["datet"]; if ($file_count) { $dir_out .= "\r\n <td bgcolor=\"#" . $fm_color['Dir'] . "\" align=center>"; } // Opções de diretório if (is_writable($dir_atual . $file)) { $dir_out .= "\r\n <td bgcolor=\"#FFFFFF\" align=center><a href=\"JavaScript:if(confirm('" . et('ConfRem') . " \\'" . $file . "\\' ?')) document.location.href='" . $path_info["basename"] . "?frame=3&action=8&cmd_arg=" . $file . "&dir_atual={$dir_atual}'\">" . et('Rem') . "</a>\r\n <td bgcolor=\"#FFFFFF\" align=center><a href=\"JavaScript:rename('{$file}')\">" . et('Ren') . "</a>"; } $dir_out .= "\r\n </tr>"; } else { $file_out .= "\r\n <tr ID=\"entry{$ind}\" onmouseover=\"selectEntry(this, 'over');\" onmousedown=\"selectEntry(this, 'click');\">\r\n <td align=left bgcolor=\"#FFFFFF\"><nobr><a href=\"JavaScript:download('{$file}')\">{$file}</a></nobr>\r\n <td bgcolor=\"#" . $fm_color['File'] . "\">" . $dir_entry["p"]; if ($islinux) { $file_out .= "<td bgcolor=\"#" . $fm_color['File'] . "\">" . $dir_entry["u"] . "<td bgcolor=\"#" . $fm_color['File'] . "\">" . $dir_entry["g"]; } $file_out .= "\r\n <td bgcolor=\"#" . $fm_color['File'] . "\">" . $dir_entry["sizet"] . "\r\n <td bgcolor=\"#" . $fm_color['File'] . "\">" . $dir_entry["datet"] . "\r\n <td bgcolor=\"#" . $fm_color['File'] . "\">" . $dir_entry["extt"]; // Opções de arquivo if (is_writable($dir_atual . $file)) { $file_out .= "\r\n <td bgcolor=\"#FFFFFF\" align=center><a href=\"javascript:if(confirm('" . strtoupper(et('Rem')) . " \\'" . $file . "\\' ?')) document.location.href='" . $path_info["basename"] . "?frame=3&action=8&cmd_arg=" . $file . "&dir_atual={$dir_atual}'\">" . et('Rem') . "</a>\r\n <td bgcolor=\"#FFFFFF\" align=center><a href=\"javascript:rename('{$file}')\">" . et('Ren') . "</a>"; } if (is_readable($dir_atual . $file) && strpos(".wav#.mp3#.mid#.avi#.mov#.mpeg#.mpg#.rm#.iso#.bin#.img#.dll#.psd#.fla#.swf#.class#.ppt#.jpg#.gif#.png#.wmf#.eps#.bmp#.msi#.exe#.com#.rar#.tar#.zip#.bz2#.tbz2#.bz#.tbz#.bzip#.gzip#.gz#.tgz#", $dir_entry["ext"] . "#") === false) { $file_out .= "\r\n <td bgcolor=\"#FFFFFF\" align=center><a href=\"javascript:edit_file('{$file}')\">" . et('Edit') . "</a>"; } if (is_readable($dir_atual . $file) && strlen($dir_entry["ext"]) && strpos(".tar#.zip#.bz2#.tbz2#.bz#.tbz#.bzip#.gzip#.gz#.tgz#", $dir_entry["ext"] . "#") !== false) { $file_out .= "\r\n <td bgcolor=\"#FFFFFF\" align=center><a href=\"javascript:decompress('{$file}')\">" . et('Decompress') . "</a>"; } if ($is_reachable && is_readable($dir_atual . $file) && strpos(".txt#.sys#.bat#.ini#.conf#.swf#.php#.php3#.asp#.html#.htm#.jpg#.gif#.png#.bmp#", $dir_entry["ext"] . "#") !== false) { $file_out .= "\r\n <td bgcolor=\"#FFFFFF\" align=center><a href=\"javascript:view('{$file}');\">" . et('View') . "</a>"; } $file_out .= "</tr>"; } } $out .= $dir_out; if ($entry_count) { $out .= "\r\n <tr>\r\n <td bgcolor=\"#DDDDDD\"><a href=\"" . $path_info["basename"] . "?frame=3&or_by={$or1}&dir_atual={$dir_atual}\">" . et('Name') . "</a>\r\n <td bgcolor=\"#DDDDDD\"><a href=\"" . $path_info["basename"] . "?frame=3&or_by={$or2}&dir_atual={$dir_atual}\">" . et('Perms') . "</a>"; if ($islinux) { $out .= "<td bgcolor=\"#DDDDDD\"><a href=\"" . $path_info["basename"] . "?frame=3&or_by={$or3}&dir_atual={$dir_atual}\">" . et('Owner') . "</a><td bgcolor=\"#DDDDDD\"><a href=\"" . $path_info["basename"] . "?frame=3&or_by={$or4}&dir_atual={$dir_atual}\">" . et('Group') . "</a>"; } $out .= "\r\n <td bgcolor=\"#DDDDDD\"><a href=\"" . $path_info["basename"] . "?frame=3&or_by={$or5}&dir_atual={$dir_atual}\">" . et('Size') . "</a>\r\n <td bgcolor=\"#DDDDDD\"><a href=\"" . $path_info["basename"] . "?frame=3&or_by={$or6}&dir_atual={$dir_atual}\">" . et('Date') . "</a>"; if ($file_count) { $out .= "\r\n <td bgcolor=\"#DDDDDD\"><a href=\"" . $path_info["basename"] . "?frame=3&or_by={$or7}&dir_atual={$dir_atual}\">" . et('Type') . "</a>"; } $out .= "\r\n <td bgcolor=\"#DDDDDD\" colspan=20>"; } $out .= $file_out; $out .= "\r\n <tr>\r\n <td bgcolor=\"#DDDDDD\" colspan=20><nobr>\r\n <input type=\"button\" style=\"width:60\" onclick=\"selectANI(this)\" value=\"" . et('SelAll') . "\">\r\n <input type=\"button\" style=\"width:60\" onclick=\"selectANI(this)\" value=\"" . et('SelInverse') . "\">\r\n <input type=\"button\" style=\"width:60\" onclick=\"test(4)\" value=\"" . et('Rem') . "\">\r\n <input type=\"button\" style=\"width:60\" onclick=\"sel_dir(5)\" value=\"" . et('Copy') . "\">\r\n <input type=\"button\" style=\"width:60\" onclick=\"sel_dir(6)\" value=\"" . et('Move') . "\">\r\n <input type=\"button\" style=\"width:100\" onclick=\"test_prompt(71)\" value=\"" . et('Compress') . "\">"; if ($islinux) { $out .= "\r\n <input type=\"button\" style=\"width:100\" onclick=\"resolveIDs()\" value=\"" . et('ResolveIDs') . "\">"; } $out .= "\r\n <input type=\"button\" style=\"width:100\" onclick=\"chmod(9)\" value=\"" . et('Perms') . "\">"; $out .= "\r\n </nobr></td>\r\n </tr>"; $out .= "\r\n </form>"; $out .= "\r\n <tr><td bgcolor=\"#DDDDDD\" colspan=20>{$dir_count} " . et('Dir_s') . " " . et('And') . " {$file_count} " . et('File_s') . " = " . formatsize($total_size) . "</td></tr>"; if ($quota_mb) { $out .= "\r\n <tr><td bgcolor=\"#DDDDDD\" colspan=20>" . et('Partition') . ": " . formatsize($quota_mb * 1024 * 1024) . " " . et('Total') . " - " . formatsize($quota_mb * 1024 * 1024 - total_size($fm_root_atual)) . " " . et('Free') . "</td></tr>"; } else { $out .= "\r\n <tr><td bgcolor=\"#DDDDDD\" colspan=20>" . et('Partition') . ": " . formatsize(disk_total_space($dir_atual)) . " " . et('Total') . " - " . formatsize(disk_free_space($fm_root_atual)) . " " . et('Free') . "</td></tr>"; } $tf = getmicrotime(); $tt = $tf - $ti; $out .= "\r\n <tr><td bgcolor=\"#DDDDDD\" colspan=20>" . et('RenderTime') . ": " . substr($tt, 0, strrpos($tt, ".") + 5) . " " . et('Seconds') . "</td></tr>"; $out .= "\r\n <script language=\"Javascript\" type=\"text/javascript\">\r\n <!--\r\n update_sel_status();\r\n //-->\r\n </script>"; } else { $out .= "\r\n <tr>\r\n <td bgcolor=\"#DDDDDD\" width=\"1%\">{$uplink}<td bgcolor=\"#DDDDDD\" colspan=20><nobr><a href=\"" . $path_info["basename"] . "?frame=3&dir_atual={$dir_atual}\">{$dir_atual}</a></nobr>\r\n <tr><td bgcolor=\"#DDDDDD\" colspan=20>" . et('EmptyDir') . ".</tr>"; } } else { $out .= "<tr><td><font color=red>" . et('IOError') . ".<br>{$dir_atual}</font>"; } $out .= "</table>"; echo $out; }
<?php $cookie_user_id = $HTTP_COOKIE_VARS["cookie_user_id"]; $cookie_user_password = $HTTP_COOKIE_VARS["cookie_user_password"]; $loginsession = $HTTP_SESSION_VARS["loginsession"]; $login = FALSE; if ($loginform[username] && $loginform[userpassword] || $loginsession || $cookie_user_id && $cookie_user_password) { /////////////////////////////////// // PREPARE /////////////////////////////////// if (!$loginform) { if ($loginsession) { $loginform[username] = $loginsession[user_login]; $loginform[userpassword] = $loginsession[user_password]; } elseif ($cookie_user_id && $cookie_user_password) { $user = getuser($cookie_user_id); $loginform[username] = $user[user_login]; $loginform[userpassword] = $cookie_user_password; } } /////////////////////////////////// // CHECK /////////////////////////////////// $login = checkuser($logout); /////////////////////////////////// // LOGIN SUCCESSFULL ?????? /////////////////////////////////// if (!is_array($login)) { #######LOGIN FAILED####### if ($login == "1") { eval("\$inc[action] = \"" . gettemplate("fail.login.noexistinguser") . "\";");
bbsinfo($con, $bid, @$_REQUEST['name']); } else { if ($ask == "login") { login($con, @$_REQUEST['username'], @$_REQUEST['password'], $ip); } else { if ($ask == "logout") { logout($con, $token, $ip); } else { if ($ask == "register") { register($con, $ip); } else { if ($ask == "boardcast") { boardcast($con, $token, $text); } else { if ($ask == "getuser") { getuser($con, $token); } else { if ($ask == "userexists") { userexists($con); } else { if ($ask == "hot") { hot($con, $token); } else { if ($ask == "news") { news($con, $token); } else { if ($ask == "tidinfo") { tidinfo($con, $bid, $tid); } else { if ($ask == "recentpost") { recentpost($con, $view);
$catsquery = $db->query_str("SELECT * FROM {$tab['forum_board']} WHERE is_cat='1' AND visible='1' ORDER BY sort"); while ($cat = $db->fetch_array($catsquery)) { unset($j, $incf[boardbit]); $boardsquery = $db->query_str("SELECT * FROM {$tab['forum_board']} WHERE is_cat='0' AND parent_boardid='{$cat['id']}' AND visible='1' ORDER BY sort"); while ($board = $db->fetch_array($boardsquery)) { //if(!($j%3) && $j) {eval("\$incf[boardbit] .= \"".gettemplate("forum.index.board.bit.tr")."\";");} if ($board[last_postid]) { $lastpost = getpost($board[last_postid]); } else { unset($lastpost[settime]); } if ($board[board_password] && !checkboardpassword($boardpassword_c["{$board['id']}"], $board)) { eval("\$lastposting = \"" . gettemplate("forum.index.board.bit.lastposting.pwd.noaccess") . "\";"); } else { if ($board[last_userid]) { $lastuser = getuser($board[last_userid]); $last_user_name = mkuser("user_name", $NULL, $lastuser); $last_time = mkdate($lastpost[settime]); eval("\$lastposting = \"" . gettemplate("forum.index.board.bit.lastposting") . "\";"); } else { eval("\$lastposting = \"" . gettemplate("forum.index.board.bit.nolastposting") . "\";"); } } if ($login[id] && $lastpost[settime] >= $login[last_forum_read] && $lastpost[aut_id] != $login[id]) { $css_td = "board_td_unread"; $css_td_font = "board_td_unread_font"; $css_th = "board_th_unread"; $css_th_font = "board_th_unread_font"; } else { $css_td = "board_td"; $css_td_font = "board_td_font";
$remember = isset($_POST['remember']); //$password_hash = md5($password);password_hash($password, PASSWORD_DEFAULT) if (!empty($username) && !empty($password)) { $query = "SELECT * FROM users WHERE username = '******'"; $result = $conn->query($query); if ($result->num_rows == 0) { $status = 'INVALID'; } elseif ($result->num_rows > 0) { $row = $result->fetch_assoc(); if ($row) { $password_hash = $row['password']; if (password_verify($password, $password_hash)) { if ($remember) { $_SESSION['username'] = $row['username']; } $user = getuser(); $status = 'LOGGED_IN'; } else { $status = 'FAILED'; } } } } else { $status = 'BLANK'; } } // create the new XML document $dom = new DOMDocument(); // create the root <response> element $response = $dom->createElement('response'); $dom->appendChild($response);