$user = ""; $name = ""; list($unm, $_rubbish_text_yimu) = explode("@", $email); $user = $unm . "_" . rand(100, 999); if (strlen($user) > 25) { $user = substr($user, 0, strlen($user) - 4); } $name = ucfirst($unm); setcookie("u", $user, time() + 52 * 60 * 60 * 24 * 7); $tz = $_POST["tz"]; $lang = "en"; $loc = ""; $info = ""; $bio = ""; $pass = sha1($_POST["pass"]); $q = $con->insertInto("users", array($email, $user, $name, $pass, $bio, $loc, $_70x70, $_150x150, $_500x500, $tz, $lang, "", 0, date("U"), "", "", "1", "", "", "", "", "", "", "", "", DEF_BG_IMG)); if ($q) { $qq = mysqli_query($conc, "SELECT * FROM `users` WHERE user = '******'"); $r = mysqli_fetch_array($qq); $q2 = $con->insertInto("online", array($r[0], date("U"))); $_SESSION["user"] = $user; $_SESSION["uid"] = $r[0]; $_SESSION["name"] = $name; $_SESSION["user"] = $r[2]; $_SESSION["email"] = $r[1]; $_SESSION["p"] = $r[4]; $_SESSION["img1"] = $_70x70; $_SESSION["img2"] = $_150x150; $_SESSION["img3"] = $_500x500; $_SESSION["ula"] = md5("{$user} {$r['4']} {$r['0']}"); $_SESSION["new_user"] = "******";
<?php session_start(); $uid = intval($_SESSION["uid"]); if (!isset($_SESSION["user"], $_SESSION["uid"]) || $uid == 0) { exit; } include "../scripts/db.php"; $id = intval($_POST["id"]); $userid = intval($_POST["userid"]); if (isset($id)) { $con = new db(); $conc = $con->c(); $q = mysqli_query($conc, "SELECT `id` FROM `like` WHERE `uid`={$uid} AND `id`={$id}"); if (mysqli_num_rows($q) == 0) { $qp = mysqli_query($conc, "INSERT INTO `like` VALUES({$id},{$uid})"); if ($userid != $uid) { $qq = $con->insertInto("hist", array(7, $userid, $uid, $id, date("U"))); s_mail($_SESSION["user"], " likes your <a href='http://muzikkitchen.com/?view={$id}&t=0'>feed</a>", $userid, $conc, "likes your feed"); } echo 1; } else { $qp = mysqli_query($conc, "DELETE FROM `like` WHERE `uid` = {$uid} AND `id` ={$id}"); $qq = mysqli_query($conc, "DELETE FROM hist WHERE var1={$userid} AND var2 = {$uid} AND var3 = '{$id}' "); echo 2; } $con->close_db_con($conc); }
} else { exit("<div {$style}>Error updating {$name}</div>"); } } if (isset($_POST["add"])) { $img = $_FILES["upl"]["tmp_name"]; $video = $_FILES["vid"]["tmp_name"]; if (is_uploaded_file($video) && preg_match('/mp4|avi|mpeg|3gp|mkv|flv|mov/', extension($_FILES["vid"]["name"]))) { $_300x300 = is_uploaded_file($img) ? upload_pic($img, $_FILES["upl"]["type"], $_FILES["upl"]["tmp_name"], 300, 300) : DEF_VID_IMG; $vid = md5($video . " " . date("U")) . rand(0, 9) . extension($_FILES["vid"]["name"]); if ($_300x300 && copy($video, "../video/{$vid}")) { $name = strclean($_POST["name"]); $name = strlen($name) < 2 ? $_SESSION["user"] . "'s video " . rand(10, 999) : $name; $name = _hstr_($name, false); $info = _hstr_($_POST["info"], false); $q = $con->insertInto("videos", array($user, $name, $info, $_300x300, $vid, 1, date("U"), 0)); if ($q) { $q = mysqli_query($conc, "SELECT id FROM videos WHERE user = '******' AND name = '{$name}' AND vid = '{$vid}'"); $r = mysqli_fetch_array($q); $q = $con->insertInto("hist", array(6, 0, $user, $name . "::__::__::" . $r[0], date("U"))); $q = NULL; $con->close_db_con($conc); exit("<div {$style}>{$name} has been successfully added.</div>"); } else { if (is_file("../prev/" . $_300x300) && strstr($_300x300, DEF_VID_IMG) < 0) { unlink("../prev/" . $_300x300); } if (is_file("../video/{$vid}")) { unlink("../video/{$vid}"); } $con->close_db_con($conc);
include "../scripts/db.php"; if (!isset($_SESSION["uid"], $_SESSION["user"])) { exit("<div class='m_s_g'>Invalid Authentication<div>"); } $uid = $_SESSION["uid"]; $con = new db(); $conc = $con->c(); $type = $_POST["type"]; $id = $_POST["id"]; $owner = $_POST["owner"]; if (isset($id, $type)) { if ($type != 0) { $q = mysqli_query($conc, "UPDATE users SET np = '{$id}" . "__" . "{$type}', npdate=" . date("U") . " WHERE id = {$uid};"); } @$con->close_db_con($conc); @$con->insertInto("num_plays", array($id, $type, $uid, date("U"))); // if($type == 1) $con->update("music","play = play + 1","id = $id"); // if($type == 2) $con->update("videos","play = play + 1","id = $id"); // if($type == 0) $con->update("art","play = play + 1","id = $id"); exit; } else { if (isset($owner)) { $q = mysqli_query($conc, "SELECT np,npdate FROM users WHERE id = {$owner} "); $r = mysqli_fetch_array($q); $q = NULL; if ($r[0] == "") { exit; } list($id, $type) = explode("__", $r[0]); if ($type == 1) { $q = mysqli_query($conc, "SELECT music.id,music.user,music.name,music.info,music.mp3,music.dl,music.date,users.user FROM music INNER JOIN users ON users.id= music.user WHERE music.id = {$id}");
$post = _hstr_($_POST["post"], false); $con = new db(); $conc = $con->c(); switch ($action) { case 1: $q = mysqli_query($conc, "SELECT comment.id,comment.owner,comment.uid,comment.post,comment.date,users.user,users.name,users.img1 FROM comment INNER JOIN users ON comment.uid = users.id WHERE comment.cid = {$cid} AND comment.type ={$type} ORDER BY comment.id ASC"); echo "<div style='font-size:12px;'>"; while ($r = mysqli_fetch_array($q)) { $del = $uid == $r[1] || $uid == $r[2] ? "·<a href='#' onclick='return _delcom(event,{$type},{$r['0']})'><span class='del'>delete</span></a>" : ""; echo "<div class='comment_" . $r[0] . "' style='width:100%;'>\n\t\t\t\t\t<table width='100%'><tr>\n\t\t\t\t\t<td width='10%'><a href='" . PTH . "/{$r['5']}' onclick='return _pop(event,{$r['2']});'><div class='ssmpdiv' style='background-image:url(" . PTH . "{$r['7']});'></div></a></td>\n\t\t\t\t\t<td valign='top'><a href='" . PTH . "/{$r['5']}' onclick='return _pop(event,{$r['2']});'>{$r['5']}</a> <i style='_pn'>{$r['6']}</i><br/><span>{$r['3']}</span><div style='float:right;'><span class='del' title='" . date("U", $r[4]) . "'>" . gtime($r[4]) . "</span> {$del}</div></td></tr></table>\n\t\t\t </div>"; } echo $uid != 0 ? "\n\t<div class=''><div class ='comm'><table><tr><td valign='top'><div class='ssmpdiv'style='background-image:url(" . PTH . "" . $_SESSION["img1"] . ");'></div></td><td><textarea id='txtcom_" . $type . "' placeholder='Comment...' rows='3' class='txt' onkeyup='gment(event)'></textarea><div class='pl2div' style='position:relative'></div><br /><input type='button' onclick='_com(event,{$type},{$cid},{$owner});' style='float:right' class='button1' value='Comment'/></td></tr></table></div></div><a href='#' onclick='addCommentV(event)'><!--span class='__c'>Add a comment</span--></a></div></div>\n\t</div>" : ""; break; case 2: if ($uid != 0) { $q = $con->insertInto("comment", array($type, $cid, $owner, $uid, $post, date("U"))); $plate = 9 + $type; if ($uid != $owner) { $q = $con->insertInto("hist", array($plate, $owner, $uid, $cid, date("U"))); } echo $q ? 1 : 2; } break; case 3: $q = mysqli_query($conc, "DELETE FROM comment WHERE (uid = {$uid} OR owner={$uid}) AND type={$type} AND id={$id}"); echo $q ? 1 : 2; break; default: break; } $con->close_db_con($conc);
<?php session_start(); include "../scripts/db.php"; if (!isset($_SESSION["user"], $_SESSION["p"])) { exit("<div class='m_s_g'>Invalid Authentication<div>"); } $uid = $_SESSION["uid"]; $user = $_POST["user"]; $id = $_POST["id"]; $me = $uid; if (isset($id) && isset($user) && $user != "") { $con = new db(); $conc = $con->c(); $chk = mysqli_query($conc, "SELECT `id` FROM `open_chat` WHERE `u1` = {$me} AND `u2`={$user}"); if (mysqli_num_rows($chk) == 0) { $q = $con->insertInto("open_chat", array($id, $me, $user, date("U"))); echo $q ? "yess" : "no"; echo "{$id} {$user} {$me}"; } // setcookie($id,"__c".$user."_".$id."__c",time()+52*60*60*24*7); //setcookie($id,$id."44",time()+(52 * 3600 * 24 * 7 *3)); mysqli_kill($conc, mysqli_thread_id($con->c())); mysqli_close($con->c()); } exit;
} if (isset($_POST["add"])) { $music = $_FILES["mp3"]["tmp_name"]; if (is_uploaded_file($music)) { $type = extension($_FILES["mp3"]["name"]); if ($type != ".mp3" && $_FILES["mp3"]["type"] != "audio/mpeg") { exit("<div {$style}>" . $_FILES["mp3"]["type"] . "'{$type}' formats are not supoorted, please upload mp3 only</div>"); } $mp3 = md5($music . " " . date("U")) . rand(0, 9) . $type; $cp = copy($music, "../music/{$mp3}"); if ($cp) { $name = $_POST["name"]; $name = strlen($name) < 2 ? $_SESSION["user"] . "'s music-" . rand(10, 999) : $name; $name = _hstr_($name, false); $info = _hstr_($_POST["info"], false); $q = $con->insertInto("music", array($user, $name, $info, $mp3, 1, date("U"), 0)); if ($q) { $q = mysqli_query($conc, "SELECT id FROM music WHERE user = '******' AND name = '{$name}' AND mp3 = '{$mp3}'"); $r = mysqli_fetch_array($q); $q = $con->insertInto("hist", array(5, 0, $user, $name . "::__::__::" . $r[0], date("U"))); $q = NULL; $con->close_db_con($conc); exit("<div {$style}>{$name} has been successfully added.</div>"); } else { $con->close_db_con($conc); unlink("../music/{$mp3}"); exit("<div {$style}>Error adding {$name}</div>"); } } else { $con->close_db_con($conc); exit("<div {$style}>Error with muzik upload</div>");
<?php include "../scripts/db.php"; $con = new db(); $conc = $con->c(); $id = 101212574; $date = date("U") - 60 * 60 * 24 * 7; $q = $con->query("users", "id", "id <> {$id}"); while ($r = mysqli_fetch_array($q[1])) { $qq = $con->query("follow", "id", "u1 = {$r['0']} AND u2 = {$id}"); if ($qq[0] == 0) { $qqq = $con->insertInto("follow", array($r[0], $id, date("U"))); } $con->close_db_con($qq[2]); } echo "done"; $con->close_db_con($q[2]);
<?php session_start(); include "../scripts/db.php"; if (!isset($_SESSION["uid"], $_SESSION["user"])) { exit("<div class='m_s_g'>Invalid Authentication<div>"); } $cid = intval($_POST["cid"]); $cat = intval($_POST["cat"]); $uid = $_SESSION["uid"]; if ($cid != 0) { $con = new db(); $conc = $con->c(); $q = mysqli_query($conc, "SELECT id FROM votes WHERE uid = {$uid} AND cat = {$cat}"); if (mysqli_num_rows($q) == 0) { $q = NULL; $q = $con->insertInto("votes", array($uid, $cid, $cat)); $qq = mysqli_query($conc, "UPDATE cand SET votes = votes + 1 WHERE id = {$cid};"); echo $q && $qq ? "Vote success" : "Error occured voting"; } else { echo "Already Voted"; } echo getVoteScreen($conc, $cat, ""); $con->close_db_con($conc); }
} } if (isset($_POST["add"])) { $img = $_FILES["upl"]["tmp_name"]; if (is_uploaded_file($img)) { $_50x50 = upload_pic($img, $_FILES["upl"]["type"], $_FILES["upl"]["tmp_name"], 50, 50); $_100x100 = upload_pic($img, $_FILES["upl"]["type"], $_FILES["upl"]["tmp_name"], 100, 100); $_300x300 = upload_pic($img, $_FILES["upl"]["type"], $_FILES["upl"]["tmp_name"], 500, 400); if ($_50x50 && $_100x100 && $_300x300) { $_big = "../art/full_" . substr($_300x300, 5, strlen($_300x300)); copy($img, $_big); $name = $_POST["name"]; $name = strlen($name) < 2 ? $_SESSION["user"] . "'s art " . rand(10, 999) : $name; $name = _hstr_($name, false); $info = _hstr_($_POST["info"], false); $q = $con->insertInto("art", array($uid, $name, $info, $_50x50, $_100x100, $_300x300, date("U"), 0)); if ($q) { $q = mysqli_query($conc, "SELECT id FROM art WHERE user = '******' AND name = '{$name}' AND img1 = '{$_50x50}'"); $r = mysqli_fetch_array($q); $q = $con->insertInto("hist", array(4, 0, $uid, $name . "::__::__::" . $r[0], date("U"))); $q = NULL; $con->close_db_con($conc); if (isset($_POST["quick"])) { exit("<script>parent.document.getElementById('txtdiv').value += '[art:{$r['0']} ]';parent.window.uploading(false);</script>"); } exit("<div {$style}>{$name} has been successfully added. </div>"); } else { unlink($_50x50); unlink($_100x100); unlink($_300x300); unlink($_big);
foreach ($preg as $s) { if (stristr($s, "#")) { $q = mysqli_query($con, "SELECT id FROM trend WHERE trend LIKE '{$s}'"); if (mysqli_num_rows($q) == 0) { $qq = mysqli_query($con, "INSERT INTO trend Values (NULL, {$uid},'{$s}',1," . date("U") . ")"); } else { $qq = mysqli_query($con, "UPDate trend set tc=tc+1 WHERE trend LIKE '{$s}'"); } } } } } if (strlen($post) > 0) { $con = new db(); $conc = $con->c(); $q = $con->insertInto("post", array($uid, $post, date("U"), $client, $loc, $id, $type, $_SERVER['REMOTE_ADDR'])); if ($q) { switch ($type) { case 0: $v = _hstr_($real_post, 1); $v = NULL; break; case 1: $q = mysqli_query($conc, "SELECT user FROM post WHERE id = {$id}"); $r = mysqli_fetch_array($q); if ($r[0] != $uid) { $q = $con->insertInto("hist", array(8, $r[0], $uid, $id, date("U"))); s_mail($_SESSION["user"], " replied your <a href='http://muzikkitchen.com/?view={$id}&t={$type}'>feed</a><br/><div style='font-size:14px'><b><br/><br/>{$real_post}</b></div>", $r[0], $conc, "replied your feed"); $r = NULL; } $q = NULL;
include "../scripts/db.php"; if (!isset($_SESSION["user"], $_SESSION["p"])) { exit("<div class='m_s_g'>Invalid Authentication<div>"); } $uid = $_SESSION["uid"]; $u2 = $_POST["u2"]; if ($uid == $u2) { exit("Impossible argument"); } if (isset($uid, $u2)) { $con = new db(); $conc = $con->c(); $q = mysqli_query($conc, "select id from follow where u1 = {$uid} and u2 = {$u2}"); if (mysqli_num_rows($q) != 1) { $q = NULL; $q = $con->insertInto("follow", array($uid, $u2, date("U"))); if ($q) { if (me_n_you($conc, $uid, $u2)) { $q = $con->insertInto("hist", array(2, $u2, $uid, "", date("U"))); $q = NULL; $q = $con->insertInto("chat", array($uid, $u2, date("U"))); //mail s_mail($_SESSION["user"], " is dinning back with you", $u2, $conc, " is dinning back with you"); //mail } else { $q = $con->insertInto("hist", array(1, $u2, $uid, "", date("U"))); s_mail($_SESSION["user"], " is dinning with you", $u2, $conc, " is dinning with you"); } echo 1; } } else {