} else {
$title = "Your Email Change Link!";
$getrandom = misc::genRandomString();
$datetime = gmDate('Y-m-d H:i:s');
$content = "HolySro Email Change Link : http://holysro.com/?pg=cem&uid={$getrandom} \n Get inside to change your Email \n if you didnt request it , please ignore this mail.!";
mail($email, "[HolySro Email Change] " . $title, $content . "\nEmail sent from: www.holysro.com");
core::$sql->changeDB('acc');
$ZsCheck = core::$sql->numRows("select UserID from Email_Change where UserID = '{$user}'");
if ($ZsCheck == 1) {
core::$sql->exec("update Email_Change set RandomPASS ='******' ,createtime = '{$datetime}',ipaddr = '{$_SERVER['REMOTE_ADDR']}' where UserID = '{$user}'");
} else {
core::$sql->exec("insert into Email_Change(UserID,RandomPASS,createtime,ipaddr) values('{$user}','{$getrandom}','{$datetime}','{$_SERVER['REMOTE_ADDR']}')");
}
echo "instructions to Email Change sent to your mailbox [ {$email} ] - please check your mailbox! <br /> In case you haven't received the email from us - check your spam folder! <br /><a href='?pg=index'>Return to main page</a>";
unset($_POST['replacemail1']);
misc::redirect("?pg=news", 2);
}
}
}
} else {
echo 'Change your email:';
echo '<br />';
echo '<br />';
echo '<form action="" method="post">';
echo 'Your Username:'******'username'];
echo '<br /><br />';
echo 'Enter your email:<br />';
echo '<input autocomplete="off" onfocus="clearText(this);" style="background: rgba(0,0,0,0.5);width:220px;border-radius: 6px 6px 6px 6px;" type="text" maxlength="32" name="email" placeholder="*****@*****.**" />';
echo '<br />';
echo '<br />';
echo '<input class="button" type="submit" name="replacemail1" value="Send Me Link To Mail" />';
$errors[] = "Password [new] too long";
}
if (strlen($_POST['password_new']) < 6) {
$errors[] = "Passwrod [new] too short";
}
if ($_POST['password_new'] !== $_POST['password_new_confirm']) {
$errors[] = "New Passwords does not match!.";
}
if (count($errors) > 0) {
foreach ($errors as $nElement) {
echo $nElement . ".<br/>";
}
misc::back();
} else {
//verify
if (user::RestorePass($_GET['uid'], $_POST['password_new'])) {
echo "Password changed successfully. <br/>";
misc::redirect('?pg=news', 1);
} else {
echo "Invalid old password specified.<br/>";
misc::back();
}
}
} else {
core::$ucp->ForgotpwForm();
}
}
}
} else {
echo 'Entry is invalid.';
}
}
break;
case 'settings':
if ($_POST['submit'] != 'Save') {
echo "<table id='table-3' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t<form method='post'>\r\n\t\t\t<td>ValueName</td><td>Value</td><tr/>";
$hSettings = core::$sql->exec("select * from srcms_settings");
while ($row = mssql_fetch_array($hSettings)) {
echo "<td>{$row['valueName']}</td><td><input type='text' name='{$row['valueName']}' value='{$row['value']}'></td><tr/>";
}
echo "<td></td><td><input type='submit' name='submit' value='Save'></td></form></table>";
} else {
foreach ($_POST as $nElement => $nElementValue) {
core::$sql->exec("update srcms_settings set value='{$nElementValue}' where valueName='{$nElement}'");
}
echo "Settings saved.<br/>";
misc::redirect('?pg=admin&act=settings', 1);
}
break;
case 'epin':
if (!isset($_GET['subact'])) {
echo "<a href='?pg=admin&act=epin&subact=gen'><b>Generate new epin code</b></a><br/>\r\n\t\t\t\t <a href='?pg=admin&act=epin&subact=lookup'><b>Lookup codes</b></a>";
} else {
switch ($_GET['subact']) {
case 'gen':
if (!isset($_POST['submit'])) {
echo "\t<table id='table-3' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t\t\t<td>Silk amount</td>\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\t\t\t\t<td><input type='text' name='silkAmount' value='10'></td>\r\n\t\t\t\t\t\t\t\t\t</table><br/>\r\n\t\t\t\t\t\t\t\t\t<input type='submit' name='submit' value='Generate new epin'>\r\n\t\t\t\t\t\t\t\t</form>";
} else {
$nRandCode = rand(1000000000, 2000000000);
if (core::$sql->numRows("select * from srcms_epin where code='{$nRandCode}'") == 0) {
$nSilk = (int) $_POST['silkAmount'];
core::$sql->exec("insert into srcms_epin(code,silkAmount) values('{$nRandCode}','{$nSilk}')");
if (!isset($_POST['code']) && !isset($_POST['sure'])) {
echo "<table id='table-3' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t\t\t\t<td><input type='text' name='code' value='type your EPIN code here'></td><tr/>\r\n\t\t\t\t\t\t\t\t\t\t<td><center><input type='submit' name='submit' value='Use'></center></td>\r\n\t\t\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t\t\t\t</table>";
} else {
$nCodeNumber = (int) $_POST['code'];
if (core::$sql->numRows("select * from srcms_epin where code='{$nCodeNumber}'") > 0) {
$aPinData = core::$sql->exec("select * from srcms_epin where code='{$nCodeNumber}'");
$aPinData = mssql_fetch_array($aPinData);
if (!isset($_POST['sure'])) {
echo "Do you really want to use this code ? It will give you [{$aPinData['silkAmount']}] silk.<br/>\r\n\t\t\t\t\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t\t\t\t\t<input type='hidden' name='code' value='{$nCodeNumber}'>\r\n\t\t\t\t\t\t\t\t\t\t\t<input type='submit' name='sure' value='Yes'>\r\n\t\t\t\t\t\t\t\t\t\t\t</form><br/>";
misc::back();
} else {
core::$sql->exec("update SK_Silk set silk_own=(silk_own + {$aPinData['silkAmount']}) where JID='" . user::accountJIDbyUsername($_SESSION['username']) . "'");
//delete used code
core::$sql->exec("delete from srcms_epin where code='{$nCodeNumber}'");
echo "You got your [{$aPinData['silkAmount']}] silk.";
misc::redirect('?pg=ucp&act=epin', 1);
}
} else {
echo "Invalid EPIN code ! Please, try again.<br/>";
misc::back();
}
}
}
break;
default:
echo "Invalid module name specified.<br/>";
break;
}
}
} else {
echo "You are not logged in ! <br/>";
echo "<a href='?pg=news&comment={$nID}&page={$a}'>{$a}</a> ";
$a++;
$nPages++;
}
}
if ($_GET['page'] < $nPages) {
echo "<a class='pageblue' href='?pg=news&comment={$nID}&page=" . ($_GET['page'] + 1) . "'>></a>";
}
if (isset($_SESSION['username'])) {
if (!isset($_POST['submit'])) {
echo " \r\n\t\t\t\t\t<br/>\r\n\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t<textarea id = 'commentTextBox' name='commentText' rows='5' cols='100'>Type your message here</textarea><br/>\r\n\t\t\t\t\t\t\t<input type='submit' name='submit' value='Submit'>\r\n\t\t\t\t\t\t</form>\r\n\t\t\t\t<script>CKEDITOR.replace( 'commentText' );</script>\r\n\t\t\t\t\t ";
} else {
//$cleanText = misc::applyAttributesToText($_POST['commentText']);
$cleanText = stripslashes(security::toHTML($_POST['commentText']));
if (strlen($cleanText) < $core->aConfig['minNewsCommentLen'] || strlen($cleanText) > $core->aConfig['maxNewsCommentLen']) {
echo "<br/>Your message is too short or too long. It has to be at least <b>" . $core->aConfig['minNewsCommentLen'] . "</b> \r\n\t\t\t\t\tsymbols long, your one is just <b>" . strlen($cleanText) . "</b> symbols long. Max length is " . $core->aConfig['maxNewsCommentLen'] . ".<br/>";
misc::back();
} else {
$datetime = misc::getDateTime();
core::$sql->exec("insert into srcms_newscomments(newsID, author, text, time) values('{$nID}','{$_SESSION['username']}', '{$cleanText}', '{$datetime}')");
echo "<br/><br/><b>Your comment has been successfully added</b>";
misc::redirect("?pg=news&comment={$nID}", 1);
}
}
} else {
echo "<br/><br/>You must be logged in to post comments";
}
} else {
echo "<br/>You can't comment news article that doesn't exist.";
}
}
<?php global $core; echo "Redirecting..."; misc::redirect($core->aConfig['forumLink'], 2);
public static function sendWebPrivMsg($to, $from, $title, $text)
{
global $core;
$msgTitle = security::toHTML($title);
$msgText = security::toHTML($text);
$senderJID = user::accountJIDbyUsername($from);
$receiverJID = user::accountJIDbyUsername($to);
if ($senderJID != $receiverJID) {
if (core::$sql->numRows("select * from srcms_privatemessages where receiver='{$receiverJID}'") >= $core->aConfig['maxPrivMsg']) {
echo "Receiver inbox is full.<br/>";
} else {
if (strlen($msgTitle) < $core->aConfig['minPrivMsgTitleLen'] || strlen($msgTitle) > $core->aConfig['maxPrivMsgTitleLen'] || strlen($msgText) < $core->aConfig['minPrivMsgBodyLen'] || strlen($msgText) > $core->aConfig['maxPrivMsgBodyLen']) {
echo "Message text, or title is too long or too short. Minimum title length is " . $core->aConfig['minPrivMsgTitleLen'] . " and " . $core->aConfig['maxPrivMsgTitleLen'] . "symbols\r\n\t\t\t\t\t\t\t\tmaximum. Message content minimum length is " . $core->aConfig['minPrivMsgBodyLen'] . " and " . $core->aConfig['maxPrivMsgBodyLen'] . " symbols maximum.<br/>";
misc::back();
} else {
$datetime = misc::getDateTime();
core::$sql->exec("insert into srcms_privatemessages(sender,receiver, title, msg, viewed, time) values('{$senderJID}', '{$receiverJID}', '{$msgTitle}', '{$msgText}', '0', '{$datetime}')");
echo "<br/>Message sent.<br/>";
misc::redirect("?pg=ucp&act=mailbox", 2);
}
}
} else {
echo "You can't send message to yourself.<br/>";
misc::back();
}
}
