function msg($key, $lang) { $translater = array("success" => array("en" => "successful operation", "fr" => "opération réussie", "ar" => "عملية ناجحة", "al" => "erfolgreichen Betrieb", "ch" => "手术成功", "es" => "operación exitosa", "it" => "operazione riuscita", "tu" => "başarılı operasyon", "hi" => "सफल आपरेशन")); if (!empty($translater[$key][$lang])) { Alert($translater[$key][$lang], $key); } }
function Kill($s, $t = "") { if ($t == "") { $t = __("Error"); } Alert($s, $t); throw new KillException(); }
public function ConfirmLeavePage() { //$this->driver.Keyboard.PressKey(Keys.Enter); //$this->mink->getSession()->getDriver(); $this->getSession()->getDriver(); $alert = $driver . SwitchTo . Alert(); $alert . Accept(); }
function Kill($s, $t = "") { if ($t == "") { $t = __("Error"); } Alert($s, $t); exit; }
function toLogin($url = NULL) { if (empty($url)) { Alert('Please Log in to Continue'); header("location: frmlogin.php"); } else { header("location: " . $url); } }
function CheckAuthority($pos) { $_MSG_NOLOGIN = "******"; $_MSG_NOTADMIN = "您不是管理员,无权进入此页面!"; $_MSG_NOTAPPLY = "当前系统没有开放申请,您无权进入此页面!"; if ($pos == "./group.php") { if (!Login()) { Alert("./", $_MSG_NOLOGIN); } if (!Admin()) { Alert("./", $_MSG_NOTADMIN); } } if ($pos == "./admin.php") { if (!Login()) { Alert("./", $_MSG_NOLOGIN); } if (!Admin()) { Alert("./", $_MSG_NOTADMIN); } } if ($pos == "./action/action_apply.php") { if (!Login()) { Alert("../", $_MSG_NOLOGIN); } if (!Apply()) { Alert("../", $_MSG_NOTAPPLY); } } if ($pos == "./action/action_alterkey.php") { if (!Login()) { Alert("../", $_MSG_NOLOGIN); } } if ($pos == "./page/group/action/*") { if (!Login()) { Alert("../../../", $_MSG_NOLOGIN); } if (!Admin()) { Alert("./", $_MSG_NOTADMIN); } } if ($pos == "./page/admin/action/*") { if (!Login()) { Alert("../../../", $_MSG_NOLOGIN); } if (!Admin()) { Alert("../../../", $_MSG_NOTADMIN); } } }
function uploadFile($file, $cattype, $cat) { global $loguserid, $uploaddirs, $goodfiles, $badfiles, $userquota, $maxSize; $targetdir = $uploaddirs[$cattype]; $totalsize = foldersize($targetdir); $filedata = $_FILES[$file]; $c = FetchResult("SELECT COUNT(*) FROM {uploader} WHERE filename={0} AND cattype={1} AND user={2} AND deldate=0", $filedata['name'], $cattype, $loguserid); if ($c > 0) { return "You already have a file with this name. Please delete the old copy before uploading a new one."; } if ($filedata['size'] == 0) { if ($filedata['tmp_name'] == '') { return 'No file given.'; } else { return 'File is empty.'; } } if ($filedata['size'] > $maxSize) { return 'File is too large. Maximum size allowed is ' . BytesToSize($maxSize) . '.'; } $randomid = Shake(); $pname = $randomid . '_' . Shake(); $fname = $_FILES['newfile']['name']; $temp = $_FILES['newfile']['tmp_name']; $size = $_FILES['size']['size']; $parts = explode(".", $fname); $extension = end($parts); if ($totalsize + $size > $quot) { Alert(format(__("Uploading \"{0}\" would break the quota."), $fname)); } else { if (in_array(strtolower($extension), $badfiles) || is_array($goodfiles) && !in_array(strtolower($extension), $goodfiles)) { return 'Forbidden file type.'; } else { $description = $_POST['description']; $big_descr = $cat['showindownloads'] ? $_POST['big_description'] : ''; Query("insert into {uploader} (id, filename, description, big_description, date, user, private, category, deldate, physicalname) values ({7}, {0}, {1}, {6}, {2}, {3}, {4}, {5}, 0, {8})", $fname, $description, time(), $loguserid, $privateFlag, $_POST['cat'], $big_descr, $randomid, $pname); copy($temp, $targetdir . "/" . $pname); Report("[b]" . $loguser['name'] . "[/] uploaded file \"[b]" . $fname . "[/]\"" . ($privateFlag ? " (privately)" : ""), $privateFlag); die(header("Location: " . actionLink("uploaderlist", "", "cat=" . $_POST["cat"]))); } } }
$page = "depreciations.php"; break; case 'asl': $table = "asset_status_labels"; $page = "asset_status_labels.php"; break; case 'l': $table = "locations"; $page = "locations.php"; break; case 'man': $table = "manufacturers"; $page = "manufacturers.php"; break; case 'fu': $table = "files"; $page = "assets.php"; if (!empty($_GET['a'])) { #asset_id $page = "view_asset.php?id={$_GET['a']}"; } break; default: redirect("index.php"); break; } $con->myQuery("UPDATE {$table} SET is_deleted=1 WHERE id=?", array($_GET['id'])); Alert("Delete Successful.", "success"); redirect($page); die; }
} else { $date_end = ""; } makeHead("Asset Depreciation Report"); require_once "template/header.php"; require_once "template/sidebar.php"; ?> <div class='content-wrapper'> <div class='content-header'> <h1 class='page-header text-center text-green'>Asset Maintenance Report</h1> </div> <section class='content'> <div class="row"> <div class='col-lg-12'> <?php Alert(); ?> <div class='col-sm-12'> <form method='get'> <label class='col-md-2 text-right' >Start Date</label> <div class='col-md-3'> <input type='date' name='date_start' class='form-control' id='date_start' value='<?php echo !empty($_GET['date_start']) ? htmlspecialchars($_GET['date_start']) : ''; ?> '> </div> <label class='col-md-2 text-right' >End Date</label> <div class='col-md-3'> <input type='date' name='date_end' class='form-control' id='date_end' value='<?php echo !empty($_GET['date_end']) ? htmlspecialchars($_GET['date_end']) : ''; ?>
case 'login': $redirect = 'index.php'; $error_redirect = "first_login.php"; break; case 'form': $redirect = 'change_secret_password.php'; $error_redirect = "change_secret_password.php"; break; } $inputs = $_POST; $inputs = array_map('trim', $inputs); $errors = ""; if (empty($inputs['password_question'])) { $errors .= "Enter secret question. <br/>"; } if (empty($inputs['password_answer'])) { $errors .= "Enter answer. <br/>"; } if ($errors != "") { Alert("You have the following errors: <br/>" . $errors, "danger"); redirect($error_redirect); die; } else { $inputs['id'] = $_SESSION[WEBAPP]['user']['id']; $con->myQuery("UPDATE users SET password_answer=:password_answer,password_question=:password_question WHERE id=:id", $inputs); Alert("Secret question and answer saved.", "success"); redirect($redirect); } die; } }
// die; if (!empty($_POST)) { $errors = ""; $inputs = $_POST; $inputs = array_map('trim', $inputs); if (empty($inputs['default_password'])) { $errors .= "Enter default password. <br/>"; } else { $password_regex = "/^(.{0,7}|[^0-9]*|[^A-Z]*|[^a-z]*|[a-zA-Z0-9]*)\$/"; preg_match($password_regex, $inputs['default_password'], $is_valid, PREG_OFFSET_CAPTURE); if (!empty($is_valid)) { $errors .= "Password should contain the ff:<br/>"; $errors .= "One Integer<br>"; $errors .= "One character<br>"; $errors .= "One Uppercase character<br>"; $errors .= "One Special Character<br>"; } // var_dump($is_valid); } if ($errors != "") { Alert("You have the following errors: <br/>" . $errors, "danger"); redirect("settings.php"); die; } else { Alert("Update successful.", "success"); $con->myQuery("UPDATE settings SET default_password=?", array($inputs['default_password'])); redirect("settings.php"); die; } } redirect("index.php");
//Check for last post the user posted. $lastPost = Fetch(Query("SELECT p.id,p.thread,pt.text FROM {posts} p LEFT JOIN {posts_text} pt ON pt.pid=p.id AND pt.revision=p.currentrevision \n\t\t\t\tWHERE p.user={0} ORDER BY p.date DESC LIMIT 1", $loguserid)); //If it looks similar to this one, assume the user has double-clicked the button. if ($lastPost['thread'] == $tid && $lastPost['text'] == $_POST['text']) { $pid = $lastPost['id']; die(header("Location: " . actionLink("thread", 0, "pid=" . $pid . "#" . $pid))); } $rejected = true; Alert(__("You're going too damn fast! Slow down a little."), __("Hold your horses.")); } } } if (!$rejected) { $ninja = FetchResult("select id from {posts} where thread={0} order by date desc limit 0, 1", $tid); if (isset($_POST['ninja']) && $_POST['ninja'] != $ninja) { Alert(__("You got ninja'd. You might want to review the post made while you were typing before you submit yours.")); $rejected = true; } } if (!$rejected) { $bucket = "checkPost"; include BOARD_ROOT . "lib/pluginloader.php"; } if (!$rejected) { $post = $_POST['text']; $options = 0; if ($_POST['nopl']) { $options |= 1; } if ($_POST['nosm']) { $options |= 2;
list($is_pending_to_join_team) = mysql_fetch_row($result1); if ($is_pending_to_join_team == "") { $result = mysql_query("Insert into tournament_players (team_id,player_guid,tournament_id,is_pending_to_join_team,is_pending_to_accept_team_invite,strength_points) values('{$SubscribeFor}','{$s_user_guid}','{$s_user_tournament}','1','0','" . Get_player_strength($s_user_guid) . "')", $dbi) or die("Q 200501180949" . mysql_error($dbi)); } } if ($UnSubscribeFor != "") { $result = mysql_query("delete from tournament_players where player_guid='{$s_user_guid}' and team_id='{$UnSubscribeFor}' and tournament_id='{$s_user_tournament}'", $dbi) or die("Q 200501180949" . mysql_error($dbi)); } if ($FullJoin != "") { //check if this team can have more players $list_sql = "select count(*) from tournament_players where team_id='{$SubscribeFor}' and tournament_id='{$s_user_tournament}' and is_pending_to_join_team=0 and is_pending_to_join_team=0"; $result1 = mysql_query($list_sql, $dbi) or die("200901261641"); list($team_member_count) = mysql_fetch_row($result1); //see the limit for this tournament if ($s_user_max_team_members <= $team_member_count) { Alert("This team is full atm. Try to negotaite ingame with them for an open spot"); } else { //leave other joined teams if there is any $query = "delete from tournament_players where player_guid='{$s_user_guid}' and tournament_id='{$s_user_tournament}' and is_pending_to_accept_team_invite=0 and is_pending_to_join_team=0"; $result = mysql_query($query, $dbi) or die("Q 200501180949" . mysql_error($dbi) . $query); //try to full join this team $query = "update tournament_players set is_pending_to_join_team=0,is_pending_to_accept_team_invite=0 where team_id='{$FullJoin}' and player_guid='{$s_user_guid}' and tournament_id='{$s_user_tournament}' and is_pending_to_accept_team_invite=1"; $result = mysql_query($query, $dbi) or die("Q 200501180949" . mysql_error($dbi) . $query); } } if ($NoPendings) { $result = mysql_query("delete from tournament_players where player_guid='{$s_user_guid}' and tournament_id='{$s_user_tournament}' and is_pending_to_join_team=1", $dbi) or die("Q 200501180949" . mysql_error($dbi)); } $file_name = "tournament_team_list.php"; $list_name_text = "tournament_team_settings"; $new_entry_text = " New tournament team";
$pl = " <span class=\"smallFonts\">[<a href=\"thread.php?id=" . $thread['id'] . "\">1</a>" . $pl . "]</span>"; } $lastLink = ""; if ($thread['lastpostid']) { $lastLink = " <a href=\"thread.php?pid=" . $thread['lastpostid'] . "#" . $thread['lastpostid'] . "\">»</a>"; } $forumList .= Format("\n\t\t<tr class=\"cell{0}\">\n\t\t\t<td class=\"cell2 threadIcon\">{1}</td>\n\t\t\t<td class=\"threadIcon\" style=\"border-right: 0px none;\">\n\t\t\t\t{2}\n\t\t\t</td>\n\t\t\t<td style=\"border-left: 0px none;\">\n\t\t\t\t{3}\n\t\t\t\t<a href=\"thread.php?id={4}\">\n\t\t\t\t\t{5}\n\t\t\t\t</a>\n\t\t\t\t{6}\n\t\t\t\t{7}\n\t\t\t</td>\n\t\t\t<td class=\"center\">\n\t\t\t\t{8}\n\t\t\t</td>\n\t\t\t<td class=\"center\">\n\t\t\t\t{9}\n\t\t\t</td>\n\t\t\t<td class=\"center\">\n\t\t\t\t{10}\n\t\t\t</td>\n\t\t\t<td class=\"smallFonts center\">\n\t\t\t\t{11}<br />\n\t\t\t\t" . __("by") . " {12} {13}</td>\n\t\t</tr>\n", $cellClass, $NewIcon, $ThreadIcon, $poll, $thread['id'], strip_tags($thread['title']), $pl, $tags, UserLink($starter), $thread['replies'], $thread['views'], cdate($dateformat, $thread['lastpostdate']), UserLink($last), $lastLink); } Write("\n\t<table class=\"outline margin width100\">\n\t\t<tr class=\"header1\">\n\t\t\t<th style=\"width: 20px;\"> </th>\n\t\t\t<th style=\"width: 16px;\"> </th>\n\t\t\t<th style=\"width: 60%;\">" . __("Title") . "</th>\n\t\t\t<th>" . __("Started by") . "</th>\n\t\t\t<th>" . __("Replies") . "</th>\n\t\t\t<th>" . __("Views") . "</th>\n\t\t\t<th>" . __("Last post") . "</th>\n\t\t</tr>\n\t\t{0}\n\t</table>\n", $forumList); } else { if ($forum['minpowerthread'] > $loguser['powerlevel']) { Alert(__("You cannot start any threads here."), __("Empty forum")); } elseif ($loguserid) { Alert(format(__("Would you like to {0}post something{1}?"), "<a href=\"newthread.php?id=" . $fid . "\">", "</a>"), __("Empty forum")); } else { Alert(format(__("{0}Log in{1} so you can post something."), "<a href=\"login.php\">", "</a>"), __("Empty forum")); } } if ($pagelinks) { Write("<div class=\"smallFonts pages\">" . __("Pages:") . " {0}</div>", $pagelinks); } MakeCrumbs(array(__("Main") => "./", $forum['title'] => "forum.php?id=" . $fid), $links); ForumJump(); function ForumJump() { global $fid, $loguser; $pl = $loguser['powerlevel']; if ($pl < 0) { $pl = 0; } $lastCatID = -1;
if ($_POST['nosm']) { $previewPost['options'] |= 2; } $previewPost['mood'] = (int) $_POST['mood']; foreach ($user as $key => $value) { $previewPost["u_" . $key] = $value; } MakePost($previewPost, POST_SAMPLE, array('forcepostnum' => 1, 'metatext' => __("Preview"))); } else { if (isset($_POST['actionpost'])) { if ($_POST['key'] != $loguser['token']) { Kill(__("No.")); } $rejected = false; if (!$_POST['text']) { Alert(__("Enter a message and try again."), __("Your post is empty.")); $rejected = true; } if (!$rejected) { $bucket = "checkPost"; include "./lib/pluginloader.php"; } if (!$rejected) { $options = 0; if ($_POST['nopl']) { $options |= 1; } if ($_POST['nosm']) { $options |= 2; } $now = time();
<?php $viewableforums = ForumsWithPermission('forum.viewforum'); $tag = $_GET['tag']; $tagcode = '"[' . $tag . ']"'; $forum = $_GET['fid']; $cond = "WHERE MATCH (t.title) AGAINST ({0} IN BOOLEAN MODE)"; if ($forum) { $cond .= " AND t.forum = {1}"; } $total = Fetch(Query("SELECT count(*) from threads t {$cond} AND t.forum IN ({2c})", $tag, $forum, $viewableforums)); $total = $total[0]; $tpp = $loguser['threadsperpage']; if (isset($_GET['from'])) { $from = (int) $_GET['from']; } else { $from = 0; } if (!$tpp) { $tpp = 50; } $rThreads = Query("\tSELECT\n\t\t\t\t\t\tt.*,\n\t\t\t\t\t\tf.(title, id),\n\t\t\t\t\t\t" . ($loguserid ? "tr.date readdate," : '') . "\n\t\t\t\t\t\tsu.(_userfields),\n\t\t\t\t\t\tlu.(_userfields)\n\t\t\t\t\tFROM\n\t\t\t\t\t\tthreads t\n\t\t\t\t\t\t" . ($loguserid ? "LEFT JOIN threadsread tr ON tr.thread=t.id AND tr.id={2}" : '') . "\n\t\t\t\t\t\tLEFT JOIN users su ON su.id=t.user\n\t\t\t\t\t\tLEFT JOIN users lu ON lu.id=t.lastposter\n\t\t\t\t\t\tLEFT JOIN forums f ON f.id=t.forum\n\t\t\t\t\t{$cond} AND f.id IN ({5c})\n\t\t\t\t\tORDER BY sticky DESC, lastpostdate DESC LIMIT {3u}, {4u}", $tagcode, $forum, $loguserid, $from, $tpp, $viewableforums); $pagelinks = PageLinks(actionLink("tagsearch", "", "tag={$tag}&fid={$forum}&from="), $tpp, $from, $total); if (NumRows($rThreads)) { makeThreadListing($rThreads, $pagelinks, false, !$forum); } else { Alert(format(__("Tag {0} was not found in any thread."), htmlspecialchars($tag)), __("No threads found.")); }
$allowed_ext = array('zip', 'rar'); if (!in_array($ext, $allowed_ext)) { Kill("Invalid filetype."); } $file = fopen($tmpfile, 'rb'); $tag = fread($file, 4); fclose($file); $allowed_tag = array("PK", "Rar!"); if (!in_array($tag, $allowed_tag)) { Kill("Invalid filetype."); } copy($tmpfile, 'downloads/' . $filename); $thedl = array('file' => 'downloads/' . $filename, 'name' => $_POST['name'], 'desc' => $_POST['desc']); $downloads = array_merge(array($thedl), $downloads); file_put_contents('downloads/listing.dat', serialize($downloads)); Alert("Upload successful.", "Notice"); } $c = 0; $hl = ' highlightedPost'; foreach ($downloads as $dl) { echo "\n\t<table class=\"outline margin width100{$hl}\">\n\t\t<tr class=\"cell{$c}\">\n\t\t\t<td>\n\t\t\t\t<span style=\"font-size: 120%; text-decoration: underline;\"><a href=\"{$dl['file']}\">" . htmlspecialchars($dl['name']) . "</a></span><br>\n\t\t\t\tFile size: " . ceil(filesize($dl['file']) / 1024) . " KB<br>\n\t\t\t\tMD5: " . md5_file($dl['file']) . "\n\t\t\t\t" . ($dl['desc'] ? '<br><br>' . nl2br(htmlspecialchars($dl['desc'])) : '') . "\n\t\t\t</td>\n\t\t</tr>\n\t</table>\n"; $c = !$c ? 1 : 0; $hl = ''; } if ($loguser['powerlevel'] > 2) { ?> <form action="" method="post" enctype="multipart/form-data"> <table class="outline margin width100"> <tr class="header0"><th colspan="2">Upload a file</th></tr> <tr class="cell0"> <td>File</td>
<?php require_once 'support/config.php'; if (!isLoggedIn()) { toLogin(); die; } if (!AllowUser(array(1))) { redirect("index.php"); die; } if (!empty($_GET['id'])) { $con->myQuery("UPDATE users SET is_active = IF(is_active=1, 0,1) WHERE id = ?", array($_GET['id'])); Alert("Change Successful", "success"); redirect("user.php"); die; }
} if (!$rejected && !$_POST["pollQuestion"]) { Alert(__("You need to enter a poll question to make a poll."), __("Invalid poll.")); $rejected = true; } } else { $lastPost = time() - $loguser['lastposttime']; if ($lastPost < Settings::get("floodProtectionInterval")) { //Check for last thread the user posted. $lastThread = Fetch(Query("SELECT * FROM {threads} WHERE user={0} ORDER BY id DESC LIMIT 1", $loguserid)); //If it looks similar to this one, assume the user has double-clicked the button. if ($lastThread['forum'] == $fid && $lastThread['title'] == $_POST['title']) { die(header("Location: " . actionLink("thread", $lastThread['id']))); } $rejected = true; Alert(__("You're going too damn fast! Slow down a little."), __("Hold your horses.")); } } } } if (!$rejected) { $bucket = "checkPost"; include "./lib/pluginloader.php"; } if (!$rejected) { $post = $_POST['text']; $options = 0; if ($_POST['nopl']) { $options |= 1; } if ($_POST['nosm']) {
{ $examples = array(BB_TEXT => 'Lorem ipsum ABXD', BB_ID => 'KzyXH2mWkU4', BB_NUMBER => 9001, BB_URL => 'http://abxd.dirbaio.net/', BB_COLOR => '#f00'); $bb = '[' . $bbcode['name']; if ($bbcode['value'] != BB_NULL) { $bb .= "={$examples[$bbcode['value']]}"; } $bb .= ']'; if ($bbcode['text'] != BB_NULL) { $bb .= "{$examples[$bbcode['text']]}[/{$bbcode['name']}]"; } return $bb; } $cell = 1; if (isset($_GET['delete'])) { unset($bbcodes[(int) $_GET['id']]); Alert(__('BBCode was removed correctly')); file_put_contents(BB_FILE, serialize($bbcodes)); } if (isset($_POST['name'])) { if (in_array($_POST['name'], $hardcodedbb)) { Kill(__('This BBCode is hardcoded into board. Sorry...')); } $prepare = array('name' => $_POST['name'], 'value' => $_POST['value'], 'text' => $_POST['text'], 'category' => $_POST['category'], 'description' => $_POST['description'], 'html' => $_POST['html']); if ($_GET['id']) { $bbcodes[$_GET['id'] - 1] = $prepare; } else { $bbcodes[] = $prepare; } file_put_contents(BB_FILE, serialize($bbcodes)); } ?>
$check = FetchResult("select count(*) from {uploader} where id = {0}", $fid); } else { $check = FetchResult("select count(*) from {uploader} where user = {0} and id = {1}", $loguserid, $fid); } if ($check) { $entry = Fetch(Query("select * from {uploader} where id = {0}", $fid)); if ($entry['private']) { @unlink($rootdir . "/" . $entry['user'] . "/" . $entry['filename']); } else { @unlink($rootdir . "/" . $entry['filename']); } Query("delete from {uploader} where id = {0}", $fid); Report("[b]" . $loguser['name'] . "[/] deleted \"[b]" . $entry['filename'] . "[/]\".", 1); die(header("Location: " . actionLink("uploaderlist", "", "cat=" . $_GET["cat"]))); } else { Alert(__("No such file or not yours to mess with.")); } } else { $crumbs = new PipeMenu(); $crumbs->add(new PipeMenuLinkEntry(__("Uploader"), "uploader")); makeBreadcrumbs($crumbs); $errormsg = __("No categories found."); $entries = Query("select * from {uploader_categories} order by ord"); if (NumRows($entries) == 0) { print "\n\t\t<table class=\"outline margin\">\n\t\t\t<tr class=\"header0\">\n\n\n\n\t\t\t\t<th colspan=\"7\">" . __("Files") . "</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell1\">\n\t\t\t\t<td colspan=\"4\">\n\t\t\t\t\t" . $errormsg . "\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t\t"; } else { print "\n\t\t<table class=\"outline margin width50\">\n\t\t\t<tr class=\"header0\">\n\t\t\t\t<th colspan=\"7\">" . __("Categories") . "</th>\n\t\t\t</tr>\n\t\t"; $cellClass = 0; while ($entry = Fetch($entries)) { $filecount = FetchResult("select count(*) from {uploader} where category = {0}", $entry['id']); print "<tr class=\"cell{$cellClass}\"><td>";
if ($_POST['pass'] !== $_POST['pass2']) { $err = __("The passwords you entered don't match."); } else { if ($haveSecurimage) { include "securimage/securimage.php"; $securimage = new Securimage(); if ($securimage->check($_POST['captcha_code']) == false) { $err = __("You got the CAPTCHA wrong."); } } } } } } if ($err) { Alert($err); } else { $newsalt = Shake(); $sha = doHash($_POST['pass'] . $salt . $newsalt); $sex = validateSex($_POST["sex"]); $rUsers = Query("insert into {users} (name, password, pss, regdate, lastactivity, lastip, email, sex, theme) values ({0}, {1}, {2}, {3}, {3}, {4}, {5}, {6}, {7})", $_POST['name'], $sha, $newsalt, time(), $_SERVER['REMOTE_ADDR'], $_POST['email'], $sex, Settings::get("defaultTheme")); $uid = insertId(); if ($uid == 1) { Query("update {users} set powerlevel = 4 where id = 1"); } recalculateKarma($uid); logAction('register', array('user' => $uid)); $user = Fetch(Query("select * from {users} where id={0}", $uid)); $user["rawpass"] = $_POST["pass"]; $bucket = "newuser"; include "lib/pluginloader.php";
$errors .= "Enter password. <br/>"; } if (empty($_POST['email'])) { $errors .= "Enter email address. <br/>"; } if ($errors != "") { Alert("You have the following errors: <br/>" . $errors, "danger"); redirect("frm_users.php"); die; } else { //IF id exists update ELSE insert if (empty($inputs['id'])) { //Insert $inputs = $_POST; unset($inputs['id']); //$inputs['name']=$_POST['name']; $con->myQuery("INSERT INTO users(user_type_id,first_name,middle_name,last_name,username, password,email,contact_no) VALUES(:user_type_id,:first_name,:middle_name,:last_name,:username,:password, :email,:contact_no)", $inputs); Alert("Save succesful", "success"); } else { //Update $con->myQuery("UPDATE users SET user_type_id=:user_type_id,first_name=:name,middle_name=:middle_name,last_name=:last_name,username=:username,password=:password,email=:email,contact_no=:contact_no WHERE id=:id", $inputs); Alert("Update succesful", "success"); } redirect("user.php"); } die; } else { redirect('index.php'); die; } redirect('index.php');
<?php require_once 'support/config.php'; if (!empty($_POST)) { $user = $con->myQuery("SELECT first_name,middle_name,last_name,id,location_id,user_type_id as user_type,location_id FROM users WHERE username=? AND password=?", array($_POST['username'], $_POST['password']))->fetch(PDO::FETCH_ASSOC); if (empty($user)) { Alert("Invalid Username/Password", "success"); redirect('frmlogin.php'); } else { $_SESSION[WEBAPP]['user'] = $user; redirect("index.php"); } die; } else { redirect('frmlogin.php'); die; } redirect('frmlogin.php');
$s_user_tournament = $id; session_register("s_user_max_teams"); $s_user_max_teams = $teams_per_account; session_register("s_user_max_team_members"); $s_user_max_team_members = $max_chars_per_team; session_register("s_max_teams"); $s_max_teams = $max_teams; jumpto("index.php"); } else { Alert("Character does not meet the level requirements to join this tournament"); } } else { Alert("Character does not exist"); } } else { Alert("Account does not exist"); } } ?> <link rel="stylesheet" type="text/css" media="screen" href="../../screen.css"> <style type="text/css"> <!-- .style1 { color: #FFFFFF; font-weight: bold; } .style5 {color: #FFFFFF} --> </style> </head>
if (!$loguserid) { Kill(__("You must be logged in to edit your avatars.")); } if (isset($_POST['action'])) { $mid = (int) $_POST['mid']; if ($_POST['action'] == __("Rename")) { Query("update {moodavatars} set name={0} where mid={1} and uid={2}", $_POST['name'], $mid, $loguserid); Alert(__("Avatar renamed."), __("Okay")); } else { if ($_POST['action'] == __("Delete")) { Query("delete from {moodavatars} where uid={0} and mid={1}", $loguserid, $mid); Query("update {posts} set mood=0 where user={0} and mood={1}", $loguserid, $mid); if (file_exists("{$dataDir}avatars/" . $loguserid . "_" . $mid)) { unlink("{$dataDir}avatars/" . $loguserid . "_" . $mid); } Alert(__("Avatar deleted."), __("Okay")); } else { if ($_POST['action'] == __("Add")) { $highest = FetchResult("select mid from {moodavatars} where uid={0} order by mid desc limit 1", $loguserid); if ($highest < 1) { $highest = 1; } $mid = $highest + 1; //Begin copypasta from edituser/editprofile_avatar... if ($fname = $_FILES['picture']['name']) { $fext = strtolower(substr($fname, -4)); $error = ""; $exts = array(".png", ".jpg", ".gif"); $dimx = 100; $dimy = 100; $dimxs = 60;
// Display the Header define('PAGE_TITLE', ($myPost->GetPrimary() != '' ? 'Edit' : 'Add') . ' Post'); include_once 'inc/header.php'; ?> <div id="main-info"> <h1><?php echo PAGE_TITLE; ?> </h1> </div> <div id="data"> <div id="notifications"> <?php // Report errors to the user Alert(GetAlert('error')); Alert(GetAlert('success'), 'success'); ?> </div> <ul id="options"> <li class="back"><a href="posts.php">Return to Post List</a></li> <?php echo $myPost->GetPrimary() != '' ? '<li class="add"><a href="post.php" title="Add a New Blog Post">Add New Post</a></li>' : ''; ?> </ul> <form action="post.php<?php echo $myPost->GetPrimary() != '' ? '?id=' . $myPost->GetPrimary() : ''; ?> " method="post" name="edit_post"> <?php
} if (empty($inputs['purchase_cost'])) { $inputs['purchase_cost'] = 0; } if ($errors != "") { Alert("You have the following errors: <br/>" . $errors, "danger"); redirect("frm_assets.php"); die; } else { //IF id exists update ELSE insert if (empty($inputs['id'])) { //Insert unset($inputs['id']); $asset_tag = date("Ynd"); $stmt = $con->myQuery("INSERT INTO assets(asset_model_id,asset_status_id,serial_number,asset_name,purchase_date,purchase_cost,order_number,notes,location_id) VALUES(:model_id,:asset_status_id,:serial_number,:asset_name,:purchase_date,:purchase_cost,:order_number,:notes,:location_id)", $inputs); $asset_id = $con->lastInsertId(); $asset_tag = date("Ynd") . $asset_id; $con->myQuery("UPDATE assets SET asset_tag=? WHERE id=?", array($asset_tag, $asset_id)); } else { //Update $con->myQuery("UPDATE assets SET asset_model_id=:model_id,asset_status_id=:asset_status_id,serial_number=:serial_number,asset_name=:asset_name,purchase_date=:purchase_date,order_number=:order_number,purchase_cost=:purchase_cost,notes=:notes,location_id=:location_id WHERE id=:id", $inputs); } Alert("Save succesful", "success"); redirect("assets.php"); } die; } else { redirect('index.php'); die; } redirect('index.php');
continue; } $qPM = "insert into pmsgs (userto, userfrom, date, ip, msgread) values (" . $recipient . ", " . $loguserid . ", " . time() . ", '" . $_SERVER['REMOTE_ADDR'] . "', 0)"; $rPM = Query($qPM); $pid = mysql_insert_id(); $qPMT = "insert into pmsgs_text (pid,title,text) values (" . $pid . ", '" . justEscape($_POST['title']) . "', '" . $post . "')"; $rPMT = Query($qPMT); } Redirect(__("PM sent!"), "private.php?show=1", __("your PM outbox")); exit; } } else { Alert(__("Enter a message and try again."), __("Your PM is empty.")); } } else { Alert(__("Enter a title and try again."), __("Your PM is untitled.")); } } //if($_POST['text']) $prefill = htmlval($_POST['text']); //if($_POST['title']) $trefill = htmlval($_POST['title']); $prefill = $pm['text']; $trefill = $pmtitle; MakePost($pm, 0, 0, 1); Write("\n\t<table style=\"width: 100%;\">\n\t\t<tr>\n\t\t\t<td style=\"vertical-align: top; border: none;\">\n\t\t\t\t<form action=\"showprivate.php\" method=\"post\">\n\t\t\t\t\t<table class=\"outline margin width100\">\n\t\t\t\t\t\t<tr class=\"header1\">\n\t\t\t\t\t\t\t<th colspan=\"2\">\n\t\t\t\t\t\t\t\t" . __("Edit Draft") . "\n\t\t\t\t\t\t\t</th>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell0\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t" . __("To") . "\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"text\" name=\"to\" style=\"width: 98%;\" maxlength=\"1024\" value=\"{2}\" />\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell1\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t" . __("Title") . "\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"text\" name=\"title\" style=\"width: 98%;\" maxlength=\"60\" value=\"{1}\" />\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<tr class=\"cell0\">\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t" . __("Message") . "\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<textarea id=\"text\" name=\"text\" rows=\"16\" style=\"width: 98%;\">{0}</textarea>\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr class=\"cell2\">\n\t\t\t\t\t\t\t<td></td>\n\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Send") . "\" /> \n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Preview") . "\" />\n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Update Draft") . "\" /> \n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"action\" value=\"" . __("Discard Draft") . "\" /> \n\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"id\" value=\"{3}\" />\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t</table>\n\t\t\t\t</form>\n\t\t\t</td>\n\t\t\t<td style=\"width: 200px; vertical-align: top; border: none;\">\n", $prefill, $trefill, $to, $pmid); DoSmileyBar(); DoPostHelp(); Write("\n\t\t\t</td>\n\t\t</tr>\n\t</table>\n"); } else { MakePost($pm, 0, 0, 1); } MakeCrumbs(array("Main" => "./", "Private messages" => "private.php", $pmtitle => ""), $links);
<?php include "dbcon.php"; function Alert($message) { echo "<script language=\"javascript\">\n\t<!--\n\talert('{$message}');\n\thistory.back();\n\t//--!>\n\t</script>"; } // 카운터 TABLE $que = "\n\t\tCREATE TABLE COUNTER_MAIN (\n\t\tno int(10) NOT NULL auto_increment,\n\t\ttime int(10) default NULL,\n\t\tvisit int(10) default NULL,\n\t\tpageview int(10) default NULL,\n\t\tPRIMARY KEY (no)\n\t\t)"; $que_1 = "INSERT INTO COUNTER_MAIN VALUES (1,0,0,0)"; $que2 = "\n\t\tCREATE TABLE COUNTER_REFERER (\n\t\tno int(10) NOT NULL auto_increment,\n\t\ttime int(10) default NULL,\n\t\treferer varchar(255) default NULL,\n\t\tPRIMARY KEY (no)\n\t\t)"; $que3 = "\n\t\tCREATE TABLE COUNTER_SUB (\n\t\tno int(10) NOT NULL auto_increment,\n\t\ttime int(10) default NULL,\n\t\tip char(15) default NULL,\n\t\tPRIMARY KEY (no)\n\t\t)"; mysql_query($que, $dbcon) or Alert(' COUNTER_MAIN 테이블 생성실패'); mysql_query($que_1, $dbcon) or Alert(' COUNTER_MAIN 초기화 실패'); mysql_query($que2, $dbcon) or Alert(' COUNTER_REFERER 테이블 생성실패'); mysql_query($que3, $dbcon) or Alert(' COUNTER_SUB 테이블 생성실패'); Alert('카운터 초기화 성공!!');