function confirmPGP($email, $confirm)
{
require_once includePath() . "/lock.php";
if (!lockAction('confirmpgp')) {
return false;
}
$result = databaseQuery("SELECT id FROM gpgmw_keys WHERE confirm = ? AND email = ?", array($confirm, $email));
if ($row = $result->fetch()) {
databaseQuery("UPDATE gpgmw_keys SET confirm = '' WHERE id = ?", array($row[0]));
return true;
}
return false;
}
function postDrop($post_id)
{
global $database_cfg;
if (postExistsById($post_id)) {
databaseQuery("delete from " . $database_cfg["prefix"] . "posts where id='" . intval($post_id) . "'", "Can't delete post");
}
}
function groupDropFlags($id, $flags)
{
$group = groupGetById($id);
if (is_array($group)) {
$flags1 = $group["flags"];
$flags1 = stringDropTokens($flags1, $flags);
global $database_cfg;
databaseQuery("update " . $database_cfg["prefix"] . "groups set (flags='" . $flags1 . "'", "Can not add group flags");
} else {
return "Group with given id doesn't exists";
}
}
function topicAddModerators($topic_id, $users)
{
global $database_cfg;
$topic_moders = topicGetModeratorsString($topic_id);
$topic_moders = stringAddTokens($topic_moders, $users);
databaseQuery("update " . $database_cfg["prefix"] . "topics set moderators='" . $topic_moders . "' where id='" . intval($topic_id) . "'", "Can't set topic moderators");
}
} else {
$message = $spaceName . " is already added to the list!";
}
}
} else {
$message = "The URL is already added to the list!";
}
} else {
$message = urlencode("Please include the JSON URL to use for the space.\nExample: /add https://example.com/json");
}
sendMessage($recipient, $message);
} else {
if ($command == "/start" || $command == "/help") {
$message = urlencode("Let's get started!\n\nFirst of all, to get a list of all spaces that are available to use within this bot, use /spaces.\nIf you see a space you'd like to get the status of, use /state <space>.\nWant to set a default? Use /default <space>. You can get the status of the default space with /state.\nIf there's a space that you'd like to use this bot with, use /add <url>.\n\nFor background info about this bot, use /info.\n\nDo you want to completely remove all your preferences stored by this bot? Use /purge.");
sendMessage($recipient, $message);
} else {
if ($command == "/info") {
$message = urlencode("This bot has been created by @stuiterveer. Shoot me a message if you'd like or visit https://stuiterveer.com/. It's okay, I won't bite!\n\nLooking for the source code for this bot? https://github.com/ACKspace/SpaceAPIBot has everything you need!");
sendMessage($recipient, $message);
} else {
if ($command == "/purge") {
databaseQuery("DELETE FROM " . $defaultsTable . " WHERE `ID` = " . $recipient);
$message = "All data that's stored for your account by this bot is removed!";
sendMessage($recipient, $message);
}
}
}
}
}
}
}
function userDrop($user_id)
{
global $database_cfg;
if (userExistsById($user_id)) {
databaseQuery("delete from " . $database_cfg["prefix"] . "users where id='" . intval($post_id) . "'", "Can't delete user");
}
}
<?php
//
// logout.php
// IT Club
//
// Copyright (c) 2015, Mr. Gecko's Media (James Coleman)
// All rights reserved.
//
// The log out page.
//
databaseQuery("UPDATE users SET time=%d WHERE docid=%s", $_MGM['time'], $_MGM['user']['docid']);
setcookie("{$_MGM['CookiePrefix']}user_email", "", $_MGM['time'], $_MGM['CookiePath'], $_MGM['CookieDomain']);
setcookie("{$_MGM['CookiePrefix']}user_password", "", $_MGM['time'], $_MGM['CookiePath'], $_MGM['CookieDomain']);
header("location: " . generateURL("login"));
exit;
function setSetting($name, $value)
{
$results = databaseQuery("SELECT value FROM settings WHERE name=%s", $name);
if ($results == NULL || databaseRowCount($results) == 0) {
databaseQuery("INSERT INTO settings (name,value) VALUES (%s,%s)", $name, $value);
} else {
databaseQuery("UPDATE settings SET value=%s WHERE name=%s", $value, $name);
}
}
?>
<span style="color: #ff0000">Missing fields.</span><?php
exit;
}
if (!filter_var($contact, FILTER_VALIDATE_EMAIL)) {
$contact = preg_replace("/[^0-9]/", "", $contact);
if (strlen($contact) == 7) {
$contact = "256" . $contact;
} else {
if (strlen($contact) != 10) {
?>
<span style="color: #ff0000">Invalid contact info.</span><?php
exit;
}
}
}
$rsvps = databaseQuery("SELECT * FROM rsvp WHERE meeting=%s AND contact=%s", $id, $contact);
$rsvp = databaseFetchAssoc($rsvps);
if ($rsvp != NULL) {
databaseQuery("UPDATE rsvp SET choice=%s WHERE meeting=%s AND contact=%s", $choice, $id, $contact);
?>
<span style="color: #00ff00">Your RSVP was updated.</span><?php
} else {
databaseQuery("INSERT INTO rsvp (meeting,name,contact,choice,date) VALUES (%s,%s,%s,%s,%s)", $id, $name, $contact, $choice, $_MGM['time']);
?>
<span style="color: #00ff00">Your RSVP was submitted.</span><?php
}
}
}
}
exit;
function lockAction($action)
{
global $config;
$lock_time_initial = $config['lock_time_initial'];
$lock_time_overload = $config['lock_time_overload'];
$lock_count_overload = $config['lock_count_overload'];
$lock_time_reset = $config['lock_time_reset'];
$lock_time_max = $config['lock_time_max'];
if (!isset($lock_time_initial[$action])) {
return true;
//well we can't do anything...
}
$ip = $_SERVER['REMOTE_ADDR'];
$replace_id = -1;
//first find records with ip/action
$result = databaseQuery("SELECT id, time, num FROM gpgmw_locks WHERE ip = ? AND action = ?", array($ip, $action), true);
if ($row = $result->fetch()) {
$id = $row['id'];
$time = $row['time'];
$count = $row['num'];
//>=0 count means it's a regular initial lock; -1 count means overload lock
if ($count >= 0) {
if (time() <= $time + $lock_time_initial[$action]) {
return false;
} else {
if (time() > $time + $lock_time_reset) {
//this entry is old, but use it to replace
$replace_id = $id;
} else {
//increase the count; maybe initiate an OVERLOAD
$count = $count + 1;
if ($count >= $lock_count_overload[$action]) {
databaseQuery("UPDATE gpgmw_locks SET num = '-1', time = ? WHERE ip = ?", array(time(), $ip));
return false;
} else {
databaseQuery("UPDATE gpgmw_locks SET num = ?, time = ? WHERE ip = ?", array($count, time(), $ip));
}
}
}
} else {
if (time() <= $time + $lock_time_overload[$action]) {
return false;
} else {
//their overload is over, so this entry is old
$replace_id = $id;
}
}
} else {
databaseQuery("INSERT INTO gpgmw_locks (ip, time, action, num) VALUES (?, ?, ?, '1')", array($ip, time(), $action));
}
if ($replace_id != -1) {
databaseQuery("UPDATE gpgmw_locks SET num = '1', time = ? WHERE id = ?", array(time(), $replace_id));
}
//some housekeeping
$delete_time = time() - $lock_time_max;
databaseQuery("DELETE FROM gpgmw_locks WHERE time <= ?", array($delete_time));
return true;
}
//
$error = "";
if (isset($_REQUEST['login'])) {
$email = isset($_REQUEST['email']) ? trim($_REQUEST['email']) : "";
$password = isset($_REQUEST['password']) ? trim($_REQUEST['password']) : "";
$result = databaseQuery("SELECT * FROM users WHERE email=%s AND level!=0", $email);
$user = databaseFetchAssoc($result);
if ($user == NULL) {
$error = "Invalid login credentials.";
} else {
$salt = substr($user['password'], 0, 12);
$epassword = $salt . hashPassword($password, hex2bin($salt));
if ($epassword != $user['password']) {
$error = "Invalid login credentials.";
} else {
databaseQuery("UPDATE users SET time=%d WHERE email=%s", $_MGM['time'], $email);
setcookie("{$_MGM['CookiePrefix']}user_email", $email, $_MGM['time'] + 31536000, $_MGM['CookiePath'], $_MGM['CookieDomain']);
setcookie("{$_MGM['CookiePrefix']}user_password", hash("sha512", $epassword . $_MGM['time']), $_MGM['time'] + 31536000, $_MGM['CookiePath'], $_MGM['CookieDomain']);
header("location: " . generateURL("members"));
exit;
}
}
}
require_once "header.php";
if (!empty($error)) {
?>
<div style="color: #ff0000; font-weight: bold;"><?php
echo $error;
?>
</div><?php
}
<?php
//
// rsvp.php
// IT Club
//
// Copyright (c) 2015, Mr. Gecko's Media (James Coleman)
// All rights reserved.
//
// RSVP Center.
//
require_once "header.php";
if (!empty($_MGM['path'][1]) && intVal($_MGM['path'][1]) != 0) {
$meetings = databaseQuery("SELECT * FROM meetings WHERE id=%s", $_MGM['path'][1]);
$meeting = databaseFetchAssoc($meetings);
?>
<style type="text/css">
#rsvp_form {
margin: 0 auto;
width: 280px;
padding: 20px;
border-radius: 20px;
background: #ffffff;
}
.rsvp_option {
display: inline;
}
</style>
<br />
<div id="rsvp_form">
<h4 style="text-align: center;">Meeting RSVP for<br /><?php
<body>
<div id="wrapper">
<nav id="sidebar-wrapper">
<ul class="sidebar-nav">
<li class="sidebar-brand">
<a href="<?php
echo $_MGM['installPath'];
?>
"><img src="<?php
echo $_MGM['installPath'];
?>
logo.png" alt="logo" id="sidebar-logo" /></a>
</li>
<?php
$results = databaseQuery("SELECT * FROM `sidebar` ORDER BY `order`");
while ($result = databaseFetchAssoc($results)) {
?>
<li class="sidebar-link"><a <?php
echo substr($result['url'], 0, 1) == "/" ? "" : "target=\"_blank\"";
?>
href="<?php
echo htmlspecialchars($result['url'], ENT_COMPAT | ENT_HTML401, 'UTF-8', true);
?>
"><?php
echo htmlspecialchars($result['title'], ENT_COMPAT | ENT_HTML401, 'UTF-8', true);
?>
</a></li><?php
}
?>
<?php
