function addNewUser($email,$password = "") { /* "id" => array("integer not null primary key auto_increment","sys:ID"), "email" => array("varchar(255) not null","Email"), "confirmed" => array("tinyint default 0","sys:Is the email of this user confirmed"), "entered" => array("datetime","sys:Time Created"), "modified" => array("timestamp","sys:Time modified"), "uniqid" => array("varchar(255)","sys:Unique ID for User"), "unique" => array("(email)","sys:unique"), "htmlemail" => array("tinyint default 0","Send this user HTML emails"), "subscribepage" => array("integer","sys:Which page was used to subscribe"), "rssfrequency" => array("varchar(100)","RSS Frequency"), "password" => array("varchar(255)","Password"), "passwordchanged" => array("datetime","sys:Last time password was changed"), "disabled" => array("tinyint default 0","Is this account disabled?"), "extradata" => array("text","Additional data"), */ // insert into user db Sql_Query(sprintf('insert into user set email = "%s", entered = now(),modified = now(),password = "******", passwordchanged = now(),disabled = 0, uniqid = "%s",htmlemail = 1 ', $email,$password,getUniqid())); $id = Sql_Insert_Id(); return $id; }
function addEmail($email, $password = "") { Sql_Query(sprintf('insert into user set email = "%s", entered = now(),password = "******", passwordchanged = now(),disabled = 0, uniqid = "%s",htmlemail = 1 ', $email, $password, getUniqid()), 1); $id = Sql_Insert_Id(); if (is_array($_SESSION["userdata"])) { saveUserByID($id, $_SESSION["userdata"]); } $_SESSION["userid"] = $id; return $id; }
<?php if (empty($_SESSION['last_addemail'])) { $_SESSION['last_addemail'] = 0; } if (!empty($_GET['email'])) { $delay = time() - $_SESSION['last_addemail']; if ($delay > ADD_EMAIL_THROTTLE) { $_SESSION['last_addemail'] = time(); Sql_Query(sprintf('insert into %s (email,uniqid,htmlemail,entered) values("%s","%s",1,now())', $GLOBALS['tables']['user'], sql_escape($_GET['email']), getUniqid()), 1); addUserHistory($_GET['email'], 'Added by ' . adminName(), ''); $status = $GLOBALS['I18N']->get('Email address added'); } else { # pluginsCall('processError','Error adding email address, throttled'); foreach ($GLOBALS['plugins'] as $plname => $plugin) { $plugin->processError('Add email throttled ' . $delay); } $status = $GLOBALS['I18N']->get('Adding email address failed'); } }
$result = Sql_query(sprintf('SELECT id,uniqid FROM %s WHERE email = "%s"', $tables["user"], $importuser["email"])); if (Sql_affected_rows()) { // Email exist, remember some values to add them to the lists $count_exist++; $user = Sql_fetch_array($result); $userid = $user["id"]; $uniqid = $user["uniqid"]; Sql_Query(sprintf('update %s set htmlemail = %d where id = %d', $tables["user"], $_POST["markhtml"] ? "1" : "0", $userid)); } else { // Email does not exist $new = 1; // Create unique number mt_srand((double) microtime() * 1000000); $randval = mt_rand(); $uniqid = getUniqid(); $query = sprintf('INSERT INTO %s (email,entered,confirmed,uniqid,htmlemail) values("%s",current_timestamp,%d,"%s",%d)', $tables["user"], $importuser["email"], $_POST["notify"] != "yes", $uniqid, $_POST["markhtml"] ? "1" : "0"); $result = Sql_query($query); $userid = Sql_Insert_Id($tables['user'], 'id'); $count_email_add++; $some = 1; } if ($_POST["overwrite"] == "yes") { if ($usetwo) { Sql_query(sprintf('replace into %s (attributeid,userid,value) values(%d,%d,"%s")', $tables["user_attribute"], $firstname_att_id, $userid, $importuser["firstname"])); Sql_query(sprintf('replace into %s (attributeid,userid,value) values(%d,%d,"%s")', $tables["user_attribute"], $lastname_att_id, $userid, $importuser["lastname"])); } else { Sql_query(sprintf('replace into %s (attributeid,userid,value) values(%d,%d,"%s")', $tables["user_attribute"], $name_att_id, $userid, $importuser["personal"])); } }
function addNewUser($email, $password = "") { if (empty($GLOBALS['tables']['user'])) { $GLOBALS['tables']['user'] = '******'; } /* "id" => array("integer not null primary key auto_increment","sys:ID"), "email" => array("varchar(255) not null","Email"), "confirmed" => array("tinyint default 0","sys:Is the email of this user confirmed"), "entered" => array("datetime","sys:Time Created"), "modified" => array("timestamp","sys:Time modified"), "uniqid" => array("varchar(255)","sys:Unique ID for User"), "unique" => array("(email)","sys:unique"), "htmlemail" => array("tinyint default 0","Send this user HTML emails"), "subscribepage" => array("integer","sys:Which page was used to subscribe"), "rssfrequency" => array("varchar(100)","rss Frequency"), // Leftover from the preplugin era "password" => array("varchar(255)","Password"), "passwordchanged" => array("datetime","sys:Last time password was changed"), "disabled" => array("tinyint default 0","Is this account disabled?"), "extradata" => array("text","Additional data"), */ // insert into user db $exists = Sql_Fetch_Row_Query(sprintf('select id from %s where email = "%s"', $GLOBALS['tables']['user'], $email)); if ($exists[0]) { return $exists[0]; } $passwordEnc = encryptPass($password); Sql_Query(sprintf('insert into %s set email = "%s", entered = now(),modified = now(),password = "******", passwordchanged = now(),disabled = 0, uniqid = "%s",htmlemail = 1 ', $GLOBALS['tables']['user'], $email, $passwordEnc, getUniqid())); $id = Sql_Insert_Id(); return $id; }
# now check whether this user already exists. $email = $_POST["email"]; if (preg_match("/(.*)\n/U", $email, $regs)) { $email = $regs[1]; } $result = Sql_query("select * from {$GLOBALS["tables"]["user"]} where email = \"{$email}\""); #" if (isset($_POST['rssfrequency'])) { $rssfrequency = validateRssFrequency($_POST['rssfrequency']); } else { $rssfrequency = ''; } if (!Sql_affected_rows()) { # they do not exist, so add them $query = sprintf('insert into %s (email,entered,uniqid,confirmed, htmlemail,subscribepage,rssfrequency) values("%s",now(),"%s",0,%d,%d,"%s")', $GLOBALS["tables"]["user"], addslashes($email), getUniqid(), $htmlemail, $id, $rssfrequency); $result = Sql_query($query); $userid = Sql_Insert_Id(); addSubscriberStatistics('total users', 1); } else { # they do exist, so update the existing record # read the current values to compare changes $old_data = Sql_fetch_array($result); if (ASKFORPASSWORD && $old_data["password"]) { if (ENCRYPTPASSWORD) { $canlogin = md5($_POST["password"]) == $old_data["password"]; } else { $canlogin = $_POST["password"] == $old_data["password"]; } if (!$canlogin) { $msg = $GLOBALS["strUserExists"];
function addEmail($email, $password = "") { ## don't touch the password if it's empty if (!empty($password)) { $passwordchange = sprintf('password = "******", passwordchanged = current_timestamp,', $password); } else { $passwordchange = ''; } Sql_Query(sprintf('insert into user set email = "%s", entered = current_timestamp,%s disabled = 0, uniqid = "%s",htmlemail = 1 ', $email, $passwordchange, getUniqid()), 1); $id = Sql_Insert_Id('user', 'id'); if (is_array($_SESSION["userdata"])) { saveUserByID($id, $_SESSION["userdata"]); } $_SESSION["userid"] = $id; return $id; }
# make sure to save the correct data if ($subscribepagedata["htmlchoice"] == "checkfortext" && empty($_POST["textemail"])) { $htmlemail = 1; } else { $htmlemail = !empty($_POST["htmlemail"]); } # now check whether this user already exists. $email = $_POST["email"]; if (preg_match("/(.*)\n/U", $email, $regs)) { $email = $regs[1]; } $result = Sql_query(sprintf('select * from %s where email = "%s"', $GLOBALS["tables"]["user"], sql_escape($email))); if (!Sql_affected_rows()) { # they do not exist, so add them $query = sprintf('insert into %s (email,entered,uniqid,confirmed, htmlemail,subscribepage) values("%s",current_timestamp,"%s",0,%d,%d)', $GLOBALS["tables"]["user"], sql_escape($email), getUniqid(), $htmlemail, $id); $result = Sql_query($query); $userid = Sql_Insert_Id($GLOBALS['tables']['user'], 'id'); addSubscriberStatistics('total users', 1); } else { # they do exist, so update the existing record # read the current values to compare changes $old_data = Sql_fetch_array($result); if (ASKFORPASSWORD && $old_data["password"]) { $encP = encryptPass($_POST["password"]); $canlogin = !empty($encP) && !empty($_POST['password']) && $encP == $old_data["password"]; # print $canlogin.' '.$_POST['password'].' '.$encP.' '. $old_data["password"]; if (!$canlogin) { $msg = '<p class="error">' . $GLOBALS["strUserExists"] . '</p>'; $msg .= '<p class="information">' . $GLOBALS["strUserExistsExplanationStart"] . sprintf('<a href="%s&email=%s">%s</a>', getConfig("preferencesurl"), $email, $GLOBALS["strUserExistsExplanationLink"]) . $GLOBALS["strUserExistsExplanationEnd"] . '</p>'; return;
# make sure to save the correct data if ($subscribepagedata['htmlchoice'] == 'checkfortext' && empty($_POST['textemail'])) { $htmlemail = 1; } else { $htmlemail = !empty($_POST['htmlemail']); } # now check whether this user already exists. $email = $_POST['email']; if (preg_match("/(.*)\n/U", $email, $regs)) { $email = $regs[1]; } $result = Sql_query(sprintf('select * from %s where email = "%s"', $GLOBALS['tables']['user'], sql_escape($email))); if (!Sql_affected_rows()) { # they do not exist, so add them $query = sprintf('insert into %s (email,entered,uniqid,confirmed, htmlemail,subscribepage) values("%s",now(),"%s",0,%d,%d)', $GLOBALS['tables']['user'], sql_escape($email), getUniqid(), $htmlemail, $id); $result = Sql_query($query); $userid = Sql_Insert_Id(); addSubscriberStatistics('total users', 1); } else { # they do exist, so update the existing record # read the current values to compare changes $old_data = Sql_fetch_array($result); if (ASKFORPASSWORD && $old_data['password']) { $encP = encryptPass($_POST['password']); $canlogin = !empty($encP) && !empty($_POST['password']) && $encP == $old_data['password']; # print $canlogin.' '.$_POST['password'].' '.$encP.' '. $old_data["password"]; if (!$canlogin) { $msg = '<p class="error">' . $GLOBALS['strUserExists'] . '</p>'; $msg .= '<p class="information">' . $GLOBALS['strUserExistsExplanationStart'] . sprintf('<a href="%s&email=%s">%s</a>', getConfig('preferencesurl'), $email, $GLOBALS['strUserExistsExplanationLink']) . $GLOBALS['strUserExistsExplanationEnd'] . '</p>'; return;
"><input type=submit name=subscribe value="<?php echo $GLOBALS['I18N']->get('add user'); ?> "></form></td></tr></table> <?php return; } } } if (isset($_REQUEST["doadd"])) { if ($_POST["action"] == "insert") { $email = trim($_POST["email"]); print $GLOBALS['I18N']->get("Inserting user") . " {$email}"; $result = Sql_query(sprintf(' insert into %s (email,entered,confirmed,htmlemail,uniqid) values("%s",now(),1,%d,"%s")', $tables["user"], $email, $htmlemail, getUniqid())); $userid = Sql_insert_id(); $query = "insert into {$tables['listuser']} (userid,listid,entered)\n values({$userid},{$id},now())"; $result = Sql_query($query); # remember the users attributes $res = Sql_Query("select * from {$tables['attribute']}"); while ($row = Sql_Fetch_Array($res)) { $fieldname = "attribute" . $row["id"]; $value = $_POST[$fieldname]; if (is_array($value)) { $newval = array(); foreach ($value as $val) { array_push($newval, sprintf('%0' . $checkboxgroup_storesize . 'd', $val)); } $value = join(",", $newval); }
echo $GLOBALS['I18N']->get('add user'); ?> "></form></td></tr></table> <?php return; } } } if (isset($_REQUEST["doadd"])) { if ($_POST["action"] == "insert") { $email = trim($_POST["email"]); #TODO validate email address. print $GLOBALS['I18N']->get("Inserting user") . " {$email}"; $result = Sql_query(sprintf(' insert into %s (email,entered,confirmed,htmlemail,uniqid) values("%s",now(),1,%d,"%s")', $tables["user"], $email, !empty($_POST['htmlemail']) ? '1' : '0', getUniqid())); $userid = Sql_insert_id(); $query = "insert into {$tables['listuser']} (userid,listid,entered)\n values({$userid},{$id},now())"; $result = Sql_query($query); # remember the users attributes $res = Sql_Query("select * from {$tables['attribute']}"); while ($row = Sql_Fetch_Array($res)) { $fieldname = "attribute" . $row["id"]; $value = $_POST[$fieldname]; if (is_array($value)) { $newval = array(); foreach ($value as $val) { array_push($newval, sprintf('%0' . $checkboxgroup_storesize . 'd', $val)); } $value = join(",", $newval); }
<tr><td colspan=2><input type=hidden name=action value="insert"><input type=hidden name=doadd value="yes"><input type=hidden name=id value="<? echo $id ?>"><input type=submit name=subscribe value="Add User"></form></td></tr></table> <? return; } } } if ($doadd) { if ($action == "insert") { print "Inserting user $email"; $result = Sql_query(sprintf(' insert into %s (email,entered,confirmed,htmlemail,uniqid) values("%s",now(),1,%d,"%s")', $tables["user"],$email,$htmlemail,getUniqid())); $userid = Sql_insert_id(); $query = "insert into $tables[listuser] (userid,listid,entered) values($userid,$id,now())"; $result = Sql_query($query); # remember the users attributes $res = Sql_Query("select * from $tables[attribute]"); while ($row = Sql_Fetch_Array($res)) { if ($row["tablename"] != "") $fieldname = $row["tablename"]; else $fieldname = "attribute" .$row["id"]; $value = $_POST[$fieldname]; if (is_array($value)) { $newval = array(); foreach ($value as $val) {
function removeItemFromWishlist($username, $iid) { //query creation $wishlistQuery = sprintf("select * from wishes_for where username='******';", $username); //query database $databaseConnection = GetDatabaseConnection(); $wishlistResult = $databaseConnection->query($wishlistQuery); if ($wishlistResult->num_rows == 0) { $wid = getUniqid("wishes_for", "wid"); $wishlistQuery = sprintf("insert into wishes_for (`wid`,`username`) VALUES ('%s','%s');", $wid, $username); //query database $databaseConnection = GetDatabaseConnection(); $wishlistResult = $databaseConnection->query($wishlistQuery); } else { $wid = $wishlistResult->fetch_assoc()["wid"]; } //query creation $itemQuery = sprintf("DELETE FROM filled_with WHERE wid='%s' AND iid='%s';", $wid, $iid); //query database $databaseConnection = GetDatabaseConnection(); $itemResult = $databaseConnection->query($itemQuery); if ($itemResult) { return json_encode(array("success" => "true")); } else { echo $databaseConnection->error; } }