// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Pipecode. If not, see <http://www.gnu.org/licenses/>. // if ($zid != $auth_zid) { die("not your page"); } $zones = DateTimeZone::listIdentifiers(DateTimeZone::ALL); if (http_post()) { $javascript_enabled = http_post_bool("javascript_enabled", array("numeric" => true)); $time_zone = http_post_string("time_zone", array("len" => 50, "valid" => "[a-z][A-Z]-_/")); $hide_threshold = http_post_string("hide_threshold", array("valid" => "[0-9]-")); $expand_threshold = http_post_string("expand_threshold", array("valid" => "[0-9]-")); $list_enabled = http_post_bool("list_enabled", array("numeric" => true)); $real_name = http_post_string("real_name", array("len" => 50, "required" => false, "valid" => "[a-z][A-Z]- ")); if (!in_array($time_zone, $zones)) { die("invalid time zone [{$time_zone}]"); } $user_conf["javascript_enabled"] = $javascript_enabled; $user_conf["time_zone"] = $time_zone; $user_conf["hide_threshold"] = $hide_threshold; $user_conf["expand_threshold"] = $expand_threshold; $user_conf["list_enabled"] = $list_enabled; $user_conf["real_name"] = $real_name; db_set_conf("user_conf", $user_conf, $auth_zid); //var_dump($user_conf); //die(); header("Location: /menu/"); die;
$cid = http_post_int("cid", array("required" => false)); $pid = http_post_int("pid", array("required" => false)); $qid = http_post_int("qid", array("required" => false)); $subject = http_post_string("subject", array("len" => 200, "valid" => "[ALL]")); $body = http_post_string("comment", array("len" => 64000, "valid" => "[ALL]")); $answer = http_post_string("answer", array("required" => false)); if ($auth_zid == "") { $zid = ""; $coward = true; if (http_post("post")) { if (!captcha_verify($answer)) { die("captcha failed"); } } } else { $coward = http_post_bool("coward"); if ($coward) { $zid = ""; } else { $zid = $auth_zid; } } $subject = clean_unicode($subject); $subject = clean_entities($subject); $new_body = str_replace("\n", "<br>", $body); $new_body = clean_html($new_body); $time = time(); if ($sid == 0 && $cid == 0 && $pid == 0 && $qid == 0) { die("qid [{$qid}]"); die("sid, cid, pid, and qid are empty"); }