if (data_exists($dataitem)) { $o = json_decode(data_read($dataitem), true); } else { $o = array(); } $c = iescape($_POST['content']); $lines = explode("\n", $c); $t = $lines[0]; unset($lines[0]); $c = implode('</br>', $lines); $o[] = array('title' => $t, 'content' => $c, 'user' => user('id')); data_save($dataitem, json_encode($o)); post_status(LANG('modify the calendar at %%', $_POST['date'])); } } elseif ($_GET['action'] == 'delete') { if (user() && user('verified') && posted('date', 'key')) { $dataitem = 'calendar/' . $_POST['date']; if (data_exists($dataitem)) { $o = json_decode(data_read($dataitem), true); } else { $o = array(); } if (isset($o[$_POST['key']])) { unset($o[$_POST['key']]); } if (count($o) <= 0) { data_remove($dataitem); } else { data_save($dataitem, json_encode($o)); } post_status(LANG('modify the calendar at %%', $_POST['date']));
<?php if (posted('username', 'password', 'retype')) { function chkRegister() { if (!preg_match('/^[0-9a-zA-Z_]+$/', $_POST['username'])) { return LANG('Username must only contain English alphabets, underscore and numbers'); } $u = $_POST['username']; if (data_exists("user/{$u}/pwd")) { return LANG('User exists'); } if (!isset($_POST['password'][2])) { return LANG('Password must be at least 3 charaters long'); } if ($_POST['password'] != $_POST['retype']) { return LANG('Password retype doesn\'t match'); } $p = password($_POST['password']); data_save("user/{$u}/pwd", $p); $_SESSION[USER_SESSION] = $u; } $result = chkRegister(); if ($result) { die(tpl('register', array('errormsg' => $result))); } else { redirect('/'); } } else { die(tpl('register')); }
function POST($index) { if (posted($index)) { return $_POST[$index]; } else { return NULL; } }
//MarkBad functionality if (csrfVerify() && posted("markBad", "qids")) { //--todo-- should be able to EDIT instead of just marking wrong. Also store history of questions viewed - "Views" table (hugeness) so can look back, mark for look back, etc. alert('Marked question(s) ' . arrayToRanges($q->clear()->addByQID(array_intersect_key($_POST["qids"], array_flip($_POST["markBad"])))->markBad()->getQIDs()) . ' as bad.', 1); } $counts = array("QParts" => count($ruleSet["QParts"]), "Subjects" => count($ruleSet["Subjects"]), "QTypes" => count($ruleSet["QTypes"])); $fullname = array("QParts" => "Question Part", "Subjects" => "Subject", "QTypes" => "Question Type"); //Config options, and setting the SESSION variables to new values based on POST variables $checkboxoptions = "<div style='font-size:1.5em;font-weight:bold;'>Options</div>"; if (!sessioned('randq')) { $_SESSION["randq"] = array(); } foreach ($fullname as $name => $full) { $count = count($ruleSet[$name]); $checkboxoptions .= '<div><b>' . $full . '</b> '; if (csrfVerify() && posted($name)) { $_SESSION["randq"][$name] = $_POST[$name]; } elseif (!array_key_exists($name, $_SESSION["randq"])) { $_SESSION["randq"][$name] = NULL; } //Remembering in $_SESSION for ($i = 0; $i < $count; $i++) { $checkboxoptions .= '<label>' . $ruleSet[$name][$i] . ' <input type="checkbox" name="' . $name . '[]" value="' . $i . '" ' . (is_array($_SESSION["randq"][$name]) && in_array($i, $_SESSION["randq"][$name]) || $_SESSION["randq"][$name] === NULL ? 'checked' : '') . ' /></label> '; } $checkboxoptions .= '</div>'; } $_SESSION["randq"]["numqs"] = normRange(csrfVerify() ? POST("numqs") : NULL, 1, $MAX_NUMQS, $DEFAULT_NUMQS); $checkboxoptions .= "<b>Number of Questions</b> (max {$MAX_NUMQS}) <input type='number' name='numqs' value='{$_SESSION["randq"]["numqs"]}' min='1' max='{$MAX_NUMQS}'/>"; //Using the session variables set above to get random questions. //--todo-- what's the point of "add" if you're only doing it this once? Overhead w/ $Q? Really OP. if ($E = $q->clear()->addRand($_SESSION["randq"]["QParts"], $_SESSION["randq"]["Subjects"], $_SESSION["randq"]["QTypes"], $_SESSION["randq"]["numqs"])->error) {
$agent_Usr = cleartext(@$_SERVER["HTTP_USER_AGENT"]); $ket = "{$ip_adr}|{$agent_Usr}"; $DatE = tanggal_simpan_shoutbox(); $name = cleantext($_POST['nama']); $email = cleantext($_POST['email']); $yousay = cleantext($_POST['yousay']); $tglnow = date("Y-m-d"); $tgl = !isset($tgl) ? $tglnow : $tgl; $valid_mail = "^([._a-z0-9-]+[._a-z0-9-]*)@(([a-z0-9-]+\\.)*([a-z0-9-]+)(\\.[a-z]{2,3}))\$"; if (!preg_match($valid_mail, $email)) { $email = ''; } $perintah1 = "INSERT INTO shoutbox (waktu, nama, email, isi, ket,tgl) VALUES ('{$DatE}', '{$name}', '{$email}', '{$yousay}', '{$ket}', '{$tgl}')"; $hasil = @mysql_query($perintah1); if ($hasil) { posted('shoutbox'); @header("location: shoutbox.php"); exit; } } else { echo ' <style> body,p,font,li { font-family:verdana,tahoma,arial; font-size:10px; } </style> '; echo $error; echo "<META HTTP-EQUIV=\"REFRESH\" CONTENT=\"5;URL=./shoutbox.php\">"; }
<?php if (posted('ids')) { $ret = array(); foreach ($_POST['ids'] as $k) { $ret[$k] = getUser($k); } die(json_encode($ret)); }
$q = new qIO(); $q->addByArray($_POST["Q"]); $q->commit(); } catch (Exception $e) { $err = "Error: " . $e->getMessage(); } if ($err == '') { echo "Questions entered successfully, with Question-IDs <b>" . arrayToRanges($q->getQIDs()) . "</b><br><br><br>"; } else { echo $err; } } else { require_class("qIO", "qParser"); $qp = new qParser(); $error = false; if (posted("copypaste")) { $unparsed = $qp->parse($_POST["copypaste"]); } elseif (filed("fileupload")) { require_class("fileToStr"); $fs = new fileToStr(); if (is_array($_FILES["fileupload"]["tmp_name"])) { //for multiple-supporting browsers foreach ($_FILES["fileupload"]["tmp_name"] as $ind => $tmp_name) { $name = $_FILES["fileupload"]["name"][$ind]; echo "File <b>{$name}</b>: "; if ($name == '' || $tmp_name == '') { echo "No file."; } else { $unparsed .= $qp->parse($fs->convert($name, $tmp_name)); } echo "<br>";
<?php define('ROOT_PATH', ''); require_once ROOT_PATH . 'functions.php'; restrictAccess('a'); //xuca if (posted("directory")) { $directory = $_POST["directory"]; if (is_dir($directory)) { require_class("fileToStr", "qParser"); $f = new fileToStr(); $qp = new qParser(); echo "Processing directory {$directory}:<br>"; foreach (glob($directory . '/*.*') as $file) { echo " " . $file . " parsed:<br><textarea>" . $qp->parse($f->convert($file, $file)) . "</textarea><br><br>"; ob_flush(); flush(); } } else { echo "{$directory} is not a valid directory."; } } ?> <form action="bulk_file_process.php" method="POST"> <b>Add All Files From Directory:</b> <input type="text" name="directory"/> </form>
$open['errorpesan'] = $error; }else { $konten = substr($konten,0,500); $konten = wraptext($konten); $judul = wraptext($judul); $IP = getIP(); $time = date('Y-m-d H:i:s'); $hasil = mysql_query ("INSERT INTO komentar (`tgl`,`user`,`email`,`judul`,`konten`,`artikel`,`ip`) VALUES ('$time','$user','$email','$judul','$konten','$id','$IP')"); if ($hasil){ //fungsi untuk proteksi yang telah memposting posted('komentar_add.php'); }else { $open['error'] = true; $open['errorpesan'] = mysql_error(); } } $j = new JSON_obj(); echo $j->encode($open); } break;
<?php if (user() && user('verified') && posted('content')) { data_save('announcement', $_POST['content']); }
<?php define('ROOT_PATH', ''); require_once ROOT_PATH . 'functions.php'; restrictAccess('u'); //xuca /* round.php Conducts a live online round. */ if (posted('get')) { } elseif (posted('give')) { } ?> <div id="chatbox"></div> <input type="text" onkeypress="checkChatKey()"/> <script> jQuery.extend({ postJSON: function( url, data, callback) { return jQuery.post(url, data, callback, "json"); } }); function getNext(){ var obj=$.postJSON('round.php',{get:true,current:window.current}); obj.newItems.forEach( } function checkChatKey(e){ if(!e)var e=window.event; if(e.keyCode==13){addNext(this.value);this.value="";} }
<?php if (posted('username', 'password')) { function chkLogin() { $u = $_POST['username']; if (!data_exists("user/{$u}/pwd")) { return LANG('No such user'); } $p = password($_POST['password']); if ($p != data_read("user/{$u}/pwd")) { return LANG('Password wrong'); } $_SESSION[USER_SESSION] = $u; return false; } $result = chkLogin(); if ($result) { die(tpl('login', array('errormsg' => $result))); } else { redirect($_POST['refer']); } } else { die(tpl('login')); }
<?php $dbserv = "localhost"; $dbuser = "******"; $dbpass = "******"; $dbdb = "kwitter"; if (posted($_POST['username']) && posted($_POST['password'])) { $db = @mysql_connect($dbserv, $dbuser, $dbpass); mysql_select_db($dbdb, $db); if (posted($_POST['password2'])) { if ($_POST['password'] != $_POST['password2']) { sign_up(false, true); } else { $q = sprintf("SELECT * FROM users WHERE username='******'", mysql_real_escape_string($_POST['username'])); $res = mysql_query($q, $db); if (mysql_num_rows($res) > 0) { sign_up(true, false); } else { $q2 = sprintf("INSERT INTO users VALUES('%s','%s')", mysql_real_escape_string($_POST['username']), md5($_POST['password'])); mysql_query($q2, $db); setcookie("aura", $_POST['username'], time() + 3600); header('Location: index.php'); } } } else { $q = sprintf("SELECT * FROM users WHERE username='******' AND password='******'", mysql_real_escape_string($_POST['username']), md5($_POST['password'])); $res = mysql_query($q, $db); if (mysql_num_rows($res) == 1) { setcookie("aura", $_POST['username'], time() + 3600); mysql_close($db); header('Location: index.php');
function search_result_date($atts) { assert_article(); return posted($atts); }
header("HTTP/1.1 404 Not Found"); exit; } //$index_hal = 1; $pid = int_filter(@$_POST['pid']); $pilihan = int_filter(@$_POST['pilihan']); $cetak['tengah'] = '<h4 class="bg">Jajak Pendapat</h4>'; $sekarang_timeout = time(); $vote_lebih2x = false; if (isset($_POST['submit'])) { //setcookie("COOKIE_VOTE", "vote", time()+3600); $query1 = "SELECT * FROM polling WHERE pid='{$pid}'"; if (cek_posted('polling_result.php')) { $vote_lebih2x = true; } else { posted('polling_result.php'); //---- baca data polling $hasil = mysql_query($query1); $data = mysql_fetch_array($hasil); $PJAWABAN_TMP = explode("#", $data["pjawaban"]); $jmljwb = count($PJAWABAN_TMP); $PJAWABAN_TMP[$pilihan]++; $PJAWABAN = ''; for ($i = 0; $i < $jmljwb; $i++) { $PJAWABAN .= $PJAWABAN_TMP[$i] . "#"; } $PJAWABAN = substr_replace($PJAWABAN, "", -1, 1); //----------------------------------------------- //---- simpan data terbaru $query2 = "UPDATE `polling` SET `pjawaban`='{$PJAWABAN}' WHERE `pid`='{$pid}'"; mysql_query($query2);
if (loginEmailPass($_POST['email'], $_POST['pass'])) { reset_attempts('login'); if (isset($_SESSION['login_redirect_back'])) { //--todo-- redirect back immediately, don't redirect $lr = $_SESSION['login_redirect_back']; alert('Logged in!', 1, basename($lr)); unset($_SESSION['login_redirect_back']); header('Location: ' . $lr); } else { alert('Successfully logged in!', 1); } } else { logout(); alert('Incorrect username or password.', -1); } } elseif (posted('signup')) { //What happens when no access to the captcha server? if (!chkCaptcha()) { alert('Invalid reCAPTCHA entry; try again.', -1); } else { $err = newProfileError($_POST['s_email'], $_POST['s_pass'], $_POST['s_confpass']); if ($err === false) { alert('Successfully signed up; you can now log in.', 1); $signup_success = true; reset_attempts('login'); } else { alert(htmlentities($err), -1); } } } }
<?php require_once 'login.php'; if (!logged_in()) { login_page(); } else { // Connect no matter what $db = @mysql_connect($dbserv, $dbuser, $dbpass); mysql_select_db($dbdb, $db); if (isset($_GET['clear'])) { mysql_query("DELETE FROM kweets", $db); } if (posted($_POST['status'])) { $status = $_POST['status']; $user = $_COOKIE['aura']; $q = "INSERT INTO kweets VALUES('{$status}','{$user}','0')"; mysql_query($q, $db); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Kwitter</title> <link rel="stylesheet" type="text/css" href="style.css"/> </head> <body> <div id="main"> <h2><a href="index.php">Kwitter</a> | <a href="login.php?logout">Log out</a> | <a href="login.php?delete">Delete Account</a>
function search_result_date($atts) { return posted($atts); }
<?php if (!isset($_GET['action'])) { die; } import('model/status.php'); if ($_GET['action'] == 'delete') { remove_status($_POST['id'] * 1, true); } elseif ($_GET['action'] == 'post') { if (user() && posted('content')) { if (trim($_POST['content'])) { post_status($_POST['content'], 'say'); } } } elseif ($_GET['action'] == 'fetch') { die(json_encode(list_status($_GET['start'] * 1, $_GET['limit'] * 1))); } elseif ($_GET['action'] == 'querynew') { $id = $_GET['id'] * 1; if ($id < last_post_id()) { die('new'); } die('none'); }
public function __construct($limit, $reverse) { $this->limit = $limit; $this->reverse = $reverse; // for cache comparison $this->currentDate = safe_strftime('%Y-%m-%d'); // use current date if used in a page template if ($GLOBALS['is_article_list'] && empty($GLOBALS['thisarticle'])) { $this->date = $this->currentDate; } else { $this->date = posted(array('format' => '%Y-%m-%d')); } // need the day in "Month_DAY" format $this->day = strftime('%B_%e', strtotime($this->date)); // for days 1-9, remove an extra space $this->day = str_replace(' ', '', $this->day); // construct URI $this->rootUri = 'http://en.wikipedia.org/wiki/'; $this->uri = $this->rootUri . $this->day; }
<?php define('ROOT_PATH', ''); require_once ROOT_PATH . 'functions.php'; if (posted("bug")) { logfile('bugs', POST("bug")); echo "<pre>" . htmlentities($bug) . "</pre><br>We got your bug! Thanks!"; } else { echo '<p>Hi, this is the bug-processing page! You can submit a bug or feature request up there in the upper-right corner. Thanks!</p>'; echo '<p>Or, you can send it to me directly at <a href="mailto:' . $WEBMASTER_EMAIL . '">' . $WEBMASTER_EMAIL . '</a> if even the bug reporting isn\'t working.'; }