$_joined = sprintf(" AND `joined` > '%s'", date('Y-m-d H:i:s', $POST_joined['0']));
} elseif ($POST_joined['1'] > 0) {
$_joined = sprintf(" AND `joined` < '%s'", date('Y-m-d H:i:s', $POST_joined['1']));
} else {
$_joined = '';
}
if ($POST_last_login['0'] > 0 && $POST_last_login['1'] > 0) {
$_last_login = sprintf(" AND `last_login` BETWEEN '%s' AND '%s'", date('Y-m-d H:i:s', $POST_last_login['0']), date('Y-m-d H:i:s', $POST_last_login['1']));
} elseif ($POST_last_login['0'] > 0) {
$_last_login = sprintf(" AND `last_login` > '%s'", date('Y-m-d H:i:s', $POST_last_login['0']));
} elseif ($POST_last_login['1'] > 0) {
$_last_login = sprintf(" AND `last_login` < '%s'", date('Y-m-d H:i:s', $POST_last_login['1']));
} else {
$_last_login = '';
}
$_member = sc_get_result("SELECT * FROM `member` WHERE `username` LIKE '%%%s%%' AND `email` LIKE '%%%s%%' AND `web_site` LIKE '%%%s%%' {$_last_login} {$_joined} {$_level} ORDER BY `id` ASC", array(sc_namefilter($_POST['username']), $_POST['email'], $_POST['web_site']));
}
$view = new View('theme/admin_default.html', 'admin/nav.php', '', $center['site_name'], '會員搜尋', true);
?>
<h2 class="page-header">會員搜尋</h2>
<?php
if (!isset($_GET['search']) or !isset($_POST['level']) or !isset($_POST['joined']) or !isset($_POST['last_login']) or !isset($_POST['username']) or !isset($_POST['email']) or !isset($_POST['web_site'])) {
?>
<form class="form-horizontal form-sm" action="membersearch.php?search" method="POST">
<div class="form-group">
<label class="col-sm-3 control-label" for="username">帳號:</label>
<div class="col-sm-9">
<input class="form-control" name="username" type="text">
</div>
</div>
<div class="form-group">
<?php
if ($_post['row']['level'] > 1) {
?>
<li><span class="label"><?php
echo sc_member_level($_post['row']['level']);
?>
</span></li>
<?php
}
?>
<li><?php
echo $_author['row']['username'];
?>
</li>
<li><?php
echo date('Y-m-d H:i', strtotime($_post['row']['mktime']));
?>
</li>
<li><?php
echo implode('', $_reply['row']);
?>
回覆</li>
</ul>
</div>
<?php
} while ($_post['row'] = $_post['query']->fetch_assoc());
$_all_post = sc_get_result("SELECT COUNT(*) FROM `forum` WHERE `title` LIKE '%%%s%%' OR `content` LIKE '%%%s%%' OR `author` LIKE '%%%s%%' {$_block} {$_level} {$_mktime}", array(sc_xss_filter($_GET['q']), sc_xss_filter($_GET['q']), $_GET['author']));
echo sc_page_pagination('forumsearch.php', @$_GET['page'], implode('', $_all_post['row']), $center['forum']['limit'], '&q=' . sc_xss_filter($_GET['q']) . '&author=' . urlencode(sc_namefilter($_GET['author'])) . '&block=' . urlencode(abs($_GET['block'])) . '&level=' . urlencode(abs($_GET['level'])) . '&mktime[]=' . $GET_mktime['0'] . '&mktime[]=' . $GET_mktime['1']);
}
}
$view->render();
if ($_post['num_rows'] > 0) {
do {
$_list[] = $_post['row']['id'];
} while ($_post['row'] = $_post['query']->fetch_assoc());
$_del[] = sprintf("DELETE FROM `forum_reply` WHERE `post_id` IN (%s)", implode(",", $_list));
}
$_del[] = sprintf("DELETE FROM `forum_block` WHERE `id` =%d", abs($_GET['delblock']));
$_del[] = sprintf("DELETE FROM `forum` WHERE `block` = %d", abs($_GET['delblock']));
foreach ($_del as $val) {
$SQL->query($val);
}
header("Location: forum.php?del");
} elseif (isset($_GET['newblock']) && sc_namefilter($_POST['blockname']) != '') {
sc_add_forum_block(sc_namefilter($_POST['blockname']));
} elseif (isset($_GET['edit']) && abs($_GET['edit']) != '' && isset($_POST['blockname']) && isset($_POST['position'])) {
$SQL->query("UPDATE `forum_block` SET `blockname` = '%s',`position` = '%d' WHERE `id` = '%d'", array(sc_namefilter($_POST['blockname']), abs(intval($_POST['position'])), abs($_GET['edit'])));
$_GET['edit'] = false;
}
if (isset($_GET['fid'])) {
$_block = sc_get_result("SELECT * FROM `forum_block` WHERE `id`='%d'", array(abs(intval($_GET['fid']))));
if ($_block['num_rows'] < 1) {
header("Location: forum.php");
}
$limit_row = $center['forum']['limit'];
if (isset($_GET['page'])) {
$limit_start = abs(intval(($_GET['page'] - 1) * $limit_row));
$_forum = sc_get_result("SELECT * FROM `forum` WHERE `block`='%d' ORDER BY `mktime` DESC LIMIT %d,%d", array($_block['row']['id'], $limit_start, $limit_row));
} else {
$limit_start = 0;
$_forum = sc_get_result("SELECT * FROM `forum` WHERE `block`='%d' ORDER BY `mktime` DESC LIMIT %d,%d", array($_block['row']['id'], $limit_start, $limit_row));
}
get its source. For example, if your program is a web application, its
interface could display a "Source" link that leads users to an archive
of the code. There are many ways you could offer source, and different
solutions will be better for different programs; see section 13 for the
specific requirements.
You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU AGPL, see
<http://www.gnu.org/licenses/>.
*/
require_once 'Connections/SQL.php';
require_once 'config.php';
require_once 'include/view.php';
if (isset($_POST['username']) && isset($_POST['email']) && trim($_POST['username']) != '' && trim($_POST['email']) != '') {
$_username = sc_namefilter($_POST['username']);
$_member = sc_get_result("SELECT * FROM `member` WHERE `username` = '%s'", array($_username));
if ($_member['num_rows'] < 1 or $_POST['email'] != $_member['row']['email']) {
$_GET['nouser'] = true;
} else {
$_subject = "重設密碼 - {$center['site_name']}";
$_body = "{$_member['row']['username']} 您好\n\t\t\n 請點擊以下連結重設您的密碼 \n\t\t\n " . sc_get_headurl() . "getpassword.php?id={$_member['row']['id']}&auth=" . md5($_member['row']['rekey']) . "\n\t\t\n (若是您沒有申請重設密碼,請忽略此信件)";
$_header = "From: {$center['site_name']} <{$center['mail']}> \n";
$_header .= 'Content-type:text/plain; charset=UTF-8';
mb_internal_encoding('UTF-8');
$_subject = mb_encode_mimeheader($_subject, 'UTF-8');
if (mail($_member['row']['email'], $_subject, $_body, $_header)) {
$_step = 2;
}
}
} elseif (isset($_GET['auth']) && trim($_GET['auth']) != '' && isset($_GET['id']) && abs($_GET['id']) != '') {
function sc_add_forum_block($_blockname, $_position = 0)
{
global $SQL;
$SQL->query("INSERT INTO `forum_block` (`blockname`, `position`, `mktime`) VALUES ('%s', '%d', now())", array(sc_namefilter($_blockname), abs($_position)));
return 1;
}