function login_check()
{
global $smarty;
$email = @$_POST['email'];
$pass = @$_POST['loginpass'];
if (login_needcaptcha()) {
if (recaptcha_verify() !== true) {
login_error(_('The CAPTCHA you entered is incorrect'));
die;
}
}
$ret = user_verify($email, $pass);
if ($ret !== true) {
login_incfail();
login_error($ret);
die;
} else {
user_online($email);
login_resetfail();
$url = 'account.php';
header("Location: {$url}");
$smarty->assign('url', $url);
$smarty->display('templates/redirect.html');
}
}
function check_permissions()
{
if (user_online()) {
log_write("error", "You are already logged in, there is no need to revisit the login page.");
return 0;
} else {
return 1;
}
}
function check_permissions()
{
if (!user_online()) {
return 0;
}
if ($GLOBALS["config"]["AUTH_METHOD"] != "sql") {
log_write("error", "page", "User options can only be configured when using local user authentication");
return 0;
}
return 1;
}
function error_render_noperms()
{
// display a different message if the user isn't online
if (user_online()) {
$_SESSION["error"]["message"] = array("Sorry, your login permissions do not permit you to access this content.");
// end the page
$_SESSION["error"]["pagestate"] = 0;
} else {
error_render_nologin();
}
return 1;
}
function reg_save()
{
global $smarty;
$email = @$_POST['email'];
$pass = @$_POST['loginpass'];
$pass2 = @$_POST['loginpass2'];
if ($pass == '' || $email == '') {
reg_main(_('Please enter email and password'));
return false;
}
if (strpos($email, '@') == false || strpos($email, '.') == false) {
reg_main(_('Invalid email address'));
return false;
}
if ($pass != $pass2) {
reg_main(_('Password does not match'));
return false;
}
if (recaptcha_verify() !== true) {
reg_main(_('The CAPTCHA you enter is not correct'));
return false;
}
if (INVITECODE_ENABLED == 1 && reg_checkinvite(@$_POST['invitecode']) == false) {
reg_main(_('The invite code is invalid or have been used'));
return false;
}
$ret = user_add($email, $pass);
if ($ret !== true) {
reg_main("<p>{$ret}</p>" . _('<p>Register fail, please contact us for help if you need.</p>'));
return false;
}
$user = user_get($email);
if (INVITECODE_ENABLED == 1) {
invite_use($_POST['invitecode'], $user['id']);
}
user_online($email);
$smarty->assign('tip_title', _('Register successed'));
$smarty->assign('tip_msg', _('You have registerd successfully'));
$smarty->assign('redirect_url', 'account.php');
$smarty->display('tip.html');
}
############################################################################################
## Изменение заметки ##
############################################################################################
############################################################################################
## Изменение заметки ##
############################################################################################
case 'note':
if (isset($_GET['id'])) {
$id = abs(intval($_GET['id']));
} else {
$id = 0;
}
if ($id > 0) {
$data = DB::run()->queryFetch("SELECT * FROM contact WHERE contact_id=? AND contact_user=? LIMIT 1;", array($id, $log));
if (!empty($data)) {
echo '<img src="/images/img/edit.gif" alt="image" /> Заметка для пользователя <b>' . nickname($data['contact_name']) . '</b> ' . user_online($data['contact_name']) . ':<br /><br />';
echo '<div class="form">';
echo '<form method="post" action="contact.php?act=editnote&id=' . $id . '&start=' . $start . '&uid=' . $_SESSION['token'] . '">';
echo 'Заметка:<br />';
echo '<textarea cols="25" rows="5" name="msg">' . $data['contact_text'] . '</textarea><br />';
echo '<input value="Редактировать" name="do" type="submit" /></form></div><br />';
} else {
show_error('Ошибка редактирования заметки!');
}
} else {
show_error('Ошибка! Не выбран пользователь для добавления заметки!');
}
echo '<img src="/images/img/back.gif" alt="image" /> <a href="contact.php?start=' . $start . '">Вернуться</a><br />';
break;
############################################################################################
## Добавление заметки ##
(<?php
echo $data['topics_posts'];
?>
)
</div>
<div>
<?php
echo bb_code($data['posts_text']);
?>
<br />
Написал: <?php
echo nickname($data['posts_user']);
?>
<?php
echo user_online($data['posts_user']);
?>
<small>(<?php
echo date_fixed($data['posts_time']);
?>
)</small><br />
<?php
if (is_admin() || empty($config['anonymity'])) {
?>
<span class="data">(<?php
echo $data['posts_brow'];
?>
, <?php
echo $data['posts_ip'];
?>
<?php
}
?>
<b><?php
echo profile($data['commblog_author']);
?>
</b> <small>(<?php
echo date_fixed($data['commblog_time']);
?>
)</small><br />
<?php
echo user_title($data['commblog_author']);
?>
<?php
echo user_online($data['commblog_author']);
?>
</div>
<?php
if (!empty($log) && $log != $data['commblog_author']) {
?>
<div class="right">
<a href="blog.php?act=reply&id=<?php
echo $blogs['blogs_id'];
?>
&pid=<?php
echo $data['commblog_id'];
?>
&start=<?php
echo $start;
$start = 0;
}
if ($total < $start + $config['lifelist']) {
$end = $total;
} else {
$end = $start + $config['lifelist'];
}
for ($i = $start; $i < $end; $i++) {
$data = explode("|", $file[$i]);
echo '<div class="b">' . $data[1] . '. <img src="../images/img/chel.gif" alt="image" /> ';
if ($uz == $data[2]) {
echo '<b><big><a href="../pages/anketa.php?uz=' . $data[2] . '&' . SID . '"><span style="color:#ff0000">' . nickname($data[2]) . '</span></a></big></b> ';
} else {
echo '<b><a href="../pages/anketa.php?uz=' . $data[2] . '&' . SID . '">' . nickname($data[2]) . '</a></b> ';
}
echo user_online($data[2]) . '</div>';
echo '<div>Провел на сайте: ' . makestime($data[3]) . '</div>';
}
page_jumpnavigation('lifelist.php?', $config['userlist'], $start, $total);
page_strnavigation('lifelist.php?', $config['userlist'], $start, $total);
############################################################################################
## Поиск пользователя ##
############################################################################################
if (empty($uz)) {
echo '<hr /><b>Поиск пользователя:</b><br />';
echo '<form action="lifelist.php?start=' . $start . '&' . SID . '" method="post">';
echo '<input name="uz" value="' . $log . '" />';
echo '<input type="submit" value="Искать" /></form><hr />';
} else {
$string = search_string(DATADIR . "datatmp/lifelist.dat", $uz, 2);
if ($string) {
############################################################################################
## Просмотр по пользователям ##
############################################################################################
case 'view':
$uz = isset($_GET['uz']) ? check($_GET['uz']) : '';
if (user($uz)) {
$total = DB::run()->querySingle("SELECT COUNT(*) FROM `transfers` WHERE `trans_user`=?;", array($uz));
if ($total > 0) {
if ($start >= $total) {
$start = 0;
}
$queryhist = DB::run()->query("SELECT * FROM `transfers` WHERE `trans_user`=? ORDER BY `trans_time` DESC LIMIT " . $start . ", " . $config['listtransfers'] . ";", array($uz));
while ($data = $queryhist->fetch()) {
echo '<div class="b">';
echo '<div class="img">' . user_avatars($data['trans_user']) . '</div>';
echo '<b>' . profile($data['trans_user']) . '</b> ' . user_online($data['trans_user']) . ' ';
echo '<small>(' . date_fixed($data['trans_time']) . ')</small>';
echo '</div>';
echo '<div>';
echo 'Кому: ' . profile($data['trans_login']) . '<br />';
echo 'Сумма: ' . moneys($data['trans_summ']) . '<br />';
echo 'Комментарий: ' . $data['trans_text'] . '<br />';
echo '</div>';
}
page_strnavigation('transfers.php?act=view&uz=' . $uz . '&', $config['listtransfers'], $start, $total);
echo 'Всего операций: <b>' . $total . '</b><br /><br />';
} else {
show_error('Истории операций еще нет!');
}
} else {
show_error('Ошибка! Данный пользователь не найден!');
$file = array_reverse($file);
$total = count($file);
if ($total > 0) {
echo '<form action="kontakt.php?action=del&start=' . $start . '&uid=' . $_SESSION['token'] . '&' . SID . '" method="post">';
if ($start < 0 || $start > $total) {
$start = 0;
}
if ($total < $start + $config['kontaktlist']) {
$end = $total;
} else {
$end = $start + $config['kontaktlist'];
}
for ($i = $start; $i < $end; $i++) {
$data = explode("|", $file[$i]);
$num = $total - $i - 1;
echo '<div class="b">' . user_avatars($data[1]) . ' ' . ($i + 1) . '. <b><a href="anketa.php?uz=' . $data[1] . '&' . SID . '">' . nickname($data[1]) . '</a></b> ' . user_online($data[1]) . '</div>';
echo '<div>Дабавлен: ' . date_fixed($data[2]) . '<br />';
echo '<input type="checkbox" name="del[]" value="' . $num . '" /> ';
echo '<a href="privat.php?action=submit&uz=' . $data[1] . '&' . SID . '">Написать</a> | ';
echo '<a href="../games/perevod.php?uz=' . $data[1] . '&' . SID . '">Перевод</a></div>';
}
echo '<br /><input type="submit" value="Удалить выбранное" /></form>';
page_jumpnavigation('kontakt.php?', $config['kontaktlist'], $start, $total);
page_strnavigation('kontakt.php?', $config['kontaktlist'], $start, $total);
} else {
echo '<img src="../images/img/reload.gif" alt="image" /> <b>Контакт-лист пуст!</b><br />';
}
} else {
echo '<img src="../images/img/reload.gif" alt="image" /> <b>Контакт-лист пуст!</b><br />';
}
echo '<hr /><form method="post" action="kontakt.php?action=add&start=' . $start . '&uid=' . $_SESSION['token'] . '&' . SID . '">';
if ($start >= $total) {
$start = last_page($total, $config['postgallery']);
}
$is_admin = is_admin();
if ($is_admin) {
echo '<form action="index.php?act=delcomm&gid=' . $gid . '&start=' . $start . '&uid=' . $_SESSION['token'] . '" method="post">';
}
$querycomm = DB::run()->query("SELECT * FROM `commphoto` WHERE `commphoto_gid`=? ORDER BY `commphoto_time` ASC LIMIT " . $start . ", " . $config['postgallery'] . ";", array($gid));
while ($data = $querycomm->fetch()) {
echo '<div class="b">';
echo '<div class="img">' . user_avatars($data['commphoto_user']) . '</div>';
if ($is_admin) {
echo '<span class="imgright"><input type="checkbox" name="del[]" value="' . $data['commphoto_id'] . '" /></span>';
}
echo '<b>' . profile($data['commphoto_user']) . '</b> <small>(' . date_fixed($data['commphoto_time']) . ')</small><br />';
echo user_title($data['commphoto_user']) . ' ' . user_online($data['commphoto_user']) . '</div>';
if ($log == $data['commphoto_user'] && $data['commphoto_time'] + 600 > SITETIME) {
echo '<div class="right"><a href="index.php?act=editcomm&gid=' . $gid . '&cid=' . $data['commphoto_id'] . '&start=' . $start . '">Редактировать</a></div>';
}
echo '<div>' . bb_code($data['commphoto_text']) . '<br />';
if (is_admin() || empty($config['anonymity'])) {
echo '<span class="data">(' . $data['commphoto_brow'] . ', ' . $data['commphoto_ip'] . ')</span>';
}
echo '</div>';
}
if ($is_admin) {
echo '<span class="imgright"><input type="submit" value="Удалить выбранное" /></span></form>';
}
page_strnavigation('index.php?act=comments&gid=' . $gid . '&', $config['postgallery'], $start, $total);
}
if (empty($photo['photo_closed'])) {
## Просмотр по пользователям ##
############################################################################################
case 'view':
$uz = isset($_GET['uz']) ? check($_GET['uz']) : '';
if (user($uz)) {
$total = DB::run()->querySingle("SELECT COUNT(*) FROM `banhist` WHERE `ban_user`=?;", array($uz));
if ($total > 0) {
if ($start >= $total) {
$start = 0;
}
$queryhist = DB::run()->query("SELECT * FROM `banhist` WHERE `ban_user`=? ORDER BY `ban_time` DESC LIMIT " . $start . ", " . $config['listbanhist'] . ";", array($uz));
echo '<form action="banhist.php?act=del&start=' . $start . '&uid=' . $_SESSION['token'] . '" method="post">';
while ($data = $queryhist->fetch()) {
echo '<div class="b">';
echo '<div class="img">' . user_avatars($data['ban_user']) . '</div>';
echo '<b>' . profile($data['ban_user']) . '</b> ' . user_online($data['ban_user']) . ' ';
echo '<small>(' . date_fixed($data['ban_time']) . ')</small><br />';
echo '<input type="checkbox" name="del[]" value="' . $data['ban_id'] . '" /> ';
echo '<a href="zaban.php?act=editban&uz=' . $data['ban_user'] . '">Изменить</a></div>';
echo '<div>';
if (!empty($data['ban_type'])) {
echo 'Причина: ' . bb_code($data['ban_reason']) . '<br />';
echo 'Срок: ' . formattime($data['ban_term']) . '<br />';
}
switch ($data['ban_type']) {
case '1':
$stat = '<span style="color:#ff0000">Забанил</span>:';
break;
case '2':
$stat = '<span style="color:#ffa500">Изменил</span>:';
break;
}
if ($total < $start + $config['postgallery']) {
$end = $total;
} else {
$end = $start + $config['postgallery'];
}
for ($i = $start; $i < $end; $i++) {
$data = explode("|", $file[$i]);
$num = $total - $i - 1;
$data[0] = bb_code($data[0]);
echo '<div class="b"> ';
if ($is_admin) {
echo '<input type="checkbox" name="del[]" value="' . $num . '" /> ';
}
echo user_avatars($data[3]);
echo '<b><a href="../pages/anketa.php?uz=' . $data[3] . '&' . SID . '"> ' . nickname($data[3]) . ' </a></b> ' . user_title($data[3]) . user_online($data[3]);
echo '<small> (' . date_fixed($data[2]) . ')</small></div>';
echo '<div>' . $data[0] . '</div>';
}
if ($is_admin) {
echo '<br /><input type="submit" value="Удалить выбранное" /></form>';
}
page_jumpnavigation('index.php?action=komm&gid=' . $gid . '&', $config['postgallery'], $start, $total);
page_strnavigation('index.php?action=komm&gid=' . $gid . '&', $config['postgallery'], $start, $total);
} else {
show_error('Комментариев еще нет, будь первым!');
}
} else {
show_error('Комментариев еще нет, будь первым!');
}
} else {
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
**************************************************************************/
if (!defined('SCOUT_NUKE')) {
die("You have accessed this page illegally, please go use the main menu");
}
$username = $check['uname'];
$sql = $data->select_query("pms", "WHERE touser={$userid} AND type=3 ORDER BY date DESC");
$numpm = $data->num_rows($sql);
$inboxpm = array();
while ($temp = $data->fetch_array($sql)) {
$temp['touserid'] = $temp['touser'];
$temp['touser'] = get_username($temp['touser']);
$temp2 = $data->select_fetch_one_row("users", "WHERE id={$temp['fromuser']}", "uname");
$temp['fromuserid'] = $temp['fromuser'];
$temp['fromuser'] = get_username($temp['fromuser']);
$temp['subject'] = censor($temp['subject']);
$temp['userstatus'] = user_online($temp['fromuser']);
$inboxpm[] = $temp;
}
$location = "User Control Panel >> Saved Messages";
$tpl->assign("pm", $inboxpm);
$tpl->assign("numpm", $numpm);
$tpl->assign("onpage", "Savebox");
$pagenum = 1;
print "<a style=\"color: #ffffff\" href=\"index.php?page=user/logout.php\">logout</a>";
print "</b></p>";
}
?>
</td>
</tr>
</table>
</td>
</tr>
<?php
/*
Draw the main page menu
*/
if ($page_valid == 1 && user_online()) {
print "<tr><td>";
$obj_menu = new menu_main();
$obj_menu->page = $page;
if ($obj_menu->load_data()) {
$obj_menu->render_menu_standard();
}
print "</td></tr>";
}
/*
Load the page
*/
if ($page_valid == 1) {
// check permissions
if ($page_obj->check_permissions()) {
/*
# ICQ : 36-44-66 #
# Skype : vantuzilla #
#---------------------------------------------#
require_once '../includes/start.php';
require_once '../includes/functions.php';
require_once '../includes/header.php';
include_once '../themes/header.php';
if (is_admin(array(101, 102, 103))) {
show_title('Администрация сайта');
############################################################################################
## Вывод администрации ##
############################################################################################
$queryadmin = DB::run()->query("SELECT users_login, users_level FROM users WHERE users_level>=? AND users_level<=?;", array(101, 105));
$arradmin = $queryadmin->fetchAll();
$total = count($arradmin);
if ($total > 0) {
foreach ($arradmin as $value) {
echo '<img src="/images/img/user.gif" alt="image" /> <b>' . profile($value['users_login']) . '</b> (' . user_status($value['users_level']) . ') ' . user_online($value['users_login']) . '<br />';
if (is_admin(array(101))) {
echo '<img src="/images/img/edit.gif" alt="image" /> <a href="users.php?act=edit&uz=' . $value['users_login'] . '">Изменить</a><br />';
}
}
echo '<br />Всего в администрации: <b>' . $total . '</b><br /><br />';
} else {
show_error('Администрации еще нет!');
}
echo '<img src="/images/img/panel.gif" alt="image" /> <a href="index.php">В админку</a><br />';
} else {
redirect('/index.php');
}
include_once '../themes/footer.php';
echo '<a href="private.php?act=output">Отправленные</a> / ';
echo '<a href="private.php?act=trash">Корзина</a><hr />';
if ($uz != $log) {
$queryuser = DB::run()->querySingle("SELECT `users_id` FROM `users` WHERE `users_login`=? LIMIT 1;", array($uz));
if (!empty($queryuser)) {
$total = DB::run()->query("SELECT count(*) FROM `inbox` WHERE `inbox_user`=? AND `inbox_author`=? UNION ALL SELECT count(*) FROM `outbox` WHERE `outbox_user`=? AND `outbox_author`=?;", array($log, $uz, $uz, $log));
$total = array_sum($total->fetchAll(PDO::FETCH_COLUMN));
if ($total > 0) {
if ($start >= $total) {
$start = last_page($total, $config['privatpost']);
}
$queryhistory = DB::run()->query("SELECT * FROM `inbox` WHERE `inbox_user`=? AND `inbox_author`=? UNION ALL SELECT * FROM `outbox` WHERE `outbox_user`=? AND `outbox_author`=? ORDER BY `inbox_time` DESC LIMIT " . $start . ", " . $config['privatpost'] . ";", array($log, $uz, $uz, $log));
while ($data = $queryhistory->fetch()) {
echo '<div class="b">';
echo user_avatars($data['inbox_author']);
echo '<b>' . profile($data['inbox_author']) . '</b> ' . user_online($data['inbox_author']) . ' (' . date_fixed($data['inbox_time']) . ')</div>';
echo '<div>' . bb_code($data['inbox_text']) . '</div>';
}
page_strnavigation('private.php?act=history&uz=' . $uz . '&', $config['privatpost'], $start, $total);
if (!user_privacy($uz) || is_admin() || is_contact($uz, $log)) {
echo '<br /><div class="form">';
echo '<form action="private.php?act=send&uz=' . $uz . '&uid=' . $_SESSION['token'] . '" method="post">';
echo 'Сообщение:<br />';
echo '<textarea cols="25" rows="5" name="msg"></textarea><br />';
if ($udata['users_point'] < $config['privatprotect']) {
echo 'Проверочный код:<br /> ';
echo '<img src="/gallery/protect.php" alt="" /><br />';
echo '<input name="provkod" size="6" maxlength="6" /><br />';
}
echo '<input value="Быстрый ответ" type="submit" /></form></div><br />';
} else {
$admin_top[] = '|' . $dat_user[$k] . '|' . $dat_status[$k] . '|';
}
$text = implode("\r\n", $admin_top);
write_files(DATADIR . "datatmp/adminlist.dat", "{$text}\r\n", 1, 0666);
}
}
############################################################################################
## Вывод из кэша ##
############################################################################################
if (file_exists(DATADIR . "datatmp/adminlist.dat")) {
$userfile = file(DATADIR . "datatmp/adminlist.dat");
$total = count($userfile);
if ($total > 0) {
foreach ($userfile as $value) {
$userdata = explode("|", $value);
echo '<img src="../images/img/chel.gif" alt="image" /> <b><a href="../pages/anketa.php?uz=' . $userdata[1] . '&' . SID . '">' . nickname($userdata[1]) . '</a></b> (' . user_status($userdata[2]) . ') ' . user_online($userdata[1]) . '<br />';
}
echo '<br />Всего в администрации: <b>' . (int) $total . '</b><br />';
############################################################################################
## Быстрая почта ##
############################################################################################
if (is_user()) {
echo '<hr /><big><b>Быстрая почта</b></big><br /><br />';
echo '<form method="post" action="privat.php?action=send&uid=' . $_SESSION['token'] . '&' . SID . '">';
echo 'Выберите адресат:<br /><select name="uz">';
foreach ($userfile as $value) {
$userdata = explode("|", $value);
echo '<option value="' . $userdata[1] . '"> ' . nickname($userdata[1]) . ' </option>';
}
echo '</select><br />';
echo 'Сообщение:<br />';
############################################################################################
## Поиск пользователя ##
############################################################################################
case 'search':
$find = check(strtolower($_POST['find']));
if (utf_strlen($find) >= 3 && utf_strlen($find) <= 20) {
$querysearch = DB::run()->query("SELECT `users_login`, `users_point` FROM `users` WHERE lower(`users_login`) LIKE ? OR `users_nickname` LIKE ? ORDER BY `users_point` DESC LIMIT " . $config['usersearch'] . ";", array('%' . $find . '%', '%' . $find . '%'));
$result = $querysearch->fetchAll();
$total = count($result);
if ($total > 0) {
foreach ($result as $value) {
echo user_gender($value['users_login']);
if ($find == $value['users_login']) {
echo '<b><big>' . profile($value['users_login'], '#ff0000') . '</big></b> ' . user_online($value['users_login']) . ' (' . points($value['users_point']) . ')<br />';
} else {
echo '<b>' . profile($value['users_login']) . '</b> ' . user_online($value['users_login']) . ' (' . points($value['users_point']) . ')<br />';
}
}
echo '<br />Найдено совпадений: <b>' . $total . '</b><br /><br />';
} else {
show_error('По вашему запросу ничего не найдено');
}
} else {
show_error('Ошибка! Слишком короткий или длинный запрос, от 3 до 20 символов!');
}
echo '<img src="/images/img/back.gif" alt="image" /> <a href="searchuser.php">Вернуться</a><br />';
break;
default:
redirect("searchuser.php");
}
} else {
function check_permissions()
{
return user_online();
}
<?php
/*
Summary/Welcome page for NamedManager
*/
if (!user_online()) {
// Because this is the default page to be directed to, if the user is not
// logged in, they should go straight to the login page.
//
// All other pages will display an error and prompt the user to login.
//
include_once "user/login.php";
} else {
class page_output
{
function check_permissions()
{
// only allow namedadmins group members to have access
if (user_permissions_get("namedadmins")) {
return 1;
} else {
log_write("error", "page_output", "You do not have permissions to access this interface, request your administrator to assign you to the namedadmins group");
return 0;
}
}
function check_requirements()
{
// nothing todo
return 1;
}
function execute()
<?php
if ($strona_panel != "ok") {
exit;
}
$ilepw = db_query("SELECT * FROM " . $pre . "pw WHERE pw_do='" . $_SESSION['user_id'] . "' and pw_czyt='0' and pw_typ='1'");
$ilepwa = db_num_rows($ilepw);
$ilezp = db_query("SELECT * FROM " . $pre . "friend WHERE fo_do='" . $_SESSION['user_id'] . "' and fo_akt='0'");
$ilezpa = db_num_rows($ilezp);
$smarty->assign("newpw", $ilepwa);
$smarty->assign("newzp", $ilezpa);
$smarty->assign("online_user", user_online());
$smarty->assign("online_login_user", user_login_online());
$smarty->assign("user_ile_zar", get_user_ile(""));
$smarty->assign("user_ile_men", get_user_ile("2"));
$smarty->assign("user_ile_women", get_user_ile("1"));
$Queryd = 'SELECT * FROM ' . $pre . 'woj ORDER by w_nazwa ASC';
$resultd = db_query($Queryd) or die(db_error());
while ($rowd = db_fetch($resultd)) {
$p_wojs[] = $rowd['w_nazwa'];
$p_wojids[] = $rowd['w_id'];
}
$smarty->assign("pwojs", $p_wojs);
$smarty->assign("pwojids", $p_wojids);
$ou_id = array();
$ouab = 0;
$Querys = 'SELECT * FROM ' . $pre . 'friend f LEFT JOIN ' . $pre . 'useronline o ON f.fo_od=o.user_id or f.fo_do=o.user_id WHERE (f.fo_od="' . db_real_escape_string($_SESSION['user_id']) . '" or f.fo_do="' . db_real_escape_string($_SESSION['user_id']) . '") and f.fo_akt="1" LIMIT 15';
$results = db_query($Querys) or die(db_error());
while ($rows = db_fetch($results)) {
$zapytanie = 'SELECT * FROM ' . $pre . 'user WHERE user_akt="1" and (user_id="' . $rows[fo_do] . '" or user_id="' . $rows[fo_od] . '")';
if (!$strona) {
$search = "RLIKE '^[-0-9]'";
} else {
$search = "LIKE '{$q}%'";
}
$total = DB::run()->querySingle("SELECT count(*) FROM `users` WHERE LOWER(`users_login`) " . $search . ";");
if ($total > 0) {
if ($start >= $total) {
$start = 0;
}
$queryuser = DB::run()->query("SELECT `users_login`, `users_nickname`, `users_point` FROM `users` WHERE LOWER(`users_login`) " . $search . " ORDER BY `users_point` DESC LIMIT " . $start . ", " . $config['usersearch'] . ";");
while ($data = $queryuser->fetch()) {
echo user_gender($data['users_login']) . ' <b><a href="users.php?act=edit&uz=' . $data['users_login'] . '">' . $data['users_login'] . '</a></b> ';
if (!empty($data['users_nickname'])) {
echo '(Ник: ' . $data['users_nickname'] . ') ';
}
echo user_online($data['users_login']) . ' (' . points($data['users_point']) . ')<br />';
}
page_strnavigation('users.php?act=sort&q=' . $q . '&', $config['usersearch'], $start, $total);
echo 'Найдено совпадений: ' . $total . '<br /><br />';
} else {
show_error('Совпадений не найдено!');
}
} else {
show_error('Ошибка! Не выбраны критерии поиска пользователей!');
}
echo '<img src="/images/img/back.gif" alt="image" /> <a href="users.php">Вернуться</a><br />';
break;
############################################################################################
## Просмотр профиля ##
############################################################################################
############################################################################################
<?php
/*
user/options-process.php
Access: all users
Updates the user's account details and options
*/
// includes
include_once "../include/config.php";
include_once "../include/amberphplib/main.php";
if (user_online()) {
////// INPUT PROCESSING ////////////////////////
$id = $_SESSION["user"]["id"];
// general details
$data["username"] = @security_form_input_predefined("any", "username", 1, "");
$data["realname"] = @security_form_input_predefined("any", "realname", 1, "");
$data["contact_email"] = @security_form_input_predefined("any", "contact_email", 1, "");
// account options
$data["option_lang"] = @security_form_input_predefined("any", "option_lang", 1, "");
$data["option_dateformat"] = @security_form_input_predefined("any", "option_dateformat", 1, "");
$data["option_timezone"] = @security_form_input_predefined("any", "option_timezone", 1, "");
$data["option_shrink_tableoptions"] = @security_form_input_predefined("any", "option_shrink_tableoptions", 0, "");
$data["option_table_limit"] = @security_form_input_predefined("any", "option_table_limit", 0, "");
$data["option_default_employeeid"] = @security_form_input_predefined("any", "option_default_employeeid", 0, "");
$data["option_theme"] = @security_form_input_predefined("any", "option_theme", 0, "");
$data["option_debug"] = @security_form_input_predefined("any", "option_debug", 0, "");
$data["option_concurrent_logins"] = @security_form_input_predefined("any", "option_concurrent_logins", 0, "");
$data["option_translation"] = @security_form_input_predefined("any", "option_translation", 0, "");
///// ERROR CHECKING ///////////////////////
}
$is_admin = is_admin();
if ($is_admin) {
echo '<form action="wall.php?act=del&uz=' . $uz . '&start=' . $start . '&uid=' . $_SESSION['token'] . '" method="post">';
} elseif ($uz == $log) {
echo '<form action="wall.php?act=delete&uz=' . $uz . '&start=' . $start . '&uid=' . $_SESSION['token'] . '" method="post">';
}
$querywall = DB::run()->query("SELECT * FROM `wall` WHERE `wall_user`=? ORDER BY `wall_time` DESC LIMIT " . $start . ", " . $config['wallpost'] . ";", array($uz));
while ($data = $querywall->fetch()) {
echo '<div class="b">';
echo '<div class="img">' . user_avatars($data['wall_login']) . '</div>';
if ($is_admin || $uz == $log) {
echo '<span class="imgright"><input type="checkbox" name="del[]" value="' . $data['wall_id'] . '" /></span>';
}
echo '<b>' . profile($data['wall_login']) . '</b> <small>(' . date_fixed($data['wall_time']) . ')</small><br />';
echo user_title($data['wall_login']) . ' ' . user_online($data['wall_login']) . '</div>';
if ($uz == $log && $log != $data['wall_login']) {
echo '<div class="right">';
echo '<a href="private.php?act=submit&uz=' . $data['wall_login'] . '">Приват</a> / ';
echo '<a href="wall.php?uz=' . $data['wall_login'] . '">Стена</a> / ';
echo '<noindex><a href="wall.php?act=spam&id=' . $data['wall_id'] . '&start=' . $start . '&uid=' . $_SESSION['token'] . '" onclick="return confirm(\'Вы подтверждаете факт спама?\')" rel="nofollow">Спам</a></noindex></div>';
}
echo '<div>' . bb_code($data['wall_text']) . '</div>';
}
if ($is_admin || $uz == $log) {
echo '<span class="imgright"><input type="submit" value="Удалить выбранное" /></span></form>';
}
page_strnavigation('wall.php?uz=' . $uz . '&', $config['wallpost'], $start, $total);
} else {
show_error('Записок еще нет!');
}
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
**************************************************************************/
if (!defined('SCOUT_NUKE')) {
die("You have accessed this page illegally, please go use the main menu");
}
$username = $check['uname'];
$sql = $data->select_query("pms", "WHERE fromuser={$userid} AND type=2 ORDER BY date DESC");
$numpm = $data->num_rows($sql);
$inboxpm = array();
while ($temp = $data->fetch_array($sql)) {
$temp['fromuserid'] = $temp['fromuser'];
$temp['fromuser'] = get_username($temp['fromuser']);
$tousers = explode(',', strip_tags($temp['touser']));
$temp['touser'] = array();
$temp['touser']['number'] = count($tousers);
for ($i = 0; $i < count($tousers); $i++) {
$userid = trim($tousers[$i]);
$temp['touser']['users'][$i]['uname'] = get_username($userid);
$temp['touser']['users'][$i]['id'] = $userid;
$temp['touser']['users'][$i]['status'] = user_online($temp['touser']['users'][$i]['uname']);
}
$temp['subject'] = censor($temp['subject']);
$inboxpm[] = $temp;
}
$location = "User Control Panel >> Sent Messages";
$tpl->assign("pm", $inboxpm);
$tpl->assign("numpm", $numpm);
$tpl->assign("onpage", "Sentbox");
$pagenum = 1;
function load_data()
{
log_debug("menu_main", "Executing load_data()");
/*
Fetch an array of all the user permissions.
*/
log_debug("menu_main", "Fetching array of all the permissions the user has for displaying the menu");
$user_permissions = array();
if (user_online()) {
// it's probably the first time we're checking for permissions
// we should pre-load them all if needed
if (!isset($GLOBALS["cache"]["user"]["perms"])) {
$obj_user_auth = new user_auth();
$obj_user_auth->permissions_init();
}
// fetch ID of all permissions
$sql_obj = new sql_query();
$sql_obj->string = "SELECT id, value FROM permissions";
$sql_obj->execute();
$sql_obj->fetch_array();
// build array of all permissions IDs for the groups the user belongs to.
foreach (array_keys($GLOBALS["cache"]["user"]["perms"]) as $type) {
if ($GLOBALS["cache"]["user"]["perms"][$type] == 1) {
foreach ($sql_obj->data as $data_permids) {
if ($data_permids["value"] == $type) {
$user_permissions[] = $data_permids["id"];
}
}
}
}
// (legacy) For system without a public permissions group, add the ID of 0
$user_permissions[] = "0";
} else {
// user is not logged in - select public menu entries only
$sql_obj = new sql_query();
$sql_obj->string = "SELECT id FROM `permissions` WHERE value='public' LIMIT 1";
$sql_obj->execute();
if ($sql_obj->num_rows()) {
$sql_obj->fetch_array();
$user_permissions[] = $sql_obj->data[0]["id"];
} else {
// (legacy) For system without a public permissions group, add the ID of 0
$user_permissionsp[] = "0";
}
}
// unable to display a menu if there are no permissions
if (!$user_permissions) {
log_write("debug", "main_menu", "User has no permissions public or private so menu options can not be queried");
return 0;
}
/*
Fetch data for the entire menu from the database
We fetch all the data at once, then run though it following the parent value as we run though
all the items to determine what menu items need to be shown and in what order.
We know that the single loop will match all the menu items correctly, since the menu items are ordered
so we run though the order in the same direction. This saves us from having to do heaps of unnessacary loops. :-)
*/
log_debug("menu_main", "Loading menu from SQL database...");
$sql_menu_obj = new sql_query();
$sql_menu_obj->string = "SELECT link, topic, parent, config FROM menu WHERE permid IN (" . format_arraytocommastring($user_permissions) . ") ORDER BY priority DESC";
$sql_menu_obj->execute();
if (!$sql_menu_obj->num_rows()) {
log_debug("menu_main", "No menu entires exist for the current user that they have permission to access");
return 0;
}
// fetch menu entires
$sql_menu_obj->fetch_array();
// array to store the order of the menu items
$this->menu_order = array();
// keep track of the topic we are looking for
$target_topic = "";
/*
Apply config filtering
Some applications have the need to be able to enable/disable specific features
using boolean options in the config table - by setting the name of the value in
the config column on the menu entries, a check will be made, and if the menu entry
config option is unset, the menu options will not be displayed.
This is typically used for hiding disabled features where for whatever reason, the
feature can not be disabled using permissions groups.
*/
for ($i = 0; $i < $sql_menu_obj->data_num_rows; $i++) {
// check feature option (if set)
if (!empty($sql_menu_obj->data[$i]["config"])) {
@(list($config_name, $config_value) = explode('=', $sql_menu_obj->data[$i]["config"], 2));
if (!$GLOBALS["config"][$config_name]) {
// config is disabled for this feature
unset($sql_menu_obj->data[$i]);
} else {
if ($config_value) {
// do value matching
if ($GLOBALS["config"][$config_name] != $config_value) {
// non match, failed
unset($sql_menu_obj->data[$i]);
}
}
// default is that menu item is enabled since config option exists
}
}
}
/*
If the remember option is enabled, check if the page provided exists, if not
then we will select the last known good page (from session variables).
If it does exist, we set the session variable to the new page.
*/
if ($this->option_remember) {
// check page
foreach ($sql_menu_obj->data as $data) {
if ($data["link"] == $this->page) {
$_SESSION["amberphplib"]["menu"]["page"] = $this->page;
}
}
// set page
$this->page = $_SESSION["amberphplib"]["menu"]["page"];
}
// loop though the menu items
foreach ($sql_menu_obj->data as $data) {
// add each item to menu array
if ($target_topic != "top") {
if (!$target_topic) {
// use the page link to find the first target
if ($data["link"] == $this->page) {
$target_topic = $data["parent"];
$this->menu_order[] = $data["parent"];
}
} else {
// check the topic type
if ($data["topic"] == $target_topic) {
$target_topic = $data["parent"];
$this->menu_order[] = $data["parent"];
}
}
}
}
// now we reverse the order array, so we can
// render the menus in the correct order
if ($this->menu_order) {
$this->menu_order = array_reverse($this->menu_order);
} else {
// if we have no sub-menu information, just set
// to display the top menu only
$this->menu_order = array("top");
}
// sort the menu data in the opposite direction for correct rendering
$this->menu_structure = array_reverse($sql_menu_obj->data);
// return success
return 1;
}
$file = array_reverse($file);
$total = count($file);
if ($total > 0) {
echo '<form action="chat.php?action=del&start=' . $start . '&uid=' . $_SESSION['token'] . '&' . SID . '" method="post">';
if ($start < 0 || $start > $total) {
$start = 0;
}
if ($total < $start + $config['chatpost']) {
$end = $total;
} else {
$end = $start + $config['chatpost'];
}
for ($i = $start; $i < $end; $i++) {
$data = explode("|", $file[$i]);
$num = $total - $i - 1;
$useronline = user_online($data[1]);
$useravatars = user_avatars($data[1]);
if ($data[1] == 'Вундер-киндер') {
$useravatars = '<img src="../images/img/mag.gif" alt="image" /> ';
$useronline = '<span style="color:#00ff00">[On]</span>';
}
if ($data[1] == 'Настюха') {
$useravatars = '<img src="../images/img/bot.gif" alt="image" /> ';
$useronline = '<span style="color:#00ff00">[On]</span>';
}
if ($data[1] == 'Весальчак') {
$useravatars = '<img src="../images/img/shut.gif" alt="image" /> ';
$useronline = '<span style="color:#00ff00">[On]</span>';
}
echo '<div class="b">';
echo $useravatars;
function user_information($field)
{
log_debug("inc_user", "Executing user_information({$field})");
if (isset($GLOBALS["cache"]["user"]["info"][$field])) {
return $GLOBALS["cache"]["user"]["info"][$field];
} else {
// verify user is logged in
if (user_online()) {
// fetch the value
$value = sql_get_singlevalue("SELECT {$field} as value FROM `users` WHERE username='******' LIMIT 1");
// cache the value
$GLOBALS["cache"]["user"]["info"][$field] = $value;
// return the value
return $value;
}
}
return 0;
}
