$message = "";
if (!User::isLoggedIn()) {
$app->render("login.html");
die;
}
$info = User::getUserInfo();
if (!User::isModerator()) {
$app->redirect("/");
}
if ($_POST) {
$status = Util::getPost("status");
$reply = Util::getPost("reply");
$report = Util::getPost("report");
$delete = Util::getPost("delete");
$deleteapi = Util::getPost("deleteapi");
$manualpull = Util::getPost("manualpull");
if (isset($status)) {
Db::execute("UPDATE zz_tickets SET status = :status WHERE id = :id", array(":status" => $status, ":id" => $id));
if ($status == 0) {
$app->redirect("..");
}
}
if (isset($reply)) {
$name = $info["username"];
$moderator = $info["moderator"];
$check = Db::query("SELECT * FROM zz_tickets_replies WHERE reply = :reply AND userid = :userid", array(":reply" => $reply, ":userid" => $info["id"]), 0);
if (!$check) {
Db::execute("INSERT INTO zz_tickets_replies (userid, belongsTo, name, reply, moderator) VALUES (:userid, :belongsTo, :name, :reply, :moderator)", array(":userid" => $info["id"], ":belongsTo" => $id, ":name" => $name, ":reply" => $reply, ":moderator" => $moderator));
$tic = Db::query("SELECT name,email FROM zz_tickets WHERE id = :id", array(":id" => $id));
$ticname = $tic[0]["name"];
$ticmail = $tic[0]["email"];
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
$message = array();
$info = User::getUserInfo();
$ticket = Db::queryRow("SELECT * FROM zz_tickets WHERE id = :id", array(":id" => $id), 0);
if ($ticket == NULL or sizeof($ticket) == 0) {
$message = array("status" => "error", "message" => "Ticket does not exist.");
} elseif ($ticket["status"] == 0) {
$message = array("status" => "error", "message" => "Ticket has been closed, you cannot post, only view it");
} elseif ($ticket["userid"] != $info["id"] && $info["moderator"] == 0 && $info["admin"] == 0) {
$app->notFound();
}
if ($_POST) {
$reply = Util::getPost("reply");
if ($reply && $ticket["status"] != 0) {
$name = $info["username"];
$moderator = $info["moderator"];
$check = Db::query("SELECT * FROM zz_tickets_replies WHERE reply = :reply AND userid = :userid AND belongsTo = :id", array(":reply" => $reply, ":userid" => $info["id"], ":id" => $id), 0);
if (!$check) {
Db::execute("INSERT INTO zz_tickets_replies (userid, belongsTo, name, reply, moderator) VALUES (:userid, :belongsTo, :name, :reply, :moderator)", array(":userid" => $info["id"], ":belongsTo" => $id, ":name" => $name, ":reply" => $reply, ":moderator" => $moderator));
global $baseAddr;
if (!$moderator) {
Log::ircAdmin("|g|Ticket response from {$name}:|n| https://{$baseAddr}/moderator/tickets/{$id}/");
}
$app->redirect("/tickets/view/{$id}/");
}
} else {
$message = array("status" => "error", "message" => "No...");
}
$entities[] = $entity;
UserConfig::set("tracker_" . $entitymetadata['type'], $entities);
$error = "{$entitymetadata['name']} has been added to your tracking list";
} else {
$error = "{$entitymetadata['name']} is already being tracked";
}
}
$ddcombine = Util::getPost("ddcombine");
if (isset($ddcombine)) {
UserConfig::set("ddcombine", $ddcombine);
}
$ddmonthyear = Util::getPost("ddmonthYear");
if (isset($ddmonthyear)) {
UserConfig::set("ddmonthyear", $ddmonthyear);
}
$useSummaryAccordion = Util::getPost("useSummaryAccordion");
if (isset($useSummaryAccordion)) {
UserConfig::set("useSummaryAccordion", $useSummaryAccordion);
}
}
$data["entities"] = Account::getUserTrackerData();
$data["themes"] = Util::bootstrapThemes();
$data["viewthemes"] = Util::themesAvailable();
$data["apiKeys"] = Api::getKeys($userID);
$data["apiChars"] = Api::getCharacters($userID);
$charKeys = Api::getCharacterKeys($userID);
$charKeys = Info::addInfo($charKeys);
$data["apiCharKeys"] = $charKeys;
$data["userInfo"] = User::getUserInfo();
$data["currentTheme"] = UserConfig::get("theme", "default");
$data["timeago"] = UserConfig::get("timeago");
<?php
if ($_POST) {
$username = Util::getPost("username");
$password = Util::getPost("password");
$autologin = Util::getPost("autologin");
$requesturi = Util::getPost("requesturi");
if (!$username) {
$error = "No username given";
$app->render("login.html", array("error" => $error));
} elseif (!$password) {
$error = "No password given";
$app->render("login.html", array("error" => $error));
} elseif ($username && $password) {
$check = User::checkLogin($username, $password);
if ($check) {
User::setLogin($username, $password, $autologin);
$ignoreUris = array("/register/", "/login/", "/logout/");
if (isset($requesturi) && !in_array($requesturi, $ignoreUris)) {
$app->redirect($requesturi);
} else {
$app->redirect("/");
}
} else {
$error = "No such user exists, try again";
$app->render("login.html", array("error" => $error));
}
}
} else {
$app->render("login.html");
}
<?php
if (User::isLoggedIn()) {
$app->redirect('/', 302);
die;
}
$referer = @$_SERVER['HTTP_REFERER'];
if ($_POST) {
$username = Util::getPost('username');
$password = Util::getPost('password');
$autologin = Util::getPost('autologin');
$requesturi = Util::getPost('requesturi');
if (!$username) {
$error = 'No username given';
$app->render('login.html', array('error' => $error));
} elseif (!$password) {
$error = 'No password given';
$app->render('login.html', array('error' => $error));
} elseif ($username && $password) {
$check = User::checkLogin($username, $password);
if ($check) {
// Success
User::setLogin($username, $password, $autologin);
$ignoreUris = array('/register/', '/login/', '/logout/');
if (isset($requesturi) && !in_array($requesturi, $ignoreUris)) {
$app->redirect($requesturi);
} else {
$app->redirect('/');
}
} else {
$error = 'No such user exists, try again';
Horde::authenticationFailureRedirect();
}
$rpc_servers = @unserialize($prefs->getValue('remote_summaries'));
if (!is_array($rpc_servers)) {
$rpc_servers = array();
}
$actionID = Util::getFormData('actionID');
// Handle clients without javascript.
if (is_null($actionID)) {
if (Util::getPost('edit')) {
$actionID = RPC_EDIT;
} elseif (Util::getPost('save')) {
$actionID = RPC_SAVE;
} elseif (Util::getPost('delete')) {
$actionID = RPC_DELETE;
} elseif (Util::getPost('back')) {
_returnToPrefs();
}
}
/* Run through the action handlers */
switch ($actionID) {
case RPC_SAVE:
if (($to_edit = Util::getFormData('edit_server')) == null) {
$to_edit = count($rpc_servers);
$rpc_servers[] = array();
}
$rpc_servers[$to_edit]['url'] = Util::getFormData('url');
$rpc_servers[$to_edit]['user'] = Util::getFormData('user');
$rpc_servers[$to_edit]['passwd'] = Util::getFormData('passwd');
$prefs->setValue('remote_summaries', serialize($rpc_servers));
$prefs->store();
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
$message = array();
if ($_POST) {
$tags = Util::getPost("hidden-tags");
$ticket = Util::getPost("ticket");
$info = User::getUserInfo();
$name = $info["username"];
$email = $info["email"];
if (isset($name) && isset($email) && isset($tags) && isset($ticket)) {
$check = Db::query("SELECT * FROM zz_tickets WHERE ticket = :ticket AND email = :email", array(":ticket" => $ticket, ":email" => $email), 0);
if (!$check) {
Db::execute("INSERT INTO zz_tickets (userid, name, email, tags, ticket) VALUES (:userid, :name, :email, :tags, :ticket)", array(":userid" => User::getUserID(), ":name" => $name, ":email" => $email, ":tags" => $tags, ":ticket" => $ticket));
$id = Db::queryField("SELECT id FROM zz_tickets WHERE userid = :userid AND name = :name AND tags = :tags AND ticket = :ticket", "id", array(":userid" => User::getUserID(), ":name" => $name, ":tags" => $tags, ":ticket" => $ticket));
global $baseAddr;
Log::ircAdmin("|g|New ticket from {$name}:|n| https://{$baseAddr}/moderator/tickets/{$id}/");
$subject = "zKillboard Ticket";
$message = "{$name}, you can find your ticket here, we will reply to your ticket asap. https://{$baseAddr}/tickets/view/{$id}/";
Email::send($email, $subject, $message);
$app->redirect("/tickets/view/{$id}/");
} else {
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
if ($_POST) {
$email = Util::getPost("email");
if (isset($email)) {
$exists = Db::queryField("SELECT username FROM zz_users WHERE email = :email", "username", array(":email" => $email), 0);
if ($exists != NULL) {
$date = date("Y-m-d H:i:s", strtotime("+24 hours"));
$hash = sha1($date . $email);
$alreadySent = Db::queryField("SELECT change_hash FROM zz_users WHERE email = :email", "change_hash", array(":email" => $email), 0);
if ($alreadySent != NULL) {
$message = "A request to reset the password for this email, has already been sent";
$messagetype = "error";
$app->render("forgotpassword.html", array("message" => $message, "messagetype" => $messagetype));
} else {
global $baseAddr;
$username = Db::queryField("SELECT username FROM zz_users WHERE email = :email", "username", array(":email" => $email));
$subject = "It seems you might have forgotten your password, so here is a link, that'll allow you to reset it: {$baseAddr}/changepassword/{$hash}/ ps, your username is: {$username}";
$header = "Password change for {$email}";
$message = '';
if (!User::isLoggedIn()) {
$app->render('login.html');
die;
}
$info = User::getUserInfo();
if (!User::isModerator()) {
$app->redirect('/');
}
if ($_POST) {
$status = Util::getPost('status');
$reply = Util::getPost('reply');
$report = Util::getPost('report');
$delete = Util::getPost('delete');
$deleteapi = Util::getPost('deleteapi');
$manualpull = Util::getPost('manualpull');
if (isset($status)) {
Db::execute('UPDATE zz_tickets SET status = :status WHERE id = :id', array(':status' => $status, ':id' => $id));
if ($status == 0) {
$app->redirect('..');
}
}
if (isset($reply)) {
$name = $info['username'];
$moderator = $info['moderator'];
$check = Db::query('SELECT * FROM zz_tickets_replies WHERE reply = :reply AND userid = :userid', array(':reply' => $reply, ':userid' => $info['id']), 0);
if (!$check) {
Db::execute('INSERT INTO zz_tickets_replies (userid, belongsTo, name, reply, moderator) VALUES (:userid, :belongsTo, :name, :reply, :moderator)', array(':userid' => $info['id'], ':belongsTo' => $id, ':name' => $name, ':reply' => $reply, ':moderator' => $moderator));
$tic = Db::query('SELECT name,email FROM zz_tickets WHERE id = :id', array(':id' => $id));
$ticname = $tic[0]['name'];
$ticmail = $tic[0]['email'];
<?php
$message = array();
if ($_POST) {
$tags = Util::getPost('hidden-tags');
$ticket = Util::getPost('ticket');
$info = User::getUserInfo();
$name = $info['username'];
$email = $info['email'];
if (isset($name) && isset($email) && isset($tags) && isset($ticket)) {
$check = Db::query('SELECT * FROM zz_tickets WHERE ticket = :ticket AND email = :email', array(':ticket' => $ticket, ':email' => $email), 0);
if (!$check) {
Db::execute('INSERT INTO zz_tickets (userid, name, email, tags, ticket) VALUES (:userid, :name, :email, :tags, :ticket)', array(':userid' => User::getUserID(), ':name' => $name, ':email' => $email, ':tags' => $tags, ':ticket' => $ticket));
$id = Db::queryField('SELECT id FROM zz_tickets WHERE userid = :userid AND name = :name AND tags = :tags AND ticket = :ticket', 'id', array(':userid' => User::getUserID(), ':name' => $name, ':tags' => $tags, ':ticket' => $ticket));
global $baseAddr;
Log::irc("|g|New ticket from {$name}:|n| https://{$baseAddr}/moderator/tickets/{$id}/");
$subject = 'zKillboard Ticket';
$message = "{$name}, you can find your ticket here, we will reply to your ticket asap. https://{$baseAddr}/tickets/view/{$id}/";
Email::send($email, $subject, $message);
$app->redirect("/tickets/view/{$id}/");
} else {
$message = array('type' => 'error', 'message' => 'Ticket already posted');
}
} else {
$message = array('type' => 'error', 'message' => 'Ticket was not posted, there was an error');
}
}
$tickets = Db::query('SELECT * FROM zz_tickets WHERE userid = :userid ORDER BY datePosted DESC', array(':userid' => User::getUserID()), 0);
foreach ($tickets as $key => $val) {
if ($val['tags']) {
$tickets[$key]['tags'] = explode(',', $val['tags']);
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
$involved = array();
$message = "";
if ($pageview == "comments") {
$app->redirect("/detail/{$id}/#comment", 301);
}
$info = User::getUserInfo();
$name = $info["username"];
$userID = $info["id"];
$email = $info["email"];
if ($_POST) {
$report = Util::getPost("report");
if (isset($report)) {
if ($id < 0) {
$tags = "Reported Kill";
Db::execute("INSERT INTO zz_tickets (userid, name, email, tags, ticket, killID) VALUES (:userid, :name, :email, :tags, :ticket, :killid)", array(":userid" => $userID, ":name" => $name, ":email" => $email, ":tags" => $tags, ":ticket" => $report, ":killid" => $id));
global $baseAddr;
$reportID = Db::queryField("SELECT id FROM zz_tickets WHERE killID = :killID AND name = :name", "id", array(":killID" => $id, ":name" => $name));
Log::ircAdmin("Kill Reported by {$name}: https://{$baseAddr}/detail/{$id}/ - https://{$baseAddr}/moderator/reportedkills/{$reportID}/");
$app->redirect("/detail/{$id}/");
}
}
}
if ($id < 0) {
// See if this manual mail has an api verified version
$mKillID = -1 * $id;
$killID = Db::queryField("select killID from zz_manual_mails where mKillID = :mKillID", "killID", array(":mKillID" => $mKillID), 1);
<?php
$loggedIn = isset($_SESSION['loggedin']) ? $_SESSION['loggedin'] : false;
if (!empty($loggedIn)) {
$app->render('dlogin.html', array('close' => true));
}
if ($_POST) {
$username = Util::getPost('username');
$password = Util::getPost('password');
$autologin = Util::getPost('autologin');
if (!$username) {
$error = 'No username given';
$app->render('dlogin.html', array('error' => $error));
} elseif (!$password) {
$error = 'No password given';
$app->render('dlogin.html', array('error' => $error));
} elseif ($username && $password) {
$check = User::checkLogin($username, $password);
if ($check) {
// Success
$bool = User::setLogin($username, $password, $autologin);
$app->render('dlogin.html', array('close' => $bool));
} else {
$error = 'No such user exists, try again';
$app->render('dlogin.html', array('error' => $error));
}
}
} else {
$app->render('dlogin.html');
}
<?php
global $cookie_secret;
$randomString = sha1(time());
// Check if user is already merged, just to be safe
$exists = Db::queryField('SELECT merged FROM zz_users WHERE characterID = :characterID', 'merged', array(':characterID' => $characterID), 0);
if ($exists == 1) {
$error = 'Error: User already merged.';
$app->render('merge.html', array('error' => $error, 'characterID' => $characterID, 'randomString' => $randomString));
}
// Otherwise show the page..
if ($_POST) {
$username = Util::getPost('username');
$password = Util::getPost('password');
if (!$username) {
$error = 'No username given';
$app->render('merge.html', array('error' => $error, 'characterID' => $characterID, 'randomString' => $randomString));
} elseif (!$password) {
$error = 'No password given';
$app->render('merge.html', array('error' => $error, 'characterID' => $characterID, 'randomString' => $randomString));
} elseif ($username && $password) {
$check = User::checkLogin($username, $password);
if ($check) {
// Success
// Get userID for user that passes
$userID = Db::queryField('SELECT id FROM zz_users WHERE username = :username', 'id', array(':username' => $username));
// Update userID in zz_crest_users
Db::execute('UPDATE zz_users_crest SET userID = :userID WHERE characterID = :characterID', array(':userID' => $userID, ':characterID' => $characterID));
// Update the characterID on zz_users and set merged to 1
Db::execute('UPDATE zz_users SET merged = 1 WHERE id = :userID', array(':userID' => $userID));
Db::execute('UPDATE zz_users SET characterID = :characterID WHERE id = :userID', array(':userID' => $userID, ':characterID' => $characterID));
<?php
$password = Util::getPost('password');
$password2 = Util::getPost('password2');
if ($password && $password2) {
$message = '';
$messagetype = '';
$password = Util::getPost('password');
$password2 = Util::getPost('password2');
if (!$password || !$password2) {
$message = 'Password missing, try again..';
$messagetype = 'error';
} elseif ($password != $password2) {
$message = 'Password mismatch, try again..';
$messagetype = 'error';
} elseif ($password == $password2) {
$password = Password::genPassword($password);
Db::execute('UPDATE zz_users SET password = :password WHERE change_hash = :hash', array(':password' => $password, ':hash' => $hash));
Db::execute('UPDATE zz_users SET change_hash = NULL, change_expiration = NULL WHERE change_hash = :hash', array(':hash' => $hash));
$message = 'Password updated, click login, and login with your new password';
$messagetype = 'success';
}
$app->render('changepassword.html', array('message' => $message, 'messagetype' => $messagetype));
} else {
$date = date('Y-m-d H:i:s');
$allowed = Db::queryField('SELECT change_expiration FROM zz_users WHERE change_hash = :hash', 'change_expiration', array(':hash' => $hash));
if (isset($allowed) && $allowed > $date) {
$foruser = Db::queryField('SELECT email FROM zz_users WHERE change_hash = :hash', 'email', array(':hash' => $hash));
$app->render('changepassword.html', array('email' => $foruser, 'hash' => $hash));
} else {
$message = "Either your password change hash doesn't exist, or it has expired";
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
if ($_POST) {
$message = "";
$messagetype = "";
$password = Util::getPost("password");
$password2 = Util::getPost("password2");
if (!$password || !$password2) {
$message = "Password missing, try again..";
$messagetype = "error";
} elseif ($password != $password2) {
$message = "Password mismatch, try again..";
$messagetype = "error";
} elseif ($password == $password2) {
$password = Password::genPassword($password);
Db::execute("UPDATE zz_users SET password = :password WHERE change_hash = :hash", array(":password" => $password, ":hash" => $hash));
Db::execute("UPDATE zz_users SET change_hash = NULL, change_expiration = NULL WHERE change_hash = :hash", array(":hash" => $hash));
$message = "Password updated, click login, and login with your new password";
$messagetype = "success";
}
$app->render("changepassword.html", array("message" => $message, "messagetype" => $messagetype));
} else {
/**
* Gets a form variable from GET or POST data, stripped of magic quotes if
* necessary. If the variable is somehow set in both the GET data and the
* POST data, the value from the POST data will be returned and the GET
* value will be ignored.
*
* @param string $var The name of the form variable to look for.
* @param string $default The value to return if the variable is not
* there.
*
* @return string The cleaned form variable, or $default.
*/
function getFormData($var, $default = null)
{
return ($val = Util::getPost($var)) !== null ? $val : Util::getGet($var, $default);
}
<?php
global $mdb, $fullAddr;
$message = array();
$info = User::getUserInfo();
$ticket = $mdb->findDoc("tickets", ['_id' => new MongoId($id), 'parentID' => null]);
if ($ticket == null or sizeof($ticket) == 0) {
$message = array('status' => 'error', 'message' => 'Ticket does not exist.');
} elseif ($ticket['status'] == 0) {
$message = array('status' => 'error', 'message' => 'Ticket has been closed, you cannot post, only view it');
} elseif ($ticket['characterID'] != User::getUserID() && @$info['moderator'] != true) {
$app->notFound();
}
if ($_POST) {
$reply = Util::getPost('reply');
$status = Util::getPost('status');
if (@$info['moderator'] == true && $status !== null) {
$mdb->getCollection("tickets")->update(['_id' => new MongoID($id)], ['$set' => ['status' => $status]]);
if ($status == 0) {
$app->redirect('/tickets/');
} else {
$app->redirect('.');
}
exit;
}
if ($reply !== null && $ticket['status'] != 0) {
$charID = User::getUserId();
$name = $info['username'];
$moderator = @$info['moderator'] == true;
$mdb->insert("tickets", ['parentID' => $id, 'content' => $reply, 'characterID' => $charID, 'dttm' => time(), 'moderator' => $moderator]);
$mdb->getCollection("tickets")->update(['_id' => new MongoID($id)], ['$set' => ['dttmUpdate' => time()]]);
<?php
if ($_POST) {
$username = Util::getPost("username");
$password = Util::getPost("password");
$autologin = Util::getPost("autologin");
if (!$username) {
$error = "No username given";
$app->render("dlogin.html", array("error" => $error));
} elseif (!$password) {
$error = "No password given";
$app->render("dlogin.html", array("error" => $error));
} elseif ($username && $password) {
$check = User::checkLogin($username, $password);
if ($check) {
$bool = User::setLogin($username, $password, $autologin);
$app->render("dlogin.html", array("close" => $bool));
} else {
$error = "No such user exists, try again";
$app->render("dlogin.html", array("error" => $error));
}
}
} else {
$app->render("dlogin.html");
}
$notification->push(sprintf(_("Successfully removed '%s' from the system."), $f_user_name), 'horde.success');
}
}
break;
case 'update_f':
$f_user_name = Util::getFormData('user_name');
$update_form = true;
break;
case 'update':
$user_name_1 = Util::getPost('user_name');
$user_name_2 = Util::getPost('user_name2', $user_name_1);
$fullname = Util::getPost('user_fullname');
$email = Util::getPost('user_email');
if ($auth->hasCapability('update')) {
$user_pass_1 = Util::getPost('user_pass_1');
$user_pass_2 = Util::getPost('user_pass_2');
if (empty($user_name_1)) {
$notification->push(_("You must specify the username to update."), 'horde.error');
} elseif (empty($user_pass_1) || empty($user_pass_2)) {
// Don't update, but don't complain.
} elseif ($user_pass_1 != $user_pass_2) {
$notification->push(_("Passwords must match."), 'horde.error');
} else {
$result = $auth->updateUser($user_name_1, $user_name_2, array('password' => $user_pass_1));
}
}
if (isset($result) && is_a($result, 'PEAR_Error')) {
$notification->push(sprintf(_("There was a problem updating '%s': %s"), $user_name_1, $result->getMessage()), 'horde.error');
} else {
require_once HORDE_LIBS . 'Horde/Identity.php';
$identity =& Identity::singleton('none', $user_name_1);
$domainChar['alias'] = @$corpStatus['alias'];
$corps[] = $domainChar;
}
if (@$domainChar['isExecutorCEO']) {
$subdomain = modifyTicker($domainChar['alliTicker']) . ".{$baseAddr}";
if (isset($bannerUpdates[$subdomain])) {
$banner = $bannerUpdates[$subdomain];
Db::execute('insert into zz_subdomains (subdomain, banner) values (:subdomain, :banner) on duplicate key update banner = :banner', array(':subdomain' => $subdomain, ':banner' => $banner));
$error = "Banner updated for {$subdomain}, please wait 2 minutes for the change to take effect.";
}
$status = Db::queryRow('select adfreeUntil, banner from zz_subdomains where subdomain = :subdomain', array(':subdomain' => $subdomain), 0);
$domainChar['adfreeUntil'] = @$status['adfreeUntil'];
$domainChar['banner'] = @$status['banner'];
$allis[] = $domainChar;
}
$showDisqus = Util::getPost('showDisqus');
if ($showDisqus) {
UserConfig::set('showDisqus', $showDisqus == 'true');
$error = 'Disqus setting updated to ' . ($showDisqus ? ' display.' : ' not display.') . ' The next page load will reflect the change.';
}
}
$data['domainCorps'] = $corps;
$data['domainAllis'] = $allis;
$data['domainChars'] = $domainChars;
$data['showDisqus'] = UserConfig::get('showDisqus', true);
$app->render('account.html', array('data' => $data, 'message' => $error, 'key' => $key, 'reqid' => $reqid));
function modifyTicker($ticker)
{
$ticker = str_replace(' ', '_', $ticker);
$ticker = preg_replace('/^\\./', 'dot.', $ticker);
$ticker = preg_replace('/\\.$/', '.dot', $ticker);
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
$error = "";
if ($_POST) {
$keyid = Util::getPost("keyid");
$vcode = Util::getPost("vcode");
$killmail = Util::getPost("killmail");
$killmailurl = Util::getPost("killmailurl");
// Apikey stuff
if ($keyid || $vcode) {
$check = Api::checkAPI($keyid, $vcode);
if ($check == "success") {
Db::execute("insert ignore into zz_api (keyID, vCode) values (:keyID, :vCode)", array(":keyID" => $keyid, ":vCode" => $vcode));
$error = "Your API Key has been added.";
} else {
$error = $check;
}
}
if ($killmailurl) {
// Looks like http://public-crest.eveonline.com/killmails/30290604/787fb3714062f1700560d4a83ce32c67640b1797/
$exploded = explode("/", $killmailurl);
if (count($exploded) != 7) {
$error = "Invalid killmail link.";
* it is not a looping redirect. */
if (isset($registry->applications['logout']['initial_page']) && $registry->applications['logout']['initial_page'] != 'login.php?' . AUTH_REASON_PARAM . '=' . AUTH_REASON_LOGOUT) {
header('Location: ' . Horde::applicationUrl($registry->applications['logout']['initial_page']));
exit;
}
Horde::setupSessionHandler();
@session_start();
NLS::setLang($language);
/* Hook to preselect the correct language in the widget. */
$_GET['new_lang'] = $language;
}
if (isset($_POST['horde_user']) && isset($_POST['horde_pass'])) {
/* Destroy any existing session on login and make sure to use a
* new session ID, to avoid session fixation issues. */
Horde::getCleanSession();
if ($auth->authenticate(Util::getPost('horde_user'), array('password' => Util::getPost('horde_pass')))) {
$entry = sprintf('Login success for %s [%s] to Horde', Auth::getAuth(), $_SERVER['REMOTE_ADDR']);
Horde::logMessage($entry, __FILE__, __LINE__, PEAR_LOG_INFO);
if ($url_param) {
$url = Horde::url(Util::removeParameter($url_param, session_name()), true);
$horde_url = Horde::applicationUrl($registry->getParam('webroot', 'horde') . '/index.php', true);
$horde_url = Util::addParameter($horde_url, 'url', $url);
} else {
$horde_url = Horde::applicationUrl('index.php', true);
}
$horde_url = Util::addParameter($horde_url, 'frameset', Util::getFormData('frameset') ? 1 : 0);
header('Location: ' . $horde_url);
exit;
} else {
$entry = sprintf('FAILED LOGIN for %s [%s] to Horde', Util::getFormData('horde_user'), $_SERVER['REMOTE_ADDR']);
Horde::logMessage($entry, __FILE__, __LINE__, PEAR_LOG_ERR);
<?php
global $mdb;
$error = '';
if ($_POST) {
$keyid = Util::getPost('keyid');
$vcode = Util::getPost('vcode');
$killmail = Util::getPost('killmail');
$killmailurl = Util::getPost('killmailurl');
// Apikey stuff
if ($keyid || $vcode) {
$check = 'success';
if ($check == 'success') {
Api::addKey($keyid, $vcode);
$error = 'Your API Key has been added.';
} else {
$error = $check;
}
}
if ($killmailurl) {
$timer = new Timer();
// Looks like http://public-crest.eveonline.com/killmails/30290604/787fb3714062f1700560d4a83ce32c67640b1797/
$exploded = explode('/', $killmailurl);
if (count($exploded) != 7) {
$error = 'Invalid killmail link.';
} else {
if ((int) $exploded[4] <= 0) {
$error = 'Invalid killmail link';
} elseif (strlen($exploded[5]) != 40) {
$error = 'Invalid killmail link';
} else {
<?php
$message = array();
$info = User::getUserInfo();
$ticket = Db::queryRow('SELECT * FROM zz_tickets WHERE id = :id', array(':id' => $id), 0);
if ($ticket == null or sizeof($ticket) == 0) {
$message = array('status' => 'error', 'message' => 'Ticket does not exist.');
} elseif ($ticket['status'] == 0) {
$message = array('status' => 'error', 'message' => 'Ticket has been closed, you cannot post, only view it');
} elseif ($ticket['userid'] != User::getUserID() && @$info['moderator'] == 0 && @$info['admin'] == 0) {
$app->notFound();
}
if ($_POST) {
$reply = Util::getPost('reply');
if ($reply && $ticket['status'] != 0) {
$name = $info['username'];
$moderator = @$info['moderator'] == true;
$check = Db::query('SELECT * FROM zz_tickets_replies WHERE reply = :reply AND userid = :userid AND belongsTo = :id', array(':reply' => $reply, ':userid' => User::getUserID(), ':id' => User::getUserID()), 0);
if (!$check) {
Db::execute('INSERT INTO zz_tickets_replies (userid, belongsTo, name, reply, moderator) VALUES (:userid, :belongsTo, :name, :reply, :moderator)', array(':userid' => User::getUserID(), ':belongsTo' => $id, ':name' => $name, ':reply' => $reply, ':moderator' => $moderator));
global $baseAddr;
if (!$moderator) {
Log::irc("|g|Ticket response from {$name}|n|: https://{$baseAddr}/moderator/tickets/{$id}/");
}
$app->redirect("/tickets/view/{$id}/");
exit;
}
} else {
$message = array('status' => 'error', 'message' => 'No...');
}
}
<?php
if ($_POST) {
$username = Util::getPost('username');
$password = Util::getPost('password');
$password2 = Util::getPost('password2');
$email = Util::getPost('email');
if (isset($_POST['username'])) {
$username = $_POST['username'];
}
if (isset($_POST['password'])) {
$password = $_POST['password'];
}
if (isset($_POST['password2'])) {
$password2 = $_POST['password2'];
}
if (isset($_POST['email'])) {
$email = $_POST['email'];
}
if (!$password || !$password2) {
$error = 'Missing password, please retry';
$app->render('register.html', array('error' => $error));
} elseif (!$email) {
$error = 'Missing email, please retry';
$app->render('register.html', array('error' => $error));
} elseif ($password != $password2) {
$error = "Passwords don't match, please retry";
$app->render('register.html', array('error' => $error));
} elseif (!$username) {
$error = 'Missing username, please retry';
$app->render('register.html', array('error' => $error));
