コード例 #1
1
ファイル: read.html.php プロジェクト: RoxasShadow/nerdz.eu
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Pms;
use NERDZ\Core\User;
ob_start(array('NERDZ\\Core\\Utils', 'minifyHTML'));
$pms = new Pms();
$user = new User();
if (!$user->isLogged()) {
    die($user->lang('REGISTER'));
}
switch (isset($_GET['action']) ? trim(strtolower($_GET['action'])) : '') {
    case 'conversation':
        $from = isset($_POST['from']) && is_numeric($_POST['from']) ? $_POST['from'] : false;
        $to = isset($_POST['to']) && is_numeric($_POST['to']) ? $_POST['to'] : false;
        if (!$from || !$to || !in_array($_SESSION['id'], array($from, $to))) {
            die($user->lang('ERROR'));
        }
        $conv = null;
        if (isset($_POST['start']) && isset($_POST['num']) && is_numeric($_POST['start']) && is_numeric($_POST['num'])) {
            $conv = $pms->readConversation($from, $to, false, $_POST['num'], $_POST['start']);
        } else {
            if (isset($_POST['pmid']) && is_numeric($_POST['pmid'])) {
                $conv = $pms->readConversation($from, $to, $_POST['pmid']);
            } else {
                $conv = $pms->readConversation($from, $to);
            }
        }
        $doShowForm = !isset($_POST['pmid']) && (!isset($_POST['start']) || $_POST['start'] == 0) && !isset($_POST['forceNoForm']);
        if (!$doShowForm && empty($conv)) {
コード例 #2
0
ファイル: pms.class.php プロジェクト: RoxasShadow/nerdz.eu
 public function read($fromid, $toid, $time, $pmid)
 {
     $ret = [];
     if (!is_numeric($fromid) || !is_numeric($toid) || !is_numeric($pmid) || !in_array($_SESSION['id'], array($fromid, $toid)) || !($res = Db::query(array('SELECT "message","to_read" FROM "pms" WHERE "from" = :from AND "to" = :to AND "pmid" = :pmid', array(':from' => $fromid, ':to' => $toid, ':pmid' => $pmid)), Db::FETCH_STMT))) {
         return false;
     }
     if ($o = $res->fetch(PDO::FETCH_OBJ)) {
         $from = User::getUsername($fromid);
         $ret['from4link_n'] = \NERDZ\Core\Utils::userLink($from);
         $ret['from_n'] = $from;
         $ret['datetime_n'] = $this->user->getDateTime($time);
         $ret['fromid_n'] = $fromid;
         $ret['toid_n'] = $toid;
         $ret['message_n'] = parent::bbcode($o->message);
         $ret['read_b'] = $o->to_read;
         $ret['pmid_n'] = $pmid;
         $ret['timestamp_n'] = $time;
     }
     return $ret;
 }
コード例 #3
0
ファイル: delete.json.php プロジェクト: RoxasShadow/nerdz.eu
<?php

require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Pms;
use NERDZ\Core\User;
ob_start('ob_gzhandler');
$user = new User();
if (!$user->isLogged()) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('REGISTER')));
}
if (!NERDZ\Core\Security::refererControl()) {
    die(NERDZ\Core\Utils::jsonResponse('error', 'No spam or spam-bot here'));
}
$pms = new Pms();
if (empty($_POST['from']) || !is_numeric($_POST['from']) || empty($_POST['to']) || !is_numeric($_POST['to'])) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('SOMETHING_MISS')));
}
if ($pms->deleteConversation($_POST['from'], $_POST['to'])) {
    die(NERDZ\Core\Utils::jsonResponse('ok', 'OK'));
}
die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR')));
コード例 #4
0
<?php

if (!isset($id)) {
    die('$id required');
}
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Project;
use NERDZ\Core\User;
use NERDZ\Core\Db;
$prj = isset($prj);
$entity = $prj ? new Project() : new User();
$limit = isset($_GET['lim']) ? NERDZ\Core\Security::limitControl($_GET['lim'], 20) : 20;
$users = $entity->getFollowers($id, $limit);
$total = $entity->getFollowersCount($id);
$type = 'followers';
$user = new User();
$dateExtractor = function ($friendId) use($id, $user, $prj) {
    $profileId = $id;
    $since = Db::query(['SELECT EXTRACT(EPOCH FROM time) AS time
            FROM "' . ($prj ? 'groups_' : '') . 'followers"
            WHERE "to" = :id AND "from" = :fid', [':id' => $profileId, ':fid' => $friendId]], Db::FETCH_OBJ);
    if (!$since) {
        $since = new StdClass();
        $since->time = 0;
    }
    return $user->getDateTime($since->time);
};
return require $_SERVER['DOCUMENT_ROOT'] . '/pages/common/userslist.html.php';
コード例 #5
0
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Db;
use NERDZ\Core\User;
$user = new User();
if (!NERDZ\Core\Security::refererControl()) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': referer'));
}
$hpid = isset($_POST['hpid']) && is_numeric($_POST['hpid']) ? $_POST['hpid'] : false;
if (!$hpid) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR')));
}
$prj = isset($prj);
switch (isset($_GET['action']) ? strtolower(trim($_GET['action'])) : '') {
    case 'add':
        die(NERDZ\Core\Utils::jsonDbResponse($user->bookmark($hpid, $prj)));
    case 'del':
        die(NERDZ\Core\Utils::jsonDbResponse($user->unbookmark($hpid, $prj)));
    default:
        die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR')));
}
コード例 #6
0
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Project;
use NERDZ\Core\User;
use NERDZ\Core\Utils;
$user = new User();
$project = new Project();
ob_start(array('NERDZ\\Core\\Utils', 'minifyHTML'));
$id = isset($_POST['id']) && is_numeric($_POST['id']) ? $_POST['id'] : false;
if (!$user->isLogged() || !$id || !($info = $project->getObject($id)) || $project->getOwner($id) != $_SESSION['id']) {
    die($user->lang('ERROR'));
}
$vals = [];
function sortbyusername($a, $b)
{
    return strtolower($a) < strtolower($b) ? -1 : 1;
}
$vals['photo_n'] = $info->photo;
$vals['website_n'] = $info->website;
$vals['name_n'] = $info->name;
$mem = $project->getMembers($info->counter);
$vals['members_n'] = count($mem);
$vals['members_a'] = [];
foreach ($mem as &$uid) {
    $uid = User::getUsername($uid);
}
$vals['members_a'] = $mem;
usort($vals['members_a'], 'sortbyusername');
$vals['tok_n'] = NERDZ\Core\Security::getCsrfToken('edit');
コード例 #7
0
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\User;
use NERDZ\Core\Db;
$user = new User();
if (!NERDZ\Core\Security::refererControl()) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': referer'));
}
if (!NERDZ\Core\Security::csrfControl(isset($_POST['tok']) ? $_POST['tok'] : 0, 'edit')) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': token'));
}
if (!$user->isLogged()) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('REGISTER')));
}
$id = $_SESSION['id'];
if (!($obj = Db::query(array('SELECT "private" FROM "users" WHERE "counter" = ?', array($id)), Db::FETCH_OBJ))) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR')));
}
switch (isset($_GET['action']) ? strtolower($_GET['action']) : '') {
    case 'public':
        if ($obj->private == 1) {
            if (Db::NO_ERRNO != Db::query(array('UPDATE "users" SET "private" = FALSE WHERE "counter" = ?', array($id)), Db::FETCH_ERRNO)) {
                die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR')));
            }
        }
        break;
    case 'private':
        if (!$obj->private) {
            if (Db::NO_ERRNO != Db::query(array('UPDATE "users" SET "private" = TRUE WHERE "counter" = ?', array($id)), Db::FETCH_ERRNO)) {
コード例 #8
0
 private static function getURLFromCid($hcid, $project = false)
 {
     $prefix = $project ? 'groups_' : '';
     if (!($o = Db::query(['SELECT p.to, p.pid FROM "' . $prefix . 'posts" p INNER JOIN "' . $prefix . 'comments" c ON c."hcid" = :hcid AND c.hpid = p.hpid', [':hcid' => $hcid]], Db::FETCH_OBJ))) {
         return System::getCurrentHostAddress();
     }
     return System::getCurrentHostAddress() . ($project ? Utils::projectLink(Project::getName($o->to)) : Utils::userLink(User::getUsername($o->to))) . $o->pid . '#c' . $hcid;
 }
コード例 #9
0
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\User;
use NERDZ\Core\Db;
$user = new User();
if (!$user->isLogged() || empty($_POST['id']) || !is_numeric($_POST['id'])) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('LOGIN')));
}
switch (isset($_GET['action']) ? strtolower($_GET['action']) : '') {
    case 'del':
        if (Db::NO_ERRNO != Db::query(['DELETE FROM "blacklist" WHERE "from" = :me AND "to" = :to', [':me' => $_SESSION['id'], ':to' => $_POST['id']]], Db::FETCH_ERRNO)) {
            die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR')));
        }
        break;
    case 'add':
        $motivation = empty($_POST['motivation']) ? '' : htmlspecialchars(trim($_POST['motivation']), ENT_QUOTES, 'UTF-8');
        if (!$user->hasInBlacklist($_POST['id'])) {
            if (Db::NO_ERRNO != Db::query(['INSERT INTO "blacklist"("from","to","motivation") VALUES (:me,:to,:motivation)', [':me' => $_SESSION['id'], ':to' => $_POST['id'], ':motivation' => $motivation]], Db::FETCH_ERRNO)) {
                die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR')));
            }
        } else {
            die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . '1'));
        }
        break;
    default:
        die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . '2'));
        break;
}
die(NERDZ\Core\Utils::jsonResponse('ok', 'OK'));
コード例 #10
0
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Db;
use NERDZ\Core\User;
use NERDZ\Core\Captcha;
$user = new User();
$cptcka = new Captcha();
$captcha = isset($_POST['captcha']) ? $_POST['captcha'] : false;
if (!$captcha) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('MISSING') . ': ' . $user->lang('CAPTCHA')));
}
if (!$cptcka->check($captcha)) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('WRONG_CAPTCHA')));
}
if ($user->isLogged()) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ALREADY_LOGGED')));
}
require_once $_SERVER['DOCUMENT_ROOT'] . '/pages/common/validateuser.php';
$ret = Db::query(['INSERT INTO users ("username","password","name","surname","email","gender","birth_date","lang","board_lang","timezone","remote_addr", "http_user_agent")
        VALUES (:username, crypt(:password, gen_salt(\'bf\', 7)) , :name, :surname, :email, :gender, :date, :lang, :lang, :timezone, :remote_addr, :http_user_agent)', [':username' => $userData['username'], ':password' => $userData['password'], ':name' => $userData['name'], ':surname' => $userData['surname'], ':email' => $userData['email'], ':gender' => $userData['gender'], ':timezone' => $userData['timezone'], ':date' => $birth['date'], ':lang' => $user->getLanguage(), ':remote_addr' => $_SERVER['REMOTE_ADDR'], ':http_user_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? htmlspecialchars($_SERVER['HTTP_USER_AGENT'], ENT_QUOTES, 'UTF-8') : '']], Db::FETCH_ERRSTR);
if ($ret != Db::NO_ERRSTR) {
    die(NERDZ\Core\Utils::jsonDbResponse($ret));
}
if (!$user->login($userData['username'], $userData['password'], $setCookie = true)) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': Login'));
}
die(NERDZ\Core\Utils::jsonResponse('ok', $user->lang('LOGIN_OK')));
コード例 #11
0
ファイル: profile.php プロジェクト: RoxasShadow/nerdz.eu
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Messages;
use NERDZ\Core\Db;
use NERDZ\Core\User;
use NERDZ\Core\Config;
$messages = new Messages();
$user = new User();
$tplcfg = $user->getTemplateCfg();
$id = isset($_GET['id']) && is_numeric($_GET['id']) ? $_GET['id'] : false;
// intval below
$pid = isset($_GET['pid']) && is_numeric($_GET['pid']) ? intval($_GET['pid']) : false;
$action = NERDZ\Core\Utils::actionValidator(!empty($_GET['action']) && is_string($_GET['action']) ? $_GET['action'] : false);
$found = true;
if ($id) {
    $id = intval($id);
    //intval here, so we can display the user not found message
    if (false === ($info = $user->getObject($id))) {
        $username = $user->lang('USER_NOT_FOUND');
        $found = false;
        $post = new stdClass();
        $post->message = '';
    } else {
        $username = $info->username;
        if ($pid && !$user->hasInBlacklist($id)) {
            if (!$user->isLogged() && $info->private || !($post = Db::query(['SELECT "message" FROM "posts" WHERE "pid" = :pid AND "to" = :id', [':pid' => $pid, ':id' => $id]], Db::FETCH_OBJ))) {
                $post = new stdClass();
                $post->message = '';
            }
コード例 #12
0
<?php

require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Db;
use NERDZ\Core\Config;
use NERDZ\Core\Utils;
use NERDZ\Core\Project;
use NERDZ\Core\User;
use NERDZ\Core\Messages;
$user = new User();
$project = new Project();
if (!$user->isLogged()) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('REGISTER')));
}
foreach ($_POST as &$val) {
    $val = trim($val);
}
if (empty($_POST['description']) || !is_string($_POST['description'])) {
    //always required
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('MUST_COMPLETE_FORM') . "\n\n" . $user->lang('MISSING') . ":\n" . $user->lang('DESCRIPTION')));
}
$projectData = [];
$projectData['description'] = $_POST['description'];
$projectData['owner'] = $_SESSION['id'];
//required for creation
if (isset($create)) {
    if (empty($_POST['name']) || !is_string($_POST['name'])) {
        die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('MUST_COMPLETE_FORM') . "\n\n" . $user->lang('MISSING') . ":\n" . $user->lang('NAME')));
    }
    $projectData['name'] = $_POST['name'];
    if ($project->getId($projectData['name']) !== 0) {
コード例 #13
0
ファイル: profile.html.php プロジェクト: RoxasShadow/nerdz.eu
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Db;
use NERDZ\Core\User;
$user = new User();
ob_start(array('NERDZ\\Core\\Utils', 'minifyHTML'));
if (!$user->isLogged()) {
    die($user->lang('REGISTER'));
}
if (!($obj = Db::query(array('SELECT * FROM "profiles" WHERE "counter" = ?', array($_SESSION['id'])), Db::FETCH_OBJ))) {
    die($user->lang('ERROR'));
}
$vals = [];
$vals['interests_a'] = explode("\n", $obj->interests);
foreach ($vals['interests_a'] as &$val) {
    $val = trim($val);
}
$vals['biography_n'] = $obj->biography;
$vals['quotes_a'] = explode("\n", $obj->quotes);
foreach ($vals['quotes_a'] as &$val) {
    $val = trim($val);
}
$vals['website_n'] = $obj->website;
$vals['jabber_n'] = $obj->jabber;
$vals['yahoo_n'] = $obj->yahoo;
$vals['facebook_n'] = $obj->facebook;
$vals['twitter_n'] = $obj->twitter;
$vals['steam_n'] = $obj->steam;
$vals['skype_n'] = $obj->skype;
コード例 #14
0
ファイル: thumbs.json.php プロジェクト: RoxasShadow/nerdz.eu
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Db;
use NERDZ\Core\User;
$user = new User();
if (isset($_POST['comment'])) {
    $message = new NERDZ\Core\Comments();
    if (!isset($_POST['hcid']) || !is_numeric($_POST['hcid'])) {
        die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': no hcid'));
    }
    $id = $_POST['hcid'];
} else {
    $message = new NERDZ\Core\Messages();
    if (!isset($_POST['hpid']) || !is_numeric($_POST['hpid'])) {
        die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': no hpid'));
    }
    $id = $_POST['hpid'];
}
if (!$user->isLogged()) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('REGISTER')));
}
if (isset($_POST['thumb']) && is_numeric($_POST['thumb'])) {
    $thumb = (int) $_POST['thumb'];
    $dbResponse = $message->setThumbs($id, $thumb, isset($prj));
    if ($dbResponse != Db::NO_ERRSTR) {
        die(NERDZ\Core\Utils::jsonDbResponse($dbResponse));
    }
} else {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': 3'));
コード例 #15
0
ファイル: validateuser.php プロジェクト: RoxasShadow/nerdz.eu
<?php

require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Db;
use NERDZ\Core\Config;
use NERDZ\Core\User;
use NERDZ\Core\Messages;
use NERDZ\Core\Security;
$user = new User();
$l = "\t\n\r\v ����� ­";
$userData = [];
$userData['name'] = isset($_POST['name']) ? trim($_POST['name'], $l) : false;
$userData['surname'] = isset($_POST['surname']) ? trim($_POST['surname'], $l) : false;
$userData['email'] = isset($_POST['email']) ? trim($_POST['email'], $l) : false;
$userData['timezone'] = isset($_POST['timezone']) ? trim($_POST['timezone'], $l) : false;
if ($user->isLogged()) {
    $updatedPassword = false;
    if (empty($_POST['password'])) {
        if (!($obj = Db::query(['SELECT "password" FROM "users" WHERE counter = :id', [':id' => $_SESSION['id']]], Db::FETCH_OBJ))) {
            die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR')));
        }
        $userData['password'] = $obj->password;
        //saved hashed password
    } else {
        $userData['password'] = $_POST['password'];
        $updatedPassword = true;
    }
} else {
    $userData['password'] = isset($_POST['password']) ? $_POST['password'] : false;
    $userData['username'] = isset($_POST['username']) ? trim($_POST['username'], $l) : false;
}
コード例 #16
0
 public function getPost($dbPost, $options = [])
 {
     extract($options);
     $project = !empty($project);
     $truncate = !empty($truncate);
     if (is_object($dbPost)) {
         $dbPost = (array) $dbPost;
     } else {
         if (is_numeric($dbPost)) {
             $table = ($project ? 'groups_' : '') . 'posts';
             if (!($o = Db::query(['SELECT p.*, EXTRACT(EPOCH FROM p."time") AS time FROM "' . $table . '" p WHERE p."hpid" = :hpid', [':hpid' => $dbPost]], Db::FETCH_OBJ))) {
                 return new \StdClass();
             }
             $dbPost = (array) $o;
         }
     }
     $logged = $this->user->isLogged();
     if (!($from = User::getUsername($dbPost['from']))) {
         $from = '';
     }
     $toFunc = $project ? [__NAMESPACE__ . '\\Project', 'getName'] : [__NAMESPACE__ . '\\User', 'getUsername'];
     $toFuncLink = [__NAMESPACE__ . '\\Utils', ($project ? 'project' : 'user') . 'Link'];
     if (!($to = $toFunc($dbPost['to']))) {
         $to = '';
     }
     $ret = [];
     $ret['thumbs_n'] = $this->getThumbs($dbPost['hpid'], $project);
     $ret['revisions_n'] = $this->getRevisionsNumber($dbPost['hpid'], $project);
     $ret['uthumb_n'] = $this->getUserThumb($dbPost['hpid'], $project);
     $ret['pid_n'] = $dbPost['pid'];
     $ret['news_b'] = $dbPost['news'];
     $ret['language_n'] = $dbPost['lang'];
     $ret['from4link_n'] = Utils::userLink($from);
     $ret['to4link_n'] = $toFuncLink($to);
     $ret['fromid_n'] = $dbPost['from'];
     $ret['toid_n'] = $dbPost['to'];
     $ret['from_n'] = $from;
     $ret['to_n'] = $to;
     $ret['datetime_n'] = $this->user->getDateTime($dbPost['time']);
     $ret['timestamp_n'] = $dbPost['time'];
     $ret['canclosepost_b'] = $this->canClose($dbPost, $project);
     $ret['closed_b'] = $dbPost['closed'];
     $ret['canremovepost_b'] = $this->canRemove($dbPost, $project);
     $ret['caneditpost_b'] = $this->canEdit($dbPost, $project);
     $ret['canshowlock_b'] = $this->canShowLock($dbPost, $project);
     $ret['lock_b'] = $this->user->hasLocked($dbPost, $project);
     $ret['canshowlurk_b'] = $logged ? !$ret['canshowlock_b'] : false;
     $ret['lurk_b'] = $this->user->hasLurked($dbPost, $project);
     $ret['canshowbookmark_b'] = $logged;
     $ret['bookmark_b'] = $this->user->hasBookmarked($dbPost, $project);
     $ret['message_n'] = $this->bbcode($dbPost['message'], $truncate, $project ? 'g' : 'u', $ret['pid_n'], $ret['toid_n']);
     if (!$project && $dbPost['to'] == Config\USERS_NEWS) {
         $ret['message_n'] = $this->parseNews($ret['message_n']);
     }
     $ret['postcomments_n'] = $this->countComments($dbPost['hpid'], $project);
     $ret['hpid_n'] = $dbPost['hpid'];
     return $ret;
 }
コード例 #17
0
ファイル: search.php プロジェクト: RoxasShadow/nerdz.eu
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\User;
$user = new NERDZ\Core\User();
$tplcfg = $user->getTemplateCfg();
ob_start(array('NERDZ\\Core\\Utils', 'minifyHTML'));
$q = !empty($_GET['q']) && is_string($_GET['q']) ? htmlspecialchars(trim($_GET['q']), ENT_QUOTES, 'UTF-8') : '';
?>
    <!DOCTYPE html>
    <html lang="<?php 
echo $user->getBoardLanguage();
?>
">
    <head>
    <meta name="author" content="Paolo Galeone" />
    <title><?php 
echo NERDZ\Core\Utils::getSiteName();
?>
 - Search <?php 
if (!empty($q)) {
    echo '⇒ ', $q;
}
?>
</title>
<?php 
$headers = $tplcfg->getTemplateVars('search');
require_once $_SERVER['DOCUMENT_ROOT'] . '/pages/common/jscssheaders.php';
?>
    </head>
コード例 #18
0
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\User;
use NERDZ\Core\Search;
$search = new Search();
if (!isset($searchMethod) || !method_exists($search, $searchMethod)) {
    die(NERDZ\Core\Utils::jsonResponse('error', 'No-sense error'));
}
$user = new User();
if (!$user->isLogged()) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('LOGIN')));
}
$count = isset($_GET['count']) && is_numeric($_GET['count']) ? (int) $_GET['count'] : 10;
$q = isset($_GET['q']) && is_string($_GET['q']) ? $_GET['q'] : '';
if ($q === '') {
    die(NERDZ\Core\Utils::jsonResponse('error', 'Invalid search'));
}
die(NERDZ\Core\Utils::jsonResponse($search->{$searchMethod}($q, $count)));
コード例 #19
0
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\User;
$user = new User();
if (isset($_POST['comment'])) {
    $message = new NERDZ\Core\Comments();
    if (!isset($_POST['hcid']) || !is_numeric($_POST['hcid'])) {
        die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': no hcid'));
    }
    $id = $_POST['hcid'];
} else {
    $message = new NERDZ\Core\Messages();
    if (!isset($_POST['hpid']) || !is_numeric($_POST['hpid'])) {
        die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': no hpid'));
    }
    $id = $_POST['hpid'];
}
$revNo = isset($_POST['revNo']) && is_numeric($_POST['revNo']) && $_POST['revNo'] >= 1 ? $_POST['revNo'] : 0;
if (!$revNo) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': invalid revNo'));
}
if (!$user->isLogged()) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('REGISTER')));
}
$rev = $message->getRevision($id, $revNo, isset($prj));
die(is_object($rev) ? NERDZ\Core\Utils::jsonResponse(['datetime' => $user->getDateTime($rev->time), 'message' => $message->bbcode($rev->message)]) : NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR')));
コード例 #20
0
ファイル: banned.php プロジェクト: RoxasShadow/nerdz.eu
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\User;
$user = new User();
$tplcfg = $user->getTemplateCfg();
ob_start(array('NERDZ\\Core\\Utils', 'minifyHTML'));
?>
    <!DOCTYPE html>
    <html lang="<?php 
echo $user->getBoardLanguage();
?>
">
    <head>
    <meta name="author" content="Paolo Galeone" />
    <title><?php 
echo NERDZ\Core\Utils::getSiteName();
?>
 - <?php 
echo $user->lang('BANNED');
?>
</title>
<?php 
$headers = $tplcfg->getTemplateVars('banned');
require_once $_SERVER['DOCUMENT_ROOT'] . '/pages/common/jscssheaders.php';
?>
    </head>
    <?php 
ob_flush();
?>
コード例 #21
0
ファイル: preview.php プロジェクト: RoxasShadow/nerdz.eu
<?php

require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Comments;
use NERDZ\Core\User;
$user = new User();
$message = new Comments();
if (!$user->isLogged() || empty($_GET['message'])) {
    $_GET['message'] = $user->lang('ERROR');
}
$vals = [];
$vals['message_n'] = $message->bbcode($message->parseQuote(htmlspecialchars($_GET['message'], ENT_QUOTES, 'UTF-8')));
$user->getTPL()->assign($vals);
$user->getTPL()->draw('base/preview');
コード例 #22
0
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
ob_start(array('NERDZ\\Core\\Utils', 'minifyHTML'));
use NERDZ\Core\Comments;
use NERDZ\Core\Messages;
use NERDZ\Core\Gravatar;
use NERDZ\Core\System;
use NERDZ\Core\User;
$prj = isset($prj);
$user = new User();
$comments = new Comments();
if (!$user->isLogged()) {
    die($user->lang('REGISTER'));
}
switch (isset($_GET['action']) ? strtolower($_GET['action']) : '') {
    case 'get':
        $hcid = isset($_POST['hcid']) && is_numeric($_POST['hcid']) ? $_POST['hcid'] : false;
        if (!$hcid) {
            die($user->lang('ERROR') . ': no hcid');
        }
        $vals = [];
        $vals['list_a'] = $comments->get($hcid, $prj);
        $vals['showform_b'] = false;
        $vals['needmorebtn_b'] = false;
        $vals['commentcount_n'] = 0;
        $vals['hpid_n'] = 0;
        $vals['onerrorimgurl_n'] = System::getResourceDomain() . '/static/images/red_x.png';
        $user->getTPL()->assign($vals);
        $user->getTPL()->draw(($prj ? 'project' : 'profile') . '/comments');
コード例 #23
0
ファイル: themes.html.php プロジェクト: RoxasShadow/nerdz.eu
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\User;
use NERDZ\Core\Config;
use NERDZ\Core\System;
$user = new User();
ob_start(array('NERDZ\\Core\\Utils', 'minifyHTML'));
if (!$user->isLogged()) {
    die($user->lang('REGISTER'));
}
$vals = [];
$vals['tok_n'] = NERDZ\Core\Security::getCsrfToken('edit');
$vals['themes_a'] = [];
$i = 0;
$templates = System::getAvailableTemplates();
foreach ($templates as $val) {
    $vals['themes_a'][$i]['tplno_n'] = $val['number'];
    $vals['themes_a'][$i]['tplname_n'] = $val['name'];
    ++$i;
}
$vals['mytplno_n'] = $user->getTemplate($_SESSION['id']);
$vals['mobile_b'] = User::isOnMobileHost();
$user->getTPL()->assign($vals);
$user->getTPL()->draw('preferences/themes');
コード例 #24
0
<?php

if (!isset($users, $type, $dateExtractor, $total)) {
    die('$users & $type & $dateExtractor & $total required');
}
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\User;
use NERDZ\Core\Utils;
$validFields = ['username', 'name', 'surname', 'birth_date', 'last', 'counter', 'registration_time'];
$limit = isset($_GET['lim']) ? NERDZ\Core\Security::limitControl($_GET['lim'], 20) : 20;
$order = isset($_GET['desc']) && $_GET['desc'] == 1 ? 'DESC' : 'ASC';
$q = empty($_GET['q']) ? '' : htmlspecialchars($_GET['q'], ENT_QUOTES, 'UTF-8');
$orderby = isset($_GET['orderby']) ? NERDZ\Core\Security::fieldControl($_GET['orderby'], $validFields, 'username') : 'username';
$user = new User();
$i = 0;
$ret = [];
foreach ($users as $fid) {
    $ret[$i] = $user->getBasicInfo($fid);
    $ret[$i]['since_n'] = $dateExtractor($fid, $ret[$i]['since_n']);
    ++$i;
}
usort($ret, 'NERDZ\\Core\\Utils::sortByUsername');
$myvals = [];
$myvals['list_a'] = $ret;
$startFrom = 0;
if (!is_numeric($limit)) {
    $matches = [];
    preg_match('/\\d+$/', $limit, $matches);
    if (isset($matches[0])) {
        $startFrom = $matches[0];
    }
コード例 #25
0
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\User;
use NERDZ\Core\Config;
use NERDZ\Core\Db;
use NERDZ\Core\System;
$user = new User();
if (!NERDZ\Core\Security::refererControl()) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': referer'));
}
if (!NERDZ\Core\Security::csrfControl(isset($_POST['tok']) ? $_POST['tok'] : 0, 'edit')) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': token'));
}
if (!$user->isLogged()) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('REGISTER')));
}
if (isset($_GET['action']) && $_GET['action'] == 'vars') {
    if (isset($_POST['vars']) && is_array($_POST['vars'])) {
        $user->setTemplateVariables($_POST['vars']);
    } else {
        die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': JSON'));
    }
} else {
    $theme = isset($_POST['theme']) && is_string($_POST['theme']) ? trim($_POST['theme']) : '';
    $shorts = [];
    $templates = System::getAvailableTemplates();
    foreach ($templates as $val) {
        $shorts[] = $val['number'];
    }
コード例 #26
0
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Captcha;
use NERDZ\Core\Db;
use NERDZ\Core\User;
$user = new User();
if (!NERDZ\Core\Security::refererControl()) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . ': referer'));
}
if (!$user->isLogged()) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('REGISTER')));
}
$capt = new Captcha();
if (!$capt->check(isset($_POST['captcha']) ? $_POST['captcha'] : '')) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('WRONG_CAPTCHA')));
}
if (Db::NO_ERRNO != Db::query(array('DELETE FROM "users" WHERE "counter" = ?', array($_SESSION['id'])), Db::FETCH_ERRNO)) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR')));
}
$motivation = !empty($_POST['motivation']) ? htmlentities($_POST['motivation'], ENT_QUOTES, 'UTF-8') : false;
if ($motivation) {
    Db::query(['UPDATE "deleted_users" SET "motivation" = :motivation WHERE "counter" = :counter', [':motivation' => $motivation, ':counter' => $_SESSION['id']]], Db::NO_RETURN);
}
$user->logout();
die(NERDZ\Core\Utils::jsonResponse('ok', 'Bye :('));
コード例 #27
0
ファイル: board.html.php プロジェクト: RoxasShadow/nerdz.eu
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
ob_start(array('NERDZ\\Core\\Utils', 'minifyHTML'));
use NERDZ\Core\User;
$user = new User();
if (!$user->isLogged()) {
    die($user->lang('REGISTER'));
}
if (!NERDZ\Core\Security::refererControl()) {
    die($user->lang('ERROR'));
}
switch (isset($_GET['action']) ? strtolower($_GET['action']) : '') {
    case 'get':
        //fa tutto lei compresa la gestione di $_POST[hpid]
        $hpid = isset($_POST['hpid']) ? $_POST['hpid'] : -1;
        $draw = true;
        require_once $_SERVER['DOCUMENT_ROOT'] . '/pages/profile/singlepost.html.php';
        break;
    default:
        die($user->lang('ERROR'));
        break;
}
コード例 #28
0
ファイル: board.json.php プロジェクト: RoxasShadow/nerdz.eu
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\Messages;
use NERDZ\Core\User;
$messages = new Messages();
$user = new User();
$prj = isset($prj);
if (!$user->isLogged()) {
    die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('REGISTER')));
}
if (!NERDZ\Core\Security::refererControl()) {
    die(NERDZ\Core\Utils::jsonResponse('error', 'CSRF'));
}
switch (isset($_GET['action']) ? strtolower($_GET['action']) : '') {
    case 'add':
        if (empty($_POST['to'])) {
            if ($prj) {
                die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR') . 'a'));
            } else {
                $_POST['to'] = $_SESSION['id'];
            }
        }
        die(NERDZ\Core\Utils::jsonDbResponse($messages->add($_POST['to'], isset($_POST['message']) ? $_POST['message'] : '', ['news' => !empty($_POST['news']), 'issue' => !empty($_POST['issue']), 'project' => $prj, 'language' => !empty($_POST['language']) ? $_POST['language'] : false])));
        break;
    case 'del':
        if (!isset($_SESSION['delpost']) || empty($_POST['hpid']) || !is_numeric($_POST['hpid']) || $_SESSION['delpost'] != $_POST['hpid'] || !$messages->delete($_POST['hpid'], $prj)) {
            die(NERDZ\Core\Utils::jsonResponse('error', $user->lang('ERROR')));
        }
        unset($_SESSION['delpost']);
コード例 #29
0
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\User;
use NERDZ\Core\System;
$user = new User();
ob_start(array('NERDZ\\Core\\Utils', 'minifyHTML'));
if (!$user->isLogged()) {
    die($user->lang('REGISTER'));
}
$vals = [];
$vals['tok_n'] = NERDZ\Core\Security::getCsrfToken('edit');
$longlangs = System::getAvailableLanguages(1);
$vals['langs_a'] = [];
$i = 0;
foreach ($longlangs as $id => $val) {
    $vals['langs_a'][$i]['longlang_n'] = $val;
    $vals['langs_a'][$i]['shortlang_n'] = $id;
    ++$i;
}
$vals['mylang_n'] = $user->getLanguage($_SESSION['id']);
$vals['myboardlang_n'] = $user->getBoardLanguage($_SESSION['id']);
$user->getTPL()->assign($vals);
$user->getTPL()->draw('preferences/language');
コード例 #30
0
<?php

ob_start('ob_gzhandler');
require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php';
use NERDZ\Core\User;
use NERDZ\Core\Db;
$user = new User();
ob_start(array('NERDZ\\Core\\Utils', 'minifyHTML'));
if (!NERDZ\Core\Security::refererControl()) {
    die($user->lang('ERROR'));
}
if (!$user->isLogged()) {
    die($user->lang('REGISTER'));
}
$vals = [];
$vals['tok_n'] = NERDZ\Core\Security::getCsrfToken('edit');
if (!($r = Db::query(['SELECT g."name", g.counter FROM "groups" g INNER JOIN "groups_owners" go
        ON go."to" = g.counter
        WHERE go."from" = :id', [':id' => $_SESSION['id']]], Db::FETCH_STMT))) {
    $vals['myprojects_a'] = [];
} else {
    $i = 0;
    while ($o = $r->fetch(PDO::FETCH_OBJ)) {
        $vals['myprojects_a'][$i]['name_n'] = $o->name;
        $vals['myprojects_a'][$i]['name4link_n'] = \NERDZ\Core\Utils::projectLink($o->name);
        $vals['myprojects_a'][$i]['id_n'] = $o->counter;
        ++$i;
    }
}
$user->getTPL()->assign($vals);
$user->getTPL()->draw('preferences/projects');