function parse()
{
$userExists = false;
if (count($this->argsIndexed) > 0) {
//Find the user:
$userResult = $this->db->buildQuery("SELECT * FROM users WHERE username=%s", $this->argsIndexed[0]);
if ($this->db->getHasRows($userResult)) {
$userExists = true;
$user = $this->db->fetchAssoc($userResult);
$user['gravatarUrl'] = get_gravatar($user['email'], 150);
//Fetch his objects
$objectsResult = $this->db->buildQuery("SELECT * FROM objects WHERE seller=%s ORDER BY end_moment DESC", $user['username']);
$user['objects'] = parseObjects($objectsResult);
$feedbackResult = $this->db->buildQuery("SELECT isseller, rating, date, comment, buyer, seller AS username FROM feedback F LEFT OUTER JOIN objects O ON F.objectid = O.id WHERE (seller=%s AND isseller=1) OR (buyer=%s AND F.isseller=0)", $user['username'], $user['username']);
$user['feedback'] = $this->db->fetchAllAssoc($feedbackResult);
$this->website->assign("profileUser", $user);
} else {
$error = "Deze gebruiker bestaat niet";
$userExists = false;
}
}
if ($userExists) {
$this->addToBreadcrumbs("Home", baseurl(""));
$this->addToBreadcrumbs("Profiel");
$this->render('Profiel', 'users/profile.tpl');
} else {
//Render a page here, telling the user that this user doesn't exist
}
}
function parse()
{
$displayName = "about";
$this->addToBreadcrumbs("Home", baseurl(""));
$this->addToBreadcrumbs("Over ons");
$this->render($displayName, 'static/about.tpl');
}
function parse()
{
if ($this->user->isLoggedIn()) {
header("location: " . baseurl(""));
} else {
$_POST = removeHTMLFromPOST($_POST);
$emailCode = md5($_POST['email'] . date("U"));
$_POST['emailCode'] = $emailCode;
if (isset($_POST['saveEmail'])) {
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === true) {
$_POST['email'] = null;
$this->website->assign("emailError", "Ingevulde email was niet valide, ga naar de hoofdpagina en probeer opnieuw te registreren.");
} else {
$emailUsed = $this->db->buildQuery("SELECT email FROM users WHERE email = %s", $_POST['email']);
if ($this->db->getHasRows($emailUsed) == 0) {
$this->website->assign("email", $_POST['email']);
$_SESSION['emailCode'] = $_POST['emailCode'];
$this->website->assign("emailVerificationCode", $_POST['emailVerificationCode']);
sendMail($_POST['email'], "Uw verificatie code is: " . $emailCode, "Eenmaal andermaal verificatie");
} else {
$this->website->assign("emailError", "Uw email is al in gebruik genomen.");
$emailIsAlreadyUsed = true;
}
}
}
$this->addToBreadcrumbs("Home", baseurl(""));
$this->addToBreadcrumbs("Registratie");
$this->addToBreadcrumbs("Email Verificatie");
if ($emailIsAlreadyUsed == false) {
$this->render("emailVerification", "emailVerification.tpl");
} else {
header("location: " . baseurl(""));
}
}
}
function parse()
{
if ($this->user->isLoggedIn()) {
$result = $this->db->buildQuery("SELECT * FROM objects WHERE id IN (SELECT objectid FROM bids WHERE username =%s GROUP BY objectid)", $this->user->getName());
$objects = parseObjects($result, $this->user->getName());
foreach ($objects as &$object) {
$categoryTree = array();
$categories = array();
$catIdResult = $this->db->buildQuery("SELECT category_id FROM object_in_category WHERE object_id =%s ", $object['id']);
$catId = $this->db->fetchAssoc($catIdResult)['category_id'];
getCategoryFromBottom($categories, $catId);
foreach ($categories as $cat) {
$temp = array("name" => $cat['name'], "link" => baseurl("Rubriek/" . $cat['id']), "parent" => $cat['parent']);
$categoryTree[] = $temp;
}
$object['categoryTree'] = $categoryTree;
}
$this->website->assign("objects", $objects);
$this->addToBreadcrumbs("Home", baseurl("/"));
$this->addToBreadcrumbs("UCP", baseurl("Users/CP"));
$this->addToBreadcrumbs("Mijn Biedingen");
$this->render("Bids", "users/bids.tpl");
} else {
$this->website->assign("loginError", "U moet ingelogd zijn voordat u uw biedingen kunt bekijken.");
$this->render("login", "users/login.tpl");
}
}
function parse($query, $p)
{
//Fetch number of objects in this category:
$query = "%" . $query . "%";
//THANK YOU SILVAN FOR FIXING THIS BUG FOR ME!
$countResult = $this->db->buildQuery("SELECT COUNT(id) AS c FROM objects WHERE title LIKE ? OR description LIKE ?", $query, $query);
$c = $this->db->fetchAssoc($countResult)['c'];
$sql = "SELECT id,title,end_moment,start_bid,city FROM objects WHERE title LIKE ? OR description LIKE ? ORDER BY start_bid ASC";
$maxPerPage = 18;
if ($c > $maxPerPage) {
if ($p > 0) {
$fo = $p * $maxPerPage;
} else {
$fo = 0;
}
$fe = $fo + $maxPerPage;
$sql .= " OFFSET ? ROWS FETCH NEXT ? ROWS ONLY;";
$result = $this->db->buildQuery($sql, $query, $query, $fo, $fe);
$this->website->assign("paginationNeeded", true);
$this->website->assign("page", $p + 1);
$this->website->assign("maxPages", $c / $maxPerPage - 1);
} else {
$result = $this->db->buildQuery($sql, $query, $query);
}
$objects = parseObjects($result);
$this->addToBreadcrumbs("Home", baseurl(""));
$this->addToBreadcrumbs("Zoeken");
$this->website->assign("objects", $objects);
$this->render("Categorie", 'lot/objects.tpl');
}
function parse()
{
$displayName = "terms";
$this->addToBreadcrumbs("Home", baseurl(""));
$this->addToBreadcrumbs("Terms");
$this->render($displayName, 'static/terms.tpl');
}
function parse()
{
$displayName = "contact";
$this->addToBreadcrumbs("Home", baseurl(""));
$this->addToBreadcrumbs("Contact");
$this->render($displayName, 'static/contact.tpl');
}
function parse()
{
if ($this->user->isLoggedIn() == false) {
$showRegister = true;
if ($showRegister) {
$this->website->display("register.tpl");
}
} else {
header("location: " . baseurl(""));
}
}
function parse()
{
if ($this->user->isLoggedIn()) {
$username = $this->user->getName();
$feedbackResultSel = $this->db->buildQuery("SELECT isseller, rating, date, comment, buyer, seller AS username FROM feedback F LEFT OUTER JOIN objects O ON F.objectid = O.id WHERE seller =%s AND isseller = 1", $username);
$feedbackItemsSel = $this->db->fetchAllAssoc($feedbackResultSel);
$feedbackResultBuy = $this->db->buildQuery("SELECT isseller, rating, date, comment, seller AS username FROM feedback F LEFT OUTER JOIN objects O ON F.objectid = O.id WHERE buyer =%s AND isseller = 0", $username);
$feedbackItemsBuy = $this->db->fetchAllAssoc($feedbackResultBuy);
$this->website->assign("feedbackItemsSel", $feedbackItemsSel);
$this->website->assign("feedbackItemsBuy", $feedbackItemsBuy);
$this->addToBreadcrumbs("Home", baseurl(""));
$this->addToBreadcrumbs("UCP", baseurl("Users/CP"));
$this->addToBreadcrumbs("Mijn feedback");
$this->render("Feedback", "users/feedback.tpl");
} else {
$this->website->assign("loginError", "U moet ingelogd zijn voordat u uw feedback kunt bekijken.");
$this->render("login", "users/login.tpl");
}
}
function parse()
{
if ($this->user->isLoggedIn()) {
if ($this->user->isSeller()) {
$errorMsg = "U bent al een verkoper";
$pageToShow = -1;
} else {
$pageToShow = 0;
$sql = "SELECT username FROM verifications WHERE date_sent IS NOT NULL AND username=%s";
$userResult = $this->db->buildQuery($sql, $this->user->getName());
if ($this->db->getHasRows($userResult)) {
if (isset($_POST['submit'])) {
if (strlen($_POST['authentication']) > 0) {
$auth = $_POST['authentication'];
$sqlAuthCheck = "SELECT verification_key FROM verifications WHERE verification_key=%s";
$authCheck = $this->db->buildQuery($sqlAuthCheck, $auth);
if ($this->db->getHasRows($authCheck)) {
$updateArray['isseller'] = (bool) true;
$this->db->update('users', $updateArray, 'username', $this->user->getName());
$pageToShow = 1;
} else {
$errorMsg = "Uw verificatiecode klopt niet.";
}
} else {
$errorMsg = 'U heeft geen verificatiecode ingevuld.';
}
}
} else {
$errorMsg = "Er is nog geen verificatiecode naar u gestuurd.";
}
}
$this->website->assign("page", $pageToShow);
$this->website->assign("errorMsg", $errorMsg);
$this->addToBreadcrumbs("Home", baseurl(""));
$this->addToBreadcrumbs("UCP", baseurl("Users/CP"));
$this->addToBreadcrumbs("Authenticatiecode invoeren");
$this->render("SellerCode", "users/sellerCode.tpl");
} else {
$this->website->assign("loginError", "U moet ingelogd zijn voordat u uw code kunt ingeven.");
$this->render("login", "users/login.tpl");
}
}
function parse($id, $p)
{
$categoryResult = $this->db->buildQuery("SELECT * FROM categories WHERE id=%i", $id);
$category = $this->db->fetchAssoc($categoryResult);
//Fetch number of objects in this category:
$countResult = $this->db->buildQuery("SELECT COUNT(object_id) AS c FROM object_in_category WHERE category_id=%i", $id);
$c = $this->db->fetchAssoc($countResult)['c'];
$sql = "SELECT id,title,end_moment,start_bid,city FROM objects WHERE id IN (SELECT object_id FROM object_in_category WHERE category_id=%i) ORDER BY start_moment DESC";
$result = null;
$maxPerPage = 18;
if ($c > $maxPerPage) {
if ($p > 0) {
$fo = $p * $maxPerPage;
} else {
$fo = 0;
}
$fe = $fo + $maxPerPage;
$sql .= " OFFSET %i ROWS FETCH NEXT %i ROWS ONLY;";
$result = $this->db->buildQuery($sql, $id, $fo, $fe);
$this->website->assign("paginationNeeded", true);
$this->website->assign("page", $p + 1);
$this->website->assign("maxPages", $c / $maxPerPage - 1);
} else {
$result = $this->db->buildQuery($sql, $id);
}
$objects = parseObjects($result);
$categoriesCrumbs = array();
getCategoryFromBottom($categoriesCrumbs, $id);
array_pop($categoriesCrumbs);
$this->addToBreadcrumbs("Home", baseurl(""));
foreach ($categoriesCrumbs as $cat) {
$this->addToBreadcrumbs($cat['name'], baseurl("Rubriek/" . $cat['id']));
}
$this->addToBreadcrumbs($category['name']);
$categories = getCategory($categoriesCrumbs);
$this->website->assign("category", $category);
$this->website->assign("categories", $categories);
$this->website->assign("objects", $objects);
$this->render("Categorie", 'lot/objects.tpl');
}
function spawn_transcoder($source, $config_file = 'default', $timeout = 20)
{
// Because we employ "AllowEncodedSlashes NoDecode", the local file must only have slashes encoded in the filename
$source_escaped = str_replace("/", "%2f", $source);
// In the substitution, we must ensure that the hls_segment_filename value is percent-escaped as it represents a sprintf string
$source_escaped_pct_escaped = str_replace("%", "%%", $source_escaped);
$exec_subst = array('[SOURCE]' => $source, '[SOURCE-ESCAPED]' => $source_escaped, '[SOURCE-ESCAPED-PCT-ESCAPED]' => $source_escaped_pct_escaped, '[BASEURL]' => baseurl() . '/data/');
if (!($exec = @file_get_contents($config_file, FILE_USE_INCLUDE_PATH))) {
if (!($exec = file_get_contents($config_file . '.conf', FILE_USE_INCLUDE_PATH))) {
header(HTTP_CUSTOM_HEADER_RESPONDING_TO . urlencode($config_file));
http_response_code(400);
return FALSE;
}
}
$exec = trim(preg_replace('/\\s+/', ' ', $exec));
// the exec command should not have newlines in it
$exec = str_replace(array_keys($exec_subst), array_values($exec_subst), $exec);
// to allow token substitution
$process = new MyBackgroundProcess($exec);
$process->run();
// first check to see if we have obvious error coming back from the job spawn
null;
// if not, wait for the creation of the playlist file
$filename = dirname($_SERVER["SCRIPT_FILENAME"]) . "/data/{$source_escaped}.m3u8";
// sleep in EXEC_TIMEOUT_POLL_MS millisecond increments as we wait for exec to start output...
for ($waits = $timeout * 1000000; $waits > 0 && !file_exists($filename); $waits = $waits - EXEC_TIMEOUT_POLL_MS) {
usleep(EXEC_TIMEOUT_POLL_MS);
}
if (file_exists($filename)) {
passthru_m3u8($filename, $filename);
return $process;
} else {
$process->stop();
header(HTTP_CUSTOM_HEADER_RESPONDING_TO . urlencode($exec));
http_response_code(408);
return FALSE;
}
}
function parse()
{
if ($this->user->isLoggedIn() == false) {
$showLogin = true;
if (isset($_POST['username'])) {
$login = $this->user->doLogin($_POST['username'], $_POST['password']);
if ($login == 0) {
$showLogin = false;
} elseif ($login == 1) {
$this->website->assign("loginError", "Gebruiker of wachtwoord verkeerd");
}
}
if ($showLogin) {
$this->website->display("users/login.tpl");
} else {
$this->website->assign("user", $this->user->getInfo());
header("location: " . baseurl(""));
}
} else {
//How did they GET here?
header("location: " . baseurl(""));
}
}
function parse()
{
if ($this->user->isLoggedIn()) {
$Errors = false;
$updateComplete = false;
if (isset($_POST['submit'])) {
// var_dump($_POST);
$userInfoArray = array('firstname' => $_POST['firstname'], 'lastname' => $_POST['lastname'], 'adress_street1' => $_POST['adress_street1'], 'adress_street2' => $_POST['adress_street2'], 'adress_number' => $_POST['adress_number'], 'postalcode' => $_POST['postalcode']);
$phonenumberArray = array('phonenumber' => $_POST['phonenumber']);
if (isset($_POST['securityQuestions'])) {
if ($_POST['securityQuestions'] >= 0) {
$userInfoArray['security_question'] = $_POST['securityQuestions'];
$userInfoArray['security_answer'] = $_POST['questionAnswer'];
}
}
if (!empty($_POST['currentPassword']) || !empty($_POST['newPassword']) || !empty($_POST['newPassword2'])) {
$password = hash('sha512', $_POST['currentPassword']);
$currentPassword = $this->db->buildQuery("SELECT username, password FROM users WHERE username=%s AND password=%s", $this->user->getName(), $password);
if (!$this->db->getHasRows($currentPassword)) {
$errors = true;
$errorMsg = "Het ingevulde huidige wachtwoord komt niet overeen met het huidige wachtwoord, wachtwoord is niet veranderd.";
} else {
if ($_POST['newPassword'] == $_POST['newPassword2']) {
$newPassword = hash('sha512', $_POST['newPassword']);
$userInfoArray['password'] = $newPassword;
} else {
$errors = true;
$errorMsg = "De opgegeven nieuwe wachtwoorden komen niet overeen met elkaar, wachtwoord is niet veranderd.";
}
}
} else {
if (!empty($_POST['currentPassword']) && !empty($_POST['newPassword']) && !empty($_POST['newPassword2'])) {
$errorMsg = "Een of meer benodigde variabelen zijn niet ingevuld.";
}
}
$x = 0;
$y = 0;
foreach ($userInfoArray as $key => $value) {
if ($key != 'adress_street2') {
if ($value != null) {
$x += 1;
//adds 1 if the value is not null
}
$y += 1;
//adds 1 for each key in the array
}
}
if ($x == $y) {
$insertPhonenumber = $this->db->buildQuery("SELECT username FROM phonenumbers WHERE username=%s", $this->user->getName());
if (!$this->db->getHasRows($insertPhonenumber)) {
$phonenumberArray['username'] = $this->user->getName();
$this->db->insert("phonenumbers", $phonenumberArray);
} else {
$this->db->update('phonenumbers', $phonenumberArray, 'username', $this->user->getName());
}
$this->db->update('users', $userInfoArray, 'username', $this->user->getName());
$lastError = $this->db->getLastError();
$updateComplete = true;
if ($lastError != null) {
$updateInfoError = "De ingevulde data geeft een fout terug, vul de velden goed in en probeer het opnieuw.";
$this->website->assign("updateInfoError", $updateInfoError);
// var_dump($lastError);
}
} else {
$updateInfoError = "De ingevulde data geeft een fout terug, vul de velden goed in en probeer het opnieuw.";
$this->website->assign("updateInfoError", $updateInfoError);
}
}
$this->website->assign("userGravatar", get_gravatar($this->user->getEmail(), 200));
$sql = "SELECT username, firstname, lastname, city, country, adress_street1, adress_street2, adress_number, postalcode, birthdate FROM users WHERE username=%s";
$userResult = $this->db->buildQuery($sql, $this->user->getName());
$CP = array();
$CP = $this->db->fetchAssoc($userResult);
$this->website->assign("CP", $CP);
$sqlPhonenumber = "SELECT phonenumber FROM phonenumbers WHERE username=%s";
$phonenumberResult = $this->db->buildQuery($sqlPhonenumber, $this->user->getName());
$phonenumber = array();
$phonenumber = $this->db->fetchAssoc($phonenumberResult);
$this->website->assign("phonenumber", $phonenumber);
$sqlQuestion = "SELECT id, question FROM security_questions";
$questionResult = $this->db->query($sqlQuestion);
$questions = array();
$questions = $this->db->fetchAllAssoc($questionResult);
$this->website->assign("questions", $questions);
$this->website->assign("updateComplete", $updateComplete);
$this->website->assign("errorMsg", $errorMsg);
$this->addToBreadcrumbs("Home", baseurl(""));
$this->addToBreadcrumbs("UCP");
$this->render("UCP", "users/UCP.tpl");
} else {
$this->website->assign("loginError", "U moet ingelogd zijn voordat uw controle paneel bekeken kan worden.");
$this->render("login", "users/login.tpl");
}
}
public function run()
{
// Se não for crítico, apenas lança o erro como exception
if ($this->_is_fatal === false) {
// Se for uma exceção normal
if ($this->_special_exception === false) {
throw new core_exception(null, $this->_error_code, $this);
}
// Senão, lança uma exceção de núcleo
$classname = $this->_args['classname'];
eval("class {$classname} extends core_exception {}");
throw new $classname(null, $this->_error_code, $this);
}
// Armazena as informações do erro em uma sessão
$_SESSION['last-error'] = (object) array('error_code' => $this->_error_code, 'backtrace' => $this->_backtrace, 'globals' => $this->_globals, 'args' => $this->_args, 'id' => $this->_id);
//TODO: registrar a ocorrência e alterara a página
header('Location: ' . baseurl(false) . 'core/error');
}
function base_url()
{
return baseurl();
}
/**
* Fetches the objects given in $result
* @param $result
* @return array
*/
function parseObjects($result, $username = null)
{
global $db;
$objects = array();
while ($row = $db->fetchAssoc($result)) {
$row['description'] = bb2html(nl2br(str_replace("\\n", "\n", $row['description'])));
//Fetch latest bid
$bidResult = $db->buildQuery("SELECT TOP 1 * FROM bids WHERE objectid=%d ORDER BY bidvalue DESC", $row['id']);
if ($db->getHasRows($bidResult)) {
$res = $db->fetchAssoc($bidResult);
$row['currentBid'] = $res['bidvalue'];
$row['currentBidName'] = $res['username'];
} else {
$row['currentBid'] = $row['start_bid'];
}
$imageResult = $db->buildQuery("SELECT TOP 1 filename FROM files WHERE objectid=%d", $row['id']);
if ($db->getHasRows($imageResult)) {
if ($row['city'] == 'batch') {
$row['image'] = "http://iproject2.icasites.nl/pics/" . $db->fetchAssoc($imageResult)['filename'];
} else {
$row['image'] = baseurl("upload/" . $db->fetchAssoc($imageResult)['filename']);
}
} else {
$row['image'] = "https://placehold.it/150x110";
}
if ($username != null) {
$ownBidResult = $db->buildQuery("SELECT TOP 1 bidvalue FROM bids WHERE username =%s AND objectid=%d ORDER BY bidvalue DESC", $username, $row['id']);
$row['ownBid'] = $db->fetchAssoc($ownBidResult)['bidvalue'];
}
$row['timeRemaining'] = $row['end_moment']->getTimeStamp() - time();
$objects[] = $row;
}
return $objects;
}
function parse()
{
if ($this->user->isLoggedIn()) {
header("location: " . baseurl(""));
} else {
$_POST = removeHTMLFromPOST($_POST);
if (isset($_POST['validateCode'])) {
if ($_SESSION['emailCode'] == $_POST['emailVerificationCode']) {
foreach ($_POST as $key => &$value) {
$temp = strip_tags($value);
$value = $temp;
}
// $errors = Array();
if (isset($_POST['registerInfo'])) {
//lets check if every required field is actually filled in correctly
if (strlen($_POST['username']) >= 4 && strlen($_POST['username']) <= 12) {
} else {
$errors['usernameErr'] = "De lengte van uw username voldoet niet aan onze waarden.";
}
if (!isset($_POST['firstname']) && !isset($_POST['lastname'])) {
$errors['nameErr'] = "Vul uw voornaam en achternaam in.";
}
if (ctype_digit(substr($_POST['postalcode'], 0, 4)) && ctype_alpha(substr($_POST['postalcode'], -2))) {
} else {
$errors['postalcodeErr'] = "De postcode moet als volgt gegeven zijn, 4 cijfers gevolgd door 2 letters. Bijvoorbeeld: 1234AB.";
}
if (ctype_digit(substr($_POST['adress_number'], 0, 1))) {
} else {
$errors['adress_numberErr'] = "De eerste character van uw adress moet een nummer zijn.";
}
if ($_POST['password'] == $_POST['password2']) {
$hashedPassword = hash("sha512", $_POST['password']);
$_POST['password'] = $hashedPassword;
} else {
$errors['passwordErr'] = "De opgegeven wachtwoorden komen niet overeen.";
}
if ($_POST['securityQuestions'] >= 0) {
} else {
$errors['securityQuestionsErr'] = "U heeft geen geheime vraag gekozen.";
}
if (isset($_POST['questionAnswer'])) {
} else {
$errors['questionAnswerErr'] = "U heeft geen antwoord voor uw geheime vraag opgegeven.";
}
if (!isset($_POST['birthdate'])) {
$errors['birthdate'] = "U heeft geen geboortedatum aangegeven.";
}
if (!isset($_POST['city'])) {
$errors['city'] = "U heeft geen plaatsnaam opgegeven.";
}
if (!isset($_POST['country'])) {
$errors['country'] = "U heeft geen land opgegeven.";
}
if (isset($_POST['g-recaptcha-response']) && $_POST['g-recaptcha-response']) {
$sCaptcha = "6LcL4xITAAAAAHuArX4fZ4eMjr25H2TfLiKq8mNR";
$ip = $_SERVER['REMOTE_ADDR'];
$captcha = $_POST['g-recaptcha-response'];
$resp = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret={$sCaptcha}&response={$captcha}&remoteip={$ip}");
$arr = json_decode($resp, true);
if ($arr['success']) {
if (!isset($errors)) {
$noErrs = true;
}
} else {
$errors['captchaErr'] = "De reCaptcha is niet door de validatie gekomen.";
}
}
}
$birthdate = strtotime($_POST['birthdate']);
$_POST['birthdate'] = date("Y-m-d", $birthdate);
$infoInsert = array('username' => strip_tags($_POST['username']), 'firstname' => strip_tags($_POST['firstname']), 'lastname' => strip_tags($_POST['lastname']), 'adress_street1' => strip_tags($_POST['adress_street1']), 'adress_number' => strip_tags($_POST['adress_number']), 'postalcode' => strip_tags($_POST['postalcode']), 'birthdate' => strip_tags($_POST['birthdate']), 'password' => strip_tags($_POST['password']), 'security_question' => strip_tags($_POST['securityQuestions']), 'security_answer' => strip_tags($_POST['questionAnswer']), 'city' => strip_tags($_POST['city']), 'country' => strip_tags($_POST['country']), 'email' => strip_tags($_POST['email']));
if (strlen($_POST['adress_street2']) >= 1) {
$infoInsert['adress_street2'] = strip_tags($_POST['adress_street2']);
} else {
$_POST['adress_street2'] = NULL;
}
if (isset($_POST['phonenumber'])) {
$phonenumberArray = array('phonenumber' => strip_tags($_POST['phonenumber']), 'username' => strip_tags($_POST['username']));
}
if ($noErrs) {
$this->db->insert("users", $infoInsert);
$dbErr = $this->db->getLastError();
$this->db->insert("phonenumbers", $phonenumberArray);
$dbErr1 = $this->db->getLastError();
if (!isset($dbErr) && !isset($dbErr1)) {
$this->user->doLogin($_POST['username'], $_POST['password2']);
header("location: " . baseurl(""));
}
}
$sqlQuestion = "SELECT id, question FROM security_questions";
$questionResult = $this->db->query($sqlQuestion);
$questions = array();
$questions = $this->db->fetchAllAssoc($questionResult);
$this->website->assign("questions", $questions);
$this->website->assign("emailVerificationCode", $_POST['emailVerificationCode']);
$this->website->assign("previousInfo", $_POST);
$this->website->assign("email", $_POST['email']);
$this->website->assign("emailCode", $_POST['emailCode']);
$this->website->assign("validateCode", $_POST['validateCode']);
if (isset($errors)) {
$this->website->assign("errors", $errors);
}
$this->addToBreadcrumbs("Home", baseurl(""));
$this->addToBreadcrumbs("Registratie");
$this->addToBreadcrumbs("Info");
$this->render("info", "register.tpl");
} else {
$wrongCode = "De validatie code komt niet overeen met de gestuurde code, probeer opnieuw te registreren.";
$this->website->assign("wrongCode", $wrongCode);
$this->addToBreadcrumbs("Home", baseurl(""));
$this->addToBreadcrumbs("Registratie");
$this->addToBreadcrumbs("Info");
$this->render("info", "register.tpl");
}
} else {
header("location: " . baseurl(""));
}
}
}
function smarty_function_baseurl($params, &$smarty)
{
return baseurl($params['url']);
}
function smarty_function_csstag($params, &$smarty)
{
return "<link rel='stylesheet' type='text/css' href='" . baseurl("css/" . $params['url']) . "' />";
}
function smarty_function_jstag($params, &$smarty)
{
return "<script type='text/javascript' src='" . baseurl("js/" . $params['url']) . "'></script>";
}
function parse()
{
if ($this->user->isSeller()) {
$_POST = removeHTMLFromPOST($_POST);
if (isset($_POST['submit'])) {
if (isset($_POST['title']) && isset($_POST['description']) && isset($_POST['start_bid']) && isset($_POST['location']) && isset($_POST['duration']) && isset($_POST['payment_method'])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
$errors = array();
if ($check !== false) {
//echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
$errors['imageErr'] = "U moet een afbeelding uploaden.";
//echo "File is not an image.";
$uploadOk = 0;
}
if (strlen($_POST['title']) > 4 && strlen($_POST['title']) < 60) {
} else {
$errors['titleErr'] = "Lengte van titel bestaat niet uit 4 tot 60 tekens.";
}
if (trim(strlen($_POST['description'])) > 1 && trim(strlen($_POST['description'])) < 4000) {
} else {
$errors['descriptionErr'] = "Lengte van de beschrijving bestaat niet uit 1 tot 4000 tekens.";
}
if (number_format($_POST['start_bid'], 2) > 0 && number_format($_POST['start_bid'], 2) < 100000) {
} else {
$errors['start_bidErr'] = "Vul een startbod in wat minimaal 1 karakter en maximaal 99999,99 is.";
}
if (trim(strlen($_POST['location'])) > 1 && trim(strlen($_POST['location'])) < 163) {
} else {
$errors['locationErr'] = "Vul een plaatsnaam in van minimaal 1 en maximaal 163 karakters.";
}
if ($_POST['duration'] > 0) {
} else {
$errors['durationErr'] = "Looptijd niet geldig.";
}
if (!empty($_POST['payment_method'])) {
} else {
$errors['payment_methodErr'] = "Kies een betaalmethode.";
}
//var_dump($_POST['start_bid']);
//var_dump("fwsbjkfewghkfewu");
//var_dump($_POST);
$insertArray = array("title" => $_POST['title'], "description" => $_POST['description'], "start_bid" => intval(number_format($_POST['start_bid'], 2)), "city" => $_POST['location'], "country" => 'Nederland', "duration" => intval($_POST['duration']), "payment_method" => $_POST['payment_method'], "payment_instructions" => $_POST['payment_instructions'], "shipment_instructions" => $_POST['shipment_instructions'], "shipment_costs" => intval($_POST['shipment_costs']), "seller" => $this->user->getName());
if ($errors) {
$this->website->assign("errors", $errors);
$this->website->assign("values", $_POST);
} else {
//var_dump($_FILES);
$target_dir = getcwd() . "/upload/";
$imageFileType = pathinfo($_FILES['fileToUpload']['name'], PATHINFO_EXTENSION);
$target_file = md5(date(U) . $this->user->getName()) . '.' . $imageFileType;
//md5
$uploadOk = 1;
rename($_FILES['fileToUpload']['tmp_name'], $target_dir . $target_file);
$this->db->insert("objects", $insertArray);
$errors['databaseErr1'] = $this->db->getLastError();
$objectId = $this->db->getLastInsertedId();
$insertFileNameArray = array("filename" => $target_file, "objectid" => $objectId);
$this->db->insert("files", $insertFileNameArray);
$errors['databaseErr'] = $this->db->getLastError();
//Insert into the category that they chose:
$categoryInsertArray = array("object_id" => $objectId, "category_id" => $_POST['category']);
$this->db->insert("object_in_category", $categoryInsertArray);
$errors['databaseErr2'] = $this->db->getLastError();
if (sizeof($errors) > 0) {
header("Location: " . baseurl("Kavel/Item/" . $objectId));
}
}
}
}
$displayName = "Kavel aanbieden";
if (!$this->user->isLoggedIn()) {
$this->website->assign("loginError", "U moet ingelogd zijn voordat u een kavel kan aanbieden.");
$this->render('Login', 'users/login.tpl');
} else {
$categoryList = getCategory(array());
$endCategoryList = array();
foreach ($categoryList as $category) {
$this->parseCategoryList($category, $endCategoryList);
}
$this->addToBreadcrumbs("Home", baseurl(""));
$this->addToBreadcrumbs("Kavel aanbieden");
$this->website->assign("categoryList", $endCategoryList);
$this->render($displayName, 'lot/newlot.tpl');
}
} else {
$this->website->assign("error", "U moet een verkopers account aanmaken voordat u een kavel kan aanbieden. <br> Klik <a href=https://veiling.k-4u.nl/Users/CP/SellerRequest>hier</a> om een aacount aan te maken.");
$this->render("", "error.tpl");
}
}
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html> <head> <title><?php echo $lang->head_title; ?> </title> <meta http-equiv="Content-type" content="text/html" /> <base href="<?php echo baseurl(); ?> " /> <link href="publics/default.css" rel="stylesheet" type="text/css" /> <link href="publics/default-extra.css" rel="stylesheet" type="text/css" /> <link href="publics/default-error.css" rel="stylesheet" type="text/css" /> <link href="publics/images/error-icon-small.png" rel="shortcut icon" type="image/png" /> <script src="publics/jquery.js"></script> <script src="publics/jquery.css.js"></script> <script src="publics/default.js"></script> </head> <body> <div id="header"> <div class="content"> <img src="publics/images/error-icon.png" title="Icon by Gnome Project" width="50" height="50" /> <span class="labs-title"><?php echo $lang->head_title; ?> </span> </div> </div>
function parse()
{
$displayName = "Kavel";
$objectResult = $this->db->buildQuery("SELECT * FROM objects WHERE id=%i", $this->argsIndexed[0]);
if ($this->db->getHasRows($objectResult)) {
$object = $this->db->fetchAssoc($objectResult);
//See if they placed a bid, and if they're logged in
if (isset($_POST['submit']) && isset($_POST['bid']) && $this->user->isLoggedIn()) {
if ($_POST['bid'] >= $this->db->fetchIndex($this->db->executeFunction('dbo.fnMinimalNewBid', $object['id']))[0]) {
if ($object['seller'] != $this->user->getName()) {
if ($_POST['bid'] < 1000000) {
$insertArray = array("objectid" => $object['id'], "bidvalue" => $_POST['bid'], "username" => $this->user->getName(), "bidmoment" => date('Y-m-d H:i:s'));
} else {
$this->website->assign("bidError", "Je bod overschrijd de maximale gepermitteerde bedrag.");
}
$this->db->insert("bids", $insertArray);
$error = $this->db->getLastError();
if ($error) {
var_dump($error);
} else {
header("Location: " . $_SERVER['REQUEST_URI']);
}
}
} else {
$this->website->assign("bidError", "Je bod is niet hoog genoeg.");
}
}
//Fetch images:
$imageResult = $this->db->buildQuery("SELECT filename FROM files WHERE objectid=%i", $this->argsIndexed[0]);
if ($this->db->getHasRows($imageResult)) {
if ($object['city'] == 'batch') {
$object['image'] = "http://iproject2.icasites.nl/pics/" . $this->db->fetchAssoc($imageResult)['filename'];
} else {
$object['image'] = baseurl("upload/" . $this->db->fetchAssoc($imageResult)['filename']);
}
} else {
$object['image'] = "https://placehold.it/465x465";
}
$object['timeRemaining'] = $object['end_moment']->getTimeStamp() - time();
$object['description'] = nl2br(htmlentities(str_replace(" ", chr(1), str_replace('\\n', "\n", $object['description']))));
$object['description'] = bb2html(str_replace(chr(1), " ", $object['description']));
//Fetch bids
$bidsResult = $this->db->buildQuery("SELECT * FROM bids WHERE objectid=%i ORDER BY bidmoment DESC", $this->argsIndexed[0]);
$object['bids'] = $this->db->fetchAllAssoc($bidsResult);
//Get minimal new bid:
$object['nextBid'] = $this->db->fetchIndex($this->db->executeFunction('dbo.fnMinimalNewBid', $object['id']))[0];
//Fetch user
$userResult = $this->db->buildQuery("SELECT * FROM users WHERE username=%s", $object['seller']);
$object['user'] = $this->db->fetchAssoc($userResult);
$object['user']['gravatarUrl'] = get_gravatar($object['user']['email'], 72);
//Fetch the rating:
$object['user']['rating'] = $this->db->fetchIndex($this->db->executeFunction('dbo.fnCalculateRating', $object['user']['username'], false))[0];
//Fetch category this object is in
$catId = $this->db->fetchAssoc($this->db->buildQuery("SELECT category_id FROM object_in_category WHERE object_id=%i", $object['id']))['category_id'];
//Get related here.
$relatedObjectsResult = $this->db->buildQuery("SELECT TOP 3 * FROM objects WHERE id IN (SELECT object_id FROM object_in_category WHERE category_id=%i AND NOT object_id=%i) AND end_moment > GETDATE() ORDER BY NEWID()", $catId, $object['id']);
$object['related'] = parseObjects($relatedObjectsResult);
$categories = array();
getCategoryFromBottom($categories, $catId);
$this->addToBreadcrumbs("Home", baseurl(""));
foreach ($categories as $cat) {
$this->addToBreadcrumbs($cat['name'], baseurl("Rubriek/" . $cat['id']));
}
$this->addToBreadcrumbs($object['title']);
$this->website->assign("object", $object);
$this->render($displayName, 'lot/lot.tpl');
} else {
$this->website->assign("error", "Dit object bestaat niet!");
$this->render($displayName, 'error.tpl');
}
}
function parse()
{
$this->user->doLogout();
//And, referer to the main page:
header('Location: ' . baseurl(""));
}
function parse()
{
if ($this->user->isLoggedIn()) {
$sql = "SELECT username FROM sellers WHERE username=%s";
$userResult = $this->db->buildQuery($sql, $this->user->getName());
if ($this->db->getHasRows($userResult)) {
$pageToShow = -2;
$errorMsg = "Er is al een verzoek verstuurd";
}
if ($this->user->isSeller() == 1) {
$errorMsg = "U bent al een verkoper.";
$pageToShow = -2;
} else {
//Page 0 is default.
if (isset($_POST['submit_1'])) {
if ($_POST['verificationType'] == 1) {
if (strlen($_POST['banknumber']) > 0) {
$_SESSION['bank_number'] = $_POST['banknumber'];
} else {
$errorMsg = 'Uw banknummer klopt niet';
$pageToShow = 0;
}
}
$_SESSION['security_type'] = $_POST['verificationType'];
if (isset($_SESSION['security_type'])) {
if ($_POST['verificationType'] == 0) {
$pageToShow = 1;
} else {
if (isset($_SESSION['bank_number'])) {
$pageToShow = 2;
} else {
$pageToShow = 0;
$errorMsg = "Schijt";
}
}
} else {
$errorMsg = "U bent vergeten een verificatie optie te kiezen.";
}
} else {
$userInfoArray = array();
$userLetterInfo = array();
if (isset($_SESSION['bank_number']) and isset($_SESSION['security_type'])) {
if (!preg_match('/[a-zA-Z]{2}[0-9]{2}[a-zA-Z0-9]{4}[0-9]{7}([a-zA-Z0-9]?){0,16}/', $_SESSION['bank_number'])) {
$errorMsg = "Uw IBAN klopt niet. Controleer of uw IBAN de correcte tekens bevat en of alle spaties verwijderd zijn.";
}
}
if (isset($_POST['submit_2'])) {
if (preg_match('/^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$/', $_POST['creditcard'])) {
$userInfoArray['username'] = $this->user->getName();
$userInfoArray['security_type'] = (bool) $_SESSION['security_type'];
$userInfoArray['creditcard_number'] = $_POST['creditcard'];
$pageToShow = 3;
unset($_SESSION['security_type']);
unset($_SESSION['bank_number']);
$userSellerUpdate = array();
$userSellerUpdate['isseller'] = 1;
$this->db->insert("sellers", $userInfoArray);
$this->db->update("users", $userSellerUpdate, "username", $this->user->getName());
} else {
$errorMsg = "Uw creditcard nummer klopt niet.";
$pageToShow = 1;
}
}
if (isset($_POST['submit_3'])) {
$userInfoArray['username'] = $this->user->getName();
$userInfoArray['bank_number'] = str_replace(" ", "", $_SESSION['bank_number']);
$userInfoArray['security_type'] = (bool) $_SESSION['security_type'];
$userLetterInfo['username'] = $this->user->getName();
$userLetterInfo['verification_key'] = substr(md5($this->user->getName() . date('U')), 1, 10);
$pageToShow = 3;
unset($_SESSION['security_type']);
unset($_SESSION['bank_number']);
$this->db->insert("sellers", $userInfoArray);
$this->db->insert("verifications", $userLetterInfo);
}
}
}
$this->website->assign("page", $pageToShow);
$this->website->assign("errorMsg", $errorMsg);
$this->addToBreadcrumbs("Home", baseurl(""));
$this->addToBreadcrumbs("UCP", baseurl("Users/CP"));
$this->addToBreadcrumbs("Verkopersaccount aanmaken");
$this->render("sellerRequest", "users/sellerRequest.tpl");
} else {
$this->website->assign("loginError", "U moet ingelogd zijn voordat u een verkopersaccount kunt aanmaken.");
$this->render("login", "users/login.tpl");
}
}
<?php
//session_start();
do_html_header('Changing password');
check_admin_user();
if (!filled_out($_POST)) {
echo 'You have not filled out the form completely.
Please try again.';
do_html_url(baseurl() . 'cart/admin', 'Back to administration menu');
exit;
} else {
$new_passwd = $_POST['new_passwd'];
$new_passwd2 = $_POST['new_passwd2'];
$old_passwd = $_POST['old_passwd'];
if ($new_passwd != $new_passwd2) {
echo 'Passwords entered were not the same. Not changed.';
} else {
if (strlen($new_passwd) > 16 || strlen($new_passwd) < 6) {
echo 'New password must be between 6 and 16 characters. Try again.';
} else {
// attempt update
if (change_password($_SESSION['admin_user'], $old_passwd, $new_passwd)) {
echo 'Password changed.';
} else {
echo 'Password could not be changed.';
}
}
}
}
do_html_url(baseurl() . 'cart/admin', 'Back to administration menu');
public function getEmbedUrl()
{
return forceslash(baseurl()) . 'embed/' . rawurlencode($this->getRoom()->getSlug()) . '/' . rawurlencode($this->getSelection()) . '/' . rawurlencode($this->getLanguage()) . '/';
}
foreach ($stream->getVideoProtos() as $proto => $display) {
$urls[$proto] = array('display' => $display, 'tech' => $stream->getVideoTech($proto), 'url' => $stream->getVideoUrl($proto));
}
break;
case 'slides':
foreach ($stream->getSlidesProtos() as $proto => $display) {
$urls[$proto] = array('display' => $display, 'tech' => $stream->getSlidesTech($proto), 'url' => $stream->getSlidesUrl($proto));
}
break;
case 'audio':
foreach ($stream->getAudioProtos() as $proto => $display) {
$urls[$proto] = array('display' => $display, 'tech' => $stream->getAudioTech($proto), 'url' => $stream->getAudioUrl($proto));
}
break;
case 'music':
foreach ($stream->getMusicProtos() as $proto => $display) {
$urls[$proto] = array('display' => $display, 'tech' => $stream->getMusicTech($proto), 'url' => $stream->getMusicUrl($proto));
}
break;
}
$streams[] = array('slug' => $key, 'display' => $stream->getDisplay(), 'type' => $stream->getPlayerType(), 'isTranslated' => $stream->isTranslated(), 'videoSize' => $stream->getVideoSize(), 'urls' => $urls);
}
$roomstruct[] = array('slug' => $room->getSlug(), 'schedulename' => $room->getScheduleName(), 'thumb' => forceslash(baseurl()) . $room->getThumb(), 'link' => forceslash(baseurl()) . $room->getLink(), 'display' => $room->getDisplay(), 'streams' => $streams);
}
$struct[] = array('conference' => $conference['title'], 'group' => $group, 'rooms' => $roomstruct);
}
}
if (isset($saved_config)) {
$GLOBALS['CONFIG'] = $saved_config;
}
echo json_encode($struct, JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE);
function smarty_function_image($params, &$smarty)
{
return "<img " . (array_key_exists("id", $params) ? "id=\"" . $params['id'] . "\" " : "") . "src='" . baseurl("images/" . $params['url']) . "' alt='" . (array_key_exists("alt", $params) ? $params['alt'] : "#######") . "'/>";
}
