function pray_sav($p, $o, $res = '')
{
list($p, $o) = ajxp($res, $p, $o);
//echo $p.'-'.$o.'-'.$res;
//$r=db_read('ummo/pray/1511');
$r = msql_read('', 'ummo_pray_1', '', '');
if ($r) {
foreach ($r as $k => $v) {
if ($v[0] == $p && $v[1] == $o) {
$id = $k;
}
}
}
if ($id) {
unset($r[$id]);
} else {
$r[] = array($p, $o, 1);
}
msql_modif('users', 'ummo_pray_1', $r, $dfb, 'arr', '');
db_write('ummo/pray/1511', $r);
//if(!$id)modif_vars('users','ummo_pray_1',array($p,$o,1),'push');
//else modif_vars('users','ummo_pray_1',array($id=>array($p,$o,0)),'mdf');
$ret = pray_build($p, $o, $r);
return $ret;
}
/**
* Function clearAIMLByFileName
*
* * @param $filename
* @return string
*/
function clearAIMLByFileName($filename)
{
global $dbn, $bot_id, $dbConn;
$sql = "delete from `aiml` where `filename` like '{$filename}' and `bot_id` = {$bot_id};";
$affectedRows = db_write($sql, null, false, __FILE__, __FUNCTION__, __LINE__);
$msg = "<br/><strong>AIML categories cleared for file {$filename}!</strong><br />";
return $msg;
}
function api_oauth2_grant_tokens_purge()
{
$then = api_oauth2_grant_tokens_min_age();
# TO DO: purge caches - iterate over all the keys?
# (20121103/straup)
$sql = "DELETE FROM OAuth2GrantTokens WHERE created <= {$then}";
$rsp = db_write($sql);
return $rsp;
}
function dots_search_extras_remove_dot(&$dot)
{
$enc_id = AddSlashes($dot['id']);
$sql = "DELETE FROM DotsSearchExtras WHERE dot_id='{$enc_id}'";
$rsp = db_write($sql);
if ($rsp['ok']) {
$cache_key = "dots_search_extras_{$dot['id']}";
cache_unset($cache_key);
}
return $rsp;
}
/**
* Function delAIML
*
* * @param $id
* @return string
*/
function delAIML($id)
{
if ($id != "") {
$sql = "DELETE FROM `aiml` WHERE `id` = '{$id}' LIMIT 1";
$affectedRows = db_write($sql, null, false, __FILE__, __FUNCTION__, __LINE__);
if ($affectedRows == 0) {
$msg = 'Error AIML couldn\'t be deleted - no changes made.</div>';
} else {
$msg = 'AIML has been deleted.';
}
} else {
$msg = 'Error AIML couldn\'t be deleted - no changes made.';
}
return $msg;
}
function delete_room($id){
$room = db_single(db_fetch("SELECT * FROM choose_rooms WHERE id=$id"));
$parent = db_single(db_fetch("SELECT * FROM choose_rooms WHERE room_1=$id OR room_2=$id"));
if ($room[room_1]) return 0;
if ($room[room_2]) return 0;
db_write("DELETE FROM choose_rooms WHERE id=$id");
if ($parent[id]){
db_write("UPDATE choose_rooms SET room_1=0 WHERE id=$parent[id] AND room_1=$id");
db_write("UPDATE choose_rooms SET room_2=0 WHERE id=$parent[id] AND room_2=$id");
}
return 1;
}
function delete_room($id)
{
$room = db_single(mysql_query("SELECT * FROM choose_rooms WHERE id=" . $id));
$parent = db_single(mysql_query("SELECT * FROM choose_rooms WHERE room_1=" . $id . " OR room_2=" . $id));
if ($room['room_1']) {
return 0;
}
if ($room['room_2']) {
return 0;
}
db_write("DELETE FROM choose_rooms WHERE id=" . $id);
if ($parent['id']) {
db_write("UPDATE choose_rooms SET room_1=0 WHERE id=" . $parent['id'] . " AND room_1=" . $id);
db_write("UPDATE choose_rooms SET room_2=0 WHERE id=" . $parent['id'] . " AND room_2=" . $id);
}
return 1;
}
function authorization()
{
global $body;
global $mod;
global $curr;
global $modules;
// ---------------- init ---------------- //
$login = '';
$pass = '';
$auth = array('id' => 0, 'desc' => '', 'state' => 1, 'perm' => '', 'sid' => 0);
// state:
// 1 - sess exists
// 2 - ok
// 4 - sess not exists
// 8 - user for sess_id not exists
// ------------------------------------ identificate organization ------------------------------------ //
$auth['org'] = 0;
$auth['org_desc'] = 'Добро пожаловать в Pyur CRM-Framework';
// ---- DoS filter --------------------------------------------------------------------------- //
/*
// -- `IP` filter -- //
$remote_addr = explode('.', (isset($_SERVER['REMOTE_ADDR'])?$_SERVER['REMOTE_ADDR']:'0.0.0.0') );
$remote_addr = $remote_addr[0] * 16777216 + $remote_addr[1] * 65536 + $remote_addr[2] * 256 + $remote_addr[3];
//$result = db_read('login_ip', array('date', 'count'), '`ip` = '.$remote_addr);
$result = db_read(array('table'=>'login_ip', 'col'=>array('date', 'count'), 'where'=>'`ip` = '.$remote_addr));
if ($result) {
//$db = mysql_fetch_array($result, MYSQL_ASSOC);
$auth_ip_date = datesqltime($result['date']);
$auth_ip_count = $result['count'];
if ($auth_ip_count > 15) $auth['state'] = 16;
}
else {
$result = db_write(array('table'=>'login_ip', 'set'=>array('ip' => $remote_addr, 'count' => 0));
$auth_ip_date = $curr['time'];
$auth_ip_count = 0;
}
*/
// ------------------------------------ read COOKIE ------------------------------------- //
if (cookieb('bdsx_sid')) {
$sess = db_read(array('table' => 'sess', 'col' => array('id', 'user', 'ip', 'ua'), 'where' => array('`sid` = \'' . cookieh('bdsx_sid') . '\'', '`stat` = 0')));
if ($sess) {
$auth['sid'] = $sess['id'];
$ua = substr($_SERVER['HTTP_USER_AGENT'], 0, 512);
$ipn = inet_pton($_SERVER['REMOTE_ADDR']);
$set = array();
$set['datel'] = $curr['datetime'];
if ($sess['ip'] != $ipn) {
$set['ip'] = $ipn;
}
if ($sess['ua'] != $ua) {
$set['ua'] = $ua;
}
db_write(array('table' => 'sess', 'set' => $set, 'where' => '`sid` = \'' . cookieh('bdsx_sid') . '\''));
$sess = $sess['user'];
} else {
header("Cache-Control: no-cache, must-revalidate");
header("Expires: Thu, 17 Apr 1991 12:00:00 GMT");
setcookie('bdsx_sid', '', time() - 60 * 60, '/');
$auth['state'] = 4;
}
} else {
$auth['state'] = 4;
}
// --------------------- hardwired (embedded), not DB-MySQL users: --------------------------- //
if ($auth['state'] == 1 && $sess > 65503) {
include 'l/hu.php';
if (isset($harduser[$sess - 65504])) {
$auth['id'] = $sess;
$auth['desc'] = $harduser[$sess - 65504]['desc'];
$auth['perm'] = $harduser[$sess - 65504]['perm'];
$auth['state'] = 2;
} else {
$auth['state'] = 8;
}
}
// --------------------------------- read & check `user` --------------------------------------- //
/*
if ($auth['state'] == 1) {
$user = db_read(array('table' => array('user', 'user_cat'),
'col' => array('user`.`name',
'user_cat`.`perm',
),
'where' => array('`user`.`id` = \''.$sess.'\'',
'`user_cat`.`id` = `user`.`cat`',
),
));
if ($user) {
$auth['id'] = $sess;
$auth['desc'] = $user['name'];
$auth['perm'] = $user['perm'];
$auth['state'] = 2;
}
else {
$auth['state'] = 8;
}
}
*/
apache_note('userx', $auth['id']);
// --------------------------------- permissions --------------------------------- //
$perm = array();
//$auth['perm'] = 'stud:ank_edit,doc,stipen;test';
if ($auth['perm'] == 'all') {
$tmp = array();
foreach ($modules as $k => $v) {
if (!$v['acc'] || $v['acc'] & $auth['state']) {
$perm[$k] = array();
foreach ($v['perm'] as $kk => $vv) {
$perm[$k][$kk] = 1;
}
}
}
} else {
// ---- user's explicit permissions ---- //
$tmp = explode(';', $auth['perm']);
foreach ($tmp as $v) {
$tmp2 = explode(':', $v);
$perm[$tmp2[0]] = array();
if (isset($tmp2[1])) {
$tmp3 = explode(',', $tmp2[1]);
foreach ($tmp3 as $vv) {
//if (isset($modules[$tmp2[0]]))
//$tmp3[$vv] = '1';
$perm[$tmp2[0]][$vv] = 1;
}
}
//$perm[$tmp2[0]] = $tmp3;
}
}
$menu = array();
$num = 0;
foreach ($modules as $k => $v) {
if (isset($perm[$k]) || $v['acc'] & $auth['state']) {
$v['icon'] = $num;
$v['sort'] = substr('000' . $v['pos'], -3, 3) . $v['name'];
$menu[$k] = $v;
}
$num++;
}
/*
// -------- bruteforce control -------- //
if ($auth['state'] == 4 && $auth_ip_date > ($curr['time']-30) ) {
// ---- increment `count` on wrong password ---- //
$result = db_write(array('table'=>'login_ip', 'set'=>array('date' => datesql($curr['time'],1), 'count' => $auth_ip_count+1), 'where'=>'`ip` = '.$remote_addr));
}
elseif ($auth_ip_count && $auth_ip_date < ($curr['time']-3600) ) {
// ---- reset after 1 hour cooldown ---- //
$result = db_write(array('table'=>'login_ip', 'set'=>array('date' => datesql($curr['time'],1), 'count' => 0), 'where'=>'`ip` = '.$remote_addr));
}
*/
// -------------------------------------------------- activity log rotate -------------------------------------------------------- //
/*
// SELECT `id`, COUNT(`id`) as `count` FROM `log_rotate` LIMIT 1
$log_rotate = db_read(array('table' => 'log_rotate',
'col' => array('id', '!COUNT(`id`) as `count`'),
//verbose=>1
));
if ($log_rotate['count'] > 1999) {
$query = 'DELETE FROM `log_rotate` ORDER BY `id` LIMIT '.($log_rotate['count'] - 1999);
mysql_query($query);
}
db_write(array('table'=>'log_rotate',
'set' => array('host' => $remote_addr,
'time'=>date('Y-m-d H:i:s', $_SERVER['REQUEST_TIME']),
'user' => $auth['userx'],
'request' => $_SERVER['REQUEST_URI'],
)));
*/
// -------------------------------------------------- end: activity log rotate -------------------------------------------------------- //
// ---- access control ---- //
if (!isset($menu[$mod])) {
$mod = 'default';
}
if ($auth['perm'] == 'all') {
$auth['perm_su'] = 1;
}
$auth['menu'] = $menu;
$auth['perm'] = $perm;
return $auth;
}
if ($_POST['done']) {
$id = intval($_POST['id']);
db_update('choose_rooms', array('blurb' => AddSlashes($_POST['blurb']), 'text_1' => AddSlashes($_POST['text_1']), 'text_2' => AddSlashes($_POST['text_2'])), "id={$id}");
header("location: edit.php?id={$id}&done=1");
exit;
}
#
# delete room?
#
if ($_POST['delete']) {
$id = intval($_POST['id']);
$room = db_single(mysql_query("SELECT * FROM choose_rooms WHERE id={$id}"));
$parent = db_single(mysql_query("SELECT * FROM choose_rooms WHERE room_1={$id} OR room_2={$id}"));
db_write("DELETE FROM choose_rooms WHERE id={$id}");
db_write("UPDATE choose_rooms SET room_1=0 WHERE room_1={$id}");
db_write("UPDATE choose_rooms SET room_2=0 WHERE room_2={$id}");
header("location: edit.php?id={$parent['id']}");
exit;
}
#
# get info for display
#
$room_id = intval($_GET['id']);
$room = db_single(mysql_query("SELECT * FROM choose_rooms WHERE id={$room_id}"));
$parent = db_single(mysql_query("SELECT * FROM choose_rooms WHERE room_1={$room_id} OR room_2={$room_id}"));
if (!$room['id']) {
include 'header.txt';
print "error: room {$room_id} not found";
include 'footer.txt';
exit;
}
/**
* Function parseAIML
*
* * @param $fn
* @param $aimlContent
* @param bool $from_zip
* @return string
*/
function parseAIML($fn, $aimlContent, $from_zip = false)
{
global $dbConn, $post_vars;
if (empty($aimlContent)) {
return "File {$fn} was empty!";
}
global $dbConn, $debugmode, $bot_id, $charset;
$fileName = basename($fn);
$success = false;
$topic = '';
#Clear the database of the old entries
$sql = "DELETE FROM `aiml` WHERE `filename` = :filename AND bot_id = :bot_id";
if (isset($post_vars['clearDB'])) {
$params = array(':filename' => $fileName, ':bot_id' => $bot_id);
$affectedRows = db_write($sql, $params, false, __FILE__, __FUNCTION__, __LINE__);
}
$myBot_id = isset($post_vars['bot_id']) ? $post_vars['bot_id'] : $bot_id;
# Read new file into the XML parser
$sql = 'insert into `aiml` (`id`, `bot_id`, `aiml`, `pattern`, `thatpattern`, `template`, `topic`, `filename`) values
(NULL, :bot_id, :aiml, :pattern, :that, :template, :topic, :fileName);';
# Validate the incoming document
/*******************************************************/
/* Set up for validation from a common DTD */
/* This will involve removing the XML and */
/* AIML tags from the beginning of the file */
/* and replacing them with our own tags */
/*******************************************************/
$validAIMLHeader = '<?xml version="1.0" encoding="[charset]"?>
<!DOCTYPE aiml PUBLIC "-//W3C//DTD Specification Version 1.0//EN" "http://www.program-o.com/xml/aiml.dtd">
<aiml version="1.0.1" xmlns="http://alicebot.org/2001/AIML-1.0.1">';
$validAIMLHeader = str_replace('[charset]', $charset, $validAIMLHeader);
$aimlTagStart = stripos($aimlContent, '<aiml', 0);
$aimlTagEnd = strpos($aimlContent, '>', $aimlTagStart) + 1;
$aimlFile = $validAIMLHeader . substr($aimlContent, $aimlTagEnd);
$tmpDir = _UPLOAD_PATH_ . 'tmp' . DIRECTORY_SEPARATOR;
if (!file_exists($tmpDir)) {
mkdir($tmpDir, 0755);
}
save_file(_UPLOAD_PATH_ . 'tmp/' . $fileName, $aimlFile);
try {
libxml_use_internal_errors(true);
$xml = new DOMDocument();
$xml->loadXML($aimlFile);
$aiml = new SimpleXMLElement($xml->saveXML());
$rowCount = 0;
$_SESSION['failCount'] = 0;
$params = array();
if (!empty($aiml->topic)) {
foreach ($aiml->topic as $topicXML) {
# handle any topic tag(s) in the file
$topicAttributes = $topicXML->attributes();
$topic = $topicAttributes['name'];
foreach ($topicXML->category as $category) {
$fullCategory = $category->asXML();
$pattern = trim($category->pattern);
$pattern = str_replace("'", ' ', $pattern);
$pattern = IS_MB_ENABLED ? mb_strtoupper($pattern) : strtoupper($pattern);
$that = $category->that;
$that = IS_MB_ENABLED ? mb_strtoupper($that) : strtoupper($that);
$template = $category->template->asXML();
$template = str_replace('<template>', '', $template);
$template = str_replace('</template>', '', $template);
$template = trim($template);
# Strip CRLF and LF from category (Windows/mac/*nix)
$aiml_add = str_replace(array("\r\n", "\n"), '', $fullCategory);
$params[] = array(':bot_id' => $bot_id, ':aiml' => $aiml_add, ':pattern' => $pattern, ':that' => $that, ':template' => $template, ':topic' => $topic, ':fileName' => $fileName);
}
}
}
if (!empty($aiml->category)) {
foreach ($aiml->category as $category) {
$fullCategory = $category->asXML();
$pattern = trim($category->pattern);
$pattern = str_replace("'", ' ', $pattern);
$pattern = IS_MB_ENABLED ? mb_strtoupper($pattern) : strtoupper($pattern);
$that = $category->that;
$template = $category->template->asXML();
//strip out the <template> tags, as they aren't needed
$template = substr($template, 10);
$tLen = strlen($template);
$template = substr($template, 0, $tLen - 11);
$template = trim($template);
# Strip CRLF and LF from category (Windows/mac/*nix)
$aiml_add = str_replace(array("\r\n", "\n"), '', $fullCategory);
$params[] = array(':bot_id' => $bot_id, ':aiml' => $aiml_add, ':pattern' => $pattern, ':that' => $that, ':template' => $template, ':topic' => '', ':fileName' => $fileName);
}
}
if (!empty($params)) {
$rowCount = db_write($sql, $params, true, __FILE__, __FUNCTION__, __LINE__);
$success = $rowCount !== false ? true : false;
}
$msg = $from_zip === true ? '' : "Successfully added {$fileName} to the database.<br />\n";
} catch (Exception $e) {
//$trace = print_r($e->getTrace(), true);
//exit($e->getMessage() . ' at line ' . $e->getLine());
$msg = $e->getMessage() . ' at line ' . $e->getLine() . "<br>\n";
//trigger_error("Trace:\n$trace");
//file_put_contents(_LOG_PATH_ . 'error.trace.log', $trace . "\nEnd Trace\n\n", FILE_APPEND);
$success = false;
$_SESSION['failCount']++;
$errMsg = "There was a problem adding file {$fileName} to the database. Please refer to the message below to correct the problem and try again.<br>\n" . $e->getMessage();
$msg .= upload_libxml_display_errors($errMsg);
}
return $msg;
}
#
# activate an old outfit?
#
if ($_GET['activate']){
list($id, $code) = explode('-', $_GET['activate']);
foreach ($avatars as $row){
if ($id == $row['id'] && $code == $row['code']){
db_write("UPDATE glitchmash_avatars SET is_active=0 WHERE player_tsid='$tsid_enc'");
db_write("UPDATE glitchmash_avatars SET is_active=1 WHERE player_tsid='$tsid_enc' AND id=$row[id]");
header("location: /you/?active=1");
exit;
}
}
}
#
# fetch all clothing rows
#
if (count($clothing)){
$clothing_ids = implode(',', array_keys($clothing));
$clothing = array();
'date_updated' => time(),
'details' => AddSlashes(serialize($avatar)),
);
$hash2 = $hash;
unset($hash2['date_added']);
db_insert_dupe('glitchmash_avatars', $hash, $hash2);
#
# mark only the latest one as active
#
$tsid_enc = AddSlashes($cfg['user']['tsid']);
list($latest_id) = db_list(db_fetch("SELECT id FROM glitchmash_avatars WHERE player_tsid='$tsid_enc' ORDER BY date_updated DESC LIMIT 1"));
$latest_id = intval($latest_id);
db_write("UPDATE glitchmash_avatars SET is_active=0 WHERE player_tsid='$tsid_enc' AND id!=$latest_id");
db_write("UPDATE glitchmash_avatars SET is_active=1 WHERE player_tsid='$tsid_enc' AND id=$latest_id");
#
# done
#
header("location: /you/?imported=1");
exit;
?>
function updateWordCensor()
{
global $dbConn, $template, $msg, $request_vars;
$word_to_censor = trim($request_vars['word_to_censor']);
$replace_with = trim($request_vars['replace_with']);
$id = trim($request_vars['censor_id']);
if ($id == "" || $word_to_censor == "" || $replace_with == "") {
$msg = '<div id="errMsg">There was a problem editing the replace_with - no changes made.</div>';
} else {
$sql = 'UPDATE `wordcensor` SET `word_to_censor` = :word_to_censor,`replace_with`= :replace_with WHERE `censor_id`= :id LIMIT 1';
$params = array(':word_to_censor' => $word_to_censor, ':replace_with' => $replace_with, ':id' => $id);
$result = db_write($sql, $params, false, __FILE__, __FUNCTION__, __LINE__);
if ($result > 0) {
$msg = '<div id="successMsg">Correction edited.</div>';
} else {
$msg = '<div id="errMsg">There was a problem editing the replace_with - no changes made.</div>';
}
}
}
<?php
include_once $_SERVER["DOCUMENT_ROOT"] . "/include/common/dbpara.php";
include_once $_SERVER["DOCUMENT_ROOT"] . "/include/common/enum_values.php";
include_once $_SERVER["DOCUMENT_ROOT"] . "/include/modules/dbconnect.php";
$f = fopen("dblogin.sql", "r");
$sql = "";
while (!feof($f)) {
$sql .= fgets($f);
}
$sqls = explode(";", $sql);
//var_dump($sqls);
fclose($f);
foreach ($sqls as $sql2) {
if (strlen($sql2) > 0) {
db_write($sql2, null);
}
}
echo "SQL INIT OK";
<?php
include_once $_SERVER["DOCUMENT_ROOT"] . "/include/common/mui.php";
include_once $_SERVER["DOCUMENT_ROOT"] . "/include/modules/dbconnect.php";
include_once $_SERVER["DOCUMENT_ROOT"] . "/include/common/dbpara.php";
$path = $_SERVER["DOCUMENT_ROOT"] . "/install/SqlScripts/" . $_POST["key"] . "." . $_POST["value"] . ".sql";
$f = fopen($path, "r");
$sql = "";
while (!feof($f)) {
$sql .= fgets($f);
}
$sqls = explode(";", $sql);
//var_dump($sqls);
fclose($f);
$ret = true;
foreach ($sqls as $sql2) {
if (strlen($sql2) > 0) {
//echo $sql2;
$ret = db_write($sql2, null);
}
}
if ($ret === true) {
echo install::installok;
} else {
echo install::installfail;
}
/**
* Function addBotPersonality
*
*
* @return string
*/
function addBotPersonality()
{
global $post_vars;
$bot_id = $post_vars['bot_id'];
$sql = "Insert into `botpersonality` (`id`, `bot_id`, `name`, `value`) values (null, {$bot_id}, :name, :value);";
$msg = "";
$params = array();
$newEntryNames = isset($post_vars['newEntryName']) ? $post_vars['newEntryName'] : '';
$newEntryValues = isset($post_vars['newEntryValue']) ? $post_vars['newEntryValue'] : '';
if (!empty($newEntryNames)) {
if (is_string($newEntryNames)) {
$newEntryNames = array(0 => $newEntryNames);
}
foreach ($newEntryNames as $index => $key) {
$value = trim($newEntryValues[$index]);
if (!empty($value)) {
$params[] = array(':name' => $key, ':value' => $value);
}
}
}
$skipKeys = array('bot_id', 'action', 'func', 'newEntryName', 'newEntryValue');
$sqlParams = array();
foreach ($post_vars as $key => $value) {
if (in_array($key, $skipKeys)) {
continue;
}
if (is_array($value)) {
foreach ($value as $index => $fieldValue) {
$field = $key[$fieldValue];
$fieldValue = trim($fieldValue);
$params[] = array(':name' => $field, ':value' => $fieldValue);
}
continue;
} else {
$value = trim($value);
$params[] = array(':name' => $key, ':value' => $value);
}
}
$rowsAffected = db_write($sql, $params, true, __FILE__, __FUNCTION__, __LINE__);
if ($rowsAffected > 0) {
$msg = empty($msg) ? "Bot personality added. \n" : $msg;
} else {
$msg = 'Error updating bot personality.';
}
return $msg;
}
function db_add($f, $row)
{
db_init($f);
$r = db_read($f);
$r[] = $row;
db_write($f, $r);
}
function updateSpell()
{
global $dbConn, $template, $msg, $post_vars;
$missspelling = trim($post_vars['missspelling']);
$correction = trim($post_vars['correction']);
$id = trim($post_vars['id']);
if ($id == "" || $missspelling == "" || $correction == "") {
$msg = '<div id="errMsg">There was a problem editing the correction - no changes made.</div>';
} else {
$sql = "UPDATE `spellcheck` SET `missspelling` = :missspelling,`correction` = :correction WHERE `id` = :id LIMIT 1";
$params = array(':missspelling' => $missspelling, ':correction' => $correction, ':id' => $id);
$affectedRows = db_write($sql, $params, false, __FILE__, __FUNCTION__, __LINE__);
if ($affectedRows > 0) {
$msg = '<div id="successMsg">Correction edited.</div>';
} else {
$msg = '<div id="errMsg">There was a problem editing the correction - no changes made.</div>';
}
}
}
<?php
/**
* Created by PhpStorm.
* User: UIHARU
* Date: 2015/10/16
* Time: 11:39
*/
header("Content-Type:text/mysql");
include_once "include/modules/dbconnect.php";
include_once "include/common/dbpara.php";
$r = db_write("select 'ok'", array(new dbpara("s", "admin"), new dbpara("s", "admin")));
var_dump($r);
function login()
{
global $post_vars, $get_vars, $dbConn, $msg;
if (!isset($post_vars['user_name']) || !isset($post_vars['pw'])) {
return 'logout';
}
//$_SESSION['poadmin']['display'] = $hide_logo;
$user_name = $post_vars['user_name'];
$pw_hash = md5($post_vars['pw']);
$sql = "SELECT * FROM `myprogramo` WHERE user_name = :user_name AND password = :pw_hash";
$params = array(':user_name' => $user_name, ':pw_hash' => $pw_hash);
$row = db_fetch($sql, $params, __FILE__, __FUNCTION__, __LINE__);
if (!empty($row)) {
$_SESSION['poadmin']['uid'] = $row['id'];
$_SESSION['poadmin']['name'] = $row['user_name'];
$_SESSION['poadmin']['lip'] = $row['last_ip'];
$_SESSION['poadmin']['prior_login'] = date('l jS \\of F Y h:i:s A', strtotime($row['last_login']));
switch (true) {
case !empty($_SERVER['HTTP_CLIENT_IP']):
$ip = $_SERVER['HTTP_CLIENT_IP'];
break;
case !empty($_SERVER['HTTP_X_FORWARDED_FOR']):
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
break;
default:
$ip = $_SERVER['REMOTE_ADDR'];
}
$sql = "UPDATE `myprogramo` SET `last_ip` = :ip, `last_login` = CURRENT_TIMESTAMP WHERE user_name = :user_name limit 1";
$params = array(':ip' => $ip, ':user_name' => $user_name);
$transact = db_write($sql, $params, false, __FILE__, __FUNCTION__, __LINE__);
$_SESSION['poadmin']['ip'] = $ip;
$_SESSION['poadmin']['last_login'] = date('l jS \\of F Y h:i:s A');
$sql = "SELECT * FROM `bots` WHERE bot_active = '1' ORDER BY bot_id ASC LIMIT 1";
$row = db_fetch($sql, null, __FILE__, __FUNCTION__, __LINE__);
$count = count($row);
if ($count > 0) {
$_SESSION['poadmin']['bot_id'] = $row['bot_id'];
$_SESSION['poadmin']['bot_name'] = $row['bot_name'];
} else {
$_SESSION['poadmin']['bot_id'] = -1;
$_SESSION['poadmin']['bot_name'] = "unknown";
}
} else {
$msg .= "incorrect username/password<br>\n";
}
if (empty($msg)) {
$_SESSION['poadmin']['logged_in'] = true;
header('Location: index.php');
return 'main';
}
return 'logout';
}
function dots_search_remove_user(&$user)
{
$enc_id = AddSlashes($user['id']);
$sql = "DELETE FROM DotsSearch WHERE user_id='{$enc_id}'";
return db_write($sql);
}
function api_oauth2_access_tokens_delete_for_key(&$key)
{
$enc_key = AddSlashes($key['id']);
$sql = "DELETE FROM OAuth2AccessTokens WHERE api_key_id='{$enc_key}'";
# TO DO: purge caches - iterate over all the things?
# (20121103/straup)
$rsp = db_write($sql);
return $rsp;
}
/**
* Function insertAIML
*
*
* @return string
*/
function insertAIML()
{
//db globals
global $template, $msg, $post_vars, $dbConn;
$aiml = "<category><pattern>[pattern]</pattern>[thatpattern]<template>[template]</template></category>";
$aimltemplate = trim($post_vars['template']);
$pattern = trim($post_vars['pattern']);
$pattern = IS_MB_ENABLED ? mb_strtoupper($pattern) : strtoupper($pattern);
$thatpattern = trim($post_vars['thatpattern']);
$thatpattern = IS_MB_ENABLED ? mb_strtoupper($thatpattern) : strtoupper($thatpattern);
$aiml = str_replace('[pattern]', $pattern, $aiml);
$aiml = empty($thatpattern) ? str_replace('[thatpattern]', "<that>{$thatpattern}</that>", $aiml) : $aiml;
$aiml = str_replace('[template]', $aimltemplate, $aiml);
$topic = trim($post_vars['topic']);
$topic = IS_MB_ENABLED ? mb_strtoupper($topic) : strtoupper($topic);
$bot_id = isset($_SESSION['poadmin']['bot_id']) ? $_SESSION['poadmin']['bot_id'] : 1;
if ($pattern == "" || $aimltemplate == "") {
$msg = 'You must enter a user input and bot response.';
} else {
$sql = 'INSERT INTO `aiml` (`id`,`bot_id`, `aiml`, `pattern`,`thatpattern`,`template`,`topic`,`filename`) VALUES (NULL, :bot_id, :aiml, :pattern, :thatpattern, :aimltemplate, :topic, :file)';
$params = array(':bot_id' => $bot_id, ':aiml' => $aiml, ':pattern' => $pattern, ':thatpattern' => $thatpattern, ':aimltemplate' => $aimltemplate, ':topic' => $topic, ':file' => 'admin_added.aiml');
$affectedRows = db_write($sql, $params, false, __FILE__, __FUNCTION__, __LINE__);
if ($affectedRows > 0) {
$msg = "AIML added.";
} else {
$msg = "There was a problem adding the AIML - no changes made.";
}
}
return $msg;
}
b('<td>');
b(inet_ntop($v['ip']));
b('<td>');
b(dateh($v['date']));
b('<td>');
b(dateh($v['datel']));
b('<td>');
b(ua_str($v['ua']));
b('<td>');
b(icona('/' . $mod . '/srk/?row=' . $k));
}
b('</table>');
} else {
b('error: no `sess`.');
}
}
// -------------------------------- session revoke proxy ------------------------------------ //
if ($act == 'srk') {
db_write(array('table' => 'sess', 'set' => array('stat' => 2), 'where' => '`id` = ' . $grow));
$redirect = '/' . $mod . '/';
}
// -------------------------------- Logout ------------------------------------ //
if ($act == 'lof') {
// -- graceful logout -- //
db_write(array('table' => 'sess', 'set' => array('stat' => 1), 'where' => '`sid` = UNHEX(\'' . cookieh('bdsx_sid') . '\')'));
// -- clear cookie -- //
header("Cache-Control: no-cache, must-revalidate");
header("Expires: Thu, 17 Apr 1991 12:00:00 GMT");
setcookie('bdsx_sid', '', time() - 60 * 60, '/');
$redirect = '/';
}
/**
* Adds default predicate (personality) data to the database for the current chatbot
*
* @param $bot_id
* @return string
*/
function make_bot_predicates($bot_id)
{
global $dbConn, $bot_name;
$msg = '';
$sql = <<<endSQL
INSERT INTO `botpersonality` VALUES
(NULL, {$bot_id}, 'age', ''),
(NULL, {$bot_id}, 'baseballteam', ''),
(NULL, {$bot_id}, 'birthday', ''),
(NULL, {$bot_id}, 'birthplace', ''),
(NULL, {$bot_id}, 'botmaster', ''),
(NULL, {$bot_id}, 'boyfriend', ''),
(NULL, {$bot_id}, 'build', ''),
(NULL, {$bot_id}, 'celebrities', ''),
(NULL, {$bot_id}, 'celebrity', ''),
(NULL, {$bot_id}, 'class', ''),
(NULL, {$bot_id}, 'email', ''),
(NULL, {$bot_id}, 'emotions', ''),
(NULL, {$bot_id}, 'ethics', ''),
(NULL, {$bot_id}, 'etype', ''),
(NULL, {$bot_id}, 'family', ''),
(NULL, {$bot_id}, 'favoriteactor', ''),
(NULL, {$bot_id}, 'favoriteactress', ''),
(NULL, {$bot_id}, 'favoriteartist', ''),
(NULL, {$bot_id}, 'favoriteauthor', ''),
(NULL, {$bot_id}, 'favoriteband', ''),
(NULL, {$bot_id}, 'favoritebook', ''),
(NULL, {$bot_id}, 'favoritecolor', ''),
(NULL, {$bot_id}, 'favoritefood', ''),
(NULL, {$bot_id}, 'favoritemovie', ''),
(NULL, {$bot_id}, 'favoritesong', ''),
(NULL, {$bot_id}, 'favoritesport', ''),
(NULL, {$bot_id}, 'feelings', ''),
(NULL, {$bot_id}, 'footballteam', ''),
(NULL, {$bot_id}, 'forfun', ''),
(NULL, {$bot_id}, 'friend', ''),
(NULL, {$bot_id}, 'friends', ''),
(NULL, {$bot_id}, 'gender', ''),
(NULL, {$bot_id}, 'genus', ''),
(NULL, {$bot_id}, 'girlfriend', ''),
(NULL, {$bot_id}, 'hockeyteam', ''),
(NULL, {$bot_id}, 'kindmusic', ''),
(NULL, {$bot_id}, 'kingdom', ''),
(NULL, {$bot_id}, 'language', ''),
(NULL, {$bot_id}, 'location', ''),
(NULL, {$bot_id}, 'looklike', ''),
(NULL, {$bot_id}, 'master', ''),
(NULL, {$bot_id}, 'msagent', ''),
(NULL, {$bot_id}, 'name', '{$bot_name}'),
(NULL, {$bot_id}, 'nationality', ''),
(NULL, {$bot_id}, 'order', ''),
(NULL, {$bot_id}, 'orientation', ''),
(NULL, {$bot_id}, 'party', ''),
(NULL, {$bot_id}, 'phylum', ''),
(NULL, {$bot_id}, 'president', ''),
(NULL, {$bot_id}, 'question', ''),
(NULL, {$bot_id}, 'religion', ''),
(NULL, {$bot_id}, 'sign', ''),
(NULL, {$bot_id}, 'size', ''),
(NULL, {$bot_id}, 'species', ''),
(NULL, {$bot_id}, 'talkabout', ''),
(NULL, {$bot_id}, 'version', ''),
(NULL, {$bot_id}, 'vocabulary', ''),
(NULL, {$bot_id}, 'wear', ''),
(NULL, {$bot_id}, 'website', '');
endSQL;
$affectedRows = db_write($sql, null, false, __FILE__, __FUNCTION__, __LINE__);
if ($affectedRows > 0) {
$msg .= 'Please create the bots personality.';
} else {
$msg .= 'Unable to create the bots personality.';
}
return $msg;
}
$prepare->bindParam(1, $gid);
$prepare->bindParam(2, $thumb, SQLITE3_BLOB);
$prepare->execute();
}
b('uploaded.');
}
// -------------------------------- create folder -------------------------------- //
if ($act == 'cf') {
$ajax = TRUE;
//http_response_code(418);
$name = post('name');
$parent = postn('parent');
$table = 'file';
$name = mb_substr($name, 0, 255);
$set = array();
$set['p'] = $parent;
$set['url'] = '';
$set['name'] = $name;
$set['namei'] = mb_convert_case($name, MB_CASE_LOWER);
$set['desc'] = '';
$set['size'] = 0;
$set['width'] = 0;
$set['height'] = 0;
$set['mime'] = 0;
// 0 - for folder
$set['dtu'] = $curr['time'];
$set['owner'] = 0;
// $curr['userx'];
$gid = db_write(array('table' => $table, 'set' => $set));
b('ok');
}
function users_purge_password_reset_codes(&$user)
{
$rsp = db_write("DELETE FROM users_password_reset WHERE user_id={$user['id']}");
return $rsp['ok'];
}
function invite_codes_delete(&$invite)
{
$enc_code = AddSlashes($invite['code']);
$sql = "DELETE FROM InviteCodes WHERE code='{$enc_code}'";
$rsp = db_write('InviteCodes', $sql);
if ($rsp['ok']) {
$keys = array("invite_codes_code_{$invite['code']}", "invite_codes_email_{$invite['email']}");
foreach ($keys as $k) {
cache_unset($k);
}
}
return $rsp;
}
/**
* Function save
*
* * @param $action
* @return string
*/
function save($action)
{
global $dbConn, $dbn, $action, $post_vars;
if (isset($post_vars['memberSelect'])) {
$id = $post_vars['memberSelect'];
} else {
if (!isset($post_vars['user_name']) or !isset($post_vars['password']) or !isset($post_vars['passwordConfirm'])) {
return 'You left something out!';
}
$id = $post_vars['id'];
$user_name = $post_vars['user_name'];
$password1 = $post_vars['password'];
$password2 = $post_vars['passwordConfirm'];
$password = md5($password1);
if ($action != 'Delete' and $password1 != $password2) {
return 'The passwords don\'t match!';
}
}
switch ($action) {
case 'Add':
$ip = $_SERVER['REMOTE_ADDR'];
$sql = "insert into myprogramo (id, user_name, password, last_ip, last_login) values (null, :user_name, :password,:ip, CURRENT_TIMESTAMP);";
$params = array(':user_name' => $user_name, ':password' => $password, ':ip' => $ip);
$out = "Account for {$user_name} successfully added!";
break;
case 'Delete':
$action = 'Add';
$sql = "DELETE FROM `{$dbn}`.`myprogramo` WHERE `myprogramo`.`id` = :id LIMIT 1";
$params = array(':id' => $id);
$out = "Account for {$user_name} successfully deleted!";
break;
case 'Edit':
$action = 'Add';
$sql = "update myprogramo set user_name = :user_name, password = :password where id = :id;";
$params = array(':user_name' => $user_name, ':password' => $password, ':id' => $id);
$out = "Account for {$user_name} successfully updated!";
break;
default:
$action = 'Edit';
$sql = '';
$out = '';
}
if (!empty($sql)) {
//save_file(_LOG_PATH_ . 'memberSQL.txt', $sql);
$affectedRows = db_write($sql, $params, false, __FILE__, __FUNCTION__, __LINE__);
//
}
return $out;
}
if ($user_id) {
while (1) {
$sid = md5(microtime() . $_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT']);
if (!db_read(array('table' => 'sess', 'col' => 'id', 'where' => '`sid`=\'' . $sid . '\''))) {
break;
}
}
$set = array();
$set['sid'] = $sid;
$set['stat'] = 0;
$set['user'] = $user_id;
$set['ip'] = inet_pton($_SERVER['REMOTE_ADDR']);
$set['ua'] = substr($_SERVER['HTTP_USER_AGENT'], 0, 512);
$set['date'] = $curr['datetime'];
$set['datel'] = $curr['datetime'];
db_write(array('table' => 'sess', 'set' => $set));
// -------- set COOKIE -------- //
header("Cache-Control: no-cache, must-revalidate");
header("Expires: Thu, 17 Apr 1991 12:00:00 GMT");
// Wed
setcookie('bdsx_sid', $sid, post('f_savepassword') ? time() + 60 * 60 * 24 * 30 * 12 * 5 : 0, '/');
b(1);
} else {
// -------- no user found / password matched -------- //
b(3);
}
} else {
// -------- no login provided -------- //
b(2);
}
}