public function _home() { global $config, $user, $cache; if (!_button()) { $sql = 'SELECT forum_id, forum_name FROM _forums ORDER BY forum_order ASC'; $result = sql_rowset($sql); foreach ($result as $i => $row) { if (!$i) _style('forums'); _style('forums.row', array( 'FORUM_ID' => $row['forum_id'], 'FORUM_NAME' => $row['forum_name']) ); } return false; } $list = request_var('listContainer', array(0)); $orderid = 10; foreach ($list as $catid) { $sql = 'UPDATE _forums SET forum_order = ? WHERE forum_id = ?'; sql_query(sql_filter($sql, $orderid, $catid)); $orderid += 10; } _pre('Update.', true); }
public function _home() { global $config, $user, $cache; if (!_button()) { return false; } $topic = request_var('topic', 0); $important = request_var('important', 0); $sql = 'SELECT * FROM _forum_topics WHERE topic_id = ?'; if (!$topicdata = sql_fieldrow(sql_filter($sql, $topic))) { fatal_error(); } $sql_important = ($important) ? ', topic_important = 1' : ''; $sql = 'UPDATE _forum_topics SET topic_color = ?, topic_announce = 1' . $sql_important . ' WHERE topic_id = ?'; sql_query(sql_filter($sql, 'E1CB39', $topic)); return _pre('El tema <strong>' . $topicdata['topic_title'] . '</strong> ha sido anunciado.', true); }
private function create() { $v = _request(array('username' => '')); if (_empty($v)) return; $v->username = get_username_base($v->username); $sql = 'SELECT * FROM _members WHERE username_base = ?'; if (!$result = sql_fieldrow(sql_filter($sql, $v->username))) { return; } $sql = 'SELECT * FROM _banlist WHERE ban_userid = ?'; if (!$ban = sql_fieldrow(sql_filter($sql, $result['user_id']))) { $insert = array( 'ban_userid' => $result['user_id'] ); sql_insert('banlist', $insert); $sql = 'DELETE FROM _sessions WHERE session_user_id = ?'; sql_query(sql_filter($sql, $result['user_id'])); echo 'El usuario ' . $result['username'] . ' fue bloqueado.'; } return true; }
public function _home() { global $config, $user, $cache; if (!_button()) { return false; } $topic_id = request_var('topic_id', 0); if (!$topic_id) { fatal_error(); } $sql = 'SELECT * FROM _forum_topics WHERE topic_id = ?'; if (!$data = sql_fieldrow(sql_filter($sql, $topic_id))) { fatal_error(); } $title = ucfirst(strtolower($data['topic_title'])); $sql = 'UPDATE _forum_topics SET topic_title = ? WHERE topic_id = ?'; sql_query(sql_filter($sql, $title, $topic_id)); return _pre($data['topic_title'] . ' > ' . $title, true); }
public function home() { global $user; $v = $this->__(w('alias filename ext')); if (!f($v['alias']) || !f($v['filename'])) { _fatal(); } $sql = 'SELECT tree_id FROM _tree WHERE tree_alias = ?'; if (!($tree = _fieldrow(sql_filter($sql, $v['alias'])))) { _fatal(); } $sql = 'SELECT * FROM _downloads WHERE download_alias = ? AND download_tree = ?'; if (!($download = _fieldrow(sql_filter($sql, $v['filename'], $tree['tree_id'])))) { _fatal(); } if ($download['download_login']) { _login(); } $sql = 'UPDATE _downloads SET download_count = download_count + 1 WHERE download_id = ?'; _sql(sql_filter($sql, $download['download_id'])); $filepath = LIB . 'fetch/' . _filename($download['download_id'], $download['download_extension']); return; }
public function _home() { global $config, $user, $cache; $artist = request_var('a', ''); $redirect = request_var('r', ''); if (!empty($artist)) { redirect(s_link('acp', array($redirect, 'a' => $artist))); } $artist_select = ''; if (!$user->is('founder')) { $sql = 'SELECT ub FROM _artists_auth WHERE user_id = ?'; $artist_select = ' WHERE ub IN (' . _implode(',', sql_rowset(sql_filter($sql, $user->d('user_id')), false, 'ub')) . ') '; } $sql = 'SELECT ub, subdomain, name FROM _artists ?? ORDER BY name'; $artists = sql_rowset(sql_filter($sql, $artist_select)); foreach ($artists as $i => $row) { if (!$i) _style('artist_list'); _style('artist_list.row', array( 'URL' => s_link('acp', array($redirect, 'a' => $row['subdomain'])), 'NAME' => $row['name']) ); } return; }
public function _home() { global $config, $user, $cache; if (!_button()) { return; } $this->id = request_var('msg_id', 0); $sql = 'SELECT * FROM _forum_topics WHERE topic_id = ?'; if (!$this->object = sql_fieldrow(sql_filter($sql, $this->id))) { fatal_error(); } $this->object = (object) $this->object; $this->object->new_value = ($this->object->topic_featured) ? 0 : 1; topic_feature($this->id, $this->object->new_value); $sql_insert = array( 'bio' => $user->d('user_id'), 'time' => time(), 'ip' => $user->ip, 'action' => 'feature', 'old' => $this->object->topic_featured, 'new' => $this->object->new_value ); sql_insert('log_mod', $sql_insert); return redirect(s_link('topic', $this->id)); }
public function _home() { global $config, $user, $cache; if (!_button()) { return false; } $username = request_var('username', ''); $password = request_var('password', ''); $username = get_username_base($username); $sql = 'SELECT user_id, username FROM _members WHERE username_base = ?'; if (!$userdata = sql_fieldrow(sql_filter($sql, $username))) { fatal_error(); } $sql = 'UPDATE _members SET user_password = ? WHERE user_id = ?'; sql_query(sql_filter($sql, HashPassword($password), $userdata['user_id'])); return _pre('La contraseña de ' . $userdata['username'] . ' fue actualizada.', true); }
public function _artist() { global $user; if ($user->is('artist')) { $sql = 'SELECT a.ub FROM _artists_auth t INNER JOIN _artists a ON a.ub = t.ub WHERE t.user_id = ?'; if ($artist_ary = sql_rowset(sql_filter($sql, $user->d('user_id')), false, 'ub')) { $sql_where = sql_filter('WHERE ub IN (??)', implode(',', $artist_ary)); } } $artist = request_var('a', ''); $module = request_var('module', ''); $url = s_link('acp', array('artist_select', 'r' => $module)); if (empty($artist)) { redirect($url); } if (!$this->object = get_artist($artist, true)) { fatal_error(); } v_style(array( 'ARTIST_SELECT' => $url, 'ARTIST_NAME' => $this->object['name']) ); return; }
public function _home() { global $config, $user, $cache; if (!_button()) { return false; } $username = request_var('username', ''); if (empty($username)) { fatal_error(); } $username = get_username_base($username); $sql = 'SELECT user_id FROM _members WHERE username_base = ?'; if (!$row = sql_fieldrow(sql_filter($sql, $username))) { fatal_error(); } $sql = 'DELETE FROM _members_unread WHERE user_id = ? AND element <> ?'; sql_query(sql_filter($sql, $row['user_id'], 16)); return _pre('Deleted', true); }
public function _home() { global $config, $user, $cache; if (_button()) { $forum_id = request_var('fid', 0); $forum_alias = request_var('falias', ''); $sql = 'UPDATE _forums SET forum_alias = ? WHERE forum_id = ?'; sql_query(sql_filter($sql, $forum_alias, $forum_id)); _pre($forum_id . ' > ' . $forum_alias, true); } $sql = 'SELECT forum_id, forum_name FROM _forums ORDER BY forum_order'; $result = sql_rowset($sql); foreach ($result as $i => $row) { if (!$i) _style('forums'); _style('forums.row', array( 'FORUM_ID' => $row['forum_id'], 'FORUM_NAME' => $row['forum_name']) ); } return; }
public function _home() { global $config, $user, $comments; $this->_artist(); if (_button()) { $message = request_var('message', ''); $message = $comments->prepare($message); $sql = 'UPDATE _artists SET bio = ? WHERE ub = ?'; sql_query(sql_filter($sql, $message, $this->object['ub'])); _style('updated'); } $sql = 'SELECT bio FROM _artists WHERE ub = ?'; $bio = sql_field(sql_filter($sql, $this->object['ub']), 'bio'); v_style(array( 'MESSAGE' => $bio) ); return; }
public function _home() { global $config, $user, $cache; if (!_button()) { return false; } $username = request_var('username', ''); $username = get_username_base($username); $sql = 'SELECT * FROM _members WHERE username_base = ?'; if (!$userdata = sql_fieldrow(sql_filter($sql, $username))) { fatal_error(); } $ary_sql = array( 'DELETE FROM _members WHERE user_id = ?', 'DELETE FROM _banlist WHERE ban_userid = ?', 'DELETE FROM _members_group WHERE user_id = ?', 'DELETE FROM _members_iplog WHERE log_user_id = ?', 'DELETE FROM _members_ref_invite WHERE invite_uid = ?', 'DELETE FROM _members_unread WHERE user_id = ?', 'DELETE FROM _poll_voters WHERE vote_user_id = ?', 'DELETE FROM _artists_auth WHERE user_id = ?', 'DELETE FROM _artists_viewers WHERE user_id = ?', 'DELETE FROM _artists_voters WHERE user_id = ?', 'DELETE FROM _dl_voters WHERE user_id = ?', 'UPDATE _members_posts SET poster_id = 1 WHERE poster_id = ?', 'UPDATE _news_posts SET poster_id = 1 WHERE poster_id = ?', 'UPDATE _artists_posts SET poster_id = 1 WHERE poster_id = ?', 'UPDATE _dl_posts SET poster_id = 1 WHERE poster_id = ?', 'UPDATE _events_posts SET poster_id = 1 WHERE poster_id = ?', 'UPDATE _forum_posts SET poster_id = 1 WHERE poster_id = ?', 'UPDATE _forum_topics SET topic_poster = 1 WHERE topic_poster = ?' ); $sql = w(); foreach ($ary_sql as $row) { $sql[] = sql_filter($row, $userdata['user_id']); } $ary_sql = array( 'DELETE FROM _members_ban WHERE user_id = ? OR banned_user = ?', 'DELETE FROM _members_friends WHERE user_id = ? OR buddy_id = ?', 'DELETE FROM _members_ref_assoc WHERE ref_uid = ? OR ref_orig = ?', 'DELETE FROM _members_viewers WHERE viewer_id = ? OR user_id = ?', ); foreach ($ary_sql as $row) { $sql[] = sql_filter($row, $userdata['user_id'], $userdata['user_id']); } sql_query($sql); return _pre('El registro de <strong>' . $userdata['username'] . '</strong> fue eliminado.', true); }
public function home() { global $core, $bio; $v = $this->__(array_merge(w('r'), _array_keys(w('v'), 0))); if (!empty($v->v)) { $sql = 'SELECT * FROM _objects o, _objects_type t WHERE o.object_id = ? AND t.type_alias = ? AND o.object_type = t.type_id'; $video = sql_rowset(sql_filter($sql, $v->v, 'tv')); $sql = 'SELECT * FROM _objects o, _objects_type t, _bio b WHERE o.object_id <> ? AND t.type_alias = ? AND o.object_type = t.type_id AND o.object_bio = b.bio_id ORDER BY o.object_time'; $tv_list = sql_rowset(sql_filter($sql, $v->v, 'tv')); $tv = w(); foreach ($video as $row) { $tv[] = $row; } foreach ($tv_list as $row) { $tv[] = $row; } //_pre($tv, true); } else { $sql = 'SELECT * FROM _objects o, _objects_type t, _bio b WHERE t.type_alias = ? AND o.object_type = t.type_id AND o.object_bio = b.bio_id ORDER BY o.object_time'; $tv = sql_rowset(sql_filter($sql, 'tv')); } foreach ($tv as $i => $row) { if (!$i) { _style('tv', array('FIRST_SUBJECT' => $row->object_subject)); } //$preg = preg_match("^http://(?<domain>([^./]+\\.)*youtube\\.com)(/v/|/watch\\?v=)(?<videoId>[A-Za-z0-9_-]{11})", $row->object_content); preg_match('#(?<=(?:v|i)=)[a-zA-Z0-9-]+(?=&)|(?<=(?:v|i)\\/)[^&\\n]+|(?<=embed\\/)[^"&\\n]+|(?<=(?:v|i)=)[^&\\n]+|(?<=youtu.be\\/)[^&\\n]+#', $row->object_content, $preg); $embed = '<iframe width="560" height="315" src="http://www.youtube.com/embed/' . $preg[0] . '" frameborder="0" allowfullscreen></iframe>'; $_row = array('ID' => $row->object_id, 'BIO' => $row->object_bio, 'SUBJECT' => $row->object_subject, 'CONTENT' => $row->object_content, 'VIDEO' => $preg[0], 'EMBED' => !$i ? $embed : '<a href="' . _link('tv', array('v' => $row->object_id)) . '" class="thumbnail"><img src="http://i2.ytimg.com/vi/' . $preg[0] . '/default.jpg" alt=""><br /><h5>' . $row->object_subject . '</h5></a>', 'EMBED2' => !$i ? $embed : '<img src="http://i2.ytimg.com/vi/' . $preg[0] . '/default.jpg" alt="" width="140" height="140" rel="' . _link('tv', array('v' => $row->object_id)) . '" />', 'EMBED3' => !$i ? $embed : '<a href="' . _link('tv', array('v' => $row->object_id)) . '"><img src="http://i2.ytimg.com/vi/' . $preg[0] . '/default.jpg" alt="" width="140" height="140"></a>', 'SPAN' => !$i ? 'span6' : 'span2', 'TIME' => $bio->format_date($row->object_time)); _style('tv.row', array_merge($_row, $this->_profile($row))); } $sql = 'SELECT * FROM _objects_rel_type ORDER BY type_alias'; $rel_type = sql_rowset($sql); foreach ($rel_type as $i => $row) { if (!$i) { _style('rel_type', array('TV_URL' => _link('tv'))); } $row->type_alias = _link('tv', array('r' => $row->type_alias)); _style('rel_type.row', $row); } return; }
public function home() { global $core, $bio; $v = $this->__(array_merge(w('a r'), _array_keys(w('s'), 0))); if (!empty($v->a)) { } if (!empty($v->r)) { $sql = 'SELECT * FROM _objects o, _objects_type t, _bio b, _objects_rel_assoc ra, _objects_rel_type rt WHERE t.type_alias = ? AND rt.type_alias = ? AND o.object_bio = b.bio_id AND ra.assoc_object = o.object_id AND ra.assoc_rel_type = rt.type_id ORDER BY o.object_time LIMIT ??, ??'; $news = sql_rowset(sql_filter($sql, 'news', $v->r, $v->s, $core->v('objects_per_page'))); $sql = 'SELECT COUNT(object_id) AS total FROM _objects o, _objects_type t, _objects_rel_assoc ra, _objects_rel_type rt WHERE t.type_alias = ? AND rt.type_alias = ? AND ra.assoc_object = o.object_id AND ra.assoc_rel_type = rt.type_id'; $news_total = sql_field(sql_filter($sql, 'news', $v->r), 'total', 0); } else { $sql = 'SELECT * FROM _objects o, _objects_type t, _bio b WHERE t.type_alias = ? AND o.object_type = t.type_id AND o.object_bio = b.bio_id ORDER BY o.object_time LIMIT ??, ??'; $news = sql_rowset(sql_filter($sql, 'news', $v->s, $core->v('objects_per_page'))); $sql = 'SELECT COUNT(object_id) AS total FROM _objects o, _objects_type t WHERE t.type_alias = ? AND o.object_type = t.type_id'; $news_total = sql_field(sql_filter($sql, 'news'), 'total', 0); } foreach ($news as $i => $row) { if (!$i) { _style('news', _pagination(_link('news'), 's:%d', $news_total + 1, $core->v('objects_per_page'), $v->s)); } $_row = array('ID' => $row->object_id, 'BIO' => $row->object_bio, 'SUBJECT' => $row->object_subject, 'CONTENT' => _message($row->object_content), 'TIME' => $bio->format_date($row->object_time)); _style('news.row', array_merge($_row, $this->_profile($row))); } $sql = 'SELECT * FROM _objects_rel_type ORDER BY type_alias'; $rel_type = sql_rowset($sql); foreach ($rel_type as $i => $row) { if (!$i) { _style('rel_type', array('NEWS_URL' => _link('news'))); } $row->type_alias = _link('news', array('r' => $row->type_alias)); _style('rel_type.row', $row); } return; }
public function _home() { global $config, $user, $cache; if ($submit) { return false; } $bot_name = request_var('bot_name', ''); $bot_agent = request_var('bot_agent', ''); $bot_ip = request_var('bot_ip', ''); $bot_base = get_username_base($bot_name); $sql = 'SELECT * FROM _bots WHERE bot_name = ?'; $insert = true; if ($row = sql_fieldrow(sql_filter($sql, $bot_name))) { $insert = false; if ($row['bot_ip'] != $bot_ip) { $sql = 'UPDATE _bots SET bot_ip = ? WHERE bot_id = ?'; sql_query(sql_filter($sql, $row['bot_ip'] . ',' . $bot_ip, $row['bot_id'])); } } if ($insert) { $insert_member = array( 'user_type' => 2, 'user_active' => 1, 'username' => $bot_name, 'username_base' => $bot_base, 'user_timezone' => -6.00, 'user_lang' => 'spanish' ); $bot_id = sql_insert('members', $insert_member); $insert_bot = array( 'bot_active' => 1, 'bot_name' => $bot_name, 'user_id' => $bot_id, 'bot_agent' => $bot_agent, 'bot_ip' => $bot_ip, ); sql_insert('bots', $insert_bot); } $sql = "DELETE FROM _sessions WHERE session_browser LIKE '%??%'"; sql_query(sql_filter($sql, $bot_name)); $cache->delete('bots'); return; }
protected function _ticket_members() { $v = $this->__(w('change_user')); $sql = "SELECT user_id, username\n\t\t\tFROM _members\n\t\t\tWHERE user_firstname LIKE '??%'\n\t\t\tORDER BY user_firstname"; $list = _rowset(sql_filter($sql, $v['change_user'])); $members = w(); foreach ($list as $row) { $members[$row['user_id']] = _fullname($row); } return $this->_dom_ul($members); }
public function _home() { global $config, $user, $cache; $submit2 = _button('submit2'); if (_button() || $submit2) { $news_id = request_var('news_id', 0); $sql = 'SELECT * FROM _news WHERE news_id = ?'; if (!$news_data = sql_fieldrow(sql_filter($sql, $news_id))) { fatal_error(); } if ($submit2) { $post_subject = request_var('post_subject', ''); $post_desc = request_var('post_desc', '', true); $post_message = request_var('post_text', '', true); if (empty($post_desc) || empty($post_message)) { _pre('Campos requeridos.', true); } $comments = new _comments(); $post_message = $comments->prepare($post_message); $post_desc = $comments->prepare($post_desc); // $sql = 'UPDATE _news SET post_subject = ?, post_desc = ?, post_text = ? WHERE news_id = ?'; sql_query(sql_filter($sql, $post_subject, $post_desc, $post_message, $news_id)); $cache->delete('news'); redirect(s_link('news', $news_id)); } if (_button()) { _style('edit', array( 'ID' => $news_data['news_id'], 'SUBJECT' => $news_data['post_subject'], 'DESC' => $news_data['post_desc'], 'TEXT' => $news_data['post_text']) ); } } if (!_button()) { _style('field'); } return; }
public function home() { global $core; $v = $this->__(array('a', 'p' => 0)); if (f($v['a'])) { $sql = 'SELECT area_id FROM _reference_area WHERE area_alias = ?'; if (!_field(sql_filter($sql, $v['a']), 'area_id', 0)) { _fatal(); } $sql = 'SELECT COUNT(r.ref_id) AS total FROM _reference r, _reference_area a WHERE a.area_alias = ? AND r.ref_area = a.area_id ORDER BY r.ref_time DESC'; $ref_total = _field(sql_filter($sql, $v['a']), 'total', 0); $sql = 'SELECT * FROM _reference r, _reference_area a WHERE a.area_alias = ? AND r.ref_area = a.area_id ORDER BY r.ref_time DESC LIMIT ??, ??'; $ref = _rowset(sql_filter($sql, $v['a'], $v['p'], $core->v('ref_pages'))); } else { $sql = 'SELECT COUNT(ref_id) AS total FROM _reference ORDER BY ref_time DESC'; $ref_total = _field($sql, 'total', 0); $sql = 'SELECT * FROM _reference r, _reference_area a WHERE r.ref_area = a.area_id ORDER BY r.ref_time DESC LIMIT ??, ??'; $ref = _rowset(sql_filter($sql, $v['p'], $core->v('ref_pages'))); } if ($v['p'] && $ref_total) { redirect(_link()); } else { _style('noref'); } foreach ($ref as $i => $row) { if (!$i) { _style('ref'); } if ($this->has_plugin($row['ref_content'])) { $this->parse_plugin($row); continue; } _style('ref.row', _vs(array('id' => $row['ref_id'], 'link' => _link($row['ref_alias']), 'subject' => $row['ref_subject'], 'content' => _message($row['ref_content']), 'time' => _format_date($row['ref_time'])), 'ref')); } return; }
public function _home() { global $config, $user, $cache; if (!_button()) { return false; } $username1 = request_var('username1', ''); $username2 = request_var('username2', ''); if (empty($username1) || empty($username2)) { fatal_error(); } $username_base1 = get_username_base($username1); $username_base2 = get_username_base($username2); $sql = 'SELECT * FROM _members WHERE username_base = ?'; if (!$userdata = sql_fieldrow(sql_filter($sql, $username_base1))) { _pre('El usuario no existe.', true); } $sql = 'SELECT * FROM _members WHERE username_base = ?'; if ($void = sql_fieldrow(sql_filter($sql, $username_base2))) { _pre('El usuario ya existe.', true); } // $sql = 'UPDATE _members SET username = ?, username_base = ? WHERE user_id = ?'; sql_query(sql_filter($sql, $username2, $username_base2, $userdata['user_id'])); $emailer = new emailer(); $emailer->from('info'); $emailer->use_template('username_change', $config['default_lang']); $emailer->email_address($userdata['user_email']); $emailer->assign_vars(array( 'USERNAME' => $userdata['username'], 'NEW_USERNAME' => $username2, 'U_USERNAME' => s_link('m', $username_base2)) ); $emailer->send(); $emailer->reset(); redirect(s_link('m', $username_base2)); return; }
public function in() { global $user, $core; if ($user->v('is_member')) { redirect(_link()); } if (_button()) { $v = $this->__(w('username password lastpage')); $userdata = w(); if (!f($v['username']) || !f($v['password']) || !preg_match('#^([a-z0-9\\_\\-]+)$#is', $v['username'])) { $this->error('LOGIN_ERROR'); } if (!$this->errors()) { $v['username'] = array_key(explode('@', $v['username']), 0); $sql = 'SELECT * FROM _members WHERE user_username = ? AND user_id <> ? AND user_active = 1'; if (!($userdata = _fieldrow(sql_filter($sql, $v['username'], U_GUEST)))) { $this->error('LOGIN_ERROR'); } if (!$this->errors()) { if (!$core->v('signin_pop')) { if (isset($userdata['user_password']) && $userdata['user_password'] === _password($v['password'])) { $user->session_create($userdata['user_id']); redirect($v['lastpage']); } $this->error('LOGIN_ERROR'); } else { require_once XFS . 'core/pop3.php'; $pop3 = new pop3(); if (!$pop3->connect($core->v('mail_server'), $core->v('mail_port'))) { $this->error('LOGIN_ERROR'); } if (!$this->errors() && !$pop3->user($v['username'])) { $this->error('LOGIN_ERROR'); } if (!$this->errors() && !$pop3->pass($v['password'], false)) { $this->error('LOGIN_ERROR'); } $pop3->quit(); if (!$this->errors()) { $user->session_create($userdata['user_id']); redirect($v['lastpage']); } } } } } _login(false, $this->get_errors()); }
public function _home() { global $config, $cache, $user; if (!_button()) { $sql = 'SELECT cat_id, cat_name FROM _news_cat ORDER BY cat_id'; $result = sql_rowset($sql); foreach ($result as $i => $row) { if (!$i) _style('categories'); _style('categories.row', array( 'CAT_ID' => $row['cat_id'], 'CAT_NAME' => $row['cat_name']) ); } return false; } $t = request_var('news_id', 0); $f = request_var('cat_id', 0); if (!$f || !$t) { fatal_error(); } // $sql = 'SELECT * FROM _news WHERE news_id = ?'; if (!$tdata = sql_fieldrow(sql_filter($sql, $t))) { fatal_error(); } // $sql = 'SELECT * FROM _news_cat WHERE cat_id = ?'; if (!$fdata = sql_fieldrow(sql_filter($sql, $f))) { fatal_error(); } // $sql = 'UPDATE _news SET cat_id = ? WHERE news_id = ?'; sql_query(sql_filter($sql, $f, $t)); return redirect(s_link('news', $t)); }
public function run() { $alias = request_var('alias', ''); if (empty($alias)) { return $this->elements(); } $sql = 'SELECT * FROM _win WHERE win_alias = ?'; if (!$this->object = sql_fieldrow(sql_filter($sql, $alias))) { fatal_error(); } return $this->run_object(); }
public function _home() { global $config, $user, $cache; $sql = 'SELECT * FROM _forum_posts WHERE post_id = 125750'; if ($row = sql_fieldrow($sql)) { $a_post = str_replace("\r", '', $row['post_text']); $sql = 'UPDATE _forum_posts SET post_text = ? WHERE post_id = ?'; sql_query(sql_filter($sql, $a_post, $row['post_id'])); } return; }
public function _home() { global $config, $user, $cache; if (!_button()) { return false; } $msg_id = request_var('msg_id', 0); $sql = 'SELECT * FROM _members_posts WHERE post_id = ?'; if (!$d = sql_fieldrow(sql_filter($sql, $msg_id))) { fatal_error(); } $sql = 'DELETE FROM _members_posts WHERE post_id = ?'; sql_query(sql_filter($sql, $msg_id)); $sql = 'UPDATE _members SET userpage_posts = userpage_posts - 1 WHERE user_id = ?'; sql_query(sql_filter($sql, $d['userpage_id'])); if (_button('user')) { $sql = 'SELECT ban_id FROM _banlist WHERE ban_userid = ?'; if (!$row = sql_fieldrow(sql_filter($sql, $d['poster_id']))) { sql_insert('banlist', array('ban_userid' => $d['poster_id'])); } } if (_button('ip')) { $sql = 'SELECT ban_id FROM _banlist WHERE ban_ip = ?'; if (!$row = sql_fieldrow(sql_filter($sql, $d['post_ip']))) { $sql_insert = array( 'ban_ip' => $d['post_ip'] ); sql_insert('banlist', $sql_insert); } } return _pre($d, true); }
public function _home() { global $config, $user, $cache; if (_button()) { $topic = request_var('topic', 0); $sql = 'SELECT * FROM _forum_topics WHERE topic_id = ?'; if (!$topicdata = sql_fieldrow(sql_filter($sql, $topic))) { fatal_error(); } $sql = 'UPDATE _forum_topics SET topic_color = ?, topic_announce = 0, topic_important = 0 WHERE topic_id = ?'; sql_query(sql_filter($sql, '', $topic)); _style('updated', array( 'MESSAGE' => 'El tema <strong>' . $topicdata['topic_title'] . '</strong> ha sido normalizado.') ); } $sql = 'SELECT t.topic_id, t.topic_title, f.forum_name FROM _forums f, _forum_topics t WHERE f.forum_id = t.forum_id AND (topic_announce = 1 OR topic_important = 1) ORDER BY forum_order, topic_title'; $topics = sql_rowset($sql); $forum_name = ''; foreach ($topics as $i => $row) { if (!$i) _style('topics'); if ($forum_name != $row['forum_name']) _style('topics.forum', array('FORUM_NAME' => $row['forum_name'])); $forum_name = $row['forum_name']; _style('topics.forum.row', array( 'TOPIC_ID' => $row['topic_id'], 'TOPIC_TITLE' => $row['topic_title']) ); } return; }
public function _home() { global $config, $user, $cache; $limit = 225; $steps = 0; $items = 0; $trash = w(); // $sql = "SELECT * FROM _members WHERE user_type NOT IN (??) AND user_email <> '' AND user_id NOT IN ( SELECT ban_userid FROM _banlist WHERE ban_userid <> 0 ) ORDER BY username"; $result = sql_rowset(sql_filter($sql, USER_INACTIVE)); foreach ($result as $row) { if (!preg_match('/^[a-z0-9&\'\.\-_\+]+@[a-z0-9\-]+\.([a-z0-9\-]+\.)*?[a-z]+$/is', $row['user_email'])) { $trash[] = $row['user_email']; continue; } if (!$items || $items == $limit) { $items = 0; $steps++; _style('step', array( 'STEPS' => $steps) ); } _style('step.item', array( 'USERNAME' => $row['username'], 'USER_EMAIL' => $row['user_email']) ); $items++; } return; }
public function run() { global $cache, $comments; $alias = request_var('alias', ''); if (!empty($alias)) { $sql = 'SELECT * FROM _help_cat c, _help_modules m, _help_faq f WHERE c.help_module = m.module_id AND f.help_id = c.help_id AND m.module_name = ? ORDER BY f.faq_question_es'; $module = sql_rowset(sql_filter($sql, $alias)); foreach ($module as $i => $row) { if (!$i) _style('module', array('TITLE' => $row['help_es'])); _style('module.row', array( 'QUESTION' => $row['faq_question_es'], 'ANSWER' => $comments->parse_message($row['faq_answer_es'])) ); } } if (!$help = $cache->get('help')) { $sql = 'SELECT * FROM _help_cat c, _help_modules m WHERE c.help_module = m.module_id ORDER BY c.help_order'; if ($help = sql_rowset($sql)) { $cache->save('help', $help); } } foreach ($help as $i => $row) { if (!$i) _style('categories'); _style('categories.row', array( 'URL' => s_link('help', $row['module_name']), 'TITLE' => $row['help_es']) ); } return; }
public function _home() { global $config, $user, $cache, $upload; if (_button()) { $news_id = request_var('news_id', 0); $sql = 'SELECT news_id FROM _news WHERE news_id = ?'; if (!sql_field(sql_filter($sql, $news_id), 'news_id', 0)) { fatal_error(); } $filepath_1 = $config['news_path']; $f = $upload->process($filepath_1, 'add_image', 'jpg'); if (!sizeof($upload->error) && $f !== false) { foreach ($f as $row) { $xa = $upload->resize($row, $filepath_1, $filepath_1, $news_id, array(100, 75), false, false, true); } redirect(s_link()); } _style('error', array( 'MESSAGE' => parse_error($upload->error)) ); } $sql = 'SELECT * FROM _news ORDER BY post_time DESC'; $result = sql_rowset($sql); foreach ($result as $row) { _style('news_list', array( 'NEWS_ID' => $row['news_id'], 'NEWS_TITLE' => $row['post_subject']) ); } return; }
public function _home() { global $config, $user, $cache; if (!_button()) { return false; } $userid = request_var('uid', 0); $username = request_var('username', ''); $email = request_var('email', ''); if (empty($username) && empty($email) && !$userid) { fatal_error(); } if (!empty($email)) { $sql = 'SELECT * FROM _members WHERE user_email = ?'; $sql = sql_filter($sql, $email); } else if ($userid) { $sql = 'SELECT * FROM _members WHERE user_id = ?'; $sql = sql_filter($sql, $userid); } else { $sql = 'SELECT * FROM _members WHERE username_base = ?'; $sql = sql_filter($sql, get_username_base($username)); } if (!$userdata = sql_fieldrow($sql)) { fatal_error(); } foreach ($userdata as $k => $void) { if (preg_match('#\d+#is', $k)) { unset($userdata[$k]); } } return _pre($userdata, true); }