function delete($group_id = false, $user_id = false)
{
if ($group_id !== false && $user_id !== false) {
include_once PATH_CLASS . '/CGroup.php';
$g =& CGroup::getInstance();
$group_data = $g->groupData($group_id);
$perms = $g->isOwner($group_id, $user_id, $group_data);
if ($perms === true) {
include_once PATH_CLASS . '/CMail.php';
$m =& CMail::getInstance();
$expiry = NOW + 86400;
$safe_group_id = $this->dbh->sql_safe($group_id);
$safe_user_id = $this->dbh->sql_safe($user_id);
$safe_expiry = $this->dbh->sql_safe(date('Y-m-d', $expiry));
$sql = 'REPLACE INTO group_delete(g_id, u_id, gd_dateToDelete) VALUES(' . $safe_group_id . ', ' . $safe_user_id . ', ' . $safe_expiry . ')';
$this->dbh->execute($sql);
$this->update(array('g_id' => $group_id, 'g_delete' => 1));
$group_members = $g->members($group_id);
$body = file_get_contents(PATH_DOCROOT . '/group_delete.tpl.php');
$body = str_replace(array('{DATE}', '{GROUP}'), array(date(FF_FORMAT_DATE_LONG, $expiry), $group_data['G_NAME']), $body);
$mail_headers = "MIME-Version: 1.0\n" . "Content-type: text/plain; charset=iso-8859-1\n" . "Return-Path: " . FF_EMAIL_FROM . "\n" . "From: " . FF_EMAIL_FROM_FORMATTED . "\n";
foreach ($group_members as $v) {
$this_body = str_replace('{NAME}', $v['U_NAMEFIRST'], $body);
$email_formatted = $v['U_NAMEFIRST'] . ' ' . $v['U_NAMELAST'] . '<' . $v['U_EMAIL'] . '>';
$m->send($email_formatted, 'FotoGroup ' . $group_data['G_NAME'] . ' to be deleted!', $this_body, $mail_headers, '-f' . FF_EMAIL_FROM);
}
return true;
}
}
return false;
}
function flag($id, $u_id, $session_id)
{
$id_safe = $this->dbh->sql_safe($id);
$u_id_safe = $this->dbh->sql_safe($u_id);
$session_id_safe = $this->dbh->sql_safe($session_id);
$sql = "SELECT COUNT(*) as _count FROM foto_objectionable WHERE fo_up_id = " . $id_safe . " AND fo_us_hash = " . $session_id_safe;
$ar = $this->dbh->query_first($sql);
if ($ar['_count'] == 0) {
$sql_insert = "INSERT INTO foto_objectionable (fo_up_id, fo_us_hash, fo_dateCreated) VALUES (" . $id_safe . ", " . $session_id_safe . ", NOW())";
$this->dbh->execute($sql_insert);
}
$sql = "SELECT COUNT(*) as _count FROM foto_objectionable WHERE fo_up_id = " . $id_safe;
$ar = $this->dbh->query_first($sql);
if ($ar['_count'] > 2) {
$sql_insert = "INSERT INTO foto_quarantined (fq_up_id, fq_dateCreated) VALUES (" . $id_safe . ", NOW())";
$this->dbh->execute($sql_insert);
$this->violation($id, $u_id);
$sql_delete = "DELETE FROM foto_objectionable WHERE fo_up_id = " . $id_safe;
$this->dbh->execute($sql_delete);
include_once PATH_CLASS . '/CMail.php';
$cm =& CMail::getInstance();
$to = '*****@*****.**';
$subject = 'Foto Quarantined';
$message = 'This foto has been quarantined. Foto ID: ' . $id . ', User ID: ' . $u_id;
$headers = 'From: kevin@fotoflix.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion();
$cm->send($to, $subject, $message, $headers);
}
}
<?php
include_once dirname($_SERVER['SCRIPT_FILENAME']) . '/_reporter.php';
chdir(dirname(__FILE__));
ob_start();
include_once $path = str_replace('scripts', '', dirname(__FILE__)) . 'init_constants.php';
include_once PATH_DOCROOT . '/init_database.php';
include_once PATH_INCLUDE . '/variables.php';
include_once PATH_CLASS . '/CSubscription.php';
include_once PATH_CLASS . '/CMail.php';
$s =& CSubscription::getInstance();
$m =& CMail::getInstance();
$time = mktime(0, 0, 0, date('m', NOW), date('d', NOW) - 1, date('Y', NOW));
$sTime = $time - 86400;
$hour = date('H', NOW) - 1;
$sHour = $hour + 1;
$headers = "MIME-Version: 1.0\n" . "Content-type: text/html; charset=iso-8859-1\n" . 'Return-Path: ' . FF_EMAIL_FROM_FORMATTED . "\n" . 'From: ' . FF_EMAIL_FROM_FORMATTED;
$yesterday = " BETWEEN '" . date("Y-m-d {$sHour}:00:00", $sTime) . "' AND '" . date("Y-m-d {$hour}:59:59", $time) . "' ";
$incompleteUsers = $GLOBALS['dbh']->query_all($sql = "SELECT * FROM user_incompletes WHERE u_dateCreated {$yesterday}");
echo $sql . "\n\n";
$template = file_get_contents(PATH_DOCROOT . '/account_incomplete_user.tpl.php');
$listElements = '';
foreach ($incompleteResponses as $k => $v) {
$listElements .= '<li><a href="http://' . FF_SERVER_NAME . '/?action=account.incomplete_user_response.act&key={KEY}&response=' . $k . '">' . $v . '</a></li>';
}
$template = str_replace('{LI}', $listElements, $template);
foreach ($incompleteUsers as $v) {
if (strstr($v['u_email'], '@')) {
$m->send($v['u_email'], 'Complete your registration on Photagious', str_replace(array('{GREETING}', '{KEY}', '{SERVERNAME}'), array($v['u_username'], $v['u_key'], FF_SERVER_NAME), $template), $headers, FF_EMAIL_FROM_FORMATTED);
echo 'send email to ' . $v['u_email'] . "\n";
}
<?php
$_SESSION_HASH = $_FF_SESSION->value('sess_hash');
$mail =& CMail::getInstance();
$user =& CUser::getInstance();
$ecom =& new CEcom($_USER_ID, $_SESSION_HASH);
$user_data = $user->find($_USER_ID);
$order_id = $ecom->getCartID();
$redirect_success = isset($_POST['redirect_success']) ? $_POST['redirect_success'] : '/?action=cart.checkout.confirmation';
$redirect_failure = isset($_POST['redirect_failure']) ? $_POST['redirect_failure'] : '/?action=cart.view?e=declined';
if (!empty($_POST['i_ids'])) {
$ids = !empty($_POST['i_ids']) ? $_POST['i_ids'] : array();
$quantities = !empty($_POST['i_quantities']) ? $_POST['i_quantities'] : array();
$prices = !empty($_POST['i_prices']) ? $_POST['i_prices'] : array();
$details = !empty($_POST['i_details']) ? $_POST['i_details'] : array();
$ecom->addCartItems($ids, $quantities, $prices, $details);
}
$cart_data = $ecom->getCartItems();
if (isset($_POST['s_nameFull'])) {
$rpos = strrpos($_POST['s_nameFull'], ' ');
$ship_f_name = substr($_POST['s_nameFull'], $rpos);
$ship_l_name = substr($_POST['s_nameFull'], 0, $rpos);
$ship_address = $_POST['s_address'];
$ship_city = $_POST['s_city'];
$ship_state = $_POST['s_state'];
$ship_zip = $_POST['s_zip'];
$shipping = $_POST['s_shipping'];
$do_shipping = true;
} else {
$ship_f_name = '';
$ship_l_name = '';
