$user = "";
$name = "";
list($unm, $_rubbish_text_yimu) = explode("@", $email);
$user = $unm . "_" . rand(100, 999);
if (strlen($user) > 25) {
$user = substr($user, 0, strlen($user) - 4);
}
$name = ucfirst($unm);
setcookie("u", $user, time() + 52 * 60 * 60 * 24 * 7);
$tz = $_POST["tz"];
$lang = "en";
$loc = "";
$info = "";
$bio = "";
$pass = sha1($_POST["pass"]);
$q = $con->insertInto("users", array($email, $user, $name, $pass, $bio, $loc, $_70x70, $_150x150, $_500x500, $tz, $lang, "", 0, date("U"), "", "", "1", "", "", "", "", "", "", "", "", DEF_BG_IMG));
if ($q) {
$qq = mysqli_query($conc, "SELECT * FROM `users` WHERE user = '******'");
$r = mysqli_fetch_array($qq);
$q2 = $con->insertInto("online", array($r[0], date("U")));
$_SESSION["user"] = $user;
$_SESSION["uid"] = $r[0];
$_SESSION["name"] = $name;
$_SESSION["user"] = $r[2];
$_SESSION["email"] = $r[1];
$_SESSION["p"] = $r[4];
$_SESSION["img1"] = $_70x70;
$_SESSION["img2"] = $_150x150;
$_SESSION["img3"] = $_500x500;
$_SESSION["ula"] = md5("{$user} {$r['4']} {$r['0']}");
$_SESSION["new_user"] = "******";
<?php
session_start();
$uid = intval($_SESSION["uid"]);
if (!isset($_SESSION["user"], $_SESSION["uid"]) || $uid == 0) {
exit;
}
include "../scripts/db.php";
$id = intval($_POST["id"]);
$userid = intval($_POST["userid"]);
if (isset($id)) {
$con = new db();
$conc = $con->c();
$q = mysqli_query($conc, "SELECT `id` FROM `like` WHERE `uid`={$uid} AND `id`={$id}");
if (mysqli_num_rows($q) == 0) {
$qp = mysqli_query($conc, "INSERT INTO `like` VALUES({$id},{$uid})");
if ($userid != $uid) {
$qq = $con->insertInto("hist", array(7, $userid, $uid, $id, date("U")));
s_mail($_SESSION["user"], " likes your <a href='http://muzikkitchen.com/?view={$id}&t=0'>feed</a>", $userid, $conc, "likes your feed");
}
echo 1;
} else {
$qp = mysqli_query($conc, "DELETE FROM `like` WHERE `uid` = {$uid} AND `id` ={$id}");
$qq = mysqli_query($conc, "DELETE FROM hist WHERE var1={$userid} AND var2 = {$uid} AND var3 = '{$id}' ");
echo 2;
}
$con->close_db_con($conc);
}
} else {
exit("<div {$style}>Error updating {$name}</div>");
}
}
if (isset($_POST["add"])) {
$img = $_FILES["upl"]["tmp_name"];
$video = $_FILES["vid"]["tmp_name"];
if (is_uploaded_file($video) && preg_match('/mp4|avi|mpeg|3gp|mkv|flv|mov/', extension($_FILES["vid"]["name"]))) {
$_300x300 = is_uploaded_file($img) ? upload_pic($img, $_FILES["upl"]["type"], $_FILES["upl"]["tmp_name"], 300, 300) : DEF_VID_IMG;
$vid = md5($video . " " . date("U")) . rand(0, 9) . extension($_FILES["vid"]["name"]);
if ($_300x300 && copy($video, "../video/{$vid}")) {
$name = strclean($_POST["name"]);
$name = strlen($name) < 2 ? $_SESSION["user"] . "'s video " . rand(10, 999) : $name;
$name = _hstr_($name, false);
$info = _hstr_($_POST["info"], false);
$q = $con->insertInto("videos", array($user, $name, $info, $_300x300, $vid, 1, date("U"), 0));
if ($q) {
$q = mysqli_query($conc, "SELECT id FROM videos WHERE user = '******' AND name = '{$name}' AND vid = '{$vid}'");
$r = mysqli_fetch_array($q);
$q = $con->insertInto("hist", array(6, 0, $user, $name . "::__::__::" . $r[0], date("U")));
$q = NULL;
$con->close_db_con($conc);
exit("<div {$style}>{$name} has been successfully added.</div>");
} else {
if (is_file("../prev/" . $_300x300) && strstr($_300x300, DEF_VID_IMG) < 0) {
unlink("../prev/" . $_300x300);
}
if (is_file("../video/{$vid}")) {
unlink("../video/{$vid}");
}
$con->close_db_con($conc);
include "../scripts/db.php";
if (!isset($_SESSION["uid"], $_SESSION["user"])) {
exit("<div class='m_s_g'>Invalid Authentication<div>");
}
$uid = $_SESSION["uid"];
$con = new db();
$conc = $con->c();
$type = $_POST["type"];
$id = $_POST["id"];
$owner = $_POST["owner"];
if (isset($id, $type)) {
if ($type != 0) {
$q = mysqli_query($conc, "UPDATE users SET np = '{$id}" . "__" . "{$type}', npdate=" . date("U") . " WHERE id = {$uid};");
}
@$con->close_db_con($conc);
@$con->insertInto("num_plays", array($id, $type, $uid, date("U")));
// if($type == 1) $con->update("music","play = play + 1","id = $id");
// if($type == 2) $con->update("videos","play = play + 1","id = $id");
// if($type == 0) $con->update("art","play = play + 1","id = $id");
exit;
} else {
if (isset($owner)) {
$q = mysqli_query($conc, "SELECT np,npdate FROM users WHERE id = {$owner} ");
$r = mysqli_fetch_array($q);
$q = NULL;
if ($r[0] == "") {
exit;
}
list($id, $type) = explode("__", $r[0]);
if ($type == 1) {
$q = mysqli_query($conc, "SELECT music.id,music.user,music.name,music.info,music.mp3,music.dl,music.date,users.user FROM music INNER JOIN users ON users.id= music.user WHERE music.id = {$id}");
$post = _hstr_($_POST["post"], false);
$con = new db();
$conc = $con->c();
switch ($action) {
case 1:
$q = mysqli_query($conc, "SELECT comment.id,comment.owner,comment.uid,comment.post,comment.date,users.user,users.name,users.img1 FROM comment INNER JOIN users ON comment.uid = users.id WHERE comment.cid = {$cid} AND comment.type ={$type} ORDER BY comment.id ASC");
echo "<div style='font-size:12px;'>";
while ($r = mysqli_fetch_array($q)) {
$del = $uid == $r[1] || $uid == $r[2] ? "·<a href='#' onclick='return _delcom(event,{$type},{$r['0']})'><span class='del'>delete</span></a>" : "";
echo "<div class='comment_" . $r[0] . "' style='width:100%;'>\n\t\t\t\t\t<table width='100%'><tr>\n\t\t\t\t\t<td width='10%'><a href='" . PTH . "/{$r['5']}' onclick='return _pop(event,{$r['2']});'><div class='ssmpdiv' style='background-image:url(" . PTH . "{$r['7']});'></div></a></td>\n\t\t\t\t\t<td valign='top'><a href='" . PTH . "/{$r['5']}' onclick='return _pop(event,{$r['2']});'>{$r['5']}</a> <i style='_pn'>{$r['6']}</i><br/><span>{$r['3']}</span><div style='float:right;'><span class='del' title='" . date("U", $r[4]) . "'>" . gtime($r[4]) . "</span> {$del}</div></td></tr></table>\n\t\t\t </div>";
}
echo $uid != 0 ? "\n\t<div class=''><div class ='comm'><table><tr><td valign='top'><div class='ssmpdiv'style='background-image:url(" . PTH . "" . $_SESSION["img1"] . ");'></div></td><td><textarea id='txtcom_" . $type . "' placeholder='Comment...' rows='3' class='txt' onkeyup='gment(event)'></textarea><div class='pl2div' style='position:relative'></div><br /><input type='button' onclick='_com(event,{$type},{$cid},{$owner});' style='float:right' class='button1' value='Comment'/></td></tr></table></div></div><a href='#' onclick='addCommentV(event)'><!--span class='__c'>Add a comment</span--></a></div></div>\n\t</div>" : "";
break;
case 2:
if ($uid != 0) {
$q = $con->insertInto("comment", array($type, $cid, $owner, $uid, $post, date("U")));
$plate = 9 + $type;
if ($uid != $owner) {
$q = $con->insertInto("hist", array($plate, $owner, $uid, $cid, date("U")));
}
echo $q ? 1 : 2;
}
break;
case 3:
$q = mysqli_query($conc, "DELETE FROM comment WHERE (uid = {$uid} OR owner={$uid}) AND type={$type} AND id={$id}");
echo $q ? 1 : 2;
break;
default:
break;
}
$con->close_db_con($conc);
<?php
session_start();
include "../scripts/db.php";
if (!isset($_SESSION["user"], $_SESSION["p"])) {
exit("<div class='m_s_g'>Invalid Authentication<div>");
}
$uid = $_SESSION["uid"];
$user = $_POST["user"];
$id = $_POST["id"];
$me = $uid;
if (isset($id) && isset($user) && $user != "") {
$con = new db();
$conc = $con->c();
$chk = mysqli_query($conc, "SELECT `id` FROM `open_chat` WHERE `u1` = {$me} AND `u2`={$user}");
if (mysqli_num_rows($chk) == 0) {
$q = $con->insertInto("open_chat", array($id, $me, $user, date("U")));
echo $q ? "yess" : "no";
echo "{$id} {$user} {$me}";
}
// setcookie($id,"__c".$user."_".$id."__c",time()+52*60*60*24*7);
//setcookie($id,$id."44",time()+(52 * 3600 * 24 * 7 *3));
mysqli_kill($conc, mysqli_thread_id($con->c()));
mysqli_close($con->c());
}
exit;
}
if (isset($_POST["add"])) {
$music = $_FILES["mp3"]["tmp_name"];
if (is_uploaded_file($music)) {
$type = extension($_FILES["mp3"]["name"]);
if ($type != ".mp3" && $_FILES["mp3"]["type"] != "audio/mpeg") {
exit("<div {$style}>" . $_FILES["mp3"]["type"] . "'{$type}' formats are not supoorted, please upload mp3 only</div>");
}
$mp3 = md5($music . " " . date("U")) . rand(0, 9) . $type;
$cp = copy($music, "../music/{$mp3}");
if ($cp) {
$name = $_POST["name"];
$name = strlen($name) < 2 ? $_SESSION["user"] . "'s music-" . rand(10, 999) : $name;
$name = _hstr_($name, false);
$info = _hstr_($_POST["info"], false);
$q = $con->insertInto("music", array($user, $name, $info, $mp3, 1, date("U"), 0));
if ($q) {
$q = mysqli_query($conc, "SELECT id FROM music WHERE user = '******' AND name = '{$name}' AND mp3 = '{$mp3}'");
$r = mysqli_fetch_array($q);
$q = $con->insertInto("hist", array(5, 0, $user, $name . "::__::__::" . $r[0], date("U")));
$q = NULL;
$con->close_db_con($conc);
exit("<div {$style}>{$name} has been successfully added.</div>");
} else {
$con->close_db_con($conc);
unlink("../music/{$mp3}");
exit("<div {$style}>Error adding {$name}</div>");
}
} else {
$con->close_db_con($conc);
exit("<div {$style}>Error with muzik upload</div>");
<?php
include "../scripts/db.php";
$con = new db();
$conc = $con->c();
$id = 101212574;
$date = date("U") - 60 * 60 * 24 * 7;
$q = $con->query("users", "id", "id <> {$id}");
while ($r = mysqli_fetch_array($q[1])) {
$qq = $con->query("follow", "id", "u1 = {$r['0']} AND u2 = {$id}");
if ($qq[0] == 0) {
$qqq = $con->insertInto("follow", array($r[0], $id, date("U")));
}
$con->close_db_con($qq[2]);
}
echo "done";
$con->close_db_con($q[2]);
<?php
session_start();
include "../scripts/db.php";
if (!isset($_SESSION["uid"], $_SESSION["user"])) {
exit("<div class='m_s_g'>Invalid Authentication<div>");
}
$cid = intval($_POST["cid"]);
$cat = intval($_POST["cat"]);
$uid = $_SESSION["uid"];
if ($cid != 0) {
$con = new db();
$conc = $con->c();
$q = mysqli_query($conc, "SELECT id FROM votes WHERE uid = {$uid} AND cat = {$cat}");
if (mysqli_num_rows($q) == 0) {
$q = NULL;
$q = $con->insertInto("votes", array($uid, $cid, $cat));
$qq = mysqli_query($conc, "UPDATE cand SET votes = votes + 1 WHERE id = {$cid};");
echo $q && $qq ? "Vote success" : "Error occured voting";
} else {
echo "Already Voted";
}
echo getVoteScreen($conc, $cat, "");
$con->close_db_con($conc);
}
}
}
if (isset($_POST["add"])) {
$img = $_FILES["upl"]["tmp_name"];
if (is_uploaded_file($img)) {
$_50x50 = upload_pic($img, $_FILES["upl"]["type"], $_FILES["upl"]["tmp_name"], 50, 50);
$_100x100 = upload_pic($img, $_FILES["upl"]["type"], $_FILES["upl"]["tmp_name"], 100, 100);
$_300x300 = upload_pic($img, $_FILES["upl"]["type"], $_FILES["upl"]["tmp_name"], 500, 400);
if ($_50x50 && $_100x100 && $_300x300) {
$_big = "../art/full_" . substr($_300x300, 5, strlen($_300x300));
copy($img, $_big);
$name = $_POST["name"];
$name = strlen($name) < 2 ? $_SESSION["user"] . "'s art " . rand(10, 999) : $name;
$name = _hstr_($name, false);
$info = _hstr_($_POST["info"], false);
$q = $con->insertInto("art", array($uid, $name, $info, $_50x50, $_100x100, $_300x300, date("U"), 0));
if ($q) {
$q = mysqli_query($conc, "SELECT id FROM art WHERE user = '******' AND name = '{$name}' AND img1 = '{$_50x50}'");
$r = mysqli_fetch_array($q);
$q = $con->insertInto("hist", array(4, 0, $uid, $name . "::__::__::" . $r[0], date("U")));
$q = NULL;
$con->close_db_con($conc);
if (isset($_POST["quick"])) {
exit("<script>parent.document.getElementById('txtdiv').value += '[art:{$r['0']} ]';parent.window.uploading(false);</script>");
}
exit("<div {$style}>{$name} has been successfully added. </div>");
} else {
unlink($_50x50);
unlink($_100x100);
unlink($_300x300);
unlink($_big);
foreach ($preg as $s) {
if (stristr($s, "#")) {
$q = mysqli_query($con, "SELECT id FROM trend WHERE trend LIKE '{$s}'");
if (mysqli_num_rows($q) == 0) {
$qq = mysqli_query($con, "INSERT INTO trend Values (NULL, {$uid},'{$s}',1," . date("U") . ")");
} else {
$qq = mysqli_query($con, "UPDate trend set tc=tc+1 WHERE trend LIKE '{$s}'");
}
}
}
}
}
if (strlen($post) > 0) {
$con = new db();
$conc = $con->c();
$q = $con->insertInto("post", array($uid, $post, date("U"), $client, $loc, $id, $type, $_SERVER['REMOTE_ADDR']));
if ($q) {
switch ($type) {
case 0:
$v = _hstr_($real_post, 1);
$v = NULL;
break;
case 1:
$q = mysqli_query($conc, "SELECT user FROM post WHERE id = {$id}");
$r = mysqli_fetch_array($q);
if ($r[0] != $uid) {
$q = $con->insertInto("hist", array(8, $r[0], $uid, $id, date("U")));
s_mail($_SESSION["user"], " replied your <a href='http://muzikkitchen.com/?view={$id}&t={$type}'>feed</a><br/><div style='font-size:14px'><b><br/><br/>{$real_post}</b></div>", $r[0], $conc, "replied your feed");
$r = NULL;
}
$q = NULL;
include "../scripts/db.php";
if (!isset($_SESSION["user"], $_SESSION["p"])) {
exit("<div class='m_s_g'>Invalid Authentication<div>");
}
$uid = $_SESSION["uid"];
$u2 = $_POST["u2"];
if ($uid == $u2) {
exit("Impossible argument");
}
if (isset($uid, $u2)) {
$con = new db();
$conc = $con->c();
$q = mysqli_query($conc, "select id from follow where u1 = {$uid} and u2 = {$u2}");
if (mysqli_num_rows($q) != 1) {
$q = NULL;
$q = $con->insertInto("follow", array($uid, $u2, date("U")));
if ($q) {
if (me_n_you($conc, $uid, $u2)) {
$q = $con->insertInto("hist", array(2, $u2, $uid, "", date("U")));
$q = NULL;
$q = $con->insertInto("chat", array($uid, $u2, date("U")));
//mail
s_mail($_SESSION["user"], " is dinning back with you", $u2, $conc, " is dinning back with you");
//mail
} else {
$q = $con->insertInto("hist", array(1, $u2, $uid, "", date("U")));
s_mail($_SESSION["user"], " is dinning with you", $u2, $conc, " is dinning with you");
}
echo 1;
}
} else {
