예제 #1
0
        }
        if (!$error) {
            // Записываем в базу
            mysql_query("UPDATE `users` SET `password` = '" . mysql_real_escape_string(md5(md5($newpass))) . "' WHERE `id` = '" . $user['id'] . "'");
            // Проверяем и записываем COOKIES
            if (isset($_COOKIE['cuid']) && isset($_COOKIE['cups'])) {
                setcookie('cups', md5($newpass), time() + 3600 * 24 * 365);
            }
            echo '<div class="gmenu"><p><b>' . $lng_pass['password_changed'] . '</b><br />' . '<a href="' . ($user_id == $user['id'] ? '../login.php' : 'profile.php?user='******'id']) . '">' . $lng['continue'] . '</a></p>';
            if ($autologin) {
                // Показываем ссылку на Автологин
                echo '<p>' . $lng_pass['autologin_link'] . ':<br />' . '<input type="text" value="' . $set['homeurl'] . '/login.php?id=' . $user['id'] . '&amp;p=' . $newpass . '" /></p>' . '<p>' . $lng_pass['autologin_warning'] . '</p>';
            }
            echo '</div>';
        } else {
            echo functions::display_error($error, '<a href="profile.php?act=password&amp;user='******'id'] . '">' . $lng['repeat'] . '</a>');
        }
        break;
    default:
        /*
        -----------------------------------------------------------------
        Форма смены пароля
        -----------------------------------------------------------------
        */
        echo '<div class="phdr"><b>' . $lng_pass['change_password'] . ':</b> ' . $user['name'] . '</div>';
        echo '<form action="profile.php?act=password&amp;mod=change&amp;user='******'id'] . '" method="post">';
        if ($user['id'] == $user_id) {
            echo '<div class="menu"><p>' . $lng_pass['input_old_password'] . ':<br /><input type="password" name="oldpass" /></p></div>';
        }
        echo '<div class="gmenu"><p>' . $lng_pass['input_new_password'] . ':<br />' . '<input type="password" name="newpass" /><br />' . $lng_pass['repeat_password'] . ':<br />' . '<input type="password" name="newconf" /></p>' . '<p><input type="checkbox" value="1" name="autologin" />&#160;' . $lng_pass['show_autologin'] . '</p><p><input type="submit" value="' . $lng['save'] . '" name="submit" />' . '</p></div></form>' . '<div class="phdr"><small>' . $lng_pass['password_change_help'] . '</small></div>' . '<p><a href="profile.php?user='******'id'] . '">' . $lng['profile'] . '</a></p>';
}
예제 #2
0
파일: ipban.php 프로젝트: chegestar/catroxs
 echo '<div class="phdr"><a href="index.php?act=ipban"><b>' . $lng['ip_ban'] . '</b></a> | ' . $lng['ban_details'] . '</div>';
 if ($id) {
     // Поиск адреса по ссылке (ID)
     $req = mysql_query("SELECT * FROM `cms_ban_ip` WHERE `id` = '{$id}'");
     $get_ip = '';
 } elseif (isset($_POST['ip'])) {
     // Поиск адреса по запросу из формы
     $get_ip = ip2long($_POST['ip']);
     if (!$get_ip) {
         echo functions::display_error($lng['error_address'], '<a href="index.php?act=ipban&amp;mod=new">' . $lng['back'] . '</a>');
         require_once '../incfiles/end.php';
         exit;
     }
     $req = mysql_query("SELECT * FROM `cms_ban_ip` WHERE '{$get_ip}' BETWEEN `ip1` AND `ip2` LIMIT 1");
 } else {
     echo functions::display_error($lng['error_address'], '<a href="index.php?act=ipban&amp;mod=new">' . $lng['back'] . '</a>');
     require_once '../incfiles/end.php';
     exit;
 }
 if (!mysql_num_rows($req)) {
     echo '<div class="menu"><p>' . $lng['ip_search_notfound'] . '</p></div>';
     echo '<div class="phdr"><a href="index.php?act=ipban">' . $lng['back'] . '</a></div>';
     require_once '../incfiles/end.php';
     exit;
 } else {
     $res = mysql_fetch_array($req);
     $get_ip = $res['ip1'] == $res['ip2'] ? '<b>' . long2ip($res['ip1']) . '</b>' : '[<b>' . long2ip($res['ip1']) . '</b>] - [<b>' . long2ip($res['ip2']) . '</b>]';
     echo '<div class="rmenu"><p>' . $get_ip . '</p></div>';
     echo '<div class="menu"><p><h3>' . $lng['ban_type'] . '</h3>&nbsp;';
     switch ($res['ban_type']) {
         case 2:
예제 #3
0
    -----------------------------------------------------------------
    Параметры комментариев
    -----------------------------------------------------------------
    */
    $arg = array('comments_table' => 'cms_album_comments', 'object_table' => 'cms_album_files', 'script' => 'album.php?act=comments', 'sub_id_name' => 'img', 'sub_id' => $img, 'owner' => $owner['id'], 'owner_delete' => true, 'owner_reply' => true, 'owner_edit' => false, 'title' => $lng['comments'], 'context_top' => $context_top, 'context_bottom' => '');
    /*
    -----------------------------------------------------------------
    Ставим метку прочтения
    -----------------------------------------------------------------
    */
    if (core::$user_id == $user['id'] && $res_obj['unread_comments']) {
        mysql_query("UPDATE `cms_album_files` SET `unread_comments` = '0' WHERE `id` = '{$img}' LIMIT 1");
    }
    /*
    -----------------------------------------------------------------
    Показываем комментарии
    -----------------------------------------------------------------
    */
    require '../incfiles/head.php';
    $comm = new comments($arg);
    /*
    -----------------------------------------------------------------
    Обрабатываем метки непрочитанных комментариев
    -----------------------------------------------------------------
    */
    if ($comm->added && core::$user_id != $owner['id']) {
        mysql_query("UPDATE `cms_album_files` SET `unread_comments` = '1' WHERE `id` = '{$img}' LIMIT 1");
    }
} else {
    echo functions::display_error($lng['error_wrong_data']);
}
예제 #4
0
    $topic = mysql_fetch_assoc($req);
    $req = mysql_query("SELECT `forum`.*, `users`.`id`\n        FROM `forum` LEFT JOIN `users` ON `forum`.`user_id` = `users`.`id`\n        WHERE `forum`.`refid`='{$id}' AND `users`.`rights` < 6 AND `users`.`rights` != 3 GROUP BY `forum`.`from` ORDER BY `forum`.`from`");
    $total = mysql_num_rows($req);
    echo '<div class="phdr"><a href="index.php?id=' . $id . '&amp;start=' . $start . '"><b>' . $lng['forum'] . '</b></a> | ' . $lng_forum['curators'] . '</div>' . '<div class="bmenu">' . $res['text'] . '</div>';
    $curators = array();
    $users = !empty($topic['curators']) ? unserialize($topic['curators']) : array();
    if (isset($_POST['submit'])) {
        $users = isset($_POST['users']) ? $_POST['users'] : array();
        if (!is_array($users)) {
            $users = array();
        }
    }
    if ($total > 0) {
        echo '<form action="index.php?act=curators&amp;id=' . $id . '&amp;start=' . $start . '" method="post">';
        $i = 0;
        while ($res = mysql_fetch_array($req)) {
            $checked = array_key_exists($res['user_id'], $users) ? true : false;
            if ($checked) {
                $curators[$res['user_id']] = $res['from'];
            }
            echo ($i++ % 2 ? '<div class="list2">' : '<div class="list1">') . '<input type="checkbox" name="users[' . $res['user_id'] . ']" value="' . $res['from'] . '"' . ($checked ? ' checked="checked"' : '') . '/>&#160;' . '<a href="../users/profile.php?user='******'user_id'] . '">' . $res['from'] . '</a></div>';
        }
        echo '<div class="gmenu"><input type="submit" value="' . $lng_forum['assign'] . '" name="submit" /></div></form>';
        if (isset($_POST['submit'])) {
            mysql_query("UPDATE `forum` SET `curators`='" . mysql_real_escape_string(serialize($curators)) . "' WHERE `id` = '{$id}'");
        }
    } else {
        echo functions::display_error($lng['list_empty']);
    }
    echo '<div class="phdr">' . $lng['total'] . ': ' . $total . '</div>' . '<p><a href="index.php?id=' . $id . '&amp;start=' . $start . '">' . $lng['back'] . '</a></p>';
}
예제 #5
0
파일: show.php 프로젝트: chegestar/catroxs
    // Доступ через пароль
    if (isset($_POST['password'])) {
        if ($album['password'] == trim($_POST['password'])) {
            $_SESSION['ap'] = $album['password'];
        } else {
            echo functions::display_error($lng['error_wrong_password']);
        }
    }
    if (!isset($_SESSION['ap']) || $_SESSION['ap'] != $album['password']) {
        echo '<form action="album.php?act=show&amp;al=' . $al . '&amp;user='******'id'] . '" method="post"><div class="menu"><p>' . $lng_profile['album_password'] . '<br />' . '<input type="text" name="password"/></p>' . '<p><input type="submit" name="submit" value="' . $lng['login'] . '"/></p>' . '</div></form>' . '<div class="phdr"><a href="album.php?act=list&amp;user='******'id'] . '">' . $lng_profile['album_list'] . '</a></div>';
        require '../incfiles/end.php';
        exit;
    }
} elseif ($album['access'] == 3 && $user['id'] != $user_id && $rights < 6 && !functions::is_friend($user['id'])) {
    // Доступ только для друзей
    echo functions::display_error($lng_profile['friends_only'], '<a href="album.php?act=list&amp;user='******'id'] . '">' . $lng_profile['album_list'] . '</a>');
    require '../incfiles/end.php';
    exit;
}
/*
-----------------------------------------------------------------
Просмотр альбома и фотографий
-----------------------------------------------------------------
*/
if ($view) {
    $kmess = 1;
    $start = isset($_REQUEST['page']) ? $page - 1 : mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_album_files` WHERE `album_id` = '{$al}' AND `id` > '{$img}'"), 0);
    // Обрабатываем ссылку для возврата
    if (empty($_SESSION['ref'])) {
        $_SESSION['ref'] = htmlspecialchars($_SERVER['HTTP_REFERER']);
    }
예제 #6
0
파일: files.php 프로젝트: chegestar/catroxs
    $input = '<input type="hidden" name="t" value="' . $t . '"/>';
} else {
    $id = false;
    $sql = '';
    $lnk = '';
    $caption = '<b>' . $lng_forum['files_forum'] . '</b>';
    $input = '';
}
if ($c || $s || $t) {
    // Получаем имя нужной категории форума
    $req = mysql_query("SELECT `text` FROM `forum` WHERE `id` = '{$id}'");
    if (mysql_num_rows($req) > 0) {
        $res = mysql_fetch_array($req);
        $caption .= $res['text'];
    } else {
        echo functions::display_error($lng['error_wrong_data'], '<a href="index.php">' . $lng['to_forum'] . '</a>');
        require '../incfiles/end.php';
        exit;
    }
}
if ($do || isset($_GET['new'])) {
    /*
    -----------------------------------------------------------------
    Выводим список файлов нужного раздела
    -----------------------------------------------------------------
    */
    $total = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_forum_files` WHERE " . (isset($_GET['new']) ? " `time` > '{$new}'" : " `filetype` = '{$do}'") . $sql), 0);
    if ($total > 0) {
        // Заголовок раздела
        echo '<div class="phdr">' . $caption . (isset($_GET['new']) ? '<br />' . $lng['new_files'] : '') . '</div>' . ($do ? '<div class="bmenu">' . $types[$do] . '</div>' : '');
        $req = mysql_query("SELECT `cms_forum_files`.*, `forum`.`user_id`, `forum`.`text`, `topicname`.`text` AS `topicname`\n            FROM `cms_forum_files`\n            LEFT JOIN `forum` ON `cms_forum_files`.`post` = `forum`.`id`\n            LEFT JOIN `forum` AS `topicname` ON `cms_forum_files`.`topic` = `topicname`.`id`\n            WHERE " . (isset($_GET['new']) ? " `cms_forum_files`.`time` > '{$new}'" : " `filetype` = '{$do}'") . ($rights >= 7 ? '' : " AND `del` != '1'") . $sql . "ORDER BY `time` DESC LIMIT {$start},{$kmess}");
예제 #7
0
파일: index.php 프로젝트: chegestar/catroxs
    }
    return $size;
}
// Массив подключаемых функций
$mods = array('ignor', 'write', 'systems', 'deluser', 'load', 'files', 'input', 'output', 'delete', 'new');
//Проверка выбора функции
if ($act && ($key = array_search($act, $mods)) !== FALSE && file_exists('includes/' . $mods[$key] . '.php')) {
    require 'includes/' . $mods[$key] . '.php';
} else {
    $textl = $lng['mail'];
    require_once '../incfiles/head.php';
    echo '<div class="phdr"><b>' . $lng_mail['contacts'] . '</b></div>';
    if ($id) {
        $req = mysql_query("SELECT * FROM `users` WHERE `id` = '{$id}' LIMIT 1;");
        if (mysql_num_rows($req) == 0) {
            echo functions::display_error($lng['error_user_not_exist']);
            require_once "../incfiles/end.php";
            exit;
        }
        $res = mysql_fetch_assoc($req);
        if ($id == $user_id) {
            echo '<div class="rmenu">' . $lng_mail['impossible_add_contact'] . '</div>';
        } else {
            //Добавляем в заблокированные
            if (isset($_POST['submit'])) {
                $q = mysql_query("SELECT * FROM `cms_contact`\n\t\t\t\tWHERE `user_id`='" . $user_id . "' AND `from_id`='" . $id . "';");
                if (mysql_num_rows($q) == 0) {
                    mysql_query("INSERT INTO `cms_contact` SET\n\t\t\t\t\t`user_id` = '" . $user_id . "',\n\t\t\t\t\t`from_id` = '" . $id . "',\n\t\t\t\t\t`time` = '" . time() . "';");
                }
                echo '<div class="rmenu">' . $lng_mail['add_contact'] . '</div>';
            } else {
예제 #8
0
     echo "";
     require_once '../incfiles/end.php';
     exit;
 }
 $req = mysql_query("SELECT `name` FROM `lib` WHERE `type` = 'bk' AND `id` = '" . $id . "' LIMIT 1");
 if (mysql_num_rows($req) != 1) {
     // если статья не существует, останавливаем скрипт
     echo '<p>ERROR<br/><a href="../index.php">Back</a></p>';
     require_once '../incfiles/end.php';
     exit;
 }
 // Проверка на флуд
 $flood = functions::antiflood();
 if ($flood) {
     require_once '../incfiles/head.php';
     echo functions::display_error($lng['error_flood'] . ' ' . $flood . ' ' . $lng['sec'], '<a href="?act=komm&amp;id=' . $id . '">' . $lng['back'] . '</a>');
     require_once '../incfiles/end.php';
     exit;
 }
 if (isset($_POST['submit'])) {
     if ($_POST['msg'] == "") {
         echo $lng['error_empty_message'] . "<br/><a href='index.php?act=komm&amp;id=" . $id . "'>" . $lng['back'] . "</a><br/>";
         require_once '../incfiles/end.php';
         exit;
     }
     $msg = functions::check($_POST['msg']);
     if ($_POST['msgtrans'] == 1) {
         $msg = functions::trans($msg);
     }
     $msg = mb_substr($msg, 0, 500);
     $agn = strtok($agn, ' ');
예제 #9
0
파일: file.php 프로젝트: chegestar/catroxs
*/
defined('_IN_JOHNCMS') or die('Error: restricted access');
$error = false;
if ($id) {
    /*
    -----------------------------------------------------------------
    Скачивание прикрепленного файла Форума
    -----------------------------------------------------------------
    */
    $req = mysql_query("SELECT * FROM `cms_forum_files` WHERE `id` = '{$id}'");
    if (mysql_num_rows($req)) {
        $res = mysql_fetch_array($req);
        if (file_exists('../files/forum/attach/' . $res['filename'])) {
            $dlcount = $res['dlcount'] + 1;
            mysql_query("UPDATE `cms_forum_files` SET  `dlcount` = '{$dlcount}' WHERE `id` = '{$id}'");
            header('location: ../files/forum/attach/' . $res['filename']);
        } else {
            $error = true;
        }
    } else {
        $error = true;
    }
    if ($error) {
        require '../incfiles/head.php';
        echo functions::display_error($lng['error_file_not_exist'], '<a href="index.php">' . $lng['to_forum'] . '</a>');
        require '../incfiles/end.php';
        exit;
    }
} else {
    header('location: index.php');
}
예제 #10
0
파일: edit.php 프로젝트: chegestar/catroxs
 }
 $req = mysql_query("SELECT * FROM `lib` WHERE `id` = '" . $id . "'");
 $ms = mysql_fetch_array($req);
 if (isset($_POST['submit'])) {
     switch ($ms['type']) {
         case "bk":
             ////////////////////////////////////////////////////////////
             // Сохраняем отредактированную статью                     //
             ////////////////////////////////////////////////////////////
             if (empty($_POST['name'])) {
                 echo functions::display_error($lng['error_empty_title'], '<a href="index.php?act=edit&amp;id=' . $id . '">' . $lng['repeat'] . '</a>');
                 require_once '../incfiles/end.php';
                 exit;
             }
             if (empty($_POST['text'])) {
                 echo functions::display_error($lng['error_empty_text'], '<a href="index.php?act=edit&amp;id=' . $id . '">' . $lng['repeat'] . '</a>');
                 require_once '../incfiles/end.php';
                 exit;
             }
             $text = trim($_POST['text']);
             $autor = isset($_POST['autor']) ? functions::check($_POST['autor']) : '';
             $count = isset($_POST['count']) ? abs(intval($_POST['count'])) : '0';
             if (!empty($_POST['anons'])) {
                 $anons = mb_substr(trim($_POST['anons']), 0, 100);
             } else {
                 $anons = mb_substr($text, 0, 100);
             }
             mysql_query("UPDATE `lib` SET\n                    `name` = '" . mysql_real_escape_string(mb_substr(trim($_POST['name']), 0, 100)) . "',\n                    `announce` = '" . mysql_real_escape_string($anons) . "',\n                    `text` = '" . mysql_real_escape_string($text) . "',\n                    `avtor` = '{$autor}',\n                    `count` = '{$count}'\n                    WHERE `id` = '{$id}'\n                ");
             header('location: index.php?id=' . $id);
             break;
         case "cat":
예제 #11
0
파일: album.php 프로젝트: chegestar/catroxs
*/
if (!$user_id) {
    require '../incfiles/head.php';
    echo functions::display_error($lng['access_guest_forbidden']);
    require '../incfiles/end.php';
    exit;
}
/*
-----------------------------------------------------------------
Получаем данные пользователя
-----------------------------------------------------------------
*/
$user = functions::get_user($user);
if (!$user) {
    require '../incfiles/head.php';
    echo functions::display_error($lng['user_does_not_exist']);
    require '../incfiles/end.php';
    exit;
}
/*
-----------------------------------------------------------------
Функция голосований за фотографии
-----------------------------------------------------------------
*/
function vote_photo($arg = null)
{
    global $lng, $datauser, $user_id, $ban;
    if ($arg) {
        $rating = $arg['vote_plus'] - $arg['vote_minus'];
        if ($rating > 0) {
            $color = 'C0FFC0';
예제 #12
0
////////////////////////////////////////////////////////////////////////////////
// JohnCMS core team:                                                         //
// Евгений Рябинин aka john77          john77@gazenwagen.com                  //
// Олег Касьянов aka AlkatraZ          alkatraz@gazenwagen.com                //
//                                                                            //
// Информацию о версиях смотрите в прилагаемом файле version.txt              //
////////////////////////////////////////////////////////////////////////////////
*/
defined('_IN_JOHNCMS') or die('Error: restricted access');
require_once '../incfiles/head.php';
echo '<div class="phdr"><a href="index.php"><b>' . $lng['downloads'] . '</b></a> | ' . $lng['search'] . '</div>';
if (!empty($_GET['srh'])) {
    $srh = functions::check($_GET['srh']);
} else {
    if ($_POST['srh'] == "") {
        echo functions::display_error($lng_dl['search_string_empty'], '<a href="index.php">' . $lng['back'] . '</a>');
        require_once '../incfiles/end.php';
        exit;
    }
    $srh = functions::check($_POST['srh']);
}
if (!empty($_GET['srh'])) {
    $srh = functions::check($_GET['srh']);
}
$psk = mysql_query("select * from `download` where  type='file' ;");
if (empty($_GET['start'])) {
    $start = 0;
} else {
    $start = $_GET['start'];
}
while ($array = mysql_fetch_array($psk)) {
예제 #13
0
파일: komen.php 프로젝트: chegestar/catroxs
        $us = mysql_query("SELECT `id`, `name` FROM `users` WHERE `id` = '{$res1['user_id']}'");
        if (mysql_num_rows($us)) {
            $rowuse = mysql_fetch_assoc($us);
            $name_use = $user_id ? '<a href="../users/profile.php?id=' . $rowuse['id'] . '">' . $rowuse['name'] . '</a>' : $rowuse['name'];
        } else {
            $name_use = $lng['guest'];
        }
        //
        mysql_query("UPDATE `animes` SET  `count` = (`count`+1) WHERE `id` = '{$id}'");
        echo '<div class="gmenu">
      Ditulis oleh: ' . $name_use . '<br />
      Dilihat: ' . $res1['count'] . ' kali <br />
      Pada: ' . date('d.m.o / H:i', $res1['time'] + $sdvigclock * 3600) . '<br />
      ' . ($res1['time'] > time() ? '<div class="func">Waktu tersisa untuk diperlihatkan: ' . timer($res1['time'] - time()) . '</div>' : '') . '
      <a href="index.php?act=comments&amp;id=' . $id . '">' . $lng['comments'] . '</a> (' . mysql_result(mysql_query("SELECT COUNT(*) FROM `animes_comments` WHERE `refid`='{$id}'"), 0) . ')
      </div>
      ' . ($rights >= 7 ? '<div class="menu"><div class="func">
      <a href="manage.php?act=newsedit&amp;id=' . $id . '">' . $lng['edit'] . '</a><br />
      <a href="manage.php?act=delnews&amp;id=' . $id . '">' . $lng['delete'] . '</a><br />
      </div></div>' : '') . '
      <div class="bmenu">Kategori: <a href="index.php?id=' . $res1['catid'] . '">' . htmlentities($res1['catname'], ENT_QUOTES, 'UTF-8') . '</a></div>';
    } else {
        $textl = 'Blogs';
        require_once '../incfiles/head.php';
        echo functions::display_error('Blogs tidak ada');
    }
} else {
    $textl = 'Blogs';
    require_once '../incfiles/head.php';
    echo functions::display_error('Blogs tidak dipilih');
}
예제 #14
0
파일: ads.php 프로젝트: chegestar/catroxs
 if (!$mesto) {
     $total = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_ads` WHERE `mesto` = '" . $mesto . "' AND `type` = '" . $type . "'"), 0);
     if ($total != 0) {
         $error[] = $lng['links_place_occupied'];
     }
 }
 if ($color) {
     if (preg_match("/[^\\da-fA-F_]+/", $color)) {
         $error[] = $lng['error_wrong_symbols'];
     }
     if (strlen($color) < 6) {
         $error[] = $lng['error_color'];
     }
 }
 if ($error) {
     echo functions::display_error($error, '<a href="index.php?act=ads&amp;from=addlink">' . $lng['back'] . '</a>');
     require '../incfiles/end.php';
     exit;
 }
 if ($id) {
     // Обновляем ссылку после редактирования
     mysql_query("UPDATE `cms_ads` SET\n                    `type` = '{$type}',\n                    `view` = '{$view}',\n                    `link` = '{$link}',\n                    `name` = '{$name}',\n                    `color` = '{$color}',\n                    `count_link` = '{$count}',\n                    `day` = '{$day}',\n                    `layout` = '{$layout}',\n                    `bold` = '{$bold}',\n                    `show` = '{$show}',\n                    `italic` = '{$italic}',\n                    `underline` = '{$underline}'\n                    WHERE `id` = '{$id}'\n                ");
 } else {
     // Добавляем новую ссылку
     $req = mysql_query("SELECT `mesto` FROM `cms_ads` ORDER BY `mesto` DESC LIMIT 1");
     if (mysql_num_rows($req) > 0) {
         $res = mysql_fetch_array($req);
         $mesto = $res['mesto'] + 1;
     } else {
         $mesto = 1;
     }
예제 #15
0
 * @author      http://johncms.com/about
 */
defined('_IN_JOHNCMS') or die('Error: restricted access');
if ($user_id && !$ban['1'] && !$ban['10'] && ($set['mod_down_comm'] || $rights < 7)) {
    if ($_GET['id'] == "") {
        require_once "../incfiles/head.php";
        echo "Не выбран файл<br/><a href='?'>К категориям</a><br/>";
        require_once '../incfiles/end.php';
        exit;
    }
    if (isset($_POST['submit'])) {
        // Проверка на флуд
        $flood = functions::antiflood();
        if ($flood) {
            require_once '../incfiles/head.php';
            echo functions::display_error('Вы не можете так часто добавлять сообщения<br />Пожалуйста, подождите ' . $flood . ' сек.', '<a href="index.php?act=komm&amp;id=' . $id . '">Назад</a>');
            require_once '../incfiles/end.php';
            exit;
        }
        if ($_POST['msg'] == "") {
            require_once "../incfiles/head.php";
            echo "Вы не ввели сообщение!<br/><a href='?act=komm&amp;id=" . $id . "'>К комментариям</a><br/>";
            require_once '../incfiles/end.php';
            exit;
        }
        $msg = functions::check($_POST['msg']);
        if ($_POST[msgtrans] == 1) {
            $msg = functions::trans($msg);
        }
        $msg = mb_substr($msg, 0, 500);
        $agn = strtok($agn, ' ');
예제 #16
0
                            $subtext = '';
                        }
                        $text = ' <span class="gray">(' . functions::display_date($row['mtime']) . ')</span>';
                        $arg = array('header' => $text, 'body' => $post, 'sub' => $subtext);
                        echo functions::display_user($row, $arg);
                        echo '</div>';
                        ++$i;
                    }
                    echo '<div class="phdr">' . $lng['total'] . ': ' . $total . '</div>';
                    if ($total > $kmess) {
                        echo '<div class="topmenu">' . functions::display_pagination('index.php?act=comments&amp;id=' . $id . '&amp;', $start, $total, $kmess) . '</div>';
                        echo '<p><form action="index.php" method="get">
               <input type="hidden" name="act" value="comments"/>
               <input type="hidden" name="id" value="' . $id . '"/>
               <input type="text" name="page" size="2"/>
               <input type="submit" value="' . $lng['to_page'] . ' &gt;&gt;"/></form></p>';
                    }
                } else {
                    echo '<div class="rmenu">Belum ada komentar,jadilah yg pertamax !</div>';
                }
        }
        echo '<div class="bmenu"><a href="index.php?act=view&amp;id=' . $id . '">Kembali</a></div>';
    } else {
        $textl = 'Blogs';
        require_once '../incfiles/head.php';
        echo functions::display_error('Blogs tidak ada');
    }
} else {
    $textl = 'Blogs';
    require_once '../incfiles/head.php';
}
예제 #17
0
파일: edit.php 프로젝트: chegestar/catroxs
    if ($user['dayb'] || $user['monthb'] || $user['yearofbirth']) {
        if ($user['dayb'] < 1 || $user['dayb'] > 31 || $user['monthb'] < 1 || $user['monthb'] > 12) {
            $error[] = $lng_profile['error_birth'];
        }
    }
    if ($user['icq'] && ($user['icq'] < 10000 || $user['icq'] > 999999999)) {
        $error[] = $lng_profile['error_icq'];
    }
    if (!$error) {
        mysql_query("UPDATE `users` SET\n            `imname` = '" . $user['imname'] . "',\n            `live` = '" . $user['live'] . "',\n            `dayb` = '" . $user['dayb'] . "',\n            `monthb` = '" . $user['monthb'] . "',\n            `yearofbirth` = '" . $user['yearofbirth'] . "',\n            `about` = '" . $user['about'] . "',\n            `mibile` = '" . $user['mibile'] . "',\n            `mail` = '" . $user['mail'] . "',\n            `mailvis` = '" . $user['mailvis'] . "',\n            `icq` = '" . $user['icq'] . "',\n            `skype` = '" . $user['skype'] . "',\n            `jabber` = '" . $user['jabber'] . "',\n            `www` = '" . $user['www'] . "'\n            WHERE `id` = '" . $user['id'] . "'\n        ");
        if ($rights >= 7) {
            mysql_query("UPDATE `users` SET\n                `name` = '" . $user['name'] . "',\n                `status` = '" . $user['status'] . "',\n                `karma_off` = '" . $user['karma_off'] . "',\n                `sex` = '" . $user['sex'] . "',\n                `rights` = '" . $user['rights'] . "'\n                WHERE `id` = '" . $user['id'] . "'\n            ");
        }
        echo '<div class="gmenu">' . $lng_profile['data_saved'] . '</div>';
    } else {
        echo functions::display_error($error);
    }
    header('Location: profile.php?act=edit&user='******'id']);
    exit;
}
/*
-----------------------------------------------------------------
Форма редактирования анкеты пользователя
-----------------------------------------------------------------
*/
echo '<form action="profile.php?act=edit&amp;user='******'id'] . '" method="post">' . '<div class="gmenu"><p>' . $lng['login_name'] . ': <b>' . $user['name_lat'] . '</b><br />';
if ($rights >= 7) {
    echo $lng['nick'] . ': (' . $lng_profile['nick_lenght'] . ')<br /><input type="text" value="' . $user['name'] . '" name="name" /><br />' . $lng['status'] . ': (' . $lng_profile['status_lenght'] . ')<br /><input type="text" value="' . $user['status'] . '" name="status" /><br />';
} else {
    echo '<span class="gray">' . $lng['nick'] . ':</span> <b>' . $user['name'] . '</b><br />' . '<span class="gray">' . $lng['status'] . ':</span> ' . $user['status'] . '<br />';
}
예제 #18
0
파일: say.php 프로젝트: chegestar/catroxs
            $qt = functions::checkout($qt, 0, 2);
            if (!empty($_POST['msg']) && !isset($_POST['submit'])) {
                echo '<div class="list1">' . functions::display_user($datauser, array('iphide' => 1, 'header' => '<span class="gray">(' . functions::display_date(time()) . ')</span>', 'body' => $msg_pre)) . '</div>';
            }
            echo '<form name="form" action="index.php?act=say&amp;id=' . $id . '&amp;start=' . $start . (isset($_GET['cyt']) ? '&amp;cyt' : '') . '" method="post"><div class="gmenu">';
            if (isset($_GET['cyt'])) {
                // Форма с цитатой
                echo '<p><b>' . $type1['from'] . '</b> <span class="gray">(' . $vr . ')</span></p>' . '<p><h3>' . $lng_forum['cytate'] . '</h3>' . '<textarea rows="' . $set_user['field_h'] . '" name="citata">' . (empty($_POST['citata']) ? $qt : functions::checkout($_POST['citata'])) . '</textarea>' . '<br /><small>' . $lng_forum['cytate_help'] . '</small></p>';
            } else {
                // Форма с репликой
                echo '<p><h3>' . $lng_forum['reference'] . '</h3>' . '<input type="radio" value="0" ' . (!$txt ? 'checked="checked"' : '') . ' name="txt" />&#160;<b>' . $type1['from'] . '</b>,<br />' . '<input type="radio" value="2" ' . ($txt == 2 ? 'checked="checked"' : '') . ' name="txt" />&#160;<b>' . $type1['from'] . '</b>, ' . $lng_forum['reply_1'] . ',<br />' . '<input type="radio" value="3" ' . ($txt == 3 ? 'checked="checked"' : '') . ' name="txt" />&#160;<b>' . $type1['from'] . '</b>, ' . $lng_forum['reply_2'] . ' (<a href="index.php?act=post&amp;id=' . $type1['id'] . '">' . $vr . '</a>) ' . $lng_forum['reply_3'] . ',<br />' . '<input type="radio" value="4" ' . ($txt == 4 ? 'checked="checked"' : '') . ' name="txt" />&#160;<b>' . $type1['from'] . '</b>, ' . $lng_forum['reply_4'] . '</p>';
            }
            echo '<p><h3>' . $lng_forum['post'] . '</h3>';
            if (!$is_mobile) {
                echo '</p><p>' . bbcode::auto_bb('form', 'msg');
            }
            echo '<textarea rows="' . $set_user['field_h'] . '" name="msg">' . (empty($_POST['msg']) ? '' : functions::checkout($_POST['msg'])) . '</textarea></p>' . '<p><input type="checkbox" name="addfiles" value="1" ' . (isset($_POST['addfiles']) ? 'checked="checked" ' : '') . '/> ' . $lng_forum['add_file'];
            if ($set_user['translit']) {
                echo '<br /><input type="checkbox" name="msgtrans" value="1" ' . (isset($_POST['msgtrans']) ? 'checked="checked" ' : '') . '/> ' . $lng['translit'];
            }
            $token = mt_rand(1000, 100000);
            $_SESSION['token'] = $token;
            echo '</p><p><input type="submit" name="submit" value="' . $lng['sent'] . '" style="width: 107px; cursor: pointer;"/> ' . ($set_forum['preview'] ? '<input type="submit" value="' . $lng['preview'] . '" style="width: 107px; cursor: pointer;"/>' : '') . '<input type="hidden" name="token" value="' . $token . '"/>' . '</p></div></form>';
        }
        echo '<div class="phdr"><a href="../pages/faq.php?act=trans">' . $lng['translit'] . '</a> | ' . '<a href="../pages/faq.php?act=smileys">' . $lng['smileys'] . '</a></div>' . '<p><a href="index.php?id=' . $type1['refid'] . '&amp;start=' . $start . '">' . $lng['back'] . '</a></p>';
        break;
    default:
        require '../incfiles/head.php';
        echo functions::display_error($lng_forum['error_topic_deleted'], '<a href="index.php">' . $lng['to_forum'] . '</a>');
        require '../incfiles/end.php';
}
예제 #19
0
파일: ban.php 프로젝트: chegestar/catroxs
     -----------------------------------------------------------------
     Очищаем историю нарушений юзера
     -----------------------------------------------------------------
     */
     if ($rights == 9) {
         echo '<div class="phdr"><b>' . $lng_ban['infringements_history'] . '</b></div>' . '<div class="gmenu"><p>' . functions::display_user($user) . '</p></div>';
         if (isset($_POST['submit'])) {
             mysql_query("DELETE FROM `cms_ban_users` WHERE `user_id` = '" . $user['id'] . "'");
             echo '<div class="gmenu"><h3>' . $lng_ban['history_cleared'] . '</h3></div>';
         } else {
             echo '<form action="profile.php?act=ban&amp;mod=delhist&amp;user='******'id'] . '" method="post">' . '<div class="menu"><p>' . $lng_ban['clear_confirmation'] . '</p>' . '<p><input type="submit" value="' . $lng['clear'] . '" name="submit" />' . '</p></div></form>';
         }
         $total = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_ban_users` WHERE `user_id` = '" . $user['id'] . "'"), 0);
         echo '<div class="phdr">' . $lng['total'] . ': ' . $total . '</div>' . '<p>' . ($total ? '<a href="profile.php?act=ban&amp;user='******'id'] . '">' . $lng_ban['infringements_history'] . '</a><br />' : '') . '<a href="../' . $set['admp'] . '/index.php?act=ban_panel">' . $lng_ban['ban_panel'] . '</a></p>';
     } else {
         echo functions::display_error($lng_ban['error_rights_clear']);
     }
     break;
 default:
     /*
     -----------------------------------------------------------------
     История нарушений
     -----------------------------------------------------------------
     */
     echo '<div class="phdr"><a href="profile.php?user='******'id'] . '"><b>' . $lng['profile'] . '</b></a> | ' . $lng_ban['infringements_history'] . '</div>';
     // Меню
     $menu = array();
     if ($rights >= 6) {
         $menu[] = '<a href="../' . $set['admp'] . '/index.php?act=ban_panel">' . $lng_ban['ban_panel'] . '</a>';
     }
     if ($rights == 9) {
예제 #20
0
                     $handle->image_y = 120;
                 }
             }
             $handle->image_convert = 'jpg';
             $handle->process('../files/images/');
             if ($handle->processed) {
                 echo '<div class="phdr"><a href="upload_img.php">Kembali</a> | <b>Upload Gambar</b></div>' . '<div class="gmenu">Gambar diupload! Sekarang Anda dapat menyisipkannya ke pesan apapun di situs</div>' . '<div class="menu">BBcode: <input type="text" value="[img=' . $name_file . ']" /></div>' . '<div class="phdr"><a href="upload_img.php">Kembali</a></div>';
             } else {
                 echo functions::display_error($handle->error, '<a href="upload_img.php">Kembali</a>');
             }
         } else {
             echo functions::display_error($handle->error, '<a href="upload_img.php">Kembali</a>');
         }
         $handle->clean();
     } else {
         echo functions::display_error('Tidak ada file yang dipilih', '<a href="upload_img.php">Kembali</a>');
     }
 } else {
     echo '<div class="phdr"> <a href="faq.php?act=tags">ВВcode</a> | <b>Upload Gambar</b></div>' . '<form enctype="multipart/form-data" method="post" action="upload_img.php?img"><div class="list1">' . 'Pilih gambar:<br /><input type="file" name="imagefile" value="" />' . '<input type="hidden" name="MAX_FILE_SIZE" value="' . 1024 * $upload_file_size . '" />' . '<br />' . '<p><input type="submit" name="submit" value="Upload" /></p></div></form>' . '<div class="list2"><small>Type file yang diperbolehkan adalah JPG, JPEG, PNG, dan GIF<br />' . 'Ukuran file tidak boleh melebihi ' . $upload_file_size . 'kb.</small></div>' . '<div class="phdr"><b>Gambar</b></div>';
     $array = glob($rootpath . 'files/images/*preview.jpg');
     $total = count($array);
     $end = $start + $kmess;
     if ($end > $total) {
         $end = $total;
     }
     if ($start >= $total) {
         $start = 0;
         $end = $total > $kmess ? $kmess : $total;
     }
     if ($total > 0) {
         for ($i = $start; $i < $end; $i++) {
예제 #21
0
파일: index.php 프로젝트: chegestar/catroxs
         if ($res['text'] == $msg) {
             header("location: index.php");
             exit;
         }
     }
     if (!$error) {
         // Вставляем сообщение в базу
         mysql_query("INSERT INTO `guest` SET\n                `adm` = '{$admset}',\n                `time` = '" . time() . "',\n                `user_id` = '" . ($user_id ? $user_id : 0) . "',\n                `name` = '{$from}',\n                `text` = '" . mysql_real_escape_string($msg) . "',\n                `ip` = '" . core::$ip . "',\n                `browser` = '" . mysql_real_escape_string($agn) . "',\n                `otvet` = ''\n            ");
         // Фиксируем время последнего поста (антиспам)
         if ($user_id) {
             $postguest = $datauser['postguest'] + 1;
             mysql_query("UPDATE `users` SET `postguest` = '{$postguest}', `lastpost` = '" . time() . "' WHERE `id` = '{$user_id}'");
         }
         header('location: index.php');
     } else {
         echo functions::display_error($error, '<a href="index.php">' . $lng['back'] . '</a>');
     }
     break;
 case 'otvet':
     /*
     -----------------------------------------------------------------
     Добавление "ответа Админа"
     -----------------------------------------------------------------
     */
     if ($rights >= 6 && $id) {
         if (isset($_POST['submit']) && isset($_POST['token']) && isset($_SESSION['token']) && $_POST['token'] == $_SESSION['token']) {
             $reply = isset($_POST['otv']) ? functions::checkin(mb_substr(trim($_POST['otv']), 0, 5000)) : '';
             mysql_query("UPDATE `guest` SET\n                    `admin` = '{$login}',\n                    `otvet` = '" . mysql_real_escape_string($reply) . "',\n                    `otime` = '" . time() . "'\n                    WHERE `id` = '{$id}'\n                ");
             header("location: index.php");
         } else {
             echo '<div class="phdr"><a href="index.php"><b>' . $lng['guestbook'] . '</b></a> | ' . $lng['reply'] . '</div>';
예제 #22
0
파일: faq.php 프로젝트: chegestar/catroxs
     break;
 case 'avatars':
     /*
     -----------------------------------------------------------------
     Каталог пользовательских Аватаров
     -----------------------------------------------------------------
     */
     if ($id && is_dir($rootpath . 'images/avatars/' . $id)) {
         $avatar = isset($_GET['avatar']) ? intval($_GET['avatar']) : false;
         if ($user_id && $avatar && is_file('../images/avatars/' . $id . '/' . $avatar . '.png')) {
             if (isset($_POST['submit'])) {
                 // Устанавливаем пользовательский Аватар
                 if (@copy('../images/avatars/' . $id . '/' . $avatar . '.png', '../files/users/avatar/' . $user_id . '.png')) {
                     echo '<div class="gmenu"><p>' . $lng['avatar_applied'] . '<br />' . '<a href="../users/profile.php?act=edit">' . $lng['continue'] . '</a></p></div>';
                 } else {
                     echo functions::display_error($lng['error_avatar_select'], '<a href="' . $_SESSION['ref'] . '">' . $lng['back'] . '</a>');
                 }
             } else {
                 echo '<div class="phdr"><a href="faq.php?act=avatars"><b>' . $lng['avatars'] . '</b></a> | ' . $lng_faq['set_to_profile'] . '</div>' . '<div class="rmenu"><p>' . $lng_faq['avatar_change_warning'] . '</p>' . '<p><img src="../images/avatars/' . $id . '/' . $avatar . '.png" alt="" /></p>' . '<p><form action="faq.php?act=avatars&amp;id=' . $id . '&amp;avatar=' . $avatar . '" method="post"><input type="submit" name="submit" value="' . $lng['save'] . '"/></form></p>' . '</div>' . '<div class="phdr"><a href="faq.php?act=avatars&amp;id=' . $id . '">' . $lng['cancel'] . '</a></div>';
             }
         } else {
             // Показываем список Аватаров
             echo '<div class="phdr"><a href="faq.php?act=avatars"><b>' . $lng['avatars'] . '</b></a> | ' . htmlentities(file_get_contents($rootpath . 'images/avatars/' . $id . '/name.dat'), ENT_QUOTES, 'utf-8') . '</div>';
             $array = glob($rootpath . 'images/avatars/' . $id . '/*.png');
             $total = count($array);
             $end = $start + $kmess;
             if ($end > $total) {
                 $end = $total;
             }
             if ($total > 0) {
                 for ($i = $start; $i < $end; $i++) {
예제 #23
0
파일: nt.php 프로젝트: chegestar/catroxs
        $fpst = $datauser['postforum'] + 1;
        mysql_query("UPDATE `users` SET\n            `postforum` = '{$fpst}',\n            `lastpost` = '" . time() . "'\n            WHERE `id` = '{$user_id}'\n        ");
        // Ставим метку о прочтении
        mysql_query("INSERT INTO `cms_forum_rdm` SET\n            `topic_id`='{$rid}',\n            `user_id`='{$user_id}',\n            `time`='" . time() . "'\n        ");
        if ($buzz_prefix > 0) {
            mysql_query("UPDATE `forum` SET\n\t\t`tiento` = '{$buzz_prefix}'\n\t\tWHERE `id` = '{$rid}'");
        }
        if ($_POST['addfiles'] == 1) {
            header("Location: index.php?id={$postid}&act=addfile");
        } else {
            header("Location: index.php?id={$rid}");
        }
    } else {
        // Выводим сообщение об ошибке
        require '../incfiles/head.php';
        echo functions::display_error($error, '<a href="index.php?act=nt&amp;id=' . $id . '">' . $lng['repeat'] . '</a>');
        require '../incfiles/end.php';
        exit;
    }
} else {
    $res_r = mysql_fetch_assoc($req_r);
    $req_c = mysql_query("SELECT * FROM `forum` WHERE `id` = '" . $res_r['refid'] . "'");
    $res_c = mysql_fetch_assoc($req_c);
    require '../incfiles/head.php';
    if ($datauser['postforum'] == 0) {
        if (!isset($_GET['yes'])) {
            $lng_faq = core::load_lng('faq');
            echo '<p>' . $lng_faq['forum_rules_text'] . '</p>';
            echo '<p><a href="index.php?act=nt&amp;id=' . $id . '&amp;yes">' . $lng_forum['agree'] . '</a> | <a href="index.php?id=' . $id . '">' . $lng_forum['not_agree'] . '</a></p>';
            require '../incfiles/end.php';
            exit;
예제 #24
0
파일: ignor.php 프로젝트: chegestar/catroxs
                        mysql_query("INSERT INTO `cms_contact` SET\n\t\t\t\t\t`user_id` = '" . $user_id . "',\n\t\t\t\t\t`from_id` = '" . $id . "',\n\t\t\t\t\t`time` = '" . time() . "',\n\t\t\t\t\t`ban`='1';");
                    } else {
                        mysql_query("UPDATE `cms_contact` SET `ban`='1', `friends`='0' WHERE `user_id`='{$user_id}' AND `from_id`='{$id}';");
                        mysql_query("UPDATE `cms_contact` SET `friends`='0' WHERE `user_id`='{$id}' AND `from_id`='{$user_id}';");
                    }
                    echo '<div class="rmenu">' . $lng_mail['user_block'] . '</div>';
                }
            } else {
                echo '<div class="rmenu"><form action="index.php?act=ignor&amp;id=' . $id . '&amp;add" method="post">
			<p>' . $lng_mail['really_block_contact'] . '</p>
			<p><input type="submit" name="submit" value="' . $lng_mail['block'] . '"/></p>
			</form></div>';
                echo '<div class="phdr"><a href="' . (isset($_SERVER['HTTP_REFERER']) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : 'index.php') . '">' . $lng['back'] . '</a></div>';
            }
        } else {
            echo functions::display_error($lng_mail['no_contact_is_chose']);
        }
    } else {
        echo '<div class="topmenu"><a href="index.php">' . $lng_mail['my_contacts'] . '</a> | <b>' . $lng_mail['blocklist'] . '</b></div>';
        //Отображаем список заблокированных контактов
        $total = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_contact` WHERE `user_id` = '" . $user_id . "' AND `ban`='1'"), 0);
        if ($total) {
            if ($total > $kmess) {
                echo '<div class="topmenu">' . functions::display_pagination('index.php?act=ignor&amp;', $start, $total, $kmess) . '</div>';
            }
            $req = mysql_query("SELECT `users`.* FROM `cms_contact`\n\t\t    LEFT JOIN `users` ON `cms_contact`.`from_id`=`users`.`id`\n\t\t    WHERE `cms_contact`.`user_id`='" . $user_id . "'\n\t\t    AND `ban`='1'\n\t\t    ORDER BY `cms_contact`.`time` DESC\n\t\t    LIMIT {$start}, {$kmess}");
            for ($i = 0; ($row = mysql_fetch_assoc($req)) !== FALSE; ++$i) {
                echo $i % 2 ? '<div class="list1">' : '<div class="list2">';
                $subtext = '<a href="index.php?act=write&amp;id=' . $row['id'] . '">' . $lng_mail['correspondence'] . '</a> | <a href="index.php?act=deluser&amp;id=' . $row['id'] . '">' . $lng['delete'] . '</a> | <a href="index.php?act=ignor&amp;id=' . $row['id'] . '&amp;del">' . $lng_mail['enabled'] . '</a>';
                $count_message = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_mail` WHERE ((`user_id`='{$row['id']}' AND `from_id`='{$user_id}') OR (`user_id`='{$user_id}' AND `from_id`='{$row['id']}')) AND `delete`!='{$user_id}' AND `sys`!='1' AND `spam`!='1';"), 0);
                $new_count_message = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_mail` WHERE `cms_mail`.`user_id`='{$user_id}' AND `cms_mail`.`from_id`='{$row['id']}' AND `read`='0' AND `delete`!='{$user_id}' AND `sys`!='1' AND `spam`!='1';"), 0);
예제 #25
0
                  $handle->allowed = array('image/jpeg', 'image/jpg', 'image/gif', 'image/png');
                  $handle->file_max_size = 1024 * $set['flsz'];
                  $handle->file_overwrite = true;
                  $handle->image_resize = true;
                  $handle->image_x = 32;
                  $handle->image_y = 32;
                  $handle->image_convert = 'jpg';
                  $handle->process('../files/blogs/');
                  if ($handle->processed) {
                      @chmod('../files/blogs/anime_icon_' . $id . '.jpg', 0666);
                  }
              }
              $handle->clean();
              Header('Location: ../blogs/index.php?act=view&id=' . $id);
          } else {
              echo functions::display_error($error, '<a href="manage.php?act=news">Ulangi</a>');
          }
      } else {
          echo '<form action="manage.php?act=newsedit&amp;id=' . $id . '" method="post" enctype="multipart/form-data">
 <div class="gmenu"><p>
 <b>Judul Blogs:</b><br />
 <input type="text" name="name" value="' . htmlentities($row['name'], ENT_QUOTES, 'UTF-8') . '" /><br />
 <small>Min. 2, max. 150 karakter</small><br />
 <b>Blogs text:</b><br />
 <textarea name="text" cols="24" rows="4">' . htmlentities($row['text'], ENT_QUOTES, 'UTF-8') . '</textarea><br />
 <small>Min. 2, max. 5000 character</small><br />
 <b>Pilih Kategori:</b><br />
 <select name="cat">';
          $req = mysql_query("SELECT * FROM `animes_cat` ORDER BY `realid` ASC");
          while (($rows = mysql_fetch_assoc($req)) !== false) {
              echo '<option value="' . $rows['id'] . '"' . ($rows['id'] == $row['refid'] ? ' selected="selected"' : '') . '>' . htmlentities($rows['name'], ENT_QUOTES, 'UTF-8') . '</option>';
예제 #26
0
            //$handle->image_text_background_percent = 50;
            //$handle->image_text_padding = 1;
            $handle->process('../files/users/album/' . $user['id'] . '/');
            $img_name = $handle->file_dst_name;
            if ($handle->processed) {
                // Обрабатываем превьюшку
                $handle->file_new_name_body = 'tmb_' . time();
                $handle->image_resize = true;
                $handle->image_x = 80;
                $handle->image_y = 80;
                $handle->image_ratio_no_zoom_in = true;
                $handle->image_convert = 'jpg';
                $handle->process('../files/users/album/' . $user['id'] . '/');
                $tmb_name = $handle->file_dst_name;
                if ($handle->processed) {
                    $description = isset($_POST['description']) ? trim($_POST['description']) : '';
                    $description = mb_substr($description, 0, 500);
                    mysql_query("INSERT INTO `cms_album_files` SET\n                        `album_id` = '{$al}',\n                        `user_id` = '" . $user['id'] . "',\n                        `img_name` = '" . mysql_real_escape_string($img_name) . "',\n                        `tmb_name` = '" . mysql_real_escape_string($tmb_name) . "',\n                        `description` = '" . mysql_real_escape_string($description) . "',\n                        `time` = '" . time() . "',\n                        `access` = '" . $res_a['access'] . "'\n                    ");
                    echo '<div class="gmenu"><p>' . $lng_profile['photo_uploaded'] . '<br />' . '<a href="album.php?act=show&amp;al=' . $al . '&amp;user='******'id'] . '">' . $lng['continue'] . '</a></p></div>' . '<div class="phdr"><a href="profile.php?user='******'id'] . '">' . $lng['profile'] . '</a></div>';
                } else {
                    echo functions::display_error($handle->error);
                }
            } else {
                echo functions::display_error($handle->error);
            }
            $handle->clean();
        }
    } else {
        echo '<form enctype="multipart/form-data" method="post" action="album.php?act=image_upload&amp;al=' . $al . '&amp;user='******'id'] . '">' . '<div class="menu"><p><h3>' . $lng_profile['select_image'] . '</h3>' . '<input type="file" name="imagefile" value="" /></p>' . '<p><h3>' . $lng['description'] . '</h3>' . '<textarea name="description" rows="' . $set_user['field_h'] . '"></textarea><br />' . '<small>' . $lng['not_mandatory_field'] . ', max. 500</small></p>' . '<input type="hidden" name="MAX_FILE_SIZE" value="' . 1024 * $set['flsz'] . '" />' . '<p><input type="submit" name="submit" value="' . $lng_profile['upload'] . '" /></p>' . '</div></form>' . '<div class="phdr"><small>' . $lng_profile['select_image_help'] . ' ' . $set['flsz'] . 'kb.<br />' . $lng_profile['select_image_help_5'] . '</small></div>' . '<p><a href="album.php?act=show&amp;al=' . $al . '&amp;user='******'id'] . '">' . $lng['back'] . '</a></p>';
    }
}
예제 #27
0
파일: index.php 프로젝트: chegestar/catroxs
 * @copyright   Copyright (C) 2008-2011 JohnCMS Community
 * @license     LICENSE.txt (see attached file)
 * @version     VERSION.txt (see attached file)
 * @author      http://johncms.com/about
 */
define('_IN_JOHNCMS', 1);
$headmod = 'users';
require '../incfiles/core.php';
/*
-----------------------------------------------------------------
Закрываем от неавторизованных юзеров
-----------------------------------------------------------------
*/
if (!$user_id && !$set['active']) {
    require '../incfiles/head.php';
    echo functions::display_error($lng['access_guest_forbidden']);
    require '../incfiles/end.php';
    exit;
}
/*
-----------------------------------------------------------------
Переключаем режимы работы
-----------------------------------------------------------------
*/
$array = array('admlist' => 'includes', 'birth' => 'includes', 'online' => 'includes', 'search' => 'includes', 'top' => 'includes', 'userlist' => 'includes');
$path = !empty($array[$act]) ? $array[$act] . '/' : '';
if (array_key_exists($act, $array) && file_exists($path . $act . '.php')) {
    require_once $path . $act . '.php';
} else {
    /*
    -----------------------------------------------------------------
예제 #28
0
파일: load.php 프로젝트: chegestar/catroxs
/**
 * @package     JohnCMS
 * @link        http://johncms.com
 * @copyright   Copyright (C) 2008-2011 JohnCMS Community
 * @license     LICENSE.txt (see attached file)
 * @version     VERSION.txt (see attached file)
 * @author      http://johncms.com/about
 */
defined('_IN_JOHNCMS') or die('Error: restricted access');
$textl = $lng['mail'];
require_once '../incfiles/head.php';
if ($id) {
    $req = mysql_query("SELECT * FROM `cms_mail` WHERE (`user_id`='{$user_id}' OR `from_id`='{$user_id}') AND `id` = '{$id}' AND `file_name` != '' AND `delete`!='{$user_id}' LIMIT 1");
    if (mysql_num_rows($req) == 0) {
        //Выводим ошибку
        echo functions::display_error($lng_mail['file_does_not_exist']);
        require_once "../incfiles/end.php";
        exit;
    }
    $res = mysql_fetch_assoc($req);
    if (file_exists('../files/mail/' . $res['file_name'])) {
        mysql_query("UPDATE `cms_mail` SET `count` = `count`+1 WHERE `id` = '{$id}' LIMIT 1");
        Header('Location: ../files/mail/' . $res['file_name']);
        exit;
    } else {
        echo functions::display_error($lng_mail['file_does_not_exist']);
    }
} else {
    echo functions::display_error($lng_mail['file_is_not_chose']);
}
예제 #29
0
////////////////////////////////////////////////////////////////////////////////
*/
defined('_IN_JOHNCMS') or die('Error: restricted access');
require_once '../incfiles/head.php';
if ($rights == 4 || $rights >= 6) {
    if ($_GET['file'] == "") {
        echo functions::display_error($lng_dl['file_not_selected'], '<a href="index.php">' . $lng['back'] . '</a>');
        require_once '../incfiles/end.php';
        exit;
    }
    $file = intval(trim($_GET['file']));
    $file1 = mysql_query("select * from `download` where type = 'file' and id = '" . $file . "';");
    $file2 = mysql_num_rows($file1);
    $adrfile = mysql_fetch_array($file1);
    if ($file1 == 0 || !is_file("{$adrfile['adres']}/{$adrfile['name']}")) {
        echo functions::display_error($lng_dl['file_select_error'], '<a href="index.php">' . $lng['back'] . '</a>');
        require_once '../incfiles/end.php';
        exit;
    }
    if (isset($_POST['submit'])) {
        $scrname = $_FILES['screens']['name'];
        $scrsize = $_FILES['screens']['size'];
        $scsize = GetImageSize($_FILES['screens']['tmp_name']);
        $scwidth = $scsize[0];
        $scheight = $scsize[1];
        $ffot = strtolower($scrname);
        $dopras = array("gif", "jpg", "png");
        if ($scrname != "") {
            $formfot = functions::format($ffot);
            if (!in_array($formfot, $dopras)) {
                echo $lng_dl['screenshot_upload_error'] . '<br/><a href="index.php?act=screen&amp;file=' . $file . '">' . $lng['repeat'] . '</a><br/>';
예제 #30
0
         echo '</div><div class="phdr">' . $lng['total'] . ': ' . count($scaner->bad_files) . '</div>';
     } else {
         echo '<div class="gmenu">' . $lng['antispy_dist_scan_good'] . '</div>';
     }
     echo '<p><a href="index.php?act=antispy&amp;mod=scan">' . $lng['antispy_rescan'] . '</a></p>';
     break;
 case 'snapscan':
     /*
     -----------------------------------------------------------------
     Сканируем на соответствие ранее созданному снимку
     -----------------------------------------------------------------
     */
     $scaner->snapscan();
     echo '<div class="phdr"><a href="index.php?act=antispy"><b>' . $lng['antispy'] . '</b></a> | ' . $lng['antispy_snapshot_scan'] . '</div>';
     if (count($scaner->track_files) == 0) {
         echo functions::display_error($lng['antispy_no_snapshot'], '<a href="index.php?act=antispy&amp;mod=snap">' . $lng['antispy_snapshot_create'] . '</a>');
     } else {
         if (count($scaner->bad_files)) {
             echo '<div class="rmenu">' . $lng['antispy_snapshot_scan_bad'] . '</div>';
             echo '<div class="menu">';
             foreach ($scaner->bad_files as $idx => $data) {
                 echo $data['file_path'] . '<br />';
             }
             echo '</div>';
         } else {
             echo '<div class="gmenu">' . $lng['antispy_snapshot_scan_ok'] . '</div>';
         }
         echo '<div class="phdr">' . $lng['total'] . ': ' . count($scaner->bad_files) . '</div>';
     }
     break;
 case 'snap':