예제 #1
0
define('_IN_JOHNCMS', 1);
$rootpath = '';
require 'incfiles/core.php';
$textl = $lng['registration'];
$headmod = 'registration';
require 'incfiles/head.php';
$lng_reg = core::load_lng('registration');
// Если регистрация закрыта, выводим предупреждение
if (core::$deny_registration || !$set['mod_reg']) {
    echo '<p>' . $lng_reg['registration_closed'] . '</p>';
    require 'incfiles/end.php';
    exit;
}
$captcha = isset($_POST['captcha']) ? trim($_POST['captcha']) : NULL;
$reg_nick = isset($_POST['nick']) ? trim($_POST['nick']) : '';
$lat_nick = functions::rus_lat(mb_strtolower($reg_nick));
$reg_pass = isset($_POST['password']) ? trim($_POST['password']) : '';
$reg_name = isset($_POST['imname']) ? trim($_POST['imname']) : '';
$reg_about = isset($_POST['about']) ? trim($_POST['about']) : '';
$reg_sex = isset($_POST['sex']) ? functions::check(mb_substr(trim($_POST['sex']), 0, 2)) : '';
echo '<div class="phdr"><b>' . $lng['registration'] . '</b></div>';
if (isset($_POST['submit'])) {
    // Принимаем переменные
    $error = array();
    // Проверка Логина
    if (empty($reg_nick)) {
        $error['login'][] = $lng_reg['error_nick_empty'];
    } elseif (mb_strlen($reg_nick) < 2 || mb_strlen($reg_nick) > 15) {
        $error['login'][] = $lng_reg['error_nick_lenght'];
    }
    if (preg_match('/[^\\da-z\\-\\@\\*\\(\\)\\?\\!\\~\\_\\=\\[\\]]+/', $lat_nick)) {
예제 #2
0
-----------------------------------------------------------------
*/
$error = array();
if (!empty($search) && (mb_strlen($search) < 2 || mb_strlen($search) > 20)) {
    $error[] = $lng['nick'] . ': ' . $lng['error_wrong_lenght'];
}
if (preg_match("/[^1-9a-z\\-\\@\\*\\(\\)\\?\\!\\~\\_\\=\\[\\]]+/", functions::rus_lat(mb_strtolower($search)))) {
    $error[] = $lng['nick'] . ': ' . $lng['error_wrong_symbols'];
}
if ($search && !$error) {
    /*
    -----------------------------------------------------------------
    Выводим результаты поиска
    -----------------------------------------------------------------
    */
    $search_db = functions::rus_lat(mb_strtolower($search));
    $search_db = strtr($search_db, array('_' => '\\_', '%' => '\\%'));
    $search_db = '%' . $search_db . '%';
    $total = mysql_result(mysql_query("SELECT COUNT(*) FROM `users` WHERE `name_lat` LIKE '" . mysql_real_escape_string($search_db) . "'"), 0);
    echo '<div class="phdr"><b>' . $lng['search_results'] . '</b></div>';
    if ($total > $kmess) {
        echo '<div class="topmenu">' . functions::display_pagination('search.php?search=' . urlencode($search) . '&amp;', $start, $total, $kmess) . '</div>';
    }
    if ($total > 0) {
        $req = mysql_query("SELECT * FROM `users` WHERE `name_lat` LIKE '" . mysql_real_escape_string($search_db) . "' ORDER BY `name` ASC LIMIT {$start}, {$kmess}");
        $i = 0;
        while ($res = mysql_fetch_assoc($req)) {
            echo $i % 2 ? '<div class="list2">' : '<div class="list1">';
            $res['name'] = mb_strlen($search) < 2 ? $res['name'] : preg_replace('|(' . preg_quote($search, '/') . ')|siu', '<span style="background-color: #FFFF33">$1</span>', $res['name']);
            echo functions::display_user($res);
            echo '</div>';
예제 #3
0
파일: edit.php 프로젝트: chegestar/catroxs
 $user['www'] = isset($_POST['www']) ? functions::check(mb_substr($_POST['www'], 0, 40)) : '';
 // Данные юзера (для Администраторов)
 $user['name'] = isset($_POST['name']) ? functions::check(mb_substr($_POST['name'], 0, 20)) : $user['name'];
 $user['status'] = isset($_POST['status']) ? functions::check(mb_substr($_POST['status'], 0, 50)) : '';
 $user['karma_off'] = isset($_POST['karma_off']);
 $user['sex'] = isset($_POST['sex']) && $_POST['sex'] == 'm' ? 'm' : 'zh';
 $user['rights'] = isset($_POST['rights']) ? abs(intval($_POST['rights'])) : $user['rights'];
 // Проводим необходимые проверки
 if ($user['rights'] > $rights || $user['rights'] > 9 || $user['rights'] < 0) {
     $user['rights'] = 0;
 }
 if ($rights >= 7) {
     if (mb_strlen($user['name']) < 2 || mb_strlen($user['name']) > 20) {
         $error[] = $lng_profile['error_nick_lenght'];
     }
     $lat_nick = functions::rus_lat(mb_strtolower($user['name']));
     if (preg_match("/[^0-9a-z\\-\\@\\*\\(\\)\\?\\!\\~\\_\\=\\[\\]]+/", $lat_nick)) {
         $error[] = $lng_profile['error_nick_symbols'];
     }
 }
 if ($user['dayb'] || $user['monthb'] || $user['yearofbirth']) {
     if ($user['dayb'] < 1 || $user['dayb'] > 31 || $user['monthb'] < 1 || $user['monthb'] > 12) {
         $error[] = $lng_profile['error_birth'];
     }
 }
 if ($user['icq'] && ($user['icq'] < 10000 || $user['icq'] > 999999999)) {
     $error[] = $lng_profile['error_icq'];
 }
 if (!$error) {
     mysql_query("UPDATE `users` SET\n            `imname` = '" . $user['imname'] . "',\n            `live` = '" . $user['live'] . "',\n            `dayb` = '" . $user['dayb'] . "',\n            `monthb` = '" . $user['monthb'] . "',\n            `yearofbirth` = '" . $user['yearofbirth'] . "',\n            `about` = '" . $user['about'] . "',\n            `mibile` = '" . $user['mibile'] . "',\n            `mail` = '" . $user['mail'] . "',\n            `mailvis` = '" . $user['mailvis'] . "',\n            `icq` = '" . $user['icq'] . "',\n            `skype` = '" . $user['skype'] . "',\n            `jabber` = '" . $user['jabber'] . "',\n            `www` = '" . $user['www'] . "'\n            WHERE `id` = '" . $user['id'] . "'\n        ");
     if ($rights >= 7) {
예제 #4
0
파일: skl.php 프로젝트: chegestar/catroxs
{
    $vals = "abcdefghijklmnopqrstuvwxyz0123456789";
    $result = '';
    for ($i = 1; $i <= $length; $i++) {
        $result .= $vals[rand(0, strlen($vals))];
    }
    return $result;
}
switch ($act) {
    case 'sent':
        /*
        -----------------------------------------------------------------
        Отправляем E-mail с инструкциями по восстановлению пароля
        -----------------------------------------------------------------
        */
        $nick = isset($_POST['nick']) ? functions::rus_lat(mb_strtolower(functions::check($_POST['nick']))) : '';
        $email = isset($_POST['email']) ? htmlspecialchars(trim($_POST['email'])) : '';
        $code = isset($_POST['code']) ? trim($_POST['code']) : '';
        $check_code = md5(rand(1000, 9999));
        $error = false;
        if (!$nick || !$email || !$code) {
            $error = $lng['error_empty_fields'];
        } elseif (!isset($_SESSION['code']) || mb_strlen($code) < 4 || $code != $_SESSION['code']) {
            $error = $lng_pass['error_code'];
        }
        unset($_SESSION['code']);
        if (!$error) {
            // Проверяем данные по базе
            $req = mysql_query("SELECT * FROM `users` WHERE `name_lat` = '{$nick}' LIMIT 1");
            if (mysql_num_rows($req) == 1) {
                $res = mysql_fetch_array($req);
예제 #5
0
    case 'upload':
        $c = '../images/smileys/user/' . $do . '/';
        if (!is_dir($c)) {
            echo functions::display_error($lng['error_wrong_data']);
            echo '<p><a href="index.php">' . $lng['admin_panel'] . '</a></p>';
            require_once '../incfiles/end.php';
            exit;
        }
        $name_cat = $lng_smileys[$do] ? $lng_smileys[$do] : $do;
        echo '<div class="mainblok"><div class="phdr"><a href="?act=smileys&amp;do=' . $do . '&amp;mod=show_cat"><b>' . htmlspecialchars($name_cat) . '</b></a>
| Upload</div>';
        if (isset($_POST['submit'])) {
            $format = functions::format($_FILES['smiley']['name']);
            $_FILES['smiley']['name'] = str_replace('.' . $format, '', strtolower($_FILES['smiley']['name']));
            $name = $_POST['name'] ? $_POST['name'] : $_FILES['smiley']['name'];
            $name = functions::rus_lat($name);
            $name = preg_replace('/[^_a-z0-9]/i', '', $name);
            $glob = glob('../images/smileys/user/*/*.{gif,jpg,png}', GLOB_BRACE);
            foreach ($glob as $val) {
                $val = explode('/', $val);
                $val = array_pop($val);
                $val = str_replace('.' . $format, '', $val);
                if ($val == $name) {
                    $i = 1;
                }
            }
            if ($i) {
                $error[] = 'Smile with the same name already exists.';
            }
            if ($error) {
                echo functions::display_error($error);
예제 #6
0
    echo functions::display_error($lng_forum['error_file_uploaded']);
    require '../incfiles/end.php';
    exit;
}
if (isset($_POST['submit'])) {
    /*
    -----------------------------------------------------------------
    Проверка, был ли выгружен файл и с какого браузера
    -----------------------------------------------------------------
    */
    $do_file = false;
    $file = '';
    if ($_FILES['fail']['size'] > 0) {
        // Проверка загрузки с обычного браузера
        $do_file = true;
        $file = functions::rus_lat(mb_strtolower($_FILES['fail']['name']));
        $fsize = $_FILES['fail']['size'];
    }
    /*
    -----------------------------------------------------------------
    Обработка файла (если есть), проверка на ошибки
    -----------------------------------------------------------------
    */
    if ($do_file) {
        // Список допустимых расширений файлов.
        $al_ext = array_merge($ext_win, $ext_java, $ext_sis, $ext_doc, $ext_pic, $ext_arch, $ext_video, $ext_audio, $ext_other);
        $ext = explode(".", $file);
        $error = array();
        // Проверка на допустимый размер файла
        if ($fsize > 1024 * $set['flsz']) {
            $error[] = $lng_forum['error_file_size'] . ' ' . $set['flsz'] . 'kb.';
예제 #7
0
파일: login.php 프로젝트: chegestar/catroxs
$user_code = isset($_POST['code']) ? trim($_POST['code']) : NULL;
if ($user_pass && !$user_login && !$id) {
    $error[] = $lng['error_login_empty'];
}
if (($user_login || $id) && !$user_pass) {
    $error[] = $lng['error_empty_password'];
}
if ($user_login && (mb_strlen($user_login) < 2 || mb_strlen($user_login) > 20)) {
    $error[] = $lng['nick'] . ': ' . $lng['error_wrong_lenght'];
}
if ($user_pass && (mb_strlen($user_pass) < 3 || mb_strlen($user_pass) > 15)) {
    $error[] = $lng['password'] . ': ' . $lng['error_wrong_lenght'];
}
if (!$error && $user_pass && ($user_login || $id)) {
    // Query database bagi pengguna
    $sql = $id ? "`id` = '{$id}'" : "`name_lat`='" . functions::rus_lat(mb_strtolower($user_login)) . "'";
    $req = mysql_query("SELECT * FROM `users` WHERE {$sql} LIMIT 1");
    if (mysql_num_rows($req)) {
        $user = mysql_fetch_assoc($req);
        if ($user['failed_login'] > 2) {
            if ($user_code) {
                if (mb_strlen($user_code) > 3 && $user_code == $_SESSION['code']) {
                    // Jika kode keamanan benar
                    unset($_SESSION['code']);
                    $captcha = TRUE;
                } else {
                    // Jika kode keamanan salah
                    unset($_SESSION['code']);
                    $error[] = $lng['error_wrong_captcha'];
                }
            } else {
예제 #8
0
파일: write.php 프로젝트: chegestar/catroxs
			</form>
			</div>';
        }
        echo '<div class="phdr"><a href="index.php?act=write&amp;id=' . $id . '">' . $lng['back'] . '</a></div>';
        echo '<p><a href="../users/profile.php?act=office">' . $lng['personal'] . '</a></p>';
        require_once '../incfiles/end.php';
        exit;
    }
}
if (empty($_SESSION['error'])) {
    $_SESSION['error'] = '';
}
$out .= '<div class="phdr"><b>' . $lng['mail'] . '</b></div>';
if (isset($_POST['submit']) && empty($ban['1']) && empty($ban['3']) && !functions::is_ignor($id)) {
    if (!$id) {
        $name = isset($_POST['nick']) ? functions::rus_lat(mb_strtolower(trim($_POST['nick']))) : '';
    }
    $text = isset($_POST['text']) ? trim($_POST['text']) : '';
    if ($set_user['translit'] && isset($_POST['msgtrans'])) {
        $text = functions::trans($text);
    }
    $newfile = '';
    $sizefile = 0;
    $do_file = FALSE;
    $do_file_mini = FALSE;
    $error = array();
    if (!$id && empty($name)) {
        $error[] = $lng_mail['indicate_login_grantee'];
    }
    if (empty($text)) {
        $error[] = $lng_mail['message_not_empty'];