function test() { spl_autoload_call('FormKit\\ResponseUtils'); block_start('level-1'); ?> Block 1<?php $content = block_end(); is('Block 1', $content); $content = FormKit\Block::getContent('level-1'); is('Block 1', $content); }
function comment_form() { global $comment, $id, $cid; block_begin(NEW_COMMENT); $comment = str_replace('\\r\\n', "\n", $comment); ?> <center> <form enctype='multipart/form-data' name='comment' method='post'> <input type='hidden' name='info_hash' value='<?php echo $id; ?> ' /> <table class='lista' border='0' cellpadding='10'> <tr> <tr><td align='left' class='header'><?php echo USER_NAME; ?> :</td><td class='lista' align='left'><input name='user' type='text' value='<?php echo security::html_safe($_GET["usern"]); ?> ' size='20' maxlength='100' disabled; readonly></td></tr> <tr><td align='left' class='header'><?php echo COMMENT_1; ?> :</td><td class='lista' align='left'><?php textbbcode("comment", "comment", security::html_safe(unesc($comment))); ?> </td></tr> <tr><td class='header' colspan='2' align='center'><input type='submit' name='confirm' value='<?php echo FRM_CONFIRM; ?> ' /> <input type='submit' name='confirm' value='<?php echo FRM_PREVIEW; ?> ' /></td></tr> </table> </form> </center> <?php block_end(); }
function _torrenttable($res, $frame_caption, $speed = "false") { global $db; block_begin($frame_caption, 'center'); begin_table(); $num = 0; while ($a = $res->fetch_assoc()) { ++$num; if ($a["leechers"] > 0) { $r = (int) $a["seeds"] / (int) $a["leechers"]; $ratio = number_format($r, 2); } else { $ratio = INFINITE; } if (!isset($menu)) { $menu = ""; } if ($menu != "1") { echo "<tr>" . "<table width='100%' class='lista'>" . "<td class='header' align='center'>" . USER_LEVEL . "</td>" . "<td class='header'>" . FILE . "</td>"; if ($speed != "true") { echo "<td class='header' align='center'>" . FINISHED . "</td>" . "<td class='header' align='center'>" . SEEDERS . "</td>" . "<td class='header' align='center'>" . LEECHERS . "</td>" . "<td class='header' align='center'>" . PEERS . "</td>" . "<td class='header' align='center'>" . RATIO . "</td>"; } else { echo "<td class='header' align='right'>" . SPEED . "</td>"; } echo "</tr>"; $menu = 1; } print "<tr><td class='lista' align='center'>" . $num . "</td><td class='lista' align='left'>"; print "<a href='" . "details.php?id=" . $a['hash'] . "'>" . "<b>"; print security::html_safe($a["name"]) . "</b></a></td>"; if ($speed != "true") { print "<td class='lista' align='center' width='10%' ><a href='torrent_history.php?id=" . $a["hash"] . "'>" . number_format((int) $a["finished"]) . "</a></td><td class='lista' align='center' width='10%' ><a href='peers.php?id=" . $a["hash"] . "'>" . number_format((int) $a["seeds"]) . "</a></td><td class='lista' align='center' width='10%' > <a href='peers.php?id=" . $a["hash"] . "'>" . number_format((int) $a["leechers"]) . "</a></td><td class='lista' align='center' width='10%' > <a href='peers.php?id=" . $a["hash"] . "'>" . number_format((int) $a["leechers"] + (int) $a["seeds"]) . "</a></td><td class='lista' align='center' width='10%'>" . $ratio . "</td>\n"; } else { print "<td class='lista' align='center'>" . misc::makesize((int) $a["speed"]) . "/s" . "\n"; } } end_table(); block_end(); }
print "<td align='center' class='header'>" . UPLOADED . "</td>\n"; print "<td align='center' class='header'>" . RATIO . "</td>\n"; print "<td align='center' class='header'>" . FINISHED . "</td></tr>\n"; while ($row = $res->fetch_array(MYSQLI_BOTH)) { print "<tr><td align='center' class='lista'>" . "<a href='userdetails.php?id=" . (int) $row["uid"] . "'>" . security::html_safe(unesc($row["username"])) . "</a></td>" . "<td align='center' class='lista'><a href='usercp.php?do=pm&action=edit&uid=" . user::$current['uid'] . "&what=new&to=" . urlencode(unesc($row["username"])) . "'>" . image_or_link($STYLEPATH . "/pm.png", "", "PM") . "</a></td>"; if ($row["flagpic"] != "") { print "<td align='center' class='lista'><img src='images/flag/" . $row["flagpic"] . "' alt='" . security::html_safe($row["country"]) . "' /></td>"; } else { print "<td align='center' class='lista'><img src='images/flag/unknown.gif' alt='" . UNKNOWN . "' /></td>"; } print "<td align='center' class='lista'>" . $row["active"] . "</td>"; print "<td align='center' class='lista'>" . security::html_safe($row["agent"]) . "</td>"; $dled = misc::makesize((int) $row["downloaded"]); $upld = misc::makesize((int) $row["uploaded"]); print "<td align='center' class='lista'>" . $dled . "</td>"; print "<td align='center' class='lista'>" . $upld . "</td>"; if (intval($row["downloaded"]) > 0) { $ratio = number_format((int) $row["uploaded"] / (int) $row["downloaded"], 2); } else { $ratio = "∞"; } print "<td align='center' class='lista'>" . $ratio . "</td>"; print "<td align='center' class='lista'>" . get_elapsed_time($row["date"]) . " ago</td></tr>"; } if ($res->num_rows == 0) { print "<tr><td align='center' colspan='9' class='lista'>No history to display</td></tr>"; } print "</table>"; print "</div><br /><br /><center><a href='javascript: history.go(-1);'>" . BACK . "</a>"; block_end(); stdfoot();
function insert_compose_frame($id, $newtopic = true, $quote = false) { global $maxsubjectlength, $db; MCached::connect(); if ($newtopic) { $arr = MCached::get('forums::name::' . $id); if ($arr === MCached::NO_RESULT) { $res = $db->query("SELECT name FROM forums WHERE id = " . $id) or sqlerr(__FILE__, __LINE__); $arr = $res->fetch_assoc() or die(BAD_FORUM_ID); MCached::add('forums::name::' . $id, $arr, 9600); } $forumname = security::html_safe(unesc($arr["name"])); block_begin(WORD_NEW . " " . TOPIC . " " . IN . " <a href='?action=viewforum&forumid=" . $id . "'>" . $forumname . "</a> " . FORUM); } else { $arr = MCached::get('quick::jump::topics::' . $id); if ($arr === MCached::NO_RESULT) { $res = $db->query("SELECT * FROM topics WHERE id = " . $id) or sqlerr(__FILE__, __LINE__); $arr = $res->fetch_assoc() or stderr(ERROR, FORUM_ERROR . TOPIC_NOT_FOUND); MCached::add('quick::jump::topics::' . $id, $arr, 9600); } $subject = security::html_safe(unesc($arr["subject"])); block_begin(REPLY . " " . TOPIC . ": <a href='?action=viewtopic&topicid=" . $id . "'>" . $subject . "</a>"); } begin_frame(); print "<form method='post' name='compose' action='?action=post'>\n"; if ($newtopic) { print "<input type='hidden' name='forumid' value='" . $id . "'>\n"; } else { print "<input type='hidden' name='topicid' value='" . $id . "'>\n"; } begin_table(); if ($newtopic) { print "<tr><td class='header'>" . SUBJECT . "</td>" . "<td class='lista' align='left' style='padding: 0px'><input type='text' size='50' maxlength='" . $maxsubjectlength . "' name='subject' " . "style='border: 0px; height: 19px'></td></tr>\n"; } if ($quote) { $postid = 0 + (int) $_GET["postid"]; if (!is_valid_id($postid)) { die; } $res = $db->query("SELECT posts.*, users.username FROM posts INNER JOIN users ON posts.userid = users.id WHERE posts.id = " . $postid) or sqlerr(__FILE__, __LINE__); if ($res->num_rows != 1) { stderr(ERROR, ERR_NO_POST_WITH_ID . "" . $postid); } $arr = $res->fetch_assoc(); } print "<tr><td class='header'>" . BODY . "</td><td class='lista' align='left' style='padding: 0px'>"; textbbcode("compose", "body", $quote ? "[quote=" . security::html_safe($arr["username"]) . "]" . security::html_safe(unesc($arr["body"])) . "[/quote]" : ""); print "<tr><td colspan='2' align='center'><input type='submit' class='btn' value='" . FRM_CONFIRM . "'></td></tr>\n"; print "</td></tr>"; end_table(); print "</form>\n"; end_frame(); //------ Get 10 last posts if this is a reply if (!$newtopic) { $postres = $db->query("SELECT * FROM posts WHERE topicid = " . $id . " ORDER BY id DESC LIMIT 10") or sqlerr(__FILE__, __LINE__); begin_frame(LAST_10_POSTS, true); while ($post = $postres->fetch_assoc()) { //-- Get poster details $userres = $db->query("SELECT * FROM users WHERE id = " . (int) $post["userid"] . " LIMIT 1") or sqlerr(__FILE__, __LINE__); $user = $userres->fetch_assoc(); $avatar = $user["avatar"] && $user["avatar"] != "" ? security::html_safe($user["avatar"]) : ""; begin_table(true); print "<tr valign='top'><td width='150' align='center' style='padding: 0px'>#" . (int) $post["id"] . " by " . security::html_safe($user["username"]) . "<br />" . get_date_time($post["added"]) . ($avatar != "" ? "<br /><img width='80' src='" . $avatar . "'>" : "") . "</td><td class='lista'>" . format_comment(unesc($post["body"])) . "</td></tr><br>\n"; end_table(); } end_frame(); } if (!isset($forumid)) { $forumid = 0; } insert_quick_jump_menu($forumid); block_end(); }
// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING // NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, // EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. // //////////////////////////////////////////////////////////////////////////////////// // CyBerFuN.ro & xList.ro // xList .::. Last Member Block // http://tracker.cyberfun.ro/ // http://www.cyberfun.ro/ // http://xlist.ro/ // Modified By CyBerNe7 global $CURUSER, $btit_settings; if (!$CURUSER || $CURUSER["view_users"] == "no") { // do nothing } else { //lastest member block_begin("Latest Member"); $a = get_result("SELECT id,username FROM {$TABLE_PREFIX}users WHERE id_level<>1 AND id_level<>2 ORDER BY id DESC LIMIT 1", true, $btit_settings['cache_duration']); if ($a) { $a = $a[0]; if ($CURUSER["view_users"] == "yes") { $latestuser = "******"index.php?page=userdetails&id=" . $a["id"] . "\">" . $a["username"] . "</a>"; } else { $latestuser = $a['username']; } echo " <div align=\"center\"><table border=\"0\" align=\"center\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" > <tr><td class=\"blocklist\" align=\"center\">" . $language["WELCOME_LASTUSER"] . "<br /><b>{$latestuser}</b>!</td></tr></table></div>\n"; } block_end(""); } // end if user can view //end
function aggiungiutente() { global $DBDT, $INVITATIONSON, $VALID_INV, $SITENAME, $SITEEMAIL, $BASEURL, $VALIDATION, $USERLANG, $USE_IMAGECODE, $TABLE_PREFIX, $XBTT_USE, $language, $THIS_BASEPATH, $FORUMLINK, $db_prefix, $btit_settings; $dobdate = $_POST["datepicker"]; $parts = explode('-', $dobdate); $dobday = $parts[0]; $dobmonth = $parts[1]; $dobyear = $parts[2]; $utente = mysqli_real_escape_string($DBDT, $_POST["user"]); $pwd = mysqli_real_escape_string($DBDT, $_POST["pwd"]); $pwd1 = mysqli_real_escape_string($DBDT, $_POST["pwd1"]); $email = mysqli_real_escape_string($DBDT, $_POST["email"]); if (isset($_POST["language"])) { $idlangue = intval($_POST["language"]); } else { $idlangue = max(1, $btit_settings["default_language"]); } if (isset($_POST["style"])) { $idstyle = intval($_POST["style"]); } else { $idstyle = max(1, $btit_settings["default_style"]); } $idflag = intval($_POST["flag"]); $timezone = intval($_POST["timezone"]); $heard = mysqli_real_escape_string($DBDT, $_POST["heardaboutus"]); // Dt Referral if ($btit_settings["ref_on"] == true) { $rid = intval($_POST["refa"]); } // Dt Referral if (strtoupper($utente) == strtoupper("Guest")) { err_msg($language["ERROR"], $language["ERR_GUEST_EXISTS"]); stdfoot(); exit; } if ($pwd != $pwd1) { err_msg($language["ERROR"], $language["DIF_PASSWORDS"]); stdfoot(); exit; } if ($VALIDATION == "none") { $idlevel = 3; } else { $idlevel = 2; } //begin invitation system by dodge if ($INVITATIONSON == "true") { if ($VALID_INV == "true") { $idlevel = 2; } else { $idlevel = 3; } } //end invitation system # Create Random number $floor = 100000; $ceiling = 999999; srand((double) microtime() * 1000000); $random = rand($floor, $ceiling); if ($utente == "" || $pwd == "" || $email == "") { return -1; exit; } $res = do_sqlquery("SELECT email FROM {$TABLE_PREFIX}users WHERE email='{$email}'", true); if (mysqli_num_rows($res) > 0) { return -2; exit; } // valid email check - by vibes $regex = '/\\b[\\w\\.-]+@[\\w\\.-]+\\.\\w{2,4}\\b/i'; if (!preg_match($regex, $email)) { return -3; exit; } // valid email check end //Function changed by fatepower so now the variable checks the right data. //Added the image also. Cheers boys // check if IP is already in use if ($btit_settings["dupip"] == "true") { $ip = getip(); $i = @mysqli_fetch_row(@mysqli_query($GLOBALS["___mysqli_ston"], "SELECT count(*) FROM {$TABLE_PREFIX}users WHERE cip='{$ip}'")) or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)); if ($i[0] != 0) { err_msg(ERROR, "[" . $ip . "]<br /><img src=\"images/shared_ip.gif\" border=\"0\" alt=\"\" />"); block_end(); stdfoot(); exit; } } // duplicate username $res = do_sqlquery("SELECT username FROM {$TABLE_PREFIX}users WHERE username='******'", true); if (mysqli_num_rows($res) > 0) { return -4; exit; } // duplicate username if (strpos(mysqli_real_escape_string($DBDT, $utente), " ") == true) { return -7; exit; } if ($btit_settings["gcsw"] == false) { if ($USE_IMAGECODE) { if (extension_loaded('gd')) { $arr = gd_info(); if ($arr['FreeType Support'] == 1) { $public = $_POST['public_key']; $private = $_POST['private_key']; $p = new ocr_captcha(); if ($p->check_captcha($public, $private) != true) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = intval($_POST["security_index"]); if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = intval($_POST["security_index"]); if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = intval($_POST["security_index"]); if ($security_code[$scode_index]["answer"] != $_POST["scode_answer"]) { err_msg($language["ERROR"], $language["ERR_IMAGE_CODE"]); stdfoot(); exit; } } } else { require_once "include/recaptchalib.php"; // reCAPTCHA supported 40+ languages listed here: https://developers.google.com/recaptcha/docs/language $lang = "en"; // The response from reCAPTCHA $resp = null; // The error code from reCAPTCHA, if any $error = null; $reCaptcha = new ReCaptcha($btit_settings["gcsekk"]); if ($_POST["g-recaptcha-response"]) { $resp = $reCaptcha->verifyResponse($_SERVER["REMOTE_ADDR"], $_POST["g-recaptcha-response"]); } else { err_msg($language["ERROR"], "Recaptcha Not submitted"); stdfoot(); exit; } if ($resp != null && $resp->success) { } else { err_msg($language["ERROR"], "Google reports , you are a Robot !"); stdfoot(); exit; } } $bannedchar = array("\\", "/", ":", "*", "?", "\"", "@", "\$", "'", "`", ",", ";", ".", "<", ">", "!", "£", "%", "^", "&", "(", ")", "+", "=", "#", "~"); if (straipos(mysqli_real_escape_string($DBDT, $utente), $bannedchar) == true) { return -8; exit; } $pass_to_test = $_POST["pwd"]; $pass_min_req = explode(",", $btit_settings["secsui_pass_min_req"]); if (strlen($pass_to_test) < $pass_min_req[0]) { return -9; exit; } $exploded = explode("@", $email); $exploded2 = explode(".", $exploded[1]); $cheapmail = mysqli_real_escape_string($DBDT, $exploded[1]); $cheapmail2 = mysqli_real_escape_string($DBDT, "@" . $exploded2[0] . "."); $mailischeap = do_sqlquery("SELECT `domain` FROM `{$TABLE_PREFIX}cheapmail` WHERE `domain`='" . $cheapmail . "' OR `domain`='" . $cheapmail2 . "'", true); if (@mysqli_num_rows($mailischeap) > 0) { return -999; } $userip = getip(); $signupipblock = @mysqli_fetch_assoc(@mysqli_query($GLOBALS["___mysqli_ston"], "SELECT `id` FROM `{$TABLE_PREFIX}signup_ip_block` WHERE `first_ip` <=INET_ATON('{$userip}') AND `last_ip` >=INET_ATON('{$userip}')")); if ($signupipblock) { return -99; exit; } $lct_count = 0; $uct_count = 0; $num_count = 0; $sym_count = 0; $pass_end = (int) (strlen($pass_to_test) - 1); $pass_position = 0; $pattern1 = '#[a-z]#'; $pattern2 = '#[A-Z]#'; $pattern3 = '#[0-9]#'; $pattern4 = '/[¬!"£$%^&*()`{}\\[\\]:@~;\'#<>?,.\\/\\-=_+\\|]/'; for ($pass_position = 0; $pass_position <= $pass_end; $pass_position++) { if (preg_match($pattern1, substr($pass_to_test, $pass_position, 1), $matches)) { $lct_count++; } elseif (preg_match($pattern2, substr($pass_to_test, $pass_position, 1), $matches)) { $uct_count++; } elseif (preg_match($pattern3, substr($pass_to_test, $pass_position, 1), $matches)) { $num_count++; } elseif (preg_match($pattern4, substr($pass_to_test, $pass_position, 1), $matches)) { $sym_count++; } } if ($lct_count < $pass_min_req[1] || $uct_count < $pass_min_req[2] || $num_count < $pass_min_req[3] || $sym_count < $pass_min_req[4]) { return -998; exit; } $multipass = hash_generate(array("salt" => ""), $_POST["pwd"], $_POST["user"]); $i = $btit_settings["secsui_pass_type"]; $sql = "SELECT value FROM {$TABLE_PREFIX}settings WHERE `key` = \"donate_upload\""; $req = mysqli_query($GLOBALS["___mysqli_ston"], $sql) or die('Erreur SQL !<br />' . $sql . '<br />' . (is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false))); $result = mysqli_fetch_array($req); $credit = $result['value']; $sql = "SELECT value FROM {$TABLE_PREFIX}settings WHERE `key` = \"unit\""; $req = mysqli_query($GLOBALS["___mysqli_ston"], $sql) or die('Erreur SQL !<br />' . $sql . '<br />' . (is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false))); $result = mysqli_fetch_array($req); $unit = $result['value']; mysqli_free_result($req) || is_object($req) && get_class($req) == "mysqli_result" ? true : false; $kb = 1024; $mb = 1024 * 1024; $gb = 1024 * 1024 * 1024; $tb = 1024 * 1024 * 1024 * 1024; if ($unit == 'Kb') { $uploaded = $credit * $kb; } elseif ($unit == 'Mb') { $uploaded = $credit * $mb; } elseif ($unit == 'Gb') { $uploaded = $credit * $gb; } elseif ($unit == 'Tb') { $uploaded = $credit * $tb; } $realdate = checkdate($dobmonth, $dobday, $dobyear); if ($realdate) { $dob = $dobyear . "-" . $dobmonth . "-" . $dobday; $age = userage($dobyear, $dobmonth, $dobday); $dobtime = mktime(0, 0, 0, $dobmonth, $dobday, $dobyear); if ($dobtime > time()) { err_msg($language["ERROR"], $language["ERR_BORN_IN_FUTURE"]); stdfoot(); exit; } elseif ($age < $btit_settings["birthday_lower_limit"]) { err_msg($language["ERROR"], $language["ERR_DOB_1"] . $age . $language["ERR_DOB_2"]); stdfoot(); exit; } elseif ($age > $btit_settings["birthday_upper_limit"]) { err_msg($language["ERROR"], $language["ERR_DOB_1"] . $age . $language["ERR_DOB_2"]); stdfoot(); exit; } } else { err_msg($language["ERROR"], $language["INVALID_DOB_1"] . $dobday . "/" . $dobmonth . "/" . $dobyear . $language["INVALID_DOB_2"]); stdfoot(); exit; } $mtpp = $btit_settings["max_torrents_per_page"]; $pid = md5(uniqid(rand(), true)); $gen = intval($_POST['gen']); do_sqlquery("INSERT INTO `{$TABLE_PREFIX}users` (`username`, `password`, `dob` ,`salt`, `pass_type`, `dupe_hash`, `random`, `id_level`, `email`, `style`, `language`, `flag`, `joined`, `lastconnect`, `pid`, `time_offset`, `whereheard`,`gender` , `torrentsperpage`) VALUES ('" . $utente . "', '" . mysqli_real_escape_string($DBDT, $multipass[$i]["rehash"]) . "', '" . $dob . "' , '" . mysqli_real_escape_string($DBDT, $multipass[$i]["salt"]) . "', '" . $i . "', '" . mysqli_real_escape_string($DBDT, $multipass[$i]["dupehash"]) . "', " . $random . ", " . $idlevel . ", '" . $email . "', " . $idstyle . ", " . $idlangue . ", " . $idflag . ", NOW(), NOW(),'" . $pid . "', '" . $timezone . "','" . $heard . "','" . $gen . "','" . $mtpp . "')", true); $newuid = is_null($___mysqli_res = mysqli_insert_id($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res; // DT reputation system start $reput = do_sqlquery("SELECT * FROM {$TABLE_PREFIX}reputation_settings WHERE id =1"); $setrep = mysqli_fetch_array($reput); $plus = $setrep["rep_default"]; if ($setrep["rep_is_online"] == 'false') { //do nothing } else { @mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET reputation = reputation + '{$plus}' WHERE id='{$newuid}'"); } // DT reputation system end //begin invitation system by dodge if ($INVITATIONSON == "true") { $inviter = 0 + $_POST["inviter"]; $code = unesc($_POST["code"]); $res = do_sqlquery("SELECT username FROM {$TABLE_PREFIX}users WHERE id = {$inviter}", true); $arr = mysqli_fetch_assoc($res); $invusername = $arr["username"]; do_sqlquery("UPDATE {$TABLE_PREFIX}users SET invited_by='" . $inviter . "' WHERE id='" . $newuid . "'", true); do_sqlquery("UPDATE {$TABLE_PREFIX}invitations SET confirmed='true' WHERE hash='{$code}'", true); $msg = sqlesc($language["WELCOME MESSAGE"]); } //end invitation system //DT referral system start if ($btit_settings["ref_on"] == true) { $rup = $btit_settings["ref_gb"] * 1024 * 1024 * 1024; $rap = $btit_settings["ref_sb"]; do_sqlquery("UPDATE {$TABLE_PREFIX}users SET referral={$rid} where id={$newuid}", true); if ($btit_settings["ref_switch"] == true) { do_sqlquery("UPDATE {$TABLE_PREFIX}users SET uploaded=uploaded + '{$rup}' where id='{$rid}'"); } else { do_sqlquery("UPDATE {$TABLE_PREFIX}users SET seedbonus=seedbonus + '{$rap}' where id='{$rid}'"); } } //DT referral system end do_sqlquery("UPDATE {$TABLE_PREFIX}users SET uploaded={$uploaded} WHERE id={$newuid}", true); // begin - announce new confirmed user in shoutbox if ($btit_settings["sbtwo"] == true) { $al = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}chat ORDER BY id DESC LIMIT 1"); $rw = mysqli_fetch_assoc($al); $ct = $rw["count"] + 1; do_sqlquery("INSERT INTO {$TABLE_PREFIX}chat (uid, time, name, text,count) VALUES (0," . time() . ", 'System','[color=green]Welcome New User :[/color][url={$BASEURL}/index.php?page=userdetails&id={$newuid}]" . $utente . "[/url]'," . $ct . ")"); } // end - announce new confirmed user in shoutbox // Continue to create smf members if they disable smf mode $test = do_sqlquery("SHOW TABLES LIKE '{$db_prefix}members'", true); if (substr($FORUMLINK, 0, 3) == "smf" || mysqli_num_rows($test)) { $smfpass = smf_passgen($utente, $pwd); $fetch = get_result("SELECT `smf_group_mirror` FROM `{$TABLE_PREFIX}users_level` WHERE `id`=" . $idlevel, true, $btit_settings["cache_duration"]); $flevel = $fetch[0]["smf_group_mirror"] > 0 ? $fetch[0]["smf_group_mirror"] : $idlevel + 10; if ($FORUMLINK == "smf") { do_sqlquery("INSERT INTO `{$db_prefix}members` (`memberName`, `dateRegistered`, `ID_GROUP`, `realName`, `passwd`, `emailAddress`, `memberIP`, `memberIP2`, `is_activated`, `passwordSalt`) VALUES ('{$utente}', UNIX_TIMESTAMP(), {$flevel}, '{$utente}', '{$smfpass['0']}', '{$email}', '" . getip() . "', '" . getip() . "', 1, '{$smfpass['1']}')", true); } else { do_sqlquery("INSERT INTO `{$db_prefix}members` (`member_name`, `date_registered`, `id_group`, `real_name`, `passwd`, `email_address`, `member_ip`, `member_ip2`, `is_activated`, `password_salt`) VALUES ('{$utente}', UNIX_TIMESTAMP(), {$flevel}, '{$utente}', '{$smfpass['0']}', '{$email}', '" . getip() . "', '" . getip() . "', 1, '{$smfpass['1']}')", true); } $fid = is_null($___mysqli_res = mysqli_insert_id($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res; do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = {$fid} WHERE `variable` = 'latestMember'", true); do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = '{$utente}' WHERE `variable` = 'latestRealName'", true); do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = UNIX_TIMESTAMP() WHERE `variable` = 'memberlist_updated'", true); do_sqlquery("UPDATE `{$db_prefix}settings` SET `value` = `value` + 1 WHERE `variable` = 'totalMembers'", true); do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `smf_fid`={$fid} WHERE `id`={$newuid}", true); } // Continue to create ipb members if they disable ipb mode $test = do_sqlquery("SHOW TABLES LIKE '{$ipb_prefix}members'"); if ($FORUMLINK == "ipb" || mysqli_num_rows($test)) { ipb_create($utente, $email, $pwd, $idlevel, $newuid); } // xbt if ($XBTT_USE) { $resin = do_sqlquery("INSERT INTO xbt_users (uid, torrent_pass) VALUES ({$newuid},'{$pid}')", true); } include "include/userstuff.php"; $sub = sqlesc("{$GLOBALS['welcome_sub']}"); $mess = sqlesc("{$GLOBALS['welcome_msg']}"); send_pm(0, $newuid, $sub, $mess); if ($INVITATIONSON == "true") { send_pm('2', $newuid, '" . $language["WELCOME"] . "', $msg); if ($VALID_INV == "true") { send_mail($email, "{$SITENAME} " . $language["REG_CONFIRM"] . "", $language["INVIT_MSGINFO"] . "{$email}" . $language["INVIT_MSGINFO1"] . " {$utente}\n" . $language["INVIT_MSGINFO2"] . " {$pwd}\n\n" . $language["INVIT_MSGINFO3"], "From: {$SITENAME} <{$SITEEMAIL}>"); } else { send_mail($email, "{$SITENAME} " . $language["REG_CONFIRM"] . "", $language["INVIT_MSGINFO"] . "{$email}" . $language["INVIT_MSGINFO1"] . " {$utente}\n" . $language["INVIT_MSGINFO2"] . " {$pwd}\n\n\n" . $language["INVIT_MSG_AUTOCONFIRM3"], "From: {$SITENAME} <{$SITEEMAIL}>"); } write_log("Signup new user {$utente} ({$email})", "add"); } else { if ($VALIDATION == "user") { ini_set("sendmail_from", ""); if ((is_object($GLOBALS["___mysqli_ston"]) ? mysqli_errno($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_errno()) ? $___mysqli_res : false)) == 0) { send_mail($email, $language["ACCOUNT_CONFIRM"], $language["ACCOUNT_MSG"] . "\n\n" . $BASEURL . "/index.php?page=account&act=confirm&confirm={$random}&language={$idlangue}"); write_log("Signup new user {$utente} ({$email})", "add"); } else { die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)); } } } return is_object($GLOBALS["___mysqli_ston"]) ? mysqli_errno($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_errno()) ? $___mysqli_res : false); }
function endOutput() { global $BASEURL, $user_id, $TRACKER_ANNOUNCEURLS; ?> </center> <?php echo "<center>" . INSERT_DATA . "<br /><br />"; echo " " . ANNOUNCE_URL . "<br /><b>"; foreach ($TRACKER_ANNOUNCEURLS as $taurl) { echo $taurl . '<br />'; } echo "</b><br /></center>"; ?> <form name='upload' method='post' enctype='multipart/form-data'> <table class='lista' align='center'> <tr> <td class='header'><?php echo TORRENT_FILE; ?> </td> <td class='lista' align='left'> <?php if (function_exists("sha1")) { echo "<input type='file' name='torrent'>"; } else { echo "<i>" . NO_SHA_NO_UP . "</i>"; } ?> </td> </tr> <?php echo "<tr><td class='header'>" . CATEGORY_FULL . "</td><td class='lista' align='left'>"; categories($category[0]); echo "</td></tr>"; ?> <tr> <td class='header'><?php echo FILE_NAME; ?> </td> <td class='lista' align='left'><input type='text' name='filename' size='50' maxlength='200' /></td> </tr> <tr> <td class='header' valign='top'><?php echo DESCRIPTION; ?> </td> <td class='lista' align='left'><?php textbbcode("upload", "info"); ?> </td> </tr> <?php print "<tr>\n <td colspan='2'><input type='hidden' name='user_id' size='50' value='" . $user_id . "' /></td>\n </tr>"; print "<tr>\n <td class='header'>" . TORRENT_ANONYMOUS . "</td>\n <td class='lista'> " . NO . "<input type='radio' name='anonymous' value='false' checked /> " . YES . "<input type='radio' name='anonymous' value='true' /></td>\n </tr>"; if (function_exists("sha1")) { echo "<tr>\n <td class='lista' align='center' colspan='2'><input type='checkbox' name='autoset' value='enabled' disabled checked />" . TORRENT_CHECK . "</td>\n </tr>"; } ?> <tr> <td align='right'><input type='submit' value='<?php echo FRM_SEND; ?> ' /></td> <td align='left'><input type='reset' value='<?php echo FRM_RESET; ?> ' /></td> </tr> </table> </form> <?php print "</td></tr></table>"; block_end(); }
function modificautente() { global $db; $utente = security::html_safe($db->real_escape_string($_POST["user"])); $oldname = security::html_safe($db->real_escape_string($_POST["username"])); if (trim($utente) == "") { err_msg(ERROR, INSERT_USERNAME); block_end(); stdfoot(); exit; } elseif (utf8::strtoupper($utente) == utf8::strtoupper("Guest")) { err_msg(ERROR, ERR_GUEST_EXISTS . "<br />\n"); block_end(); stdfoot(); exit; } // duplicate username $res = $db->query("SELECT username FROM users WHERE username = '******' AND id <> " . intval($_POST["uid"])); if ($res->num_rows > 0) { err_msg(ERROR, ERR_USER_ALREADY_EXISTS . "<br />\n"); block_end(); stdfoot(); exit; } if (isset($_POST["pwd"])) { $pwd = $db->real_escape_string($_POST["pwd"]); } else { $pwd = ""; } // now in $_POST["level"] there is the level name, we need to select the id_level to know if current user // is allowed to modify the requested user $rlev = $db->query("SELECT id, id_level FROM users_level WHERE level = '" . $db->real_escape_string(unesc($_POST["level"])) . "'"); $reslev = $rlev->fetch_assoc(); if (user::$current["id_level"] >= $reslev["id_level"]) { $level = intval($reslev["id"]); } else { $level = 0; } $idlangue = intval($_POST["language"]); $idstyle = intval($_POST["style"]); $idflag = intval($_POST["flag"]); $timezone = intval($_POST["timezone"]); if (isset($_POST["email"])) { $email = $db->real_escape_string($_POST["email"]); } else { $email = ""; } $set = array(); if ($email != "") { $set[] = "email='{$email}'"; } if ($level > 0) { $set[] = "id_level='{$level}'"; } if ($idlangue > 0) { $set[] = "language={$idlangue}"; } if ($idstyle > 0) { $set[] = "style={$idstyle}"; } if ($pwd != "") { $set[] = "password='******'"; } if ($idflag > 0) { $set[] = "flag={$idflag}"; } if ($timezone >= -12) { $set[] = "time_offset={$timezone}"; } // username $set[] = "username='******'"; $updateset = implode(",", $set); if ($updateset != "") { @$db->query("UPDATE users SET " . $updateset . " WHERE username = '******'"); } write_log("Modified User " . $utente . "", "modify"); }