<?php
require '../include/core/common.php';
require PATHS_LIBRARIES . 'movie_compability.lib.php';
$ui_options['menu_path'] = array('mattan', 'ladda_ner_program');
$ui_options['stylesheets'][] = 'downloads.css';
event_log_log('downloads_section_load');
$query = 'SELECT * FROM downloads ORDER BY category ASC, title ASC';
$result = mysql_query($query);
$program_count = mysql_num_rows($result);
while ($data = mysql_fetch_assoc($result)) {
$download_categories[url_secure_string($data['category'])] = $data['category'];
$download_items[] = $data;
}
foreach ($download_categories as $handle => $category) {
$ui_options['menu_addition']['mattan']['children']['ladda_ner_program']['children'][$handle] = array('label' => $category, 'url' => '#' . $handle);
}
ui_top($ui_options);
echo '<div id="downloads">' . "\n";
echo '<h1>Hamsterpaj tipsar om bra program att ladda hem</h1>' . "\n";
echo '<p>Vi har valt ut våra favoritprogram från nätet, samlat länkar och beskrivningar här. Just nu finns det <strong>' . $program_count . ' program</strong> att ladda ner <strong>gratis</strong>.<br />Har du ett tips på ett program som skulle passa här? Skicka namn och länk till <a href="/traffa/profile.php?id=85514">ehrw</a> som ett privat meddelande!</p>' . "\n";
foreach ($download_items as $data) {
if ($current_category != $data['category']) {
foreach ($download_categories as $handle => $category) {
if ($category == $data['category']) {
echo '<a name="' . $handle . '"></a>';
}
}
echo '<h2>' . $data['category'] . '</h2>' . "\n";
$current_category = $data['category'];
}
<?php
require 'include/core/common.php';
if (is_numeric($_GET['id'])) {
$query = 'UPDATE recent_updates SET clicks = clicks + 1 WHERE id = "' . $_GET['id'] . '" LIMIT 1';
mysql_query($query);
if ($_GET['source'] == 'global_notice') {
$_SESSION['recent_update_notifier'][$_GET['id']] = 10;
event_log_log('recent_update_global_notice_click');
} else {
event_log_log('recent_update_fp_click');
}
if ($_GET['url'] != '#survey') {
header('location: ' . html_entity_decode($_GET['url']));
}
}
function age_guess_result()
{
global $AGE_GUESS_COMMENTS;
$return .= '<img src="http://images.hamsterpaj.net/images/users/thumb/' . $_SESSION['age_guess']['current_user'] . '" />' . "\n";
$age_diff = $_GET['guessed_age'] == 'skip' ? 1 : $_GET['guessed_age'] - $_SESSION['age_guess']['current_age'];
switch (abs($age_diff)) {
case 0:
$score = 5;
$score_class = 'positive';
break;
case 1:
$score = 0;
$score_class = 'unchanged';
break;
default:
$score = abs($age_diff) * -1 + 1;
$score = $score < -5 ? -5 : $score;
$score_class = 'negative';
}
$return .= '<h2 class="age_guess_score_' . $score_class . '">' . $score . 'p</h2>' . "\n";
foreach ($AGE_GUESS_COMMENTS as $comment => $differences) {
foreach ($differences as $difference) {
$comments_by_diff[$difference][] = $comment;
}
}
$comment = $_GET['guessed_age'] == 'skip' ? 'Hoppade över' : $comments_by_diff[$age_diff][rand(0, count($comments_by_diff[$age_diff]) - 1)];
$return .= '<h2>' . $comment . '</h2>' . "\n";
$return .= '<p class="age_guess_answer_text"><a href="/traffa/profile.php?id=' . $_SESSION['age_guess']['current_user'] . '">' . $_SESSION['age_guess']['current_username'] . '</a>' . "\n";
$return .= ' är ' . $_SESSION['age_guess']['current_age'] . ' år</p>';
$return .= '<button onclick="window.open(\'/traffa/profile.php?id=' . $_SESSION['age_guess']['current_user'] . '\');">Besök i nytt fönster</button>' . "\n";
if (is_numeric($_GET['guessed_age'])) {
event_log_log('age_guess_guess');
/* Log answer to database */
$insertquery = 'INSERT INTO age_guess_logs (user, age_' . $_GET['guessed_age'] . ') VALUES("' . $_SESSION['age_guess']['current_user'] . '", 1)';
$updatequery = 'UPDATE age_guess_logs SET age_' . $_GET['guessed_age'] . ' = age_' . $_GET['guessed_age'] . ' + 1 WHERE user = "******" LIMIT 1';
mysql_query($insertquery) or mysql_query($updatequery);
if (login_checklogin()) {
$correct = $age_diff == 0 ? 1 : 0;
$insertquery = 'INSERT INTO age_guess_scoring (user, week, score, viewed_images, correct_guesses, correct_ratio)';
$insertquery .= ' VALUES("' . $_SESSION['login']['id'] . '", "' . date('YW') . '", "' . $score . '", 1, ' . $correct . ', correct_guesses/viewed_images)';
$updatequery = 'UPDATE age_guess_scoring SET score = score + ' . $score . ', viewed_images = viewed_images + 1, correct_guesses = correct_guesses + ' . $correct . ', correct_ratio = correct_guesses/viewed_images';
$updatequery .= ' WHERE user = "******" AND week = "' . date('YW') . '" LIMIT 1';
mysql_query($insertquery) or mysql_query($updatequery);
$_SESSION['age_guess']['score'] += $score;
$_SESSION['age_guess']['correct_guesses'] += $correct;
if ($_SESSION['age_guess']['score'] < -10) {
$_SESSION['age_guess']['score'] = -10;
$query = 'UPDATE age_guess_scoring SET score = -10 WHERE user = "******" AND week = "' . date('YW') . '" LIMIT 1';
mysql_query($query);
}
/* Find out if the remote user is online, if so, open the session and send a quicknote about the vote */
if ($score != 5) {
$query = 'SELECT session_id, lastaction FROM login WHERE id = "' . $_SESSION['age_guess']['current_user'] . '" LIMIT 1';
$result = mysql_query($query);
if ($data = mysql_fetch_assoc($result)) {
if ($data['lastaction'] > time() - 600) {
$remote_session = session_load($data['session_id']);
$remote_session['notice_message'] = 'Du, <a href="/traffa/profile.php?id=' . $_SESSION['login']['id'] . '">' . $_SESSION['login']['username'] . '</a> gissade nyss att du är ' . $_GET['guessed_age'] . ' år gammal i <a href="/traffa/age_guess.php">Gissa Åldern</a>!';
session_save($data['session_id'], $remote_session);
}
}
}
}
}
return $return;
}
} else {
event_log_log('classic_reg_form_sign_up');
/* Input from user is OK, create rows in required tables */
$query = 'INSERT INTO login(username, password, regtimestamp, regip, lastlogon) ';
$query .= 'VALUES ("' . $_POST['username'] . '", "' . md5(utf8_decode($_POST['password'])) . '", "';
$query .= time() . '", "' . $_SERVER['REMOTE_ADDR'] . '", "")';
mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
$user_id = mysql_insert_id();
$query = 'INSERT INTO userinfo (userid) VALUES ("' . $user_id . '")';
mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
$query = 'INSERT INTO traffa (userid) VALUES ("' . $user_id . '")';
mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
$query = 'INSERT INTO preferences (userid) VALUES ("' . $user_id . '")';
mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
/* Rows created, log on the user */
login_dologin($_POST['username'], $_POST['password']);
/* Redirect to welcome page asking the user for more information */
jscript_alert('Du kan numera känna dig som en riktig Hamsterpajare!\\nVi loggar in dig på ditt konto nu.');
jscript_location('/registered.php');
}
} else {
regform_header_p13();
regform_header_welcome();
register_form();
event_log_log('classic_reg_form_load');
}
ui_bottom();
?>
$data = mysql_fetch_assoc($result);
$_SESSION['burger']['current_burger'] = $data['id'];
$_SESSION['burger']['seen_burgers'][] = $data['id'];
echo '<h2>Vilken hamburgare är detta?</h2>' . "\n";
echo '<img src="' . IMAGE_URL . 'hamburgers/' . $data['id'] . '_real.jpg" id="burger_guess_image" />' . "\n";
echo '<div id="hamburger_guessing_pane">' . "\n";
$query = 'SELECT * FROM burgers ORDER BY vendor ASC, name ASC';
$result = mysql_query($query) or report_sql_error($query, __FILE__, __LINE__);
while ($burger = mysql_fetch_assoc($result)) {
if ($burger['vendor'] != $vendor) {
echo '<h3>' . $burger['vendor'] . '</h3>' . "\n";
$vendor = $burger['vendor'];
}
echo '<a href="?guessed_burger=' . $burger['id'] . '">' . $burger['name'] . '</a>' . "\n";
}
echo '</div>' . "\n";
} else {
echo '<h1>Nu har du gissat på alla hamburgare</h1>' . "\n";
echo '<p>Vi hoppas du tyckte det var kul och att du tänker lite mer kritiskt nästa gång det blir dags för en snabb cheeseburgare på donkan. Titta gärna på <a href="alla_burgare.php">översikten med alla hamburgare</a> eller läs mer <a href="om_testet.php">om hur vi gjorde testet</a>.' . "\n";
$survey = survey_fetch(array('id' => 165));
echo survey_draw_frame($survey);
}
}
echo '<h2 style="clear: both; margin-top: 50px;">Tror du att vi har fuskat med bilderna?</h2>' . "\n";
echo '<p>Det har vi inte, det här testet är helt ärligt gjort. Du kan läsa mer <a href="om_testet.php">om testet</a>, gör gärna det när du har gissat på alla burgare!</p>' . "\n";
event_log_log('burgers_test_pageview');
ui_bottom();
?>
function films_film_play_draw($film, $options)
{
event_log_log('new_' . $film['film_type'] . '_watch');
film_view_count($film['id']);
echo '<div class="film_play" id="film_play">' . "\n";
rounded_corners_top();
$related_films = films_fetch(array('released' => true, 'film_type' => $film['film_type'], 'exclude' => array($film['id']), 'limit' => 3, 'order' => 'random'));
films_list($related_films, array('list_type' => 'film_list_compact', 'headline' => 'Fler ' . $film['film_type']));
echo '<h1 class="film_header">' . $film['title'] . '</h1>' . "\n";
echo '<div class="film_statistics">' . "\n";
echo '<div class="film_view_count">' . "\n";
echo cute_number($film['view_count'] + 1) . ' visningar' . "\n";
echo '</div>' . "\n";
// film_view_count
echo rank_draw($film['rank_average'], array('size' => 'medium'));
// echo '<div class="film_rank_count">' . "\n";
// echo cute_number($film['rank_count']) . ' röster' . "\n";
// echo '</div>' . "\n";
if (5 == $_SESSION['login']['userlevel']) {
echo '<a class="film_edit" href="/film/admin/' . $film['handle'] . '.html">[Redigera]</a>' . "\n";
}
echo '</div>' . "\n";
// film_statistics
echo '<div class="film_player">' . "\n";
if ($film['trailer_id'] > 0) {
echo '<!-- Play Networks - Embeddable Flash Player -->' . "\n";
echo '<div id="playnw" class="playnw">' . "\n";
echo '<script src="http://se.player.playnetworks.net/player.php?mid=' . $film['trailer_id'] . '&channel_user_id=4601100020-1&width=460&height=345"></script><br>' . "\n";
echo '</div>' . "\n";
echo '<!-- Play Networks - Embeddable Flash Player -->' . "\n";
} elseif ($film['use_special_code'] == 1) {
echo stripslashes($film['html']);
} elseif ($film['extension'] == 'swf') {
//todo! Här skall anpassas till distribute-systemet. distribute_server_get skall anropas för att f? en adress
// adress skall byggas med server . type . handle . '.' . extension
echo '<object type="application/x-shockwave-flash" data="http://amuse.hamsterpaj.net/distribute/film/' . $film['handle'] . '.swf" >
<param name="movie" value="http://amuse.hamsterpaj.net/distribute/film/' . $film['handle'] . '.swf" /></object>';
} elseif ($film['extension'] == 'flv') {
//todo! Här skall anpassas till distribute-systemet. distribute_server_get skall anropas för att f? en adress
// adress skall byggas med server . type . handle . '.' . extension
echo '<p id="player1"><a href="http://www.macromedia.com/go/getflashplayer">Installera Flash Player</a> för att kunna se den här filmen.</p>
<script type="text/javascript">
var s1 = new SWFObject("/film/flvplayer.swf","single","460","345","7");
s1.addParam("allowfullscreen","true");
s1.addVariable("file","http://amuse.hamsterpaj.net/distribute/film/' . $film['handle'] . '.flv");
s1.addVariable("image","' . IMAGE_URL . '/film/' . $film['handle'] . '.png");
s1.addVariable("width","460");
s1.addVariable("height","345");
s1.write("player1");
</script>';
} elseif ($film['film_type'] == 'bilder') {
//todo! Här skall anpassas till distribute-systemet. distribute_server_get skall anropas för att f? en adress
// adress skall byggas med server . type . handle . '.' . extension
echo '<img src="http://images.hamsterpaj.net/fun_images/' . $film['handle'] . '.jpg" class="fun_images_big" />' . "\n";
}
echo '</div>' . "\n";
// film_player
echo '<br style="clear: both;" />' . "\n";
echo '<div class="film_description">' . "\n";
if (strlen($film['description']) > 0) {
echo '<p>' . $film['description'] . '</p>' . "\n";
}
if ($film['trailer_id'] > 0) {
echo '<p>Filmtrailers visas i samarbete med Play Networks</p>' . "\n";
}
echo '</div>' . "\n";
// end film_description
echo '<div class="film_comments">' . "\n";
echo '<input type="hidden" id="film_id" value="' . $film['id'] . '" />' . "\n";
echo '<h2 class="rank_input_header">Din poäng</h2>' . "\n";
echo '<h2 class="comment_input_header">Din kommentar</h2>' . "\n";
echo '<br style="clear: both;" />' . "\n";
$query = 'SELECT rank FROM user_ranks WHERE user_id = "' . $_SESSION['login']['id'] . '" AND item_id = "' . $film['id'] . '" AND item_type = "film"';
$result = mysql_query($query);
if (mysql_num_rows($result) == 1) {
$data = mysql_fetch_assoc($result);
}
unset($rank_options);
$rank_options['previous'] = $data['rank'];
rank_input_draw($film['id'], 'film', $rank_options);
comments_input_draw($film['id'], 'film');
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
// film_comments
rounded_corners_bottom();
$options['comments'] = isset($options['comments']) ? $options['comments'] : 'yes';
if ($options['comments'] == 'yes') {
rounded_corners_top();
echo comments_list($film['id'], 'film');
rounded_corners_bottom();
}
echo '</div>' . "\n";
// film_play
}
<?php
require '../include/core/common.php';
if (login_checklogin()) {
switch ($_GET['report_type']) {
case 'post':
if ($_GET['action'] == 'unreport' && is_privilegied('abuse_report_handler')) {
$query = 'DELETE FROM abuse_reports WHERE reference_id = "' . $_GET['reference_id'] . '" AND object_type = "post" LIMIT 1';
}
if ($_GET['action'] == 'report') {
event_log_log('forum_post_reported');
$query = 'INSERT INTO abuse_reports (reference_id, object_type, author, text) VALUES("' . $_GET['reference_id'] . '", "post", "' . $_SESSION['login']['id'] . '", "' . $_GET['comment'] . '")';
}
mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
break;
case 'user':
if ($_GET['action'] == 'unreport' && is_privilegied('abuse_report_handler')) {
$query = 'DELETE FROM abuse_reports WHERE reference_id = "' . $_GET['reference_id'] . '" AND object_type = "user" LIMIT 1';
}
if ($_GET['action'] == 'report') {
event_log_log('user_reported');
$query = 'INSERT INTO abuse_reports (reference_id, object_type, author, text) VALUES("' . $_GET['reference_id'] . '", "user", "' . $_SESSION['login']['id'] . '", "' . $_GET['comment'] . '")';
}
mysql_query($query) or report_sql_error($query, __FILE__, __LINE__);
break;
}
}
function login_dologin($options)
{
if (!isset($options['method'])) {
throw new Exception('No login method specified.');
}
if (isset($options['username']) && strtolower($options['username']) == 'borttagen') {
header('Location: http://disneyworld.disney.go.com/wdw/index?bhcp=1');
throw new Exception('Username CANNOT be "borttagen"!');
}
$query = 'SELECT id FROM login WHERE is_removed = 0';
switch ($options['method']) {
case 'ghost':
if (isset($options['username'])) {
$query .= ' AND username = "******"';
} else {
throw new Exception('No username was set!');
}
break;
case 'username_and_password':
if (isset($options['username']) && isset($options['password'])) {
$options['password'] = utf8_decode($options['password']);
$query .= ' AND password_version = 4 AND username = "******" AND password = "******"';
} else {
throw new Exception('No username or password was set!');
}
break;
default:
throw new Exception('Invalid login method.');
}
$query .= ' LIMIT 1';
$result = mysql_query($query) or report_sql_error($query, __FILE__, __LINE__);
if (mysql_num_rows($result) > 0) {
$data = mysql_fetch_assoc($result);
$user_id = $data['id'];
// * Fetch neccessary data from login, userinfo, preferences and traffa-tables and unserialize...
$_SESSION = array_merge($_SESSION, login_load_user_data($user_id, array('login' => array('id', 'lastlogon', 'username', 'password', 'userlevel', 'regtimestamp', 'lastusernamechange', 'session_id', 'lastaction', 'lastip', 'regip', 'quality_level', 'quality_level_expire'), 'userinfo' => array('contact1', 'contact2', 'gender', 'birthday', 'image', 'image_ban_expire', 'forum_signature', 'zip_code', 'forum_quality_rank', 'parlino_activated', 'cell_phone', 'firstname', 'surname', 'email', 'streetaddress', 'msn', 'visible_level', 'phone_ov', 'user_status', 'gbrss'), 'preferences' => array('bubblemessage_visitors', 'allow_hotmessages', 'activate_current_action', 'enable_hetluft', 'randomizer', 'left_login_module', 'enable_shoutbox', 'module_states', 'module_order', 'forum_enable_smilies', 'forum_subscribe_on_create', 'forum_subscribe_on_post', 'gb_anti_p12'), 'traffa' => array('firstname', 'profile_modules')), __FILE__, __LINE__));
$_SESSION['module_states'] = unserialize($_SESSION['preferences']['module_states']);
$_SESSION['module_order'] = unserialize($_SESSION['preferences']['module_order']);
//$_SESSION['preferences']['forum_favourite_categories'] = unserialize($_SESSION['preferences']['forum_favourite_categories']);
// * Update fields in logon related to the login...
if ($options['method'] != 'ghost') {
$login_time = time();
$query = 'UPDATE login SET lastlogon = ' . $login_time . ', lastip = "' . $_SERVER['REMOTE_ADDR'] . '", session_id = "' . session_id() . '" WHERE id = "' . $user_id . '" LIMIT 1';
mysql_query($query) or report_sql_error($query, __FILE__, __LINE__);
$_SESSION['login']['lastlogon'] = $login_time;
$_SESSION['login']['lastip'] = $_SERVER['REMOTE_ADDR'];
$_SESSION['login']['session_id'] = session_id();
event_log_log('user_log_on');
if ($_SESSION['login']['lastlogon'] < strtotime(date('Y-m-d'))) {
event_log_log('user_unique_log_on');
}
}
// * Set some special/initial parametrers...
$_SESSION['cache']['lastupdate'] = 0;
switch ($options['method']) {
case 'ghost':
$_SESSION['ghost'] = true;
break;
case 'username_and_password':
$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
$_SESSION['login']['lastlogon'] = time();
break;
}
// * Fetch guestbook notices...
$guestbook_query = 'SELECT COUNT(id) AS unread FROM traffa_guestbooks WHERE recipient = ' . $user_id . ' AND `read` = 0 AND deleted = 0';
$guestbook_result = mysql_query($guestbook_query) or report_sql_error($guestbook_query, __FILE__, __LINE__);
$guestbook_data = mysql_fetch_assoc($guestbook_result);
$_SESSION['notices']['unread_gb_entries'] = $guestbook_data['unread'];
// * Fetch group notices...
$_SESSION = array_merge($_SESSION, login_load_group_data($user_id, array('groups_members' => array('groupid'))));
// * Fetch friends notices...
$_SESSION['friends'] = friends_fetch_online_smart(array('user_id' => $user_id));
// * Fetch visitors from "my visitors"
$query = 'SELECT DISTINCT(uel.remote_user_id) AS id, uel.timestamp, l.username';
$query .= ' FROM user_event_log AS uel, login AS l, userinfo AS u';
$query .= ' WHERE uel.action = "profile_visit" AND uel.user = "******" AND l.id = uel.remote_user_id AND (u.image = 1 OR u.image = 2) AND u.userid = uel.remote_user_id';
$query .= ' GROUP BY uel.remote_user_id ORDER BY timestamp DESC LIMIT 8';
$result = mysql_query($query) or report_sql_error($query, __FILE__, __LINE__);
$_SESSION['visitors_with_image'] = array();
while ($data = mysql_fetch_assoc($result)) {
$_SESSION['visitors_with_image'][] = $data;
}
// * Fetch privilegies...
$query = 'SELECT privilegie, value FROM privilegies WHERE user = "******"';
$result = mysql_query($query);
while ($data = mysql_fetch_assoc($result)) {
$_SESSION['privilegies'][$data['privilegie']][is_numeric($data['value']) ? intval($data['value']) : $data['value']] = true;
}
// * Log the logon to the database...
$query = 'INSERT INTO login_log (user_id, logon_time, impressions, ip, ghost)';
$query .= ' VALUES(' . $user_id . ', ' . time() . ', 0, ' . ip2long($_SERVER['REMOTE_ADDR']) . ', "' . ($options['method'] == 'ghost' ? 'YES' : 'NO') . '")';
mysql_query($query) or report_sql_error($query, __FILE__, __LINE__);
// * Cache some info about the users visits to categories. This is used to calculate new threads and category-subscriptions
$query = 'SELECT * FROM forum_category_visits WHERE user_id = "' . $user_id . '"';
$result = mysql_query($query) or report_sql_error($query, __FILE__, __LINE__);
while ($data = mysql_fetch_assoc($result)) {
$_SESSION['forum']['categories'][$data['category_id']] = $data;
}
} else {
if ($options['method'] == 'username_and_password') {
$query = 'SELECT id FROM login WHERE password_version = 3 AND username = "******" AND password = "******" LIMIT 1';
$result = mysql_query($query) or report_sql_error($query, __FILE__, __LINE__);
if (mysql_num_rows($result) == 1) {
throw new Exception('<h2>Du använder ett lösenord baserat på det gamla lösenordssystemet. Av säkerhetsskäl måste du byta, det gör du <a href="/installningar/renew_password.php" style="font-weight: bold">på den här sidan »</a></h2>');
} else {
throw new Exception('Det gick inte att logga in med de uppgifter du angav. Detta beror antingen på att du inte angivit korrekt användarnamn och lösenord, eller att användarnamnet inte finns.<br /><br />Har du glömt ditt lösenord? Då finns det inte mycket att göra :(');
}
} else {
throw new Exception('Login failed: User not found or password incorrect.');
}
}
}
$form .= '<br /><label>Välj en stil</label><br />' . "\n";
$form .= '<ol id="collage_illusion_thumbs">' . "\n";
foreach ($templates as $bg) {
$form .= '<li>' . "\n";
$checked = $bg == 'wood' ? ' checked="checked"' : '';
$form .= '<img src="http://images.hamsterpaj.net/collage_illusion/thumbs/' . $bg . '.jpg" />';
$form .= '<input type="radio" name="template" value="' . $bg . '"' . $checked . ' />';
$form .= '</li>' . "\n";
}
$form .= '</ol>' . "\n";
$form .= '<br style="clear: both;" />' . "\n";
$form .= '<input type="submit" value="OK" />' . "\n";
$form .= '</form>' . "\n";
event_log_log('collage_illusion_impression');
if (isset($_FILES['photo'])) {
event_log_log('collage_illusion_upload');
$template = in_array($_POST['template'], $templates) ? $_POST['template'] : 'wood_standing';
$work_dir = '/mnt/images/collage_illusion/';
$filename = time() . rand(1000, 9999) . '.jpg';
$bg = '/mnt/images/collage_illusion/templates/' . $template . '.png';
$photo = $_FILES['photo']['tmp_name'];
$outfile = '/mnt/images/collage_illusion/outfiles/' . $filename;
$size = '"640x640>"';
$tmp_photo = $work_dir . 'tmp/' . rand(0, 99999999) . '.jpg';
$photo_resize = 'convert -resize ' . $size . ' ' . $photo . ' ' . $tmp_photo;
system($photo_resize);
$size = getimagesize($tmp_photo);
$size = $size[0] . 'x' . $size[1] . '!';
$tmp_bg = $work_dir . 'tmp/' . rand(0, 99999999) . '.png';
$bg_resize = 'convert -resize ' . $size . ' ' . $bg . ' ' . $tmp_bg;
system($bg_resize);
echo '<span style="color: red; font-weight: bold;">Användarnamnet får inte vara längre än 16 tecken!</span><br />';
}
if (strlen($info['username']) < 2) {
$error = true;
echo '<span style="color: red; font-weight: bold;">Användarnamnet får inte vara kortare än två tecken!</span><br />';
}
if (register_username_exists($info['username'])) {
$error = true;
echo '<span style="color: red; font-weight: bold;">Användarnamnet är redan upptaget!</span><br />';
}
if (strlen($info['password']) < 4) {
$error = true;
echo '<span style="color: red; font-weight: bold;">Ditt lösenord måste vara minst fyra tecken långt!</span><br />';
}
if (!$error) {
/* Input from user is OK, create rows in required tables */
$query = 'INSERT INTO login(username, password, regtimestamp, regip, lastlogon) ';
$query .= 'VALUES ("' . $_GET['username'] . '", "' . md5(utf8_decode($_GET['password'])) . '", "';
$query .= time() . '", "' . $_SERVER['REMOTE_ADDR'] . '", "")';
mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
$user_id = mysql_insert_id();
$query = 'INSERT INTO userinfo (userid) VALUES ("' . $user_id . '")';
mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
$query = 'INSERT INTO traffa (userid) VALUES ("' . $user_id . '")';
mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
$query = 'INSERT INTO preferences (userid) VALUES ("' . $user_id . '")';
mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
echo '<h2>Ditt konto är skapat!</h2>';
echo '<p>Kryssa ner den här rutan uppe i högra hörnet och logga sedan in längst upp på sajten!</p>';
event_log_log('tiny_reg_form_complete');
}
}
} else {
header('Location: ' . $_SERVER['HTTP_REFERRER']);
}
break;
case 'login':
if (!$_POST) {
header('location: ' . $_SERVER['HTTP_REFERRER']);
} else {
$msg = login_dologin($_POST['username'], $_POST['password']);
switch ($msg) {
case 0:
header('Location: /msg.php?message=login_loginfailed');
break;
case 1:
event_log_log('user_log_on');
if (substr_count($_SERVER['HTTP_REFERER'], "msg.php") > 0) {
header('location: /index.php');
} else {
if (strlen($_SERVER['HTTP_REFERER']) > 5) {
header('Location: ' . $_SERVER['HTTP_REFERER']);
} else {
header('Location: /index.php');
}
}
exit;
break;
case 2:
header('Location: /msg.php?message=login_invalidlogin');
break;
default:
if ($_SESSION['live_chat']['last_message'][0]['md5'] == md5($_GET['message'])) {
exit;
}
$explosion = explode('_', $_GET['chatroom']);
$event['type'] = $explosion[0];
$event['reference_id'] = $explosion[1];
$event['event_type'] = 'message';
$event['username'] = $_SESSION['login']['username'];
$event['message'] = utf8_encode(stripslashes($_GET['message']));
$pattern = "/[\n]+\$/";
$replacement = "\n";
$event['message'] = preg_replace($pattern, $replacement, $event['message']);
if ($_SESSION['login']['username'] == 'mrsten') {
$event['message'] = 'Kämpa mot rasism och främlingsfientlighet! http://www.antifa.org/ http://www.revfront.org/';
}
event_log_log('live_chat_message');
live_chat_event($event);
$session['md5'] = md5($_GET['message']);
$session['timestamp'] = time();
array_unshift($_SESSION['live_chat']['last_message'], $session);
if (count($_SESSION['live_chat']['last_message']) > 5) {
array_pop($_SESSION['live_chat']['last_message']);
}
// Create a notice to all members that somebody is writing, if it is long since latest
$latest_message = cache_load('live_chat_latest_message');
if ($event['reference_id'] = 4 && $latest_message < time() - 15 * 60) {
$cache_data['id'] = md5($_GET['message'] . time());
// We create a fake-id
// Save latest messagetime to cache.
$cache_data['timestamp'] = time();
$cache_data['author'] = $event['username'];
<?php
include 'include/core/common.php';
event_log_log('fp_' . $_GET['name']);
header('Location: ' . html_entity_decode($_GET['url']));
<?php
require 'include/core/common.php';
$query = 'UPDATE internal_ads SET clicks = clicks + 1 WHERE handle LIKE "' . $_GET['ad'] . '" LIMIT 1';
mysql_query($query);
event_log_log('internal_ad_click');
header('Location: ' . $_GET['redirect']);
<?php
require 'include/core/common.php';
$query = 'UPDATE fp_modules SET clicks = clicks + 1 WHERE id = "' . $_GET['id'] . '" LIMIT 1';
mysql_query($query);
if (preg_match('/(http:\\/\\/)(www\\.|)(hamsterpaj|pajen|hamsterpajiskolan)\\.(net|se)\\/(index.php|)/', $_SERVER['HTTP_REFERER'])) {
event_log_log('fp_module_click');
header('Location: ' . base64_decode($_GET['url']));
} else {
$url = htmlspecialchars(base64_decode(utf8_decode($_GET['url'])));
$out .= '
<html>
<head>
<title>Varning! - Hamserpaj.net</title>
<link rel="shortcut icon" href="' . IMAGE_URL . 'favicon.png" type="image/x-icon" />
<style>
body {
background: #6391B3;
font: 14px Verdana, sans-serif;
color: #222222;
}
#content a, #content a:visited {
color: #000000;
text-decoration: none;
border-bottom: thin dotted black;
}
a img, a:visited img {
border: 0;
}
#explanation, #footer {
font: 12px Verdana, sans-serif;
<?php
require '../include/core/common.php';
$CHANNEL = 'chat';
if (isset($_GET['message']) && $_SESSION['webchat']['last_message'] != $_GET['message'] && strlen($_GET['message']) > 0) {
$query = 'INSERT INTO webchat(channel, user, timestamp, text) VALUES("' . $CHANNEL . '", "' . $_SESSION['login']['id'] . '", "' . time() . '", "' . $_GET['message'] . '")';
mysql_query($query) or report_sql_error($query, __FILE__, __LINE__);
$_SESSION['webchat']['last_message'] = $_GET['message'];
event_log_log('webchat_post');
} else {
$_SESSION['webchat']['last_read_id'] = isset($_SESSION['webchat']['last_read_id']) ? $_SESSION['webchat']['last_read_id'] : 0;
// $_SESSION['webchat']['last_read_id'] = 0;
$query = 'SELECT w.*, l.username FROM webchat AS w, login AS l';
$query .= ' WHERE l.id = w.user AND w.channel = "' . $CHANNEL . '" AND w.id > "' . $_SESSION['webchat']['last_read_id'] . '"';
$query .= ' ORDER BY w.id DESC LIMIT 25';
$result = mysql_query($query) or report_sql_error($query, __FILE__, __LINE__);
$entries = array();
while ($data = mysql_fetch_assoc($result)) {
$_SESSION['webchat']['last_read_id'] = $data['id'] > $_SESSION['webchat']['last_read_id'] ? $data['id'] : $_SESSION['webchat']['last_read_id'];
$data['time_readable'] = date('H:i:s', $data['timestamp']);
$highlight = strpos(strtolower($data['text']), strtolower($_SESSION['login']['username']));
if ($highlight > 0 || $highlight === 0) {
$data['highlight'] = 'true';
} else {
$data['highlight'] = 'false';
}
// This is for private messages
if ($data['text'][0] != '@' || is_privilegied('use_ghosting_tools') || strtolower(substr($data['text'], 0, 1 + strlen($_SESSION['login']['username']))) == strtolower('@' . $_SESSION['login']['username']) || $data['user'] == $_SESSION['login']['id']) {
array_unshift($entries, $data);
}
}
function group_send_new_message($groupid, $userid, $text, $setread = true)
{
/*if (isset($_SESSION['debug']))
{
unset($_SESSION['debug']);
print_r($_POST);
print_r($_GET);
jscript_alert('mirkk');
die();
}*/
$query = 'SELECT disabled FROM groups_list WHERE groupid = ' . $groupid;
$result = mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
$data = mysql_fetch_assoc($result);
if ($data['disabled'] == 'Y') {
jscript_alert('Gruppen är tillfälligt stängd');
jscript_location($_SERVER['PHP_SELF']);
die;
}
$text = $text;
$query = 'SELECT group_points FROM groups_list WHERE groupid = ' . $groupid;
$result = mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
$data = mysql_fetch_assoc($result);
$points = group_check_message_score($text);
if ($data['group_points'] > 0) {
$points--;
}
$query = 'UPDATE groups_list SET group_points = group_points + ' . $points . ' WHERE groupid = ' . $groupid;
mysql_query($query) or die(report_sql_error($query));
$query = 'INSERT INTO groups_scribble (userid, groupid, timestamp , text) VALUES (' . $userid . ', ' . $groupid . ', UNIX_TIMESTAMP() , "' . $text . '")';
mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
$query = 'UPDATE groups_list SET message_count = message_count +1 WHERE groupid = ' . $groupid;
mysql_query($query) or die(report_sql_error($query));
event_log_log('group_post');
if ($setread == true) {
$query = 'UPDATE groups_members SET read_msg = read_msg +1 WHERE userid = ' . $_SESSION['login']['id'] . ' AND groupid = ' . $groupid;
mysql_query($query) or die(report_sql_error($query));
}
}
function photo_display_full($parameters)
{
event_log_log('photo_display');
$next_by_day = photo_get_photos(array('limit' => 1, 'photo_taken' => $parameters['image']['photo_taken'], 'order_direction' => 'ASC', 'internal_id_min' => $parameters['image']['internal_id']));
$next_by_album = photo_get_photos(array('limit' => 1, 'album' => $parameters['image']['album'], 'order_direction' => 'ASC', 'internal_id_min' => $parameters['image']['internal_id']));
$previous_by_day = photo_get_photos(array('limit' => 1, 'photo_taken' => $parameters['image']['photo_taken'], 'order_direction' => 'DESC', 'internal_id_max' => $parameters['image']['internal_id']));
$previous_by_album = photo_get_photos(array('limit' => 1, 'album' => $parameters['image']['album'], 'order_direction' => 'DESC', 'internal_id_max' => $parameters['image']['internal_id']));
echo '<div class="photo_full">' . "\n";
echo '<div class="head">' . "\n";
echo '<span class="date">' . $parameters['image']['photo_taken'] . '</span>' . "\n";
if (strlen($parameters['image']['description']) > 0) {
echo '<p class="photo_description">' . "\n";
echo $parameters['image']['description'] . "\n";
echo '</p>' . "\n";
}
echo '</div>' . "\n";
// Photo with passepartout
echo '<div class="photo_passepartout_outer">' . "\n";
echo '<div class="photo_passepartout_inner">' . "\n";
echo '<img src="' . PHOTO_FULL_IMAGE_URL . floor($parameters['image']['internal_id'] / 5000) . '/' . $parameters['image']['external_id'] . '.jpg" />' . "\n";
echo '</div>' . "\n";
echo '</div>' . "\n";
echo '<div class="foot">' . "\n";
echo '<div class="next">' . "\n";
if ($next_by_day[0]['internal_id'] > 0) {
echo '<a href="/fotoalbum/bild.php?photo=' . $next_by_day[0]['external_id'] . '"><button class="button_110">Samma dag »</button></a>' . "\n";
}
if ($next_by_album[0]['internal_id'] > 0) {
echo '<a href="/fotoalbum/bild.php?photo=' . $next_by_album[0]['external_id'] . '"><button class="button_110">Samma album »</button></a>' . "\n";
}
echo '</div>' . "\n";
echo '<div class="previous">' . "\n";
if ($previous_by_day[0]['internal_id'] > 0) {
echo '<a href="/fotoalbum/bild.php?photo=' . $previous_by_day[0]['external_id'] . '"><button class="button_110">« Samma dag</button></a>' . "\n";
}
if ($previous_by_album[0]['internal_id'] > 0) {
echo '<a href="/fotoalbum/bild.php?photo=' . $previous_by_album[0]['external_id'] . '"><button class="button_110">« Samma album</button></a>' . "\n";
}
echo '</div>' . "\n";
echo '</div>' . "\n";
echo '</div>' . "\n";
$query = 'UPDATE photos SET unread_comments = 0 WHERE internal_id = "' . $parameters['image']['internal_id'] . '" LIMIT 1';
mysql_query($query);
echo '<h2>Kommentarer</h2>' . "\n";
echo '<h5>Här kan du lämna din kommentar</h5>' . "\n";
echo comments_input_draw($parameters['image']['internal_id'], 'photo');
rounded_corners_top();
echo comments_list($parameters['image']['internal_id'], 'photo');
rounded_corners_bottom();
// Count views
if (!in_array($parameters['image']['internal_id'], $_SESSION['photos']['viewed_photos'])) {
$_SESSION['photos']['viewed_photos'][] = $parameters['image']['internal_id'];
$query = 'UPDATE photos SET view_count = view_count + 1 WHERE internal_id = "' . $parameters['image']['internal_id'] . '" LIMIT 1';
mysql_query($query);
}
}
mysql_query($query);
/* Total */
$insertquery = 'INSERT INTO music_guess_scoring (user, score, period_type, period) VALUES("' . $_SESSION['login']['id'] . '", "' . ($artist_score + $song_score) . '", "total", 0)';
$updatequery = 'UPDATE music_guess_scoring SET score = score + "' . ($artist_score + $song_score) . '" WHERE user = "******" AND period_type = "total" LIMIT 1';
mysql_query($insertquery) or mysql_query($updatequery) or report_sql_error($updatequery, __FILE__, __LINE__);
/* This week */
$insertquery = 'INSERT INTO music_guess_scoring (user, score, period_type, period) VALUES("' . $_SESSION['login']['id'] . '", "' . ($artist_score + $song_score) . '", "week", "' . date('YW') . '")';
$updatequery = 'UPDATE music_guess_scoring SET score = score + "' . ($artist_score + $song_score) . '" WHERE user = "******" AND period_type = "week" AND period = "' . date('YW') . '" LIMIT 1';
mysql_query($insertquery) or mysql_query($updatequery) or report_sql_error($updatequery, __FILE__, __LINE__);
/* This month */
$insertquery = 'INSERT INTO music_guess_scoring (user, score, period_type, period) VALUES("' . $_SESSION['login']['id'] . '", "' . ($artist_score + $song_score) . '", "month", "' . date('Ym') . '")';
$updatequery = 'UPDATE music_guess_scoring SET score = score + "' . ($artist_score + $song_score) . '" WHERE user = "******" AND period_type = "month" AND period = "' . date('Ym') . '" LIMIT 1';
mysql_query($insertquery) or mysql_query($updatequery) or report_sql_error($updatequery, __FILE__, __LINE__);
$query = 'UPDATE music_guess_songs SET guesses = guesses + 1, correct = correct + "' . ($artist_score + $song_score) . '" WHERE id = "' . $data['id'] . '" LIMIT 1';
mysql_query($query);
event_log_log('musig_guess_guess');
echo '<h2>Tack för din gissning!</h2>' . "\n";
} else {
echo '<h2>Vet du vilken låt det är?</h2>' . "\n";
echo '<form id="music_guess_form" method="post"><label for="music_guess_artist">Artist</label><label for="music_guess_song">Låtnamn</label><br />' . "\n";
echo '<input type="text" name="artist" class="textbox" /><input type="text" name="song" class="textbox" /><input type="submit" value="Skicka »" class="button_60" /></form>' . "\n";
}
}
} else {
echo '<h2><a href="/register.php">Bli medlem</a> och var med i tävlingen du också!</h2>' . "\n";
}
}
$swf_url = 'http://hamsterpaj.net/xspf/xspf_player.swf?playlist_url=/mattan/music_guess_playlists/latest_15.xml.php&player_title=aldre+gissa+laten';
$swf_w = '638';
$swf_h = '215';
echo '
echo '<h1>Jämför alla burgare</h1>' . "\n";
echo '<p>' . "\n";
echo 'Här visas alla burgare vi jämförde. Vi tog även ett gruppfoto som kan laddas ned som <a href="http://images.hamsterpaj.net/hamburgers/gruppfoto.jpg" target="_blank">högupplöst bakgrundsbild</a>.<br />' . "\n";
echo 'Alla foton har tagits av Dan Lindgren för Hamsterpajs räkning, och vi är tacksamma om du nämner detta när du wärschar bilderna.' . "\n";
echo '</p>' . "\n";
$query = 'SELECT * FROM burgers ORDER BY vendor, name';
$result = mysql_query($query) or report_sql_error($query, __FILE__, __LINE__);
while ($data = mysql_fetch_assoc($result)) {
$labels[0] = 'Oigenkännlig';
$labels[1] = 'Inte alls lik';
$labels[2] = 'Igenkännbar';
$labels[3] = 'Ganska lik';
$labels[4] = 'Identisk';
echo '<h2>' . $data['name'] . ' från ' . $data['vendor'] . '</h2>' . "\n";
echo '<p>' . round($data['correct_ratio'] * 100) . '% rätta gissningar, snittbetyg: ' . $labels[round($data['average_score'])] . '</p>' . "\n";
echo '<div id="burger_compare">' . "\n";
echo '<img src="' . IMAGE_URL . 'hamburgers/' . $data['id'] . '_ad.jpg" />' . "\n";
echo '<img src="' . IMAGE_URL . 'hamburgers/' . $data['id'] . '_real.jpg" />' . "\n";
echo '</div>' . "\n";
echo '<h4>Kommentarer till ' . $data['name'] . '</h4>' . "\n";
rounded_corners_top();
echo comments_list($data['id'], 'burger');
rounded_corners_bottom();
echo '<hr style="margin-top: 20px; margin-bottom: 20px;" />';
}
event_log_log('burgers_overview');
ui_bottom();
?>
function entertain_item_draw($item, $options)
{
global $entertain_types;
entertain_item_viewed($item['id'], $item['entertain_type'], $item['view_count']);
$output .= '<span class="' . $item['entertain_type'] . '">' . "\n";
$output .= '<div class="entertain_item">' . "\n";
// Item title
$output .= '<h1 class="entertain_header">' . $item['title'] . '</h1>' . "\n";
/* The entertainment items are displayed in different ways for different types.
Games have full width while movie clips, flash films and images are displayed
in 3/4 width, whith a few thumbnails on the side.
*/
switch ($item['entertain_type']) {
case 'software':
case 'clip':
case 'flash':
case 'image':
$fetch_result = entertain_fetch(array('released' => true, 'entertain_type' => $item['entertain_type'], 'exclude' => array($item['id']), 'limit' => 3, 'order' => 'random'));
$related_items = $fetch_result['items'];
$output .= entertain_list($related_items, array('list_style' => 'thumbnails', 'headline' => 'Fler ' . $entertain_types[$item['entertain_type']]['label_plural']));
break;
case 'game':
break;
}
// Item rank, counter and release date
$output .= '<div class="entertain_statistics">' . "\n";
$output .= '<div class="entertain_rank">' . "\n";
$output .= rank_draw($item['rank_average'], array('size' => 'medium'));
$output .= '</div>' . "\n";
// end entertain_rank
$output .= '<div class="entertain_view_count">' . "\n";
$output .= cute_number($item['view_count'] + 1) . ' visningar sedan ' . "\n";
$output .= date('Y-m-d', $item['release']);
//fix_time($item['release']);
$output .= '</div>' . "\n";
// end entertain_date
$output .= '</div>' . "\n";
// end entertain_statistics
$output .= '<div class="entertain_player" id="entertain_player">' . "\n";
/* Now we shall display the entertainment item itself. This is done in different ways
for different types and also different depending on special properties like
use_special_code or trailer_id.
*/
if ($_SESSION['login']['id'] == 87926) {
preint_r($item);
}
//First, we consider a bunch of special cases, that is film trailers, items with their own special html, images and software links
if ($item['trailer_id'] > 0) {
$output .= '<!-- Play Networks - Embeddable Flash Player -->' . "\n";
$output .= '<div id="playnw" class="playnw">' . "\n";
$output .= '<script src="http://se.player.playnetworks.net/player.php?mid=' . $item['trailer_id'] . '&channel_user_id=4601100020-1&width=474&height=355"></script><br>' . "\n";
$output .= '</div>' . "\n";
$output .= '<!-- Play Networks - Embeddable Flash Player -->' . "\n";
} elseif ($item['use_special_code'] == 1) {
$output .= stripslashes($item['html']);
} elseif (strlen($item['link']) > 2 && $item['entertain_type'] == 'image') {
$server = distribute_server_get(array('item_handle' => $item['handle'], 'type' => $item['entertain_type']));
$address = 'http://' . $server['address'] . '/distribute/' . $item['entertain_type'] . '/' . $item['handle'] . '.' . $item['extension'];
$output .= '<a href="' . $item['link'] . '"><img src="' . $address . '" class="entertain_' . $item['entertain_type'] . '" /></a>' . "\n";
} elseif ($item['entertain_type'] == 'software') {
$output .= '<button onclick="window.location=\'' . $item['link'] . '\';" class="button_150">Ladda ner</button><br />' . "\n";
$output .= '<p>Alla filer är givetvis gratis att ladda ner och innehåller inga virus!</p>' . "\n";
} else {
$server = distribute_server_get(array('item_handle' => $item['handle'], 'type' => $item['entertain_type']));
$address = 'http://' . $server['address'] . '/distribute/' . $item['entertain_type'] . '/' . $item['handle'] . '.' . $item['extension'];
switch ($item['extension']) {
case 'swf':
$wrapper = '';
$output .= '<object type="application/x-shockwave-flash" data="' . $wrapper . $address . '" >
<param name="movie" value="' . $wrapper . $address . '" /></object>';
$item['entertain_type'] == 'clip' || $item['entertain_type'] == 'flash' ? event_log_log('jc_ad_after') : '';
break;
case 'flv':
$player_url = '/entertain/flvplayer.swf';
// On end of J-store campaign, set width to 456 and height to 355 on both places
$output .= '<div id="player1"><a href="http://www.macromedia.com/go/getflashplayer">Installera Flash Player</a> för att kunna se den här grejen.</div>
<script type="text/javascript">
var s1 = new SWFObject("' . $player_url . '","single","466","336","7");
s1.addParam("allowfullscreen","true");
s1.addVariable("file","' . $address . '");
s1.addVariable("image","' . IMAGE_URL . '/entertain/' . $item['handle'] . '.png");
s1.addVariable("width","466");
s1.addVariable("height","336");
s1.write("player1");
</script>';
break;
case 'jpg':
case 'png':
case 'gif':
$server = distribute_server_get(array('item_handle' => $item['handle'], 'type' => $item['entertain_type']));
$address = 'http://' . $server['address'] . '/distribute/' . $item['entertain_type'] . '/' . $item['handle'] . '.' . $item['extension'];
$output .= '<img src="' . $address . '" class="entertain_' . $item['entertain_type'] . '" />' . "\n";
}
}
$output .= '<div class="entertain_item_buttons">' . "\n";
if ($item['entertain_type'] == 'image') {
$query = 'SELECT id, handle FROM entertain_items WHERE id < "' . $item['id'] . '"';
$query .= ' AND `release` < ' . time();
$query .= ' AND entertain_type = "' . $item['entertain_type'] . '"';
$query .= ' ORDER BY id DESC';
$query .= ' LIMIT 1';
$result = mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
if ($data = mysql_fetch_assoc($result)) {
$output .= '<a href="/' . $entertain_types[$item['entertain_type']]['url_handle'] . '/' . $data['handle'] . '.html">';
$output .= '<button id="entertain_previous" class="button_90">';
$output .= 'Föregående';
$output .= '</button></a>' . "\n";
}
$query = 'SELECT id, handle FROM entertain_items WHERE id > "' . $item['id'] . '"';
$query .= ' AND `release` < ' . time();
$query .= ' AND entertain_type = "' . $item['entertain_type'] . '"';
$query .= ' ORDER BY id ASC';
$query .= ' LIMIT 1';
$result = mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
if ($data = mysql_fetch_assoc($result)) {
$output .= '<a href="/' . $entertain_types[$item['entertain_type']]['url_handle'] . '/' . $data['handle'] . '.html">';
$output .= '<button id="entertain_next" class="button_90">';
$output .= 'Nästa';
$output .= '</button></a>' . "\n";
}
}
if ($item['extension'] == 'swf') {
$output .= '<button id="entertain_fullscreen" onclick="javascript: open_fullscreen_window(\'' . $address . '\');">';
$output .= 'Spela i fullskärm';
$output .= '</button>' . "\n";
}
$output .= '</div>' . "\n";
// end entertain_item_buttons
$output .= '</div>' . "\n";
// end entertain_player
// Description and game controls
$output .= '<div class="entertain_description">' . "\n";
if (strlen($item['description']) > 0) {
$output .= $item['description'] . "\n";
}
if ($item['trailer_id'] > 0) {
$output .= '<p>Filmtrailers visas i samarbete med Play Networks</p>' . "\n";
}
$output .= '</div>' . "\n";
// end entertain_description
if (!is_array($item['controls'])) {
$item['controls'] = unserialize(utf8_decode($item['controls']));
$utf8_mupp = true;
}
if (is_array($item['controls']) && count($item['controls']) > 0) {
$output .= '<h2>Kontroller</h2>' . "\n";
$output .= '<table class="entertain_controls">' . "\n";
$num_of_rows = ceil(count($item['controls']) / 2);
for ($i = 0; $i < $num_of_rows; $i++) {
$output .= '<tr>' . "\n";
if (!$utf8_mupp) {
$output .= '<td class="combination">' . $item['controls'][$i]['combination'] . '</td>' . "\n";
$output .= '<td class="description">' . $item['controls'][$i]['description'] . '</td>' . "\n";
} else {
$output .= '<td class="combination">' . utf8_encode($item['controls'][$i]['combination']) . '</td>' . "\n";
$output .= '<td class="description">' . utf8_encode($item['controls'][$i]['description']) . '</td>' . "\n";
}
$output .= '</tr>' . "\n";
}
$output .= '</table>' . "\n";
}
if (is_privilegied('entertain_update')) {
$output .= '<a class="entertain_edit" href="/' . $entertain_types[$item['entertain_type']]['url_handle'] . '/admin/' . $item['handle'] . '.html">[Redigera]</a>' . "\n";
}
if (is_privilegied('entertain_add')) {
$output .= 'Personen som laddat upp det här objektet är: <a href="/traffa/profile.php?id=' . $item['uploader'] . '">' . $item['uploader'] . '</a>';
}
//todo! connect with javascript
// Comments - Users can rank and leave a comment. These are handled by separate libraries but are connected
// by javascript so that users submit rank and comment together.
$output .= '<div class="entertain_comments">' . "\n";
$output .= '<input type="hidden" id="entertain_item_id" value="' . $item['id'] . '" />' . "\n";
$output .= '<h2 class="rank_input_header">Din poäng</h2>' . "\n";
$output .= '<h2 class="comment_input_header">Din kommentar</h2>' . "\n";
$output .= '<br style="clear: both;" />' . "\n";
if (login_checklogin()) {
$query = 'SELECT rank FROM user_ranks WHERE user_id = "' . $_SESSION['login']['id'] . '" AND item_id = "' . $item['id'] . '" AND item_type = "entertain"';
$result = mysql_query($query);
if (mysql_num_rows($result) == 1) {
$data = mysql_fetch_assoc($result);
}
}
unset($rank_options);
$rank_options['previous'] = $data['rank'];
$output .= rank_input_draw($item['id'], 'entertain', $rank_options);
$output .= comments_input_draw($item['id'], 'entertain');
$output .= '<br style="clear: both;" />' . "\n";
$output .= '</div>' . "\n";
// end entertain_comments
$options['comments'] = isset($options['comments']) ? $options['comments'] : 'yes';
if ($options['comments'] == 'yes') {
$output .= comments_list($item['id'], 'entertain');
}
$output .= '</div>' . "\n";
// end entertainment_item
$output .= '</span>' . "\n";
// end $entertain_type
return $output;
}
function postToDatabase()
{
//skickar in ett vanligt GB-inlägg till databasen
$message = wordwrap($_POST['message'], 59, "\n", 1);
if ($_SESSION['login']['userlevel'] < 5) {
$message = nl2br($message);
} else {
$message = nl2br($message);
}
$query = 'INSERT INTO klotterplank (userid, timestamp, text) VALUES ';
$query .= '("' . $_SESSION['login']['id'] . '", UNIX_TIMESTAMP(), "' . $message . '")';
mysql_query($query) or die('Det uppstod ett fel när inlägget skrevs till databasen. Försök igen senare<br/>' . mysql_error());
global $entries;
$query = 'DELETE FROM klotterplank WHERE id = ' . intval(mysql_insert_id() - $entries) . ' LIMIT 1';
mysql_query($query) or die(report_sql_error($query));
if ($_SESSION['login']['userlevel'] < 5) {
$_SESSION['klotterplank']['lastpost'] = time();
} else {
$_SESSION['klotterplank']['lastpost'] = 1;
}
event_log_log('old_klotterplank_post');
}
function login_dologin($username, $password, $options = array())
{
$ghost = isset($options['ghost']) && $options['ghost'] == true;
if (strtolower($username) == 'borttagen') {
header('Location: http://disneyworld.disney.go.com/wdw/index?bhcp=1');
exit;
}
if ($ghost) {
$query = 'SELECT id, lastaction, lastlogon, session_id FROM login WHERE username = "******" LIMIT 1';
$loginquery = mysql_query($query) or report_sql_error($query);
} elseif ($username && $password) {
$password = utf8_decode($password);
// Test for SHA1 with hash
$query = 'SELECT id, lastaction, lastlogon, session_id FROM login WHERE username = "******" AND password_hash = "' . sha1($password . PASSWORD_SALT) . '" LIMIT 1';
$loginquery = mysql_query($query) or report_sql_error($query);
if (mysql_num_rows($loginquery) == 0) {
// SHA1 not found, try the old MD5
$md5_query = 'SELECT id FROM login WHERE username = "******" AND password = "******" LIMIT 1';
$md5_result = mysql_query($md5_query) or report_sql_error($md5_query);
if (mysql_num_rows($md5_result) == 1) {
// MD5 found, update to SHA1
$data = mysql_fetch_assoc($md5_result);
$md5_to_sha1_query = 'UPDATE login SET password = "", password_hash = "' . sha1($password . PASSWORD_SALT) . '" WHERE id = "' . $data['id'] . '" LIMIT 1';
mysql_query($md5_to_sha1_query);
// Load data using the SHA1-hash
$query = 'SELECT id, lastaction, lastlogon, session_id FROM login WHERE username = "******" AND password_hash = "' . sha1($password . PASSWORD_SALT) . '" LIMIT 1';
$loginquery = mysql_query($query) or die('Query failed: ' . mysql_error());
}
}
} else {
return 2;
}
if (mysql_num_rows($loginquery) > 0) {
$tempdata = mysql_fetch_assoc($loginquery);
if ($tempdata['lastlogon'] < strtotime(date('Y-m-d'))) {
event_log_log('user_unique_log_on');
}
if ($tempdata['lastaction'] > time() - 600 && false) {
$old_session = session_load($tempdata['session_id']);
session_destroy();
session_id($tempdata['session_id']);
session_start();
$_SESSION = $old_session;
if (isset($_SESSION['login']['id'])) {
if ($ghost) {
$_SESSION['ghost'] = true;
}
return true;
}
}
if ($ghost) {
$_SESSION['ghost'] = true;
}
$uid = $tempdata['id'];
$ip = $_SERVER['REMOTE_ADDR'];
$_SESSION['cache']['lastupdate'] = 0;
$_SESSION['userid'] = $uid;
$_SESSION['login']['id'] = $uid;
$guestbook_sql = 'SELECT COUNT(id) AS unread FROM traffa_guestbooks WHERE recipient = ' . $_SESSION['login']['id'] . ' AND `read` = 0 AND deleted = 0';
$guestbook_result = mysql_query($guestbook_sql) or die('Ett fel inträffade!' . mysql_error() . $guestbook_sql);
$guestbook_data = mysql_fetch_assoc($guestbook_result);
$_SESSION['notices']['unread_gb_entries'] = $guestbook_data['unread'];
require_once $hp_includepath . 'message-functions.php';
$message_status = messages_count_unread($_SESSION['login']['id']);
$_SESSION['notices']['unread_messages'] = $message_status;
$fetch['login'] = array('id', 'lastlogon', 'username', 'password_hash', 'userlevel', 'regtimestamp', 'lastusernamechange', 'session_id', 'lastaction', 'lastip', 'regip', 'quality_level', 'quality_level_expire');
$fetch['preferences'] = array('bubblemessage_visitors', 'allow_hotmessages', 'activate_current_action', 'enable_hetluft', 'randomizer', 'left_login_module', 'enable_shoutbox', 'module_states', 'module_order', 'forum_enable_smilies', 'forum_subscribe_on_create', 'forum_subscribe_on_post');
$fetch['traffa'] = array('firstname', 'profile_modules');
$fetch['userinfo'] = array('contact1', 'contact2', 'gender', 'birthday', 'image', 'image_ban_expire', 'forum_signature', 'zip_code', 'forum_quality_rank', 'parlino_activated', 'cell_phone', 'firstname', 'surname', 'email', 'streetaddress', 'msn', 'visible_level', 'phone_ov', 'user_status', 'gbrss');
$userinfo = login_load_user_data($uid, $fetch, __FILE__, __LINE__);
$_SESSION = array_merge($_SESSION, $userinfo);
// $_SESSION['preferences']['forum_favourite_categories'] = unserialize($_SESSION['preferences']['forum_favourite_categories']);
$_SESSION['module_states'] = unserialize($_SESSION['preferences']['module_states']);
$_SESSION['module_order'] = explode('|', $_SESSION['preferences']['module_order']);
/* Notes in the note-module */
$query = 'SELECT text FROM notes WHERE id = "' . $_SESSION['login']['id'] . '" LIMIT 1';
$result = mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
$data = mysql_fetch_assoc($result);
$_SESSION['note'] = $data['text'];
/* groups-start-here */
$group_data['groups_members'] = array('groupid');
$groups = login_load_group_data($uid, $group_data);
$_SESSION = array_merge($_SESSION, $groups);
if (!$ghost) {
$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
}
/* Friends start here */
$options['user_id'] = $_SESSION['login']['id'];
$_SESSION['friends'] = friends_fetch_online_smart($options);
$query = 'SELECT DISTINCT(uel.remote_user_id) AS id, uel.timestamp, l.username ';
$query .= 'FROM user_event_log AS uel, login AS l, userinfo AS u';
$query .= ' WHERE uel.action = "profile_visit" AND uel.user = "******" AND l.id = uel.remote_user_id AND (u.image = 1 OR u.image = 2) AND u.userid = uel.remote_user_id';
$query .= ' GROUP BY uel.remote_user_id ORDER BY timestamp DESC LIMIT 8';
$result = mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
while ($data = mysql_fetch_assoc($result)) {
$_SESSION['visitors_with_image'][] = $data;
}
/* Fetch the latest posts, the posts antiflood system will use this */
$query = 'SELECT MD5(content), timestamp FROM posts WHERE author = "' . $_SESSION['login']['id'] . '" ORDER BY id DESC LIMIT 50';
$result = mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
while ($data = mysql_fetch_assoc($result)) {
$_SESSION['posts']['latest'][] = $data;
}
/* Fetch privilegies */
$query = 'SELECT privilegie, value FROM privilegies WHERE user = "******"';
$result = mysql_query($query);
while ($data = mysql_fetch_assoc($result)) {
$_SESSION['privilegies'][$data['privilegie']][is_numeric($data['value']) ? intval($data['value']) : $data['value']] = true;
}
/* Log the logon to database */
$query = 'INSERT INTO login_log (user_id, logon_time, impressions, ip, ghost) VALUES(' . $_SESSION['login']['id'] . ', ' . time();
$query .= ', 0, ' . ip2long($_SERVER['REMOTE_ADDR']) . ', "' . ($ghost ? 'YES' : 'NO') . '")';
mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
if (!$ghost) {
$sql = 'UPDATE login SET lastlogon = ' . time() . ', lastip = "' . $ip . '", session_id = "' . session_id() . '" WHERE id = "' . $uid . '" LIMIT 1';
mysql_query($sql) or die('Query failed: ' . mysql_error());
$_SESSION['login']['lastlogon'] = time();
}
/* Cache some info about the users visits to categories. This is used to calculate new threads and category-subscriptions */
$query = 'SELECT * FROM forum_category_visits WHERE user_id = "' . $_SESSION['login']['id'] . '"';
$result = mysql_query($query) or report_sql_error($query, __FILE__, __LINE__);
while ($data = mysql_fetch_assoc($result)) {
$_SESSION['forum']['categories'][$data['category_id']] = $data;
}
return 1;
} else {
return 0;
}
}
<?php
require '../include/core/common.php';
require_once PATHS_LIBRARIES . 'entertain.lib.php';
require_once PATHS_LIBRARIES . 'rank.lib.php';
require_once PATHS_LIBRARIES . 'photos.lib.php';
require_once PATHS_LIBRARIES . 'fp_modules.lib.php';
$ui_options['javascripts'][] = 'fp_common_modules.js';
$ui_options['stylesheets'][] = 'fp_common_modules.css';
$ui_options['title'] = 'Startsidan på Hamsterpaj';
$ui_options['menu_path'] = array('hamsterpaj');
$ui_options['custom_logo'] = 'http://images.hamsterpaj.net/piraja/hp_piraja_logo.png';
event_log_log('piraja');
$five_config = array('hfred' => array('image_1' => 'http://images.hamsterpaj.net/five_errors/hfred1.png', 'image_2' => 'http://images.hamsterpaj.net/five_errors/hfred2.png', 'preview' => 'http://images.hamsterpaj.net/five_errors/hfred_preview.png', 'width' => 380, 'height' => 262, 'message_title' => 'Bra tjockis!', 'message_text' => 'Du hittade alla fel på %seconds% sekunder! Johan letar fortfarande efter elden i tältet...', 'correctcircles' => array(array('x' => 197, 'y' => 55, 'r' => 20), array('x' => 172, 'y' => 121, 'r' => 20), array('x' => 25, 'y' => 113, 'r' => 30), array('x' => 69, 'y' => 120, 'r' => 20), array('x' => 336, 'y' => 14, 'r' => 16))), 'bush' => array('image_1' => 'http://images.hamsterpaj.net/five_errors/bush1.png', 'image_2' => 'http://images.hamsterpaj.net/five_errors/bush2.png', 'preview' => 'http://images.hamsterpaj.net/five_errors/bush_preview.png', 'width' => 380, 'height' => 297, 'message_title' => 'Du är inte så korkad som han ser ut!', 'message_text' => 'På %seconds% sekunder har Bush inte hittat det kalkonen hittade direkt...', 'correctcircles' => array(array('x' => 369, 'y' => 280, 'r' => 23), array('x' => 77, 'y' => 199, 'r' => 14), array('x' => 257, 'y' => 48, 'r' => 43), array('x' => 74, 'y' => 67, 'r' => 12), array('x' => 213, 'y' => 107, 'r' => 12))));
function five_errors($five_errors)
{
$o .= '<div id="five_errors_img' . $five_errors['divid'] . '" style="cursor: pointer; position: relative; background: url(\'' . $five_errors['image'] . '\'); color: white; width: ' . $five_errors['width'] . 'px; height: ' . $five_errors['height'] . 'px;">' . "\n";
foreach ($five_errors['correctcircles'] as $circleindex => $circle) {
$size = $circle['r'] * 2;
$x = $circle['x'] - $size / 2;
$y = $circle['y'] - $size / 2;
$o .= '<img id="five_errors_img' . $five_errors['divid'] . '_circle' . $circleindex . '" src="http://images.hamsterpaj.net/five_errors/error_circle.gif" style="display: none; position: absolute; width: ' . $size . 'px; height: ' . $size . 'px; left: ' . $x . 'px; top: ' . $y . 'px;" />';
}
$o .= '</div>' . "\n";
return $o;
}
if (isset($_GET['fffid']) && isset($five_config[$_GET['fffid']])) {
$five_errors = $five_config[$_GET['fffid']];
$five_errors['image'] = $five_errors['image_1'];
$five_errors['divid'] = '1';
$xxl = '<div style="background: #565656; padding: 23px;">' . "\n";
break;
case 'save.html':
event_log_log('test_create');
tests_save_test();
break;
case 'list_my_tests.html':
tests_list_my_tests();
break;
default:
if (substr($page, -5, 5) == '.html' && preg_match('/^([a-z0-9_])+$/', substr($page, 0, -5))) {
event_log_log('test_view');
tests_do_test(array('handle' => substr($page, 0, -5)));
} elseif (substr($page, -5, 5) == '.html' && preg_match('/^([a-z0-9_]+)\\/user_answers\\/([0-9]+)\\.html$/', $page, $matches)) {
tests_view_user_answers(array('handle' => $matches[1], 'user_id' => (int) $matches[2]));
} elseif (substr($page, -10, 10) == '/save.html' && preg_match('/^([a-z0-9_])+$/', substr($page, 0, -10))) {
event_log_log('test_complete');
tests_calculate_score(array('handle' => substr($page, 0, -10)));
} elseif (substr($page, -16, 16) == '/list_users.html' && preg_match('/^([a-z0-9_])+$/', substr($page, 0, -16))) {
tests_list_users(array('handle' => substr($page, 0, -16)));
} else {
tests_index(array('error_message' => 'Sådär trixar vi inte!'));
}
}
function tests_index($options = array())
{
/*
create_ui <-- If we should run ui_top, or not. Default: true
error_message
*/
if (isset($options['create_ui']) || $options['create_ui'] == false) {
global $ui_options;
<?php
require '../include/core/common.php';
$ui_options['menu_path'] = array('spel', 'nord');
$ui_options['title'] = 'Nord';
ui_top($ui_options);
echo '<iframe src="http://www.nordgame.com/hamsterpaj_web.jsp" style="width: 100%; margin: 0px; padding: 0px; height: 800px;" frameborder="0"></iframe>' . "\n";
event_log_log('nord_frame_visit');
ui_bottom();
?>
<?php
require '../include/core/common.php';
require PATHS_INCLUDE . 'traffa-functions.php';
event_log_log("my_vistors");
$ui_options['stylesheets'][] = 'my_visitors.css';
$ui_options['menu_path'] = array('traeffa');
ui_top($ui_options);
if (!login_checklogin()) {
echo '<h1>Ooops! Det verkar som om du är utloggad</h1>' . "\n";
echo 'Du måste vara inloggad för att kunna se dina senaste besökare, logga in och kom tillbaks hit sen!';
ui_bottom();
exit;
}
traffa_draw_user_div($_SESSION['login']['id'], $_SESSION);
$query = 'SELECT uel.remote_user_id AS user_id, uel.timestamp, l.lastaction, l.username, l.lastlogon, u.image, u.birthday, u.gender, z.spot ';
$query .= 'FROM user_event_log AS uel, login AS l, userinfo AS u, zip_codes AS z ';
$query .= 'WHERE uel.user = "******" AND l.id = uel.remote_user_id AND u.userid = uel.remote_user_id ';
$query .= 'AND uel.action = "profile_visit" AND z.zip_code = u.zip_code ';
$query .= 'ORDER BY uel.timestamp DESC LIMIT 80';
$result = mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
while ($data = mysql_fetch_assoc($result)) {
/* Only display each user one time, should be done with DISTINCT in query, but I can't ger it to work */
if (in_array($data['user_id'], $duplicates)) {
continue;
}
$duplicates[] = $data['user_id'];
$entry = '<div class="visitor">' . "\n";
if (in_array($data['image'], array(1, 2))) {
$entry .= insert_avatar($data['user_id']);
}
event_log_log('msnbot_add');
echo 'Du är nu registrerad!';
/*
$_SESSION['msnbot']['register_msn'] = $_GET['msn'];
echo 'Välj vad du vill få ett meddelande på MSN om via msnboten:<br />' . "\n";
echo '<form action="post">' . "\n";
echo '<ul>' . "\n";
echo '<li>Bla bla</li>' . "\n";
echo '</ul>' . "\n";
echo '<input type="button" value="Spara" class="button_60" />' . "\n";
echo '</form>' . "\n";
*/
} else {
if (isset($_GET['unregister']) && $_GET['unregister'] == $_SESSION['login']['id']) {
$query = 'UPDATE userinfo SET msnbot_msn = "" WHERE userid = ' . $_SESSION['login']['id'];
$result = mysql_query($query) or report_sql_error($query, __FILE__, __LINE__);
$_SESSION['userinfo']['msnbot_msn'] = '';
echo 'Du är nu avregistrerad.';
event_log_log('msnbot_remove');
} else {
if ($_SESSION['userinfo']['msnbot_msn'] == '') {
echo 'Adda hamsterpaj.net@live.se på MSN och skriv något till honom så svarar han med en länk. Klicka på den (eller kopiera den och öppna i webbläsaren om det inte funkar).';
} else {
echo '<a href="/installningar/msnbot_register.php?unregister=' . $_SESSION['login']['id'] . '">Avregistrera mig ifrån vännernotiser på MSN.</a>';
}
}
}
} else {
echo 'Du måste vara medlem och inloggad på Hamsterpaj för att kunna använda msnboten. Att bli medlem är gratis och tar bara någon minut. Klicka på bli medlem här ovanför eller logga in om du redan har ett konto för att gå vidare. :)';
}
ui_bottom();
<br />
1. produktens art, mängd, kvalitet och andra egenskaper,<br />
<br />
2. produktens ursprung, användning och inverkan på hälsa eller
miljö,<br />
<br />
3. produktens pris, grunderna för prissättningen och
betalningsvillkoren,<br />
<br />
4. näringsidkarens egna eller andra näringsidkares kvalifikationer,
ställning på marknaden, kännetecken och andra rättigheter,<br />
<br />
5. belöningar och utmärkelser som har tilldelats näringsidkaren.
</blockqoute>
<h2>Inköpsställen</h2>
<ul>
<li>Burger King, Järntorget i Göteborg</li>
<li>Sjuans Gatukök (Sibylla) på Vasagatan i Göteborg</li>
<li>Max Hamburgare, Allum köpcenter, Partille utanför Göteborg</li>
<li>McDonalds Partille</li>
</ul>
<?php
event_log_log('burgers_about');
ui_bottom();
?>
