function send_update_on_watch_list($auction, $id, $outbid_id)
{
$item_id = $auction["item_id"];
$results = get_watching_users_item($item_id, $outbid_id);
$item = get_item_id($item_id);
foreach ($results as $row) {
if ($row["user_id"] != $id) {
$watcher = find_email($row["user_id"]);
$to = $watcher["email"];
$subject = "Some updates on your watchlist";
$message = "<b>Someone's recently viewed your items..</b><br>";
$message .= "<h1>" . $item["name"] . "</h1><br>";
$highest = get_highest_bid($auction["id"]);
$message .= "<b>A new bid was made</b><br>";
$message .= "<b>User :"******"user_id"])["name"] . "</b><br>";
$message .= "<b>Price :£" . $highest["price"] . "</b><br>";
$message .= "<b>Time : " . $highest["time"] . "</b><br>";
$header = "From: no-response@auction.com\r\n";
$header .= "MIME-Version: 1.0\r\n";
$header .= "Content-type: text/html\r\n";
echo $message;
$retval = mail($to, $subject, $message, $header);
if ($retval == true) {
echo "Message sent successfully...";
} else {
// echo "Message could not be sent...";
}
}
}
}
<?php
if (!user_connected()) {
include PATH_LIB . 'form.php';
$form_reset_pwd = new Form('form_reset_pwd');
$form_reset_pwd->method('POST');
$form_reset_pwd->add('Text', 'email_adress')->label('Votre adresse e-mail');
$form_reset_pwd->add('Submit', 'submit')->value('Envoyer informations');
//errors and message arrays
$error_reset_pwd = array();
$msg_confirm = array();
//operations on the reset form
if ($form_reset_pwd->is_valid($_POST)) {
$email_addr = $form_reset_pwd->get_cleaned_data('email_adress');
$user_id = find_user_id($email_addr);
if ($user_id !== false) {
$new_pwd = gen_new_pwd();
//generate a new password
update_password_user($user_id, $new_pwd);
//update the modification
$msg_confirm[] = "Mot de passe réinitialisé avec succès, vous recevrez prochainement un mél avec vos différentes informations de connexion. Attention pensez à changer le nouveau mot de passe pour le retenir plus facilement.";
$infos_user = read_infos_user($user_id);
// Preparation du mail
$message_mail = "<html><head><meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\"> </head><body> <p>Nouveau mot de passe <b>NabzFood</b>.</p> <p>Vous avez demandé à changer votre mot de passe pour le site Nabzfood, ce mél est la confirmation que tout s'est bien passé.</p><p>Vos nouvelles informations de connexion : </p><p>Login : "******"</p><p>Mot de passe : " . $new_pwd . "</p>";
if (!empty($infos_user['hash_validation'])) {
print_r($infos_user);
$hash_validation = $infos_user['hash_validation'];
$message_mail .= "<p>Lien pour valider votre compte : <a href=\"http:\\//" . $_SERVER['PHP_SELF'] . "?module=members&action=valid_account&hash=" . $hash_validation . "\">ce lien</a> pour activer votre compte !</p>";
}
//end of empty hash_validation
$message_mail .= "</body></html>";
} elseif (!is_valid_data_format($api_session->format, TRUE)) {
if (!isset($_REQUEST['suppress_response_codes'])) {
header('HTTP/1.1 403 Forbidden');
} else {
echo generate_error('xml', 'Invalid data format requested.', $_SERVER['REQUEST_URI'], $api_session->callback);
}
exit;
} elseif (!isset($api_session->resource) || !in_array($api_session->resource, $api_session->available_resources)) {
if (!isset($_REQUEST['suppress_response_codes'])) {
header('HTTP/1.1 404 Not Found');
} else {
echo generate_error($api_session->format, 'Invalid feature requested.', $_SERVER['REQUEST_URI'], $api_session->callback);
}
exit;
} elseif ($api_session->resource == 'ids') {
$desired_user_id = find_user_id($api_session->resource_option);
$desired_user_id = !$desired_user_id ? $user->id : $desired_user_id;
if (!$desired_user_id) {
if (!isset($_REQUEST['suppress_response_codes'])) {
header('HTTP/1.1 404 Not Found');
} else {
echo generate_error($api_session->format, 'Invalid user credentials.', $_SERVER['REQUEST_URI'], $api_session->callback);
}
exit;
}
if ($api_session->oauth_status && $oauth_client->check_rate_limits($user->id)) {
$api_session->rate_status = true;
} elseif (check_rate_limits($_SERVER['REMOTE_ADDR'])) {
$api_session->rate_status = true;
}
if (!$api_session->rate_status) {
<?php
session_start();
require_once "../resources/modules/check_login.php";
check_login(true);
if (!isset($_GET['user_id'])) {
header("location:index.php");
die;
}
require_once "../resources/modules/users.php";
$user = find_user_id($_GET['user_id']);
if (!$user) {
header("location: index.php");
die;
}
$seller_rating = "This user has not sold anything yet.";
if ($user["seller_rating"]) {
$seller_rating = $user["seller_rating"];
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>EBid: Profile</title>
<!-- Bootstrap -->
<link rel="stylesheet" type="text/css" href="css/bootstrap.css">
<!-- jQuery library -->
require_once "../resources/modules/users.php";
$error = "";
//This function will find and checks if user data is correct
if (isset($_POST['login'])) {
//Collect info from login form
$email = $_POST['inputEmail'];
$salt = "php:<sVcKS";
$password = $_POST['inputPass'];
$password = md5($salt . $password);
//Find if entered data is correct
$row = find_user_email($email);
if (!$row) {
$error = "username";
} else {
$id = $row['id'];
$row2 = find_user_id($id);
$real_password = $row2['password'];
if ($password != $real_password) {
$error = "password";
} else {
$username = $row2['name'];
//Finish user's login
$_SESSION['id'] = $id;
$_SESSION['name'] = $username;
header('Location: index.php');
die;
}
}
}
?>
<!DOCTYPE html>
if ($highest_bid) {
send_update_on_outbid($auction, $highest_bid["user_id"]);
}
// send_update_on_auctions($auction);
send_update_on_watch_list($auction, $_SESSION['id'], $highest_bid["user_id"]);
}
}
$auction = get_auctions_id($_GET['auction_id']);
$bids_count = get_num_bids_auction($auction['id']);
$highest_bid = get_highest_bid($auction['id']);
$lowest_price = $auction['start_price'];
$highest_bid_username = "******";
$highest_bid_price = "No Bids Yet";
if ($highest_bid) {
$lowest_price = $highest_bid['price'];
$highest_bid_username = find_user_id($highest_bid['user_id'])["name"];
$highest_bid_price = $lowest_price;
}
$lowest_price = $lowest_price + 1;
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>EBid: Auction</title>
<!-- Bootstrap -->
<link rel="stylesheet" type="text/css" href="css/bootstrap.css">
<!-- jQuery library -->
header('HTTP/1.1 401 Unauthorized');
} else {
echo generate_error($api_session->format, 'OAuth otorization problem: ' . $api_session->oauth_error, $_SERVER['REQUEST_URI'], $api_session->callback);
}
exit;
} elseif ($api_session->oauth_status) {
if (!$oauth_client->check_access_type('rw')) {
if (!isset($_REQUEST['suppress_response_codes'])) {
header('HTTP/1.1 403 Forbidden');
} else {
echo generate_error($api_session->format, 'You have no permission for this action.', $_SERVER['REQUEST_URI'], $api_session->callback);
}
exit;
}
}
$follow_id = find_user_id($api_session->resource_option);
if (!$follow_id) {
if (!isset($_REQUEST['suppress_response_codes'])) {
header('HTTP/1.1 404 Not Found');
} else {
echo generate_error($api_session->format, 'Invalid user credentials.', $_SERVER['REQUEST_URI'], $api_session->callback);
}
exit;
}
if ($user->id == $follow_id) {
if (!isset($_REQUEST['suppress_response_codes'])) {
header('HTTP/1.1 304 Not Modified');
} else {
echo generate_error($api_session->format, 'Invalid user ids.', $_SERVER['REQUEST_URI'], $api_session->callback);
}
exit;
