if (data_exists($dataitem)) {
$o = json_decode(data_read($dataitem), true);
} else {
$o = array();
}
$c = iescape($_POST['content']);
$lines = explode("\n", $c);
$t = $lines[0];
unset($lines[0]);
$c = implode('</br>', $lines);
$o[] = array('title' => $t, 'content' => $c, 'user' => user('id'));
data_save($dataitem, json_encode($o));
post_status(LANG('modify the calendar at %%', $_POST['date']));
}
} elseif ($_GET['action'] == 'delete') {
if (user() && user('verified') && posted('date', 'key')) {
$dataitem = 'calendar/' . $_POST['date'];
if (data_exists($dataitem)) {
$o = json_decode(data_read($dataitem), true);
} else {
$o = array();
}
if (isset($o[$_POST['key']])) {
unset($o[$_POST['key']]);
}
if (count($o) <= 0) {
data_remove($dataitem);
} else {
data_save($dataitem, json_encode($o));
}
post_status(LANG('modify the calendar at %%', $_POST['date']));
<?php
if (posted('username', 'password', 'retype')) {
function chkRegister()
{
if (!preg_match('/^[0-9a-zA-Z_]+$/', $_POST['username'])) {
return LANG('Username must only contain English alphabets, underscore and numbers');
}
$u = $_POST['username'];
if (data_exists("user/{$u}/pwd")) {
return LANG('User exists');
}
if (!isset($_POST['password'][2])) {
return LANG('Password must be at least 3 charaters long');
}
if ($_POST['password'] != $_POST['retype']) {
return LANG('Password retype doesn\'t match');
}
$p = password($_POST['password']);
data_save("user/{$u}/pwd", $p);
$_SESSION[USER_SESSION] = $u;
}
$result = chkRegister();
if ($result) {
die(tpl('register', array('errormsg' => $result)));
} else {
redirect('/');
}
} else {
die(tpl('register'));
}
function POST($index)
{
if (posted($index)) {
return $_POST[$index];
} else {
return NULL;
}
}
//MarkBad functionality
if (csrfVerify() && posted("markBad", "qids")) {
//--todo-- should be able to EDIT instead of just marking wrong. Also store history of questions viewed - "Views" table (hugeness) so can look back, mark for look back, etc.
alert('Marked question(s) ' . arrayToRanges($q->clear()->addByQID(array_intersect_key($_POST["qids"], array_flip($_POST["markBad"])))->markBad()->getQIDs()) . ' as bad.', 1);
}
$counts = array("QParts" => count($ruleSet["QParts"]), "Subjects" => count($ruleSet["Subjects"]), "QTypes" => count($ruleSet["QTypes"]));
$fullname = array("QParts" => "Question Part", "Subjects" => "Subject", "QTypes" => "Question Type");
//Config options, and setting the SESSION variables to new values based on POST variables
$checkboxoptions = "<div style='font-size:1.5em;font-weight:bold;'>Options</div>";
if (!sessioned('randq')) {
$_SESSION["randq"] = array();
}
foreach ($fullname as $name => $full) {
$count = count($ruleSet[$name]);
$checkboxoptions .= '<div><b>' . $full . '</b> ';
if (csrfVerify() && posted($name)) {
$_SESSION["randq"][$name] = $_POST[$name];
} elseif (!array_key_exists($name, $_SESSION["randq"])) {
$_SESSION["randq"][$name] = NULL;
}
//Remembering in $_SESSION
for ($i = 0; $i < $count; $i++) {
$checkboxoptions .= '<label>' . $ruleSet[$name][$i] . ' <input type="checkbox" name="' . $name . '[]" value="' . $i . '" ' . (is_array($_SESSION["randq"][$name]) && in_array($i, $_SESSION["randq"][$name]) || $_SESSION["randq"][$name] === NULL ? 'checked' : '') . ' /></label> ';
}
$checkboxoptions .= '</div>';
}
$_SESSION["randq"]["numqs"] = normRange(csrfVerify() ? POST("numqs") : NULL, 1, $MAX_NUMQS, $DEFAULT_NUMQS);
$checkboxoptions .= "<b>Number of Questions</b> (max {$MAX_NUMQS}) <input type='number' name='numqs' value='{$_SESSION["randq"]["numqs"]}' min='1' max='{$MAX_NUMQS}'/>";
//Using the session variables set above to get random questions.
//--todo-- what's the point of "add" if you're only doing it this once? Overhead w/ $Q? Really OP.
if ($E = $q->clear()->addRand($_SESSION["randq"]["QParts"], $_SESSION["randq"]["Subjects"], $_SESSION["randq"]["QTypes"], $_SESSION["randq"]["numqs"])->error) {
$agent_Usr = cleartext(@$_SERVER["HTTP_USER_AGENT"]);
$ket = "{$ip_adr}|{$agent_Usr}";
$DatE = tanggal_simpan_shoutbox();
$name = cleantext($_POST['nama']);
$email = cleantext($_POST['email']);
$yousay = cleantext($_POST['yousay']);
$tglnow = date("Y-m-d");
$tgl = !isset($tgl) ? $tglnow : $tgl;
$valid_mail = "^([._a-z0-9-]+[._a-z0-9-]*)@(([a-z0-9-]+\\.)*([a-z0-9-]+)(\\.[a-z]{2,3}))\$";
if (!preg_match($valid_mail, $email)) {
$email = '';
}
$perintah1 = "INSERT INTO shoutbox (waktu, nama, email, isi, ket,tgl) VALUES ('{$DatE}', '{$name}', '{$email}', '{$yousay}', '{$ket}', '{$tgl}')";
$hasil = @mysql_query($perintah1);
if ($hasil) {
posted('shoutbox');
@header("location: shoutbox.php");
exit;
}
} else {
echo '
<style>
body,p,font,li {
font-family:verdana,tahoma,arial;
font-size:10px;
}
</style>
';
echo $error;
echo "<META HTTP-EQUIV=\"REFRESH\" CONTENT=\"5;URL=./shoutbox.php\">";
}
<?php
if (posted('ids')) {
$ret = array();
foreach ($_POST['ids'] as $k) {
$ret[$k] = getUser($k);
}
die(json_encode($ret));
}
$q = new qIO();
$q->addByArray($_POST["Q"]);
$q->commit();
} catch (Exception $e) {
$err = "Error: " . $e->getMessage();
}
if ($err == '') {
echo "Questions entered successfully, with Question-IDs <b>" . arrayToRanges($q->getQIDs()) . "</b><br><br><br>";
} else {
echo $err;
}
} else {
require_class("qIO", "qParser");
$qp = new qParser();
$error = false;
if (posted("copypaste")) {
$unparsed = $qp->parse($_POST["copypaste"]);
} elseif (filed("fileupload")) {
require_class("fileToStr");
$fs = new fileToStr();
if (is_array($_FILES["fileupload"]["tmp_name"])) {
//for multiple-supporting browsers
foreach ($_FILES["fileupload"]["tmp_name"] as $ind => $tmp_name) {
$name = $_FILES["fileupload"]["name"][$ind];
echo "File <b>{$name}</b>: ";
if ($name == '' || $tmp_name == '') {
echo "No file.";
} else {
$unparsed .= $qp->parse($fs->convert($name, $tmp_name));
}
echo "<br>";
<?php
define('ROOT_PATH', '');
require_once ROOT_PATH . 'functions.php';
restrictAccess('a');
//xuca
if (posted("directory")) {
$directory = $_POST["directory"];
if (is_dir($directory)) {
require_class("fileToStr", "qParser");
$f = new fileToStr();
$qp = new qParser();
echo "Processing directory {$directory}:<br>";
foreach (glob($directory . '/*.*') as $file) {
echo " " . $file . " parsed:<br><textarea>" . $qp->parse($f->convert($file, $file)) . "</textarea><br><br>";
ob_flush();
flush();
}
} else {
echo "{$directory} is not a valid directory.";
}
}
?>
<form action="bulk_file_process.php" method="POST">
<b>Add All Files From Directory:</b>
<input type="text" name="directory"/>
</form>
$open['errorpesan'] = $error;
}else {
$konten = substr($konten,0,500);
$konten = wraptext($konten);
$judul = wraptext($judul);
$IP = getIP();
$time = date('Y-m-d H:i:s');
$hasil = mysql_query ("INSERT INTO komentar (`tgl`,`user`,`email`,`judul`,`konten`,`artikel`,`ip`) VALUES ('$time','$user','$email','$judul','$konten','$id','$IP')");
if ($hasil){
//fungsi untuk proteksi yang telah memposting
posted('komentar_add.php');
}else {
$open['error'] = true;
$open['errorpesan'] = mysql_error();
}
}
$j = new JSON_obj();
echo $j->encode($open);
}
break;
<?php
if (user() && user('verified') && posted('content')) {
data_save('announcement', $_POST['content']);
}
<?php
define('ROOT_PATH', '');
require_once ROOT_PATH . 'functions.php';
restrictAccess('u');
//xuca
/*
round.php
Conducts a live online round.
*/
if (posted('get')) {
} elseif (posted('give')) {
}
?>
<div id="chatbox"></div>
<input type="text" onkeypress="checkChatKey()"/>
<script>
jQuery.extend({
postJSON: function( url, data, callback) {
return jQuery.post(url, data, callback, "json");
}
});
function getNext(){
var obj=$.postJSON('round.php',{get:true,current:window.current});
obj.newItems.forEach(
}
function checkChatKey(e){
if(!e)var e=window.event;
if(e.keyCode==13){addNext(this.value);this.value="";}
}
<?php
if (posted('username', 'password')) {
function chkLogin()
{
$u = $_POST['username'];
if (!data_exists("user/{$u}/pwd")) {
return LANG('No such user');
}
$p = password($_POST['password']);
if ($p != data_read("user/{$u}/pwd")) {
return LANG('Password wrong');
}
$_SESSION[USER_SESSION] = $u;
return false;
}
$result = chkLogin();
if ($result) {
die(tpl('login', array('errormsg' => $result)));
} else {
redirect($_POST['refer']);
}
} else {
die(tpl('login'));
}
<?php
$dbserv = "localhost";
$dbuser = "******";
$dbpass = "******";
$dbdb = "kwitter";
if (posted($_POST['username']) && posted($_POST['password'])) {
$db = @mysql_connect($dbserv, $dbuser, $dbpass);
mysql_select_db($dbdb, $db);
if (posted($_POST['password2'])) {
if ($_POST['password'] != $_POST['password2']) {
sign_up(false, true);
} else {
$q = sprintf("SELECT * FROM users WHERE username='******'", mysql_real_escape_string($_POST['username']));
$res = mysql_query($q, $db);
if (mysql_num_rows($res) > 0) {
sign_up(true, false);
} else {
$q2 = sprintf("INSERT INTO users VALUES('%s','%s')", mysql_real_escape_string($_POST['username']), md5($_POST['password']));
mysql_query($q2, $db);
setcookie("aura", $_POST['username'], time() + 3600);
header('Location: index.php');
}
}
} else {
$q = sprintf("SELECT * FROM users WHERE username='******' AND password='******'", mysql_real_escape_string($_POST['username']), md5($_POST['password']));
$res = mysql_query($q, $db);
if (mysql_num_rows($res) == 1) {
setcookie("aura", $_POST['username'], time() + 3600);
mysql_close($db);
header('Location: index.php');
function search_result_date($atts)
{
assert_article();
return posted($atts);
}
header("HTTP/1.1 404 Not Found");
exit;
}
//$index_hal = 1;
$pid = int_filter(@$_POST['pid']);
$pilihan = int_filter(@$_POST['pilihan']);
$cetak['tengah'] = '<h4 class="bg">Jajak Pendapat</h4>';
$sekarang_timeout = time();
$vote_lebih2x = false;
if (isset($_POST['submit'])) {
//setcookie("COOKIE_VOTE", "vote", time()+3600);
$query1 = "SELECT * FROM polling WHERE pid='{$pid}'";
if (cek_posted('polling_result.php')) {
$vote_lebih2x = true;
} else {
posted('polling_result.php');
//---- baca data polling
$hasil = mysql_query($query1);
$data = mysql_fetch_array($hasil);
$PJAWABAN_TMP = explode("#", $data["pjawaban"]);
$jmljwb = count($PJAWABAN_TMP);
$PJAWABAN_TMP[$pilihan]++;
$PJAWABAN = '';
for ($i = 0; $i < $jmljwb; $i++) {
$PJAWABAN .= $PJAWABAN_TMP[$i] . "#";
}
$PJAWABAN = substr_replace($PJAWABAN, "", -1, 1);
//-----------------------------------------------
//---- simpan data terbaru
$query2 = "UPDATE `polling` SET `pjawaban`='{$PJAWABAN}' WHERE `pid`='{$pid}'";
mysql_query($query2);
if (loginEmailPass($_POST['email'], $_POST['pass'])) {
reset_attempts('login');
if (isset($_SESSION['login_redirect_back'])) {
//--todo-- redirect back immediately, don't redirect
$lr = $_SESSION['login_redirect_back'];
alert('Logged in!', 1, basename($lr));
unset($_SESSION['login_redirect_back']);
header('Location: ' . $lr);
} else {
alert('Successfully logged in!', 1);
}
} else {
logout();
alert('Incorrect username or password.', -1);
}
} elseif (posted('signup')) {
//What happens when no access to the captcha server?
if (!chkCaptcha()) {
alert('Invalid reCAPTCHA entry; try again.', -1);
} else {
$err = newProfileError($_POST['s_email'], $_POST['s_pass'], $_POST['s_confpass']);
if ($err === false) {
alert('Successfully signed up; you can now log in.', 1);
$signup_success = true;
reset_attempts('login');
} else {
alert(htmlentities($err), -1);
}
}
}
}
<?php
require_once 'login.php';
if (!logged_in()) {
login_page();
} else {
// Connect no matter what
$db = @mysql_connect($dbserv, $dbuser, $dbpass);
mysql_select_db($dbdb, $db);
if (isset($_GET['clear'])) {
mysql_query("DELETE FROM kweets", $db);
}
if (posted($_POST['status'])) {
$status = $_POST['status'];
$user = $_COOKIE['aura'];
$q = "INSERT INTO kweets VALUES('{$status}','{$user}','0')";
mysql_query($q, $db);
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Kwitter</title>
<link rel="stylesheet" type="text/css" href="style.css"/>
</head>
<body>
<div id="main">
<h2><a href="index.php">Kwitter</a> |
<a href="login.php?logout">Log out</a> |
<a href="login.php?delete">Delete Account</a>
function search_result_date($atts)
{
return posted($atts);
}
<?php
if (!isset($_GET['action'])) {
die;
}
import('model/status.php');
if ($_GET['action'] == 'delete') {
remove_status($_POST['id'] * 1, true);
} elseif ($_GET['action'] == 'post') {
if (user() && posted('content')) {
if (trim($_POST['content'])) {
post_status($_POST['content'], 'say');
}
}
} elseif ($_GET['action'] == 'fetch') {
die(json_encode(list_status($_GET['start'] * 1, $_GET['limit'] * 1)));
} elseif ($_GET['action'] == 'querynew') {
$id = $_GET['id'] * 1;
if ($id < last_post_id()) {
die('new');
}
die('none');
}
public function __construct($limit, $reverse)
{
$this->limit = $limit;
$this->reverse = $reverse;
// for cache comparison
$this->currentDate = safe_strftime('%Y-%m-%d');
// use current date if used in a page template
if ($GLOBALS['is_article_list'] && empty($GLOBALS['thisarticle'])) {
$this->date = $this->currentDate;
} else {
$this->date = posted(array('format' => '%Y-%m-%d'));
}
// need the day in "Month_DAY" format
$this->day = strftime('%B_%e', strtotime($this->date));
// for days 1-9, remove an extra space
$this->day = str_replace(' ', '', $this->day);
// construct URI
$this->rootUri = 'http://en.wikipedia.org/wiki/';
$this->uri = $this->rootUri . $this->day;
}
<?php
define('ROOT_PATH', '');
require_once ROOT_PATH . 'functions.php';
if (posted("bug")) {
logfile('bugs', POST("bug"));
echo "<pre>" . htmlentities($bug) . "</pre><br>We got your bug! Thanks!";
} else {
echo '<p>Hi, this is the bug-processing page! You can submit a bug or feature request up there in the upper-right corner. Thanks!</p>';
echo '<p>Or, you can send it to me directly at <a href="mailto:' . $WEBMASTER_EMAIL . '">' . $WEBMASTER_EMAIL . '</a> if even the bug reporting isn\'t working.';
}
