function fetchHtml($url, $referer = false)
{
$info = parse_url($url);
if (empty($info['host'])) {
return false;
}
$cookies = "data/cookies_" . str_replace('-', '.', sanitize($info['host'])) . ".txt";
$agent = 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';
$headers = array('ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'ACCEPT_LANGUAGE: en-us,en;q=0.5', 'CACHE_CONTROL: max-age=0');
$c = curl_init();
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($c, CURLOPT_VERBOSE, false);
@curl_setopt($c, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($c, CURLOPT_USERAGENT, $agent);
curl_setopt($c, CURLOPT_HTTPHEADER, $headers);
curl_setopt($c, CURLOPT_URL, $url);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($c, CURLOPT_COOKIEJAR, $cookies);
curl_setopt($c, CURLOPT_COOKIEFILE, $cookies);
if ($referer !== false) {
curl_setopt($c, CURLOPT_REFERER, $url1);
}
$res = curl_exec($c);
if (curl_getinfo($c, CURLINFO_HTTP_CODE) >= 300) {
return false;
}
return $res;
}
public function output()
{
//reset votes
if ($this->config('resetvotes')) {
$this->reset_votes();
$this->set_config('resetvotes', 0);
}
if ($this->config('title')) {
$this->header = sanitize($this->config('title'));
}
$this->tpl->add_css("\r\n\t\t\t.quickpolls_radio label{\r\n\t\t\t display: block;\r\n\t\t\t margin-bottom: -10px;\r\n\t\t\t }\r\n\t\t");
$myout = '<div>' . sanitize($this->config('question')) . '</div><br />';
if ($this->in->exists('quickpolls_' . $this->id)) {
$blnResult = $this->performVote();
if ($blnResult) {
$myout .= $this->showResults();
} else {
$myout .= $this->showForm();
}
} else {
if ($this->config('closedate') > 0 && $this->config('closedate') < $this->time->time || $this->in->get('quickpolls_results', 0) == $this->id && $this->config('showresults') || $this->userVoted()) {
$myout .= $this->showResults();
} else {
$myout .= $this->showForm();
}
}
if ($this->config('showresults') && !$this->blnShowResults) {
$myout .= '<br /><div><a href="' . $this->SID . '&quickpolls_results=' . $this->id . '">' . $this->user->lang('quickpolls_resuls') . '</a></div>';
}
return $myout;
}
function login($email, $password)
{
$user_id = user_id_from_email($email);
$email = sanitize($email);
$password = MD5($password);
return mysql_result(mysql_query("SELECT COUNT(user_id) FROM users WHERE email = '{$email}' AND password = '******'"), 0) == 1 ? $user_id : false;
}
function insertElement()
{
if (isset($_POST['ClassificationID'])) {
$ClassificationID = json_decode(sanitize($_POST['ClassificationID']));
}
if (isset($_POST['Element'])) {
$Element = json_decode(sanitize($_POST['Element']));
}
if (isset($_POST['AtomicMass'])) {
$AtomicMass = json_decode(sanitize($_POST['AtomicMass']));
}
$dbConn = mysqli_connect(server(), username(), password(), db("Elements"));
if ($dbConn->connect_error) {
die("Connection failed: " . $dbConn->connect_error);
}
$query = "INSERT INTO Elements ( ClassificationID, Element, AtomicMass ) " . "VALUES ( " . "" . $ClassificationID . ", " . "'" . $Element . "', " . "" . $AtomicMass . " );";
$result = $dbConn->query($query);
$return = new stdClass();
$return->querystring = (string) $query;
if ($result) {
$return->success = true;
} else {
$return->success = false;
}
return json_encode($return);
}
function login($username, $password)
{
$user_id = user_id_from_username($username);
$username = sanitize($username);
$password = md5($password);
return mysql_result(mysql_query("SELECT COUNT(user_id) FROM users WHERE username = '******' AND password = '******'"), 0) == 1 ? $user_id : false;
}
function welcome_privmsg_send(&$registration_details)
{
global $username, $main_smarty, $current_user;
include_once mnminclude . 'user.php';
include_once 'config.php';
include_once my_pligg_base . '/modules/simple_messaging/kmessaging/class.KMessaging.php';
$siteName = $main_smarty->get_config_vars('PLIGG_Visual_Name');
// User ID of Admin
define('welcome_privmsg_admin_id', '1');
// Message Subject
define('welcome_privmsg_subject', 'Welcome to ' . $siteName);
// Message Body
define('welcome_privmsg_body', 'Thanks for registering on our site!');
// Check User ID != 0
if ($registration_details['id'] > 0) {
$msg_subject = sanitize(welcome_privmsg_subject, 2);
$msg_body = welcome_privmsg_body;
$msg_to_ID = $registration_details['id'];
$msg_from_ID = welcome_privmsg_admin_id;
$message = new KMessaging(true);
$msg_result = $message->SendMessage($msg_subject, $msg_body, $msg_from_ID, $msg_to_ID, 0);
if ($msg_result != 0) {
echo "Module Error #" . $msg_result;
}
} else {
// Unable to find User ID
echo "Module Error #1";
die;
}
}
function login($username, $password)
{
$user_id = user_id_from_username($username);
$username = sanitize($username);
$password = hash('sha512', $password);
return mysql_result(mysql_query("SELECT COUNT(`user_id`) FROM `bplay_users` WHERE `username`='{$username}' AND `password`='{$password}'"), 0) == 1 ? $user_id : false;
}
public function createProject()
{
$project_name = sanitize($_POST['projectName']);
$user_id = sanitize($_POST['userId']);
$errors = array();
if (empty($project_name)) {
$errors[] = "Please enter a project name! \n";
}
if (count($errors) == 0) {
$dbh = new PDO("mysql:host=" . $GLOBALS['db_host'] . ";dbname=" . $GLOBALS['db_db'], $GLOBALS['db_user'], $GLOBALS['db_pass']);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$stmt = $dbh->prepare("select * from projects where UserID = :userId and ProjectName = :projectName");
$stmt->execute(array('userId' => $user_id, "projectName" => $project_name));
if ($stmt->rowCount()) {
echo "Project with name: " . $project_name . " already exists!";
} else {
$stmt = $dbh->prepare("insert into projects (UserID, ProjectName) values ( :userId, :projectName) ");
$stmt->execute(array('userId' => $user_id, "projectName" => $project_name));
$project_id = $dbh->lastInsertId();
if ($stmt->rowCount()) {
$project = array("projectName" => $project_name, "projectId" => $project_id);
echo json_success_data("Project Created Sucessfully", $project);
} else {
echo json_error_msg("Project NOT Created Sucessfully");
}
}
}
}
function welcome_privmsg_send()
{
global $username, $main_smarty, $current_user;
include_once mnminclude . 'user.php';
include_once './3rdparty/kmessaging/class.KMessaging.php';
$siteName = $main_smarty->get_config_vars('PLIGG_Visual_Name');
// User ID of Admin
define('welcome_privmsg_admin_id', '1');
// Message Subject
define('welcome_privmsg_subject', 'Welcome to ' . $siteName);
// Message Body
define('welcome_privmsg_body', 'Thanks for registering on our site. If you have any questions, be sure to visit our FAQ section. Sincerely, Webmaster');
// Check User ID != 0
if ($current_user->user_id > 0) {
$msg_subject = sanitize(welcome_privmsg_subject, 2);
$msg_body = welcome_privmsg_body;
$msg_to_ID = $current_user->user_id;
$msg_from_ID = welcome_privmsg_admin_id;
$message = new KMessaging(true);
$msg_result = $message->SendMessege($msg_subject, $msg_body, $msg_from_ID, $msg_to_ID, 0);
if ($msg_result != 0) {
echo "Module Error #" . $msg_result;
}
} else {
// Unable to find User ID
echo "Module Error #1";
die;
}
}
public function output()
{
if ($this->config('pk_mycontent_headtext')) {
$this->header = sanitize($this->config('pk_mycontent_headtext'));
}
return html_entity_decode(htmlspecialchars_decode($this->config('pk_mycontent_useroutput')));
}
function getDatabases()
{
// retrieve and sanitize posted values.
if (isset($_POST['server'])) {
$server = json_decode(sanitize($_POST['server']));
}
if (isset($_POST['username'])) {
$username = json_decode(sanitize($_POST['username']));
}
if (isset($_POST['password'])) {
$password = json_decode(sanitize($_POST['password']));
}
$databaseNames = array();
$dbConn = mysqli_connect($server, $username, $password);
$query = "SHOW DATABASES";
$result = $dbConn->query($query);
if ($result) {
while ($row = $result->fetch_array()) {
array_push($databaseNames, $row[0]);
}
}
$return = new stdClass();
$return->credentials = $server + " " + $username + " " + $password;
$return->succsss = true;
$return->errorMessage = "";
$return->data['database_names'] = $databaseNames;
$json = json_encode($return);
return $json;
}
function checkandadd(&$uPOST)
{
$a = 0;
while (isset($uPOST["varn" . $a])) {
if (isset($uPOST["varv" . $a])) {
if (extExists($uPOST["varn" . $a], 1)) {
db_connect();
$query = "SELECT `value` from `ext` WHERE `data`='" . $uPOST["varn" . $a] . "' AND `maxmin`='1' LIMIT 1";
sanitize($uPOST["varn" . $a]);
$result = mysql_query($query) or die("query failed");
db_disconnect();
$c_row = mysql_fetch_assoc($result);
if ($uPOST["varv" . $a] > $c_row['value']) {
//echo "highest";
extInsert($uPOST["varn" . $a], 1, $uPOST["varv" . $a], $uPOST['uts']);
}
}
}
if (isset($uPOST["varv" . $a])) {
if (extExists($uPOST["varn" . $a], 0)) {
db_connect();
$query = "SELECT `value` from `ext` WHERE `data`='" . $uPOST["varn" . $a] . "' AND `maxmin`='0' LIMIT 1";
sanitize($uPOST["varn" . $a]);
$result = mysql_query($query) or die("query failed");
db_disconnect();
$c_row = mysql_fetch_assoc($result);
if ($uPOST["varv" . $a] < $c_row['value']) {
//echo "lowest";
extInsert($uPOST["varn" . $a], 0, $uPOST["varv" . $a], $uPOST['uts']);
}
}
}
$a++;
}
}
function editRanks()
{
// Doh, globals!
global $MySelf;
global $DB;
// Are we allowed to do this?
if (!$MySelf->canEditRank()) {
makeNotice("You do not have sufficient rights to access this page.", "warning", "Access denied");
}
// Get all unique rank IDS.
$ranks = $DB->query("SELECT DISTINCT rankid FROM ranks");
// Edit each one at a time.
while ($rankID = $ranks->fetchRow()) {
$ID = $rankID[rankid];
if (isset($_POST["title_" . $ID . "_name"])) {
// Cleanup
$name = sanitize($_POST["title_" . $ID . "_name"]);
numericCheck($_POST["order_" . $ID], 0);
$order = $_POST["order_" . $ID];
// Update the Database.
$DB->query("UPDATE ranks SET name='" . $name . "', rankOrder='" . $order . "' WHERE rankid='" . $ID . "' LIMIT 1");
}
}
header("Location: index.php?action=showranks");
}
public function getUploadedFile($tag, $where = '/app/cache/uploads/')
{
$return = array('error' => false, 'path' => false, 'name' => false);
if (isset($_FILES[$tag]['name']) && $_FILES[$tag]['name'] != '') {
$image = $_FILES[$tag];
$orig_name = isset($image['name']) ? $image['name'] : false;
$type = isset($image['type']) ? $image['type'] : false;
$tmp_name = isset($image['tmp_name']) ? $image['tmp_name'] : false;
$error_value = isset($image['error']) ? $image['error'] : false;
if ($error_value === false) {
$return['error'] = 'The file could not be uploaded because ' . $error_value;
} else {
$dots = explode('.', $orig_name);
if (count($dots) == 1) {
$return['error'] = 'Your filename does not have an extension';
} else {
$extension = $dots[count($dots) - 1];
unset($dots[count($dots) - 1]);
$orig_file_name = implode('.', $dots);
$new_name = sanitize(trim($orig_file_name)) . '_' . md5(time() . $orig_name) . '.' . $extension;
while (file_exists(path($where . $new_name))) {
$new_name = time() % 100 . $new_name;
}
if (!move_uploaded_file($tmp_name, path($where . $new_name))) {
$return['error'] = 'The file could not be uploaded. Please try again.';
} else {
$return['path'] = $where . $new_name;
$return['name'] = $orig_name;
}
}
}
}
return $return;
}
function dowork()
{
global $db;
$canIhaveAccess = 0;
$canIhaveAccess = $canIhaveAccess + checklevel('god');
if ($canIhaveAccess == 1) {
if (is_writable('../settings.php') == 0) {
die("Error: settings.php is not writeable.");
}
$action = isset($_REQUEST['action']) && sanitize($_REQUEST['action'], 3) != '' ? sanitize($_REQUEST['action'], 3) : "view";
if ($action == "view") {
$config = new pliggconfig();
if (isset($_REQUEST['page'])) {
$config->var_page = sanitize($_REQUEST['page'], 3);
$config->showpage();
} else {
$config->listpages();
}
}
if ($action == "save") {
$config = new pliggconfig();
$config->var_id = substr(sanitize($_REQUEST['var_id'], 3), 6, 10);
$config->var_value = $db->escape($_REQUEST['var_value']);
$config->store();
}
}
}
public function step_user()
{
$objDatabase = $this->objCIFunctions->createConnection();
//Get User
$objResult = $objDatabase->query('SELECT * FROM __users;');
if ($objResult) {
while ($arrUserdata = $objResult->fetchAssoc()) {
if ($this->pdh->get('user', 'check_username', array(sanitize($arrUserdata['user_login']))) != 'false') {
$strPassword = md5(generateRandomBytes());
$salt = $this->user->generate_salt();
$new_password = $this->user->encrypt_password($strPassword, $salt) . ':' . $salt;
$arrData = array('username' => $arrUserdata['user_login'], 'user_password' => $new_password, 'user_email' => register('encrypt')->encrypt($arrUserdata['user_email']), 'user_active' => 1, 'rules' => 1, 'user_registered' => strtotime($arrUserdata['user_registered']));
$intUserID = $this->pdh->put('user', 'insert_user', array($arrData, false));
if (!$intUserID) {
return false;
}
$arrImported[] = $arrUserdata['user_login'];
}
}
}
$this->pdh->process_hook_queue();
//Display imported Users
$out = '<h2>' . $this->user->lang('ci_imported_users') . '</h2>
<table class="table">';
foreach ($arrImported as $val) {
$out .= '<tr><td>' . $val . '</td></tr>';
}
$out .= '</table>';
return $out;
}
function addNewUser()
{
// globals
global $DB;
global $MySelf;
global $MB_EMAIL;
// Sanitize the input.
$USERNAME = $MySelf->getUsername;
$NEW_USER = strtolower(sanitize($_POST[username]));
// supplied new username.
if (!ctypeAlnum($NEW_USER)) {
makeNotice("Only characters a-z, A-Z and 0-9 are allowed as username.", "error", "Invalid Username");
}
/* Password busines */
if ($_POST[pass1] != $_POST[pass2]) {
makeNotice("The passwords did not match!", "warning", "Passwords invalid", "index.php?action=newuser", "[retry]");
}
$PASSWORD = encryptPassword("{$_POST['pass1']}");
$PASSWORD_ENC = $PASSWORD;
/* lets see if the users (that is logged in) has sufficient
* rights to create even the most basic miner. Level 3+ is
* needed.
*/
if (!$MySelf->canAddUser()) {
makeNotice("You are not authorized to do that!", "error", "Forbidden");
}
// Lets prevent adding multiple users with the same name.
if (userExists($NEW_USER) >= 1) {
makeNotice("User already exists!", "error", "Duplicate User", "index.php?action=newuser", "[Cancel]");
}
// So we have an email address?
if (empty($_POST[email])) {
// We dont!
makeNotice("You need to supply an email address!", "error", "Account not created");
} else {
// We do. Clean it.
$NEW_EMAIL = sanitize($_POST[email]);
}
// Inser the new user into the database!
$DB->query("insert into users (username, password, email, addedby, confirmed) " . "values (?, ?, ?, ?, ?)", array("{$NEW_USER}", "{$PASSWORD_ENC}", "{$NEW_EMAIL}", $MySelf->getUsername(), "1"));
// Were we successfull?
if ($DB->affectedRows() == 0) {
makeNotice("Could not create user!", "error");
} else {
// Write the user an email.
global $SITENAME;
$mail = getTemplate("newuser", "email");
$mail = str_replace('{{USERNAME}}', "{$NEW_USER}", $mail);
$mail = str_replace('{{PASSWORD}}', "{$PASSWORD}", $mail);
$mail = str_replace('{{SITE}}', "http://" . $_SERVER['HTTP_HOST'] . "/", $mail);
$mail = str_replace('{{CORP}}', "{$SITENAME}", $mail);
$mail = str_replace('{{CREATOR}}', "{$USERNAME}", $mail);
$to = $NEW_EMAIL;
$DOMAIN = $_SERVER['HTTP_HOST'];
$subject = "Welcome to MiningBuddy";
$headers = "From:" . $MB_EMAIL;
mail($to, $subject, $mail, $headers);
makeNotice("User added and confirmation email sent.", "notice", "Account created", "index.php?action=editusers");
}
}
function alertaHeartbeat()
{
$objAlerta = new Alerta();
$alertas = $objAlerta->obtenerAlertas($_SESSION['usuario_activo']);
$items = '';
$chatBoxes = array();
foreach ($alertas as $alerta) {
$chat['message'] = sanitize($chat['message']);
$items .= <<<EOD
\t\t\t\t\t {
\t\t\t"s": "0",
\t\t\t"f": "icos",
\t\t\t"m": "{$chat['message']}"
\t },
EOD;
}
$objAlerta->actualizaRecibido($_SESSION['usuario_activo']);
if ($items != '') {
$items = substr($items, 0, -1);
}
header('Content-type: application/json');
?>
{
"items": [
<?php
echo $items;
?>
]
}
<?php
exit(0);
}
function __construct($user, $display, $pass, $email, $country, $state, $city, $address, $zip, $phone)
{
//Used for display only
$this->displayname = $display;
//Sanitize
$this->clean_email = sanitize($email);
$this->clean_password = trim($pass);
$this->username = sanitize($user);
$this->user_country = sanitize($country);
$this->user_state = sanitize($state);
$this->user_city = sanitize($city);
$this->user_address = sanitize($address);
$this->user_zip = sanitize($zip);
$this->user_phone = sanitize($phone);
if (usernameExists($this->username)) {
$this->username_taken = true;
} else {
if (displayNameExists($this->displayname)) {
$this->displayname_taken = true;
} else {
if (emailExists($this->clean_email)) {
$this->email_taken = true;
} else {
//No problems have been found.
$this->status = true;
}
}
}
}
public function output()
{
$myOut = '';
$number = $this->config->get('pk_latestnews_amount') ? (int) $this->config->get('pk_latestnews_amount') : 5;
$showToolTip = $this->config->get('pk_latestnews_showtooltip') !== false ? (int) $this->config->get('pk_latestnews_showtooltip') : true;
$allnews = $this->pdh->aget('news', 'news', 0, array($this->pdh->sort($this->pdh->get('news', 'id_list'), 'news', 'date', 'desc')));
$i = 0;
foreach ($allnews as $nid => $new) {
if ((!$new['news_start'] or $new['news_start'] and $new['news_start'] < $this->time->time) and (!$new['news_stop'] or $new['news_stop'] and $new['news_stop'] > $this->time->time) && $this->pdh->get('news', 'has_permission', array($nid)) && $i < $number) {
$news_array[$nid] = $new;
$i++;
}
}
if (is_array($news_array)) {
$myOut = '<table width="100%" border="0" cellspacing="1" cellpadding="2" class="colorswitch">';
foreach ($news_array as $news_id => $news) {
$wraptext = '<a href="' . $this->root_path . 'viewnews.php' . $this->SID . '&id=' . $news_id . '">' . $news['news_headline'] . '</a>';
$tooltip = sprintf($this->user->lang('news_submitter'), sanitize($news['username']), $this->time->user_date($news['news_date'], false, true));
$nocomments = isset($news['nocomments']) ? $news['nocomments'] : 0;
if ($nocomments != 1) {
// get the count of comments per news:
$this->comments->SetVars(array('attach_id' => $news['news_id'], 'page' => 'news'));
$comcount = $this->comments->Count();
$comments_counter = $comcount == 1 ? $comcount . ' ' . $this->user->lang('news_comment') : $comcount . ' ' . $this->user->lang('news_comments');
$comments_counter = $comcount == 1 ? $comcount . ' ' . $this->user->lang('news_comment') : $comcount . ' ' . $this->user->lang('news_comments');
$tooltip .= '<br />' . $comments_counter;
}
$category = $this->config->get('enable_newscategories') == 1 ? $tooltip .= '<br />' . $this->user->lang('category') . ': ' . $news['news_category'] : '';
$content = $showToolTip ? $this->html->ToolTip($tooltip, $wraptext) : $wraptext;
$myOut .= '<tr><td>' . $this->time->user_date($news['news_date']) . '</td><td>' . $content . '</td></tr>';
}
$myOut .= '</table>';
}
return $myOut;
}
function joinEvent()
{
// Lets import some globals, why not.
global $MySelf;
global $DB;
$ID = $MySelf->getID();
// Are we allowed to be here?
if (!$MySelf->canSeeEvents()) {
makeNotice("You are not allowed to do this!", "error", "Forbidden");
}
// Is the ID safe?
if (!is_numeric($_GET[id]) || $_GET[id] < 0) {
makeNotice("Invalid ID given!", "error", "Invalid Data");
}
// Get the current list of members.
$JOINS = $DB->getCol("SELECT signups FROM events WHERE id='{$_GET['id']}'");
$JOINS = unserialize($JOINS[0]);
// Add this ones ship.
$JOINS[$ID] = sanitize($_GET[type]);
// And store it back into the db.
$p = $DB->query("UPDATE events SET signups = '" . serialize($JOINS) . "' WHERE ID='{$_GET['id']}' LIMIT 1");
// Inform the user.
if ($_GET[type] != "quit") {
makeNotice("You have joined Event #{$_GET['id']}. Have fun, and dont be late!", "notice", "Joinup complete.", "index.php?action=showevent&id={$_GET['id']}", "[OK]");
} else {
makeNotice("You have left Event #{$_GET['id']}.", "notice", "Left Event", "index.php?action=showevent&id={$_GET['id']}", "[OK]");
}
}
function showImage($src, $type = null)
{
?>
<div class="col-md-3 item item-<?php
print sanitize($type);
?>
" data-type="<?php
print $type;
?>
">
<!-- <a href="<?php
print BGALLERY_URL . '/image.php?img=' . BGALLERY_CURRENT . '/' . $src;
?>
" target="_blank"> -->
<a href="<?php
print $src;
?>
" target="_blank">
<img data-src="<?php
print BGALLERY_URL;
?>
thumbs/galleries/<?php
print BGALLERY_CURRENT . '/' . $src;
?>
" class="img-thumbnail">
<strong><?php
print preg_replace("#(.*)\\.(jpg|png)\$#i", "\\1", basename($src));
?>
</strong>
</a>
</div>
<?php
}
function user_role($username)
{
$username = sanitize($username);
$query = mysql_query("SELECT Role FROM user WHERE Username = '******'");
$result = mysql_result($query, 0);
return $result;
}
/**
* Добавляет нового пользователя в базу или редактирует профиль существующего пользователя.
*
* @param array $data данные.
* @param array $errors ошибки, возникшие в ходе выполнения операции.
* @return array|bool возвращает пользователя или false в случаи критической ошибки.
*/
function userSave(array $data, array &$errors = null)
{
$id = isset($data['id']) ? (int) $data['id'] : null;
$user = sanitize($data, userSanitizeRules(), $errors);
if ($errors) {
return $user;
}
if (!$id) {
$storedUser = storageGetItemBy(ENTITY_USER, 'username', $user['username']);
if ($storedUser) {
$errors['exists'] = 'Пользователь с таким именем уже существует!';
return $user;
}
$user['created'] = mktime();
}
if ($user['password'] != $data['password_repeat']) {
$errors['password'] = '******';
return $user;
}
$user['password'] = password_hash($user['password'], PASSWORD_DEFAULT);
$status = storageSaveItem(ENTITY_USER, $user);
if (!$status) {
$errors['db'] = 'Не удалось записать данные в базу';
}
return $user;
}
function createProject($name, $videoUrl, $sha1password)
{
$retours = array("success" => 0, "error" => "", "value" => "");
$name = sanitize($name);
if ($name == "") {
$name = sha1(rand());
}
if (!file_exists($name)) {
$zip = new ZipArchive();
$res = $zip->open("create.zip");
if ($res === TRUE) {
$zip->extractTo($name);
$zip->close();
file_put_contents($name . "/file/project.xml", str_replace("__video__", $videoUrl, file_get_contents($name . "/file/project.xml")));
file_put_contents($name . "/file/projectPassword.txt", $sha1password);
$retours["success"] = 1;
} else {
$retours["success"] = -1;
$retours["error"] = "No seed found";
}
} else {
$retours["success"] = 0;
$retours["error"] = "Project already exists";
}
$retours["value"] = $name;
echo json_encode($retours);
}
public function output()
{
if ($this->config('pk_quickpolls_title')) {
$this->header = sanitize($this->config('pk_quickpolls_title'));
}
$myout = '<table cellspacing="0" cellpadding="2" width="100%"><tr><td>';
$myout .= sanitize($this->config('pk_quickpolls_question')) . '</td></tr>';
$this->tpl->add_css("\n\t\t\t.quickpolls_radio label{\n\t\t\t display: block;\n\t\t\t margin-bottom: -10px;\n\t\t\t }\n\t\t");
$myout .= '<tr><td>';
if ($this->in->exists('quickpolls_' . $this->id)) {
$blnResult = $this->performVote();
if ($blnResult) {
$myout .= $this->showResults();
} else {
$myout .= $this->showForm();
if ($this->config('pk_quickpolls_showresults')) {
$myout .= '</td></tr><tr><td><a href="' . $this->SID . '&quickpolls_results=' . $this->id . '">' . $this->user->lang('pk_quickpolls_resuls') . '</a>';
}
}
} else {
if ($this->config('pk_quickpolls_closedate') > 0 && $this->config('pk_quickpolls_closedate') < $this->time->time || $this->in->get('quickpolls_results', 0) == $this->id && $this->config('pk_quickpolls_showresults') || $this->userVoted()) {
$myout .= $this->showResults();
} else {
$myout .= $this->showForm();
if ($this->config('pk_quickpolls_showresults')) {
$myout .= '</td></tr><tr><td><a href="' . $this->SID . '&quickpolls_results=' . $this->id . '">' . $this->user->lang('pk_quickpolls_resuls') . '</a>';
}
}
}
$myout .= '</td></tr>';
$myout .= '</table>';
return $myout;
}
function captcha_configure()
{
global $main_smarty, $the_template;
$q_1_low = isset($_REQUEST['q_1_low']) ? $_REQUEST['q_1_low'] : '';
$q_1_high = isset($_REQUEST['q_1_high']) ? $_REQUEST['q_1_high'] : '';
$q_2_low = isset($_REQUEST['q_2_low']) ? $_REQUEST['q_2_low'] : '';
$q_2_high = isset($_REQUEST['q_2_high']) ? $_REQUEST['q_2_high'] : '';
if ($q_1_low != '') {
misc_data_update('captcha_math_q1low', $q_1_low);
} else {
$q_1_low = get_misc_data('captcha_math_q1low') == '' ? 1 : get_misc_data('captcha_math_q1low');
}
if ($q_1_high != '') {
misc_data_update('captcha_math_q1high', $q_1_high);
} else {
$q_1_high = get_misc_data('captcha_math_q1high') == '' ? 5 : get_misc_data('captcha_math_q1high');
}
if ($q_2_low != '') {
misc_data_update('captcha_math_q2low', $q_2_low);
} else {
$q_2_low = get_misc_data('captcha_math_q2low') == '' ? 1 : get_misc_data('captcha_math_q2low');
}
if ($q_2_high != '') {
misc_data_update('captcha_math_q2high', $q_2_high);
} else {
$q_2_high = get_misc_data('captcha_math_q2high') == '' ? 5 : get_misc_data('captcha_math_q2high');
}
$main_smarty->assign('q_1_low', sanitize($q_1_low, 2));
$main_smarty->assign('q_1_high', sanitize($q_1_high, 2));
$main_smarty->assign('q_2_low', sanitize($q_2_low, 2));
$main_smarty->assign('q_2_high', sanitize($q_2_high, 2));
}
function toggleCan()
{
global $DB;
$name = sanitize($_GET[canid]);
$DB->query("UPDATE cans SET isFull=1 XOR isFull WHERE id='{$name}' LIMIT 1");
header("Location: index.php?action=cans");
}
function __construct($user, $display, $pass, $email, $colist, $contact)
{
//Used for display only
$this->displayname = $display;
//Sanitize
$this->clean_email = sanitize($email);
$this->clean_password = trim($pass);
$this->username = sanitize($user);
$this->colist_agent = $colist;
$this->contact_person = $contact;
if (usernameExists($this->username)) {
$this->username_taken = true;
} else {
if (displayNameExists($this->displayname)) {
$this->displayname_taken = true;
} else {
if (emailExists($this->clean_email)) {
$this->email_taken = true;
} else {
//No problems have been found.
$this->status = true;
}
}
}
}
function Authenticate($username, $pass, $remember = false, $already_salted_pass = '')
{
global $db;
$dbusername = sanitize($db->escape($username), 4);
$user = $db->get_row("SELECT * FROM " . table_users . " WHERE user_login = '******'");
if ($already_salted_pass == '') {
$saltedpass = generateHash($pass, substr($user->user_pass, 0, SALT_LENGTH));
} else {
$saltedpass = $already_salted_pass;
}
if ($user->user_id > 0 && $user->user_pass === $saltedpass && $user->user_lastlogin != "0000-00-00 00:00:00") {
$this->user_login = $user->user_login;
$this->user_id = $user->user_id;
$vars = array('user' => serialize($this), 'can_login' => true);
check_actions('login_pass_match', $vars);
if ($vars['can_login'] != true) {
return false;
}
$this->authenticated = TRUE;
$this->md5_pass = md5($user->user_pass);
$this->SetIDCookie(1, $remember);
$lastip = $_SERVER['REMOTE_ADDR'];
$sql = "UPDATE " . table_users . " SET user_lastip = '{$lastip}', user_lastlogin = now() WHERE user_id = {$user->user_id} LIMIT 1";
$db->query($sql);
return true;
}
return false;
}
