public function c($rq = null)
{
$type = ['employee' => 1, 'agency' => 2, 'doctor' => 3];
$rq = rq();
$rq['senderid'] = uid();
$rq['sendername'] = username();
if (he_is('agency')) {
$rq['org'] = sess('org');
}
if (he_is('employee')) {
$rq['org'] = sess('org');
}
// return his_chara()[0];
$rq['sendertype'] = $type[his_chara()[0]];
if (his_chara()[0] == 'agency') {
$rq['recipienttype'] = 1;
$rq['recipientid'] = 1;
$rq['recipientname'] = 'admin';
} elseif (his_chara()[0] == 'employee') {
$rq['recipienttype'] = $type[$rq['recipienttype']];
}
// 验证发信规则
$valid = $this->verify($rq);
if (!$valid) {
return ee(2);
}
$rq['sendtime'] = date("Y-m-d H:i:s");
return parent::c($rq);
}
function uploadRemoteFile($urlimage, $filename, $urlslug, $user_id = NULL)
{
$this->CI->output->set_header('Content-Type: application/json; charset=utf-8');
$user_name = isset($user_id) ? username($user_id) : $this->CI->ion_auth->user()->row()->username;
//get file info so we can check for allowed extensions
$file_parts = pathinfo($urlimage);
$exts = array('jpg', 'gif', 'png', 'jpeg');
if (isset($file_parts['extension']) && in_array($file_parts['extension'], $exts)) {
//check the exif data to ensure its a valid image type
$image_exists = @fopen($urlimage, "r");
if ($image_exists === false) {
$output_array = array('validation' => 'error', 'response' => 'error', 'message' => 'Check image URL. Supplied URL does not appear to be an image.');
$this->CI->output->set_output(json_encode($output_array));
} else {
fclose($image_exists);
if (exif_imagetype($urlimage)) {
//send back json error for modal
//if folder for song does not exist, make the folder
if (!file_exists(FCPATH . 'asset_uploads/' . $user_name . '/' . $urlslug)) {
mkdir(FCPATH . 'asset_uploads/' . $user_name . '/' . $urlslug, 0755, true);
file_put_contents(FCPATH . 'asset_uploads/' . $user_name . '/' . $urlslug . '/index.html', 'index.html');
}
//get the image
$image = file_get_contents($urlimage);
//save the image
file_put_contents(FCPATH . 'asset_uploads/' . $user_name . '/' . $urlslug . '/' . $filename . '.' . $file_parts['extension'], $image);
return true;
}
}
} else {
//send back json error for modal
$output_array = array('validation' => 'error', 'response' => 'error', 'message' => 'Image filetype not supported. JPG or PNG only please!');
$this->CI->output->set_output(json_encode($output_array));
}
}
/**
* 登录日志
* @param [type] $type [description]
* @param [type] $user [description]
* @return [type] [description]
*/
public static function login($type, $user)
{
$related_id = $user->id;
switch ($type) {
case 'employee':
$action_type_id = 1;
$ins_type_id = 6;
$memo = '员工登录';
break;
case 'agency':
$action_type_id = 2;
$ins_type_id = 5;
$memo = '代理商登录';
break;
case 'department':
$action_type_id = 3;
$ins_type_id = 4;
$memo = '科室登录';
break;
default:
break;
}
$memo = $memo . '-' . username();
Self::add_log($action_type_id, $ins_type_id, $related_id, $memo);
}
function insertElement()
{
if (isset($_POST['ClassificationID'])) {
$ClassificationID = json_decode(sanitize($_POST['ClassificationID']));
}
if (isset($_POST['Element'])) {
$Element = json_decode(sanitize($_POST['Element']));
}
if (isset($_POST['AtomicMass'])) {
$AtomicMass = json_decode(sanitize($_POST['AtomicMass']));
}
$dbConn = mysqli_connect(server(), username(), password(), db("Elements"));
if ($dbConn->connect_error) {
die("Connection failed: " . $dbConn->connect_error);
}
$query = "INSERT INTO Elements ( ClassificationID, Element, AtomicMass ) " . "VALUES ( " . "" . $ClassificationID . ", " . "'" . $Element . "', " . "" . $AtomicMass . " );";
$result = $dbConn->query($query);
$return = new stdClass();
$return->querystring = (string) $query;
if ($result) {
$return->success = true;
} else {
$return->success = false;
}
return json_encode($return);
}
function sendNotify($userid, $msg, $link, $subject = null)
{
$umail = "*****@*****.**";
$ufname = "eDart";
$ulname = "User";
$domail = 1;
//PART I: Write to the database
$con = mysqli_connect(host(), username(), password(), mainDb());
$q = "INSERT INTO notify(`usr`,`date`,`message`,`link`) VALUES('" . mysqli_real_escape_string($con, $userid) . "','" . mysqli_real_escape_string($con, time()) . "','" . mysqli_real_escape_string($con, $msg) . "','" . mysqli_real_escape_string($con, $link) . "')";
//Insert a new row into the author's notifications
mysqli_query($con, $q);
//Execute
$user_call = new User(array("action" => "get", "id" => $userid));
$user_info = $user_call->run(true);
if (count($user_info) != 0) {
$user_info = $user_info[0];
$umail = $user_info["email"];
$ufname = ucwords($user_info["fname"]);
$ulname = ucwords($user_info["lname"]);
$domail = $user_info["do_mail"];
}
$greetings = array("Just wanted to let you know that:<br><br> %s. <br><br>That is all. Have a good rest of your day!", "In case you didn't know: <br><br>%s<br><br> Better go check it out.", "We hope you're having a good day! Just thought you might you want to know:<br><br> %s. <br><br>That is all. Carry on!", "Don't mean to break your flow, but we just thought you might want to know that<br><br> %s. <br><br>If you get the chance, you can check it out back at eDart. For now, live long and prosper!", "Hope your day is going splendidly! Just thought we'd let you know that:<br><br> %s. <br><br>When you have the time, check it out on eDart. Cool. For now, bye.");
$fullmsg = sprintf($greetings[rand(0, count($greetings) - 1)], $msg);
if ($subject == null) {
$subject = $msg;
}
//PART II: Send them an email
if ($domail == 1) {
sendMail($umail, $ufname, $ulname, $subject, $fullmsg, $link, "View on eDart");
}
}
function __construct($type)
{
global $con, $table;
$con = mysqli_connect(host(), username(), password(), mainDb());
switch ($type) {
case ITEM:
$table = "item";
break;
case USER:
$table = "usr";
break;
}
}
/**
* Function used to replace content
* of email template with variables
* it can either be email subject or message content
* @param : Content STRING
* @param : array ARRAY => array({somevar}=>$isvar)
*/
function replace($content, $array)
{
//Common Varialbs
$com_array = array('{website_title}' => TITLE, '{baseurl}' => BASEURL, '{website_url}' => BASEURL, '{date_format}' => cbdate(DATE_FORMAT), '{date}' => cbdate(), '{username}' => username(), '{userid}' => userid(), '{date_year}' => cbdate("Y"), '{date_month}' => cbdate("m"), '{date_day}' => cbdate("d"), '{signup_link}' => cblink(array('name' => 'signup')), '{login_link}' => cblink(array('name' => 'login')));
if (is_array($array) && count($array) > 0) {
$array = array_merge($com_array, $array);
} else {
$array = $com_array;
}
foreach ($array as $key => $val) {
$var_array[] = '/' . $key . '/';
$val_array[] = $val;
}
return preg_replace($var_array, $val_array, $content);
}
private static function match_class_code($class, $code)
{
$connect = mysqli_connect(host(), username(), password(), mainDb());
if ($code) {
$return_array = sqlToArray($connect, "SELECT `text` FROM `lookup` WHERE class={$class} AND code={$code}");
if (count($return_array) != 0) {
return $return_array[0]["text"];
} else {
return NULL;
}
} else {
$return_array = sqlToArray($connect, "SELECT * FROM `lookup` WHERE class={$class}");
return $return_array;
}
}
function connect_db()
{
# Attemt connect. Return success or fail. Catch exceptions.
// Create connection
//$conn = new mysqli(servername(), username(), password());
$servername = servername();
$username = username();
$password = password();
$dbname = dbname();
//IMPROVE. Perhaps add check to see if we are already connected. Php db ping probably.
try {
$conn = new PDO("mysql:host={$servername};dbname={$dbname}", $username, $password);
} catch (PDOException $e) {
echo $e->getMessage();
exit;
}
return $conn;
}
function login_menu()
{
if (!is_logged()) {
?>
<div class='login_menu'>
<a href='login.php'>Logowanie</a>
</div>
<?php
} else {
?>
<div class='login_menu'>
Zalogowano jako <?php
echo username();
?>
<a href='logout.php'>wyloguj</a>
</div>
<?php
}
}
function __construct($parameters)
{
global $con, $argv;
$con = mysqli_connect(host(), username(), password(), mainDb());
$argv = $parameters;
}
}
</script>
<?php
if (isset($_GET['hide_import_message'])) {
$this->lf_core->Livefyre_Utility->update_import_status('complete');
?>
<script type="text/javascript">
window.location.href = window.location.pathname + '?page=livefyre';
</script>
<?php
exit;
}
if (isset($_POST['textfield'])) {
echo username();
return;
}
$import_status = get_option('livefyre_import_status', 'uninitialized');
// Handle legacy values
if ($import_status == 'csv_uploaded') {
$import_status = 'complete';
} elseif ($import_status == 'started') {
$import_status = 'pending';
}
// Start the animation only if the button was clicked
if ($import_status == 'pending') {
// Only report status of the import
?>
<script type="text/javascript">
livefyre_start_ajax(1000);
?>
</head>
<body>
<div id="header">
<h1><?php
echo SITE_TITLE;
?>
</h1>
<?php
$menuitems = array();
if ($GLOBALS["page"] != "mainMenu") {
$menuitems[] = "<a href=\"" . SITEROOT_WEB . "\">Back to main menu</a>";
}
$menuitems[] = "<a href=\"" . SITEROOT_WEB . "eqiat\">Authoring tool</a>";
if (loggedin() && $GLOBALS["page"] != "logout") {
$menuitems[] = "<a id=\"logoutlink\" href=\"" . SITEROOT_WEB . "?page=logout\">Log out (<strong>" . htmlspecialchars(username()) . "</strong>)</a>";
} else {
if (!loggedin() && ($GLOBALS["page"] != "login" && !isset($_SESSION["nextpage"]))) {
$menuitems[] = "<a href=\"" . SITEROOT_WEB . "?page=login\">Log in</a>";
}
}
if ($GLOBALS["page"] != "help") {
$menuitems[] = "<a href=\"" . SITEROOT_WEB . "?page=help\">Help</a>";
}
if (!empty($menuitems)) {
?>
<ul id="headermenu">
<?php
foreach ($menuitems as $menuitem) {
?>
<li><?php
$najdiclanok0 = isset($datacc[$najdiclanok - 1]) ? $datacc[$najdiclanok - 1] : "hide";
$najdiclanok1 = isset($datacc[$najdiclanok + 1]) ? $datacc[$najdiclanok + 1] : "hide";
echo '
<ul class="pager">
' . ($najdiclanok0 != "hide" ? '<li class="previous"><a href="/clanok/' . $najdiclanok0 . '/' . bezd(articlename($najdiclanok0)) . '">← ' . ($najdiclanok1 == "hide" ? articlename($najdiclanok0) : 'Predchadzajúci článok') . '</a></li>' : '') . '
' . ($najdiclanok1 != "hide" ? '<li class="next"><a href="/clanok/' . $najdiclanok1 . '/' . bezd(articlename($najdiclanok1)) . '">' . articlename($najdiclanok1) . ' →</a></li>' : '') . '
</ul>
';
}
}
echo '
<div class="articleview-inside">
<div class="info">
<h4><a href="/clanok/' . $datacla["article_id"] . '/' . bezd($datacla["article_name"]) . '">' . $datacla["article_name"] . '</a></h4>
<div class="infin">
<span><i class="fa fa-user"></i> Autor: ' . username($datacla["article_author"], 1) . '</span>
<span><i class="fa fa-time"></i> Dátum: <a>' . date("j. n. Y", $datacla["article_date"]) . '</a></span>
<span><i class="fa fa-th-list"></i> Kategória: ' . articlecat($datacla["article_cat"], 1) . '</span>
<span><i class="fa fa-eye"></i> Prečítané: <a>' . $datacla["article_reads"] . '</a>×</span>
</div>
</div>
</div>
';
echo '
<div class="articleview">
' . $datacla["article_txt"];
echo '</div>';
?>
<br><div class="heureka-163376503"> <div class="heureka3-content"> <div style="float: left; border: 1px solid #E2E2E2; margin: 0 15px 0 0; padding: 0; width: 50px; height: 50px;"><a href="http://grafika-a-design.heureka.sk/adobe-creative-suite-6-photoshop-extended-win-cz-dvd-pack/#c971:3" class="heureka-image-163376503"> </a></div> <div style="margin: 0; padding: 0; line-height: 1.2em;color:#888;"> <a href="http://grafika-a-design.heureka.sk/adobe-creative-suite-6-photoshop-extended-win-cz-dvd-pack/#c971:3" target="_blank">Adobe Creative Suite 6 Photoshop Extended WIN CZ DVD Pack</a> môžete kúpiť v <span class="heureka-shops-163376503"> </span> e-shopoch za cenu od <span class="heureka-price-163376503"> </span> <small>(Zdroj: Heureka.sk)</small><br /> <a href="http://grafika-a-design.heureka.sk/adobe-creative-suite-6-photoshop-extended-win-cz-dvd-pack/#c971:3" target="_blank">Porovnať ceny >></a> </div> </div> <div style="clear: both;"></div> </div> <script type="text/javascript" src="http://www.heureka.sk/direct/bannery/?id=16337650:3:971"></script><br><br>
<?php
if (!defined('PERM')) {
die;
}
?>
<div class="list-group">
<?php
$result = dbquery("SELECT * FROM bg_forumtopicpost GROUP BY post_topicid ORDER BY post_time DESC LIMIT 0,5");
$rows1 = dbrows($result);
if ($rows1 >= "1") {
while ($data = dbarray($result)) {
$type = "/tema/" . $data["post_topicid"] . "/" . bezd(forumtopicname($data["post_topicid"]));
echo '<a href="' . $type . '" class="list-group-item">' . forumtopicname($data["post_topicid"]) . '<br/><small>' . timeago($data["post_time"]) . ' od ' . username($data["post_userid"], 0) . '</small></a>';
}
}
?>
</div>
<?php
if (userperm("5")) {
if (isset($_POST["editmod"])) {
if ($_POST["modset"] == 1) {
dbquery("DELETE FROM bg_forumtopicread WHERE forumr_tid='" . $dataf2["forumt_id"] . "'");
dbquery("UPDATE bg_forumtopic SET forumt_locked='1',forumt_lockuserid='" . $userinfo["user_id"] . "' WHERE forumt_id='" . $dataf2["forumt_id"] . "'");
redirect("/tema/" . $dataf2["forumt_id"] . "/" . bezd($dataf2["forumt_name"]));
}
if ($_POST["modset"] == 2) {
dbquery("UPDATE bg_forumtopic SET forumt_locked='0' WHERE forumt_id='" . $dataf2["forumt_id"] . "'");
<?php
require "lib.php";
Config("title", "LLOOGG Login");
include "header.php";
if (!isLoggedIn()) {
?>
<form name="f" method="POST" onsubmit="tryLogin(); return false;">
<table border="0" cellpadding="6">
<tr><td align="right">Username</td><td><input type="text" class="inputtext" name="username"></td></tr>
<tr><td align="right">Password</td><td><input type="password" class="inputtext" name="pass"></td></tr>
<tr><td align="right" colspan="2"><small>Remember me</small> <input type="checkbox" name="rememberme" value="1" checked></td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="login" value="Enter" id="enterButton" class="inputbutton"></td></tr>
</table>
</form>
<?php
} else {
?>
<p>You are already logged in as
<strong><?php
echo htmlentities(username());
?>
</strong>!
<p>To switch user <a href="/logout.php">logout</a> first.
<?php
}
include "footer.php";
/**
* Function used to check input users
* are valid or not
*/
function check_users($input, $sender)
{
global $userquery;
if (empty($input)) {
e(lang("unknown_reciever"));
} else {
//check if usernames are sperated by colon ';'
$input = preg_replace('/;/', ',', $input);
//Now Exploding Input and converting it to and array
$usernames = explode(',', $input);
//Now Checkinf for valid usernames
$valid_users = array();
foreach ($usernames as $username) {
$user_id = $this->get_the_user($username);
if ($userquery->is_user_banned($username, userid())) {
e(sprintf(lang("cant_pm_banned_user"), $username));
} elseif ($userquery->is_user_banned(username(), $username)) {
e(sprintf(lang("cant_pm_user_banned_you"), $username));
} elseif (!$userquery->user_exists($username)) {
e(lang("unknown_reciever"));
} elseif ($user_id == $sender) {
e(lang("you_cant_send_pm_yourself"));
} else {
$valid_users[] = $user_id;
}
}
$valid_users = array_unique($valid_users);
if (count($valid_users) > 0) {
$vusers = '';
foreach ($valid_users as $vu) {
$vusers .= "#" . $vu . "#";
}
return $vusers;
} else {
return false;
}
}
}
<?php
$one_week_ago = strtotime("-1 weeks");
$current_date = time();
$con = mysqli_connect(host(), username(), password(), mainDb());
$user_query = mysqli_query($con, "SELECT * FROM `usr` WHERE `joindate` > " . $one_week_ago);
while ($row = mysqli_fetch_array($user_query)) {
$message = "Hey! Welcome to eDart! ";
}
mysqli_close($con);
?>
</td>
<td><?php
echo str_replace("-", "/", $A->element("date"));
?>
</td>
<td><?php
echo section($A->element("section"));
?>
</td>
<td><?php
echo floorname($A->element("floor")) . " - " . $A->element("room") . "室";
?>
</td>
<td><?php
echo username($A->element("name"));
?>
</td>
<td>
<form action="editreserve.php" method="post">
<input type="submit" value="取消">
<input type="hidden" name="delete" value="1">
<input type="hidden" name="id" value="<?php
echo $A->element("id");
?>
">
</form></td>
</tr>
<?php
}
} else {
/**
* Function used to rate video
*/
function rate_video($id, $rating)
{
global $db, $myquery, $userquery;
if (!is_numeric($rating) || $rating <= 9) {
$rating = 0;
}
if ($rating >= 10) {
$rating = 10;
}
$rating_details = $this->get_video_rating($id);
$voter_id = $rating_details['voter_ids'];
$new_by = $rating_details['rated_by'];
$newrate = $rating_details['rating'];
if (phpversion < '5.2.0') {
global $json;
}
$js = $json;
$Oldvoters = explode('|', $voter_id);
if (is_array($Oldvoters) && count($Oldvoters) > 2) {
foreach ($Oldvoters as $voter) {
if ($voter) {
$voters[$voter] = array("userid" => $voter, "time" => now(), "method" => 'old');
}
}
} else {
if (!empty($js)) {
$voters = $js->json_decode($voter_id, TRUE);
} else {
$voters = json_decode($voter_id, TRUE);
}
}
if (!empty($voters)) {
$already_voted = array_key_exists(userid(), $voters);
}
if (!userid()) {
e(lang("please_login_to_rate"));
} elseif (userid() == $rating_details['userid'] && !config('own_video_rating')) {
e(lang("you_cant_rate_own_video"));
} elseif (!empty($already_voted) && !1) {
e(lang("you_hv_already_rated_vdo"));
} elseif (!config('video_rating') || $rating_details['allow_rating'] != 'yes') {
e(lang("vid_rate_disabled"));
} else {
$voters[userid()] = array("userid" => userid(), "username" => username(), "time" => now(), "rating" => $rating);
$total_voters = count($voters);
if (!empty($js)) {
$voters = $js->json_encode($voters);
} else {
$voters = json_encode($voters);
}
$t = $rating_details['rated_by'] * $rating_details['rating'];
//$new_by = $rating_details['rated_by'] + 1;
$new_by = $total_voters;
$newrate = ($t + $rating) / $new_by;
if ($newrate > 10) {
$newrate = 10;
}
$newrate = round($newrate + 0.49, 0);
$db->update(tbl($this->dbtbl['video']), array("rating", "rated_by", "voter_ids"), array($newrate, $new_by, "|no_mc|{$voters}"), " videoid='{$id}'");
$userDetails = array("object_id" => $id, "type" => "video", "time" => now(), "rating" => $rating, "userid" => userid(), "username" => username());
/* Updating user details */
update_user_voted($userDetails);
$like_array = array('userid' => userid(), 'type' => 'v', 'object_id' => $id);
if ($rating > 1) {
$myquery->add_like($like_array);
} else {
$myquery->add_dislike($like_array);
}
if (isSectionEnabled('feeds')) {
//ADding feed
global $cbfeeds;
if ($rating > 1) {
$object = $this->get_content($id);
$user = $userquery->udetails;
$feed_array = array('userid' => userid(), 'user' => $user, 'object' => $object, 'object_id' => $id, 'object_type' => 'video', 'is_activity' => 'yes', 'action' => 'like_video');
$cbfeeds->add_feed($feed_array);
} else {
$feed_array = array('userid' => userid(), 'object_id' => $id, 'object_type' => 'video', 'is_activity' => 'yes', 'action' => 'like_video');
$cbfeeds->delete_feed($feed_array);
}
}
e(lang("thnx_for_voting"), "m");
}
$result = array('rating' => $newrate, 'ratings' => $new_by, 'total' => 10, 'id' => $id, 'type' => 'video', 'disable' => 'disabled');
return $result;
/*
Following code is unused
$niddle = "|";
$niddle .= userid();
$niddle .= "|";
$flag = strstr($voter_id, $niddle);
//checking if raings are allowed or not
$vid_rating = config('video_rating');
if(!userid())
e(lang("please_login_to_rate"));
elseif(userid()==$rating_details['userid'] && !config('own_video_rating'))
e(lang("you_cant_rate_own_video"));
elseif(!empty($flag))
e(lang("you_hv_already_rated_vdo"));
elseif(!config('video_rating') || $rating_details['allow_rating'] !='yes' )
e(lang("vid_rate_disabled"));
else
{
if(empty($voter_id))
$voter_id .= "|";
$voter_id .= userid();
$voter_id .= "|";
$t = $rating_details['rated_by'] * $rating_details['rating'];
$new_by = $rating_details['rated_by'] + 1;
$newrate = ($t + $rating) / $new_by;
$db->update(tbl($this->dbtbl['video']),array("rating","rated_by","voter_ids"),array($newrate,$new_by,$voter_id)," videoid='$id'");
e(lang("thnx_for_voting"),"m");
}
$result = array('rating'=>$newrate,'ratings'=>$new_by,'total'=>10,'id'=>$id,'type'=>'video','disable'=>'disabled');
return $result;
*/
}
function before_filter()
{
$this->username = username();
}
if (isset($_SESSION["nextpage"])) {
$nextpage = $_SESSION["nextpage"];
unset($_SESSION["nextpage"]);
redirect($nextpage);
}
$title = "Successfully logged in";
include "htmlheader.php";
?>
<h2><?php
echo htmlspecialchars($title);
?>
</h2>
<p>
You're now logged in as
<strong><?php
echo htmlspecialchars(username());
?>
</strong>
</p>
<?php
include "htmlfooter.php";
exit;
}
if (isset($_REQUEST["async"])) {
badrequest("That username and password combination did not match any user in the database");
}
$errors[] = "That username and password combination did not match any user in the database";
} else {
if (isset($_REQUEST["async"])) {
badrequest("username and password not given");
}
try {
$email = $db->prepare('SELECT email FROM user_pass WHERE email = ? AND password = ?');
$email->bindParam(1, $email_SI);
$email->bindParam(2, $password_SI);
$email->execute();
foreach ($email as $mail) {
$email = $mail['email'];
return $email;
}
} catch (Exception $e) {
echo 'Data could not be retrieved from the database.';
exit;
}
}
$verified_email = email($email_SI, $password_SI);
$username_SI = username($email_SI, $password_SI);
// Grabs ID from user_pass Table.
function user_id_si($username_SI)
{
require ROOT_PATH . 'inc/database.php';
try {
$ids = $db->prepare('SELECT id FROM user_pass WHERE username = ?');
$ids->bindValue(1, $username_SI);
$ids->execute();
foreach ($ids as $id) {
$userID = $id['id'];
return $userID;
}
} catch (Exception $e) {
echo "Data was not retrieved from the database successfully.";
exit;
</tr>
<tr>
<td colspan=\'2\' align=\'center\' class=\'content\'><input type=\'submit\' name=\'submit\' value=\'Next\' /></td>
</tr>
</table>
</form>
</div></div></div>';
}
function getlink()
{
$username = clean($_POST['username']);
echo '<head>
<meta http-equiv="refresh" content=".1; url=index.php?action=forgotpassword&case=question&username='******'">
</head>';
//echo "<center><a href='index.php?action=forgotpassword&case=question&username=$username'><font color='red' size='+3'>----> Next ----></font></a></center>";
}
if (!isset($_GET['case'])) {
$_GET['case'] = NULL;
}
switch ($_GET['case']) {
default:
username();
break;
case 'getlink':
getlink();
break;
case 'question':
question();
break;
}
$pagetitle = "forgot password";
$warnings = array();
$messages = array();
if (!isset($_REQUEST["qtiid"])) {
badrequest("no QTI ID was specified");
}
$item = getitem($_REQUEST["qtiid"]);
if (!$item) {
badrequest("no item with the given QTI ID exists in the database");
}
// if not cloning...
if (!isset($_REQUEST["clone"])) {
// only the owner can edit it
if (!loggedin()) {
badrequest("you're not logged in so can't edit this item");
}
if ($item["user"] != username()) {
badrequest("you're not the owner of this item and so can't edit it");
}
// if the item's already in session memory redirect straight to Eqiat
if (isset($_SESSION["items"]) && array_key_exists($_REQUEST["qtiid"], $_SESSION["items"])) {
redirect(SITEROOT_WEB . "eqiat/#item_" . $_REQUEST["qtiid"]);
}
}
// make a QTIAssessmentItem object from the data we have and put it in session memory
$metadata = array("description" => $item["description"], "keywords" => $item["keywords"]);
$ai = xmltoqtiobject($item["xml"], $errors, $warnings, $messages, $metadata, isset($_REQUEST["clone"]));
if ($ai === false) {
servererror("Errors:\n" . implode("\n", $errors) . "\n\nWarnings:\n" . implode("\n", $warnings) . "\n\nMessages:\n" . implode("\n", $messages));
}
$ai->sessionStore();
redirect(SITEROOT_WEB . "eqiat/#item_" . $ai->getQTIID());
$perms = $p['show_profile'];
if (userid() != $udetails['userid']) {
if (($perms == 'friends' || $perms == 'members') && !userid()) {
e(lang('you_cant_view_profile'));
if (!has_access('admin_access', true)) {
$Cbucket->show_page = false;
}
} elseif ($perms == 'friends' && !$userquery->is_confirmed_friend($udetails['userid'], userid())) {
e(sprintf(lang('only_friends_view_channel'), $udetails['username']));
if (!has_access('admin_access', true)) {
$Cbucket->show_page = false;
}
}
//Checking if user is not banned by admin
if (userid()) {
if ($userquery->is_user_banned(username(), $udetails['userid'], $udetails['banned_users'])) {
e(sprintf(lang('you_are_not_allowed_to_view_user_channel'), $udetails['username']));
assign('isBlocked', 'yes');
if (!has_access('admin_access', true)) {
$Cbucket->show_page = false;
}
}
}
}
subtitle(sprintf(lang('user_s_channel'), $udetails['username']));
//Setting profilte item
$profileItem = $userquery->getProfileItem($udetails['userid'], true);
assign('profile_item', $profileItem);
} else {
if ($_GET['seo_diret'] != 'yes') {
e(lang("usr_exist_err"));
<?php
include_once "auth.inc.php";
$result = array("error" => "");
$action = $_POST["action"];
switch ($action) {
case "change_password":
$old_password = $_POST["old_password"];
$new_password = $_POST["new_password"];
if (!is_logged()) {
$result["error"] = "musisz się zalogować";
break;
}
if (!auth_check_password(username(), $old_password)) {
$result["error"] = "stare hasło nie pasuje";
break;
}
auth_change_password(username(), $new_password);
break;
default:
$result["error"] = "unknown command '{$action}'";
}
echo utf8_encode(json_encode($result));
/**
* Used to rate photo
*/
function rate_collection($id, $rating)
{
global $db, $json;
if (!is_numeric($rating) || $rating <= 9) {
$rating = 0;
}
if ($rating >= 10) {
$rating = 10;
}
$c_rating = $this->current_rating($id);
$voters = $c_rating['voters'];
$new_rate = $c_rating['rating'];
$rated_by = $c_rating['rated_by'];
if (phpversion < '5.2.0') {
$voters = $json->json_decode($voters, TRUE);
} else {
$voters = json_decode($voters, TRUE);
}
if (!empty($voters)) {
$already_voted = array_key_exists(userid(), $voters);
}
if (!userid()) {
e(lang("please_login_to_rate"));
} elseif (userid() == $c_rating['userid'] && !config('own_collection_rating')) {
e(lang("you_cannot_rate_own_collection"));
} elseif (!empty($already_voted)) {
e(lang("you_hv_already_rated_photo"));
} elseif ($c_rating['allow_rating'] == 'no' || !config('collection_rating')) {
e(lang("collection_rating_not_allowed"));
} else {
$voters[userid()] = array('rate' => $rating, 'time' => NOW());
if (phpversion < '5.2.0') {
$voters = $json->json_encode($voters);
} else {
$voters = json_encode($voters);
}
$t = $c_rating['rated_by'] * $c_rating['rating'];
$rated_by = $c_rating['rated_by'] + 1;
$new_rate = ($t + $rating) / $rated_by;
$db->update(tbl('collections'), array('rating', 'rated_by', 'voters'), array("{$new_rate}", "{$rated_by}", "|no_mc|{$voters}"), " collection_id = " . $id . "");
$userDetails = array("object_id" => $id, "type" => "collection", "time" => now(), "rating" => $rating, "userid" => userid(), "username" => username());
/* Updating user details */
update_user_voted($userDetails);
e(lang("thnx_for_voting"), "m");
}
$return = array("rating" => $new_rate, "rated_by" => $rated_by, 'total' => 10, "id" => $id, "type" => "collection", "disable" => "disabled");
return $return;
}
<?php
require 'config.php';
require $engine_path . "cls/auth/session_lite.php";
$page = "first";
$first_page = 1;
require "up.php";
require "left.php";
if ($er) {
print "<div style=\"margin-left:15px;margin-bottom:10px\"><table border=0 cellspacing=4 cellpadding=0 width=100%><td>" . icon('error', $er) . "</td></table></div>";
}
if ($auth->user) {
print "<div style=\"margin-left:15px;margin-bottom:10px\">";
$q = select("select a.Message,u.GuildID,u.Login,u.GuildStatusID,u.UserID from ut_announcements a join ut_users u using(UserID) where a.Active=1 order by a.Date desc limit 0,1");
if ($q[0]) {
print "<table border=0 cellspacing=4 cellpadding=0 width=485px><td>" . icon('green', setTags($q[Message] . "<br><div align=right>" . username($q, 1) . "</div>"));
print "</td></table><br>";
}
?>
<!-- bof RedTram N4P -->
<table border=0 width=485px cellspacing=0 cellpadding=0>
<td>
<font style="text-decoration: none;font-weight:bold;font-size: 13px;margin-left:10px">Новое на форуме</font>
<img src=/images/hr2.gif width=180px height=10px>
<table border=0 width=240px cellspacing=0 cellpadding=0>
<?php
include "php/informer1.html";
?>
function writebody()
{
global $db, $domain, $sitename, $cachelife, $template, $gamesfolder, $thumbsfolder, $limitboxgames, $seo_on, $blogentriesshown, $enabledcode_on, $comments_on, $directorypath, $autoapprovecomments, $gamesonpage, $abovegames, $belowgames, $showwebsitelimit, $supportemail, $showblog, $blogentriesshown, $blogcharactersshown, $blogcommentpermissions, $blogcommentsshown, $blogfollowtags, $blogcharactersrss, $usrdata, $userid;
function question()
{
global $db, $domain, $sitename, $domain, $template, $gamesfolder, $thumbsfolder, $limitboxgames, $seo_on, $blogentriesshown, $enabledcode_on, $comments_on, $directorypath, $autoapprovecomments, $gamesonpage, $abovegames, $belowgames, $showwebsitelimit, $supportemail, $showblog, $blogentriesshown, $blogcharactersshown, $blogcommentpermissions, $blogcommentsshown, $blogfollowtags, $blogcharactersrss, $usrdata, $userid;
if (isset($_POST['submit'])) {
$answer = clean($_POST['answer']);
$username = clean($_GET['username']);
if (!$username || !$answer) {
echo '<div class=\'error\'>You\'ve not filled all required fields in.</div>';
return;
}
$r = $db->query(sprintf('SELECT * FROM fas_users WHERE username=\'%s\'', $username));
$ir = $db->fetch_row($r);
$salt = $ir['salt'];
//check if the salt exists
if (empty($salt)) {
$salt = createSalt();
//creates a 3 character string
}
$answer = checkPass($answer, $salt);
if (!$db->num_rows($r)) {
//check if user exists and answer is corect
echo '<div class=\'error\'>Your username is incorrect. Please try again!</div>';
return;
} elseif ($answer != $ir['pass_answer']) {
echo '<div class=\'error\'>Your security answer is incorrect. Please try again!</div>';
return;
} else {
$email = clean($ir['email']);
$pass_word = rand();
$subject = 'Password Reset';
$message = 'Hello ' . $username . ',<br><br>You are receiving this notification because you have (or someone pretending to be you has) requested a new password be sent for your account on <a href="' . $domain . '">' . $sitename . '</a>.<br> Your password has been reset, your new password is: ' . $pass_word . '.<br><br> You can of course change this password yourself via the profile page. If you have any difficulties please contact the board administrator.
<br><br>Best regards,<br>' . $sitename . ' administration';
$headers = 'From: ' . $supportemail . '' . "\r\n" . 'Content-Type: text/html; charset=\\"iso-8859-1\\"' . "\r\n" . 'X-Mailer: PHP/' . phpversion();
mail($email, $subject, $message, $headers);
$pass = setPass($pass_word, $salt);
mysql_query("UPDATE fas_users SET password='******', salt='{$salt}' WHERE username='******' AND pass_answer='{$answer}'");
echo '<div class=\'msg\'><font color=red>Your password has been reset, please check your email for the new password!</font></div>';
}
} else {
$username = clean($_GET['username']);
$r = $db->query(sprintf('SELECT * FROM fas_users WHERE username=\'%s\'', $username));
$ir = $db->fetch_row($r);
$question = $ir['pass_question'];
if (!$db->num_rows($r)) {
echo '<div class=\'error\'>Our records show there is no account with the username: <i>' . $username . '</i>!</div>';
return;
} else {
$surl = '' . $domain . '/index.php?action=forgotpassword&case=question&username='******'';
echo '<form action=\'' . $surl . '\' method=\'post\'>
<table width=\'100%\' border=\'0\' align=\'center\'>
<tr>
<th colspan=\'2\' align=\'center\' class=\'header\'>Forgot Password?</th>
</tr>
<tr>
<td class=\'content\'>' . $question . ':</td>
<td class=\'content\'><input type=\'text\' name=\'answer\' size=\'35\' /></td>
</tr>
<tr>
<td colspan=\'2\' align=\'center\' class=\'content\'><input type=\'submit\' name=\'submit\' value=\'Get new pass!\' /></td>
</tr>
</table>
</form>
';
}
}
}
function username()
{
global $db, $domain, $sitename, $domain, $template, $gamesfolder, $thumbsfolder, $limitboxgames, $seo_on, $blogentriesshown, $enabledcode_on, $comments_on, $directorypath, $autoapprovecomments, $gamesonpage, $abovegames, $belowgames, $showwebsitelimit, $supportemail, $showblog, $blogentriesshown, $blogcharactersshown, $blogcommentpermissions, $blogcommentsshown, $blogfollowtags, $blogcharactersrss, $usrdata, $userid;
$surl = '' . $domain . '/index.php?action=forgotpassword&case=getlink';
echo '<form action=\'' . $surl . '\' method=\'post\'>
<table width=\'100%\' border=\'0\' align=\'center\'>
<tr>
<th colspan=\'2\' align=\'center\' class=\'header\'>Forgot Password?</th>
</tr>
<tr>
<td class=\'content\'>Your username:</td>
<td class=\'content\'><input type=\'text\' name=\'username\' size=\'35\' /></td>
</tr>
<tr>
<td colspan=\'2\' align=\'center\' class=\'content\'><input type=\'submit\' name=\'submit\' value=\'Next\' /></td>
</tr>
</table>
</form>';
}
function getlink()
{
$username = clean($_POST['username']);
echo '<head>
<meta http-equiv="refresh" content=".1; url=index.php?action=forgotpassword&case=question&username='******'">
</head>';
//echo "<center><a href='index.php?action=forgotpassword&case=question&username=$username'><font color='red' size='+3'>----> Next ----></font></a></center>";
}
if (!isset($_GET['case'])) {
$_GET['case'] = NULL;
}
switch ($_GET['case']) {
default:
username();
break;
case 'getlink':
getlink();
break;
case 'question':
question();
break;
}
}
