require $config['BASE_DIR'] . '/classes/validation.class.php'; $filter = new VFilter(); $subject = $filter->get('s', 'STRING', 'GET'); $compose = array('receiver' => '', 'friend' => '', 'subject' => $subject, 'body' => '', 'save_outbox' => 1, 'send_self' => 0); if (isset($query['1']) && $query['1'] != '') { $valid = new VValidation(); if ($valid->usernameExists($query['1'])) { $compose['receiver'] = $query['1']; } } if (isset($_POST['send_mail'])) { $valid = new VValidation(); $receiver = $filter->get('receiver'); $friend = $filter->get('receiver_friend'); $subject = $filter->get('subject'); $body = $filter->process(trim($_POST['body']), array('a'), array('href')); if ($receiver == '') { if ($friend != '') { if (!$valid->usernameExists($friend)) { $errors[] = translate('mail.compose_user_invalid', $config['site_name']); } else { $sql = "SELECT UID FROM signup WHERE username = '******' LIMIT 1"; $rs = $conn->execute($sql); $fuid = intval($rs->fields['UID']); $sql = "SELECT UID FROM friends WHERE UID = " . $uid . " AND FID = " . $fuid . " AND status = 'Confirmed' LIMIT 1"; $conn->execute($sql); if ($conn->Affected_Rows() === 1) { $receiver = $friend; $compose['friend'] = $friend; } else { $errors[] = translate('mail.compose_user_missing', htmlspecialchars($friend, ENT_QUOTES, 'UTF-8'));
<?php defined('_VALID') or die('Restricted Access!'); Auth::checkAdmin(); $player = array('profile' => '', 'autorun' => 'true', 'buffertime' => 5, 'replay' => 1, 'related' => 1, 'related_content' => 'related', 'share' => 1, 'mail' => 1, 'embed' => 1, 'text_adv' => 1, 'text_adv_type' => 'global', 'text_adv_delay' => 5, 'video_adv' => 1, 'video_adv_type' => 'global', 'video_adv_position' => 'b', 'skin' => 'default', 'mail_color' => '0x999999', 'related_color' => '0x999999', 'replay_color' => '0x999999', 'embed_color' => '0x999999', 'copy_color' => '0x999999', 'time_color' => '0x999999', 'share_color' => '0x999999', 'adv_link_color' => '0x999999', 'adv_nav_color' => '0x999999', 'adv_title_color' => '0x999999', 'adv_body_color' => '0x999999'); if (isset($_POST['submit_add'])) { $filter = new VFilter(); $profile = $filter->process($_POST['profile']); $autorun = $filter->process($_POST['autorun']); $buffertime = intval($_POST['buffertime']); $buttons = intval($_POST['buttons']); $replay = intval($_POST['replay']); $related = intval($_POST['related']); $related_content = $filter->process($_POST['related_content']); $share = intval($_POST['share']); $mail = intval($_POST['mail']); $embed = intval($_POST['embed']); $text_adv = intval($_POST['text_adv']); $text_adv_type = $filter->process($_POST['text_adv_type']); $text_adv_delay = intval($_POST['text_adv_delay']); $video_adv = intval($_POST['video_adv']); $video_adv_type = $filter->process($_POST['video_adv_type']); $video_adv_position = $filter->process($_POST['video_adv_position']); $skin = $filter->process($_POST['skin']); $mail_color = $filter->process($_POST['mail_color']); $related_color = $filter->process($_POST['related_color']); $replay_color = $filter->process($_POST['replay_color']); $copy_color = $filter->process($_POST['copy_color']); $embed_color = $filter->process($_POST['embed_color']); $time_color = $filter->process($_POST['time_color']); $share_color = $filter->process($_POST['share_color']);