static function news_feed() { $p = plugins::getinst(); header("Content-type: text/xml"); echo "<?xml version=\"1.0\"?>"; echo "<rss version=\"2.0\">"; echo "<channel>"; echo "<title>News di OpenGdr </title>"; echo "<link>http://mtgforum.altervista.org/</link>"; echo "<description>News di opengdr</description>"; echo "<copyright>Copyright 2009 Bacis Marco </copyright>\n"; echo "<docs>http://blogs.law.harvard.edu/tech/rss</docs>\n"; echo "<managingEditor>" . config::email . "</managingEditor>\n"; echo "<webMaster>" . config::email . "</webMaster>\n"; echo "<language>IT-it</language>\n"; $newss = $p->d->getresults('SELECT * FROM news ORDER BY id DESC;'); foreach ($newss as $news) { $data = explode(' ', $news->date); $data = $data[0]; $text = stripslashes(htmlentities(substr($news->text, 0, 50))); $text = str_replace('<', '', $text); $text = str_replace('>', '', $text); echo "<item>\r\n\t\t<title>Aggiornamento del " . $data . "</title>\r\n\t\t<pubDate>" . $news->date . "</pubDate>\r\n\t\t<link>http://mtgforum.altervista.org/</link>\r\n\t\t<description>" . $text . "...</description>\r\n\t\t</item>\n"; } echo "</channel></rss>"; }
static function mod_pg($pg) { $p = plugins::getinst(); $user = $p->d->getrow('SELECT * FROM users WHERE name="' . $pg . '";'); if ($user->account_id == $_SESSION['datiaccount']['id']) { $t = new template('template/mod_pg.tpl'); $t->assign_var('PG_NAME', $pg); if ($_POST) { $query = 'UPDATE users SET description="' . $_POST['desc'] . '",image="' . $_POST['image'] . '" WHERE name="' . $pg . '";'; $upd = $p->d->query($query); if (!$upd) { $t->start_block('mod_failed'); $t->end_block('mod_failed'); } else { $t->start_block('mod_success'); $t->end_block('mod_success'); } } else { $t->start_block('mod_failed'); $t->end_block('mod_failed'); } $p->action('mod_pg'); $t->out(); } }
static function guestbook_page() { $p = plugins::getinst(); $t = new template('template/guestbook.tpl'); //Eseguo l'azione "guestbook_page" $p->action('guestbook_page'); //Se il messaggio non è vuoto if (!empty($_POST['message'])) { //Variabili $username = mysql_real_escape_string(htmlentities($_POST['username'])); $text = mysql_real_escape_string(htmlentities($_POST['message'])); //Imposto un filtro sul messaggio $text = $p->filter('guestbook_message_send', $text); //Eseguo la query e ne controllo l'esito $query = 'INSERT INTO guestbook SET username="******",text="' . $text . '",time=NOW();'; if ($p->d->query($query)) { $t->block_null('new_success'); } } //Eseguo la query per selezionare tutti i messaggi $select = 'SELECT * FROM guestbook ORDER BY time DESC;'; $messaggi = $p->d->getresults($select); //Aggiungo i messaggi al template foreach ($messaggi as $m) { $t->block_assign('message', array('USERNAME' => $m->username, 'MESSAGE' => $m->text)); } $t->out(); }
static function master_adm_page() { global $t; $p = plugins::getinst(); //controllo che l'utente sia master control_access(MASTER_ACCESS) != 1 ? header('Location: ../logout') : NULL; $t = new template('template/master.tpl'); //eseguo l'azione master_menu $p->action('master_menu'); @$t->out(); }
function online() { $p = plugins::getinst(); $t = new template('template/online.tpl'); //seleziono distintamente le stanze dove si trovano i pg $stanze = $p->d->getresults('SELECT DISTINCT chat_name,chat_id FROM sessioni GROUP BY chat_id ASC;'); //per ogni stanza aggiungo al template i pg presenti for ($i = 0; $i < count($stanze); $i++) { $chat = $stanze[$i]; $t->start_block('online_chat'); $t->assign_block_vars(array('CHAT_ID' => $chat->chat_id, 'CHAT_NAME' => $chat->chat_name)); $users = $p->d->getcol('SELECT pg_id FROM sessioni WHERE chat_id="' . $chat->chat_id . '";'); foreach ($users as $user) { $username = $p->d->getvar('SELECT name FROM users WHERE id="' . $user . '";'); $t->start_block('online_row'); $t->assign_block_var('USERNAME', $username); $t->end_block('online_row'); } $t->end_block('online_chat'); } @$t->out(); }
static function password_rec() { $p = plugins::getinst(); $t = new template('template/rec_password.tpl'); //se è stata scritta in POST l'email if ($_POST['mail']) { $mail = mysql_real_escape_string($_POST['mail']); //controllo che si trovi nel database $user = $p->d->getrow('SELECT * FROM accounts WHERE email="' . $mail . '";'); if ($user) { //creo la nuova password $lettere = array('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '$', '£'); for ($i = 0; $i < 8; $i++) { $password .= $lettere[rand(0, 65)]; } $to = $user->email; $object = "Recupero password di " . $user->username . " su " . config::game_name . " ."; $text = 'Questa mail ti é stata inviata perché hai richiesto il recupero della tua password per il login al gioco. <br/><br/>Username:'******'<br/>Password Nuova:' . htmlentities($password) . '<br/> Ti ricordiamo di cambiarla ogni 6 mesi e di usare caratteri alfanumerici, maiuscole e segni in modo da renderla più sicura.'; $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; $headers .= 'To:' . $user->username . '<"' . $user->email . '">' . "\r\n"; $headers .= 'From: ' . config::game_name . '' . "\r\n"; if (!mail($to, $object, $text, $headers)) { $t->block_null('rec_password_failed'); } else { $t->block_null('rec_password_success'); $p->d->query('UPDATE accounts SET password="******" WHERE id="' . $user->id . '";'); } } else { $t->block_null('rec_password_failed'); } } else { $t->block_null('rec_password_form'); } $t->out(); }
static function account_edit($what = NULL, $pg_id = NULL) { $p = plugins::getinst(); if ($what != NULL && $_REQUEST['value'] != NULL && $pg_id != NULL) { $new = mysql_real_escape_string($_REQUEST['value']); $user = $p->d->getrow('SELECT * FROM users WHERE id="' . $pg_id . '";'); if ($user->account_id == $_SESSION['datiaccount']['id']) { switch ($what) { case 'surname': $p->d->query('UPDATE users SET surname="' . $new . '" WHERE id="' . $pg_id . '";') or die('modifica non effettuata!'); break; case 'description': $p->d->query('UPDATE users SET description="' . nl2br(htmlspecialchars($new)) . '" WHERE id="' . $pg_id . '";') or die('modifica non effettuata!'); break; default: break; } } echo $new; } }
static function mp_view($id = 0) { global $t; $p = plugins::getinst(); $t = new template('template/mp_view.tpl'); $mess = $p->d->getrow('SELECT * FROM messaggi WHERE id="' . $id . '" AND (mittente="' . $_SESSION['datiuser']['id'] . '" OR dest="' . $_SESSION['datiuser']['id'] . '");'); if (!$mess) { $t->to_comp['if_message_dont_exist'][0] = array(); $p->action('mp_view_error'); } else { $t->to_comp['if_message_exist'][0] = array(); $t->assign_vars(array('TIME' => $mess->time, 'FROM' => $p->d->getvar('SELECT name FROM users WHERE id="' . $mess->mittente . '";'), 'TO' => $p->d->getvar('SELECT name FROM users WHERE id="' . $mess->dest . '";'), 'TEXT' => stripslashes($mess->text))); if ($mess->dest == $_SESSION['datiuser']['id']) { $t->to_comp['if_message_exist'][0]['if_message_arrived'][0] = array(); $p->d->query('UPDATE messaggi SET letto=1 WHERE id="' . $mess->id . '";'); } $p->action('mp_view'); } @$t->out(); }
static function chat_add() { global $t; $p = plugins::getinst(); $t = new template('template/new_chat.tpl'); $access = control_access(ADMIN_ACCESS); if (!$access) { $t->to_comp['not_admin'][] = array(); $t->out(); exit; } $name = mysql_real_escape_string($_POST['name']); $img = mysql_real_escape_string($_POST['img']); $desc = mysql_real_escape_string($_POST['desc']); $query = 'INSERT INTO stanze SET name="' . $name . '",image="' . $img . '",description="' . $desc . '";'; $new = $p->d->query($query); if (!$new) { $t->to_comp['is_admin'][0]['new_failed'][] = array(); } else { $t->to_comp['is_admin'][0]['new_success'][] = array(); } $p->action('chat_new'); $t->out(); }
static function edit_post($forum_id = 0, $id = 0) { $p = plugins::getinst(); if ($id != 0) { $t = new template('template/forum_message.tpl'); $t->assign_var('FORUM_ID', $forum_id); //controllo se la bacheca è riservata al master e in caso controllo che l'utente lo sia if ($p->d->getvar('SELECT master FROM forums WHERE id="' . $forum_id . '";') == 1 && control_access(MASTER_ACCESS) != 1) { $t->start_block('access_denied'); $t->end_block('access_denied'); } else { $post = $p->d->getrow('SELECT * FROM posts WHERE id="' . $id . '"'); if (!$_POST) { $t->start_block('message_form'); if ($post->title != NULL && $post->topic_id == 0) { $t->block_assign('is_topic', 'TOPIC_TITLE', $post->title); } $t->assign_block_var('TEXT', $post->text); $t->assign_block_var('SUBMIT_TEXT', 'modifica messaggio'); $t->assign_block_var('ACTION', '{ROOT}/plugins.php/edit_post/' . $forum_id . '/' . $id); $t->end_block('message_form'); } else { if (isset($_POST['title'])) { $title = mysql_real_escape_string(htmlentities($_POST['title'])); } else { $title = $post->title; } $text = $p->filter('topic_message_edited', mysql_real_escape_string(htmlentities($_POST['text']))); $query = 'UPDATE posts SET title="' . $title . '",text="' . $text . '" WHERE id="' . $id . '"'; $res = $p->d->query($query); if ($res > 0) { $t->block_assign('success', 'TEXT_SUCCESS', 'Messaggio modificato!'); } else { $t->block_assign('failed', 'TEXT_FAILED', 'Messaggio NON modificato: ' . mysql_error()); } } } $t->out(); } }
the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ session_start(); include 'class.db.php'; include 'config.php'; include 'functions.php'; include 'class.template.php'; include 'class.plugins.php'; //Istanzio le classi $d = new db(config::db_user, config::db_password, config::db_host, config::db_name); $t = new template('template/index_body.tpl'); $p = plugins::getinst(); function __autoload($name) { global $d; $plugin_file = $d->getvar('SELECT file FROM plugins WHERE name="' . $name . '" AND active=1;'); include_once $plugin_file . '.php'; } //Eseguo l'azione "index" $p->action('index'); //Visualizzo l'output del template $t->out();
static function send_chat($time = 0) { $p = plugins::getinst(); if ($_POST) { $text = $p->filter('chat_message_send', mysql_real_escape_string(htmlspecialchars($_POST['text']))); $query = 'INSERT INTO messaggi_chat SET user="******",text="' . $text . '",time="' . $time . '",chat_id="' . $_SESSION['stanza'] . '";'; $p->d->query($query); } }
static function logout() { $p = plugins::getinst(); $t = new template('template/logout.tpl'); //Elimino l'utente dalle sessioni $query = 'DELETE FROM sessioni WHERE session_id="' . session_id() . '";'; $p->d->query($query); //Elimino le variabili di sessione resettando $_SESSION $_SESSION = array(); $t->start_block('logout'); //Eseguo l'azione "logout" $p->action('logout'); $t->end_block('logout'); $t->out(); }