<?php /* --- inicializace jadra --- */ require '../require/load.php'; SL::init('../'); if (_ratemode == 0) { exit; } /* --- hodnoceni --- */ // nacteni promennych _checkKeys('_POST', array('id')); $id = intval($_POST['id']); $article_exists = false; // kontrola promennych a pristupu $continue = false; $query = DB::query("SELECT art.id,art.title_seo,art.time,art.confirmed,art.public,art.home1,art.home2,art.home3,art.rateon,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE art.id=" . $id); if (DB::size($query) != 0) { $article_exists = true; $query = DB::row($query); if (isset($_POST['r'])) { $r = round($_POST['r'] / 10) * 10; if (_iplogCheck(3, $id) and _xsrfCheck() and $query['rateon'] == 1 and _articleAccess($query) == 1 and $r <= 100 and $r >= 0) { $continue = true; } } } // zapocteni hodnoceni if ($continue) { DB::query("UPDATE `" . _mysql_prefix . "-articles` SET ratenum=ratenum+1,ratesum=ratesum+" . $r . " WHERE id=" . $id); _iplogUpdate(3, $id); }
<?php /* --- incializace jadra --- */ require './require/load.php'; SL::init('./'); /* --- zpracovani --- */ _checkKeys('_POST', array('content')); echo _parsePost(_htmlStr(strval($_POST['content'])));
<?php /* --- incializace jadra --- */ require '../require/load.php'; define('_session_regenerate', true); SL::init('../'); /* --- prihlaseni --- */ _checkKeys('_POST', array('form_url')); if (!isset($_POST['username'])) { $_POST['username'] = ''; } if (!isset($_POST['password'])) { $_POST['password'] = ''; } $result = 0; $username = ""; $ipbound = isset($_POST['ipbound']); if (!_loginindicator) { if (_xsrfCheck()) { if (_iplogCheck(1)) { // nacteni promennych $username = DB::esc($_POST['username']); $email = strpos($_POST['username'], '@') !== false; $password = $_POST['password']; $persistent = _checkboxLoad('persistent'); // nalezeni uzivatele $query = DB::query("SELECT * FROM `" . _mysql_prefix . "-users` WHERE `" . ($email ? 'email' : 'username') . "`='" . $username . "'" . (!$email && $username !== '' ? ' OR publicname=\'' . $username . '\'' : '')); if (DB::size($query) != 0) { $query = DB::row($query); if (empty($username)) { $username = $query['username'];
<?php /* --- incializace jadra --- */ require '../require/load.php'; define('_header', ''); SL::init('../'); if (!_rss) { exit; } /* --- priprava promennych --- */ $continue = false; _checkKeys('_GET', array('tp', 'id')); $type = intval($_GET['tp']); $id = intval($_GET['id']); // cast sql dotazu - verejnost if (!_loginindicator) { if (!_notpublicsite) { $public = " AND public=1"; } else { exit; } } else { $public = ""; } // nastaveni titulku, typu, casti sql... $donottestsource = false; $homelimit = " home=" . $id; $pagetitle_column = "title"; $custom_cond = true; switch ($type) { // komentare v sekci a prispevky v knize
$author = -1; } // typ, domov, text $posttarget = intval($_POST['_posttarget']); $posttype = intval($_POST['_posttype']); $text = DB::esc(_htmlStr(_wsTrim(_cutStr($_POST['text'], $posttype != 4 ? 16384 : 255, false)))); // domovsky prispevek if ($posttype != 4) { _checkKeys('_POST', array('_xhome')); $xhome = intval($_POST['_xhome']); } else { $xhome = -1; } // predmet if ($xhome == -1 and $posttype != 4) { _checkKeys('_POST', array('subject')); $subject = DB::esc(_htmlStr(_wsTrim(_cutStr($_POST['subject'], $posttype == 5 ? 48 : 22, false)))); } else { $subject = ""; } // plugin flag if ($posttype == 8) { if (!isset($_POST['_pluginflag'])) { die; } $pluginflag = intval($_POST['_pluginflag']); } else { $pluginflag = 0; } // vyplneni prazdnych poli if ($subject == "" and $xhome == -1 and $posttype != 4) {
<?php /* --- inicializace jadra --- */ require '../../require/load.php'; require_once '../../admin/functions-backup.php'; define('_header', ''); SL::init('../../'); // podminka spusteni if (!_loginright_adminbackup || !_xsrfCheck()) { exit; } // nacteni parametru _checkKeys('_POST', array('type', 'fname', 'compress')); $type = intval($_POST['type']); $fname = basename(trim($_POST['fname'])); if (empty($fname)) { $fname = 'backup'; } $compress = intval($_POST['compress']); $extra_dirs = null; if (in_array($type, array(_backup_partial, _backup_full)) && isset($_POST['dir_upload'])) { $extra_dirs = array('upload'); } // ulozeni na serveru? if ($store = isset($_POST['target_store'])) { // uplnou zalohu nelze ulozit if ($type === _backup_full) { die; } // zpracovat nazev souboru a otevrit $type_ext = _backupExt($type);