Пример #1
0
function charge($out)
{
    global $total_college;
    $f = $out['face'][0]['attribute'];
    $total = $f['age']['value'] + getInt($f['gender']['confidence']) + getInt($f['glass']['confidence']) + getInt($f['race']['confidence']) + getInt($f['smiling']['value']);
    return $total % $total_college;
}
Пример #2
0
 /**
  * Удаление товара из корзины
  */
 public function removeAction()
 {
     if (!isset($_POST['id']) || !isset($_POST['type'])) {
         $this->errorAction(1001, 'Custom system error', ['postArgument' => 'noPostArgument']);
     }
     $id = getInt($_POST['id']);
     $type = htmlspecialchars(trim($_POST['type']));
     if (empty($id)) {
         $this->errorAction(1001);
     }
     $cart = new ModelCart();
     $cart->remove($id, $type);
     $summ = $cart->getCostItems();
     $count = $cart->getCountItems();
     $this->addData(['succes' => 'Ok', 'count' => $count, 'summ' => $summ]);
     $this->successAction();
 }
Пример #3
0
     if ($showid != '') {
         $showid = trim(preg_replace("/[^a-zA-Z0-9_]/", "", $showid));
         $max_results = getInt('max-results', 10);
         $start_index = getInt('start-index', 1);
         $arr = getYoutubeSeasonsByShowID($showid, $max_results, $start_index);
         echo json_encode($arr);
     } else {
         echo 'owner parameter not set';
     }
     break;
 case 'getyoutubeshowownershows':
     $link = getCmd('link', '');
     if ($link) {
         $u = getYoutubeGalleryShowOwner($link);
         $max_results = getInt('max-results', 10);
         $start_index = getInt('start-index', 1);
         $ua = json_decode($u);
         if ($ua == false) {
             echo $ua;
         }
         $arr = getYoutubeShowsByUser($ua->username, $max_results, $start_index);
         print_r($arr);
     } else {
         echo 'link parameter not set';
     }
     break;
 case '':
     echo '<html><body></body></html>';
     break;
 default:
     echo 'unknown task';
Пример #4
0
if ($userinfo['user_group'] > $forum_postgroup) {
    require_once ABSOLUTE_BASEPATH . '/header.' . PHPEXT;
    notification($_LANG['insufficient_privileges'], $_SERVER['HTTP_REFERER'], 3);
    die;
}
$res = $db->query('select topic_disabled from ' . $_CONF['dbprefix'] . 'topics ' . "where topic_id='{$id}'");
$db->freeResult();
$topic_disabled = getInt($res[0]['topic_disabled']);
unset($res);
if ($topic_disabled) {
    require_once ABSOLUTE_BASEPATH . '/header.' . PHPEXT;
    notification($_LANG['topic_disabled'], $_SERVER['HTTP_REFERER'], 3);
    die;
}
$db->query('insert into ' . $_CONF['dbprefix'] . 'posts(topic_id, forum_id, poster_id, ' . 'post_time, post_content, poster_ip, poster_so, poster_browser) ' . "values('{$topic_id}', '{$forum_id}', '{$user_id}', " . time() . ", '{$content}', '{$ip}', '{$so}', '{$browser}')");
$res = $db->query('select count(*) as numposts from ' . $_CONF['dbprefix'] . "posts where topic_id='" . $topic_id . "'");
$numPosts = getInt($res[0]['numposts']);
$res = $db->query('select post_id as maxpost from ' . $_CONF['dbprefix'] . 'posts where ' . "topic_id='{$topic_id}' order by post_id desc limit 1");
$maxPost = getInt($res[0]['maxpost']);
unset($res);
$db->freeResult();
$db->close();
if ($numPosts >= 10) {
    $lastPage = (int) (($numPosts - 1) / 10) + 1;
    header('Location: ' . BASEDIR . "topic/{$topic_id}/{$lastPage}#{$maxPost}");
} else {
    header('Location: ' . BASEDIR . "topic/{$topic_id}/1#{$maxPost}");
}
?>

Пример #5
0
     if ($ext == 'jpg') {
         $ext = 'jpeg';
     }
     $ascii = img2ascii($_FILES['avatarfile']['tmp_name'], $ext);
     if (!empty($ascii)) {
         $db->query('update ' . $_CONF['dbprefix'] . "users set user_avatar='" . sanitizeQuery($ascii) . "' " . "where user_id='" . getInt($uid) . "'");
     }
 }
 if (isset($_POST['removeavatar'])) {
     $db->query('update ' . $_CONF['dbprefix'] . "users set user_avatar=null where user_id=" . getInt($uid));
 }
 if (isset($_POST['removeuser'])) {
     $db->query('delete from ' . $_CONF['dbprefix'] . 'users where user_id=' . $uid);
 }
 if ($_POST['userlev'] != $results['user_group']) {
     $db->query('update ' . $_CONF['dbprefix'] . "users set user_group=" . getInt($_POST['userlev']) . ' where user_id=' . $uid);
 }
 if (isset($_POST['ban'])) {
     switch ($_POST['ban']) {
         case 'ban':
             if (!$results['user_disabled']) {
                 $db->query('update ' . $_CONF['dbprefix'] . 'users set user_disabled=1 where user_id=' . $uid);
             }
             break;
         case 'unban':
             if ($results['user_disabled']) {
                 $db->query('update ' . $_CONF['dbprefix'] . 'users set user_disabled=0 where user_id=' . $uid);
             }
             break;
     }
 }
Пример #6
0
        }
    }
    $smarty->assign('lang', $_LANG);
    $smarty->assign('info', $info);
    $smarty->assign('ur_here', $view ? $_LANG['ur_view'] : $_LANG['ur_install']);
    $smarty->assign('action_link', array('href' => 'website.php?act=list', 'text' => $_LANG['webstte_list']));
    $smarty->assign('type', $type);
    $smarty->assign('act', $view ? 'update_website' : 'query_install');
    assign_query_info();
    $smarty->display('website_install.htm');
} elseif ($_REQUEST['act'] == 'query_install' || $_REQUEST['act'] == 'update_website') {
    $type = getChar('type');
    //$app_key = getChar('app_key');
    //$app_secret = getChar('app_secret');
    $rank_name = getChar('rank_name');
    $rank_id = getInt('rank_id');
    $query = $_REQUEST['act'] == 'query_install';
    $olb_rank_name = getChar('olb_rank_name');
    if ($query || !$rank_id) {
        $sql = 'INSERT INTO ' . $ecs->table('user_rank') . '(`rank_name` , `discount` , `special_rank`,`show_price`) VALUES' . "('{$rank_name}' , '100' , '1','0')";
        $db->query($sql);
        $rank_id = $db->insert_id();
    } else {
        if ($rank_name != $olb_rank_name && $rank_id) {
            $sql = 'UPDATE ' . $ecs->table('user_rank') . ' SET `rank_name` = ' . "'{$rank_name}' WHERE `rank_id`='{$rank_id}'";
            $db->query($sql);
        }
    }
    $commnet = '<?php ' . "\r\n // 第三方插件登录信息---------------------\r\n" . "define('RANK_ID' , '{$rank_id}'); \r\n";
    foreach ($_POST['jntoo'] as $key => $val) {
        $commnet .= "define('{$key}' , '{$val}'); \r\n";
Пример #7
0
/**
 * process_post_data()
 *
 * Function to process the form posted
 */
function process_post_data()
{
    global $CONFIG;
    global $user_albums_list, $lang_errors;
    $superCage = Inspekt::makeSuperCage();
    $user_album_set = array();
    foreach ($user_albums_list as $album) {
        $user_album_set[$album['aid']] = 1;
    }
    $pid = $superCage->post->getInt('pid');
    if (!is_array($pid)) {
        cpg_die(CRITICAL_ERROR, $lang_errors['param_missing'], __FILE__, __LINE__);
    }
    $pid_array = $pid;
    if ($superCage->post->keyExists('galleryicon')) {
        $galleryincon = $superCage->post->getInt('galleyicon');
    } else {
        $galleryicon = '';
    }
    foreach ($pid_array as $pid) {
        $aid = $superCage->post->getInt("aid{$pid}");
        $title = get_post_var('title', $pid);
        $caption = get_post_var('caption', $pid);
        $keywords = get_post_var('keywords', $pid);
        $user1 = get_post_var('user1', $pid);
        $user2 = get_post_var('user2', $pid);
        $user3 = get_post_var('user3', $pid);
        $user4 = get_post_var('user4', $pid);
        $delete = false;
        $reset_vcount = false;
        $reset_votes = false;
        $del_comments = false;
        $isgalleryicon = $galleryicon === $pid;
        if ($superCage->post->keyExists('delete' . $pid)) {
            $delete = $superCage->post->getInt('delete' . $pid);
        }
        if ($superCage->post->keyExists('reset_vcount' . $pid)) {
            $reset_vcount = $superCage->post - getInt('reset_vcount' . $pid);
        }
        if ($superCage->post->keyExists('reset_votes' . $pid)) {
            $reset_votes = $superCage->post->getInt('reset_votes' . $pid);
        }
        if ($superCage->post->keyExists('del_comments' . $pid)) {
            $del_comments = $superCage->post->getInt('del_comments' . $pid) || $delete;
        }
        // OVI
        //$query = "SELECT category, filepath, filename, owner_id FROM {$CONFIG['TABLE_PICTURES']}, {$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND pid='$pid'";
        $query = "SELECT {$CONFIG['TABLE_PICTURES']}.aid, category, filepath, filename, owner_id, total_filesize FROM {$CONFIG['TABLE_PICTURES']}, {$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND pid='{$pid}'";
        $result = cpg_db_query($query);
        if (!mysql_num_rows($result)) {
            cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
        }
        $pic = mysql_fetch_array($result);
        mysql_free_result($result);
        if (!GALLERY_ADMIN_MODE && !MODERATOR_MODE && !USER_ADMIN_MODE && !user_is_allowed() && !$CONFIG['users_can_edit_pics']) {
            if ($pic['category'] != FIRST_USER_CAT + USER_ID) {
                cpg_die(ERROR, $lang_errors['perm_denied'] . "<br />(picture category = {$pic['category']}/ {$pid})", __FILE__, __LINE__);
            }
            if (!isset($user_album_set[$aid])) {
                cpg_die(ERROR, $lang_errors['perm_denied'] . "<br />(target album = {$aid})", __FILE__, __LINE__);
            }
        }
        $update = "aid = '{$aid}'";
        $update .= ", title = '{$title}'";
        $update .= ", caption = '{$caption}'";
        $update .= ", keywords = '{$keywords}'";
        $update .= ", user1 = '{$user1}'";
        $update .= ", user2 = '{$user2}'";
        $update .= ", user3 = '{$user3}'";
        $update .= ", user4 = '{$user4}'";
        if ($isgalleryicon && $pic['category'] > FIRST_USER_CAT) {
            $sql = 'UPDATE ' . $CONFIG['TABLE_PICTURES'] . ' SET galleryicon=0 WHERE owner_id=' . $pic['owner_id'] . ';';
            cpg_db_query($sql);
            $update .= ", galleryicon = " . addslashes($galleryicon);
        }
        if (is_movie($pic['filename'])) {
            $pwidth = $superCage->post->getInt('pwidth' . $pid);
            $pheight = $superCage->post->getInt('pheight' . $pid);
            $update .= ", pwidth = " . $pwidth;
            $update .= ", pheight = " . $pheight;
        }
        if ($reset_vcount) {
            $update .= ", hits = '0'";
            resetDetailHits($pid);
        }
        if ($reset_votes) {
            $update .= ", pic_rating = '0', votes = '0'";
            resetDetailVotes($pid);
        }
        if (GALLERY_ADMIN_MODE || UPLOAD_APPROVAL_MODE || MODERATOR_MODE) {
            if ($superCage->post->keyExists('approved' . $pid)) {
                $approved = $superCage->post->getAlpha('approved' . $pid);
            }
            if ($approved) {
                $update .= ", approved = 'YES'";
            } else {
                $update .= ", approved = 'NO'";
            }
        }
        if ($del_comments) {
            $query = "DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}'";
            $result = cpg_db_query($query);
        }
        if ($delete) {
            $dir = $CONFIG['fullpath'] . $pic['filepath'];
            $file = $pic['filename'];
            if (!is_writable($dir)) {
                cpg_die(CRITICAL_ERROR, sprintf($lang_errors['directory_ro'], $dir), __FILE__, __LINE__);
            }
            ///////// OVI
            $picture_id = $pid;
            $owner_id = $pic['owner_id'];
            $imageContainer = new FileContainer($picture_id, $owner_id);
            $imageContainer->original_path = $dir . $file;
            // check
            $imageContainer->total_filesize = $pic['total_filesize'];
            ///////// OVI
            /* // OVI
                        $files = array ($dir . $file, $dir . $CONFIG['normal_pfx'] . $file, $dir . $CONFIG['orig_pfx'] . $file, $dir . $CONFIG['thumb_pfx'] . $file);
                        foreach ($files as $currFile){
                                if (is_file($currFile)) @unlink($currFile);
                        }
            			*/
            ///////// OVI
            $files = array($dir . $file, $dir . $CONFIG['normal_pfx'] . $file, $dir . $CONFIG['orig_pfx'] . $file, $dir . $CONFIG['thumb_pfx'] . $file);
            foreach ($files as $currFile) {
                if ($currFile != $dir . $file) {
                    $imageContainer->thumb_paths[] = $currFile;
                }
                if (is_file($currFile)) {
                    @unlink($currFile);
                }
            }
            ///////// OVI
            ///// OVI
            global $storage;
            $storage->delete_file($imageContainer);
            ///// OVI
            $query = "DELETE FROM {$CONFIG['TABLE_PICTURES']} WHERE pid='{$pid}' LIMIT 1";
            $result = cpg_db_query($query);
        } else {
            $query = "UPDATE {$CONFIG['TABLE_PICTURES']} SET {$update} WHERE pid='{$pid}' LIMIT 1";
            $result = cpg_db_query($query);
        }
    }
}
Пример #8
0
</a>
	<?php 
    $replies = $db->query('select topic_replies from ' . $_CONF['dbprefix'] . 'topics where ' . "topic_id = '" . getInt($row['topic_id']) . "'");
    $db->freeResult();
    $replies = getInt($replies[0]['topic_replies']) - 1;
    if ($replies >= 10) {
        print ' [ ';
        $pages = (int) ($replies / 10) + 1;
        for ($i = 1; $i <= $pages; $i++) {
            print '<a href="' . BASEDIR . 'topic/' . getInt($row['topic_id']) . '/' . $i . '">' . $i . '</a> ';
        }
        print ']';
    }
    $author = $db->query('select user_id, username from ' . $_CONF['dbprefix'] . 'users u join ' . $_CONF['dbprefix'] . 'topics t on u.user_id=t.topic_poster ' . "where t.topic_id='" . getInt($row['topic_id']) . "'");
    $db->freeResult();
    $user_id = getInt($author[0]['user_id']);
    $user_author = sanitizeHTML($author[0]['username']);
    print "<br>\n -> " . $_LANG['posted_by'] . ' <a href="' . BASEDIR . 'user/' . $user_id . '">' . $user_author . '</a>';
    ?>
		
	</td>
	<td class="newposts"><?php 
    print $_LANG['latest_post'] . ': ';
    ?>
<a href="<?php 
    print BASEDIR;
    ?>
user/<?php 
    print intval($row['poster_id']);
    ?>
"><?php 
Пример #9
0
    $res = $db->query('select forum_postgroup from ' . $_CONF['dbprefix'] . 'forums ' . "where forum_id='" . $forum_id . "'");
    $db->freeResult();
    $forum_postgroup = getInt($res[0]['forum_postgroup']);
    $res = $db->query('select topic_disabled from ' . $_CONF['dbprefix'] . 'topics ' . "where topic_id='{$id}'");
    $db->freeResult();
    $topic_disabled = getInt($res[0]['topic_disabled']);
    $topic_sticked = getInt($res[0]['topic_sticked']);
    unset($res);
    if ($userinfo['user_group'] <= USERLEV_MOD) {
        ?>
		<center><select name="modActions" style="font-size: 10px" onChange='modActions ("<?php 
        print BASEDIR;
        ?>
",
				<?php 
        print getInt($row['topic_id']);
        ?>
, this.value)'>
			<option value="none">-- <?php 
        print $_LANG['mod_actions'];
        ?>
</option>
			<option value="remove"><?php 
        print $_LANG['remove'];
        ?>
</option>
			
			<?php 
        if (!$topic_disabled) {
            ?>
 <option value="lock"><?php 
Пример #10
0
     die(json_encode($_RESULT));
     break;
 case 'add':
     $path_id = isset(MSCore::urls()->vars[2]) ? (int) MSCore::urls()->vars[2] : 0;
     $page = isset(MSCore::urls()->vars[3]) ? (int) MSCore::urls()->vars[3] : 0;
     $new_item_id = isset(MSCore::urls()->vars[4]) ? (int) MSCore::urls()->vars[4] : 0;
     /* ACTION */
     $OUT_CONFIG = $CONFIG;
     $CONFIG = $Tape->generateConfigValues($new_item_id);
     if (isset($_REQUEST['conf'])) {
         //защита от дублирования поля code {start}
         if (!empty($_REQUEST['conf'][1]['code'])) {
             $id = !empty($_REQUEST['id']) ? $_REQUEST['id'] : 0;
             $tableName = $CONFIG['tables']['items']['db_name'];
             $codeItem = $_REQUEST['conf'][1]['code'];
             if (MSCore::db()->getOne('SELECT `id` FROM `' . PRFX . $tableName . '` WHERE' . ($id != 0 ? ' `id`!=' . $id . ' AND' : '') . ' `path_id` = "' . getInt($path_id) . '" AND `code` = "' . MSCore::db()->pre($codeItem) . '"')) {
                 $_REQUEST['conf'][1]['code'] = $codeItem . '-' . date('dHis');
             }
         }
         //защита от дублирования поля code {end}
         if ($inserted_id = $Tape->saveItem(false)) {
             $vars = $Tape->generateVars();
             $vars['apply'] = isset(MSCore::urls()->vars[5]) && MSCore::urls()->vars[5] > 0 ? 1 : 0;
             $inserted_id = '<input id="inserted_id" type="hidden" value="' . $inserted_id . '" name="id"/>';
             $_RESULT = array('content' => array(template('moduleTape/fast', $vars), $inserted_id));
             die(json_encode($_RESULT));
         } else {
             echo '<i style="display:none">Fatal error: </i>Введенный "Символьный код" уже занят';
             /**
              * TODO: Сейчас на все ошибки одна причина, исправить :)
              */
Пример #11
0
<?php

function getInt()
{
    return (int) +trim(fgets(STDIN));
}
$l = getInt();
$t = getInt();
while ($t-- > 0) {
    $arr = explode(' ', trim(fgets(STDIN)));
    if ($arr[0] < $l or $arr[1] < $l) {
        echo "UPLOAD ANOTHER\n";
    } elseif ($arr[0] == $arr[1]) {
        echo "ACCEPTED\n";
    } else {
        echo "CROP IT\n";
    }
}
Пример #12
0
    if (!$session->logged) {
        require_once ABSOLUTE_BASEPATH . '/header.' . PHPEXT;
        notification($_LANG['insufficient_privileges'], $_SERVER['HTTP_REFERER'], 3);
        die;
    }
    $db = new nullBB_Database($_CONF, $_LANG);
    $post_id = getInt($_GET['post_id']);
    $res = $db->query('select poster_id from ' . $_CONF['dbprefix'] . 'posts where post_id=' . $post_id);
    $db->freeResult();
    $poster_id = getInt($res[0]['poster_id']);
    if ($userinfo['user_group'] > USERLEV_MOD && $userinfo['user_id'] != $poster_id) {
        require_once ABSOLUTE_BASEPATH . '/header.' . PHPEXT;
        notification($_LANG['insufficient_privileges'], $_SERVER['HTTP_REFERER'], 3);
        die;
    }
    $res = $db->query('select poster_ip from ' . $_CONF['dbprefix'] . 'posts where post_id=' . $post_id);
    $db->freeResult();
    $addr = sanitizeHTML($res[0]['poster_ip']);
    print $addr;
    unset($res);
    exit(0);
}
$db = new nullBB_Database($_CONF, $_LANG);
$res = $db->query('select post_content from ' . $_CONF['dbprefix'] . 'posts ' . "where post_id='" . getInt($_GET['post_id']) . "'");
$db->freeResult();
print htmlspecialchars($res[0]['post_content']);
unset($res);
$db->close();
?>

Пример #13
0
$town = getString("town", null);
$order = getString("order", "default");
$zoom = getString("zoom", null);
$layout = getString("layout", "default");
$caption = getString("caption", $words["key"]);
$groupby = getString("groupby", "player");
$colby = getString("colby", $groupby);
$lines = getBool("lines");
$casen = getBool("casen");
$azoom = getBool("azoom");
$nocache = getBool("nocache");
$dotsize = getFloat("dotsize", 1);
$maxdist = getInt("maxdist", null);
$mindist = getInt("mindist", null);
$maxpop = getInt("maxpop", null);
$minpop = getInt("minpop", null);
$table = preg_replace("/[^a-zA-Z0-9]/", "_", $server);
$s_server = sql_escape_string($server);
$server_info = sql_fetch_row(sql_query("SELECT * FROM servers WHERE name='{$s_server}'"));
// }}}
// figure out where we are {{{
if ($layout == "spread") {
    $cx = 768 / 2;
    $cy = 256;
} else {
    $cx = 256;
    $cy = 256;
}
// }}}
/* figure out where to focus {{{
 *
Пример #14
0
        die;
    }
    $db->query('delete from ' . $_CONF['dbprefix'] . 'privmsgs where privmsg_id=' . getInt($_GET['msg_id']) . ' ' . 'and privmsg_to=' . getInt($userinfo['user_id']));
    require_once ABSOLUTE_BASEPATH . '/header.' . PHPEXT;
    notification($_LANG['delete_privmsg_ok'], $_SERVER['HTTP_REFERER'], 3);
    die;
}
$db = new nullBB_Database($_CONF, $_LANG);
$res = $db->query('select * from ' . $_CONF['dbprefix'] . 'privmsgs ' . "where privmsg_id=" . getInt($_GET['msg_id']) . " and privmsg_to=" . getInt($userinfo['user_id']));
$db->freeResult();
if (empty($res)) {
    print $_LANG['privmsg_not_found'];
    die;
}
$res = $res[0];
if ($res['privmsg_seen'] == false) {
    $db->query('update ' . $_CONF['dbprefix'] . 'privmsgs set privmsg_seen=1 ' . 'where privmsg_id=' . getInt($_GET['msg_id']) . ' and privmsg_to=' . getInt($userinfo['user_id']));
}
$from = $db->query('select username from ' . $_CONF['dbprefix'] . 'users where user_id=' . getInt($res['privmsg_from']));
$db->freeResult();
$from = sanitizeHTML($from[0]['username']);
$to = sanitizeHTML($userinfo['username']);
$content = bb2html($res['privmsg_content']);
print '<li class="privmsgHead">' . $_LANG['from'] . ': ' . '<a href="' . BASEDIR . 'user/' . getInt($res['privmsg_from']) . '">' . $from . "</a></li>\n";
print '<li class="privmsgHead">' . $_LANG['to'] . ': ' . '<a href="' . BASEDIR . 'user/' . getInt($res['privmsg_to']) . '">' . $to . "</a></li><br>\n";
print '<div class="privmsgContent">' . $content . "</div><br>\n";
unset($res);
$db->close();
?>

Пример #15
0
print $_LANG['registered_since'];
?>
</th>
	<th><?php 
print $_LANG['posts'];
?>
</th>
	<th><?php 
print $_LANG['reputation'];
?>
</th>
</tr>

<?php 
foreach ($res as $row) {
    print '<tr class="users">' . '<td class="users"><a href="' . BASEDIR . 'user/' . $row['user_id'] . '">' . sanitizeHTML($row['username']) . '</a></td>' . '<td class="usersCenter">' . @date('d M Y, h:i:s a', $row['user_regtime']) . '</td>' . '<td class="usersRight">' . getInt($row['user_posts']) . '</td>' . '<td class="usersRight">' . getInt($row['user_karma']) . '</td></tr>';
}
?>

</table>

<?php 
unset($res);
$db->close();
?>

<?php 
require_once ABSOLUTE_BASEPATH . '/footer.' . PHPEXT;
?>

Пример #16
0
</tr>

<?php 
    foreach ($res as $row) {
        ?>

<tr class="reputations">
	<td class="reputations"><a href="<?php 
        print BASEDIR . 'user/' . $row['voter_id'];
        ?>
"><?php 
        print sanitizeHTML($row['username_voter']);
        ?>
</a></td>
	<td class="reputations" style="text-align: right; width: 10%"><?php 
        if (getInt($row['vote']) > 0) {
            print '+1';
        } else {
            print '-1';
        }
        ?>
</td>
</tr>

<?php 
    }
    unset($res);
}
?>

</table></center>
Пример #17
0
    }
    $db->query('delete from ' . $_CONF['dbprefix'] . 'posts where post_id=' . $post_id);
    $res = $db->query('select count(*) as num from ' . $_CONF['dbprefix'] . 'posts where topic_id=' . $topic_id);
    $db->freeResult();
    $num = getInt($res[0]['num']);
    if ($num == 0) {
        $db->query('delete from ' . $_CONF['dbprefix'] . 'topics where topic_id=' . $topic_id);
    }
    $db->close();
    header("Location: " . $_SERVER['HTTP_REFERER']);
    die;
}
$res = $db->query('select poster_id from ' . $_CONF['dbprefix'] . 'posts ' . "where post_id='" . getInt($_POST['post_id']) . "'");
$db->freeResult();
if ($res[0]['poster_id'] != $userinfo['user_id'] && $userinfo['user_group'] > USERLEV_MOD) {
    notification("Invalid user", $_SERVER['HTTP_REFERER'], 3);
    die;
}
$db->query('update ' . $_CONF['dbprefix'] . 'posts set post_content=' . "'" . sanitizeQuery($_POST['post_content']) . "' where post_id='" . getInt($_POST['post_id']) . "'");
$res = $db->query('select count(*) as num from ' . $_CONF['dbprefix'] . 'posts where topic_id=' . $topic_id . ' ' . 'and post_time > ' . $post_time);
$db->freeResult();
$num = getInt($res[0]['num']);
if ($num > 0) {
    $db->query('update ' . $_CONF['dbprefix'] . 'posts set post_lastedit_date=' . time() . ', ' . 'post_lastedit_user='******'user_id'] . ' where post_id=' . $post_id);
}
$db->close();
header("Location: " . $_SERVER['HTTP_REFERER']);
die;
?>

Пример #18
0
</tr>

<?php 
        foreach ($res as $row) {
            $forum_name = sanitizeHTML($row['forum_name']);
            $topic_name = sanitizeHTML($row['topic_title']);
            $topic_author = sanitizeHTML($row['topic_author']);
            $post_author = sanitizeHTML($row['post_author']);
            $topic_replies = getInt($row['topic_replies']);
            $forum_id = getInt($row['forum_id']);
            $topic_id = getInt($row['topic_id']);
            $post_id = getInt($row['post_id']);
            $topic_user_id = getInt($row['topic_user_id']);
            $post_user_id = getInt($row['post_user_id']);
            $page = $db->query('select count(*) as numPosts from ' . $_CONF['dbprefix'] . 'posts ' . 'where topic_id=' . $topic_id . ' and post_time < ' . $row['post_time']);
            $page = (int) (getInt($page[0]['numPosts']) / 10 + 1);
            $db->freeResult();
            ?>

<tr class="searchresults">
	<td class="searchresults"><a href="<?php 
            print BASEDIR . $forum_id;
            ?>
"><?php 
            print $forum_name;
            ?>
</a></td>
	<td class="searchresults"><a href="<?php 
            print BASEDIR . "topic/{$topic_id}/{$page}#{$post_id}";
            ?>
"><?php 
Пример #19
0
        }
        $groups = array();
        $res = $db->query('select * from ' . $_CONF['dbprefix'] . 'groups');
        foreach ($res as $row) {
            $groups[$row['group_id']] = $row['group_name'];
        }
        $xml = '<?xml version="1.0" encoding="UTF-8" ?>';
        $res = $db->query('select forum_name, forum_viewgroup, forum_postgroup from ' . $_CONF['dbprefix'] . 'forums where forum_id=' . $fid);
        $res = $res[0];
        $xml .= '<forum id="' . $fid . '" name="' . $res['forum_name'] . '">' . '<priv id="view" value="' . getInt($res['forum_viewgroup']) . '" name="' . sanitizeHTML($groups[$res['forum_viewgroup']]) . '"></priv>' . '<priv id="post" value="' . getInt($res['forum_postgroup']) . '" name="' . sanitizeHTML($groups[$res['forum_postgroup']]) . '"></priv>';
        foreach ($groups as $id => $name) {
            $xml .= '<group id="' . getInt($id) . '" name="' . sanitizeHTML($name) . '"></group>';
        }
        $xml .= '</forum>';
        print $xml;
        break;
    case 'edit_privs':
        if (!$fid) {
            die;
        }
        $view_privs = getInt($_REQUEST['view_privs']);
        $post_privs = getInt($_REQUEST['post_privs']);
        $db->query('update ' . $_CONF['dbprefix'] . 'forums set forum_viewgroup=' . $view_privs . ' where forum_id=' . $fid);
        $db->query('update ' . $_CONF['dbprefix'] . 'forums set forum_postgroup=' . $post_privs . ' where forum_id=' . $fid);
        header('Location: ' . $_SERVER['HTTP_REFERER']);
        break;
}
$db->close();
?>

Пример #20
0
     print '<a href="javascript:newForum()" style="padding-left: 10px">' . $_LANG['new_forum'] . '</a><br>' . '<form action="editforum.' . PHPEXT . '?action=new" method="POST">' . '<div id="newforum" style="padding-left: 10px"></div><br>' . '</form>' . '<table class="forumlist">' . "\n";
     foreach ($res as $row) {
         print '<tr class="forumlist">' . '<td class="forumlist">' . '<span id="name' . getInt($row['forum_id']) . '">' . '<a href="/forum/' . getInt($row['forum_id']) . '">' . sanitizeHTML($row['forum_name']) . '</a></span><br>' . '<span id="desc' . getInt($row['forum_id']) . '">' . sanitizeHTML($row['forum_desc']) . '</span></td>' . '<td class="forumlist" style="text-align: right">' . '<select id="' . $row['forum_id'] . '" name="forumaction" value="none" onChange="editForum(this)">' . '<option value="none">-- ' . $_LANG['choose_action'] . '</option>' . '<option value="delete">' . $_LANG['remove_forum'] . '</option>' . '<option value="move_up">' . $_LANG['move_up'] . '</option>' . '<option value="move_down">' . $_LANG['move_down'] . '</option>' . '<option value="edit_name">' . $_LANG['edit_name'] . '</option>' . '<option value="edit_desc">' . $_LANG['edit_desc'] . '</option>' . '<option value="edit_priv">' . $_LANG['edit_priv'] . '</option>' . '</select></td>' . '</tr>';
     }
     print '</table>';
     $db->close();
     break;
 case 'group':
     require_once ABSOLUTE_BASEPATH . '/db.' . PHPEXT;
     $db = new nullBB_Database($_CONF, $_LANG);
     $res = $db->query('select * from ' . $_CONF['dbprefix'] . 'groups ' . 'order by group_id');
     $db->freeResult();
     $defaultGroups = array(USERLEV_GOD, USERLEV_ADMIN, USERLEV_GLOBALMOD, USERLEV_MOD, USERLEV_USER, USERLEV_ANY, USERLEV_BANNED);
     print '<a href="javascript:newGroup()" style="padding-left: 10px">' . $_LANG['new_group'] . '</a><br>' . '<form action="editgroup.' . PHPEXT . '?action=new" method="POST">' . '<div id="newgroup" style="padding-left: 10px"></div><br>' . '</form>' . '<table class="forumlist">' . "\n";
     foreach ($res as $row) {
         print '<tr class="forumlist">' . '<td class="forumlist">' . '<span id="name' . getInt($row['group_id']) . '"';
         if (!in_array($row['group_id'], $defaultGroups)) {
             print ' style="color: #990000"';
         }
         print '>' . sanitizeHTML($row['group_name']) . '</span><br>' . '</td>' . '<td class="forumlist" style="text-align: right">' . '<select id="' . $row['group_id'] . '" name="groupaction" value="none" onChange="editGroup(this)">' . '<option value="none">-- ' . $_LANG['choose_action'] . '</option>';
         if (!in_array($row['group_id'], $defaultGroups)) {
             print '<option value="delete">' . $_LANG['remove_group'] . '</option>';
         }
         print '<option value="edit_name">' . $_LANG['edit_name'] . '</option>' . '</select></td>' . '</tr>';
     }
     print '</table>';
     $db->close();
     break;
 case 'dump':
     print $_LANG['generate_dump'];
     print '<meta http-equiv="Refresh" content="0;url=' . BASEDIR . 'admin/dump.sql">';
Пример #21
0
require_once "../../../../../class/autoload.inc";
require_once "{$jqRoot}/php/jqGridPdo.php";
function getInt($key)
{
    if (isset($_GET[$key])) {
        return intval($_GET[$key]);
    } else {
        return -1;
    }
}
//error_reporting(E_ALL);
//ini_set('error_reporting', E_ALL);
//ini_set('display_errors',1);
$dept_id = getInt('dept_id');
$major_id = getInt('major_id');
$class_id = getInt('class_id');
$sel = 'select s_id, s_user, s_pwd, s_num, s_name, s_mail, s_date, s_role, s_phone, reg_date,  last_login,
    edu_id, edu_name, dept_name, major_name, class_name, class_id from student join class using(class_id) join major using(major_id) join department using(dept_id) join education using(edu_id) ';
if ($class_id != -1) {
    $sel .= "where class_id= {$class_id}";
} else {
    if ($major_id != -1) {
        $sel .= "where major_id= {$major_id}";
    } else {
        if ($dept_id != -1) {
            $sel .= "where dept_id= {$dept_id}";
        }
    }
}
$conn = new DB_Connect();
$grid = new jqGridRender($conn);
Пример #22
0
    print '<li class="contestmenu"><a class="contestmenu" href="' . BASEDIR . 'profile.' . PHPEXT . '">~ ' . $_LANG['user_panel'] . '</li>';
    if (preg_match('/\\/' . $basedir . '\\/([0-9]+)/', $_SERVER['HTTP_REFERER'], $match)) {
        $forum_id = getInt($match[1]);
        $res = $db->query('select forum_postgroup from ' . $_CONF['dbprefix'] . 'forums ' . "where forum_id='" . $forum_id . "'");
        $db->freeResult();
        $forum_postgroup = getInt($res[0]['forum_postgroup']);
        unset($res);
        if ($userinfo['user_group'] <= $forum_postgroup) {
            print '<li class="contestmenu"><a class="contestmenu" href="javascript:newTopic(' . BASEDIR . ',' . $forum_id . ')">~ New topic</a></li>';
        }
    }
}
print '<li class="contestmenu" style="border-bottom: 3px solid #fff"></li>';
$res = $db->query('select forum_id, forum_name, forum_viewgroup from ' . $_CONF['dbprefix'] . 'forums');
foreach ($res as $row) {
    $forum_viewgroup = getInt($row['forum_viewgroup']);
    if ($forum_viewgroup < USERLEV_ANY) {
        if ($session->logged) {
            if ($userinfo['user_group'] <= $forum_viewgroup) {
                print '<li class="contestmenu"><a class="contestmenu" href="' . BASEDIR . $row['forum_id'] . '">' . $row['forum_name'] . '</a></li>' . "\n";
            }
        }
    } else {
        print '<li class="contestmenu"><a class="contestmenu" href="' . BASEDIR . $row['forum_id'] . '">' . $row['forum_name'] . '</a></li>' . "\n";
    }
}
if ($session->logged) {
    if (!$userinfo['user_disabled'] && $userinfo['user_group'] <= USERLEV_ADMIN) {
        print '<li class="contestmenu" style="border-bottom: 3px solid #fff"></li>' . '<li class="contestmenu"><a class="contestmenu" href="' . BASEDIR . 'admin/index.' . PHPEXT . '">' . $_LANG['admin_panel'] . '</a></li>';
    }
}
Пример #23
0
 function readBriefing($hex)
 {
     $brief = array();
     $brief['RunningTime'] = getShort($hex, 0);
     $brief['Unknown'] = getShort($hex, 2);
     $brief['StartLength'] = getShort($hex, 4);
     $brief['EventLength'] = getInt($hex, 6);
     //        $eventHex = substr($hex, 10, 800);
     ////        $brief['EventHex'] = Hex::hexToStr($eventHex);
     //        $brief['Events'] = array();
     //        for ($i = 0; $i < $brief['EventLength']; $i++){
     //            list($length, $event) = $this->readBriefingEvent($eventHex);
     //            $eventHex = substr($eventHex, $length);
     //            $brief['Events'][] = (string)$event;
     //        }
     $eventHex = substr($hex, 10, $brief['EventLength'] * 2);
     while (strlen($eventHex)) {
         list($length, $event) = $this->readBriefingEvent($eventHex);
         $eventHex = substr($eventHex, $length);
         $brief['Events'][] = (string) $event;
     }
     $hex = substr($hex, 810);
     //tags, strings
     $brief['Tags'] = array();
     for ($t = 0; $t < 32; $t++) {
         $tag = $this->readTag($hex);
         $length = !empty($tag) ? strlen($tag) + 2 : 2;
         $hex = substr($hex, $length);
         if ($tag) {
             $brief['Tags'][] = $tag;
         }
     }
     $brief['Strings'] = array();
     for ($s = 0; $s < 32; $s++) {
         $tag = $this->readTag($hex);
         $length = !empty($tag) ? strlen($tag) + 2 : 2;
         $hex = substr($hex, $length);
         if ($tag) {
             $brief['Strings'][] = $tag;
         }
     }
     $this->briefing = $brief;
     return $hex;
 }
Пример #24
0
        if (!empty($new) && $row['forum_lasttime'] > $session->session_lasttime) {
            print ' <i>[NEW]</i>';
        }
    }
    print "<br>" . sanitizeHTML($row['forum_desc']) . "</td>\n";
    print '<td class="forums">';
    $topics = $db->query('select count(*) as num from ' . $_CONF['dbprefix'] . 'topics ' . 'where forum_id=' . getInt($row['forum_id']));
    $db->freeResult();
    $topics = getInt($topics[0]['num']);
    if ($topics == 0) {
        print $_LANG['no_posts'];
    } else {
        $lastuser = $db->query('select user_id, username from ' . $_CONF['dbprefix'] . 'users u join ' . $_CONF['dbprefix'] . 'posts p ' . 'on u.user_id=p.poster_id where p.post_id=' . getInt($row['forum_lastpost']));
        $db->freeResult();
        if (!empty($lastuser)) {
            $user_id = getInt($lastuser[0]['user_id']);
            $username = sanitizeHTML($lastuser[0]['username']);
            unset($lastuser);
            print $_LANG['latest_post'] . ': <a href="' . BASEDIR . 'user/' . $user_id . '">' . $username . '</a>';
            print '<br>@ ' . @date('d M Y, h:i:s a', $lasttime) . '</td>' . "\n";
        } else {
            print $_LANG['latest_post'] . ': <span style="color: #a00">[anonymous]</span>';
            print '<br>@ ' . @date('d M Y, h:i:s a', $lasttime) . '</td>' . "\n";
        }
    }
    print "<td class=\"forums\">" . $row['forum_topics'] . "</td><td class=\"forumsnoright\">" . $row['forum_posts'] . "</td></tr>";
}
$db->close();
?>
		</table>
Пример #25
0
if ($user[0]['user_website']) {
    $website = sanitizeHTML($user[0]['user_website']);
    print '<tr><td class="userinfoentry">web:</td>' . '<td class="userinfoentry" style="text-align: right">' . $website . "</td></tr>\n";
}
if ($user[0]['user_msn']) {
    $msn = sanitizeHTML($user[0]['user_msn']);
    $msn = preg_replace('/@/', '&lt;AT&gt;', $msn);
    $msn = preg_replace('/\\./', '&lt;DOT&gt;', $msn);
    print '<tr><td class="userinfoentry">msn:</td>' . '<td class="userinfoentry" style="text-align: right">' . $msn . "</td></tr>\n";
}
?>

<tr>
	<td class="userinfoentry">.</td>
	<td class="userinfoentry" style="text-align: right"><a href="javascript:sendMessage(<?php 
print getInt($user[0]['user_id']) . ",'" . BASEDIR . "'";
?>
)"><?php 
print $_LANG['send_pm'];
?>
</a></td>
</tr>

<tr>
	<td class="userinfoentry">.</td>
	<td class="userinfoentry" style="text-align: right">
		<a href="<?php 
print BASEDIR;
?>
messagesByUser.<?php 
print PHPEXT;
Пример #26
0
    die;
}
$db = new nullBB_Database($_CONF, $_LANG);
$forum_id = getInt($_POST['forum_id']);
$forum = $db->query('select forum_id from ' . $_CONF['dbprefix'] . 'forums where ' . 'forum_id = ' . $forum_id);
$db->freeResult();
if (empty($forum)) {
    require_once ABSOLUTE_BASEPATH . '/header.' . PHPEXT;
    notification($_LANG['invalid_forum'], $_SERVER['HTTP_REFERER'], 3);
    die;
}
$res = $db->query('select forum_postgroup from ' . $_CONF['dbprefix'] . 'forums where ' . "forum_id='" . $forum_id . "'");
$db->freeResult();
$forum_postgroup = getInt($res[0]['forum_postgroup']);
unset($res);
if ($userinfo['user_group'] > $forum_postgroup) {
    require_once ABSOLUTE_BASEPATH . '/header.' . PHPEXT;
    notification($_LANG['insufficient_privileges'], $_SERVER['HTTP_REFERER'], 3);
    die;
}
$user_id = getInt($session->user_id);
$topic_title = sanitizeQuery($_POST['topic_title']);
unset($forum);
$db->query('insert into ' . $_CONF['dbprefix'] . 'topics(forum_id, topic_title, topic_poster, topic_time) values(' . "'{$forum_id}', '{$topic_title}', '{$user_id}', '" . time() . "')");
$res = $db->query('select topic_id from ' . $_CONF['dbprefix'] . 'topics order by topic_id desc limit 1');
$db->freeResult();
$_POST['topic_id'] = $res[0]['topic_id'];
$topic_id = getInt($_POST['topic_id']);
unset($res);
$db->close();
require_once ABSOLUTE_BASEPATH . '/insertPost.' . PHPEXT;
Пример #27
0
 /**
  * Mehrsprachiger Wochentag eines Timestamps.
  * @param integer nStamp, zu übergebenes Timestamp
  * @param resources Res, Sprachobjekt
  * @return string Wochentag als String (kurz)
  */
 public static function getDayOfWeekShort($nStamp, resources &$Res)
 {
     $nStamp = getInt($nStamp);
     $nRet = date("w", $nStamp);
     if ($nRet == 0) {
         $nRet = 7;
     }
     $sDay = self::getWeekdayShort($nRet, $Res);
     return $sDay;
 }
Пример #28
0
 * this program. If not, see <http://www.gnu.org/licenses/>.                                      *
 **************************************************************************************************/
require_once '../config.ini';
require_once 'admin_head.' . PHPEXT;
$action = $_REQUEST['action'];
switch ($action) {
    case 'new':
    case 'delete':
    case 'edit_name':
        break;
    default:
        die;
        break;
}
$defaultGroups = array(USERLEV_GOD, USERLEV_ADMIN, USERLEV_GLOBALMOD, USERLEV_MOD, USERLEV_USER, USERLEV_ANY, USERLEV_BANNED);
$gid = getInt($_REQUEST['gid']);
$db = new nullBB_Database($_CONF, $_LANG);
switch ($action) {
    case 'delete':
        if (in_array($gid, $default_groups)) {
            print '<script>alert("' . $_LANG['no_delete_default_group'] . '")</script>' . '<meta http-equiv="Refresh" value="0;url=' . $_SERVER['HTTP_REFERER'] . '">';
            die;
        }
        $db->query('update ' . $_CONF['dbprefix'] . 'users set user_group=' . USERLEV_USER . ' where user_group=' . $gid);
        $db->query('delete from ' . $_CONF['dbprefix'] . 'groups where group_id=' . $gid);
        header('Location: ' . $_SERVER['HTTP_REFERER']);
        break;
    case 'new':
        $name = sanitizeQuery($_REQUEST['group_name']);
        if (!$name) {
            die;
Пример #29
0
/**************************************************************************************************
 * nullBB - Light CMS forum                                                                       *
 * Copyright (C) 2009, BlackLight                                                                 *
 *                                                                                                *
 * This program is free software: you can redistribute it and/or modify it under the terms of the *
 * GNU General Public License as published by the Free Software Foundation, either version 3 of   *
 * the License, or (at your option) any later version. This program is distributed in the hope    *
 * that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of         *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for    *
 * more details. You should have received a copy of the GNU General Public License along with     *
 * this program. If not, see <http://www.gnu.org/licenses/>.                                      *
 **************************************************************************************************/
require_once '../config.ini';
require_once ABSOLUTE_BASEPATH . '/db.' . PHPEXT;
require_once ABSOLUTE_BASEPATH . '/utils.' . PHPEXT;
if (!$_GET['user']) {
    die;
}
$db = new nullBB_Database($_CONF, $_LANG);
$user = sanitizeQuery($_GET['user']);
$user = str_replace('*', '%', $user);
$res = $db->query("select user_id, username from " . $_CONF['dbprefix'] . 'users ' . "where username like '" . $user . "'");
if (empty($res)) {
    die;
}
foreach ($res as $row) {
    print getInt($row['user_id']) . ' # ' . sanitizeHTML($row['username']) . "\n";
}
unset($res);
$db->freeResult();
$db->close();
Пример #30
0
	<td class="searchresults" style="width: 55%"><a href="javascript:popupPrivmsg(<?php 
        print $msg_id . ",'" . BASEDIR . "', " . $from_id;
        ?>
)"><?php 
        if (!$row['privmsg_seen']) {
            print '<b>';
        }
        print $subject;
        if (!$row['privmsg_seen']) {
            print '</b>';
        }
        ?>
</a></td>

	<td class="searchresults" style="width: 25%"><?php 
        print @date('d M Y, h:i:s a', getInt($row['privmsg_date']));
        ?>

	<td class="searchresults"><a href="<?php 
        print BASEDIR . 'privmsgbyid.' . PHPEXT . '?del=1&msg_id=' . $msg_id;
        ?>
">x</a></td>
</tr>

<?php 
    }
    ?>

</table><br><br></div>

<?php