Пример #1
0
 protected function main()
 {
     $this->set_title(Nw::$lang['contact']['contact']);
     $this->add_css('forms.css');
     $this->set_filAriane(array(Nw::$lang['contact']['contact'] => array('')));
     $this->set_tpl('contact/contact.html');
     $this->load_lang_file('users');
     $this->add_form('contenu');
     //Si on veut envoyer le mail
     if (isset($_POST['submit'])) {
         if (empty($_POST['pseudo'])) {
             $msg_error = sprintf(Nw::$lang['contact']['error_empty'], Nw::$lang['contact']['_pseudo']);
         } elseif (empty($_POST['mail'])) {
             $msg_error = sprintf(Nw::$lang['contact']['error_empty'], Nw::$lang['contact']['_mail']);
         } elseif (empty($_POST['sujet'])) {
             $msg_error = sprintf(Nw::$lang['contact']['error_empty'], Nw::$lang['contact']['_sujet']);
         } elseif (empty($_POST['contenu'])) {
             $msg_error = sprintf(Nw::$lang['contact']['error_empty'], Nw::$lang['contact']['_contenu']);
         } elseif ($_POST['code_cap'] != $_SESSION['cap_nw']) {
             $msg_error = Nw::$lang['users']['wrong_antispam'];
         }
         if (!empty($msg_error)) {
             display_form(array('pseudo' => $_POST['pseudo'], 'mail' => $_POST['mail'], 'sujet' => $_POST['sujet'], 'contenu' => $_POST['contenu'], 'captcha' => $_POST['captcha'], 'nom' => $_POST['nom'], 'code_cap' => ''), $msg_error);
         } else {
             inc_lib('mail/email_contact');
             if (email_contact($_POST['mail'], $_POST['pseudo'], $_POST['nom'], '[Contact] ' . $_POST['sujet'], $_POST['contenu'], get_ip())) {
                 redir(Nw::$lang['contact']['redir_ok'], true, 'contact.html');
             }
         }
     } else {
         display_form(array('pseudo' => is_logged_in() ? Nw::$dn_mbr['u_pseudo'] : '', 'mail' => is_logged_in() ? Nw::$dn_mbr['u_email'] : '', 'sujet' => '', 'contenu' => '', 'captcha' => '', 'nom' => '', 'code_cap' => ''));
     }
 }
 public function api_login()
 {
     //почта
     $mail = isset($this->request->data['mail']) ? $this->request->data['mail'] : null;
     //пароль
     $password = isset($this->request->data['password']) ? $this->request->data['password'] : null;
     if ($password == null or $mail == null) {
         $status = 'error';
         response_ajax(array('error' => 'password_invalid'), $status);
         exit;
     }
     if ($mail == null) {
         $status = 'error';
         response_ajax(array('error' => 'mail_invalid'), $status);
         exit;
     }
     $hashed_pass = get_hash(Configure::read('USER_AUTH_SALT'), $password);
     $check_user = $this->User->find('count', array('conditions' => array('password' => $hashed_pass, 'mail' => $mail)));
     if ($check_user > 0) {
         //удачная авторизация
         $this->Session->write('User', $mail);
         $user_id_data = $this->User->find('first', array('conditions' => array('mail' => $mail)));
         $user_id = $user_id_data['User']['id'];
         $this->loadModel('Userauth');
         $auth_data = array('user_id' => $user_id, 'ip' => get_ip(), 'browser' => get_ua(), 'os' => get_os());
         $this->Userauth->save($auth_data);
         $this->Session->write('user_id', $user_id);
         $status = 'success';
         response_ajax(array('result' => 'login'), $status);
     } else {
         $status = 'error';
         response_ajax(array('error' => 'user_not_found'), $status);
     }
     exit;
 }
Пример #3
0
 public function index()
 {
     $vdata['title'] = "登录!";
     if ($this->form_validation->run('login') == FALSE) {
         $this->load->view('login', $vdata);
     } else {
         $mid = $this->uname;
         $info = $this->model->get_login($mid);
         $session = array("mid" => $mid, "uname" => $info['uname'], "nickname" => $info['nickname'], "login_ip" => get_ip(), "gid" => $info['gid']);
         $this->session->set_userdata($session);
         $this->model->set_login($mid);
         // 记住登录 1 周
         if ($this->input->post('rember')) {
             $rember_hours = $this->mcfg->get('adminer', 'rember_hours');
             if (!is_numeric($rember_hours)) {
                 $rember_hours = 72;
             }
             $_rember = md5(HMACPWD . $info['uname'] . $session['login_ip']);
             $cookie = array('name' => '_rember', 'value' => $_rember, 'expire' => 60 * 60 * $rember_hours, 'path' => $this->config->item('cookie_path'));
             $cookie2 = array('name' => '_m', 'value' => $mid, 'expire' => 60 * 60 * $rember_hours, 'path' => $this->config->item('cookie_path'));
             $this->input->set_cookie($cookie);
             $this->input->set_cookie($cookie2);
         }
         var_dump($session);
         $this->mlogs->add('login', 'manager ID ' . $this->session->userdata('mid') . ': 登录成功!');
         if ($this->input->get('url')) {
             redirect(urldecode($this->input->get('url')));
         } else {
             redirect(site_url('welcome'));
         }
     }
 }
Пример #4
0
function createAccount($pUsername, $pPassword, $pMail)
{
    global $dbc;
    // First check we have data passed in.
    if (!empty($pUsername) && !empty($pPassword) && !empty($pPassword) && !empty($pMail)) {
        $uLen = strlen($pUsername);
        $pLen = strlen($pPassword);
        // escape the $pUsername to avoid SQL Injections
        $eUsername = mysqli_real_escape_string($dbc, $pUsername);
        $sql = "SELECT username FROM nctf_accounts WHERE username = '******' LIMIT 1";
        // Note the use of trigger_error instead of or die.
        $query = mysqli_query($dbc, $sql) or trigger_error("Query Failed: " . mysql_error());
        $ip = get_ip();
        // Error checks (Should be explained with the error)
        if ($uLen <= 4 || $uLen >= 16) {
            $_SESSION['error'] = "Username must be between 5 and 11 characters.";
        } elseif ($pLen < 6) {
            $_SESSION['error'] = "Password must be longer then 6 characters.";
        } elseif (!filter_var($pMail, FILTER_VALIDATE_EMAIL)) {
            $_SESSION['error'] = "Invaild Email address.";
        } elseif (mysqli_num_rows($query) == 1) {
            $_SESSION['error'] = "Username already exists.";
        } else {
            $sql = "INSERT INTO nctf_accounts (`username`, `password`, `mail`,`register_time`,`register_ip`) VALUES ('" . $eUsername . "', '" . hashPassword($pPassword) . "','" . $pMail . "',now(),'" . $ip . "');";
            //echo $sql;
            $query = mysqli_query($dbc, $sql) or trigger_error("Query Failed: " . mysql_error());
            if ($query) {
                return true;
            }
        }
    }
    return false;
}
Пример #5
0
function add_mbr($pseudo, $password, $email, $identifier = '', $valide = 0)
{
    $bf_token = 'jJ_=éZAç1l';
    $ft_token = 'ù%*àè1ç0°dezf';
    $key_alea_code_activate = md5(uniqid(mt_rand()));
    // Enregistrement de l'utilisateur dans la base de données
    Nw::$DB->query('INSERT INTO ' . Nw::$prefix_table . 'members (u_pseudo, u_alias, u_identifier, u_password, u_email, u_group, u_date_register, u_active, u_code_act, u_ip)
    VALUES(\'' . insertBD(trim($pseudo)) . '\', \'' . rewrite(trim($pseudo)) . '\', \'' . insertBD(trim($identifier)) . '\', \'' . insertBD(sha1($bf_token . trim($password) . $ft_token)) . '\', \'' . insertBD(trim($email)) . '\',
    4, NOW(), ' . intval($valide) . ', \'' . insertBD($key_alea_code_activate) . '\', \'' . get_ip() . '\')') or Nw::$DB->trigger(__LINE__, __FILE__);
    $id_new_membre = Nw::$DB->insert_id;
    $identifiant_unique = md5($id_new_membre . uniqid(rand(), true));
    $lien_activation = Nw::$site_url . 'users-32.html?mid=' . $id_new_membre . '&ca=' . $key_alea_code_activate;
    Nw::$DB->query('UPDATE ' . Nw::$prefix_table . 'members SET u_ident_unique = \'' . Nw::$DB->real_escape_string($identifiant_unique) . '\' WHERE u_id = ' . intval($id_new_membre)) or Nw::$DB->trigger(__LINE__, __FILE__);
    Nw::$DB->query('INSERT INTO ' . Nw::$prefix_table . 'members_stats (s_id_membre) VALUES(' . intval($id_new_membre) . ')') or Nw::$DB->trigger(__LINE__, __FILE__);
    inc_lib('users/mail2gd');
    mail2gd($identifiant_unique, trim($email));
    inc_lib('newsletter/add_abonnement');
    add_abonnement(trim($email), $id_new_membre);
    // Envoie d'email de validation
    if ($valide == 0) {
        $txt_mail = sprintf(Nw::$lang['users']['mail_confirm_insc'], $pseudo, Nw::$site_url, Nw::$site_name, $lien_activation, $lien_activation, $lien_activation);
        @envoi_mail(trim($email), sprintf(Nw::$lang['users']['confirm_inscription'], Nw::$site_name), $txt_mail);
    } else {
        // Le compte est confirmé, on met à jour le nbr de membres
        inc_lib('admin/gen_cachefile_nb_members');
        gen_cachefile_nb_members();
        generate_members_sitemap();
    }
    return $id_new_membre;
}
Пример #6
0
function archive_news($id_news)
{
    Nw::$DB->query('UPDATE ' . Nw::$prefix_table . 'news SET n_etat = 0 WHERE n_id = ' . intval($id_news)) or Nw::$DB->trigger(__LINE__, __FILE__);
    // Log
    $texte_log = sprintf(Nw::$lang['news']['log_votes_archived'], Nw::$pref['nb_votes_valid_news']);
    Nw::$DB->query('INSERT INTO ' . Nw::$prefix_table . 'news_logs (l_id_news, l_id_membre, l_action, l_texte, l_date, l_ip) VALUES(' . intval($id_news) . ', ' . intval(Nw::$dn_mbr['u_id']) . ', 10, \'' . $texte_log . '\', NOW(), \'' . get_ip() . '\')') or Nw::$DB->trigger(__LINE__, __FILE__);
}
Пример #7
0
function add_alert_news($id_user, $id_news, $texte, $motif)
{
    inc_lib('bbcode/parse');
    $texte = Nw::$DB->real_escape_string(parse(htmlspecialchars(trim($texte))));
    Nw::$DB->query("INSERT INTO " . Nw::$prefix_table . "news_alerts(a_id_news, a_auteur,\n        a_ip, a_date, a_texte, a_motif)\n        VALUES(" . intval($id_news) . ", " . intval($id_user) . ", " . get_ip() . ", NOW(), \n        '" . $texte . "', " . intval($motif) . ")") or Nw::$DB->trigger(__LINE__, __FILE__);
    return Nw::$DB->insert_id;
}
function propose_news_votes($id)
{
    Nw::$DB->query('UPDATE ' . Nw::$prefix_table . 'news
        SET n_date = NOW(), n_last_mod = NULL, n_private = 0, n_etat = 2
        WHERE n_id = ' . intval($id)) or Nw::$DB->trigger(__LINE__, __FILE__);
    Nw::$DB->query('INSERT INTO ' . Nw::$prefix_table . 'news_logs (l_id_news, l_id_membre, l_action, l_date, l_ip) VALUES(' . intval($id) . ', ' . intval(Nw::$dn_mbr['u_id']) . ', 12, NOW(), \'' . get_ip() . '\')') or Nw::$DB->trigger(__LINE__, __FILE__);
}
Пример #9
0
/**
* For ban ips .. 
*/
function get_ban()
{
    global $banss, $lang, $tpl, $text;
    //visitor ip now
    $ip = get_ip();
    //now .. loop for banned ips
    if (is_array($banss) && !empty($ip)) {
        foreach ($banss as $ip2) {
            $ip2 = trim($ip2);
            if (empty($ip2)) {
                continue;
            }
            //first .. replace all * with something good .
            $replace_it = str_replace("*", '([0-9]{1,3})', $ip2);
            $replace_it = str_replace(".", '\\.', $replace_it);
            if ($ip == $ip2 || @preg_match('/' . preg_quote($replace_it, '/') . '/i', $ip)) {
                ($hook = kleeja_run_hook('banned_get_ban_func')) ? eval($hook) : null;
                //run hook
                kleeja_info($lang['U_R_BANNED'], $lang['U_R_BANNED']);
            }
        }
    }
    ($hook = kleeja_run_hook('get_ban_func')) ? eval($hook) : null;
    //run hook
}
Пример #10
0
 /**
  *  邀请注册
  */
 function index()
 {
     $uid = intval($GLOBALS['uid']);
     if (!$uid) {
         header("Location:" . WEBURL);
         exit;
     }
     $_uid = get_cookie('_uid');
     if ($_uid && is_numeric($_uid)) {
         //已经登录的用户不算成功推广的下线
         header("Location:" . WEBURL);
         exit;
     } else {
         $times = SYS_TIME + 86400 * 7;
         set_cookie('ppc_uid', $uid, $times);
         $db = load_class('db');
         $ip = get_ip();
         $db->insert('ppc', array('uid' => $uid, 'addtime' => SYS_TIME, 'ip' => $ip));
         //后台配置推广页面跳转地址
         $setting = get_cache('setting', 'ppc');
         if (empty($setting['redirect_url'])) {
             MSG('请在后台配置推广页面地址');
         }
         header("Location:" . $setting['redirect_url']);
     }
 }
Пример #11
0
 public function index()
 {
     $vdata['title'] = lang('nav_serverinfo');
     //检查环境
     $vdata['extension'] = array('gd' => array("title" => lang('ext_gd'), 'enable' => 0), 'mysql' => array("title" => "Mysql", 'enable' => 0), 'mysqli' => array("title" => "Mysqli", 'enable' => 0), 'xml' => array("title" => "XML", 'enable' => 0), 'iconv' => array("title" => "iconv", 'enable' => 0), 'json' => array("title" => "json", 'enable' => 0), 'zip' => array("title" => "Zip", 'enable' => 0), 'curl' => array("title" => "CURL", 'enable' => 0));
     foreach ($vdata['extension'] as $e => $v) {
         if (extension_loaded($e)) {
             $vdata['extension'][$e]['enable'] = 1;
         }
     }
     // TODO 检测系统服务
     $vdata['env'] = array('serverip' => array("title" => lang('env_serverip'), 'enable' => $_SERVER['SERVER_ADDR']), 'serverport' => array("title" => lang('env_serverport'), 'enable' => $_SERVER['SERVER_PORT']), 'app' => array("title" => lang('env_app'), 'enable' => " <a href='" . GLOBAL_URL . "' target='_blank'>" . GLOBAL_URL . "</a>"), 'dbtype' => array("title" => lang('env_dbtype'), 'enable' => strtoupper(DB_TYPE)), 'cache' => array("title" => lang('env_cache'), 'enable' => 0), 'upload' => array("title" => lang('env_upload'), 'enable' => 0), 'memory_limit' => array("title" => lang('memory_limit'), 'enable' => ini_get('memory_limit')), 'upload_max_filesize' => array("title" => lang('upload_max_filesize'), 'enable' => ini_get('upload_max_filesize')));
     // 加载公用文件帮助函数
     $this->load->helper('file');
     if (new_is_writeable(UPLOAD_PATH)) {
         $vdata['env']['upload']['enable'] = "OK";
     }
     // 检测缓存文件夹可写
     if (new_is_writeable(APPPATH . 'cache')) {
         $vdata['env']['cache']['enable'] = "OK";
     }
     // 当前IP
     $vdata['server']['ip'] = get_ip();
     $this->load->view('inc_header.php', $vdata);
     $this->load->view('serverinfo_index.php');
     $this->load->view('inc_footer.php');
 }
Пример #12
0
function create_user_event($e, $t, $user)
{
    // check for logged in status, we don't want to record an admin ip address
    // on an account they just created for example
    if (!elgg_is_logged_in()) {
        $user->ip_address = get_ip();
    }
}
Пример #13
0
 public static function Add($text, $type)
 {
     global $currentUser;
     $user_id = $currentUser->isLogged() ? $currentUser['id'] : null;
     $ip = get_ip();
     $timestamp = time();
     $text = db_escape($text);
     exequery("INSERT INTO logs (ip, `timestamp`, user_id, `text`, type) VALUES ('{$ip}', '{$timestamp}', {$user_id}, '{$text}', {$type})");
 }
Пример #14
0
 /**
  *  Met à jour les infos du membre connecté
  *  @author Cam
  * @param $idm     ID du membre
  *  @return void
  */
 public static function maj_donnees_membre($idm)
 {
     Nw::$DB->query('UPDATE ' . Nw::$prefix_table . 'members 
         SET u_last_visit = NOW(), u_ip = ' . get_ip() . '
         WHERE u_id = ' . intval($idm));
     if (!isset($_SESSION['last_ip']) || $_SESSION['last_ip'] != get_ip()) {
         $_SESSION['last_ip'] = get_ip();
         Nw::$DB->query("INSERT INTO " . Nw::$prefix_table . "members_ip(ip_ip,\r\n                ip_id_mbr, ip_date_begin, ip_date_last)\r\n                VALUES(" . get_ip() . ", " . intval($idm) . ", NOW(), NOW())\r\n                ON DUPLICATE KEY UPDATE ip_date_last = NOW()") or Nw::$DB->trigger(__LINE__, __FILE__);
     }
 }
function add_msg_list_live($id_live, $message)
{
    inc_lib('bbcode/parse');
    $contenu = Nw::$DB->real_escape_string(parse(htmlspecialchars(trim($message))));
    Nw::$DB->query('INSERT INTO ' . Nw::$prefix_table . 'w_live_posts (post_id_membre,
        post_id_live, post_date, post_contenu, post_ip) VALUES(' . intval(Nw::$dn_mbr['u_id']) . ', 
        ' . intval($id_live) . ', NOW(), \'' . $contenu . '\', \'' . get_ip() . '\')') or Nw::$DB->trigger(__LINE__, __FILE__);
    $id_new_post = Nw::$DB->insert_id;
    return $id_new_post;
}
Пример #16
0
 public function add_comment($post_id)
 {
     if ($this->comments_moderation == 1) {
         $comment_approved = "pending";
     } else {
         $comment_approved = "approved";
     }
     $data = array('post_id' => $post_id, 'comment_author' => $this->db->escape_str($this->input->post('comment_author')), 'comment_author_email' => $this->db->escape_str($this->input->post('comment_author_email')), 'comment_author_website' => $this->db->escape_str($this->input->post('comment_author_website')), 'comment_author_ip' => get_ip(), 'comment_content' => $this->db->escape_str($this->input->post('comment_content')), 'comment_date' => time(), 'comment_agent' => $this->agent->agent_string(), 'comment_approved' => $comment_approved);
     $this->db->insert($this->table_comments, $data);
 }
Пример #17
0
 public function set_login($id)
 {
     // 获取上次信息
     $info = $this->get_login($id);
     $this->db->set('login_ip', get_ip());
     $this->db->set('login_time', time());
     $this->db->set('pwd_errors', 0);
     $this->db->where('id', $id);
     $this->db->update($this->table);
     return $this->db->affected_rows();
 }
Пример #18
0
 public function logs($logstr)
 {
     $session_data = $this->session->all_userdata();
     //print_r($session_data);
     $uid = @$session_data['id'];
     $this->load->helper('common');
     if ($uid) {
         $data = array('user_id' => $uid, 'info' => $logstr, 'actionname' => $this->uri->uri_string, 'ctime' => date("Y-m-d H:i:s"), 'ip' => get_ip());
         $this->db->insert('hz_logs', $data);
     }
 }
Пример #19
0
 public function ask()
 {
     $formdata = array();
     $formdata['title'] = isset($GLOBALS['title']) ? remove_xss($GLOBALS['title']) : strcut($GLOBALS['content'], 80);
     $formdata['content'] = $GLOBALS['content'];
     $formdata['addtime'] = SYS_TIME;
     $formdata['publisher'] = $this->memberinfo['username'];
     $formdata['ip'] = get_ip();
     $this->db->insert('guestbook', $formdata);
     MSG('您的提问已经提交,我们的专家会尽快给您回复', '?m=guestbook&f=myissue&v=listing');
 }
Пример #20
0
 function sync()
 {
     $this->post_stamp = __request_timestamp__;
     $this->ip_addr = get_ip();
     $this->host_name = $GLOBALS['FUD_OPT_1'] & 268435456 ? "'" . addslashes(get_host($this->ip_addr)) . "'" : 'NULL';
     list($this->foff, $this->length) = write_pmsg_body($this->body);
     q("UPDATE phpgw_fud_pmsg SET\n\t\t\tto_list=" . strnull(addslashes($this->to_list)) . ",\n\t\t\ticon=" . strnull($this->icon) . ",\n\t\t\touser_id=" . $this->ouser_id . ",\n\t\t\tduser_id=" . $this->ouser_id . ",\n\t\t\tpost_stamp=" . $this->post_stamp . ",\n\t\t\tsubject='" . addslashes($this->subject) . "',\n\t\t\tip_addr='" . $this->ip_addr . "',\n\t\t\thost_name=" . $this->host_name . ",\n\t\t\tattach_cnt=" . (int) $this->attach_cnt . ",\n\t\t\tfldr=" . $this->fldr . ",\n\t\t\tfoff=" . (int) $this->foff . ",\n\t\t\tlength=" . (int) $this->length . ",\n\t\t\tpmsg_opt=" . $this->pmsg_opt . "\n\t\tWHERE id=" . $this->id);
     if ($this->fldr == 3) {
         $this->send_pmsg();
     }
 }
Пример #21
0
function module_basic_info()
{
    global $smarty;
    $smarty->assign('root_dir', S_ROOT);
    $smarty->assign('now', date('Y-m-d H:i:s'));
    $smarty->assign('user_ip', get_ip());
    $smarty->assign('http_user_agent', $_SERVER['HTTP_USER_AGENT']);
    $smarty->assign('server_name', $_SERVER['SERVER_NAME']);
    $smarty->assign('server_addr', gethostbyname($_SERVER['SERVER_NAME']));
    $smarty->assign('server_port', $_SERVER['SERVER_PORT']);
    $smarty->assign('server_software', $_SERVER['SERVER_SOFTWARE']);
}
 static function ProcessRequest($action)
 {
     global $mybb;
     switch ($action) {
         case AsyncRequestTypes::$LoadMostRecentMessages:
             return MessageLoader::LoadFromBeforeStartDate(new DateTime(), 20);
         case AsyncRequestTypes::$PostMessage:
             return MessagePoster::PostMessage($mybb->user, get_ip(), $_POST['badgerchat_message']);
         default:
             return "Unknown request type";
     }
 }
Пример #23
0
 function update_last_login()
 {
     global $db;
     if (!$this->valid) {
         return;
     }
     $now = time();
     $today = date("Y-m-d G:i:s", $now);
     $ip = get_ip();
     $db->query("update user set last_login_time='{$today}', ipaddr='{$ip}' where username='******'username']) . "' ");
     $this->info["ipaddr"] = $ip;
     $this->info["last_login_time"] = $today;
 }
Пример #24
0
/**
 * Logs an administrator action taking any arguments as log data.
 */
function log_admin_action()
{
    global $db, $mybb;
    $data = func_get_args();
    if (count($data) == 1 && is_array($data[0])) {
        $data = $data[0];
    }
    if (!is_array($data)) {
        $data = array($data);
    }
    $log_entry = array("uid" => (int) $mybb->user['uid'], "ipaddress" => $db->escape_binary(my_inet_pton(get_ip())), "dateline" => TIME_NOW, "module" => $db->escape_string($mybb->get_input('module')), "action" => $db->escape_string($mybb->get_input('action')), "data" => $db->escape_string(@my_serialize($data)));
    $db->insert_query("adminlog", $log_entry);
}
Пример #25
0
function validate_captcha()
{
    try {
        $captcha = new \ReCaptcha\ReCaptcha(CONFIG_RECAPTCHA_PRIVATE_KEY, new \ReCaptcha\RequestMethod\CurlPost());
        $response = $captcha->verify($_POST['g-recaptcha-response'], get_ip());
        if (!$response->isSuccess()) {
            message_error("Captcha error: " . print_r($response->getErrorCodes(), true));
        }
    } catch (Exception $e) {
        log_exception($e);
        message_error('Caught exception processing captcha. Please contact ' . (CONFIG_EMAIL_REPLYTO_EMAIL ? CONFIG_EMAIL_REPLYTO_EMAIL : CONFIG_EMAIL_FROM_EMAIL));
    }
}
Пример #26
0
 protected function main()
 {
     $this->set_title('hey');
     $this->set_tpl('invit/programme.html');
     Nw::$tpl->set('RPX_URL_INVIT', urlencode(Nw::$site_url . 'users-40.html?invit'));
     if (isset($_POST['submit_invit']) && !empty($_POST['code'])) {
         $query = Nw::$DB->query('SELECT COUNT(*) as count, i_id, i_nb_max_auth, i_nb_auth FROM invits WHERE i_code = \'' . insertBD(trim($_POST['code'])) . '\' GROUP BY i_id') or Nw::$DB->trigger(__LINE__, __FILE__);
         $dn = $query->fetch_assoc();
         if ($dn['count'] > 0) {
             if ($dn['i_nb_auth'] < $dn['i_nb_max_auth']) {
                 Nw::$DB->query('UPDATE invits SET i_nb_auth = i_nb_auth + 1 WHERE i_id = ' . intval($dn['i_id']));
                 $_SESSION['nw_invit'] = true;
                 redir('Bienvenue sur la version bêta privée de Nouweo.', true, './');
             } else {
                 redir('Ce code d\'invitation a expiré.', false, './');
             }
         } else {
             redir('Ce code d\'invitation n\'existe pas.', false, './');
         }
     }
     if (isset($_POST['submit_request']) && !empty($_POST['pseudo']) && !empty($_POST['email'])) {
         // L'email est bien sous la bonne forme (name@domain.tld)
         if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
             $query = Nw::$DB->query('SELECT COUNT(*) as count FROM invits_request WHERE r_email = \'' . insertBD(trim($_POST['email'])) . '\' GROUP BY r_email') or Nw::$DB->trigger(__LINE__, __FILE__);
             $dn = $query->fetch_assoc();
             if ($dn['count'] == 0) {
                 Nw::$DB->query('INSERT INTO invits_request (r_pseudo, r_email, r_date, r_ip) VALUES(\'' . insertBD(trim($_POST['pseudo'])) . '\', \'' . insertBD(trim($_POST['email'])) . '\', NOW(), \'' . get_ip() . '\')');
                 redir('Vous avez bien été noté sur la liste d\'attente.', true, './');
             } else {
                 redir('Cette adresse email est déjà utilisée.', false, './');
             }
         } else {
             redir('Cette adresse email n\'est pas valide.', false, './');
         }
     }
     if (isset($_POST['submit_login']) && !empty($_POST['pseudo']) && !empty($_POST['mdp'])) {
         inc_lib('users/get_info_account');
         if ($dn_info_account = get_info_account($_POST['pseudo'], $_POST['mdp'])) {
             if ($dn_info_account['u_active'] == 1) {
                 inc_lib('users/connect_auto_user');
                 connect_auto_user($dn_info_account['u_id'], $_POST['mdp'], true);
                 $_SESSION['nw_invit'] = true;
                 redir('Bienvenue sur la version bêta privée de Nouweo.', true, './');
             } else {
                 redir('Votre compte n\'est pas activé, il ne peut être utilisé.', false, './');
             }
         } else {
             redir('Aucun compte ne correspond à ce pseudo  et mot de passe.', false, './');
         }
     }
 }
Пример #27
0
 public function add($category, $message)
 {
     $this->db->set('url', $_SERVER['REQUEST_URI']);
     $this->db->set('controller', $this->router->class);
     $this->db->set('category', $category);
     $this->db->set('message', $message);
     $this->db->set('message', $message);
     $this->db->set('ip', get_ip());
     if ($this->session->userdata('mid')) {
         $this->db->set('mid', $this->session->userdata('mid'));
     }
     $this->db->set('timeline', time());
     $this->db->insert('log');
 }
Пример #28
0
 /**
  * 导入记录信息
  * 
  * @param string $pid        	
  * @param string $location        	
  * @param string $toplocation        	
  * @param string $cookies        	
  * @param unknown $data        	
  */
 public function __construct($pid = "", $location = "", $toplocation = "", $cookies = "", $data = array())
 {
     $this->pid = $pid;
     $this->location = $location;
     $this->toplocation = $toplocation;
     $this->cookies = $cookies;
     $this->data = is_array($data) ? $data : array();
     $this->dbh = $GLOBALS['pmx_dbh'];
     $this->ip = get_ip();
     $this->time = get_time();
     $this->HTTP_ACCEPT = isset($_SERVER["HTTP_ACCEPT"]) ? $_SERVER["HTTP_ACCEPT"] : "";
     $this->HTTP_REFERER = isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "";
     $this->HTTP_USER_AGENT = isset($_SERVER["HTTP_USER_AGENT"]) ? $_SERVER["HTTP_USER_AGENT"] : "";
 }
Пример #29
0
 public function contact()
 {
     $_username = get_cookie('_username');
     if (isset($GLOBALS['submit'])) {
         checkcode($GLOBALS['checkcode']);
         $model_r = $this->db->get_one('model', array('m' => 'guestbook'));
         $formdata = '';
         require get_cache_path('guestbook_add', 'model');
         $form_add = new form_add($model_r['modelid']);
         $formdata = $form_add->execute($GLOBALS['form']);
         $formdata['master_data']['publisher'] = $_username;
         $formdata['master_data']['addtime'] = SYS_TIME;
         $formdata['master_data']['ip'] = get_ip();
         $formdata['master_data']['status'] = 9;
         $this->db->insert($formdata['master_table'], $formdata['master_data']);
         //执行更新
         require get_cache_path('guestbook_update', 'model');
         $form_update = new form_update($model_r['modelid']);
         $form_update->execute($formdata);
         MSG('您的留言已提交,我们将尽快给您回复', HTTP_REFERER, 3000);
     } else {
         $model_r = $this->db->get_one('model', array('m' => 'guestbook'));
         require get_cache_path('guestbook_form', 'model');
         $form_build = new form_build($model_r['modelid']);
         $formdata = $form_build->execute();
         $field_list = '';
         if (is_array($formdata['0'])) {
             foreach ($formdata['0'] as $field => $info) {
                 if ($info['powerful_field']) {
                     continue;
                 }
                 if ($info['formtype'] == 'powerful_field') {
                     foreach ($formdata['0'] as $_fm => $_fm_value) {
                         if ($_fm_value['powerful_field']) {
                             $info['form'] = str_replace('{' . $_fm . '}', $_fm_value['form'], $info['form']);
                         }
                     }
                     foreach ($formdata['1'] as $_fm => $_fm_value) {
                         if ($_fm_value['powerful_field']) {
                             $info['form'] = str_replace('{' . $_fm . '}', $_fm_value['form'], $info['form']);
                         }
                     }
                 }
                 $field_list[] = $info;
             }
         }
         include T('guestbook', 'contact');
     }
 }
Пример #30
0
 /**
  * 写入session_id 的值
  * 
  * @param $id session
  * @param $data 值
  * @return mixed query 执行结果
  */
 public function write($id, $data)
 {
     $uid = isset($_SESSION['uid']) ? $_SESSION['uid'] : 0;
     $role = isset($_SESSION['role']) ? $_SESSION['role'] : 0;
     $gid = isset($_SESSION['gid']) ? $_SESSION['gid'] : 0;
     $m = defined('M') ? M : '';
     $f = defined('F') ? F : '';
     $v = defined('V') ? V : '';
     if (strlen($data) > 255) {
         $data = '';
     }
     $ip = get_ip();
     $sessiondata = array('sessionid' => $id, 'uid' => $uid, 'ip' => $ip, 'lastvisit' => SYS_TIME, 'role' => $role, 'gid' => $gid, 'm' => $m, 'f' => $f, 'v' => $v, 'data' => $data);
     return $this->db->insert('session', $sessiondata, TRUE, TRUE);
 }