public function vxFriend()
{
if (isset($_GET['user_nick'])) {
$user_nick = make_single_safe($_GET['user_nick']);
if (get_magic_quotes_gpc()) {
$user_nick = stripslashes($user_nick);
}
$user_id = $this->Validator->vxExistUserNick($user_nick);
if ($user_id) {
$_u = $this->User->vxGetUserInfo($user_id);
} else {
$_u = false;
}
} else {
$_u = false;
}
if ($_u) {
$this->vxHeader(make_plaintext($_u->usr_nick) . ' 的朋友');
} else {
$this->vxHeader('用户不存在');
}
$this->vxBodyStart();
$this->vxH1();
echo '<div class="content"><small>';
if ($this->User->vxIsLogin()) {
echo '<a href="/u/' . urlencode($this->User->usr_nick) . '">' . $this->User->usr_nick . '</a> - ';
echo '<a href="/babel_mobile.php?m=logout">登出</a>';
} else {
echo '<a href="/babel_mobile.php?m=login">登录</a>';
}
echo '</small></div>';
if ($_u) {
$sql = "SELECT COUNT(frd_id) FROM babel_friend WHERE frd_uid = {$_u->usr_id}";
$rs = mysql_query($sql);
$_total = mysql_result($rs, 0, 0);
mysql_free_result($rs);
$_per = 10;
if ($_total % $_per == 0) {
$_pages = $_total / $_per;
} else {
$_pages = floor($_total / $_per) + 1;
}
if (isset($_GET['p'])) {
$_p = intval($_GET['p']);
if ($_p < 1) {
$_p = 1;
}
if ($_p > $_pages) {
$_p = $_pages;
}
} else {
$_p = 1;
}
if ($_p == 1) {
$_p_first = true;
} else {
$_p_first = false;
}
if ($_p == $_pages) {
$_p_last = true;
} else {
$_p_last = false;
}
$_SESSION['babel_page_user_friend_mobile'] = $_p;
$_p_start = ($_p - 1) * $_per;
echo '<div class="content"><small><a href="/">V2EX</a> > <a href="/u/' . urlencode($_u->usr_nick) . '">' . $_u->usr_nick . '</a> > ' . $_total . ' 个朋友</small></div>';
echo '<div class="content"><small><a href="/u/' . $_u->usr_nick . '" target="_blank">' . $_u->usr_nick . '</a> 共有 ' . $_total . ' 个朋友</small></div>';
if ($o = $this->cl->get('babel_user_friend_mobile_' . $_u->usr_id . '_' . $_p)) {
echo $o;
} else {
$_o = '';
$sql = "SELECT usr_id, usr_gender, usr_nick, usr_portrait, usr_hits, frd_created FROM babel_user, babel_friend WHERE usr_id = frd_fid AND frd_uid = {$_u->usr_id} ORDER BY frd_created ASC LIMIT {$_p_start}, {$_per}";
$rs = mysql_query($sql, $this->db);
while ($Friend = mysql_fetch_array($rs)) {
if ($Friend['usr_portrait'] == '') {
$Friend['usr_portrait_img'] = '/img/p_' . $Friend['usr_gender'] . '_n.gif';
} else {
$Friend['usr_portrait_img'] = '/img/p/' . $Friend['usr_portrait'] . '_n.' . BABEL_PORTRAIT_EXT;
}
$_o .= '<div class="content"><small>';
$sql = "SELECT tpc_id, tpc_title, tpc_lasttouched FROM babel_topic WHERE tpc_uid = {$Friend['usr_id']} ORDER BY tpc_created DESC LIMIT 1";
$rs_topic = mysql_query($sql, $this->db);
if ($Topic = mysql_fetch_object($rs_topic)) {
$_o .= '<img src="' . $Friend['usr_portrait_img'] . '" align="absmiddle" class="p" /> <a href="/u/' . $Friend['usr_nick'] . '">' . $Friend['usr_nick'] . '</a> - <a href="/t/' . $Topic->tpc_id . '">' . make_plaintext($Topic->tpc_title) . '</a> - ' . make_desc_time($Topic->tpc_lasttouched) . ' ago</small>';
} else {
$_o .= '<img src="' . $Friend['usr_portrait_img'] . '" align="absmiddle" class="p" /> <a href="/u/' . $Friend['usr_nick'] . '">' . $Friend['usr_nick'] . '</a></small>';
}
unset($Topic);
mysql_free_result($rs_topic);
$_o .= '</div>';
}
mysql_free_result($rs);
echo $_o;
$this->cl->save($_o, 'babel_user_friend_mobile_' . $_u->usr_id . '_' . $_p);
}
if ($_pages > 1) {
echo '<div class="content"><small>';
if (!$_p_last) {
echo ' <a href="/f/' . urlencode($_u->usr_nick) . '/' . ($_p + 1) . '">下一页</a>';
}
if (!$_p_first) {
echo ' <a href="/f/' . urlencode($_u->usr_nick) . '/' . ($_p - 1) . '">上一页</a>';
}
echo ' - ' . $_p . '/' . $_pages;
echo '</small></div>';
}
} else {
echo '<div class="content">用户不存在</div>';
}
$this->vxBottom();
$this->vxBodyEnd();
$this->vxHTMLEnd();
}
$p->vxContainer('ing_public');
} else {
$p->vxContainer('ing_friends', $User);
}
break;
case 'ojs_ing_personal':
$global_has_bottom = false;
$p->vxHeadMini('JavaScript 输出我的 ING 中的最新活动');
$p->vxBodyStart();
$p->vxOutputJavaScriptIngPersonal();
break;
case 'dry':
$options = array();
$options['mode'] = false;
if (isset($_GET['user_nick'])) {
$user_nick = mysql_real_escape_string(make_single_safe($_GET['user_nick']), $p->db);
if (strlen($user_nick) > 0) {
$sql = "SELECT usr_id, usr_nick, usr_brief, usr_gender, usr_portrait, usr_hits, usr_created FROM babel_user WHERE usr_nick = '{$user_nick}'";
$rs = mysql_query($sql, $p->db);
if ($O = mysql_fetch_object($rs)) {
$options['mode'] = 'fixed';
$O->usr_nick_plain = make_plaintext($O->usr_nick);
$O->usr_nick_url = urlencode($O->usr_nick);
$options['target'] = $O;
$O = null;
} else {
if ($p->User->vxIsLogin()) {
$options['mode'] = 'self';
}
}
mysql_free_result($rs);
<?php
define('V2EX_BABEL', 1);
require 'core/Settings.php';
require 'core/Utilities.php';
if (isset($_SERVER['HTTP_REFERER'])) {
$_prev = $_SERVER['HTTP_REFERER'];
} else {
$_prev = 'http://' . BABEL_DNS_NAME . '/';
}
header('Content-type: text/html;charset=UTF-8');
$to = false;
if (isset($_GET['go'])) {
$go = make_single_safe($_GET['go']);
if ($go != '') {
if ($go == '/' | $go == '..') {
$to = '/';
header('Location: ' . $to);
die;
}
if ($go == './' | $go == '.') {
$to = $_prev;
header('Location: ' . $to);
die;
}
if ($go == 'profile' | $go == 'settings') {
$to = '/user/modify.vx';
header('Location: ' . $to);
die;
}
if ($go == 'zen' | $go == 'z') {
function vx_check_login()
{
$rt = array();
$rt['mode'] = 'ok';
$rt['return'] = '';
$rt['errors'] = 0;
$rt['usr_value'] = '';
$rt['usr_email_value'] = '';
/* usr_error:
0 => no error
1 => empty
999 => unspecific */
$rt['usr_error'] = 0;
switch (BABEL_LANG) {
case 'zh_cn':
$rt['usr_error_msg'] = array(1 => '你忘记填写用户名了');
break;
default:
case 'en_us':
$rt['usr_error_msg'] = array(1 => 'Please type your user ID');
break;
case 'pl_pl':
$rt['usr_error_msg'] = array(1 => 'Proszę wpisać nazwę (ID) użytkownika');
break;
case 'ko_kr':
$rt['usr_error_msg'] = array(1 => '이름을 적어주세요');
break;
case 'ja_jp':
$rt['usr_error_msg'] = array(1 => 'ID を入カしてください');
break;
}
$rt['usr_password_value'] = '';
/* usr_password_error:
0 => no error
1 => empty
2 => mismatch
999 => unspecific */
$rt['usr_password_error'] = 0;
switch (BABEL_LANG) {
case 'zh_cn':
$rt['usr_password_error_msg'] = array(1 => '你忘记填写密码了', 2 => '名字或者密码有错误');
break;
default:
case 'en_us':
$rt['usr_password_error_msg'] = array(1 => 'Please type your password', 2 => 'User ID or password is wrong');
break;
case 'pl_pl':
$rt['usr_password_error_msg'] = array(1 => 'Proszę wpisać hasło', 2 => 'Podana nazwa użytkownika lub hasło jest nieprawidłowe.');
break;
case 'ko_kr':
$rt['usr_password_error_msg'] = array(1 => '페스워드가 정확하지않습니다', 2 => '이름 또는 페스워드가 정확하지않습니다');
break;
case 'ja_jp':
$rt['usr_password_error_msg'] = array(1 => 'パスワードを入カしてください', 2 => '入力されたIDか、パスワードが間違っています');
break;
}
if (isset($_POST['return'])) {
if (function_exists('get_magic_quotes_gpc')) {
if (get_magic_quotes_gpc()) {
$rt['return'] = trim(stripslashes($_POST['return']));
} else {
$rt['return'] = trim($_POST['return']);
}
} else {
$rt['return'] = trim($_POST['return']);
}
}
if (isset($_POST['usr'])) {
if (function_exists('get_magic_quotes_gpc')) {
if (get_magic_quotes_gpc()) {
$rt['usr_value'] = strtolower(make_single_safe(stripslashes($_POST['usr'])));
} else {
$rt['usr_value'] = strtolower(make_single_safe($_POST['usr']));
}
} else {
$rt['usr_value'] = strtolower(make_single_safe($_POST['usr']));
}
if (mb_strlen($rt['usr_value'], 'UTF-8') == 0) {
$rt['usr_error'] = 1;
$rt['errors']++;
}
} else {
$rt['usr_error'] = 1;
$rt['errors']++;
}
if ($rt['errors'] > 0) {
return $rt;
}
if (isset($_POST['usr_password'])) {
if (function_exists('get_magic_quotes_gpc')) {
if (get_magic_quotes_gpc()) {
$rt['usr_password_value'] = make_single_safe(stripslashes($_POST['usr_password']));
} else {
$rt['usr_password_value'] = make_single_safe($_POST['usr_password']);
}
} else {
$rt['usr_password_value'] = make_single_safe($_POST['usr_password']);
}
if (strlen($rt['usr_password_value']) == 0) {
$rt['usr_password_error'] = 1;
$rt['errors']++;
}
} else {
$rt['usr_password_error'] = 1;
$rt['errors']++;
}
if ($rt['errors'] > 0) {
return $rt;
}
$sql = "SELECT usr_id FROM babel_user WHERE usr_email = '" . mysql_real_escape_string($rt['usr_value']) . "' AND usr_password = '******'usr_password_value'])) . "'";
$rs = mysql_query($sql);
if (mysql_num_rows($rs) == 1) {
mysql_free_result($rs);
$rt['usr_email_value'] = $rt['usr_value'];
} else {
mysql_free_result($rs);
$sql = "SELECT usr_id, usr_email FROM babel_user WHERE usr_nick = '" . mysql_real_escape_string($rt['usr_value']) . "' AND usr_password = '******'usr_password_value']) . "'";
$rs = mysql_query($sql);
if ($user_array = mysql_fetch_array($rs)) {
$rt['usr_email_value'] = $user_array['usr_email'];
} else {
$rt['usr_password_error'] = 2;
$rt['errors']++;
}
mysql_free_result($rs);
}
return $rt;
}
<?php
define('V2EX_BABEL', 1);
require_once 'core/Settings.php';
require_once 'core/Utilities.php';
ini_set('include_path', BABEL_PREFIX . '/libs/zf/' . ZEND_FRAMEWORK_VERSION . PATH_SEPARATOR . ini_get('include_path'));
require_once 'Zend/Cache.php';
header('Cache-Control: max-age=86400');
header('Expires: ' . date('r', time() + 86400));
if (isset($_GET['fn'])) {
$fn = make_single_safe($_GET['fn']);
if (ZEND_CACHE_MEMCACHED_ENABLED == 'yes') {
$cache = Zend_Cache::factory('Core', 'Memcached', $ZEND_CACHE_OPTIONS_LONG_FRONTEND, $ZEND_CACHE_OPTIONS_MEMCACHED);
} else {
$cache = Zend_Cache::factory('Core', ZEND_CACHE_TYPE_LONG, $ZEND_CACHE_OPTIONS_LONG_FRONTEND, $ZEND_CACHE_OPTIONS_LONG_BACKEND[ZEND_CACHE_TYPE_LONG]);
}
if ($o = $cache->load('weblog_portrait_' . $fn)) {
header("Content-type: image/jpeg");
header("X-Babel: Cache Hit!");
echo $o;
} else {
if (@($db = mysql_connect(BABEL_DB_HOSTNAME . ':' . BABEL_DB_PORT, BABEL_DB_USERNAME, BABEL_DB_PASSWORD))) {
mysql_select_db(BABEL_DB_SCHEMATA);
mysql_query("SET NAMES utf8");
mysql_query("SET CHARACTER SET utf8");
mysql_query("SET COLLATION_CONNECTION='utf8_general_ci'");
$fn = mysql_real_escape_string($fn);
$sql = "SELECT bgp_content FROM babel_weblog_portrait WHERE bgp_filename = '{$fn}'";
$rs = mysql_query($sql);
if ($o = mysql_fetch_array($rs)) {
header("Content-type: image/jpeg");
public function vxUserSettle()
{
if ($this->User->vxIsLogin()) {
if (isset($_GET['geo'])) {
$geo = strtolower(make_single_safe($_GET['geo']));
$this->Geo = new Geo($geo);
if ($this->Geo->geo->geo) {
$sql = "UPDATE babel_user SET usr_geo = '{$geo}' WHERE usr_id = {$this->User->usr_id}";
mysql_query($sql, $this->db);
$this->URL->vxToRedirect($this->URL->vxGetUserMove());
} else {
$this->URL->vxToRedirect($this->URL->vxGetUserMove());
}
} else {
$this->URL->vxToRedirect($this->URL->vxGetUserMove());
}
} else {
$this->URL->vxToRedirect($this->URL->vxGetLogin($this->URL->vxGetUserMove()));
}
}
public function vxAddAdd()
{
_v_m_s();
_v_b_l_s();
_v_ico_map();
echo ' <a href="/">' . Vocabulary::site_name . '</a> > ' . $this->User->usr_nick_plain . ' > ADD > 添加新收藏 <span class="tip_i"><small>alpha</small></span>';
_v_d_e();
_v_b_l_s();
echo '<div style="float: right; padding: 3px 10px 3px 10px; font-size: 12px; background-color: #F0F0F0; -moz-border-radius: 5px; color: #999;">';
echo '<a href="/add">热门收藏</a> | <a href="/buttons/add">安装浏览器按钮</a>';
echo ' | <a href="/add/own">我的收藏</a> | 添加新收藏';
if (BABEL_FEATURE_ADD_SYNC) {
echo ' | <a href="/sync/add">同步</a>';
}
echo ' <a href="/feed/add">' . _vo_ico_silk('feed') . '</a>';
echo '</div>';
echo '<span class="text_large">';
_v_ico_silk('add');
echo ' ADD/New</span>';
echo ' <span class="tip_i">';
echo ' 添加新的收藏 ...';
echo '</span>';
_v_hr();
$query = substr($_SERVER['QUERY_STRING'], 10, mb_strlen($_SERVER['QUERY_STRING']) - 10);
$parameters = Bookmark::vxParse($query);
echo '添加一个新的网址,粗体带有 * 号的部分是必填的。';
echo '<div style="padding: 20px 0px 10px 40px; font-family: Courier;">';
echo '<form style="padding: 0px; margin: 0px; display: inline;" id="add_add" action="/babel" method="get">';
echo '<input type="hidden" value="add_save" name="m" />';
echo '<table width="550" cellpadding="0" cellspacing="0" border="0">';
if (array_key_exists('url', $parameters)) {
$value_url = make_single_safe($parameters['url']);
} else {
$value_url = '';
}
echo '<tr>';
echo '<td align="right" width="80" height="30"><strong>URL*</strong> </td>';
echo '<td align="left" height="30"><input type="text" class="slll" name="url" value="' . $value_url . '" /></td>';
echo '</tr>';
if (array_key_exists('title', $parameters)) {
$value_title = make_single_safe($parameters['title']);
} else {
$value_title = '';
}
echo '<tr>';
echo '<td align="right" width="80" height="30"><strong>标题*</strong> </td>';
echo '<td align="left" height="30"><input type="text" class="slll" name="title" value="' . $value_title . '" /></td>';
echo '</tr>';
if (array_key_exists('notes', $parameters)) {
$value_notes = make_single_safe($parameters['notes']);
} else {
$value_notes = '';
}
echo '<tr>';
echo '<td align="right" width="80" height="30">备注 </td>';
echo '<td align="left" height="30"><input type="text" class="slll" name="notes" value="' . $value_notes . '" /></td>';
echo '</tr>';
echo '<tr>';
echo '<td align="right" width="80" height="30"></td>';
echo '<td align="left" height="30">';
_v_btn_f('保存', 'add_add');
echo '</td>';
echo '</tr>';
echo '</table>';
echo '</form>';
echo '</div>';
_v_hr();
echo '<span class="tip_i">';
_v_ico_silk('information');
echo ' 每个加入收藏的书签将消耗 10 个铜币。';
echo '</span>';
_v_d_e();
Widget::vxAddAbout();
_v_d_e();
}
.gif" alt="<?php
echo $lang->login();
?>
" /></td>
</tr>
<?php
if (isset($rt['return'])) {
if (trim($rt['return']) != '') {
echo '<input type="hidden" value="' . make_single_return($rt['return'], 0) . '" name="return" />';
}
} else {
if (isset($_GET['r'])) {
if (get_magic_quotes_gpc()) {
$return = make_single_safe(stripslashes($_GET['r']));
} else {
$return = make_single_safe($_GET['r']);
}
if ($return != '') {
echo '<input type="hidden" value="' . make_single_return($return) . '" name="return" />';
}
}
}
?>
</form>
</table>
</div>
<div id="bottom" align="center">
© 2006-2007 <a href="http://<?php
echo BABEL_DNS_NAME;
?>
public function vxTopicCreate()
{
if (isset($_POST['xml'])) {
$xml = trim($_POST['xml']);
$x = simplexml_load_string($xml);
$usr_email = make_single_safe($x->user->email);
$usr_password = make_single_safe($x->user->pass);
$tpc_title = make_single_safe($x->topic->title);
$tpc_description = make_multi_safe($x->topic->description);
$tpc_content = make_multi_safe($x->topic->content);
$nod_name = make_single_safe($x->topic->target);
if (strlen($usr_email) == 0 | strlen($usr_password) == 0 | strlen($tpc_title) == 0 | strlen($tpc_content) == 0 | strlen($nod_name) == 0) {
return $this->vxMessage(999);
}
$sql = "SELECT usr_id FROM babel_user WHERE usr_email = '{$usr_email}' AND usr_password = '******' AND usr_api = 1";
$rs = mysql_query($sql);
if (mysql_num_rows($rs) == 1) {
mysql_free_result($rs);
$this->User = new User($usr_email, $usr_password, $this->db);
$this->Validator = new Validator($this->db, $this->User);
$sql = "SELECT nod_id FROM babel_node WHERE nod_name = '{$nod_name}' AND nod_level > 1";
$rs = mysql_query($sql);
if (mysql_num_rows($rs) == 1) {
$O = mysql_fetch_object($rs);
$Node = new Node($O->nod_id, $this->db);
$O = null;
mysql_free_result($rs);
$rt = $this->Validator->vxAPITopicCreateCheck($tpc_title, $tpc_content, $tpc_description);
if ($rt['errors'] > 0) {
return $this->vxMessage(998);
} else {
if ($this->User->usr_money > BABEL_API_TOPIC_PRICE) {
$this->Validator->vxTopicCreateInsert($Node->nod_id, $this->User->usr_id, $rt['tpc_title_value'], $rt['tpc_description_value'], $rt['tpc_content_value'], -BABEL_API_TOPIC_PRICE);
$Node->vxUpdateTopics();
$sql = "SELECT tpc_id FROM babel_topic WHERE tpc_pid = {$Node->nod_id} AND tpc_uid = {$this->User->usr_id} ORDER BY tpc_created DESC LIMIT 1";
$rs = mysql_query($sql);
$O = mysql_fetch_object($rs);
return $this->vxMessage(1, $O);
} else {
return $this->vxMessage(600);
}
}
} else {
return $this->vxMessage(996);
}
} else {
mysql_free_result($rs);
return $this->vxMessage(997);
}
return $this->vxMessage(100);
} else {
return $this->vxMessage(999);
}
}
public function vxPostUpdateCheck($Post, $User)
{
$rt = array();
$rt['post_id'] = $Post->pst_id;
$rt['errors'] = 0;
$rt['permit'] = false;
$rt['flag_last'] = false;
$rt['rank'] = 0;
if ($Post->pst_uid == $User->usr_id) {
$rt['permit'] = true;
} else {
if ($User->usr_id != 1) {
$rt['errors']++;
} else {
$rt['permit'] = true;
}
}
$rt['pst_title_value'] = '';
/* pst_title_error:
0 => no error
1 => empty
2 => overflow
999 => unspecific */
$rt['pst_title_error'] = 0;
$rt['pst_title_error_msg'] = array(1 => '你忘记写标题了', 2 => '你写的标题太长了');
$rt['pst_content_value'] = '';
/* pst_content_error:
0 => no error
1 => empty
2 => overflow
999 => unspecific */
$rt['pst_content_error'] = 0;
$rt['pst_content_error_msg'] = array(1 => '你忘记写内容了', 2 => '你写的内容太长了');
if (isset($_POST['pst_title'])) {
$rt['pst_title_value'] = make_single_safe($_POST['pst_title']);
if (strlen($rt['pst_title_value']) > 0) {
if (mb_strlen($rt['pst_title_value'], 'UTF-8') > 80) {
$rt['pst_title_error'] = 2;
$rt['errors']++;
}
} else {
$rt['pst_title_error'] = 1;
$rt['errors']++;
}
} else {
$rt['pst_title_error'] = 1;
$rt['errors']++;
}
if (isset($_POST['pst_content'])) {
$rt['pst_content_value'] = make_multi_safe($_POST['pst_content']);
if (strlen($rt['pst_content_value']) > 0) {
if (mb_strlen($rt['pst_content_value'], 'utf-8') > 10240) {
$rt['pst_content_error'] = 2;
$rt['errors']++;
}
} else {
$rt['pst_content_error'] = 1;
$rt['errors']++;
}
} else {
$rt['pst_content_error'] = 1;
$rt['errors']++;
}
if ($rt['errors'] == 0) {
$sql = "SELECT pst_id FROM babel_post WHERE pst_tid = {$Post->pst_tid} ORDER BY pst_id ASC";
$rs = mysql_query($sql);
$i = 0;
$count = mysql_num_rows($rs);
while ($_p = mysql_fetch_array($rs)) {
$i++;
if ($_p['pst_id'] == $Post->pst_id && $i == $count) {
$rt['permit'] = true;
$rt['flag_last'] = true;
}
if ($_p['pst_id'] == $Post->pst_id) {
$rt['rank'] = $i;
}
unset($_p);
}
mysql_free_result($rs);
if (!$rt['flag_last']) {
if ($this->User->usr_id != 1) {
$rt['permit'] = false;
$rt['errors']++;
}
}
}
return $rt;
}
require_once 'Cache/Lite.php';
require_once 'Crypt/Blowfish.php';
if (isset($_SERVER['HTTP_REFERER'])) {
$_prev = $_SERVER['HTTP_REFERER'];
} else {
$_prev = 'http://' . BABEL_DNS_NAME . '/';
}
header('Content-type: text/html;charset=UTF-8');
$to = false;
if (isset($_GET['usr']) && isset($_GET['password'])) {
if (get_magic_quotes_gpc()) {
$_usr = make_single_safe(stripslashes($_GET['usr']));
$_password = make_single_safe(stripslashes($_GET['password']));
} else {
$_usr = make_single_safe($_GET['usr']);
$_password = make_single_safe($_GET['password']);
}
if ($_usr != '' && $_password != '') {
$db = mysql_connect(BABEL_DB_HOSTNAME . ':' . BABEL_DB_PORT, BABEL_DB_USERNAME, BABEL_DB_PASSWORD);
mysql_select_db(BABEL_DB_SCHEMATA);
mysql_query("SET NAMES utf8");
mysql_query("SET CHARACTER SET utf8");
mysql_query("SET COLLATION_CONNECTION='utf8_general_ci'");
$__usr = mysql_real_escape_string($_usr, $db);
$__password = sha1($_password);
if (preg_match('/@/', $usr)) {
$sql = "SELECT usr_id, usr_nick, usr_email, usr_password FROM babel_user WHERE usr_email = '{$__usr}' AND usr_password = '******'";
} else {
$sql = "SELECT usr_id, usr_nick, usr_email, usr_password FROM babel_user WHERE usr_nick = '{$__usr}' AND usr_password = '******'";
}
$rs = mysql_query($sql);