function recruitSoldier($id) {
$com = getUserDetails($id, "commander");
updateUser($id, " exp =exp+6,clicks=clicks+4");
if ($com->commander AND $com->commander == $_SESSION['isLogined']) {
updateUser($com->commander, " exp =exp+3,clicks=clicks+1,uu=uu+1");
}
}
/**
* This file is a part of MyWebSQL package
*
* @file: modules/usermanager.php
* @author Samnan ur Rehman
* @copyright (c) 2008-2014 Samnan ur Rehman
* @web http://mywebsql.net
* @license http://mywebsql.net/license
*/
function processRequest(&$db)
{
$action = v($_REQUEST["id"]);
include BASE_PATH . "/lib/usermanager.php";
$legacyServer = Session::get('db', 'version') < 5;
$editor = new userManager($db, $legacyServer);
$message = '';
if ($action != '') {
if ($action == "add") {
$result = addUser($db, v($_REQUEST["query"]), $editor);
} else {
if ($action == "delete") {
$result = deleteUser($db, v($_REQUEST["query"]), $editor);
} else {
if ($action == "update") {
$result = updateUser($db, v($_REQUEST["query"]), $editor);
}
}
}
if ($result) {
$db->flush('PRIVILEGES', true);
$message = __('The command executed successfully');
} else {
$message = __('Error occurred while executing the query');
}
}
displayUserForm($db, $editor, $message, $action);
}
function commandRouter($action)
{
switch ($action) {
case 'login':
loginUser();
break;
case 'createUser':
createUser();
break;
case 'getUser':
getUser();
break;
case 'deleteUser':
deleteUser();
break;
case 'updateUser':
updateUser();
break;
case 'addTab':
addTab();
break;
case 'delTab':
delTab();
break;
case 'editTab':
editTab();
break;
case 'getTabs':
getTabs();
break;
case 'addNote':
addNote();
break;
case 'delNote':
delNote();
break;
case 'editNote':
editNote();
break;
case 'getNotes':
getNotes();
break;
default:
break;
}
}
function parseURI()
{
parse_str($_SERVER['QUERY_STRING'], $params);
$ustreamUID = $params['ustreamUID'] ? $params['ustreamUID'] : NULL;
$longitude = $params['longitude'] ? $params['longitude'] : NULL;
$latitude = $params['latitude'] ? $params['latitude'] : NULL;
$event = $params['event'] ? $params['event'] : NULL;
echo "uid: " . $ustreamUID . " latitude: " . $latitude . " longitude: " . $longitude . " event: " . $event . "<br/>";
if ($ustreamUID && $longitude && $latitude && $event) {
if (findUser($ustreamUID)) {
updateUser($ustreamUID, $longitude, $latitude, $event);
} else {
insertUser($ustreamUID);
updateUser($ustreamUID, $longitude, $latitude, $event);
}
}
}
function commandRouter($action)
{
switch ($action) {
case 'login':
loginUser();
break;
case 'createUser':
createUser();
break;
case 'getUser':
getUser();
break;
case 'deleteUser':
deleteUser();
break;
case 'updateUser':
updateUser();
break;
case 'addInv':
addToInv();
break;
case 'subInv':
subFromInv();
break;
case 'getInv':
getInventory();
break;
case 'getDecks':
getDecks();
break;
case 'createDeck':
createDeck();
break;
case 'updateDeck':
updateDeck();
break;
case 'deleteDeck':
deleteDeck();
break;
default:
break;
}
}
//END-OF-FIX
// END: HACK - ADVANCED USER MANAGER
//END-OF-FIX
case "modifyUser":
//FIX:DOMSNITT
// START: HACK - ADVANCED USER MANAGER
//modifyUser($chng_uid);
modifyUser($chng_uid, $viewmode, $sortorder, $start);
// END: HACK - ADVANCED USER MANAGER
//END-OF-FIX
break;
case "updateUser":
//FIX:DOMSNITT
// START: HACK - ADVANCED USER MANAGER
//updateUser($chng_uid, $chng_uname, $chng_name, $chng_url, $chng_email, $chng_femail, $chng_user_icq, $chng_user_aim, $chng_user_yim, $chng_user_msnm, $chng_user_from, $chng_user_occ, $chng_user_intrest, $chng_user_viewemail, $chng_avatar, $chng_user_sig, $chng_pass, $chng_pass2, $chng_newsletter, $subscription, $subscription_expire, $reason);
updateUser($chng_uid, $chng_uname, $chng_name, $chng_url, $chng_email, $chng_femail, $chng_user_icq, $chng_user_aim, $chng_user_yim, $chng_user_msnm, $chng_user_from, $chng_user_occ, $chng_user_intrest, $chng_user_viewemail, $chng_avatar, $chng_user_sig, $chng_pass, $chng_pass2, $chng_newsletter, $subscription, $subscription_expire, $reason, $viewmode, $sortorder, $start);
// END: HACK - ADVANCED USER MANAGER
//END-OF-FIX
break;
case "delUser":
include "header.php";
GraphicAdmin();
OpenTable();
echo "<center><font class=\"title\"><b>" . _USERADMIN . "</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
echo "<center><font class=\"option\"><b>" . _DELETEUSER . "</b></font><br><br>" . "" . _SURE2DELETE . " {$chng_uid}?<br><br>" . "";
//FIX:DOMSNITT
// START: HACK - ADVANCED USER MANAGER - One Line up
// ."[ <a href=\"".$admin_file.".php?op=delUserConf&del_uid=$chng_uid\">" . _YES . "</a> | <a href=\"".$admin_file.".php?op=mod_users\">" . _NO . "</a> ]</center>";
echo '{"result":1,"users":[';
//start of json object
while ($row) {
echo json_encode($row);
//convert the result array to json object
$row = $obj->fetch();
if ($row) {
echo ",";
//if there are more rows, add comma
}
}
echo "]}";
//end of json array and object
}
switch ($cmd) {
case 1:
addUser($_REQUEST['user_name'], $_REQUEST['user_id'], $_REQUEST['user_pass'], $_REQUEST['user_type']);
break;
case 2:
updateUser($_REQUEST['user_id'], $_REQUEST['user_name'], $_REQUEST['user_pass'], $_REQUEST['user_type']);
break;
case 3:
delete($_REQUEST['user_id']);
break;
case 4:
searchUser();
break;
default:
# code...
break;
}
<?php
header('Content-Type: application/json; charset=utf-8');
/*
---- VALUE ----
.Get name
.Get id
Non obligatoire :
.Get matiere
.Get name
.Get password
.Get roles
*/
include 'co_Bdd.php';
echo "test";
$disp = updateUser();
echo $disp;
//echo json_encode($disp, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
echo "test";
function updateUser()
{
/*
foreach ( $_GET as $key => $value )
{
if(iconv_strlen($_GET[$key])==0) {
if($key == "matiere"){
//$_GET[$key] = actionArray($_GET[$key], $User[$key]);
}
$_GET[$key] = $User[$key];
}
}
$creditCardId = saveCard($newCard);
$card = getCreditCard($creditCardId);
}
}
// Update password if new password data has been provided
if (isset($_POST['user']['password'])) {
if ($_POST['user']['password'] == $_POST['user']['password_confirmation']) {
$newPassword = $_POST['user']['password'];
} else {
$message = "The new password did not match your confirm password.";
$messageType = "error";
}
}
// update credit card info OR/AND password in our database
if (!isset($message) && (isset($newPassword) || isset($creditCardId))) {
updateUser($_POST['user']['email'], $newPassword, $creditCardId);
$message = "Your profile has been updated.";
$messageType = "success";
}
} else {
$message = "The current password that you provided is invalid.";
$messageType = "error";
}
}
} catch (\PayPal\Exception\PPConnectionException $ex) {
$message = parseApiError($ex->getData());
$messageType = "error";
} catch (Exception $ex) {
$message = $ex->getMessage();
$messageType = "error";
}
function editUserForm()
{
if ($_POST['isPostback']) {
// now we process the form
$defaults = $_POST;
// validation and trimming
$_POST['tbPass'] = trim($_POST['tbPass']);
$_POST['tbFirst'] = trim($_POST['tbFirst']);
$_POST['tbLast'] = trim($_POST['tbLast']);
$_POST['tbEmail'] = trim($_POST['tbEmail']);
if (strlen($_POST['tbPass']) > 0 && strlen($_POST['tbPass']) < 4) {
$errors[] = "Your password must be more than 4 characters long";
}
if (strlen($_POST['tbFirst']) == 0) {
$errors[] = "You must enter a first name";
}
if (strlen($_POST['tbLast']) == 0) {
$errors[] = "You must enter a last name";
}
if (!preg_match('/^[^@\\s]+@([-a-z0-9]+\\.)+[a-z]{2,}$/i', $_POST['tbEmail'])) {
$errors[] = "You must enter a valid email address";
}
if (strlen(strval(intval($_POST['tbPhone1A'] . $_POST['tbPhone1B'] . $_POST['tbPhone1C']))) < 10) {
$errors[] = "Please enter a valid primary phone number";
}
if (strlen($_POST['tbPhone2A'] . $_POST['tbPhone2B'] . $_POST['tbPhone2C'])) {
if (strlen(strval(intval($_POST['tbPhone2A'] . $_POST['tbPhone2B'] . $_POST['tbPhone2C']))) < 10) {
$errors[] = "Please enter a valid secondary phone number";
}
}
if ($_POST['tbPay'] != strval(floatval($_POST['tbPay']))) {
$errors[] = "You must enter a valid hourly rate";
}
if (!$errors) {
// our input is clean, go ahead and submit
$sInsertError = updateUser($_POST);
redirect("myEmps.php");
}
} else {
// get current details for user
$aUserVals = getUserVals($_REQUEST['u_id']);
$aPhone1 = formatPhoneNum($aUserVals->user_phone1);
$aPhone2 = formatPhoneNum($aUserVals->user_phone2);
$defaults['tbPass'] = $aUserVals->user_pass;
$defaults['tbFirst'] = $aUserVals->user_first;
$defaults['tbLast'] = $aUserVals->user_last;
$defaults['tbEmail'] = $aUserVals->user_email;
$defaults['tbPhone1A'] = $aPhone1[0];
$defaults['tbPhone1B'] = $aPhone1[1];
$defaults['tbPhone1C'] = $aPhone1[2];
$defaults['tbPhone2A'] = $aPhone2[0];
$defaults['tbPhone2B'] = $aPhone2[1];
$defaults['tbPhone2C'] = $aPhone2[2];
$defaults['tbPay'] = $aUserVals->user_pay_rate;
$defaults['hdID'] = $aUserVals->user_id;
$defaults['cbActive'] = $aUserVals->user_inactive;
}
// get the list of supervisors
$aSupers = getSupervisors();
// get employees supervisors
$aEmpSupers = getEmpSupervisors($aUserVals->user_id);
foreach ($aEmpSupers as $EmpSuper) {
$aSelectedSupers[] = $EmpSuper->super_super;
}
// get the user types < the current user
$aTypes = getUserTypes($_SESSION['USERTYPE']);
?>
<form action="<?php
echo $_SERVER['PHP_SELF'];
?>
" method="post" name="frmAddUser"><table width="100%" border="0" cellpadding="0" cellspacing="0">
<input name="hdID" type="hidden" value="<?php
echo $defaults['hdID'];
?>
">
<tr>
<td colspan="2"><strong>Edit User</strong></td>
</tr>
<?php
if (isset($sInsertError)) {
print "<tr><td colspan=2><span class=errorMsg>{$sInsertError}</span></td></tr>";
}
if ($errors) {
print "<tr><td colspan=2 class=errorMsg><strong>Please correct the following errors:</strong><br><ul><li>";
print implode('</li><li>', $errors);
print "</li></td></tr>";
}
?>
<tr class="evenRow">
<td width="26%">Username </td>
<td width="74%"><?php
echo $aUserVals->user_name;
?>
</td>
</tr>
<tr>
<td>User Password </td>
<td><input name="tbPass" type="password" id="tbPass" size="10" maxlength="20"></td>
</tr>
<tr class="evenRow">
<td>First Name </td>
<td><input name="tbFirst" type="text" id="tbFirst" size="10" maxlength="20" value="<?php
echo $defaults['tbFirst'];
?>
"></td>
</tr>
<tr>
<td>Last Name </td>
<td><input name="tbLast" type="text" id="tbLast" size="10" maxlength="20" value="<?php
echo $defaults['tbLast'];
?>
"></td>
</tr>
<tr class="evenRow">
<td>Email Address</td>
<td><input name="tbEmail" type="text" id="tbEmail" size="20" maxlength="50" value="<?php
echo $defaults['tbEmail'];
?>
"></td>
</tr>
<tr>
<td>Phone 1 </td>
<td>
(<input name="tbPhone1A" type="text" id="tbPhone1A" size="3" maxlength="3" value="<?php
echo $defaults['tbPhone1A'];
?>
">)
<input name="tbPhone1B" type="text" id="tbPhone1B" size="3" maxlength="3" value="<?php
echo $defaults['tbPhone1B'];
?>
">
-
<input name="tbPhone1C" type="text" id="tbPhone1C" size="4" maxlength="4" value="<?php
echo $defaults['tbPhone1C'];
?>
"></td>
</tr>
<tr class="evenRow">
<td>Phone 2 </td>
<td>
(<input name="tbPhone2A" type="text" id="tbPhone2A" size="3" maxlength="3" value="<?php
echo $defaults['tbPhone2A'];
?>
">)
<input name="tbPhone2B" type="text" id="tbPhone2B" size="3" maxlength="3" value="<?php
echo $defaults['tbPhone2B'];
?>
">
-
<input name="tbPhone2C" type="text" id="tbPhone2C" size="4" maxlength="4" value="<?php
echo $defaults['tbPhone2C'];
?>
"></td>
</tr>
<tr>
<td>Supervisors</td>
<td><select name="msSupers[]" size="4" multiple id="msSupers">
<option value="0">None</option>
<?php
foreach ($aSupers as $Super) {
if (in_array($Super->user_id, $aSelectedSupers)) {
print "<option value=\"{$Super->user_id}\" selected>{$Super->user_first} {$Super->user_last}</option>";
} else {
print "<option value=\"{$Super->user_id}\">{$Super->user_first} {$Super->user_last}</option>";
}
}
?>
</select></td>
</tr>
<tr class="evenRow">
<td>Account Type </td>
<td><select name="ddType" id="ddType">
<?php
foreach ($aTypes as $Type) {
if ($Type->type_id == $aUserVals->user_type) {
print "<option value=\"{$Type->type_id}\" selected>{$Type->type_name}</option>";
} else {
print "<option value=\"{$Type->type_id}\">{$Type->type_name}</option>";
}
}
?>
</select></td>
</tr>
<tr>
<td>Hourly Rate </td>
<td>$<input name="tbPay" type="text" id="tbPay" size="6" maxlength="6" value="<?php
echo $defaults['tbPay'];
?>
"></td>
</tr>
<tr class="evenRow">
<td>User Inactive?</td>
<td>Yes:
<input type="radio" name="cbActive" value="1"<?php
if ($defaults['cbActive']) {
print " checked=checked";
}
?>
/>
No: <input type="radio" name="cbActive" value="0"<?php
if (!$defaults['cbActive']) {
print " checked=checked";
}
?>
/>
</td>
</tr>
<tr>
<td colspan=2 align="center"><input name="isPostback" type="hidden" id="isPostback" value="1">
<input name="btSubmit" type="submit" id="btSubmit" value="Save Edits?"></td>
<td> </td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
</table></form>
<?php
}
if (!$deleted) {
$msg = "Database Error: {$ax['usr_not_deleted']}";
break;
}
$msg = $ax['usr_deleted'];
} while (false);
return $msg;
}
//Control logic
if ($privs >= 4) {
//manager or admin
$msg = '';
if (isset($_POST['addExe'])) {
$msg = addUser($user);
} elseif (isset($_POST['updExe'])) {
$msg = updateUser($user);
} elseif (isset($_GET['delExe'])) {
$msg = deleteUser($user);
}
echo "<p class='error'>{$msg}</p>\n\t\t<div class='scrollBoxAd'>\n\t\t<div class='centerBox'>\n";
if (!$mode or isset($_POST["back"])) {
showUsers();
//no add / no edit
} else {
editUser($user);
//add or edit
}
echo "</div>\n</div>\n";
} else {
echo "<p class='error'>{$ax['no_way']}</p>\n";
}
echo selectUser();
break;
case 'selectMates':
echo selectMates();
break;
case 'selectTop3':
echo selectTop3();
break;
case 'addUser':
echo addUser();
break;
case 'addParticipation':
echo addParticipation();
break;
case 'updateUser':
echo updateUser();
break;
case 'updateShare':
echo updateShare();
break;
default:
$error = array("error" => "Undefined function.");
echo json_encode($error);
break;
}
$dbh = null;
function isXMLHTTPRequest()
{
if (!sizeError($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
return true;
} else {
}
$result = dbQuery("UPDATE [db]users SET status = -1 WHERE user_id = {$uid}");
if (!$result) {
$msg = "Database Error: {$ax['usr_not_deleted']}";
break;
}
$msg = $ax['usr_deleted'];
} while (false);
return $msg;
}
//Control logic
if ($privs >= 4) {
//manager or admin
$msg = '';
if (isset($_POST['addExe'])) {
$msg = addUser();
} elseif (isset($_POST['updExe'])) {
$msg = updateUser();
} elseif (isset($_GET['delExe'])) {
$msg = deleteUser();
}
echo "<p class='error'>{$msg}</p>\n\t\t<div class='scrollBoxAd'>\n\t\t<div class='centerBox'>\n";
if ($editUser != 'y' or isset($_POST["back"])) {
showUsers();
} else {
editUser($uid);
}
echo "</div>\n</div>\n";
} else {
echo "<p class='error'>{$ax['no_way']}</p>\n";
}
<?php
if (isset($_GET['update']) && $_GET['update'] == "1") {
$update = updateUser($manceUser['manceID']);
if ($update) {
?>
<div class="alert alert-success alert-dismissible" role="alert" style="margin-top: 10px;"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button> Data updated for this user!</div>
<?php
} else {
$steamidexists = updateSteam($manceUser['manceID']);
if ($steamidexists == 1) {
?>
<div class="alert alert-success alert-dismissible" role="alert" style="margin-top: 10px;"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button> Data failed to update for this user, but steam updated his name!</div>
<?php
} else {
if ($steamidexists === FALSE) {
?>
<div class="alert alert-danger alert-dismissible" role="alert" style="margin-top: 10px;"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button> Data failed to update for this user, and steam is not updating his name!</div>
<?php
} else {
?>
<div class="alert alert-danger alert-dismissible" role="alert" style="margin-top: 10px;"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button> Could not update your data. You must play at least one ranked game under your current Steam name in order to update</div>
<?php
}
}
}
}
$search = $db->query("SELECT * FROM log WHERE user='******'manceID'] . "' AND server='{$server}'");
?>
<script>
r(function() {
require_once 'loader.php';
$Email = urldecode($_POST['Email']);
$Password = urldecode($_POST['Password']);
$Name = urldecode($_POST['Name']);
$Age = urldecode($_POST['Age']);
$Contact = urldecode($_POST['Contact']);
$City = urldecode($_POST['City']);
$State = urldecode($_POST['State']);
$sex = urldecode($_POST['sex']);
$GcmId = urldecode($_POST['GcmId']);
$profile_pic = urldecode($_POST['profile_pic']);
$facebook = false;
if (isset($_POST['Type'])) {
$facebook = true;
}
$res = isUserExisted($Email);
if ($res) {
if ($facebook) {
updateUser($Email, $Password, $Name, $Age, $Contact, $City, $State, $sex, $GcmId, $profile_pic);
getUserDetail($Email);
} else {
echo "user_exits";
}
} else {
if ($facebook) {
$res = storeFacebookUser($Email, $Password, $Name, $Age, $Contact, $City, $State, $sex, $GcmId, $profile_pic);
} else {
$res = storeUser($Email, $Password, $Name, $Age, $Contact, $City, $State, $sex, $GcmId, $profile_pic);
}
getUserDetail($Email);
}
function updateProfile($user_id, $user)
{
$user = validateFixProfile($user);
if (is_string($user)) {
# error msg
return $user;
}
if (checkPasswordById($user_id, $user["current_password"])) {
return INVALID_CURRENT_PASS_ERR;
}
if ($user["password"] !== "") {
$checkPasswords = checkPasswords($user["password"], $user["confirm_password"]);
if (is_string($checkPasswords)) {
return $checkPasswords;
}
} else {
$user["password"] = $user["current_password"];
}
$newEmail = false;
if (getFullUserById($user_id)["email"] !== $user["email"]) {
# user changed email
if (userExists($user["email"]) === true) {
return ACCOUNT_ALREADY_EXISTS_ERR . UPDATE_FAIL_ERR;
}
$newEmail = true;
}
if (updateUser($user_id, $user) === true) {
if ($newEmail === true) {
$code = updateCode($user_id);
if (is_string($code)) {
sendActivationMail($user["email"], $user_id, $code);
}
}
return true;
} else {
return false;
}
}
if (isset($_POST["uId"]) && isset($_POST["uName"])) {
//ID和用户名都不为空
if ($_FILES["myHead"]["error"] == 0) {
//如果图片上传成功
$myHead = $_FILES["myHead"];
//获取上传的图片
$head = $_POST["uId"] . "_" . $myHead['name'];
//取出文件名
if (($myHead["type"] == "image/gif" || $myHead["type"] == "image/jpeg" || $myHead["type"] == "image/pjpeg") && $myHead["size"] < 50000) {
//进行文件格式和大小的过滤
move_uploaded_file($myHead[tmp_name], "../image/head/" . $head);
//上传
} else {
$msg = "上传文件格式应为gif或jpg,且文件大小应为小于50KB";
}
//上传成功时,更新数据库,设置头像为自定义头像
$rs = updateUser($_POST['uId'], $_POST['uName'], $_POST['uPass'], $head, $_POST['gender']);
} else {
//已经自定义了头像,且不变时
$rs = updateUser($_POST['uId'], $_POST['uName'], $_POST['uPass'], $_POST['head'], $_POST['gender']);
}
if ($rs <= 0) {
$msg = "用户修改失败!";
} else {
header("location: ./doLogout.php");
return;
}
} else {
$msg = "用户名为空或无法获取用户编号";
}
header("location: ../error.php?msg={$msg}");
if (!isset($_POST['pseudo']) || !preg_match('/^[a-zA-Z0-9-_ ]{4,25}$/', $_POST['pseudo'])) {
return "Pseudo invalide, il ne doit être composé que de lettres.";
}
if ($Model->isPseudoInDb($_POST['pseudo']) && $user->pseudo != $_POST['pseudo']) {
return "Pseudo déjà utilisé, merci d'en choisir un autre.";
}
if (!isset($_POST['nom']) || !preg_match('/^[a-zA-Z- ]{4,25}$/', $_POST['nom'])) {
return "Nom invalide, il ne doit être composé que de lettres.";
}
if (!isset($_POST['prenom']) || !preg_match('/^[a-zA-Z- ]{4,25}$/', $_POST['prenom'])) {
return "Prenom invalide, il ne doit être composé que de lettres.";
}
if (!isset($_POST['email']) || !preg_match('/^[a-zA-Z][-a-zA-Z0-9_]*@[a-zA-Z]*\\.[a-z]{2,5}$/', $_POST['email'])) {
return "Email invalide, merci de rentrer un mail valide de l'amu !";
}
if (!isset($_POST['email2']) || $_POST['email'] != $_POST['email2']) {
return "Les deux emails ne correspondent pas.";
}
return "NoError";
}
if (isset($_POST['Modifier'])) {
$error = checkDataUser($Model, $user);
if ($error == "NoError") {
updateUser($_POST['pseudo'], $_POST['nom'], $_POST['prenom'], $_POST['email']);
header('Location : index.php?page=profil');
} else {
echo $error;
}
}
require_once Config::$path['views'] . 'HTML.class.php';
require_once Config::$path['views'] . 'modifier.php';
function tournament()
{
global $wpdb, $user_identity, $user_ID;
header('Content-Type: text/html; charset=' . getCharset() . '');
if (intval($_REQUEST['matchid']) > 0 && intval($_REQUEST['opt']) > 0) {
echo "参数错误!";
exit;
}
$matchid = intval($_REQUEST['matchid']);
if (!empty($user_identity)) {
$username = htmlspecialchars(addslashes($user_identity));
} else {
if (!empty($_COOKIE['comment_author_' . COOKIEHASH])) {
$username = htmlspecialchars(addslashes($_COOKIE['comment_author_' . COOKIEHASH]));
} else {
echo "需要登陆";
exit;
}
}
switch ($_REQUEST['opt']) {
case 'apply':
if (!getUserVerify($user_ID)) {
echo "需要选手认证才可以报名";
exit;
}
$apply = $wpdb->query("SELECT verify1 FROM pre_common_member_verify WHERE uid = {$user_ID}");
if (count(getUserList($user_ID, $matchid, -1, -1, 1)) > 0) {
echo "你已经报过名了";
exit;
}
updateUser($user_ID, $matchid, -1, -1, 1);
if (count(getUserList($user_ID, $matchid, -1, -1, 1)) > 0) {
echo "报名成功!";
exit;
}
echo "报名时发生错误";
exit;
case 'cancelapply':
updateUser($user_ID, $matchid, -1, -1, 0);
echo "报名已取消";
exit;
case 'follow':
updateUser($user_ID, $matchid, -1, 1);
if (count(getUserList($user_ID, $matchid, -1, 1)) > 0) {
echo "关注成功!";
exit;
}
echo "关注时发生错误";
exit;
case 'cancelfollow':
updateUser($user_ID, $matchid, -1, 0);
echo "关注已取消";
exit;
case 'cancelgroup':
$groupid = intval($_REQUEST['groupid']);
$memberid = intval($_REQUEST['memberid']);
$users = getUserList($memberid);
if (empty($users)) {
echo "找不到此用户ID, " . $memberid;
exit;
}
$groups = getGroupList(-1, $groupid);
if (empty($groups)) {
echo "找不到此队伍ID, " . $groupid;
exit;
}
$matchs = getMatchList($groups[0]->match_id);
if (empty($matchs)) {
echo "找不到此队伍的比赛ID, error code : " . $groups[0]->match_id;
exit;
}
if ($matchs[0]->stage != 1) {
echo "比赛不处于报名阶段,无法退出 . error code : " . $groups[0]->match_id;
exit;
}
if ($groups[0]->captain_id == $user_ID || $memberid == $user_ID) {
// 队员离开
updateUser($memberid, $matchid, 0, -1, -1, 0, -1, 0);
echo "已退出队伍";
exit;
}
echo "权限不足.";
exit;
case 'applygroup':
$users = getUserList($user_ID, $matchid);
if (!empty($users)) {
$groupid = $_REQUEST['groupid'];
if (intval($users[0]->apply_group)) {
echo "您已经申请了其他的队伍!";
exit;
}
$groups = getGroupList($matchid, $groupid);
if (empty($groups)) {
echo "比赛" . $matchid . "中找不到这个队伍!" . $groupid;
exit;
}
$groupusers = getUserList(-1, -1, $groupid);
if ($groups[0]->maxpeople - 1 < count($groupusers)) {
echo "这个队伍中的人数已经满了!" . $groupid;
exit;
}
updateUser($user_ID, $matchid, $groupid, -1, -1, 1);
echo "申请成功!";
exit;
}
echo "你尚未参加此项比赛!";
exit;
case 'passapplygroup':
$memberid = intval($_REQUEST['memberid']);
$users = getUserList($memberid, $matchid);
if (!empty($users)) {
$groupid = intval($_REQUEST['groupid']);
if ($users[0]->group_id == $groupid) {
updateUser($memberid, $matchid, $groupid, -1, -1, 1, -1, 1);
echo "通过申请!";
exit;
}
echo "申请失败!" . $users[0]->group_id . ":" . $groupid;
exit;
}
echo "此用户尚未参加此项比赛!";
exit;
case 'creategroup':
$users = getUserList($user_ID, $matchid);
if (!intval($users[0]->apply_match)) {
echo "你尚未参加此项比赛!";
exit;
}
if (intval($users[0]->apply_group)) {
echo "您已经申请了其他的队伍!";
exit;
}
$groupname = trim($_REQUEST['groupname']);
$success = addGroup($groupname, $user_ID, $matchid);
if (intval($success)) {
$groups = getGroupList($matchid, -1, $user_ID);
updateUser($user_ID, $matchid, $groups[0]->id, -1, -1, 1, -1, 1);
echo "申请成功!";
exit;
}
echo "申请发生错误error code : " . $success;
exit;
case 'ranksubmit':
$matchId = intval($_POST['matchId']);
$matchTypeId = intval($_POST['matchTypeId']);
$scheduleId = intval($_POST['scheduleId']);
$applyId = intval(addUserRankApply($user_ID, $matchId, $scheduleId));
if (!$applyId) {
echo "申请发生错误, Code:" . $applyId;
exit;
}
$submit = getUserRankApplyList(-1, $user_ID, $matchId, $scheduleId);
$rankTypeList = getRankTypeList(-1, $matchTypeId);
foreach ($rankTypeList as $rankType) {
$value = intval($_POST['rank-' . $rankType->id]);
if ($value && $submit[0]->id) {
$result = addUserRank($user_ID, $matchTypeId, $rankType->id, $value, 0, $submit[0]->id);
if (!$result) {
echo "录入信息失败,Code:" . $rankType->id;
exit;
}
} else {
echo "录入信息失败,Error Code:" . $value . " AND " . $submit[0]->id;
exit;
}
}
echo "提交选手成绩完成";
exit;
default:
echo "无法解析此函数";
exit;
}
}
if ($database == null) {
try {
$database = new PDO("mysql:host=" . $params[0] . ";dbname=" . $params[1], $params[2], $params[3]);
$database->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $except) {
echo $except->getMessage();
die;
}
}
return $database;
}
if (isset($_POST['SubmitAdd'])) {
basicInsert($Name, $Surname, $Nickname, $Email, $Password, $AboutYou, $Birthday);
}
if (isset($_POST['SubmitUpdate'])) {
updateUser($Id, $Name, $Surname, $Nickname, $Email, $Password, $AboutYou, $Birthday);
}
/* function insertIntoDatabase() /* Version Alpha 0.0.1
{
$params = func_get_args();
$iterations = ((count($params)-1)/2);
$numParams = 1;
$prepare = "INSERT INTO " . $params[0] . " (";
for ($iterations; $iterations > 0; $i--) {
if ($iterations = 1)
{
$prepare . $params[$numParams] . ") ";
}
}
}
if (isset($photo)) {
if ($photo == -1 and $doIt == True) {
unlink(PHOTO_PROFIL . $contents["lien_photo"]);
unset($contents["lien_photo"]);
}
}
if ($doIt) {
//Sécurisation par htmlspecialchars
foreach ($_POST as $cle => $valeur) {
if ($valeur == "") {
$_POST[$cle] = htmlspecialchars($contents[$cle]);
}
}
updateUser(htmlspecialchars($_SESSION['id']), $_POST['civilite'], $_POST['nom'], $_POST['prenom'], $_POST['ddn'] != '0000-00-00' ? $_POST['ddn'] : NULL, $_POST['tel'], $_POST['adresse'], $_POST['langue'], htmlspecialchars(isset($photo) ? $photo : NULL), $_POST['description'], htmlspecialchars($contents['id_adresse']), htmlspecialchars($contents['id_photo']));
alert("info", "Votre profil a bien été modifié.");
header('Location: ' . getLink(['membres', 'profil']));
exit;
} else {
$contents['errors']['general'] = '<p id="mainError">Nous n\'avons pas validé vos changements, il y a au moins une entrée invalide.</p>';
foreach ($errors as $key => $value) {
$contents['errors'][$key] = '<p class="formError">' . $value . '</p>';
}
}
}
/**** préparation de la vue ****/
$title = 'Modifier mon profil';
$styles = ['form.css', 'accueil.css', 'search.css', 'prettyform.css', 'modify.css'];
$blocks = ['modification_profil'];
$scripts = ['googleAutocompleteAddress.js'];
}
$cgi['mercs_attacks'] = round($cgi['mercs_attacks'], 0);
if ($cgi['mercs_attacks'] > $user->samercs) $cgi['mercs_attacks'] = $merc->samercs;
$gold = $cgi['mercs_attacks'] * 5000;
updateMercenary(" attackSpecCount=attackSpecCount+{$cgi['mercs_attacks']} ");
updateUser($_SESSION['isLogined'], " samercs=samercs-{$cgi['mercs_attacks']} , gold=gold+$gold ");
}
if ($cgi['mercs_defends']) {
if ($cgi['mercs_defends'] < 1.0) {
$cgi['mercs_defends'] = 1;
}
$cgi['mercs_defends'] = round($cgi['mercs_defends'], 0);
if ($cgi['mercs_defends'] > $user->damercs) $cgi['mercs_defends'] = $user->damercs;
$gold = $cgi['mercs_defends'] * 5000;
updateMercenary(" defSpecCount =defSpecCount +{$cgi['mercs_defends']} ");
updateUser($_SESSION['isLogined'], " damercs=damercs-{$cgi['mercs_defends']} , gold=gold+$gold ");
}
updateUserStats($user);
header("Location: mercs.php?strErr=$strErr");
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE><? echo $conf["sitename"]; ?> :: Neutral Portuguese Mercenaries </TITLE>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1"><!-- ZoneLabs Privacy Insertion -->
<SCRIPT language=javascript src="js/js"></SCRIPT>
<LINK href="css/common.css" type=text/css rel=stylesheet>
<META
content="ww2 , rpg, mmorpg, role playing, game, online game, text based game, armory, mercenaries, spy, attack, army, battle, recruit, spies, spy skill, weapons, messaging, sabotage, recon, intelligence, pnp, mud, games, stockade, free, browser game"
name=keywords>
<META
${$k} = $v;
}
}
if (isset($HTTP_GET_VARS['op'])) {
$op = trim($HTTP_GET_VARS['op']);
if (isset($HTTP_GET_VARS['uid'])) {
$uid = intval($HTTP_GET_VARS['uid']);
}
}
switch ($op) {
case "modifyUser":
modifyUser($uid);
break;
case "updateUser":
// RMV-NOTIFY
updateUser($uid, $uname, $name, $url, $email, $user_icq, $user_aim, $user_yim, $user_msnm, $user_from, $user_occ, $user_intrest, $user_viewemail, $user_avatar, $user_sig, $attachsig, $theme, $pass, $pass2, $rank, $bio, $uorder, $umode, $notify_method, $notify_mode, $timezone_offset, $user_mailok);
break;
case "delUser":
xoops_cp_header();
$member_handler =& xoops_gethandler('member');
$userdata =& $member_handler->getUser($uid);
xoops_confirm(array('fct' => 'users', 'op' => 'delUserConf', 'del_uid' => $userdata->getVar('uid')), 'admin.php', sprintf(_AM_AYSYWTDU, $userdata->getVar('uname')));
xoops_cp_footer();
break;
case "delete_many":
xoops_cp_header();
$count = count($memberslist_id);
if ($count > 0) {
$list = "<a href='" . XOOPS_URL . "/userinfo.php?uid=" . $memberslist_id[0] . "' target='_blank'>" . $memberslist_uname[$memberslist_id[0]] . "</a>";
$hidden = "<input type='hidden' name='memberslist_id[]' value='" . $memberslist_id[0] . "' />\n";
for ($i = 1; $i < $count; $i++) {
}
if (isset($_SESSION["institution"])) {
$institution = $_SESSION["institution"];
}
if (isset($_SESSION["password"])) {
$password = $_SESSION["password"];
}
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["changePassword"])) {
$_SESSION["name"] = $_POST["name"];
$_SESSION["institution"] = $_POST["institution"];
header("location:changePassword.php");
}
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["update"])) {
$name = $_POST["name"];
$institution = $_POST["institution"];
updateUser($email, $name, $institution, $password, $photo);
}
?>
<html lang="en">
<head>
<title>User Information</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<script src="bootstrap/js/jquery-1.11.3.min.js"></script>
<link href="bootstrap/css/bootstrap.min.css" rel="stylesheet">
<script src="bootstrap/js/bootstrap.min.js"></script>
<link rel="stylesheet" type="text/css" href="css/mainLayout.css">
</head>
public function update()
{
updateUser($this->id, $this->name, $this->username, $this->email);
}
}
$mobile_number = mysql_real_escape_string($_POST['mobile_number']);
if ($_POST['location'] == 'other') {
$location = mysql_real_escape_string($_POST['user_location']);
} else {
$location = mysql_real_escape_string($_POST['location']);
}
$totalkids = mysql_real_escape_string($_POST['totalkids']);
$month_name = mysql_real_escape_string($_POST['month_name']);
$day_name = mysql_real_escape_string($_POST['day_name']);
$year_name = mysql_real_escape_string($_POST['year_name']);
$birth_date = $year_name . "-" . $month_name . "-" . $day_name;
$post_date = -$month_name . "/" . $day_name . "/" . $year_name;
//$birthDate = "12/17/1983";
//explode the date to get month, day and year
$birthDate = explode("/", $post_date);
//get age from date or birthdate
$kidsage = date("md", date("U", mktime(0, 0, 0, $birthDate[0], $birthDate[1], $birthDate[2]))) > date("md") ? date("Y") - $birthDate[2] - 1 : date("Y") - $birthDate[2];
$user_interest = "";
$user_id = $_SESSION['user_id'];
$result = getUserByUserName($user_name);
$checkUser = mysql_fetch_array($result);
if ($checkUser && $user_id != $checkUser['user_id']) {
header("location:mom-forum-user-profile?error");
} else {
updateUser($user_id, $name, $email, $gender, $mobile_number, $user_interest, $location, $totalkids, $kidsage, $user_name, $birth_date);
header("location:mom-forum-user-profile");
}
} else {
header("location:mom-forum-user-profile");
}
$error['email'] = 'Invalid email address, please try again';
$form_valid = false;
}
if ($_POST['username'] == '') {
$error['username'] = '******';
$form_valid = false;
}
// note: check for a blank password moved to form_valid = true section....
if (strlen($_POST['password']) <= 7 && strlen($_POST['password']) != 0) {
$error['password'] = '******';
$form_valid = false;
}
// action taken if form filled in correctly...two options here to prevent writing blank passwords to the database
if ($form_valid == true && $_POST['password'] != '') {
// if a password entered, full update function called
updateUser($_GET['id'], $_POST['email'], $_POST['username'], $_POST['password'], $_POST['role']);
// variables set for updateUser function to update values on db
header('Location: ?page=cmsUpdated&goto=cmsUsersTable');
} else {
// if empty string in the password field then update function without password change called....
updateUserNoPassword($_GET['id'], $_POST['email'], $_POST['username'], $_POST['role']);
header('Location: ?page=cmsUpdated&goto=cmsUsersTable');
}
}
$id = $_GET['id'];
$user = getUserById($id);
include VIEWS . 'contentCMSUpdate.php';
break;
case 'delete':
$id = $_GET['id'];
if (!empty($_POST)) {
<?php
session_start();
require_once "install.php";
/* REQUEST = $_POST $_GET */
if (!empty($_REQUEST['action'])) {
$accion = $_REQUEST['action'];
if ($accion == 'crear') {
crearUsuario();
} else {
if ($accion == 'ver') {
verUsuarios();
} else {
if ($accion == 'update') {
updateUser();
} else {
if ($accion == 'delete') {
deleteUser();
}
}
}
}
}
function crearUsuario()
{
/* Proteccion de Datos */
$params = array(':Usuario' => $_POST['Usuario'], ':Contrasena' => $_POST['Contrasena'], ':Nombres' => $_POST['Nombres'], ':ApellidoUno' => $_POST['ApellidoUno'], ':ApellidoDos' => $_POST['ApellidoDos'], ':Titulo' => $_POST['Titulo'], ':Descripcion' => $_POST['Descripcion'], ':Foto' => $_POST['Foto'], ':WebPersonal' => $_POST['WebPersonal'], ':Email' => $_POST['Email']);
/* Preparamos el query apartir del array $params*/
$query = 'INSERT INTO Usuarios
(Usuario, Contrasena, Nombres, ApellidoUno, ApellidoDos,Titulo ,Descripcion ,Foto,WebPersonal,Email)
VALUES
<div class="jumbotron">
</div>
<div class="tables">
<?php
if (isset($_GET["action"])) {
switch ($_GET["action"]) {
case "createUser":
editUser($mysqli, 0);
break;
case "editUser":
editUser($mysqli, $_GET["id"]);
break;
case "updateUser":
updateUser($mysqli);
break;
case "insertUser":
insertUser($mysqli);
break;
case "deleteUser":
deleteUser($mysqli);
break;
case "unsetUsername":
unset($_SESSION['username']);
unset($_SESSION['password']);
unset($_SESSION['admin']);
header("location: index.php");
break;
}
}
$loginerror = 'Config Error.';
return;
} elseif (isset($_POST['g-recaptcha-response'])) {
$recaptcha = new \ReCaptcha\ReCaptcha($config['recaptcha']['secret']);
$resp = $recaptcha->verify($_POST['g-recaptcha-response'], $_SERVER['REMOTE_ADDR']);
if ($resp->isSuccess()) {
checkLogin($_POST['login_user'], $_POST['login_pass']);
} else {
$loginerror = 'Captcha incorrect.';
return;
}
}
}
if (isset($_POST['loginforgotsubmit'])) {
createNewPasswordLostToken();
}
if (isset($_POST['loginforgotresetsubmit'])) {
$loginsuccess = doPasswordReset();
}
if (isset($_POST['stripeToken'])) {
doPayment($_POST['stripeToken'], $_POST['payinvoicenum']);
header("Location: {$domain}/invoice/" . urlencode($_POST['payinvoicenum']));
exit;
}
if (!isset($_SESSION['user']) && $_SERVER['SCRIPT_NAME'] != '/login.php') {
header("Location: {$domain}/login/?red=" . urlencode($_SERVER['REQUEST_URI']));
exit;
}
if (isset($_POST['userdatasubmit'])) {
updateUser($_POST);
}
