//var_dump($languages); var_dump($_GET); var_dump($_POST); foreach ($post_var_names as $varName) { // export wanted variables of $_POST array... if (array_key_exists($varName, $_POST)) { ${$varName} = htmlspecialchars_deep($_POST[$varName]); } } // determine the selected kw_case... $kw_case_sel[$ld['kw_case']] = ' selected="selected"'; // determine the selected kw_cases... for ($i = 1; $i <= count($kw_cases_sel); $i += 1) { $kw_cases_sel[$i][(int) $ld['kw'][$i]['case']] = ' selected="selected"'; } $lang = validate_lang(); var_dump($lang); echo "</pre>"; ?> <form action="?action=test" method="post"> <fieldset> <legend>Generic Information</legend> <table width="100%"> <tr> <td> <label for="li[file]">Language File ID:</label> </td> <td> <input type="text" name="li[file]" id="li[file]" value="<?php echo $li['file']; ?>
$error = TRUE; $msg_error[] = $lang['Message']['Unknown_email']; } } $output->page_header(); $output->set_filenames(array('body' => 'sendkey_body.tpl')); $output->assign_vars(array('TITLE' => $lang['Title']['sendkey'], 'L_EXPLAIN' => nl2br($lang['Explain']['sendkey']), 'L_LOGIN' => $lang['Account_login'], 'L_VALID_BUTTON' => $lang['Button']['valid'])); $output->pparse('body'); break; case 'editprofile': if (isset($_POST['submit'])) { $vararray = array('pseudo', 'language', 'current_pass', 'new_pass', 'confirm_pass'); foreach ($vararray as $varname) { ${$varname} = !empty($_POST[$varname]) ? trim($_POST[$varname]) : ''; } if ($language == '' || !validate_lang($language)) { $language = $nl_config['language']; } if ($current_pass != '' && md5($current_pass) != $abodata['passwd']) { $error = TRUE; $msg_error[] = $lang['Message']['Error_login']; } $set_password = FALSE; if ($new_pass != '' && $confirm_pass != '') { if (!validate_pass($new_pass)) { $error = TRUE; $msg_error[] = $lang['Message']['Alphanum_pass']; } else { if ($new_pass != $confirm_pass) { $error = TRUE; $msg_error[] = $lang['Message']['Bad_confirm_pass'];
$output->message($message); } $sql = "SELECT * FROM " . CONFIG_TABLE; if (!($result = $db->query($sql))) { trigger_error('Impossible de récupérer la configuration du script', ERROR); } $old_config = $result->fetch(SQL_FETCH_ASSOC); $move_files = false; if (isset($_POST['submit'])) { require WA_ROOTDIR . '/includes/class.attach.php'; require WA_ROOTDIR . '/includes/functions.validate.php'; $new_config = array(); foreach ($old_config as $name => $value) { $new_config[$name] = isset($_POST[$name]) ? trim($_POST[$name]) : $value; } if ($new_config['language'] == '' || !validate_lang($new_config['language'])) { $new_config['language'] = $nl_config['language']; } $new_config['sitename'] = strip_tags($new_config['sitename']); $new_config['urlsite'] = preg_replace('/^http(s)?:\\/\\/(.*?)\\/?$/i', 'http\\1://\\2', $new_config['urlsite']); if ($new_config['path'] != '/') { $new_config['path'] = preg_replace('/^\\/?(.*?)\\/?$/i', '/\\1/', $new_config['path']); } $new_config['date_format'] = $new_config['date_format'] == '' ? 'd M Y H:i' : $new_config['date_format']; if (($new_config['session_length'] = intval($new_config['session_length'])) <= 0) { $new_config['session_length'] = 3600; } if ($new_config['upload_path'] != '/') { $new_config['upload_path'] = trim($new_config['upload_path'], '/') . '/'; if ($nl_config['use_ftp'] == 0 && $new_config['use_ftp'] == 0 && strcmp($nl_config['upload_path'], $new_config['upload_path']) !== 0) { $move_files = true;
exit('<b>No hacking</b>'); } define('IN_NEWSLETTER', true); // // Compatibilité avec les version < 2.3.x // if (!defined('WA_ROOTDIR')) { if (!isset($waroot)) { exit("Le répertoire de Wanewsletter n'est pas défini!"); } define('WA_ROOTDIR', rtrim($waroot, '/')); } $default_error_reporting = error_reporting(E_ALL); require WA_ROOTDIR . '/start.php'; require WA_ROOTDIR . '/includes/functions.validate.php'; if (!empty($language) && validate_lang($language)) { load_settings(array('admin_lang' => $language)); } else { load_settings(); } $action = !empty($_REQUEST['action']) ? trim($_REQUEST['action']) : ''; $email = !empty($_REQUEST['email']) ? trim($_REQUEST['email']) : ''; $format = isset($_REQUEST['format']) ? intval($_REQUEST['format']) : 0; $liste = isset($_REQUEST['liste']) ? intval($_REQUEST['liste']) : 0; $message = ''; $code = ''; if (empty($action) && preg_match('/([a-z0-9]{20})(?:&|$)/i', $_SERVER['QUERY_STRING'], $match)) { $code = $match[1]; } else { if (!empty($action) && !empty($email) && strlen($code) == 32) { $code = substr($code, 0, 20);