$message = ""; if (!User::isLoggedIn()) { $app->render("login.html"); die; } $info = User::getUserInfo(); if (!User::isModerator()) { $app->redirect("/"); } if ($_POST) { $status = Util::getPost("status"); $reply = Util::getPost("reply"); $report = Util::getPost("report"); $delete = Util::getPost("delete"); $deleteapi = Util::getPost("deleteapi"); $manualpull = Util::getPost("manualpull"); if (isset($status)) { Db::execute("UPDATE zz_tickets SET status = :status WHERE id = :id", array(":status" => $status, ":id" => $id)); if ($status == 0) { $app->redirect(".."); } } if (isset($reply)) { $name = $info["username"]; $moderator = $info["moderator"]; $check = Db::query("SELECT * FROM zz_tickets_replies WHERE reply = :reply AND userid = :userid", array(":reply" => $reply, ":userid" => $info["id"]), 0); if (!$check) { Db::execute("INSERT INTO zz_tickets_replies (userid, belongsTo, name, reply, moderator) VALUES (:userid, :belongsTo, :name, :reply, :moderator)", array(":userid" => $info["id"], ":belongsTo" => $id, ":name" => $name, ":reply" => $reply, ":moderator" => $moderator)); $tic = Db::query("SELECT name,email FROM zz_tickets WHERE id = :id", array(":id" => $id)); $ticname = $tic[0]["name"]; $ticmail = $tic[0]["email"];
* * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ $message = array(); $info = User::getUserInfo(); $ticket = Db::queryRow("SELECT * FROM zz_tickets WHERE id = :id", array(":id" => $id), 0); if ($ticket == NULL or sizeof($ticket) == 0) { $message = array("status" => "error", "message" => "Ticket does not exist."); } elseif ($ticket["status"] == 0) { $message = array("status" => "error", "message" => "Ticket has been closed, you cannot post, only view it"); } elseif ($ticket["userid"] != $info["id"] && $info["moderator"] == 0 && $info["admin"] == 0) { $app->notFound(); } if ($_POST) { $reply = Util::getPost("reply"); if ($reply && $ticket["status"] != 0) { $name = $info["username"]; $moderator = $info["moderator"]; $check = Db::query("SELECT * FROM zz_tickets_replies WHERE reply = :reply AND userid = :userid AND belongsTo = :id", array(":reply" => $reply, ":userid" => $info["id"], ":id" => $id), 0); if (!$check) { Db::execute("INSERT INTO zz_tickets_replies (userid, belongsTo, name, reply, moderator) VALUES (:userid, :belongsTo, :name, :reply, :moderator)", array(":userid" => $info["id"], ":belongsTo" => $id, ":name" => $name, ":reply" => $reply, ":moderator" => $moderator)); global $baseAddr; if (!$moderator) { Log::ircAdmin("|g|Ticket response from {$name}:|n| https://{$baseAddr}/moderator/tickets/{$id}/"); } $app->redirect("/tickets/view/{$id}/"); } } else { $message = array("status" => "error", "message" => "No..."); }
$entities[] = $entity; UserConfig::set("tracker_" . $entitymetadata['type'], $entities); $error = "{$entitymetadata['name']} has been added to your tracking list"; } else { $error = "{$entitymetadata['name']} is already being tracked"; } } $ddcombine = Util::getPost("ddcombine"); if (isset($ddcombine)) { UserConfig::set("ddcombine", $ddcombine); } $ddmonthyear = Util::getPost("ddmonthYear"); if (isset($ddmonthyear)) { UserConfig::set("ddmonthyear", $ddmonthyear); } $useSummaryAccordion = Util::getPost("useSummaryAccordion"); if (isset($useSummaryAccordion)) { UserConfig::set("useSummaryAccordion", $useSummaryAccordion); } } $data["entities"] = Account::getUserTrackerData(); $data["themes"] = Util::bootstrapThemes(); $data["viewthemes"] = Util::themesAvailable(); $data["apiKeys"] = Api::getKeys($userID); $data["apiChars"] = Api::getCharacters($userID); $charKeys = Api::getCharacterKeys($userID); $charKeys = Info::addInfo($charKeys); $data["apiCharKeys"] = $charKeys; $data["userInfo"] = User::getUserInfo(); $data["currentTheme"] = UserConfig::get("theme", "default"); $data["timeago"] = UserConfig::get("timeago");
<?php if ($_POST) { $username = Util::getPost("username"); $password = Util::getPost("password"); $autologin = Util::getPost("autologin"); $requesturi = Util::getPost("requesturi"); if (!$username) { $error = "No username given"; $app->render("login.html", array("error" => $error)); } elseif (!$password) { $error = "No password given"; $app->render("login.html", array("error" => $error)); } elseif ($username && $password) { $check = User::checkLogin($username, $password); if ($check) { User::setLogin($username, $password, $autologin); $ignoreUris = array("/register/", "/login/", "/logout/"); if (isset($requesturi) && !in_array($requesturi, $ignoreUris)) { $app->redirect($requesturi); } else { $app->redirect("/"); } } else { $error = "No such user exists, try again"; $app->render("login.html", array("error" => $error)); } } } else { $app->render("login.html"); }
<?php if (User::isLoggedIn()) { $app->redirect('/', 302); die; } $referer = @$_SERVER['HTTP_REFERER']; if ($_POST) { $username = Util::getPost('username'); $password = Util::getPost('password'); $autologin = Util::getPost('autologin'); $requesturi = Util::getPost('requesturi'); if (!$username) { $error = 'No username given'; $app->render('login.html', array('error' => $error)); } elseif (!$password) { $error = 'No password given'; $app->render('login.html', array('error' => $error)); } elseif ($username && $password) { $check = User::checkLogin($username, $password); if ($check) { // Success User::setLogin($username, $password, $autologin); $ignoreUris = array('/register/', '/login/', '/logout/'); if (isset($requesturi) && !in_array($requesturi, $ignoreUris)) { $app->redirect($requesturi); } else { $app->redirect('/'); } } else { $error = 'No such user exists, try again';
Horde::authenticationFailureRedirect(); } $rpc_servers = @unserialize($prefs->getValue('remote_summaries')); if (!is_array($rpc_servers)) { $rpc_servers = array(); } $actionID = Util::getFormData('actionID'); // Handle clients without javascript. if (is_null($actionID)) { if (Util::getPost('edit')) { $actionID = RPC_EDIT; } elseif (Util::getPost('save')) { $actionID = RPC_SAVE; } elseif (Util::getPost('delete')) { $actionID = RPC_DELETE; } elseif (Util::getPost('back')) { _returnToPrefs(); } } /* Run through the action handlers */ switch ($actionID) { case RPC_SAVE: if (($to_edit = Util::getFormData('edit_server')) == null) { $to_edit = count($rpc_servers); $rpc_servers[] = array(); } $rpc_servers[$to_edit]['url'] = Util::getFormData('url'); $rpc_servers[$to_edit]['user'] = Util::getFormData('user'); $rpc_servers[$to_edit]['passwd'] = Util::getFormData('passwd'); $prefs->setValue('remote_summaries', serialize($rpc_servers)); $prefs->store();
* it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ $message = array(); if ($_POST) { $tags = Util::getPost("hidden-tags"); $ticket = Util::getPost("ticket"); $info = User::getUserInfo(); $name = $info["username"]; $email = $info["email"]; if (isset($name) && isset($email) && isset($tags) && isset($ticket)) { $check = Db::query("SELECT * FROM zz_tickets WHERE ticket = :ticket AND email = :email", array(":ticket" => $ticket, ":email" => $email), 0); if (!$check) { Db::execute("INSERT INTO zz_tickets (userid, name, email, tags, ticket) VALUES (:userid, :name, :email, :tags, :ticket)", array(":userid" => User::getUserID(), ":name" => $name, ":email" => $email, ":tags" => $tags, ":ticket" => $ticket)); $id = Db::queryField("SELECT id FROM zz_tickets WHERE userid = :userid AND name = :name AND tags = :tags AND ticket = :ticket", "id", array(":userid" => User::getUserID(), ":name" => $name, ":tags" => $tags, ":ticket" => $ticket)); global $baseAddr; Log::ircAdmin("|g|New ticket from {$name}:|n| https://{$baseAddr}/moderator/tickets/{$id}/"); $subject = "zKillboard Ticket"; $message = "{$name}, you can find your ticket here, we will reply to your ticket asap. https://{$baseAddr}/tickets/view/{$id}/"; Email::send($email, $subject, $message); $app->redirect("/tickets/view/{$id}/"); } else {
* * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ if ($_POST) { $email = Util::getPost("email"); if (isset($email)) { $exists = Db::queryField("SELECT username FROM zz_users WHERE email = :email", "username", array(":email" => $email), 0); if ($exists != NULL) { $date = date("Y-m-d H:i:s", strtotime("+24 hours")); $hash = sha1($date . $email); $alreadySent = Db::queryField("SELECT change_hash FROM zz_users WHERE email = :email", "change_hash", array(":email" => $email), 0); if ($alreadySent != NULL) { $message = "A request to reset the password for this email, has already been sent"; $messagetype = "error"; $app->render("forgotpassword.html", array("message" => $message, "messagetype" => $messagetype)); } else { global $baseAddr; $username = Db::queryField("SELECT username FROM zz_users WHERE email = :email", "username", array(":email" => $email)); $subject = "It seems you might have forgotten your password, so here is a link, that'll allow you to reset it: {$baseAddr}/changepassword/{$hash}/ ps, your username is: {$username}"; $header = "Password change for {$email}";
$message = ''; if (!User::isLoggedIn()) { $app->render('login.html'); die; } $info = User::getUserInfo(); if (!User::isModerator()) { $app->redirect('/'); } if ($_POST) { $status = Util::getPost('status'); $reply = Util::getPost('reply'); $report = Util::getPost('report'); $delete = Util::getPost('delete'); $deleteapi = Util::getPost('deleteapi'); $manualpull = Util::getPost('manualpull'); if (isset($status)) { Db::execute('UPDATE zz_tickets SET status = :status WHERE id = :id', array(':status' => $status, ':id' => $id)); if ($status == 0) { $app->redirect('..'); } } if (isset($reply)) { $name = $info['username']; $moderator = $info['moderator']; $check = Db::query('SELECT * FROM zz_tickets_replies WHERE reply = :reply AND userid = :userid', array(':reply' => $reply, ':userid' => $info['id']), 0); if (!$check) { Db::execute('INSERT INTO zz_tickets_replies (userid, belongsTo, name, reply, moderator) VALUES (:userid, :belongsTo, :name, :reply, :moderator)', array(':userid' => $info['id'], ':belongsTo' => $id, ':name' => $name, ':reply' => $reply, ':moderator' => $moderator)); $tic = Db::query('SELECT name,email FROM zz_tickets WHERE id = :id', array(':id' => $id)); $ticname = $tic[0]['name']; $ticmail = $tic[0]['email'];
<?php $message = array(); if ($_POST) { $tags = Util::getPost('hidden-tags'); $ticket = Util::getPost('ticket'); $info = User::getUserInfo(); $name = $info['username']; $email = $info['email']; if (isset($name) && isset($email) && isset($tags) && isset($ticket)) { $check = Db::query('SELECT * FROM zz_tickets WHERE ticket = :ticket AND email = :email', array(':ticket' => $ticket, ':email' => $email), 0); if (!$check) { Db::execute('INSERT INTO zz_tickets (userid, name, email, tags, ticket) VALUES (:userid, :name, :email, :tags, :ticket)', array(':userid' => User::getUserID(), ':name' => $name, ':email' => $email, ':tags' => $tags, ':ticket' => $ticket)); $id = Db::queryField('SELECT id FROM zz_tickets WHERE userid = :userid AND name = :name AND tags = :tags AND ticket = :ticket', 'id', array(':userid' => User::getUserID(), ':name' => $name, ':tags' => $tags, ':ticket' => $ticket)); global $baseAddr; Log::irc("|g|New ticket from {$name}:|n| https://{$baseAddr}/moderator/tickets/{$id}/"); $subject = 'zKillboard Ticket'; $message = "{$name}, you can find your ticket here, we will reply to your ticket asap. https://{$baseAddr}/tickets/view/{$id}/"; Email::send($email, $subject, $message); $app->redirect("/tickets/view/{$id}/"); } else { $message = array('type' => 'error', 'message' => 'Ticket already posted'); } } else { $message = array('type' => 'error', 'message' => 'Ticket was not posted, there was an error'); } } $tickets = Db::query('SELECT * FROM zz_tickets WHERE userid = :userid ORDER BY datePosted DESC', array(':userid' => User::getUserID()), 0); foreach ($tickets as $key => $val) { if ($val['tags']) { $tickets[$key]['tags'] = explode(',', $val['tags']);
* GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ $involved = array(); $message = ""; if ($pageview == "comments") { $app->redirect("/detail/{$id}/#comment", 301); } $info = User::getUserInfo(); $name = $info["username"]; $userID = $info["id"]; $email = $info["email"]; if ($_POST) { $report = Util::getPost("report"); if (isset($report)) { if ($id < 0) { $tags = "Reported Kill"; Db::execute("INSERT INTO zz_tickets (userid, name, email, tags, ticket, killID) VALUES (:userid, :name, :email, :tags, :ticket, :killid)", array(":userid" => $userID, ":name" => $name, ":email" => $email, ":tags" => $tags, ":ticket" => $report, ":killid" => $id)); global $baseAddr; $reportID = Db::queryField("SELECT id FROM zz_tickets WHERE killID = :killID AND name = :name", "id", array(":killID" => $id, ":name" => $name)); Log::ircAdmin("Kill Reported by {$name}: https://{$baseAddr}/detail/{$id}/ - https://{$baseAddr}/moderator/reportedkills/{$reportID}/"); $app->redirect("/detail/{$id}/"); } } } if ($id < 0) { // See if this manual mail has an api verified version $mKillID = -1 * $id; $killID = Db::queryField("select killID from zz_manual_mails where mKillID = :mKillID", "killID", array(":mKillID" => $mKillID), 1);
<?php $loggedIn = isset($_SESSION['loggedin']) ? $_SESSION['loggedin'] : false; if (!empty($loggedIn)) { $app->render('dlogin.html', array('close' => true)); } if ($_POST) { $username = Util::getPost('username'); $password = Util::getPost('password'); $autologin = Util::getPost('autologin'); if (!$username) { $error = 'No username given'; $app->render('dlogin.html', array('error' => $error)); } elseif (!$password) { $error = 'No password given'; $app->render('dlogin.html', array('error' => $error)); } elseif ($username && $password) { $check = User::checkLogin($username, $password); if ($check) { // Success $bool = User::setLogin($username, $password, $autologin); $app->render('dlogin.html', array('close' => $bool)); } else { $error = 'No such user exists, try again'; $app->render('dlogin.html', array('error' => $error)); } } } else { $app->render('dlogin.html'); }
<?php global $cookie_secret; $randomString = sha1(time()); // Check if user is already merged, just to be safe $exists = Db::queryField('SELECT merged FROM zz_users WHERE characterID = :characterID', 'merged', array(':characterID' => $characterID), 0); if ($exists == 1) { $error = 'Error: User already merged.'; $app->render('merge.html', array('error' => $error, 'characterID' => $characterID, 'randomString' => $randomString)); } // Otherwise show the page.. if ($_POST) { $username = Util::getPost('username'); $password = Util::getPost('password'); if (!$username) { $error = 'No username given'; $app->render('merge.html', array('error' => $error, 'characterID' => $characterID, 'randomString' => $randomString)); } elseif (!$password) { $error = 'No password given'; $app->render('merge.html', array('error' => $error, 'characterID' => $characterID, 'randomString' => $randomString)); } elseif ($username && $password) { $check = User::checkLogin($username, $password); if ($check) { // Success // Get userID for user that passes $userID = Db::queryField('SELECT id FROM zz_users WHERE username = :username', 'id', array(':username' => $username)); // Update userID in zz_crest_users Db::execute('UPDATE zz_users_crest SET userID = :userID WHERE characterID = :characterID', array(':userID' => $userID, ':characterID' => $characterID)); // Update the characterID on zz_users and set merged to 1 Db::execute('UPDATE zz_users SET merged = 1 WHERE id = :userID', array(':userID' => $userID)); Db::execute('UPDATE zz_users SET characterID = :characterID WHERE id = :userID', array(':userID' => $userID, ':characterID' => $characterID));
<?php $password = Util::getPost('password'); $password2 = Util::getPost('password2'); if ($password && $password2) { $message = ''; $messagetype = ''; $password = Util::getPost('password'); $password2 = Util::getPost('password2'); if (!$password || !$password2) { $message = 'Password missing, try again..'; $messagetype = 'error'; } elseif ($password != $password2) { $message = 'Password mismatch, try again..'; $messagetype = 'error'; } elseif ($password == $password2) { $password = Password::genPassword($password); Db::execute('UPDATE zz_users SET password = :password WHERE change_hash = :hash', array(':password' => $password, ':hash' => $hash)); Db::execute('UPDATE zz_users SET change_hash = NULL, change_expiration = NULL WHERE change_hash = :hash', array(':hash' => $hash)); $message = 'Password updated, click login, and login with your new password'; $messagetype = 'success'; } $app->render('changepassword.html', array('message' => $message, 'messagetype' => $messagetype)); } else { $date = date('Y-m-d H:i:s'); $allowed = Db::queryField('SELECT change_expiration FROM zz_users WHERE change_hash = :hash', 'change_expiration', array(':hash' => $hash)); if (isset($allowed) && $allowed > $date) { $foruser = Db::queryField('SELECT email FROM zz_users WHERE change_hash = :hash', 'email', array(':hash' => $hash)); $app->render('changepassword.html', array('email' => $foruser, 'hash' => $hash)); } else { $message = "Either your password change hash doesn't exist, or it has expired";
* the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ if ($_POST) { $message = ""; $messagetype = ""; $password = Util::getPost("password"); $password2 = Util::getPost("password2"); if (!$password || !$password2) { $message = "Password missing, try again.."; $messagetype = "error"; } elseif ($password != $password2) { $message = "Password mismatch, try again.."; $messagetype = "error"; } elseif ($password == $password2) { $password = Password::genPassword($password); Db::execute("UPDATE zz_users SET password = :password WHERE change_hash = :hash", array(":password" => $password, ":hash" => $hash)); Db::execute("UPDATE zz_users SET change_hash = NULL, change_expiration = NULL WHERE change_hash = :hash", array(":hash" => $hash)); $message = "Password updated, click login, and login with your new password"; $messagetype = "success"; } $app->render("changepassword.html", array("message" => $message, "messagetype" => $messagetype)); } else {
/** * Gets a form variable from GET or POST data, stripped of magic quotes if * necessary. If the variable is somehow set in both the GET data and the * POST data, the value from the POST data will be returned and the GET * value will be ignored. * * @param string $var The name of the form variable to look for. * @param string $default The value to return if the variable is not * there. * * @return string The cleaned form variable, or $default. */ function getFormData($var, $default = null) { return ($val = Util::getPost($var)) !== null ? $val : Util::getGet($var, $default); }
<?php global $mdb, $fullAddr; $message = array(); $info = User::getUserInfo(); $ticket = $mdb->findDoc("tickets", ['_id' => new MongoId($id), 'parentID' => null]); if ($ticket == null or sizeof($ticket) == 0) { $message = array('status' => 'error', 'message' => 'Ticket does not exist.'); } elseif ($ticket['status'] == 0) { $message = array('status' => 'error', 'message' => 'Ticket has been closed, you cannot post, only view it'); } elseif ($ticket['characterID'] != User::getUserID() && @$info['moderator'] != true) { $app->notFound(); } if ($_POST) { $reply = Util::getPost('reply'); $status = Util::getPost('status'); if (@$info['moderator'] == true && $status !== null) { $mdb->getCollection("tickets")->update(['_id' => new MongoID($id)], ['$set' => ['status' => $status]]); if ($status == 0) { $app->redirect('/tickets/'); } else { $app->redirect('.'); } exit; } if ($reply !== null && $ticket['status'] != 0) { $charID = User::getUserId(); $name = $info['username']; $moderator = @$info['moderator'] == true; $mdb->insert("tickets", ['parentID' => $id, 'content' => $reply, 'characterID' => $charID, 'dttm' => time(), 'moderator' => $moderator]); $mdb->getCollection("tickets")->update(['_id' => new MongoID($id)], ['$set' => ['dttmUpdate' => time()]]);
<?php if ($_POST) { $username = Util::getPost("username"); $password = Util::getPost("password"); $autologin = Util::getPost("autologin"); if (!$username) { $error = "No username given"; $app->render("dlogin.html", array("error" => $error)); } elseif (!$password) { $error = "No password given"; $app->render("dlogin.html", array("error" => $error)); } elseif ($username && $password) { $check = User::checkLogin($username, $password); if ($check) { $bool = User::setLogin($username, $password, $autologin); $app->render("dlogin.html", array("close" => $bool)); } else { $error = "No such user exists, try again"; $app->render("dlogin.html", array("error" => $error)); } } } else { $app->render("dlogin.html"); }
$notification->push(sprintf(_("Successfully removed '%s' from the system."), $f_user_name), 'horde.success'); } } break; case 'update_f': $f_user_name = Util::getFormData('user_name'); $update_form = true; break; case 'update': $user_name_1 = Util::getPost('user_name'); $user_name_2 = Util::getPost('user_name2', $user_name_1); $fullname = Util::getPost('user_fullname'); $email = Util::getPost('user_email'); if ($auth->hasCapability('update')) { $user_pass_1 = Util::getPost('user_pass_1'); $user_pass_2 = Util::getPost('user_pass_2'); if (empty($user_name_1)) { $notification->push(_("You must specify the username to update."), 'horde.error'); } elseif (empty($user_pass_1) || empty($user_pass_2)) { // Don't update, but don't complain. } elseif ($user_pass_1 != $user_pass_2) { $notification->push(_("Passwords must match."), 'horde.error'); } else { $result = $auth->updateUser($user_name_1, $user_name_2, array('password' => $user_pass_1)); } } if (isset($result) && is_a($result, 'PEAR_Error')) { $notification->push(sprintf(_("There was a problem updating '%s': %s"), $user_name_1, $result->getMessage()), 'horde.error'); } else { require_once HORDE_LIBS . 'Horde/Identity.php'; $identity =& Identity::singleton('none', $user_name_1);
$domainChar['alias'] = @$corpStatus['alias']; $corps[] = $domainChar; } if (@$domainChar['isExecutorCEO']) { $subdomain = modifyTicker($domainChar['alliTicker']) . ".{$baseAddr}"; if (isset($bannerUpdates[$subdomain])) { $banner = $bannerUpdates[$subdomain]; Db::execute('insert into zz_subdomains (subdomain, banner) values (:subdomain, :banner) on duplicate key update banner = :banner', array(':subdomain' => $subdomain, ':banner' => $banner)); $error = "Banner updated for {$subdomain}, please wait 2 minutes for the change to take effect."; } $status = Db::queryRow('select adfreeUntil, banner from zz_subdomains where subdomain = :subdomain', array(':subdomain' => $subdomain), 0); $domainChar['adfreeUntil'] = @$status['adfreeUntil']; $domainChar['banner'] = @$status['banner']; $allis[] = $domainChar; } $showDisqus = Util::getPost('showDisqus'); if ($showDisqus) { UserConfig::set('showDisqus', $showDisqus == 'true'); $error = 'Disqus setting updated to ' . ($showDisqus ? ' display.' : ' not display.') . ' The next page load will reflect the change.'; } } $data['domainCorps'] = $corps; $data['domainAllis'] = $allis; $data['domainChars'] = $domainChars; $data['showDisqus'] = UserConfig::get('showDisqus', true); $app->render('account.html', array('data' => $data, 'message' => $error, 'key' => $key, 'reqid' => $reqid)); function modifyTicker($ticker) { $ticker = str_replace(' ', '_', $ticker); $ticker = preg_replace('/^\\./', 'dot.', $ticker); $ticker = preg_replace('/\\.$/', '.dot', $ticker);
* (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ $error = ""; if ($_POST) { $keyid = Util::getPost("keyid"); $vcode = Util::getPost("vcode"); $killmail = Util::getPost("killmail"); $killmailurl = Util::getPost("killmailurl"); // Apikey stuff if ($keyid || $vcode) { $check = Api::checkAPI($keyid, $vcode); if ($check == "success") { Db::execute("insert ignore into zz_api (keyID, vCode) values (:keyID, :vCode)", array(":keyID" => $keyid, ":vCode" => $vcode)); $error = "Your API Key has been added."; } else { $error = $check; } } if ($killmailurl) { // Looks like http://public-crest.eveonline.com/killmails/30290604/787fb3714062f1700560d4a83ce32c67640b1797/ $exploded = explode("/", $killmailurl); if (count($exploded) != 7) { $error = "Invalid killmail link.";
* it is not a looping redirect. */ if (isset($registry->applications['logout']['initial_page']) && $registry->applications['logout']['initial_page'] != 'login.php?' . AUTH_REASON_PARAM . '=' . AUTH_REASON_LOGOUT) { header('Location: ' . Horde::applicationUrl($registry->applications['logout']['initial_page'])); exit; } Horde::setupSessionHandler(); @session_start(); NLS::setLang($language); /* Hook to preselect the correct language in the widget. */ $_GET['new_lang'] = $language; } if (isset($_POST['horde_user']) && isset($_POST['horde_pass'])) { /* Destroy any existing session on login and make sure to use a * new session ID, to avoid session fixation issues. */ Horde::getCleanSession(); if ($auth->authenticate(Util::getPost('horde_user'), array('password' => Util::getPost('horde_pass')))) { $entry = sprintf('Login success for %s [%s] to Horde', Auth::getAuth(), $_SERVER['REMOTE_ADDR']); Horde::logMessage($entry, __FILE__, __LINE__, PEAR_LOG_INFO); if ($url_param) { $url = Horde::url(Util::removeParameter($url_param, session_name()), true); $horde_url = Horde::applicationUrl($registry->getParam('webroot', 'horde') . '/index.php', true); $horde_url = Util::addParameter($horde_url, 'url', $url); } else { $horde_url = Horde::applicationUrl('index.php', true); } $horde_url = Util::addParameter($horde_url, 'frameset', Util::getFormData('frameset') ? 1 : 0); header('Location: ' . $horde_url); exit; } else { $entry = sprintf('FAILED LOGIN for %s [%s] to Horde', Util::getFormData('horde_user'), $_SERVER['REMOTE_ADDR']); Horde::logMessage($entry, __FILE__, __LINE__, PEAR_LOG_ERR);
<?php global $mdb; $error = ''; if ($_POST) { $keyid = Util::getPost('keyid'); $vcode = Util::getPost('vcode'); $killmail = Util::getPost('killmail'); $killmailurl = Util::getPost('killmailurl'); // Apikey stuff if ($keyid || $vcode) { $check = 'success'; if ($check == 'success') { Api::addKey($keyid, $vcode); $error = 'Your API Key has been added.'; } else { $error = $check; } } if ($killmailurl) { $timer = new Timer(); // Looks like http://public-crest.eveonline.com/killmails/30290604/787fb3714062f1700560d4a83ce32c67640b1797/ $exploded = explode('/', $killmailurl); if (count($exploded) != 7) { $error = 'Invalid killmail link.'; } else { if ((int) $exploded[4] <= 0) { $error = 'Invalid killmail link'; } elseif (strlen($exploded[5]) != 40) { $error = 'Invalid killmail link'; } else {
<?php $message = array(); $info = User::getUserInfo(); $ticket = Db::queryRow('SELECT * FROM zz_tickets WHERE id = :id', array(':id' => $id), 0); if ($ticket == null or sizeof($ticket) == 0) { $message = array('status' => 'error', 'message' => 'Ticket does not exist.'); } elseif ($ticket['status'] == 0) { $message = array('status' => 'error', 'message' => 'Ticket has been closed, you cannot post, only view it'); } elseif ($ticket['userid'] != User::getUserID() && @$info['moderator'] == 0 && @$info['admin'] == 0) { $app->notFound(); } if ($_POST) { $reply = Util::getPost('reply'); if ($reply && $ticket['status'] != 0) { $name = $info['username']; $moderator = @$info['moderator'] == true; $check = Db::query('SELECT * FROM zz_tickets_replies WHERE reply = :reply AND userid = :userid AND belongsTo = :id', array(':reply' => $reply, ':userid' => User::getUserID(), ':id' => User::getUserID()), 0); if (!$check) { Db::execute('INSERT INTO zz_tickets_replies (userid, belongsTo, name, reply, moderator) VALUES (:userid, :belongsTo, :name, :reply, :moderator)', array(':userid' => User::getUserID(), ':belongsTo' => $id, ':name' => $name, ':reply' => $reply, ':moderator' => $moderator)); global $baseAddr; if (!$moderator) { Log::irc("|g|Ticket response from {$name}|n|: https://{$baseAddr}/moderator/tickets/{$id}/"); } $app->redirect("/tickets/view/{$id}/"); exit; } } else { $message = array('status' => 'error', 'message' => 'No...'); } }
<?php if ($_POST) { $username = Util::getPost('username'); $password = Util::getPost('password'); $password2 = Util::getPost('password2'); $email = Util::getPost('email'); if (isset($_POST['username'])) { $username = $_POST['username']; } if (isset($_POST['password'])) { $password = $_POST['password']; } if (isset($_POST['password2'])) { $password2 = $_POST['password2']; } if (isset($_POST['email'])) { $email = $_POST['email']; } if (!$password || !$password2) { $error = 'Missing password, please retry'; $app->render('register.html', array('error' => $error)); } elseif (!$email) { $error = 'Missing email, please retry'; $app->render('register.html', array('error' => $error)); } elseif ($password != $password2) { $error = "Passwords don't match, please retry"; $app->render('register.html', array('error' => $error)); } elseif (!$username) { $error = 'Missing username, please retry'; $app->render('register.html', array('error' => $error));