return !$result;
}
$title = "Сохранение новости";
include '../../header.php';
?>
<div class="content" style="border: 0px;">
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$tetle = $_POST['tetle'];
$message = $_POST['message'];
$author = $_POST['author'];
$tetle = clean($tetle);
$message = clean($message);
$author = clean($author);
if (!empty($tetle) && !empty($message) && !empty($author)) {
if (check_length($tetle, 2, 50) && check_length($message, 10, 10000) && check_length($author, 1, 25)) {
echo "Новость опубликована<br>";
echo $tetle . "<br>" . $message . "<br>" . $author . "<br>";
} else {
echo "Введенные данные некорректные";
}
} else {
echo "Заполните пустые поля";
}
} else {
header("Location: ../index.php");
}
?>
</div>
<div class="user">
<div class="middle_text">Пользователь</div>
function check($name1, $email1, $phone1, $message1)
{
if (!empty($name1) && !empty($email1) && !empty($phone1)) {
$email = filter_var($email1, FILTER_SANITIZE_EMAIL);
if (!filter_var($email1, FILTER_VALIDATE_EMAIL)) {
return $error_mail = "Ошибка! Введен некорректный адрес: {$email}";
}
if (check_length($name1, 3, 225) && check_length($email1, 5, 100) && check_length($phone1, 12, 20) && check_length($message1, 0, 1000)) {
return $success = "Ваше сообщение успешно отправлено!";
} else {
return $error_length = "Слишком длинные поля!";
}
} else {
return $error_empty = "Ошибка! Пожалуйста, заполните все обязательные поля.";
}
}
}
//Функция для проверки размера значения формы
function check_length($value = "", $min, $max)
{
$result = mb_strlen($value) < $min || mb_strlen($value) > $max;
return !$result;
}
//Вытягиваем значения с формы
isset($_POST['username']) ? $user = $_POST['username'] : ($user = null);
isset($_POST['password']) ? $password = $_POST['password'] : ($password = null);
//Прогон через функцию clean
$user = clean($user);
$password = clean($password);
//Конец проверки
if (!empty($user) && !empty($password)) {
if (check_length($user, 3, 20) && check_length($password, 3, 20)) {
if ($user === 'user' && $password === '123') {
setcookie('userIsLogedIn', 1);
setcookie('user', 'John');
echo '<p class="text-success">Welcome ' . key($_COOKIE) . '. You are logined.</p>';
header("Location: secret.php");
exit;
} else {
echo '<p class="text-danger">Password or login does not match. Please check your login details.</p>';
}
} else {
echo '<p class="text-warning">Please, check the length of your details, it should not be less than 3 or more than 20 symbols.</p>';
}
}
?>
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
require 'includes/header.php';
force_id();
$page_title = 'Edit ignored phrases';
$onload_javascript = 'focusId(\'ignore_list\'); init();';
Output::Assign('sidebar', $sidebar);
Output::$tpl->display('dashhead.tpl.php');
if ($_POST['form_sent']) {
check_length($_POST['ignore_list'], 'ignore list', 0, 4000);
if (!$erred) {
$sql = DB::Prepare('INSERT INTO {P}IgnoreLists (uid, ignored_phrases) VALUES (?, ?) ON DUPLICATE KEY UPDATE ignored_phrases = ?;');
DB::Execute($sql, array($_SESSION['UID'], $_POST['ignore_list'], $_POST['ignore_list']));
$_SESSION['notice'] = 'Ignore list updated.';
if ($_COOKIE['ostrich_mode'] != 1) {
$_SESSION['notice'] .= ' You must <a href="/dashboard">enable ostrich mode</a> for this to have any effect.';
}
} else {
$ignored_phrases = $_POST['ignore_list'];
}
}
$sql = DB::Prepare('SELECT ignored_phrases FROM {P}IgnoreLists WHERE uid = ?');
$res = DB::Execute($sql, array($_COOKIE['UID']));
list($ignored_phrases) = $res->FetchRow();
print_errors();
function errors($username, $password)
{
// Check if attempts is set or not, if it isn't set it to 1
if (!isset($_SESSION['attempts'])) {
$_SESSION['attempts'] = 1;
}
if (!check_length($username, 8, 16) || !check_length($password, 8, 16) || !check_table("users", "username", $username) || $_SESSION['attempts'] > 50) {
// There were errors
$_SESSION['attempts']++;
return TRUE;
} else {
// No errors
return FALSE;
}
}
if (check_length($name, 2, 25) && $email_validate) {
}
}
//ddd
//uspex
if (!empty($name) && !empty($email)) {
$email_validate = filter_var($email, FILTER_VALIDATE_EMAIL);
if (check_length($name, 2, 25) && $email_validate) {
echo "Спасибо за сообщение";
}
}
//uspex
//eee
if (!empty($name) && !empty($email)) {
$email_validate = filter_var($email, FILTER_VALIDATE_EMAIL);
if (check_length($name, 2, 25) && $email_validate) {
echo "Спасибо за сообщение";
} else {
// добавили сообщение
echo "Введенные данные некорректные";
echo "<meta http-equiv='Refresh' content='0; URL=error.php?item=9'>";
}
} else {
// добавили сообщение
echo "Заполните пустые поля";
}
//eee
$sql_insert = "INSERT INTO registration_tb (name, email, date) \n VALUES (?,?,?)";
$stmt = $conn->prepare($sql_insert);
$stmt->bindValue(1, $name);
$stmt->bindValue(2, $email);
mail($email, 'Заявка', $mail_message, $headers);
$errormessage = "Заявка успешно отправлена.";
} else {
$errormessage = 'Введены некорректные данные.';
}
} else {
$errormessage = 'Введены некорректные данные.';
}
} else {
if ($action == 'call') {
//получаем данные с формы
$call_name = escape_chars($_POST['call_name']);
$call_tel = escape_chars($_POST['call_tel']);
//проверка данных
if (!empty($call_name) && !empty($call_tel)) {
if (checknumber($call_tel) == 1 && check_length($call_name, 2, 25) && check_length($call_tel, 5, 25)) {
//формирование емейла
$mail_message = "Заявка от лица:\n";
$mail_message .= "Имя: " . $call_name . "\n";
$mail_message .= "Телефон: " . $call_tel . "\n";
mail($email, 'Заявка', $mail_message, $headers);
$errormessage = "Заявка успешно отправлена.";
} else {
$errormessage = 'Введены некорректные данные.';
}
} else {
$errormessage = 'Введены некорректные данные.';
}
} else {
$errormessage = "Не верное действие.";
}
$poster_number = $last_number + 1;
}
}
}
DB::Execute(sprintf('INSERT INTO {P}Replies (author, name, author_ip, poster_number, parent_id, body, time) VALUES (\'%s\', \'%s\',\'%s\', %d, %d, %s, UNIX_TIMESTAMP())', $author, $authorname, $_SERVER['REMOTE_ADDR'], $poster_number, $_GET['reply'], DB::Q($body)));
$congratulation = 'Reply posted.';
} else {
//(mysql): UPDATE atbbs_Replies SET body = 'No more sysop powers for me, sniff.\r\n\r\ndaflkasdflafld', flags = 1, edit_time = UNIX_TIMESTAMP(), name='2' WHERE id = 0
DB::ToggleDebug();
DB::Execute(sprintf('UPDATE {P}Replies SET body =%s, flags = %d, edit_time = UNIX_TIMESTAMP(), name=\'%s\' WHERE id = %d', DB::Q($body), 0 | 1 * $edit_mod, $authorname, $_GET['edit']));
// exit;
$congratulation = 'Reply edited.';
}
} else {
// or a topic...
check_length($headline, 'headline', MIN_LENGTH_HEADLINE, MAX_LENGTH_HEADLINE);
if (!$editing) {
//Lurk more?
if ($_SERVER['REQUEST_TIME'] - $_SESSION['first_seen'] < REQUIRED_LURK_TIME_TOPIC) {
Output::HardError('Lurk for at least ' . REQUIRED_LURK_TIME_TOPIC . ' seconds before posting your first topic.');
}
// Flood control.
$too_early = $_SERVER['REQUEST_TIME'] - FLOOD_CONTROL_TOPIC;
$res = DB::Execute(sprintf('SELECT 1 FROM {P}Topics WHERE author_ip = \'%s\' AND time > %d', $_SERVER['REMOTE_ADDR'], $too_early));
if ($res->RecordCount() > 0) {
Output::HardError('Wait at least ' . FLOOD_CONTROL_TOPIC . ' seconds before creating another topic. ');
}
// Prepare our query...
DB::Execute(sprintf('INSERT INTO {P}Topics (author, name, author_ip, headline, body, last_post, time) VALUES (\'%s\', \'%s\',\'%s\', \'%s\', %s, UNIX_TIMESTAMP(), UNIX_TIMESTAMP())', $author, $authorname, $_SERVER['REMOTE_ADDR'], $headline, DB::Q($body)));
$congratulation = 'Topic created.';
} else {
}
fclose($FILE);
#politely close filehandle
echo "Our last line was: {$last}\n";
#Give feedback of what the last line was
$i = 0;
#loop iterator init
$total_chars = 0;
#set total characters to 0
while ($lines > $i) {
#While we still have lines
$total_chars += $line_length[$i];
#tally up the total amount of chars so far
$i = $i + 1;
#next iteration
}
#Give some file stats
echo "The file had {$lines} lines and {$total_chars} total characters\n";
echo "Enter another line that is less than 30 characters:\n";
$another_line = chop(fgets(STDIN));
#get the line
while (check_length($another_line) == "FAIL") {
#keep checking that it is < 30 chars
$another_line = chop(fgets(STDIN));
}
$FILE = fopen($filename, "a");
#re-open file in append mode
fwrite($FILE, "{$another_line}\n");
#add the line to text file (with newline)
fclose($FILE);
#close filehandle
}
} else {
$answer["errors"]["contactLastName"] = "Field 'Last Name' is empty";
}
if (!check_length($subject, 0, 100)) {
$answer["errors"]["contactSubject"] = "Field 'Subject' more than 100 characters.";
}
if (!empty($email)) {
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$answer["errors"]["contactEmail"] = "Field 'Email' is NOT a valid email address.";
}
} else {
$answer["errors"]["contactEmail"] = "Field 'Email' is empty";
}
if (!empty($message)) {
if (!check_length($message, 1, 1000)) {
$answer["errors"]["contactMessage"] = "Field 'Message' more than 1000 characters.";
}
} else {
$answer["errors"]["contactMessage"] = "Field 'Message' is empty";
}
if (!isset($answer["errors"])) {
$to = '*****@*****.**';
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=utf-8' . "\r\n";
$headers .= 'From:' . $email . "\r\n";
if (mail($to, $subject, $message, $headers)) {
$answer["success"] = "Message sent successfully";
$answer["message"] = " Thank you for your email.";
} else {
$answer["errors"]["message"] = "mail is not sent";
if(strlen("%s") >= \$max_%s_length) {
echo "%s is too long<br><br>";
\$ok = 0;
}
EOT;
$instruction = sprintf($str, $val, $name, $name);
eval($instruction);
}
if (isset($_POST['submit'])) {
$username = sanitize_post('username');
$password = sanitize_post('password');
$email = sanitize_post('email');
$ok = 1;
check_length('username', $username, $ok);
check_length('password', $password, $ok);
check_length('email', $email, $ok);
if ($ok) {
add_user($username, $password, $email);
?>
<p style = "font-size: 25px; color: red"> Registered successfully </p>
<html>
<?php
}
}
?>
<?php
require 'bootstrap.php';
?>
<body>
{
if (strlen($username) > 5) {
return true;
}
return false;
}
$vollstaendig = "";
if (isset($_POST["abschicken"])) {
if ($_POST['abschicken'] == "speichern") {
if (!isset($_POST["uid"]) || !is_string($_POST["uid"]) || trim($_POST["uid"]) == "") {
$vollstaendig .= "<li>Username</li>";
}
if (check_string($_POST['uid']) == false) {
$vollstaendig .= "<li>Username darf keine Sonderzeichen außer \".\" und \"_\" enthalten</li>";
}
if (check_length($_POST['uid']) == false) {
$vollstaendig .= "<li>Username muss mindestens 5 Zeichen haben</li>";
}
if ($uid->uidvorhanden > 0) {
$vollstaendig .= "<li>Username ist bereits vergeben</li>";
}
}
if ($_POST["pid1"] != $_POST["pid2"] || $_POST["pid1"] == "" || $_POST["pid2"] == "") {
$vollstaendig .= "<li>Passwörter sind nicht korrekt</li>";
}
if (!isset($_POST["isfemale"]) || !is_string($_POST["isfemale"]) || trim($_POST["isfemale"]) == "") {
$vollstaendig .= "<li>Geschlecht</li>";
}
if (!isset($_POST["vorname"]) || !is_string($_POST["vorname"]) || trim($_POST["vorname"]) == "") {
$vollstaendig .= "<li>Vorname</li>";
}
$name = escape_chars($_POST['zakaz_name']);
$tel = escape_chars($_POST['zakaz_tel']);
$email = escape_chars($_POST['zakaz_email']);
$uslugi = escape_chars($_POST['zakaz_uslugi']);
$price = escape_chars($_POST['zakaz_price']);
$sitetype = escape_chars($_POST['zakaz_sitetype']);
if ($uslugi) {
$uslugi_ar = split(';', $uslugi);
$uslugi = '';
foreach ($uslugi_ar as $u) {
if ($u != '') {
$uslugi .= ' • ' . $u . "\n";
}
}
}
if ($name == '' || $tel == '' || checknumber($tel) == 0 || $email == '' || check_length($name, 2, 50) == 0 || check_length($tel, 2, 20) == 0) {
$errormessage = 'Неверные данные.';
} else {
$mail_message = "Заявка ";
$mail_message .= "от " . $name . "\n";
$mail_message .= "тел. " . $tel . "\n";
if ($email) {
$mail_message .= "email: " . $email . "\n";
}
if ($sitetype) {
$mail_message .= "Тип сайта: " . $sitetype . "\n";
}
if ($price) {
$mail_message .= "Цена: " . $price . "\n";
}
if ($uslugi) {
function errors($firstname, $lastname, $username, $password1, $password2, $email1, $email2) {
if (
contains_whitespace($firstname) ||
contains_whitespace($lastname) ||
!check_length($firstname, 1, 255) ||
!check_length($lastname, 1, 255) ||
!check_length($username, 8, 16) ||
!check_length($password1, 8, 16) ||
$password1 !== $password2 ||
!filter_var($email1, FILTER_VALIDATE_EMAIL) ||
$email1 !== $email2 ||
check_table("users", "username", $username) ||
check_table("confirmation", "username", $username) ||
check_table("users", "email", $email1) ||
check_table("confirmation", "email", $email1)
) {
// There were errors
return TRUE;
} else {
// No errors
return FALSE;
}
}