示例#1
0
function cs_sql_version($cs_file)
{
    global $cs_db;
    $subtype = empty($cs_db['subtype']) ? 'myisam' : strtolower($cs_db['subtype']);
    $sql_infos = array('data_free' => 0, 'data_size' => 0, 'index_size' => 0, 'tables' => 0, 'names' => array());
    $sql_query = "SHOW TABLE STATUS LIKE '" . cs_sql_escape($cs_db['prefix'] . '_') . "%'";
    if ($sql_data = $cs_db['con']->query($sql_query)) {
        $new_result = $sql_data->fetchAll(PDO::FETCH_ASSOC);
        $sql_data = NULL;
        foreach ($new_result as $row) {
            $sql_infos['data_size'] += $row['Data_length'];
            $sql_infos['index_size'] += $row['Index_length'];
            $sql_infos['data_free'] += $subtype == 'innodb' ? 0 : $row['Data_free'];
            $sql_infos['tables']++;
            $sql_infos['names'][] .= $row['Name'];
        }
    } else {
        $error = $cs_db['con']->errorInfo();
        cs_error_sql($cs_file, 'cs_sql_version', $error[2]);
    }
    cs_log_sql($cs_file, $sql_query);
    $sql_infos['type'] = 'MySQL (pdo_mysql)';
    $sql_infos['subtype'] = empty($cs_db['subtype']) ? 'myisam' : $cs_db['subtype'];
    $sql_infos['host'] = $cs_db['con']->getAttribute(PDO::ATTR_CONNECTION_STATUS);
    $sql_infos['encoding'] = 'PDO encoding';
    $sql_infos['client'] = $cs_db['con']->getAttribute(PDO::ATTR_CLIENT_VERSION);
    $sql_infos['server'] = $cs_db['con']->getAttribute(PDO::ATTR_SERVER_VERSION);
    return $sql_infos;
}
示例#2
0
function cs_trashmail($email)
{
    $parts = explode('@', $email, 2);
    if (empty($parts[1])) {
        return false;
    } else {
        $where = "trashmail_entry = '" . strtolower(cs_sql_escape($parts[1])) . "'";
        $check = cs_sql_count(__FILE__, 'trashmail', $where);
        return empty($check) ? false : true;
    }
}
示例#3
0
function cs_captchacheck($input, $mini = 0)
{
    if (!extension_loaded('gd')) {
        return true;
    }
    $ip = cs_getip();
    $timeout = cs_time() - 900;
    $string = empty($mini) ? cs_sql_escape($input) : 'mini_' . cs_sql_escape($input);
    $cond = 'captcha_ip = \'' . cs_sql_escape($ip) . '\' AND ';
    $cond .= 'captcha_time > \'' . $timeout . '\' AND ';
    $cond .= 'captcha_string = \'' . $string . '\'';
    $hash_db = cs_sql_select(__FILE__, 'captcha', 'captcha_id', $cond);
    if (empty($hash_db)) {
        return false;
    }
    cs_sql_delete(__FILE__, 'captcha', $hash_db['captcha_id']);
    return true;
}
示例#4
0
function cs_categories_create($mod, $categories_name)
{
    $return = 0;
    if (empty($categories_name)) {
        return 0;
    }
    $get = "categories_mod='" . $mod . "' AND categories_name = '" . cs_sql_escape($categories_name) . "'";
    $get_data = cs_sql_select(__FILE__, 'categories', 'categories_id', $get, 'categories_name');
    if (empty($get_data['categories_id'])) {
        $columns = array('categories_mod', 'categories_name');
        $values = array($mod, $categories_name);
        cs_sql_insert(__FILE__, 'categories', $columns, $values);
        $find = "categories_mod='" . $mod . "' AND categories_name = '" . cs_sql_escape($categories_name) . "'";
        $find_data = cs_sql_select(__FILE__, 'categories', 'categories_id', $find, 'categories_name');
        $return = $find_data['categories_id'];
    } else {
        $return = $get_data['categories_id'];
    }
    return $return;
}
示例#5
0
    $data['banners']['or_img_url'] = $cs_banners['banners_picture'];
    $data['banners']['alt'] = $cs_banners['banners_alt'];
    $data['banners']['order'] = $cs_banners['banners_order'];
    $matches[1] = $cs_lang['pic_infos'];
    $return_types = '';
    foreach ($img_filetypes as $add) {
        $return_types .= empty($return_types) ? $add : ', ' . $add;
    }
    $matches[2] = $cs_lang['max_width'] . $op_banners['max_width'] . ' px' . cs_html_br(1);
    $matches[2] .= $cs_lang['max_height'] . $op_banners['max_height'] . ' px' . cs_html_br(1);
    $matches[2] .= $cs_lang['max_size'] . cs_filesize($op_banners['max_size']) . cs_html_br(1);
    $matches[2] .= $cs_lang['filetypes'] . $return_types;
    $data['banners']['clip'] = cs_abcode_clip($matches);
    echo cs_subtemplate(__FILE__, $data, 'banners', 'create');
} else {
    settype($cs_banners['banners_order'], 'integer');
    $banners_cells = array_keys($cs_banners);
    $banners_save = array_values($cs_banners);
    cs_sql_insert(__FILE__, 'banners', $banners_cells, $banners_save);
    if (!empty($files['picture']['tmp_name'])) {
        $where = "banners_name = '" . cs_sql_escape($cs_banners['banners_name']) . "'";
        $getid = cs_sql_select(__FILE__, 'banners', 'banners_id', $where);
        $filename = 'picture-' . $getid['banners_id'] . '.' . $extension;
        cs_upload('banners', $filename, $files['picture']['tmp_name']);
        $cs_banners2['banners_picture'] = 'uploads/banners/' . $filename;
        $banners2_cells = array_keys($cs_banners2);
        $banners2_save = array_values($cs_banners2);
        cs_sql_update(__FILE__, 'banners', $banners2_cells, $banners2_save, $getid['banners_id']);
    }
    cs_redirect($cs_lang['create_done'], 'banners');
}
示例#6
0
    $votes_error++;
}
if (!empty($_REQUEST['votes_id'])) {
    $votes_id = $_REQUEST['votes_id'];
} else {
    $votes_error++;
}
if (isset($_POST['submit_votes'])) {
    if (empty($votes_error)) {
        $votes_form = 0;
        if (isset($_POST['votes_several'])) {
            $temp = explode("\n", $cs_votes['votes_election']);
            $count_election = count($temp);
            $count_voted = count($_POST['voted_answer']);
            $error_several = 0;
            $where = "voted_fid = '" . $votes_id . "' AND voted_mod = '" . $mod . "' AND voted_ip = '" . cs_sql_escape($users_ip) . "'";
            $where .= " AND users_id = '" . $users_id . "' AND (";
            $voting = array();
            for ($run = 0; $run < $count_voted; $run++) {
                settype($voted_answer[$run], 'integer');
                if ($voted_answer[$run] < 1 || $voted_answer[$run] >= $count_election || in_array($voted_answer[$run], $voting)) {
                    $error_several = 1;
                    break;
                }
                $voting[] = $voted_answer[$run];
                $where .= 'voted_answer = "' . $voted_answer[$run] . '" OR ';
            }
            $where = substr($where, 0, -4) . ')';
            $error_several += cs_sql_count(__FILE__, 'voted', $where);
            if (!empty($error_several)) {
                die('Multivote triggered an error with answers -> Execution halted.');
示例#7
0
        // Lang file
        $langinfocontent = '<?php' . "\r\n";
        $langinfocontent .= '// ClanSphere 2010 - www.clansphere.net' . "\r\n";
        $langinfocontent .= '// File created by mod modules' . "\r\n\r\n";
        $langinfocontent .= '$cs_lang[\'mod\'] = \'' . $_POST['modname'] . "';\r\n";
        $langinfocontent .= '$cs_lang[\'mod_info\'] = \'' . $_POST['description'] . "';\r\n\r\n";
        $langinfocontent .= '?>';
        if (!($langinfofile = fopen($cs_main['def_path'] . '/lang/' . $account['users_lang'] . '/' . $_POST['moddir'] . '.php', 'w'))) {
            $error .= cs_html_br(1) . $cs_lang['modinfolang_create_failed'];
        } elseif (!fwrite($langinfofile, $langinfocontent)) {
            $error .= cs_html_br(1) . $cs_lang['modinfolang_write_failed'];
        } else {
            fclose($langinfofile);
        }
        // SQL
        $query = 'ALTER TABLE {pre}_access ADD access_' . cs_sql_escape($_POST['moddir']) . ' int(2) NOT NULL default \'0\';';
        $query = cs_sql_replace($query);
        if (!cs_sql_query(__FILE__, $query)) {
            $error .= cs_html_br(1) . $cs_lang['sqlaccess_failed'];
        }
    }
}
if (empty($_POST['submit']) || !empty($error)) {
    $data['message']['lang'] = empty($error) ? nl2br($cs_lang['need_chmod']) : $cs_lang['error_occured'] . $error;
    // SQL Tables
    $_POST['tablescount'] = empty($_POST['tablescount']) ? 1 : (int) $_POST['tablescount'];
    $tablescount = empty($_POST['addtable']) ? $_POST['tablescount'] : $_POST['tablescount'] + 1;
    for ($run = 0; $run < $tablescount; $run++) {
        $data['tables'][$run]['run'] = $run;
        $data['tables'][$run]['value'] = empty($_POST['table_' . $run]) ? '' : $_POST['table_' . $run];
    }
示例#8
0
// ClanSphere 2010 - www.clansphere.net
// $Id$
$cs_lang = cs_translate('users');
$start = empty($_GET['start']) ? 0 : (int) $_GET['start'];
$cs_sort[1] = 'users_nick DESC';
$cs_sort[2] = 'users_nick ASC';
$cs_sort[3] = 'users_place DESC';
$cs_sort[4] = 'users_place ASC';
$cs_sort[5] = 'users_laston DESC';
$cs_sort[6] = 'users_laston ASC';
$sort = empty($_GET['sort']) ? 2 : (int) $_GET['sort'];
$order = $cs_sort[$sort];
//$where = empty($_REQUEST['where']) ? 0 : $_REQUEST['where'];
//$mof = empty($where) ? '' : " AND users_sex = '" . cs_sql_escape($where) . "'";
$where = empty($_GET['where']) ? 0 : $_GET['where'];
$mof = empty($where) ? '' : " AND users_nick LIKE '" . cs_sql_escape($where) . "%'";
$condition = 'users_delete = 0 AND users_active = 1' . $mof;
$users_count = cs_sql_count(__FILE__, 'users', $condition);
$data['head']['mod'] = $cs_lang['mod_name'];
$data['head']['action'] = $cs_lang['list'];
$data['head']['total'] = $users_count;
$data['head']['pages'] = cs_pages('users', 'list', $users_count, $start, $where, $sort);
$sel_female = $where === 'female' ? 'selected' : '';
$data['head']['sel_female'] = $sel_female;
$sel_male = $where === 'male' ? 'selected' : '';
$data['head']['sel_male'] = $sel_male;
$data['sort']['nick'] = cs_sort('users', 'list', $start, $where, 1, $sort);
$data['sort']['place'] = cs_sort('users', 'list', $start, $where, 3, $sort);
$data['sort']['laston'] = cs_sort('users', 'list', $start, $where, 5, $sort);
$select = 'users_id, users_nick, users_place, users_laston, users_country, users_hidden, users_active, users_invisible';
$cs_users = cs_sql_select(__FILE__, 'users', $select, $condition, $order, $start, $account['users_limit']);
示例#9
0
    $where = $_REQUEST['usersthumb'];
    $from = 'usersgallery';
    $select = 'usersgallery_name, usersgallery_time, usersgallery_count, usersgallery_count_downloads';
    $where = "usersgallery_id = '" . cs_sql_escape($where) . "'";
    $cs_gallery = cs_sql_select(__FILE__, $from, $select, $where);
    $gallery_loop = count($cs_gallery);
    $name = $cs_gallery['usersgallery_name'];
    $gallery_time = $cs_gallery['usersgallery_time'];
    $gallery_count = $cs_gallery['usersgallery_count'];
    $gallery_count_downloads = $cs_gallery['usersgallery_count_downloads'];
}
if (!empty($_REQUEST['userspic'])) {
    $where = $_REQUEST['userspic'];
    $from = 'usersgallery';
    $select = 'usersgallery_name, usersgallery_time, usersgallery_count, usersgallery_count_downloads';
    $where = "usersgallery_id = '" . cs_sql_escape($where) . "'";
    $cs_gallery = cs_sql_select(__FILE__, $from, $select, $where);
    $gallery_loop = count($cs_gallery);
    $name = $cs_gallery['usersgallery_name'];
    $gallery_time = $cs_gallery['usersgallery_time'];
    $gallery_count = $cs_gallery['usersgallery_count'];
    $gallery_count_downloads = $cs_gallery['usersgallery_count_downloads'];
    $gallery_count = $gallery_count + 1;
    $gallery_cells = array('usersgallery_count');
    $gallery_save = array($gallery_count);
    cs_sql_update(__FILE__, 'usersgallery', $gallery_cells, $gallery_save, $_REQUEST['userspic']);
}
class PictureEngine
{
    var $image;
    var $width;
示例#10
0
    if (!empty($_POST['users_nick'])) {
        $users_nick = cs_sql_escape($_POST['users_nick']);
        $users_id = cs_sql_select(__FILE__, 'users', 'users_id', "users_nick = '{$users_nick}'", 0, 0, 1);
        if ($users_id > 0) {
            $insertion = array('medals_id' => $medals_id, 'users_id' => $users_id['users_id'], 'medalsuser_date' => cs_time());
            cs_sql_insert(__FILE__, 'medalsuser', array_keys($insertion), array_values($insertion));
            cs_redirect($cs_lang['create_done'], 'medals', 'user', 'where=' . $medals_id);
        } else {
            cs_redirect($cs_lang['user_not_found'], 'medals', 'user', 'where=' . $medals_id);
        }
    }
} else {
    $medals_id = $_GET['where'];
}
if (isset($_GET['delete'])) {
    $medalsuser_id = cs_sql_escape($_GET['delete']);
    cs_sql_delete(__FILE__, 'medalsuser', $medalsuser_id);
    cs_redirect($cs_lang['del_true'], 'medals', 'user', 'where=' . $medals_id);
}
$start = empty($_GET['start']) ? 0 : $_GET['start'];
$cs_sort[1] = 'md.medalsuser_date DESC';
$cs_sort[2] = 'md.medalsuser_date ASC';
$cs_sort[3] = 'usr.users_nick DESC';
$cs_sort[4] = 'usr.users_nick ASC';
$sort = empty($_GET['sort']) ? 1 : $_GET['sort'];
$order = $cs_sort[$sort];
$tables = 'medalsuser md LEFT JOIN {pre}_users usr ON usr.users_id = md.users_id';
$cells = 'usr.users_nick AS users_nick, md.users_id AS users_id, usr.users_active AS users_active, usr.users_delete AS users_delete, ';
$cells .= 'md.medals_id AS medals_id, md.medalsuser_date AS medalsuser_date, md.medalsuser_id AS medalsuser_id';
$where = 'medals_id = ' . $medals_id . '';
$data['medals_user'] = array();
示例#11
0
            }
            $cs_clans['clans_picture'] = $filename;
        } else {
            $errormsg .= $cs_lang['up_error'];
            $error++;
        }
    }
    if (empty($cs_clans['clans_name'])) {
        $error++;
        $errormsg .= $cs_lang['no_name'] . cs_html_br(1);
    }
    if (empty($cs_clans['clans_short'])) {
        $error++;
        $errormsg .= $cs_lang['no_short'] . cs_html_br(1);
    }
    $where = "clans_name = '" . cs_sql_escape($cs_clans['clans_name']) . "'";
    $where .= " AND clans_id != " . (int) $clans_id;
    $search = cs_sql_count(__FILE__, 'clans', $where);
    if (!empty($search)) {
        $error++;
        $errormsg .= $cs_lang['name_exists'] . cs_html_br(1);
    }
} else {
    $cells = 'clans_name, clans_short, clans_tag, clans_tagpos, clans_country, clans_url, clans_since, clans_pwd, clans_picture, users_id';
    $cs_clans = cs_sql_select(__FILE__, 'clans', $cells, "clans_id = " . (int) $clans_id);
    $cs_users = cs_sql_select(__FILE__, 'users', 'users_nick', 'users_id = ' . (int) $cs_clans['users_id']);
    $users_nick = $cs_users['users_nick'];
}
if (!isset($_POST['submit'])) {
    $data['lang']['body'] = $cs_lang['errors_here'];
}
示例#12
0
        $levels++;
    }
    $data['cat']['abcode_smileys'] = cs_abcode_smileys('categories_text');
    $data['cat']['abcode_features'] = cs_abcode_features('categories_text');
    $matches[1] = $cs_lang['pic_infos'];
    $return_types = '';
    foreach ($img_filetypes as $add) {
        $return_types .= empty($return_types) ? $add : ', ' . $add;
    }
    $matches[2] = $cs_lang['max_width'] . $op_categories['max_width'] . ' px' . cs_html_br(1);
    $matches[2] .= $cs_lang['max_height'] . $op_categories['max_height'] . ' px' . cs_html_br(1);
    $matches[2] .= $cs_lang['max_size'] . cs_filesize($op_categories['max_size']) . cs_html_br(1);
    $matches[2] .= $cs_lang['filetypes'] . $return_types;
    $data['cat']['picup_clip'] = cs_abcode_clip($matches);
    echo cs_subtemplate(__FILE__, $data, 'categories', 'create');
} else {
    $categories_cells = array_keys($cs_categories);
    $categories_save = array_values($cs_categories);
    cs_sql_insert(__FILE__, 'categories', $categories_cells, $categories_save);
    if (!empty($files_gl['picture']['tmp_name'])) {
        $where = "categories_name = '" . cs_sql_escape($cs_categories['categories_name']) . "'";
        $getid = cs_sql_select(__FILE__, 'categories', 'categories_id', $where);
        $filename = 'picture-' . $getid['categories_id'] . '.' . $extension;
        cs_upload('categories', $filename, $files_gl['picture']['tmp_name']);
        $cs_categories2['categories_picture'] = $filename;
        $categories2_cells = array_keys($cs_categories2);
        $categories2_save = array_values($cs_categories2);
        cs_sql_update(__FILE__, 'categories', $categories2_cells, $categories2_save, $getid['categories_id']);
    }
    cs_redirect($cs_lang['create_done'], 'categories', 'manage', 'where=' . $cs_categories['categories_mod']);
}
示例#13
0
<?php

// ClanSphere 2010 - www.clansphere.net
// $Id$
$cs_lang = cs_translate('articles');
$categories_id = empty($_REQUEST['where']) ? 0 : $_REQUEST['where'];
$start = empty($_REQUEST['start']) ? 0 : $_REQUEST['start'];
if (!empty($_POST['categories_id'])) {
    $categories_id = $_POST['categories_id'];
}
empty($categories_id) ? $where = 0 : ($where = "categories_id = '" . cs_sql_escape($categories_id) . "'");
$cs_sort[1] = 'articles_headline DESC';
$cs_sort[2] = 'articles_headline ASC';
$cs_sort[3] = 'articles_time DESC';
$cs_sort[4] = 'articles_time ASC';
$sort = empty($_REQUEST['sort']) ? 3 : $_REQUEST['sort'];
$order = $cs_sort[$sort];
$articles_count = cs_sql_count(__FILE__, 'articles');
$data['head']['articles_count'] = $articles_count;
$data['head']['pages'] = cs_pages('articles', 'manage', $articles_count, $start, $categories_id, $sort);
$catmod = "categories_mod = 'articles'";
$cells = 'categories_name, categories_id';
$categories_data = cs_sql_select(__FILE__, 'categories', $cells, $catmod, 'categories_name', 0, 0);
$data['head']['dropdown'] = cs_dropdown('categories_id', 'categories_name', $categories_data, $categories_id);
$data['head']['message'] = cs_getmsg();
$cat_where = empty($categories_id) ? 0 : 'categories_id = ' . (int) $categories_id;
$cells = 'articles_headline, articles_id, articles_time, users_id';
$cs_articles = cs_sql_select(__FILE__, 'articles', $cells, $cat_where, $order, $start, $account['users_limit']);
$articles_loop = count($cs_articles);
$data['sort']['headline'] = cs_sort('articles', 'manage', $start, $categories_id, 1, $sort);
$data['sort']['date'] = cs_sort('articles', 'manage', $start, $categories_id, 3, $sort);
示例#14
0
 if (!empty($search_nick)) {
     $error++;
     $errormsg .= $cs_lang['nick_exists'] . cs_html_br(1);
 }
 $search_nick = strpos($register['nick'], '&#9829;');
 if (!empty($search_nick)) {
     $error++;
     $errormsg .= $cs_lang['chars_in_nick'] . cs_html_br(1);
 }
 $pwd2 = str_replace(' ', '', $register['password']);
 $pwdchars = strlen($pwd2);
 if ($pwdchars < 4) {
     $error++;
     $errormsg .= $cs_lang['short_pwd'] . cs_html_br(1);
 }
 $search_email = cs_sql_count(__FILE__, 'users', "users_email = '" . cs_sql_escape($register['email']) . "'");
 if (!empty($search_email)) {
     $error++;
     $errormsg .= $cs_lang['email_exists'] . cs_html_br(1);
 }
 $pattern = "=^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@([0-9a-z](-?[0-9a-z])*\\.)+[a-z]{2}([zmuvtg]|fo|me)?\$=i";
 if (!preg_match($pattern, $register['email'])) {
     $error++;
     $errormsg .= $cs_lang['email_false'] . cs_html_br(1);
 }
 include_once 'mods/contact/trashmail.php';
 if (cs_trashmail($register['email'])) {
     $error++;
     $errormsg .= $cs_lang['email_false'] . cs_html_br(1);
 }
 $flood = cs_sql_select(__FILE__, 'users', 'users_register', 0, 'users_register DESC');
示例#15
0
if (!empty($cs_post['start'])) {
    $start = $cs_post['start'];
}
$sort = empty($cs_get['sort']) ? 2 : $cs_get['sort'];
if (!empty($cs_post['sort'])) {
    $sort = $cs_post['sort'];
}
include_once 'mods/categories/functions.php';
$op_cat = cs_sql_option(__FILE__, 'categories');
$cs_sort[1] = 'categories_name DESC';
$cs_sort[2] = 'categories_name ASC';
$cs_sort[3] = 'categories_url DESC';
$cs_sort[4] = 'categories_url ASC';
$order = 'categories_subid, ' . $cs_sort[$sort];
$where = empty($_REQUEST['where']) ? $op_cat['def_mod'] : $_REQUEST['where'];
$mdp = "categories_mod = '" . cs_sql_escape($where) . "'";
$categories_count = cs_sql_count(__FILE__, 'categories', $mdp);
$data['where']['mod'] = $where;
$data['head']['count'] = $categories_count;
$data['head']['pages'] = cs_pages('categories', 'manage', $categories_count, $start, $where, $sort);
$run = 0;
$modules = cs_checkdirs('mods');
foreach ($modules as $mods) {
    $check_axx = empty($account['access_' . $mods['dir'] . '']) ? 0 : $account['access_' . $mods['dir'] . ''];
    if (!empty($mods['categories']) and $check_axx > 2) {
        $mods['dir'] == $where ? $sel = 1 : ($sel = 0);
        $data['mod'][$run]['sel'] = cs_html_option($mods['name'], $mods['dir'], $sel);
        $run++;
    }
}
$data['head']['getmsg'] = cs_getmsg();
示例#16
0
    $cs_ranks['ranks_name'] = $_POST['ranks_name'];
    $cs_ranks['squads_id'] = $_POST['squads_id'];
    $cs_ranks['ranks_url'] = $_POST['ranks_url'];
    $cs_ranks['ranks_img'] = $_POST['ranks_img'];
    $cs_ranks['ranks_code'] = $_POST['ranks_code'];
    $error = '';
    if (empty($cs_ranks['ranks_name'])) {
        $error .= $cs_lang['no_name'] . cs_html_br(1);
    }
    if (empty($cs_ranks['ranks_url']) and empty($cs_ranks['ranks_code'])) {
        $error .= $cs_lang['no_url'] . cs_html_br(1);
    }
    if (empty($cs_ranks['ranks_img']) and empty($cs_ranks['ranks_code'])) {
        $error .= $cs_lang['no_img'] . cs_html_br(1);
    }
    $where = "ranks_name = '" . cs_sql_escape($cs_ranks['ranks_name']) . "'";
    $where .= " AND ranks_id != '" . $ranks_id . "'";
    $search = cs_sql_count(__FILE__, 'ranks', $where);
    if (!empty($search)) {
        $error .= $cs_lang['rank_exists'] . cs_html_br(1);
    }
}
if (!isset($_POST['submit'])) {
    $data['head']['body'] = $cs_lang['body_edit'];
} elseif (!empty($error)) {
    $data['head']['body'] = $error;
}
if (!empty($error) or !isset($_POST['submit'])) {
    $data['ranks'] = $cs_ranks;
    $data['ranks']['id'] = $ranks_id;
    $data_squads = cs_sql_select(__FILE__, 'squads', 'squads_name,squads_id', 0, 'squads_name', 0, 0);
示例#17
0
$error = '';
$time = cs_time();
$buddys_id = 0;
$buddys_notice = '';
$users_id = $account['users_id'];
if (!empty($users_add_id)) {
    $users_data = cs_sql_select(__FILE__, 'users', 'users_id, users_nick', "users_id = '" . $users_add_id . "'");
    $buddys_nick = $users_data['users_nick'];
} else {
    $buddys_nick = '';
}
if (isset($_POST['submit'])) {
    if (!empty($_POST['buddys_nick'])) {
        $buddys_nick = $_POST['buddys_nick'];
        $buddys_notice = $_POST['buddys_notice'];
        $users_data = cs_sql_select(__FILE__, 'users', 'users_id, users_nick', "users_nick = '" . cs_sql_escape($buddys_nick) . "'");
        if (!empty($users_data)) {
            $buddys_id = $users_data['users_id'];
            if ($buddys_id == $account['users_id']) {
                $error .= $cs_lang['error_user_self'];
            }
            $where = "users_id = '" . $users_id . "' AND buddys_user = '******'";
            $buddys_check = cs_sql_count(__FILE__, 'buddys', $where);
            if (!empty($buddys_check)) {
                $error = $cs_lang['error_available'];
            }
        } else {
            $error = $cs_lang['error_user_noavailable'];
        }
    } else {
        $error = $cs_lang['error_id'];
示例#18
0
$data['if']['preview'] = FALSE;
$data['if']['guest'] = FALSE;
if (isset($_POST['submit']) or isset($_POST['preview'])) {
    $cs_com['comments_text'] = $_POST['comments_text'];
    $error = '';
    if (empty($cs_com['users_id'])) {
        $guestnick = $_POST['comments_guestnick'];
        if (empty($guestnick) and empty($cs_com['users_id'])) {
            $error .= $cs_lang['no_guestnick'] . cs_html_br(1);
        } else {
            $nick2 = str_replace(' ', '', $guestnick);
            $nickchars = strlen($nick2);
            if ($nickchars < $op_users['min_letters']) {
                $error .= sprintf($cs_lang['short_nick'], $op_users['min_letters']) . cs_html_br(1);
            }
            $search_nick = cs_sql_count(__FILE__, 'users', "users_nick = '" . cs_sql_escape($guestnick) . "'");
            if (!empty($search_nick)) {
                $error .= $cs_lang['nick_exists'] . cs_html_br(1);
            }
        }
    }
    if (empty($cs_com['comments_text'])) {
        $error .= $cs_lang['no_text'] . cs_html_br(1);
    }
}
if (!isset($_POST['submit']) and !isset($_POST['preview'])) {
    $data['head']['body'] = $cs_lang['body_com_edit'];
} elseif (!empty($error)) {
    $data['head']['body'] = $error;
} elseif (isset($_POST['preview'])) {
    $data['head']['body'] = $cs_lang['preview'];
示例#19
0
            $error = '';
            if ($cs_squads['squads_picture'] != $filename and !empty($cs_squads['squads_picture'])) {
                cs_unlink('squads', $cs_squads['squads_picture']);
            }
            $cs_squads['squads_picture'] = $filename;
        } else {
            $error .= $cs_lang['up_error'];
        }
    }
    if (empty($cs_squads['clans_id'])) {
        $error .= $cs_lang['no_clan'] . cs_html_br(1);
    }
    if (empty($cs_squads['squads_name'])) {
        $error .= $cs_lang['no_name'] . cs_html_br(1);
    }
    $where = "squads_name = '" . cs_sql_escape($cs_squads['squads_name']) . "'";
    $where .= " AND squads_id != '" . $squads_id . "'";
    $search = cs_sql_count(__FILE__, 'squads', $where);
    if (!empty($search)) {
        $error .= $cs_lang['squad_exists'] . cs_html_br(1);
    }
}
if (!isset($_POST['submit'])) {
    $data['head']['body'] = $cs_lang['errors_here'];
} elseif (!empty($error)) {
    $data['head']['body'] = $error;
}
if (!empty($error) or !isset($_POST['submit'])) {
    foreach ($cs_squads as $key => $value) {
        $data['squads'][$key] = cs_secure($value);
    }
示例#20
0
<?php

// ClanSphere 2010 - www.clansphere.net
// $Id$
# Overwrite global settings by using the following array
$cs_main = array('init_sql' => true, 'init_tpl' => false, 'init_mod' => true);
chdir('../../');
require_once 'system/core/functions.php';
cs_init($cs_main);
$term = empty($_GET['term']) ? '' : $_GET['term'];
# Mods like messages support multiple users and that must be considered
$term_array = explode(';', $term);
$current = is_array($term_array) ? end($term_array) : $term;
# Strip current search term from search_users content
$old = substr($term, 0, strlen($term) - strlen($current));
if (!empty($current)) {
    $data = array();
    $data['data']['old'] = htmlspecialchars($old);
    $data['data']['target'] = empty($_GET['target']) ? 'users_nick' : $_GET['target'];
    $where = "users_nick LIKE '%" . cs_sql_escape(trim($current)) . "%' AND users_active = 1 AND users_delete = 0";
    $data['result'] = cs_sql_select(__FILE__, 'users', 'users_nick', $where, 0, 0, 7);
    if (!empty($data['result'])) {
        $loop = count($data['result']);
        for ($run = 0; $run < $loop; $run++) {
            $data['result'][$run]['users_nick'] = cs_secure($data['result'][$run]['users_nick']);
        }
        echo cs_subtemplate(__FILE__, $data, 'ajax', 'search_users');
    }
}
示例#21
0
$cs_lang = cs_translate('board');
if (!empty($_GET['delall'])) {
    cs_sql_update(__FILE__, 'board', array('board_order'), array(0), 0, 'board_order != 0');
    cs_sql_update(__FILE__, 'categories', array('categories_order'), array(0), 0, "categories_mod = 'board'");
    cs_redirect(NULL, 'board', 'sort');
}
if (!empty($_GET['board'])) {
    $board_cells = array('board_order');
    $board_save = empty($_GET['order']) ? array(0) : array(cs_sql_escape($_GET['order']));
    cs_sql_update(__FILE__, 'board', $board_cells, $board_save, cs_sql_escape($_GET['board']));
    cs_redirect(NULL, 'board', 'sort');
}
if (!empty($_GET['cat'])) {
    $board_cells = array('categories_order');
    $board_save = empty($_GET['order']) ? array(0) : array(cs_sql_escape($_GET['order']));
    cs_sql_update(__FILE__, 'categories', $board_cells, $board_save, cs_sql_escape($_GET['cat']));
    cs_redirect(NULL, 'board', 'sort');
}
$data['link']['back'] = cs_url('board', 'manage');
$data['link']['delall'] = cs_url('board', 'sort', 'delall=1');
$where = "categories_mod = 'board'";
$select = 'categories_name, categories_id, categories_order';
$cs_categories = cs_sql_select(__FILE__, 'categories', $select, $where, 'categories_order ASC, categories_name ASC', 0, 0);
$loop_categories = count($cs_categories);
if (!empty($cs_categories)) {
    for ($run = 0; $run < $loop_categories; $run++) {
        $data['cat'][$run]['categories_name'] = cs_secure($cs_categories[$run]['categories_name']);
        $data['cat'][$run]['categories_order'] = cs_secure($cs_categories[$run]['categories_order']);
        if ($run > 0 and $cs_categories[$run]['categories_order'] - 1 >= $cs_categories[$run - 1]['categories_order']) {
            $data['cat'][$run]['categories_up'] = cs_html_img('symbols/clansphere/up_arrow_active.png') . ' ' . cs_link($cs_lang['up'], 'board', 'sort', 'cat=' . $cs_categories[$run]['categories_id'] . '&order=' . $cs_categories[$run - 1]['categories_order']);
        } else {
示例#22
0
}
$sort = empty($cs_get['sort']) ? 1 : $cs_get['sort'];
if (!empty($cs_post['sort'])) {
    $sort = $cs_post['sort'];
}
$cs_sort[1] = 'gbk.gbook_time DESC';
$cs_sort[2] = 'gbk.gbook_time ASC';
$cs_sort[3] = 'usr.users_email DESC';
$cs_sort[4] = 'usr.users_email ASC';
$order = $cs_sort[$sort];
$user_gb = empty($_POST['user_gb']) ? 0 : $_POST['user_gb'];
if (empty($user_gb)) {
    $user_gb = empty($_GET['user_gb']) ? 0 : $_GET['user_gb'];
}
if (!empty($user_gb)) {
    $where = "users_nick = '" . cs_sql_escape($user_gb) . "'";
    $cs_user = cs_sql_select(__FILE__, 'users', 'users_id', $where);
    $id = $cs_user['users_id'];
}
$where = "gbook_users_id ='" . $id . "'";
$gbook_count = cs_sql_count(__FILE__, 'gbook', $where);
$data['head']['count'] = $gbook_count;
$data['head']['pages'] = cs_pages('gbook', 'manage', $gbook_count, $start, $id, $sort);
$data['head']['user_gb'] = empty($user_gb) ? '' : $user_gb;
$data['head']['getmsg'] = cs_getmsg();
$data['sort']['email'] = cs_sort('gbook', 'manage', $start, $id, 3, $sort);
$data['sort']['time'] = cs_sort('gbook', 'manage', $start, $id, 1, $sort);
$from = 'gbook gbk LEFT JOIN {pre}_users usr ON gbk.users_id = usr.users_id';
$select = 'gbk.gbook_id AS gbook_id, gbk.users_id AS users_id, gbk.gbook_time AS gbook_time, gbk.gbook_nick AS gbook_nick, ';
$select .= 'gbk.gbook_email AS gbook_email, gbk.gbook_lock AS gbook_lock, gbk.gbook_ip AS gbook_ip, ';
$select .= 'usr.users_nick AS users_nick, usr.users_email AS users_email';
示例#23
0
}
if (!empty($_POST['games_creator'])) {
    $games_creator = $_POST['games_creator'];
}
if (!empty($_POST['games_url'])) {
    $games_url = $_POST['games_url'];
}
if (!empty($_POST['games_version'])) {
    $games_version = $_POST['games_version'];
}
$data['lang']['body'] = !isset($_POST['submit']) ? $cs_lang['body_create'] : $errormsg;
if (isset($_POST['submit']) && empty($games_error) && empty($symbol_error)) {
    $games_cells = array('games_name', 'games_version', 'games_released', 'games_creator', 'categories_id', 'games_url', 'games_usk');
    $games_save = array($games_name, $games_version, $games_release, $games_creator, $categories_id, $games_url, $games_usk);
    cs_sql_insert(__FILE__, 'games', $games_cells, $games_save);
    $where = "games_name = '" . cs_sql_escape($games_name) . "'";
    $getid = cs_sql_select(__FILE__, 'games', 'games_id', $where);
    if (!empty($files['symbol']['tmp_name']) and $symbol_error == 0) {
        $filename = $getid['games_id'] . '.' . $extension;
        cs_upload('games', $filename, $files['symbol']['tmp_name']);
    } else {
        copy('uploads/games/0.gif', 'uploads/games/' . (int) $getid['games_id'] . '.gif');
    }
    cs_redirect($cs_lang['create_done'], 'games');
}
$data['url']['form'] = cs_url('games', 'create');
$data['games']['name'] = $games_name;
$data['games']['version'] = $games_version;
$data['games']['genre'] = cs_categories_dropdown('games', $categories_id);
$data['games']['release'] = cs_dateselect('datum', 'date', $games_release);
$data['games']['creator'] = $games_creator;
示例#24
0
            $errormsg .= $cs_lang['user_event_exists'] . cs_html_br(1);
        }
    } elseif (!empty($data['eventguests']['eventguests_name']) or !empty($data['eventguests']['eventguests_surname'])) {
        if (!empty($events_options['req_fullname']) and (empty($data['eventguests']['eventguests_name']) or empty($data['eventguests']['eventguests_surname']))) {
            $errormsg .= $cs_lang['err_name'] . cs_html_br(1);
        }
        if (!empty($events_options['req_fulladress']) and empty($data['eventguests']['eventguests_residence'])) {
            $errormsg .= $cs_lang['err_adress'] . cs_html_br(1);
        }
        if (!empty($events_options['req_phone']) and strlen(trim($data['eventguests']['eventguests_phone'])) < 5) {
            $errormsg .= $cs_lang['err_phone'] . cs_html_br(1);
        }
        if (!empty($events_options['req_mobile']) and strlen(trim($data['eventguests']['eventguests_mobile'])) < 8) {
            $errormsg .= $cs_lang['err_mobile'] . cs_html_br(1);
        }
        $where = "events_id = '" . $data['eventguests']['events_id'] . "' AND eventguests_name = '" . cs_sql_escape($data['eventguests']['eventguests_name']) . "' AND eventguests_surname = '" . cs_sql_escape($data['eventguests']['eventguests_surname']) . "'";
        $search_collision = cs_sql_count(__FILE__, 'eventguests', $where);
        if (!empty($search_collision)) {
            $errormsg .= $cs_lang['name_event_exists'] . cs_html_br(1);
        }
    } else {
        $errormsg = $cs_lang['new_guest_info'];
    }
}
if (!empty($errormsg)) {
    $data['head']['info'] = $errormsg;
}
if (!empty($errormsg) or !isset($_POST['submit'])) {
    $data['url']['form'] = cs_url('events', 'guestsnew');
    $data['events']['time'] = cs_date('unix', $data['events']['events_time'], 1);
    $data['users']['nick'] = cs_secure($users_nick);
示例#25
0
                 $cs_lap = cs_html_img('symbols/gallery/nowatermark.gif', '100', '100');
                 $more = 'id=' . $id . '&amp;cat_id=' . $z[$run]['folders_id'];
                 $more .= '&amp;move=' . $z[$run]['move'];
                 $vote[$run]['link'] = cs_link($cs_lap, 'usersgallery', 'com_view', $more);
             }
             $data['vote'] = !empty($vote) ? $vote : '';
         }
     }
     $vote_1['0']['vote'] = empty($data['vote']) ? '' : '1';
     $data['vote_1'] = !empty($vote_1['0']['vote']) ? $vote_1 : '';
 } else {
     $from = 'usersgallery';
     $select = 'usersgallery_time, usersgallery_name, usersgallery_titel, usersgallery_download, ';
     $select .= 'usersgallery_description, usersgallery_id, usersgallery_vote, usersgallery_count, folders_id';
     $where = "usersgallery_status = 1 AND usersgallery_access <= '" . $access_id . "'";
     $where .= " AND folders_id = '" . cs_sql_escape($cat_id) . "'";
     switch ($options['list_sort']) {
         case 0:
             $order = 'usersgallery_id DESC';
             break;
         case 1:
             $order = 'usersgallery_id ASC';
             break;
     }
     $cs_gallery = cs_sql_select(__FILE__, $from, $select, $where, $order, $start, $account['users_limit']);
     $gallery_loop = count($cs_gallery);
     $gallery_count = cs_sql_count(__FILE__, 'usersgallery', $where);
     $from = 'folders';
     $select = 'folders_id, sub_id, folders_name, folders_picture, folders_text';
     $where = "folders_mod = 'usersgallery' AND folders_id = '" . $cat_id . "'";
     $folders_current = cs_sql_select(__FILE__, $from, $select, $where);
示例#26
0
 $cs_gbook['gbook_jabber'] = $_POST['gbook_jabber'];
 $cs_gbook['gbook_skype'] = $_POST['gbook_skype'];
 $cs_gbook['gbook_town'] = $_POST['gbook_town'];
 $cs_gbook['gbook_url'] = $_POST['gbook_url'];
 //check nick if exists or empty
 if (!empty($cs_gbook['gbook_nick'])) {
     $exists_user = cs_sql_select(__FILE__, 'users', 'users_nick', "users_nick = '" . cs_sql_escape($cs_gbook['gbook_nick']) . "'");
     if (!empty($exists_user)) {
         $error .= $cs_lang['error_exist_nick'] . cs_html_br(1);
     }
 } else {
     $error .= $cs_lang['error_nick'] . cs_html_br(1);
 }
 //check email if exists, chars or empty
 if (!empty($cs_gbook['gbook_email'])) {
     $exists_user = cs_sql_select(__FILE__, 'users', 'users_email', "users_email = '" . cs_sql_escape($_POST['gbook_email']) . "'");
     if (!empty($exists_user)) {
         $error .= $cs_lang['error_exist_email'] . cs_html_br(1);
     }
     $pattern = "/^[0-9a-zA-Z._\\-]+@[0-9a-zA-Z._\\-]{2,}\\.[a-zA-Z]{2,4}\$/";
     if (!preg_match($pattern, $cs_gbook['gbook_email'])) {
         $error .= $cs_lang['error_email'] . cs_html_br(1);
     }
 } else {
     $error .= $cs_lang['error_email'] . cs_html_br(1);
 }
 //check jabber
 if (!empty($cs_gbook['gbook_jabber'])) {
     $pattern = "/^[0-9a-zA-Z._\\-]+@[0-9a-zA-Z._\\-]{2,}\\.[a-zA-Z]{2,4}\$/";
     if (!preg_match($pattern, $cs_gbook['gbook_jabber'])) {
         $error .= $cs_lang['error_jabber'] . cs_html_br(1);
示例#27
0
    }
}
if (isset($_POST['submit_1'])) {
    $post_count = count($_POST);
    $post_count = $post_count - '1';
    $cs_gallery_pic['folders_id'] = empty($_POST['folders_name']) ? $_POST['folders_id'] : make_folders_create('gallery', $_POST['folders_name']);
    $cs_gallery_option = cs_sql_option(__FILE__, 'gallery');
    $img_max['thumbs'] = $cs_gallery_option['thumbs'];
    for ($run = 0; $run < $post_count; $run++) {
        if (!empty($_POST['status_' . $run])) {
            $name = $_POST['name_' . $run];
            if (!extension_loaded('gd')) {
                die(cs_error_internal(0, 'GD extension not installed.'));
            }
            if (cs_resample('uploads/gallery/pics/' . $name, 'uploads/gallery/thumbs/' . 'Thumb_' . $name, $img_max['thumbs'], $img_max['thumbs'])) {
                $where = "gallery_name = '" . cs_sql_escape($name) . "'";
                $search = cs_sql_count(__FILE__, 'gallery', $where);
                if (empty($search)) {
                    $cs_gallery_pic['users_id'] = $account['users_id'];
                    $cs_gallery_pic['gallery_name'] = $name;
                    $cs_gallery_pic['gallery_status'] = isset($_POST['gallery_status']) ? $_POST['gallery_status'] : 0;
                    $cs_gallery_pic['gallery_access'] = isset($_POST['gallery_access']) ? $_POST['gallery_access'] : 0;
                    $cs_gallery_pic['gallery_watermark'] = $_POST['gallery_watermark'];
                    if (!empty($_POST['gallery_watermark'])) {
                        $watermark_pos = $_POST['watermark_pos'];
                        $watermark_trans = $_POST['gallery_watermark_trans'];
                        $cs_gallery_pic['gallery_watermark_pos'] = $watermark_pos . '|--@--|' . $watermark_trans;
                    }
                    $extension = strlen(strrchr($name, "."));
                    $file = strlen($name);
                    $filename = substr($name, 0, $file - $extension);
示例#28
0
} elseif (!empty($error)) {
    $data['head']['body'] = $error;
}
if (!empty($error) or !isset($_POST['submit'])) {
    $data['linkus'] = $cs_linkus;
    $matches[1] = $cs_lang['pic_infos'];
    $return_types = '';
    foreach ($img_filetypes as $add => $value) {
        $return_types .= empty($return_types) ? $add : ', ' . $add;
    }
    $matches[2] = $cs_lang['max_width'] . $img_max['width'] . ' px' . cs_html_br(1);
    $matches[2] .= $cs_lang['max_height'] . $img_max['height'] . ' px' . cs_html_br(1);
    $matches[2] .= $cs_lang['max_size'] . cs_filesize($img_max['size']) . cs_html_br(1);
    $matches[2] .= $cs_lang['filetypes'] . $return_types;
    $data['linkus']['picup_clip'] = cs_abcode_clip($matches);
    echo cs_subtemplate(__FILE__, $data, 'linkus', 'create');
} else {
    $linkus_cells = array_keys($cs_linkus);
    $linkus_save = array_values($cs_linkus);
    cs_sql_insert(__FILE__, 'linkus', $linkus_cells, $linkus_save);
    if (!empty($files_gl['symbol']['tmp_name'])) {
        $where = "linkus_name = '" . cs_sql_escape($cs_linkus['linkus_name']) . "'";
        $getid = cs_sql_select(__FILE__, 'linkus', 'linkus_id', $where);
        $filename = $getid['linkus_id'] . '.' . $extension;
        cs_upload('linkus', $filename, $files_gl['symbol']['tmp_name']);
    }
    $linkus_cells = array('linkus_banner');
    $linkus_save = array($filename);
    cs_sql_update(__FILE__, 'linkus', $linkus_cells, $linkus_save, $getid['linkus_id']);
    cs_redirect($cs_lang['create_done'], 'linkus');
}
示例#29
0
 }
 $error = 0;
 $errormsg = '';
 $nick2 = str_replace(' ', '', $cs_user['users_nick']);
 $nickchars = strlen($nick2);
 if ($nickchars < $op_users['min_letters']) {
     $error++;
     $errormsg .= sprintf($cs_lang['short_nick'], $op_users['min_letters']) . cs_html_br(1);
 }
 $where = "users_nick = '" . cs_sql_escape($cs_user['users_nick']) . "' AND users_id != ";
 $search_nick = cs_sql_count(__FILE__, 'users', $where . $account['users_id']);
 if (!empty($search_nick)) {
     $error++;
     $errormsg .= $cs_lang['nick_exists'] . cs_html_br(1);
 }
 $where = "users_email = '" . cs_sql_escape($cs_user['users_email']) . "' AND users_id != ";
 $search_email = cs_sql_count(__FILE__, 'users', $where . $account['users_id']);
 if (!empty($search_email)) {
     $error++;
     $errormsg .= $cs_lang['email_exists'] . cs_html_br(1);
 }
 $pattern = "=^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@([0-9a-z](-?[0-9a-z])*\\.)+[a-z]{2}([zmuvtg]|fo|me)?\$=i";
 if (!preg_match($pattern, $cs_user['users_email'])) {
     $error++;
     $errormsg .= $cs_lang['email_false'] . cs_html_br(1);
 }
 include_once 'mods/contact/trashmail.php';
 if (cs_trashmail($cs_user['users_email'])) {
     $error++;
     $errormsg .= $cs_lang['email_false'] . cs_html_br(1);
 }
示例#30
0
         if (!empty($where)) {
             $where = $where . ' OR ';
         }
         $z = cs_substr($temp[$run], 6);
         $where .= "squ.squads_name = '" . cs_sql_escape(str_replace('Squad:', '', $temp[$run])) . "'";
     } elseif ($b == 'Clan:') {
         if (!empty($where)) {
             $where = $where . ' OR ';
         }
         $z = cs_substr($temp[$run], 5);
         $where .= "cla.clans_name = '" . cs_sql_escape(str_replace('Clan:', '', $temp[$run])) . "'";
     } else {
         if (!empty($where)) {
             $where .= ' OR ';
         }
         $where .= "usr.users_nick = '" . cs_sql_escape($temp[$run]) . "'";
         $z = $temp[$run];
     }
 }
 $from = 'users usr LEFT JOIN {pre}_members mem ON usr.users_id = mem.users_id ';
 $from .= 'LEFT JOIN {pre}_squads squ ON mem.squads_id = squ.squads_id ';
 $from .= 'LEFT JOIN {pre}_clans cla ON squ.clans_id = cla.clans_id';
 $select = 'usr.users_id AS users_id, usr.users_nick AS users_nick, usr.users_email AS users_email';
 $order = '';
 $cs_messages = cs_sql_select(__FILE__, $from, $select, $where, 0, 0, 0);
 $cs_messages_loop = count($cs_messages);
 if (empty($cs_messages_loop) or empty($where)) {
     $messages_error++;
     $errormsg .= $cs_lang['error_to'] . cs_html_br(1);
     $error_to = '1';
 } else {