<?php
require_once './db-connect.php';
require_once './util.php';
$name = filter_escape($_POST['name']);
$gender = filter_escape($_POST['gender']);
$email = filter_escape($_POST['email']);
$username = filter_escape($_POST['username']);
$password = filter_escape($_POST['password']);
$r_mail = mysql_query("SELECT * FROM user WHERE email='{$email}'");
$r_user = mysql_query("SELECT * FROM user WHERE username='******'");
$mail_num = mysql_num_rows($r_mail);
$user_num = mysql_num_rows($r_user);
if ($mail_num > 0 && $user_num > 0) {
echo 4;
return;
} else {
if ($mail_num === 0 && $user_num > 0) {
echo 3;
return;
} else {
if ($mail_num > 0 && $user_num === 0) {
echo 2;
return;
} else {
if ($mail_num === 0 && $user_num === 0) {
$salt = md5(uniqid(rand(), true));
$password = hash('sha256', $salt . $password);
$cookie = md5($email . time() . $salt);
$insert = mysql_query("INSERT INTO user SET\n name='{$name}', username='******', gender='{$gender}',\n email='{$email}', password='******', salt='{$salt}',\n cookie='{$cookie}', createtime=now()");
if ($insert) {
<?php
require_once './db-connect.php';
require_once './util.php';
$cookie = filter_escape($_POST['cookie']);
$result = mysql_query("SELECT * FROM user WHERE cookie='{$cookie}'");
$num = mysql_num_rows($result);
if ($num === 0) {
echo 0;
} else {
if ($num === 1) {
echo 1;
} else {
echo 2;
}
}
date_default_timezone_set("Asia/Taipei");
require_once "./vendor/autoload.php";
require_once './db-connect.php';
require_once './util.php';
$subject_id = filter_escape($_POST['subject']);
$address = filter_escape($_POST['address']);
$region_id = filter_escape($_POST['region']);
$content = filter_escape($_POST['content']);
$anonymous = filter_escape($_POST['anonymous']);
$cookie = filter_escape($_POST['cookie']);
$marker = filter_escape($_POST['marker']);
$gps = filter_escape($_POST['gps']);
$picture1 = filter_escape($_POST['picture1']);
$picture2 = filter_escape($_POST['picture2']);
$picture3 = filter_escape($_POST['picture3']);
$result = mysql_query("SELECT id FROM user WHERE cookie='{$cookie}'");
$num = mysql_num_rows($result);
if ($num != 1) {
echo 2;
return;
}
$row = mysql_fetch_assoc($result);
$user_id = $row['id'];
$content = $address . ', ' . $content;
$result = mysql_query("INSERT INTO report SET\n user_id={$user_id},\n region_id={$region_id},\n subject_id={$subject_id},\n content='{$content}',\n address='{$address}',\n marker='{$marker}',\n gps='{$gps}',\n progress_id=0,\n picture1='{$picture1}',\n picture2='{$picture2}',\n picture3='{$picture3}',\n anonymous={$anonymous},\n report_time=now()\n ");
if (!$result) {
echo 2;
return;
}
$result = mysql_query("SELECT * FROM region WHERE region_id={$region_id}");
<?php
require_once "./vendor/autoload.php";
require_once "./db-connect.php";
require_once "./config.php";
require_once './util.php';
date_default_timezone_set("Asia/Taipei");
$subject = filter_escape($_POST['subject']);
$sendername = filter_escape($_POST['name']);
$from = filter_escape($_POST['from']);
$content = $_POST['content'];
$filted_content = filter_escape($content);
$mail = new PHPMailer();
$mail->IsSMTP();
$mail->SMTPAuth = TRUE;
$mail->SMTPSecure = "ssl";
$mail->Host = "smtp.gmail.com";
$mail->Port = 465;
$mail->CharSet = "utf-8";
$mail->Encoding = "base64";
$mail->Username = $agency_gmail_user;
$mail->Password = $agency_gmail_password;
$mail->FromName = $sendername;
$mail->Subject = $subject;
$mail->Body = $content . "\n\n\nFrom: " . $from;
foreach ($manager as $each_manager) {
$mail->AddAddress($each_manager['mail'], $each_manager['name']);
}
mysql_query("INSERT INTO mail (subject,email,name,content) VALUES ('{$subject}','{$from}','{$sendername}','{$filted_content}')");
if (!$mail->Send()) {
echo "Mailer Error: " . $mail->ErrorInfo;
