$out .= '</tr>' . "\n"; while ($data = mysql_fetch_assoc($result)) { $userlabel = $data['forum_userlabel']; if (!isset($assigned[$userlabel])) { $assigned[$userlabel] = '%VALUE%'; $border .= 'style="border-top: solid;"' . "\n"; } $out .= '<tr>' . "\n"; $out .= '<td ' . $border . '>' . $data['username'] . '</td>' . "\n"; $out .= '<td ' . $border . '>' . $userlabel . '</td>' . "\n"; $out .= '</tr>' . "\n"; $border = ""; } $out .= '</table>' . "\n"; break; case 'change': $forum_userlabel = $_POST['forum_userlabel']; $user_id = $_POST['user_id']; $query = 'UPDATE userinfo SET forum_userlabel = "' . $forum_userlabel . '" WHERE userid = ' . $user_id . ' LIMIT 1'; mysql_query($query) or report_sql_error($query, __FILE__, __LINE__); $out .= 'Ändrat'; log_admin_event('userlabel changed', $_POST['forum_userlabel'], $_SESSION['login']['id'], $_POST['user_id'], ''); jscript_alert('Användarens forumstatus är ändrad'); jscript_location('/admin/forum_userlabel.php'); } $out .= rounded_corners_bottom(); ui_top($ui_options); echo $out; ui_bottom(); ?>
trace('register_error', 'register.php acsessed by not logged on user...'); } else { if (isset($_POST['submit_button'])) { $check = regform_check($_POST); if ($check === true) { unset($data); $data['userinfo']['gender'] = $_POST['gender']; $data['userinfo']['zip_code'] = $_POST['zip_code']; $data['userinfo']['birthday'] = $_POST['birth_year'] . '-' . $_POST['birth_month'] . '-' . $_POST['birth_day']; login_save_user_data($_SESSION['login']['id'], $data); session_merge($data); /*$alert = 'Tackar! Nu skickar vi dig till en introduktionssida som berättar mer om Hamsterpaj,\\n'; $alert .= 'vad man gör här och hur sidan fungerar, du måste inte läsa den om du inte vill.'; jscript_alert($alert); jscript_location('/hamsterpaj/introduction.php');*/ jscript_alert('Eftersom Lef inte gjort klart välkommen-sidan ännu så kan vi inte skicka dig till den. Hursomhelst så är du välkommen till hamsterpaj, och vi skickar dig nu till startsidan för träffa.\\n\\nDet skulle dessutom vara kul för folk att veta vem du är, klicka på Inställningar i menyn så kan du ladda upp en bild på dig själv eller göra din egna presentation.\\n\\nÅter igen; välkommen!'); jscript_location('/traffa/'); } else { regform_fail(); regform_settings($_POST, $check); } } else { regform_header(); regform_settings(); } } ui_bottom(); ?>
<?php require '../include/core/common.php'; $ui_options['stylesheets'][] = 'hpads_admin.css'; $ui_options['javascripts'][] = 'hpads_admin.js'; $ui_options['title'] = 'Startsidan pÃ¥ Hamsterpaj'; if (!is_privilegied('hp_ad_admin')) { jscript_alert('En skyddad sida, du är inte välkommen'); jscript_location('/'); die('Du måste ha privilegie för att nå den här sidan'); } ui_top($ui_options); $_POST['html'] = html_entity_decode($_POST['html']); if ($_POST['action'] == 'create') { $uniqid = md5(rand() . uniqid() . microtime()); $query = 'INSERT INTO hp_ads (name, area, credits, expire, html, probability, uniqid) VALUES("'; $query .= $_POST['name'] . '", "' . $_POST['area'] . '", "' . $_POST['credits'] . '", "' . strtotime($_POST['expire']) . '", "' . $_POST['html']; $query .= '", "' . $_POST['probability'] . '", "' . $uniqid . '")'; mysql_query($query); } if ($_POST['action'] == 'update') { $query = 'UPDATE hp_ads SET name = "' . $_POST['name'] . '", area = "' . $_POST['area'] . '", credits = "' . $_POST['credits'] . '"'; $query .= ', expire = "' . strtotime($_POST['expire']) . '", html = "' . $_POST['html'] . '", probability = "' . $_POST['probability'] . '"'; $query .= ' WHERE id = "' . $_POST['id'] . '" LIMIT 1'; mysql_query($query); } echo hpads_form(); ui_bottom();
} else { event_log_log('classic_reg_form_sign_up'); /* Input from user is OK, create rows in required tables */ $query = 'INSERT INTO login(username, password, regtimestamp, regip, lastlogon) '; $query .= 'VALUES ("' . $_POST['username'] . '", "' . md5(utf8_decode($_POST['password'])) . '", "'; $query .= time() . '", "' . $_SERVER['REMOTE_ADDR'] . '", "")'; mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__)); $user_id = mysql_insert_id(); $query = 'INSERT INTO userinfo (userid) VALUES ("' . $user_id . '")'; mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__)); $query = 'INSERT INTO traffa (userid) VALUES ("' . $user_id . '")'; mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__)); $query = 'INSERT INTO preferences (userid) VALUES ("' . $user_id . '")'; mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__)); /* Rows created, log on the user */ login_dologin($_POST['username'], $_POST['password']); /* Redirect to welcome page asking the user for more information */ jscript_alert('Du kan numera känna dig som en riktig Hamsterpajare!\\nVi loggar in dig på ditt konto nu.'); jscript_location('/registered.php'); } } else { regform_header_p13(); regform_header_welcome(); register_form(); event_log_log('classic_reg_form_load'); } ui_bottom(); ?>
jscript_alert('Det där går inte, du måste skriva in ditt nuvarande lösenord, annars funkar inte skiten. Seså, gör om gör rätt!'); jscript_go_back(); exit; } if ($_POST['password_new'] != $_POST['password_verify']) { jscript_alert('"Nytt lösenord" och "Upprepa nytt lösenord" måste ju vara samma, annars funkar det ju inte :('); jscript_go_back(); exit; } $newdata['login']['password'] = hamsterpaj_password(utf8_decode($_POST['password_new'])); break; } login_save_user_data($_SESSION['login']['id'], $newdata); session_merge($newdata); jscript_alert('Ändrat, fixat och donat :)'); jscript_location($_SERVER['PHP_SELF']); } if ($_POST['action'] == 'profile_theme') { $query = 'UPDATE userinfo SET profile_theme = "' . $_POST['theme'] . '" WHERE userid = "' . $_SESSION['login']['id'] . '" LIMIT 1'; mysql_query($query) or report_sql_error($query); $_SESSION['userinfo']['profile_theme'] = $_POST['theme']; } /* Frivillig information */ $out .= '<a name="optional_info"></a>'; $out .= rounded_corners_tabs_top($void, true); $out .= '<h2 style="margin-top: 0px;">Frivillig information</h2>' . "\n"; $out .= '<form action="' . $_SERVER['PHP_SELF'] . '?action=perform_changes&type=optional_info" method="post" name="optional_info">'; $out .= '<strong>Är du flicka eller pojke?</strong><br />' . "\n"; $out .= '<input type="radio" name="gender" value="m" '; if ($_SESSION['userinfo']['gender'] == 'm') { $out .= 'checked="1" ';
<?php require '../include/core/common.php'; $ui_options['menu_path'] = array('traeffa', 'grupper'); $ui_options['title'] = 'Gruppnotiser - Hamsterpaj.net'; ui_top($ui_options); if (login_checklogin() != 1) { jscript_alert('Du måste vara inloggad för att komma åt denna sidan!'); jscript_location('index.php'); } $output .= rounded_corners_top(array('color' => 'blue')); echo '<h2 style="margin-top: 0px;">Nya inlägg i dina grupper</h2>'; foreach ($_SESSION['groups_members'] as $key => $value) { $query = 'SELECT groups_list.message_count, groups_members.read_msg, groups_list.name, groups_members.notices FROM groups_members, groups_list '; $query .= 'WHERE groups_members.groupid = ' . $value . ' AND groups_list.groupid = ' . $value; $query .= ' AND groups_members.userid =' . $_SESSION['login']['id']; $result = mysql_query($query) or die(report_sql_error($query)); $data = mysql_fetch_assoc($result); if ($data['notices'] == "Y") { $new_posts = $data['message_count'] - $data['read_msg']; if ($new_posts > 0) { echo '<strong>'; } } echo '<a href="groups.php?action=goto&groupid=' . $value . '">' . $data['name'] . '</a>'; if ($data['notices'] == "Y") { echo ' - ' . $new_posts . ' nya inlägg.'; if ($new_posts > 0) { echo '</strong>'; } } else {
} function snyggve_get_latest() { $query = 'SELECT id, title FROM snyggve ORDER by ID DESC LIMIT 12'; $result = mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__)); while ($data = mysql_fetch_assoc($result)) { $items[] = $data; } return $items; } if ($_GET['action'] == 'upload' && login_checklogin()) { $identifier = displace_image(); saveform($identifier); } elseif ($_GET['action'] == 'save' && login_checklogin()) { $id = saveimage(); jscript_location('?action=view_image&image_id=' . $id); } elseif ($_GET['action'] == 'view_image') { $user = view_image($_GET['image_id']); if (!view_album($user)) { echo '<h2>Senast uppladdat till Snyggve</h2>' . "\n"; snyggve_list_items(snyggve_get_latest()); } if (login_checklogin()) { uploadform(); } } elseif ($_GET['action'] == 'view_user' && is_numeric($_GET['user_id'])) { snyggve_intro(); view_album($_GET['user_id'], 'fulhack'); if (login_checklogin()) { uploadform(); }
$w = isset($_GET['w']) ? intval($_GET['w']) : 0; $h = isset($_GET['h']) ? intval($_GET['h']) : 0; $ext = $data['extension']; if (file_exists(UPLOAD_PATH . $id . '_' . $w . '_' . $h . '.' . $ext)) { unlink(UPLOAD_PATH . $id . '_' . $w . '_' . $h . '.' . $ext); } //update db $query = 'UPDATE ' . WALLPAPERS_RES_RELATION . ' SET is_removed = 1 WHERE pid = ' . $id . ' AND resolution_pid = (SELECT id FROM ' . WALLPAPERS_RES . ' WHERE resolution_w = ' . $w . ' AND resolution_h = ' . $h . ')'; mysql_query($query) or report_sql_error($query, __FILE__, __LINE__); //if it's the last resolution delete wallpaper $query = 'SELECT NULL FROM ' . WALLPAPERS_RES_RELATION . ' WHERE is_removed = 0 AND pid = ' . $id; //is there more resoltions? $result = mysql_query($query) or report_sql_error($query, __FILE__, __LINE__); if (mysql_num_rows($result) == 0) { //delete wallpaper $query = 'UPDATE ' . WALLPAPERS_TABLE . ' SET is_removed = 1 WHERE id = ' . $id; mysql_query($query) or report_sql_error($query, __FILE__, __LINE__); if (file_exists(UPLOAD_PATH . $id . '_preview.' . $ext)) { unlink(UPLOAD_PATH . $id . '_preview.' . $ext); } if (file_exists(UPLOAD_PATH . $id . '_thumb.' . $ext)) { unlink(UPLOAD_PATH . $id . '_thumb.' . $ext); } } jscript_location('?action=home'); //end wallpapers break; } echo rounded_corners_tabs_bottom(); ui_bottom();
<?php require '../include/core/common.php'; require PATHS_LIBRARIES . 'promoe.lib.php'; require PATHS_CONFIGS . 'promoe.conf.php'; $ui_options['menu_path'] = array('mattan', 'promoe'); $ui_options['title'] = 'Promoe på Hamsterpaj.net, rita dina egna pixel-bilder!'; $ui_options['stylesheets'][] = 'promoe_new.css'; $ui_options['javascripts'][] = 'promoe_new.js'; ui_top($ui_options); if (login_checklogin() && isset($_GET['save'])) { $query = 'INSERT INTO promoes (owner, description, imagestring, date, parent) VALUES("' . $_SESSION['login']['id'] . '", "' . $_GET['name'] . '", "' . $_GET['imagestring'] . '", "'; $query .= time() . '", "' . $_GET['parent'] . '")'; mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__)); jscript_location('?view=' . mysql_insert_id()); } if (isset($_GET['search'])) { $query = 'SELECT p.id, p.owner AS author_id, p.imagestring, p.date, l.username AS author_username '; $query .= 'FROM promoes AS p, login AS l WHERE p.description LIKE "' . $_GET['search'] . '" AND l.id = p.owner ORDER BY p.id ASC LIMIT 100'; $result = mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__)); if (mysql_num_rows($result) > 1) { while ($promoe = mysql_fetch_assoc($result)) { $promoes[] = $promoe; } echo promoe_thumbs_list('Sökresultat: ' . $_GET['search'], $promoes); } } if (isset($_GET['view'])) { $query = 'SELECT p.id, p.owner AS author_id, p.imagestring, p.date, p.description, p.parent, l.username AS author_username '; $query .= 'FROM promoes AS p, login AS l WHERE p.id = "' . $_GET['view'] . '" AND l.id = p.owner ORDER BY p.id ASC'; $result = mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__));
$queries[] = 'UPDATE ' . WALLPAPERS_RES_RELATION . ' SET is_removed = 1 WHERE pid = ' . intval($_GET['id']); $queries[] = 'UPDATE ' . WALLPAPERS_TAGS . ' SET is_removed = 1 WHERE pid = ' . intval($_GET['id']); foreach ($queries as $query) { mysql_query($query) or report_sql_error($query, __FILE__, __LINE__); } //unlink files too! $unlink[] = intval($_GET['id']) . '_preview.' . $extension; $unlink[] = intval($_GET['id']) . '_thumb.' . $extension; foreach ($unlink as $delete) { if (file_exists(UPLOAD_PATH . $delete)) { !unlink(UPLOAD_PATH . $delete) ? jscript_alert('Kunde inte radera ' . $delete) : ''; } else { jscript_alert('Filen ' . $delete . ' finns inte!'); } } jscript_location('bakgrundsbilder.php'); } else { jscript_alert('Bilden finns inte. Återvänder...'); jscript_go_back(); } break; } } if (!$show_all_res) { $options['type'] = 'notification'; $options['title'] = 'Visar alla bakgrunder'; $options['message'] = 'Klicka <a href="?action=showall&val=true" title="Klicka här om du vill visa bilder som bara passar din upplösning">här</a> om du vill välja bilder anpassade till din skärm.'; echo ui_server_message($options); } else { $options['type'] = 'notification'; $options['title'] = 'Visar bakgrundsbilder anpassade för din skärm';
case 'copy': if (login_checklogin()) { $copy_items = array(); foreach ($_POST as $key => $value) { if (preg_match('/^copy_item_([0-9]+)$/', $key, $matches)) { $copy_items[] = '(' . $matches[1] . ', ' . $_SESSION['login']['id'] . ')'; } } if (count($copy_items) > 0) { $query = 'INSERT INTO user_lists_users(list_id, user_id)' . ' VALUES ' . implode(', ', $copy_items); mysql_query($query) or report_sql_error($query); jscript_alert('Kopierat, du kan nu hitta sakerna du kopierade på din lista!'); } else { jscript_alert('Fel: Du valde inget att kopiera!'); } jscript_location('/traffa/user_lists.php'); } break; default: $query = 'SELECT li_t.list_text AS text, li_u.checked AS checked, li_t.list_text_id AS id' . ' FROM user_lists_texts AS li_t, user_lists_users AS li_u' . ' WHERE li_u.user_id = ' . $show_user . ' AND li_t.list_text_id = li_u.list_id'; $result = mysql_query($query) or report_sql_error($query); if (mysql_num_rows($result) > 0) { echo '<h1>Visar lista för ' . $username . '</h1>' . "\n"; if (login_checklogin()) { echo '<form method="post" action="/traffa/user_lists.php?action=' . ($_SESSION['login']['id'] == $show_user ? 'delete' : 'copy') . '" method="post">' . "\n"; } echo '<ul class="user_lists_list">' . "\n"; while ($data = mysql_fetch_assoc($result)) { $extra = login_checklogin() && $_SESSION['login']['id'] == $show_user ? '<input type="checkbox" name="delete_item_' . $data['id'] . '" id="delete_item_' . $data['id'] . '_checkbox" /> <label for="delete_item_' . $data['id'] . '_checkbox">Ta bort</label>' : '<input type="checkbox" name="copy_item_' . $data['id'] . '" id="copy_item_' . $data['id'] . '_checkbox" /> <label for="copy_item_' . $data['id'] . '_checkbox">Kopiera</label>'; echo "\t" . '<li class="' . $data['checked'] . '">' . $data['text'] . '</li>' . "\n"; echo "\t" . '<li class="options">' . (login_checklogin() ? $extra : ' ') . '</li>' . "\n";
break; case 'add_privilegie': if (isset($_POST['user_id'], $_POST['privilegie_add_privilegie'], $_POST['privilegie_add_value']) && is_numeric($_POST['user_id']) && in_array($_POST['privilegie_add_privilegie'], $available_privilegies) && $_POST['privilegie_add_value'] != '') { $query = 'INSERT INTO privilegies (privilegie, value, user) VALUES ("' . $_POST['privilegie_add_privilegie'] . '", "' . $_POST['privilegie_add_value'] . '", ' . $_POST['user_id'] . ')'; mysql_query($query) or report_sql_error($query); jscript_alert('OBS! Användaren måste logga ut och in innan privilegien blir satt!'); jscript_location($_SERVER['PHP_SELF'] . '?action=load_user&user_id=' . $_POST['user_id']); exit; } break; case 'remove_privilegie': if (isset($_GET['privilegie_id'], $_GET['back_to_user_id']) && is_numeric($_GET['privilegie_id']) && is_numeric($_GET['back_to_user_id'])) { $query = 'DELETE FROM privilegies WHERE privilegie_id = ' . $_GET['privilegie_id'] . ' LIMIT 1'; mysql_query($query) or report_sql_error($query); jscript_alert('OBS! Användaren måste logga ut och in innan privilegien tas bort. Du kan logga ut användaren genom Profil > Fakta > Logga ut användare om det är nödvändigt!'); jscript_location($_SERVER['PHP_SELF'] . '?action=load_user&user_id=' . $_GET['back_to_user_id']); exit; } break; case 'view_users_by_privilegie': $output .= '<h2>Listar användare med privilegien ' . $_GET['privilegie'] . '</h2>' . "\n"; $output .= rounded_corners_top(array('color' => 'blue_delux', 'return' => true)); if (in_array($_GET['privilegie'], $available_privilegies)) { $query = 'SELECT l.username AS username, l.id AS user_id'; $query .= ' FROM login AS l, privilegies AS pl'; $query .= ' WHERE pl.user = l.id AND pl.privilegie = "' . $_GET['privilegie'] . '"'; $result = mysql_query($query) or return_sql_error($query, __FILE__, __LINE__); if (mysql_num_rows($result) > 0) { $output .= '<ul>' . "\n"; while ($data = mysql_fetch_assoc($result)) { $output .= '<li><a href="' . $_SERVER['PHP_SELF'] . '?action=load_user&user_id=' . $data['user_id'] . '">' . $data['username'] . '</a> (<a href="/traffa/profile.php?user_id=' . $data['user_id'] . '">till profil »</a>)</li>' . "\n";
mysql_query($query) or die(report_sql_error($query)); } } jscript_location($_SERVER['PHP_SELF']); break; case 'admin_check': if (is_privilegied('groups_superadmin')) { group_admin_check($_GET['groupid']); } break; case 'check_ok': if (is_privilegied('groups_superadmin')) { group_check_ok($_GET['groupid']); } break; case 'remove_post': $auth = group_check_admin_auth($_GET['groupid']); if ($auth || is_privilegied('groups_superadmin')) { group_remove_post($_GET['groupid'], $_GET['postid']); jscript_alert('Inlägget borttaget'); } jscript_location($_SERVER['PHP_SELF'] . '?action=goto&groupid=' . $_GET['groupid']); break; default: group_start_list(); } ui_bottom(); ob_end_flush(); ?>
$out .= 'Inget IRL valt'; break; } $out .= isset($_GET['updated']) ? '<span>Din IRL information har uppdateras. Klad Hest.</span>' : ''; $out .= irl_attending(array('attending' => 'yes')); $out .= irl_attending(array('attending' => 'maybe')); $out .= irl_attending_form(); $out .= rounded_corners_tabs_bottom(array('return' => TRUE)); break; case "show": case "show_information": $irl_data = irl_fetch_information(); $out .= irl_header($irl_data); $rounded_corners_tabs_options['return'] = TRUE; $rounded_corners_tabs_options['tabs'][] = array('href' => $paths_prefix . '?action=show_information&irl=' . $_GET['irl'] . '', 'label' => 'Information', 'current' => TRUE); $rounded_corners_tabs_options['tabs'][] = array('href' => $paths_prefix . '?action=show_attendings&irl=' . $_GET['irl'] . '', 'label' => 'Deltagare'); $rounded_corners_tabs_options['tabs'][] = array('href' => $paths_prefix . $irl_data['forumthread_url'], 'label' => 'Forumtråd'); $out .= rounded_corners_tabs_top($rounded_corners_tabs_options); $out .= nl2br($irl_data['information']); $out .= rounded_corners_tabs_bottom(array('return' => TRUE)); break; case "update_attending": irl_update_attending($_POST); jscript_location('?action=show_attendings&irl=' . $_GET['irl'] . '&updated'); break; default: $out .= 'Här ska det vara en lista över IRL' . "\n"; } ui_top($ui_options); echo $out; ui_bottom();
$explosion = explode(',', $_POST['order']); for ($i = 0; $i < count($explosion); $i++) { $positions[$explosion[$i]] = $i + 1; } foreach ($_POST as $input => $value) { print_r($_POST); if (is_numeric($input)) { if (strlen(trim($value)) < 2) { echo jscript_alert('Kunde inte byta namn på kategori ' . $categories[$input]['title'] . ', det nya namnet är för kort.'); } else { $query = 'UPDATE photo_albums SET title = "' . $value . '", position = "' . $positions[$input] . '" WHERE owner = "' . $_SESSION['login']['id'] . '" AND id ="' . $input . '" LIMIT 1'; mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__)); } } } jscript_location('/traffa/profile.php?id=' . $_SESSION['login']['id']); } echo '<h2>Flytta och byt namn på dina fotoalbum</h2>'; echo '<form name="form" action="' . $_SERVER['PHP_SELF'] . '?id=' . $_GET['id'] . '&action=organize&perform=true" method="post"'; echo ' onSubmit="inspect(\'testlist\');">'; ?> <script src="/include/jsdragdrop/prototype.js" type="text/javascript"></script> <script src="/include/jsdragdrop/scriptaculous.js" type="text/javascript"></script> <style> #testlist { list-style-type:none; margin: 10px;; padding: 0px; list-style: none; }
$sql = 'UPDATE moderator_contact_info SET'; $sql .= ' user_id = "' . $_SESSION['login']['id'] . '",'; $sql .= ' visibility_level = "' . (in_array($_POST['visibility_level'], array('sysops', 'admins', 'ovs')) ? $_POST['visibility_level'] : 'ovs') . '",'; $sql .= ' full_name = "' . $_POST['full_name'] . '",'; $sql .= ' street_address = "' . $_POST['street_address'] . '",'; $sql .= ' zip_code = "' . $_POST['zip_code'] . '",'; $sql .= ' phone_number = "' . $_POST['phone_number'] . '",'; $sql .= ' email = "' . $_POST['email'] . '",'; $sql .= ' msn_address = "' . $_POST['msn_address'] . '",'; $sql .= ' waist_size = "' . $_POST['waist_size'] . '",'; $sql .= ' cup_size = "' . $_POST['cup_size'] . '"'; $sql .= ' WHERE user_id = ' . $_SESSION['login']['id']; mysql_query($sql) or report_sql_error($sql, __FILE__, __LINE__); } jscript_alert('Ändrat, fixat och donat ;)'); jscript_location('/admin/moderator_contact_info.php'); break; default: $sql = 'SELECT id FROM moderator_contact_info WHERE user_id = ' . $_SESSION['login']['id'] . ' LIMIT 1'; $result = mysql_query($sql) or report_sql_error($sql, __FILE__, __LINE__); if (mysql_num_rows($result) == 0) { $out .= '<p class="error">'; $out .= 'Du verkar inte ha lagt in din information i databasen, var vänlig gör det <a href="/admin/moderator_contact_info.php?action=edit_my_info">här</a>!'; $out .= '</p>'; } else { $out .= '<a href="/admin/moderator_contact_info.php?action=edit_my_info">Ändra min info »</a>' . "\n"; } $out .= '<h2>Moderatorkontaktinfo</h2>'; $out .= '<table style="width: 100%">'; $out .= '<tr>' . "\n"; $out .= '<th>Nick</th>' . "\n";
$numbers[5] = 'fem'; $numbers[6] = 'sex'; $numbers[7] = 'sju'; $numbers[8] = 'åtta'; $numbers[9] = 'nio'; $numbers[10] = 'tio'; $numbers[11] = 'elva'; $numbers[12] = 'tolv'; if (isset($_GET['delete']) && is_numeric($_GET['delete']) && is_privilegied('abbr_admin')) { $query = 'SELECT acronym FROM acronyms WHERE id = ' . $_GET['delete'] . ' LIMIT 1'; $result = mysql_query($query) or die(report_sql_error($query)); $data = mysql_fetch_assoc($result); $letter = strtolower($data['acronym'][0]); $query = 'DELETE FROM acronyms WHERE id = ' . $_GET['delete'] . ' LIMIT 1'; mysql_query($query) or die(report_sql_error($query)); jscript_location('/mattan/foerkortningar.php?letter=' . $letter); } if (isset($_GET['edit']) && is_numeric($_GET['edit']) && is_privilegied('abbr_admin')) { $query = 'SELECT * FROM acronyms WHERE id = ' . $_GET['edit'] . ' LIMIT 1'; $result = mysql_query($query) or die(report_sql_error($query)); $data = mysql_fetch_assoc($result); echo '<div class="grey_faded_div">' . "\n"; echo '<h2>Du ändrar förkortning #' . $data['id'] . ', ' . $data['meaning'] . '</h2>' . "\n"; echo '<form action="' . $_SERVER['PHP_SELF'] . '?action=update" method="post">' . "\n"; echo '<input type="hidden" name="id" value="' . $data['id'] . '" />' . "\n"; echo '<h5>Förkortning</h5>' . "\n"; echo '<input type="text" name="acronym" value="' . $data['acronym'] . '" />' . "\n"; echo '<h5>Betydelse</h5>' . "\n"; echo '<input type="text" class="inp_meaning" name="meaning" value="' . $data['meaning'] . '" />' . "\n"; echo '<h5>Förklaring</h5>' . "\n"; echo '<textarea name="explanation" class="txt_explanation">' . $data['explanation'] . '</textarea>' . "\n";
function remove_category($id) { $query = 'UPDATE articles_categories SET removed = "1" WHERE id = "' . $id . '"'; mysql_query($query) or die(report_sql_error($query)); jscript_location('/artiklar/?action=admin'); }
$out .= sex_sense_render_posts($questions); $category = array_pop(sex_sense_fetch_categories(array('parent_category' => 0))); $out .= '<h2>Välj en kategori att kika runt i</h2>' . "\n"; $out .= sex_sense_render_category($category); break; case 'new_question': $ui_options['menu_path'] = array('sex_sense', 'question'); if (login_checklogin()) { $out .= sex_sense_new_question_form(); } break; case 'save_new_question': if (login_checklogin()) { sex_sense_new_question_create(array('user_id' => $_SESSION['login']['id'], 'question' => $_POST['question'])); jscript_alert('Tack för din fråga! Du kommer att få ett privat gästboksinlägg så fort din fråga är besvarad :)'); jscript_location('/sex_och_sinne/'); exit; } else { $out .= '<h2>Din fråga kunde inte skapas!</h2><pre>' . $_POST['question'] . '</pre>'; throw new Exception('Du måste vara inloggad för att skapa nya frågor.'); } break; case 'latest': $ui_options['menu_path'] = array('sex_sense', 'latest'); $category = array_pop(sex_sense_fetch_categories(array('parent_category' => 0))); $out .= sex_sense_render_category($category); $out .= '<h2>Senast besvarade frågorna</h2>'; $options['order'] = 'DESC'; $options['order_by'] = 'last_answer'; $options['is_answered'] = 1; $options['is_released'] = 1;
ui_top(); echo '<p>I think I know I mean "Yes," but it\'s all wrong.</p>'; ui_bottom(); exit; } if (userblock_checkblock($user_id)) { ui_top(); echo '<p class="error">IXΘYΣ! Du har blivit blockad, var snel hest så slipper du sånt ;)<br /><em>Visste du förresten att IXΘYΣ betyder Fisk på grekiska?</em></p>'; ui_bottom(); exit; } if ($_GET['action'] == 'remove' & ($user_id == $_SESSION['login']['id'] || is_privilegied('remove_diary_post'))) { $query = 'UPDATE blog SET is_removed = 1 WHERE id = "' . $_GET['id'] . '" LIMIT 1'; mysql_query($query) or report_sql_error($query, __FILE__, __LINE__); jscript_alert('Dagboksinlägg borttaget'); jscript_location('?user_id=' . $user_id . ''); } if (login_checklogin() && isset($_POST['title'])) { $insertquery = 'INSERT INTO blog (user, date, title, text) VALUES("' . $_SESSION['login']['id'] . '", "' . date('Y-m-d') . '", "' . $_POST['title'] . '", "' . $_POST['text'] . '")'; $updatequery = 'UPDATE blog SET title = "' . $_POST['title'] . '", text = "' . $_POST['text'] . '" WHERE user = "******" AND date = "' . date('Y-m-d') . '" LIMIT 1'; if (mysql_query($insertquery)) { $ualquery = 'INSERT INTO user_action_log (timestamp, user, action, url, label)'; $ualquery .= ' VALUES("' . time() . '", "' . $_SESSION['login']['id'] . '", "diary", "/traffa/diary.php?user='******'login']['id'] . '&entry=' . mysql_insert_id() . '", "' . $_POST['title'] . '")'; $options['url'] = '/traffa/diary.php?user='******'login']['id'] . '&entry=' . mysql_insert_id(); $options['action'] = 'diary'; $options['label'] = $_POST['title']; friends_actions_insert($options); mysql_query($ualquery) or report_sql_error($ualquery, __FILE__, __LINE__); } else { mysql_query($updatequery); }
} } system('convert ' . $filename . ' -resize 120x90! ' . $save_path . $data['id'] . '_' . $position . '.jpg'); echo 'convert ' . $filename . ' -resize 120x90! ' . $save_path . $data['id'] . '_' . $position . '.jpg' . '<br />'; } for ($i = 1; $i <= 4; $i++) { if ($_POST['photo_' . $i . '_delete'] == 1) { $imagestring[$i - 1] = 0; unlink(PATHS_IMAGES . 'blog_photos/' . round($data['id'] / 2500) . '/'); } } $query = 'UPDATE blog SET title = "' . mysql_real_escape_string(stripslashes($_POST['title'])) . '", '; $query .= 'text = "' . mysql_real_escape_string(stripslashes($_POST['text'])) . '", photos = "' . $imagestring . '" '; $query .= 'WHERE user = "******" AND date = "' . date('Y-m-d') . '" LIMIT 1'; mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__)); jscript_location('/traffa/profile.php'); exit; } else { $query = 'SELECT id, title, text, photos FROM blog WHERE user = "******" AND date = "' . date('Y-m-d') . '" LIMIT 1'; $result = mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__)); if (mysql_num_rows($result) == 1) { $data = mysql_fetch_assoc($result); echo '<form enctype="multipart/form-data" action="' . $_SERVER['PHP_SELF'] . '?id=' . $_GET['id'] . '&action=update&perform=true" method="post">' . "\n"; echo '<input type="text" name="title" value="' . $data['title'] . '" /><br />' . "\n"; echo '<textarea name="text" style="width: 99%; height: 250px;">' . $data['text'] . '</textarea>'; for ($i = 1; $i <= 4; $i++) { echo '<div style="float: left; width: 300px;" class="grey_faded_div">' . "\n"; echo '<h2>Bild #' . $i . '</h2>'; if ($data['photos'][$i - 1] == 1) { $src = IMAGE_URL . 'images/blog_photos/' . round($data['id'] / 2500) . '/' . $data['id'] . '_' . $i . '.jpg'; echo '<img src="' . $src . '" />';
<?php require '../include/core/common.php'; jscript_location('/traffa/my_visitors.php');
} // Ta bort if ($_GET['action'] == 'delete') { $avatar_full_filename = $avatar_path_full . $_SESSION['login']['id'] . '.jpg'; $avatar_thumb_filename = $avatar_path_thumb . $_SESSION['login']['id'] . '.jpg'; $newdata['userinfo']['image'] = 0; login_save_user_data($_SESSION['login']['id'], $newdata); $_SESSION['userinfo']['image'] = 0; if (is_file($avatar_full_filename)) { unlink($avatar_full_filename); } if (is_file($avatar_thumb_filename)) { unlink($avatar_thumb_filename); } jscript_alert('Din bild är nu borttagen!'); jscript_location($hp_url . '/installningar/avatar-settings.php'); } /* - - - - - - - - - - - - - - SID-KODEN - - - - - - - - - - - - - - SID-koden, den underbara SID-koden. Undra just vad det betyder... Besserwisserjoel noterar: Session ID */ if ($_GET['step'] == '') { if (isset($_GET['registerproccess'])) { $out .= '<div class="pink_faded_div">'; $out .= '<h2>Grattis!</h2>'; $out .= 'Ditt användarnamn var ledigt, och du är nu medlem på Hamsterpaj!<br />'; $out .= 'Vi kommer nu guida dig igenom tre steg där du fyller i lite frivillig information om dig själv!<br /><br />';
$ui_options['menu_path'] = array('traeffa'); if (isset($_GET['view'])) { $fetch['recipient'] = $_GET['view']; } elseif (login_checklogin()) { $fetch['recipient'] = $_SESSION['login']['id']; } if ($fetch['recipient'] == $_SESSION['login']['id']) { unset($_SESSION['unread_gb_entries']); } if (isset($_POST['guestbook_remove_all']) && login_checklogin()) { //delete all guestbooks entries $query = 'UPDATE traffa_guestbooks SET deleted = 1 WHERE recipient = ' . $_SESSION['login']['id']; $res = mysql_query($query) or report_sql_error($query, __FILE__, __LINE); unset($_SESSION['notices']['unread_gb_entries']); jscript_alert('Nu har du raderat ' . mysql_affected_rows() . ' gästboksinlägg!'); jscript_location('/traffa/guestbook.php'); } if ($fetch['recipient'] > 0) { $params['user_id'] = $fetch['recipient']; $profile = profile_fetch($params); /* ...and check for errors. */ if (strlen($profile['error_message']) > 0) { $ui_options['title'] .= 'Presentationsfel - Hamsterpaj.net'; ui_top($ui_options); echo '<h1>Presentationsfel</h1>'; echo '<p>' . $profile['error_message'] . '</p>'; ui_bottom(); exit; //Important! } if (userblock_checkblock($fetch['recipient'])) {
echo '<a href="?page=' . ($page + 1) . '" class="ascii_art_next">Nästa sida »</a>' . "\n"; echo '<br style="clear: both;" />' . "\n"; if (is_privilegied('ascii_art_admin')) { if (isset($_GET['delete']) && is_numeric($_GET['delete']) && (int) $_GET['delete'] > 0) { $query = 'DELETE FROM ascii_art WHERE id = ' . $_GET['delete'] . ' LIMIT 1'; mysql_query($query) or report_sql_error($query); jscript_alert('Go, went och... GONE!'); jscript_location('ascii_art.php'); } } if (is_privilegied('ascii_art_admin')) { if (isset($_POST['title'], $_POST['the_art'])) { $query = 'INSERT INTO ascii_art (title, the_art) VALUES ("' . $_POST['title'] . '", "' . $_POST['the_art'] . '")'; mysql_query($query) or report_sql_error($query); jscript_alert('Vi har nu lagt till ASCII-arten i databasen. Det kan dröja upp till 60 sekunder innan den dyker upp bland de andra ASCII-artsen!'); jscript_location('ascii_art.php'); } echo rounded_corners_top(array('color' => 'white')); ?> <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?> "> <input type="text" name="title" /> (titel)<br /> <textarea name="the_art" style="width: 100%; height: 300px"></textarea><br /> <input type="submit" value="Skapa" class="button_80" /> </form> <?php echo rounded_corners_bottom(); } ui_bottom();
function group_check_ok($groupid) { $id = parse_id($groupid); $query = 'UPDATE groups_list SET group_points = group_points - ' . GROUP_CHECK_OK_MINUS . ' WHERE groupid = ' . $id; mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__)); jscript_location($_SERVER['PHP_SELF']); }
<?php require '../include/core/common.php'; require PATHS_LIBRARIES . 't67Graph.lib.php'; require PATHS_LIBRARIES . 't67Core.lib.php'; $ui_options['menu_path'] = array('admin', 'statistik'); $ui_options['title'] = 'Statistik för Hamsterpaj.net'; $ui_options['stylesheets'][] = 't67Graph.css'; if (!is_privilegied('use_statistic_tools')) { jscript_location("/"); } $query = 'SELECT * FROM event_log WHERE `date` > "' . date('Y-m-d', time() - 86400 * 28) . '" ORDER BY `date` ASC'; $result = mysql_query($query) or die(report_sql_error($query, __FILE__, __LINE__)); while ($data = mysql_fetch_assoc($result)) { $graph[$data['event']][$data['date']] += $data['count']; } foreach ($graph as $event => $values) { $out .= t67Graph_line(array('bars' => $values, 'title' => $event)); } ui_top($ui_options); echo $out; ui_bottom(); ?>
case 'update': $query = 'SELECT author FROM suggestions WHERE id = "' . $_POST['id'] . '" LIMIT 1'; $result = mysql_query($query); if (mysql_num_rows($result) == 1) { $data = mysql_fetch_assoc($result); $message['recipient'] = $data['author']; $message['sender'] = 2348; $message['message'] = 'Hej, ditt förslag har uppdaterats, ny status för ditt förslag är: ' . $SUGGESTIONS['classifications'][$_POST['classification']]['label'] . '!' . "\n"; $message['message'] .= strlen($_POST['responsible_username']) > 1 ? 'Ansvarig för ditt förslag är: ' . $_POST['responsible_username'] : ''; $message['message'] .= "\n" . 'Texten i det berörda förslaget lyder: ' . "\n" . $_POST['text']; $message['message'] .= "\n\n" . 'Svaret på ditt förslag lyder: ' . "\n" . $_POST['reply']; guestbook_insert($message); } suggestion_update($_POST); jscript_alert('Fixat och donat!'); jscript_location('/hamsterpaj/suggestions.php?action=view_waiting'); break; case 'delete': $options['id'] = $_GET['id']; $options['display_level'] = 'removed'; suggestion_update($options); break; case 'view_waiting': echo '<h1>Förslag som väntar på att granskas</h1>'; $fetch['classification'] = array('waiting'); $suggestions = suggestion_fetch($fetch); suggestion_list($suggestions); break; case 'processed': echo '<h1>Förslag som vi granskat</h1>' . "\n"; $fetch['classification'] = array('in_the_future', 'denied', 'completed', 'assigned');
} // Ta bort if ($_GET['action'] == 'delete') { $avatar_full_filename = $avatar_path_full . $_SESSION['login']['id'] . '.jpg'; $avatar_thumb_filename = $avatar_path_thumb . $_SESSION['login']['id'] . '.jpg'; $newdata['userinfo']['image'] = 0; login_save_user_data($_SESSION['login']['id'], $newdata); $_SESSION['userinfo']['image'] = 0; if (is_file($avatar_full_filename)) { unlink($avatar_full_filename); } if (is_file($avatar_thumb_filename)) { unlink($avatar_thumb_filename); } jscript_alert('Din bild är nu borttagen!'); jscript_location($hp_url . 'avatar-settings.php'); } /* - - - - - - - - - - - - - - SID-KODEN - - - - - - - - - - - - - - SID-koden, den underbara SID-koden. Undra just vad det betyder... Besserwisserjoel noterar: Session ID */ if ($_GET['step'] == '') { if (isset($_GET['registerproccess'])) { $out .= '<div class="pink_faded_div">'; $out .= '<h2>Grattis!</h2>'; $out .= 'Ditt användarnamn var ledigt, och du är nu medlem på Hamsterpaj!<br />'; $out .= 'Vi kommer nu guida dig igenom tre steg där du fyller i lite frivillig information om dig själv!<br /><br />';
<?php require '../include/core/common.php'; ui_top(); if (isset($_POST['username']) && strtolower($_POST['username']) == 'borttagen') { die('Men gå och lägg dig jävla tomte.'); } if (login_checklogin()) { jscript_location('/traffa/index.php'); } else { if (isset($_POST['username'], $_POST['old_password'], $_POST['new_password'], $_POST['new_password_repeat'])) { if ($_POST['new_password'] == $_POST['new_password_repeat']) { if ($_POST['new_password'] != $_POST['old_password']) { $query = 'SELECT id FROM login WHERE password_version = 3 AND username = "******" AND password = "******" LIMIT 1'; $result = mysql_query($query) or report_sql_error($query, __FILE__, __LINE__); if (mysql_num_rows($result) == 1) { $data = mysql_fetch_assoc($result); $query = 'UPDATE login SET password_version = 4, password = "******" WHERE id = ' . $data['id']; mysql_query($query) or report_sql_error($query, __FILE__, __LINE__); echo 'Det där gick ju bra, logga in där uppe nu tjockis!'; } else { echo 'Användaren hittades inte eller så var <i>det gamla lösenordet<i> inte rätt.'; } } else { echo 'Du måste ange ett nytt lösenord. Och lösenordssäkerhet är inte något fjolligt "kanel" som lösenord - det är STORA och små bokstäver blandat med s1ffr0r och krum€|ur€r.'; } } else { echo 'Lösenorden stämmde inte överens med varandra :/. Försök igen.'; } } else { // Fulkod? JAG BRYR MIG FAN INTE SÅHÄR DAGS!