示例#1
0
	function get_random_id($upload) {
		$pickuplinks = PickupLink::get();

		$filter = me()->getPref("hide_nsfw") ? " AND nsfw = 0" : "";
		$filter .= me()->getPref("hide_tmbo") ? " AND tmbo = 0" : "";
		$sql = "SELECT id FROM offensive_uploads WHERE type='".$upload->type()."' AND status='normal' AND id < ".min($pickuplinks).$filter." ORDER BY RAND() LIMIT 1";
		$res = tmbo_query($sql);
		$row = mysql_fetch_assoc( $res );
		return($row['id']);
	}
示例#2
0
	&nbsp; [<a href="<?= Link::thread($upload) ?>">Reply</a>]
</span><br />
<!--<blockquote>So ur with ur honey and yur making out wen the phone rigns. U anser it n the vioce is &quot;wut r u doing wit my daughter?&quot; U tell ur girl n she say &quot;my dad is ded&quot;. THEN WHO WAS PHONE?
<br /><span class="abbr">Comment too long. Click <a href="res/60550329.html#60550329">here</a> to view the full text.</span></blockquote>-->

<!-- if(replies) -->

<?
	$sql = "SELECT offensive_comments.*, offensive_comments.id as commentid, offensive_comments.timestamp AS comment_timestamp, users.*
				FROM offensive_uploads, offensive_comments, users
				WHERE users.userid = offensive_comments.userid
				AND offensive_uploads.id=fileid AND fileid = " . $upload->id() . "
				AND comment != ''
				ORDER BY comment_timestamp";
	
	$res = tmbo_query( $sql );
	$rows = mysql_num_rows($res);
	$op = 0;
	$fetch = 0;

	$comment = mysql_fetch_assoc($res);
	++$fetch;
	if($comment['userid'] == $upload->uploader()->id()) {
		$op = 1;
		poast($comment, $image, $upload);
	}
	 

	if($rows - $op > 3) {
?>
<span class="omittedposts"><?= ($rows - 3 - $op) ?> post<?= ($rows - 3 - $op) == 1 ? "" : "s" ?> omitted. Click Reply to view.</span>
<?php
	set_include_path("..");
	require_once( 'offensive/assets/header.inc' );
	// Include, and check we've got a connection to the database.
	require_once( 'admin/mysqlConnectionInfo.inc' );
	if(!isset($link) || !$link) $link = openDbConnection();
	require_once('offensive/assets/functions.inc');
	
	$sql = "SELECT userid FROM users WHERE username LIKE '" . sqlEscape($_REQUEST['finduser']) . "'";

	$result = tmbo_query($sql);
	$row = mysql_fetch_array( $result );

	if( mysql_num_rows( $result ) == 1 ) {
		header("Location: ".Link::user($row['userid']));
	}
	else {
		header("Location: ".$_SERVER['HTTP_REFERER']);
	}

?>
示例#4
0
	function whosubscribed($upload) {
		$sql = "SELECT DISTINCT u.* FROM offensive_subscriptions sub JOIN users u ON sub.userid = u.userid WHERE fileid = ".$upload->id()." ORDER BY u.username ASC";
		$result = tmbo_query($sql);
		
		$watchers = array();
		while(false !== ($row = mysql_fetch_array($result))) {
			$watcher = new User($row);
			if(!me()->squelched($watcher)) {
				$watchers[] = $watcher;
			}
		}

		if(count($watchers) == 0) { ?>
			<div class="heading">no watchers :(</div>
			<? return;
		}

		// start us off. ?>
	<div class="contentbox">
		<div class="blackbar"></div>
		<div class="heading">subscribers:</div>
		<div class="bluebox">
			<table style="width:100%">
				<? foreach($watchers as $user) {
					$css = (!isset($css) || $css == "odd") ? "even" : "odd"; ?>
					<tr class="<?= $css?>_row"><td class="<?= $css ?>file"><?= $user->htmlUsername() ?></td></tr>
				<? } ?>
			</table>
		</div>
		<div class="blackbar"></div>
	</div>
	<? } ?>
示例#5
0
	$sql = "
	SELECT
		offensive_comments.id AS commentid,
		users.username,
		offensive_comments.comment
	FROM
		offensive_comments, users
	WHERE
		offensive_comments.fileid = $fileid
	AND users.userid = offensive_comments.userid
	AND
		offensive_comments.comment != ''
	";

	$thread_result = tmbo_query($sql);

	// and by thread_row, what I really mean is comment :/
	$changed = false;
	while($thread_row = mysql_fetch_assoc($thread_result)) {
		echo ".";
		flush();
		$term = new Zend_Search_Lucene_Index_Term($thread_row['commentid'], 'commentid');
		$docIds = $cindex->termDocs($term);
	if(count($docIds) > 0) continue;
		
		/*
		 *				value stored?		indexed?	tokenized?		binary?
		 * Keyword		yes				 	yes			no				no
		 * UnIndexed	yes				 	no			no				no
		 * Binary		yes				 	no			no				yes
	$sql = "SELECT username,email,account_status from users where userid=$id";
	
	$result = tmbo_query( $sql );
	
	if( mysql_num_rows( $result ) == 1 ) {
		
		$row = mysql_fetch_assoc( $result );
		
		$email = $row['email'];
		$username = $row['username'];		
		
		$rehash = tmbohash( $id + 0, $email . $salt );
		
		if( $rehash == $_REQUEST[ $hash_param_key ] ) {
			$sql = "UPDATE users SET timestamp = timestamp, account_status='normal' WHERE userid=$id AND account_status='awaiting activation' limit 1";
			tmbo_query( $sql );
			if( mysql_affected_rows() == 1 ) {
				$message = "Your account is now active. <a href=\"./\">Click here</a> to log in.";
			}
		}		
	}
	
?>


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
        "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd">
<html>
<head>
	<title></title>
	<?
	function userRowFromCode( $code ) {
	
		$id = id_from_hash( $code );
		if( is_intger( $id ) && $id > 1 ) {
			$sql = "SELECT * FROM users WHERE userid = $id";
			$result = tmbo_query( $sql );
			if( mysql_num_rows( $result ) == 1 ) {
				$row = mysql_fetch_assoc( $result );
				$hash = hashFromUserRow( $row );
				if( $hash == $code ) {
					return $row;
				}
			}
		}
		return false;
	}
示例#8
0
	/**
	 * @method setlocation
	 * 
	 * Set a user's location
	 *
	 * @param lat float required User's latitude in degrees.
	 * @param long float required User's longitude in degrees.
	 * @return true
	 * @example lat=50&long=50
	 * @see getlocation
	 */
	function api_setlocation() {
		$lat = check_arg("lat", "float");
		$long = check_arg("long", "float");
		assert('me()');
		$userid = me()->id();
		handle_errors();
		
		$sql = "REPLACE INTO maxxer_locations (userid, x, y, mapversion) VALUES( $userid, $lat, $long, 'google' )";
		$result = tmbo_query( $sql );
		send(true);
	}
	function createAccount( $uName, $pw, $referral ) {
	
		$returnMessage = "OK";
		
		$referrerId = getReferrerId( $referral );
	
		if( $referrerId == -1 ) {
			return "Invalid referral code.";
		}

	    $query = "SELECT count(*) AS theCount FROM users WHERE username = '******'";

	    $result = tmbo_query($query);

		// get the results of the query as an associative array, indexed by column name
		$row = mysql_fetch_array( $result, MYSQL_ASSOC );
		
		if( $row['theCount'] == 0 ) {
			
            $encrypted_pw = sha1( $pw );
		
			$query = "INSERT INTO users (username,password,email,created,ip,referred_by) VALUES ( '" . $uName . "','" . $encrypted_pw . "', '" . $_POST['email'] . "', now(), '" . $_SERVER['REMOTE_ADDR']. "', $referrerId )";
			tmbo_query($query); 

			$result = tmbo_query("SELECT userid,account_status from users where username = '******'"); 
			$row = mysql_fetch_assoc( $result );
			assert($row['account_status'] == 'awaiting activation');			
			$activationMessage = activationMessageFor( $row['userid'], $_POST['email'] );
			
			mail( $_POST['email'], "[ this might be offensive ] account activation", "$activationMessage", "From: offensive@thismight.be (this might be offensive)");
			
			/* this query not changed to tmbo_query
			 * because it should be non-fatal if the query fails. */
			mysql_query( "DELETE FROM referrals WHERE referral_code = '$referral' AND userid=$referrerId LIMIT 1" ) or trigger_error(mysql_error(), E_USER_WARNING);
#			mail( "*****@*****.**", "[" . $_SERVER["REMOTE_ADDR"] . "] - [ this might be offensive ] account created: $uName", $_POST['email'], "From: offensive@thismight.be (this might be offensive)");
		} else {
		 	$returnMessage = "The username you've chosen, \"" . $uName . "\", is not available.";
		}
		
    	return $returnMessage;
	}
function getsingle($sql) {
	$res = @tmbo_query($sql);
	return mysql_result($res, 0);
}