switch ($key) {
case "u_edit":
// Change user parameters
if ($auth->auth["uid"] == $u_id) {
// user changes his own account
$password = trim($password);
$cpassword = trim($cpassword);
$realname = trim($realname);
$email_usr = trim($email_usr);
if (strcmp($password, $cpassword)) {
// password are identical?
$be->box_full($t->translate("Error"), $t->translate("The passwords are not identical") . ". " . $t->translate("Please try again") . "!");
break;
}
$query = "UPDATE auth_user SET password='******', realname='{$realname}', email_usr='******', modification_usr=NOW() WHERE user_id='{$u_id}'";
$db->query($query);
if ($db->affected_rows() == 0) {
$be->box_full($t->translate("Error"), $t->translate("Change User Parameters failed") . ":<br>{$query}");
break;
}
$bi->box_full($t->translate("Change User Parameters"), $t->translate("Password and/or E-Mail Address of") . " <b>" . $auth->auth["uname"] . "</b> " . $t->translate("is changed") . ".");
if ($ml_notify) {
$message = "Username: "******"uname"] . "\n";
$message .= "Realname: {$realname}\n";
$message .= "E-Mail: {$email_usr}\n";
mailuser("admin", "User parameters has changed", $message);
}
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
}
break;
require "./include/config.inc";
require "./include/lib.inc";
echo "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n";
echo "<!DOCTYPE rss PUBLIC \"-//Netscape Communications//DTD RSS 0.91//EN\"\n";
echo " \"http://my.netscape.com/publish/formats/rss-0.91.dtd\">\n";
echo "<rss version=\"0.91\">\n";
echo " <channel>\n";
echo " <title>" . htmlspecialchars($sys_name) . "</title>\n";
echo " <link>http:" . $sys_url . "</link>\n";
echo " <description>" . htmlspecialchars($sys_name . " - " . $sys_title) . "</description>\n";
echo " <language>en-us</language>\n";
echo " <image>\n";
echo " <title>" . htmlspecialchars($sys_name) . "</title>\n";
echo " <url>" . $sys_url . $sys_logo_image . "</url>\n";
echo " <link>http:" . $sys_url . "</link>\n";
echo " <description>" . htmlspecialchars($sys_name . " - " . $sys_title) . "</description>\n";
echo " <width>66</width>\n";
echo " <height>73</height>\n";
echo " </image>\n";
$db = new DB_SourceLines();
$db->query("SELECT * FROM tblsolutions,auth_user WHERE tblsolutions.username = auth_user.username AND tblsolutions.solutions_name != 'no_name' ORDER BY tblsolutions.solutions_modify_date DESC limit 10");
$i = 0;
while ($db->next_record()) {
echo " <item>\n";
echo " <title>" . htmlspecialchars($db->f("solutions_name")) . "</title>\n";
echo " <link>http:" . $sys_url . "solutions.php?solu_id=" . $db->f("solutions_id") . "</link>\n";
echo " </item>\n";
$i++;
}
echo " </channel>\n";
echo "</rss>\n";
if (empty($conby)) {
$conby = "Unknown";
}
$bx->box_title($t->translate("Contact") . ": " . $conby);
$bx->box_body_begin();
?>
<table border=0 align=center cellspacing=1 cellpadding=1 width=100%>
<?php
echo "<tr><td><b>" . $t->translate("No") . ".</b></td><td><b># " . $t->translate("Sols") . "</b></td><td><b>" . $t->translate("Name") . "</b></td><td><b>" . $t->translate("E-Mail") . "</b></td><td><b>" . $t->translate("Homepage") . "</b></td></tr>\n";
$i = 1;
while ($db->next_record()) {
$solutions_contact_name = addslashes($db->f("solutions_contact_name"));
$solutions_contact_email = $db->f("solutions_contact_email");
$solutions_contact_url = $db->f("solutions_contact_url");
$db2 = new DB_SourceLines();
$db2->query("SELECT COUNT(*) FROM tblsolutions WHERE solutions_contact_name='{$solutions_contact_name}' AND solutions_contact_email='{$solutions_contact_email}' AND solutions_contact_url='{$solutions_contact_url}'");
$db2->next_record();
if ($db2->f("COUNT(*)")) {
$num = "[" . sprintf("%03d", $db2->f("COUNT(*)")) . "]";
echo "<tr><td>" . sprintf("%d", $i) . "</td>\n";
if (empty($solutions_contact_name)) {
echo "<td><a href=\"" . $sess->url("bycontact.php") . $sess->add_query(array("solutions_contact_name" => "", "solutions_contact_email" => "{$solutions_contact_email}", "solutions_contact_url" => "{$solutions_contact_url}")) . "\">{$num}</a></td>\n";
echo "<td>" . $t->translate("Unknown") . "</td>\n";
} else {
echo "<td><a href=\"" . $sess->url("bycontact.php") . $sess->add_query(array("solutions_contact_name" => $db->f("solutions_contact_name"), "solutions_contact_email" => "{$solutions_contact_email}", "solutions_contact_url" => "{$solutions_contact_url}")) . "\">{$num}</a></td>\n";
echo "<td>" . $db->f("solutions_contact_name") . "</td>\n";
}
if (!empty($solutions_contact_email)) {
echo "<td><<a href=\"mailto:" . mailtoencode($solutions_contact_email) . "\">" . ereg_replace("\\.", " dot ", ereg_replace("@", " at ", htmlentities($solutions_contact_email))) . "</a>></td>\n";
} else {
echo "<td> </td>\n";
$cpassword = trim($cpassword);
$realname = trim($realname);
$email_usr = trim($email_usr);
if (empty($username) || empty($password) || empty($cpassword) || empty($email_usr)) {
// Do we have all necessary data?
$be->box_full($t->translate("Error"), $t->translate("Please enter") . " <b>" . $t->translate("Username") . "</b>, <b>" . $t->translate("Password") . "</b> " . $t->translate("and") . " <b>" . $t->translate("E-Mail") . "</b>!");
break;
}
if (strcmp($password, $cpassword)) {
// password are identical?
$be->box_full($t->translate("Error"), $t->translate("The passwords are not identical") . ". " . $t->translate("Please try again") . "!");
break;
}
/* Does the user already exist?
NOTE: This should be a transaction, but it isn't... */
$db->query("select * from auth_user where username='******'");
if ($db->nf() > 0) {
$be->box_full($t->translate("Error"), $t->translate("User") . " <B>{$username}</B> " . $t->translate("already exists") . "!<br>" . $t->translate("Please select a different Username") . ".");
break;
}
// Create a uid and insert the user...
$u_id = md5(uniqid($hash_secret));
$modification_usr = "******";
$creation_usr = "******";
$permlist = "user_pending";
$query = "insert into auth_user values('{$u_id}','{$username}','{$password}','{$realname}','{$email_usr}',{$modification_usr},{$creation_usr},'{$permlist}')";
$db->query($query);
if ($db->affected_rows() == 0) {
$be->box_full($t->translate("Error"), $t->translate("Registration of new User failed") . ":<br> {$query}");
break;
}
$tbw->table_body_column_end();
$tbw->table_row_end();
echo "</form>";
/*----------*/
$tbw->table_end();
/*-----------------------------------------------------------------------*/
$bx->box_body_end();
$bx->box_end();
} else {
if ($action == "delete") {
// DELETE
$id = rawurldecode($id);
$solu_id = rawurldecode($solu_id);
$db_del = new DB_SourceLines();
$query = "SELECT * FROM tblkeyword WHERE keyword_id = '{$id}' AND solutions_id = '{$solu_id}'";
$db_del->query($query);
$db_del->next_record();
/*-----------------------------------------------------------------------*/
$bx->box_begin();
$bx->box_title($t->translate("Delete keyword"));
$bx->box_body_begin();
/*-----------------------------------------------------------------------*/
echo "<form action='" . $sess->url(basename($PHP_SELF)) . "' method='POST'>";
$tbw->table_begin();
// keyword
$tbw->table_row_begin();
$tbw->table_body_column_begin();
echo "<b>" . $t->translate("Keyword") . ":</b>";
$tbw->table_body_column_next(2);
echo $db_del->f("keyword_text");
$tbw->table_body_column_end();
<!-- content -->
<?php
if ($perm->have_perm("user_pending")) {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
} else {
if (isset($id)) {
$query = "SELECT * FROM tblsolutions WHERE solutions_id='{$id}'";
$db->query($query);
$db->next_record();
// If solution in table ask for comment
$db_status = $db->f("status");
if ($db->num_rows() > 0) {
if ($action == "cmt") {
$query = "INSERT tblcomment SET solutions_id='{$id}',comment_subject='{$subject}',comment_text='{$text}',comment_username='******',comment_datetime='" . date("Y-m-d H:i:s") . "'";
$db_cmt = new DB_SourceLines();
$db_cmt->query($query);
solfull($db);
} else {
$bx->box_begin();
$bx->box_title($t->translate("Your Comment about") . " \"" . $db->f("solutions_name") . "\"");
$bx->box_body_begin();
echo "<form action=\"" . $sess->url(basename($PHP_SELF)) . "\" method=\"POST\">\n";
echo "<table border=0 align=center cellspacing=0 cellpadding=3>\n";
echo "<tr><td align=right>" . $t->translate("Subject") . " (128):</td><td><input type=\"TEXT\" name=\"subject\" size=40 maxlength=128></td></tr>\n";
echo "<tr><td align=right>" . $t->translate("Comment") . " (*):</td><td><textarea cols=40 rows=7 name=\"text\" wrap=\"virtual\" maxlength=255></textarea></td></tr>\n";
echo "<tr><td align=right> </td><td><input type=\"Submit\" value=\"" . $t->translate("Send") . "\"></td>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"cmt\">\n";
echo "<input type=\"hidden\" name=\"id\" value=\"{$id}\">\n";
echo "</form>\n";
echo "</tr></table>\n";
$bx->box_body_end();
$msg .= "<a href=\"" . $sess->url(basename($PHP_SELF)) . $sess->add_query(array("by" => $ltr . "%")) . "\">{$ltr}</a> | ";
}
$msg .= "<a href=\"" . $sess->url(basename($PHP_SELF)) . $sess->add_query(array("by" => "%")) . "\">" . $t->translate("All") . "</a> ]";
$bs->box_strip($msg);
$db->query("SELECT * FROM auth_user WHERE username LIKE '{$by}' ORDER BY username ASC");
$bx->box_begin();
$bx->box_title($t->translate("Users"));
$bx->box_body_begin();
echo "<table border=0 align=center cellspacing=1 cellpadding=1 width=100%>\n";
echo "<tr><td><b>" . $t->translate("No") . ".</b></td><td><b># " . $t->translate("Sols") . "</b></td><td><b>" . $t->translate("Username") . "</b></td><td><b>" . $t->translate("Realname") . "</b></td><td><b>" . $t->translate("E-Mail") . "</b></td></tr>\n";
$i = 1;
while ($db->next_record()) {
$user_id = $db->f("user_id");
$username = $db->f("username");
$db2 = new DB_SourceLines();
$db2->query("SELECT COUNT(*) FROM tblsolutions WHERE username='******' AND solutions_name != 'no_name'");
$db2->next_record();
$num = "[" . sprintf("%03d", $db2->f("COUNT(*)")) . "]";
echo "<tr><td>" . sprintf("%d", $i) . "</td>\n";
echo "<td><a href=\"" . $sess->url("yoursolutions.php") . $sess->add_query(array("user" => $username)) . "\">{$num}</a></td>\n";
echo "<td>" . $username . "</td>\n";
echo "<td>" . $db->f("realname") . "</td>";
echo "<td><<a href=\"mailto:" . mailtoencode($db->f("email_usr")) . "\">" . ereg_replace("\\.", " dot ", ereg_replace("@", " at ", htmlentities($db->f("email_usr")))) . "</a>></td>";
echo "</tr>\n";
$i++;
}
echo "</table>\n";
$bx->box_body_end();
$bx->box_end();
}
?>
</head>
<body bgcolor="<?php
echo $th_body_bgcolor;
?>
" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" marginheight="0" marginwidth="0">
<!-- content -->
<p>
<?php
$bx->box_begin();
$bx->box_body_begin();
echo "<a href=\"{$sys_url_title}\" target=\"_content\"><img src=\"{$sys_logo_small_image}\" border=\"0\" height=\"{$sys_logo_small_heigth}\" width=\"{$sys_logo_small_width}\" ALT=\"{$sys_logo_small_alt}\"></a>";
$bx->box_body_end();
$bx->box_end();
$bx->box_begin();
$bx->box_title("<font size=\"1\">" . $t->translate("Recent Solutions") . "</font>");
$db->query("SELECT * FROM tblsolutions WHERE tblsolutions.solutions_name != 'no_name' ORDER BY solutions_modify_date DESC limit 20");
$bx->box_body_begin();
while ($db->next_record()) {
echo "<div class=newsind>• ";
echo "<a href=\"" . $sys_url . "solutions.php?solu_id=" . $db->f("solutions_id") . "\" target=\"_content\">" . $db->f("solutions_name") . "</a></div>\n";
}
echo "<p><b><font size=\"1\"><a href=\"" . $sys_url . "\" target=\"_content\">more...</a></font></b>\n";
$bx->box_body_end();
$bx->box_end();
?>
</body>
</html>
<?php
@page_close();
$solu_id = rawurldecode($solu_id);
/*-----------------------------------------------------------------------*/
$bx->box_begin();
$bx->box_title($t->translate("Add a component"));
$bx->box_body_begin();
/*-----------------------------------------------------------------------*/
echo "<form action='" . $sess->url(basename($PHP_SELF)) . "' method='POST'>";
$tbw->table_begin();
// componenttype
$tbw->table_row_begin();
$tbw->table_body_column_begin();
echo "<b>" . $t->translate("Type") . ":</b>";
$tbw->table_body_column_next(2);
$db_sel = new DB_SourceLines();
$query = "SELECT * FROM tblcomponenttype ORDER BY componenttype_name";
$db_sel->query($query);
echo "<select name='componenttype_id' size='1'>";
while ($db_sel->next_record()) {
echo "<option value=" . $db_sel->f("componenttype_id") . ">" . $t->translate($db_sel->f("componenttype_name")) . "</option>";
}
if ($db_sel->num_rows() > 0) {
$db_sel->seek(0);
}
echo "</select>";
$tbw->table_body_column_end();
// component_name
$tbw->table_row_next();
$tbw->table_body_column_begin();
echo "<b>" . $t->translate("Name") . ":</b>";
$tbw->table_body_column_next(2);
echo "<input type='text' size='40' maxlength='255' name='component_name' value=''>";
// 1. Eintrag, u.a. zur Bestimmung der solu_id!!!
$random = rand(0, 2147000000);
$query = "INSERT tblsolutions(solutions_name,username,solutions_create_date,solutions_modify_date) VALUES('{$random}','{$username}','" . date("Y-m-d H:i:s") . "','" . date("Y-m-d H:i:s") . "')";
debug($query);
$db->query($query);
/*-----*/
// Bestimmung von $solu_id
$query = "SELECT * FROM tblsolutions WHERE solutions_name='{$random}' AND username='******'";
debug($query);
$db->query($query);
$db->next_record();
$solu_id = $db->f("solutions_id");
$db1 = new DB_SourceLines();
$query = "UPDATE tblsolutions SET solutions_name='no_name' WHERE solutions_id = '{$solu_id}'";
debug($query);
$db1->query($query);
$where = "";
} else {
if ($perm->have_perm("admin")) {
$where = "";
} else {
$where = " AND tblsolutions.username='******'";
}
}
$query = "SELECT * FROM tblsolutions,auth_user WHERE solutions_id='{$solu_id}' {$where} AND tblsolutions.username = auth_user.username";
debug($query);
/*---------------------------------------- Daten der aktuellen Seite */
$db->query($query);
$db->next_record();
solupd($db);
}
