praegune kellaaeg 21.06.2025 18:48:11 |
|
Hinnavaatlus
:: Foorum
:: Uudised
:: Ärifoorumid
:: HV F1 ennustusvõistlus
:: Pangalink
:: Telekavad
:: HV toote otsing
|
|
| autor |
|
SirShark
HV kasutaja
liitunud: 23.03.2007
|
29.04.2008 11:08:08
küsimus captca pookimise kohta |
|
|
profile.tpl
 Spoiler
<div align=center>
{if $errmsg != ''} <h4>{$errmsg}</h4> {/if}
{if $edit}
<form action="profile.php" method="post" name="userInfo">
<input type="hidden" name="register" value="{$register}">
{/if}
<table border="0" align="center" cellpadding="5" width="60%">
{if $register}
<tr>
<td align="right" width="30%" nowrap>{$msg.t112}</td>
<td>
<input type="text" name="user_name" value="{$req.user_name}">
</td>
</tr>
<tr>
<td align="right">{$msg.t113}</td>
<td>
<input type="password" name="password" value="">
</td>
</tr>
<tr>
<td align="right" nowrap>{$msg.t114}</td>
<td>
<input type="password" name="password2" value="">
</td>
</tr>
{if $enable_reg}
<tr>
<td align="right" nowrap valign="middle">{$msg.t115}</td>
<td align="left" nowrap>
<INPUT type="radio" name="role" value="{$ROLE_USER}" style="width:auto"
{if $is_role_user}CHECKED{/if}>{$msg.t116}
<br><INPUT type="radio" name="role" value="{$ROLE_ADMIN}" style="width:auto"
{if $is_role_admin}CHECKED{/if}>{$msg.t117}
<br><INPUT type="radio" name="role" value="{$ROLE_SPY}" style="width:auto"
{if $is_role_spy}CHECKED{/if}>{$msg.t118}
</td>
</tr>
{elseif $firstUser}
<tr>
<td align="right" nowrap valign="middle">{$msg.t115}</td>
<td align="left" nowrap>
<INPUT CHECKED type="radio" name="role" value="{$ROLE_ADMIN}" style="width:auto"
{if $is_role_admin}CHECKED{/if}>{$msg.t117}
</td>
</tr>
{elseif $is_live_support_mode}
<tr>
<td align="right" nowrap valign="middle">{$msg.t123}</td>
<td align="left" nowrap>
<INPUT CHECKED type="radio" name="role" value="{$ROLE_CUSTOMER}" style="width:auto"
{if $is_role_customer}CHECKED{/if}>{$msg.t123}
</td>
</tr>
{/if}
{/if}
<tr>
<td align="right" width="30%" nowrap>{$msg.t01}</td>
<td>
{if $edit}<input type="text" name="fullname" value="{$req.fullname}">
{else}{$req.fullname}{/if}
</td>
</tr>
<tr>
<td align="right">{$msg.t43}</td>
<td>
{if $edit}{$htmlSelect_gender}
{else}{$gender}{/if}
</td>
</tr>
<tr>
<td align="right">{$msg.t04}</td>
<td>
{if $edit}<input type="text" name="age" value="{$req.age}">
{else}{$req.age}{/if}
</td>
<tr>
<td class="row1"><span class="gen">CAPTCHA Image:</span><br />
<td class="row2">
<img id="freecap" src="/captcha/captcha_img.php" />
<div style="margin: 0.5em 0;">
<label style="font-size: 10px;" for="captcha">Word in Above Image:</label>
<input id="captcha" name="captcha" type="text" size="10" /><script type="text/javascript">
<!--
{if $default}
{literal}
function pwdIsValid()
{
if( document.fc_profile.t15 )
if ( document.fc_profile.t15.value != document.fc_profile.t15b.value )
{
alert('{/literal}{$msg.t67}{literal}');
return false;
}
return true;
}
{/literal}
{elseif $user_or_register}
{literal}
function formIsValid()
{
// check to make sure a valid username has been entered
if ( document.userInfo.user_name.value == "" )
{
alert('{/literal}{$msg.t109}{literal}');
return false;
}
if ( document.userInfo.password.value.captcha == "" )
{
alert('{/literal}{$msg.t110}{literal}');
return false;
}
if ( document.userInfo.password.value != document.userInfo.password2.value )
{
alert('{/literal}{$msg.t111}{literal}');
return false;
}
return true;
}
{/literal}
{/if}
-->
</script>
</head>
</div>
<div style="font-size: 10px;">
Cannot read the image?
<a href="#" onclick="document.getElementById('freecap').src='/captcha/captcha_img.php?'+Math.random();">Click Here</a>
to generate a new one.
</div>
</td>
</tr>
<tr>
<td align="right">{$msg.t05}</td>
<td>
{if $edit}<input type="text" name="email" value="{$req.email}">
{else}<a href="mailto:{$req.email}">{$req.email}</a>{/if}
</td>
</tr>
<tr>
<td align="right">{$msg.t07}</td>
<td>
{if $edit}<input type="text" name="site" value="{$req.site}">
{else}<a href="{$req.site}" target="_blank">{$req.site}</a>{/if}
</td>
</tr>
<tr>
<td align="right">{$msg.t10}</td>
<td>
{if $edit}<input type="text" name="icq" value="{$req.icq}">
{else}{$req.icq}{/if}
</td>
</tr>
<tr>
<td align="right">{$msg.t41}</td>
<td>
{if $edit}<input type="text" name="aim" value="{$req.aim}">
{else}{$req.aim}{/if}
</td>
</tr>
<tr>
<td align="right">{$msg.t42}</td>
<td>
{if $edit}<input type="text" name="yim" value="{$req.yim}">
{else}{$req.yim}{/if}
</td>
</tr>
<tr>
<td align="right">{$msg.t06}</td>
<td>
{if $edit}<input type="text" name="msnm" value="{$req.msnm}">
{else}{$req.msnm}{/if}
</td>
</tr>
<tr>
<td align="right" valign="top">{$msg.t13}</td>
<td>
{if $edit}<textarea name="comments" rows="6" cols="30">{$req.comments}</textarea>
{else}{$nl2br}{/if}
</tr>
{if $edit}
<tr>
<td></td>
<td>
<input type="submit" name="save" value="{$msg.t14}" onClick="javascript:return formIsValid();">
</td>
</tr>
{/if}
</table>
{if $edit}</form>{/if}
</center>
{else}
<center>
<h4>{$msg.t17}{$req.userid}</h4>
</center>
{/if}
</body>
</html> |
ja profile.php
Spoiler
<?php
error_reporting( E_ALL ^ E_NOTICE );
require_once('./inc/smartyinit.php');
// ******** Start of customization variables
define('CRLF', "\r\n");
$enable_reg = true; // Enable registration options for admin/moderators and spies if set to true, set to false to disable these options
$ext = array('.gif', '.jpg', '.png', '.bmp'); // limit upload to these file types only
$ufolder = './nick_image/'; // picture upload folder
$max_file_size = 500*1024; // max picture file size in bytes
$edit_allowed = true; // limitation for guest chatters (only show registered users if false) if FlashChat in two instance mode
$pictureWidth = 180; // picture display width limit pixels
$thumbWidth = 90; // thumbnail picture display width limit in gallery pixels
$showAllProfiles = true; // display list of links to all active profiles at each page
$showGallery = true; // when displaying all profiles: use gallery style
$FC_owner_email = 'xyz@your_domain.com'; // FlashChat owner email address, set as sender/reply to in password change
$FC_owner_name = 'FlashChat Owner name'; // FlashChat owner name (link text)
$pics_row = 4; // number of pictures per row when in showGallery mode
$default_country = 'USA'; // default country in english at registration (must be found in /chat/inc/country.inc
$profiles_per_page = 50; // visible profiles per page
require_once('./profile/en.php'); //default language is en ie english
if ($req['lang'] == 'xx')
require_once('./profile/xx.php'); // replace xx with your language attribute and make available this file in /chat/profile directory
// duplicate this /profile/en.php if you need more than two languages
// remember UTF-8 characters but not for messages t23-t27 (error messages)
$smarty->assign('msg', $msg);
$gender_arr = array(
'male' => $msg['t102'],
'female' => $msg['t103'],
'other' => $msg['t104']
);
// ******** End of customizations
// ******** Begin of functions
function send_style_sheet($msg) {
$value = array(
'msg' => $msg,
'showBackground' => true, // set to true if you have a nice background to add
'bgcolor' => '#eeeeee', // text background color leave empty (=> '';) for no color (transparent)
//'bgcolor' => htmlColor($GLOBALS['fc_config']['themes'][$GLOBALS['fc_config']['defaultTheme']]['enterRoomNotify']),
'bkgrnd' => $GLOBALS['fc_config']['themes'][$GLOBALS['fc_config']['defaultTheme']]['backgroundImage'], // default background is the default theme
//'bkgrnd' => 'http://www.yourdomain.com/mybackgroundfile.jpg', // uncomment this line to use your own background image
);
return $value;
}
function removeEvilAttributes($tagSource) {
$stripAttrib = "' (style|class)=\"(.*?)\"'i";
$tagSource = stripslashes($tagSource);
$tagSource = preg_replace($stripAttrib, '', $tagSource);
return $tagSource;
}
function removeEvilTags($source) {
$allowedTags = '<a><br><b><h1><h2><h3><h4><i><img><li><ol><p><strong><table><tr><td><th><u><ul>';
$source = strip_tags($source, $allowedTags);
return preg_replace('/<(.*?)>/ie', "'<'.removeEvilAttributes('\\1').'>'", $source);
}
function htmlSelect($name, $arr, $selected, $addprop='') {
$ret = "<SELECT name=\"$name\" $addprop>";
foreach($arr as $k=>$v)
{
if($selected == $k)$sel = 'SELECTED';
else $sel = '';
$ret .= "<option value=\"$k\" $sel>$v";
}
$ret .= "</SELECT>";
return $ret;
}
// ******** End of functions
$req = array_merge($_GET, $_POST);
$cmsclass = strtolower( $GLOBALS['fc_config']['CMSsystem'] );
$manageUsers = ($cmsclass == 'defaultcms') || ($cmsclass == 'statelesscms');
if(!$manageUsers)
{
die("Profiles are only supported for defaultCMS and statelessCMS");
}
$req['change_id'] = $req['userid'];
if(isset($req['flashchatid']))
{
$req['id'] = $req['flashchatid'];
$conn =& ChatServer::getConnection($req);
$req['id'] = $conn->userid;
if(!$req['id'])
die ('<center><b>You must be logged in to FlashChat to use this command</b></center>');
$req['lang'] = $conn->lang;
$user = ChatServer::getUser($req['id']);
$req['roles'] = $user['roles'];
if(isset($req['admin_user_edit']))
$req['change_id'] = $req['cid'];
if($req['admin_user_edit'] == 'hidden_edit')
$req['change_id'] = $req['cid1'];
}
if(!isset($req['lang']))
{
$langStmt = new Statement("SELECT lang FROM {$GLOBALS['fc_config']['db']['pref']}connections WHERE id=?");
$rs = $langStmt->process($req['id']);
$rec = $rs->next();
$req['lang'] = $rec['lang'];
}
$font = '<center><div class="die"><center><br>'; // some error printouts in file upload section
$register = false;
$fc_std_profile = false;
$userid = 0;
$error = false;
if($req['register'] == 'true')
{
$fc_std_profile = true;
$register = true;
}
if(isset($req['save']))
{
$fc_std_profile = true;
}
if(!$fc_std_profile) // addon part
{
// ******** Begin of functions
function makeRandomPassword()
{
$salt = "abcdefghjkmnpqrstuvwxyzABCDEFGHJKMNPQRSTUVWXYZ0123456789";
srand((double)microtime()*1000000);
$i = 0;
while ($i <= 8) {
$num = rand() % 56;
$tmp = substr($salt, $num, 1);
$pass = $pass . $tmp;
$i++;
}
return $pass;
}
function tryagain($msg1, $msg2, $msg3, $type)
{
global $smarty;
$style_sheet = send_style_sheet($msg3);
$tryagain_data = array(
'msg1' => $msg1,
'msg2' => $msg2,
'type' => $type
);
$smarty->assign('tryagain', true);
$smarty->assign('tryagain_data', $tryagain_data);
$smarty->assign('style_sheet', $style_sheet);
$smarty->display('profile.tpl');
die();
}
function showInfoLine($itm, $add='')
{
global $edit, $msg, $width150, $width450, $req;
$value = '';
if( !$msg[$itm] && !$edit ) return $value;
$value.= $width150.$msg[$itm].$width450;
if( $edit )
{
$value.= '<input type="text" name="' . $itm . '" size="60" value="' . $req[$itm] . '">';
}
else
{
$s = Message::replaceBadWord($req[$itm]);
if( $add == 'link')
$value.= '<a href="' . $s . '" target="_blank">' . $s . '</a>';
else if( $add == 'mail')
$value.= '<a href="mailto:' . $s . '">' . $s . '</a>';
else
$value.= $s;
}
$value.= '</td></tr>';
return $value;
}
// ******** End of functions
// ******** Begin of variables
$fields = array(
't01' => '',
't02' => '',
't03' => '',
't04' => '',
't05' => '',
't06' => '',
't07' => '',
't08' => '',
't09' => '',
't10' => '',
't11' => '',
't12' => '',
't13' => '',
't14' => '',
't15' => '',
't41' => '',
't42' => '',
't43' => '',
't44' => ''
);
// ******** End of variables
// ******** Begin of code
//user wants new password sent to registered email address
if(isset($req['newpassword']))
{
$style_sheet = send_style_sheet($msg['t56']);
$smarty->assign('newpassword', true);
$smarty->assign('style_sheet', $style_sheet);
$smarty->display('profile.tpl');
die();
}
// user wants old password sent to registered email address
if(isset($req['oldpassword']))
{
$style_sheet = send_style_sheet($msg['t56']);
$smarty->assign('oldpassword', true);
$smarty->assign('style_sheet', $style_sheet);
$smarty->display('profile.tpl');
die();
}
// send old password to registered email address
if(isset($req['sendoldpassword']))
{
$stmt = new Statement("SELECT * FROM {$GLOBALS['fc_config']['db']['pref']}users WHERE login=?");
$rs = $stmt->process($req['nick']);
if(($rec = $rs->next()) && $rec['profile'])
{
$profile = unserialize($rec['profile']);
}
else
{
tryagain($msg['t55'], $msg['t61'], $msg['t57'], 'oldpassword');
}
if(isset($profile['fullname']) && isset($profile['email']))
{
$profile['t05'] = $profile['email'];
}
if($profile['t05'] == $req['email'])
{
if(!ereg("^([0-9,a-z,A-Z]+)([.,_]([0-9,a-z,A-Z]+))*[@]([0-9,a-z,A-Z]+)([.,_,-]([0-9,a-z,A-Z]+))*[.]([0-9,a-z,A-Z]){2}([0-9,a-z,A-Z])?$", $profile['t05']))
{
tryagain($msg['t60'] . ' <a href="mailto:' . $FC_owner_email . '">' . $FC_owner_name . '</a>', $msg['t61'], $msg['t57'], 'oldpassword');
}
//password encrypted generate new password
if( $GLOBALS['fc_config']['encryptPass'] )
{
$newPass = makeRandomPassword();
$rec['password'] = $newPass;
}
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/plain; charset=UTF-8\n";
$headers .= "X-Mailer: php\n";
$headers .= "From: \"" . $FC_owner_name . "\" <" . $FC_owner_email . ">\n";
if( mail($req['email'], $msg['t63'] . ' ' . $rec['login'], $msg['t64'] . CRLF . CRLF . $rec['password'] . CRLF . CRLF . $msg['t53'], $headers) )
{
//setup new password
if( $GLOBALS['fc_config']['encryptPass'] )
{
$s = new Statement("UPDATE {$GLOBALS['fc_config']['db']['pref']}users SET `password`=MD5(?) WHERE login=? LIMIT 1");
$r = $s->process($newPass, $req['nick']);
}
}
else
{
tryagain($msg['t59'], $msg['t61'], $msg['t57'], 'oldpassword');
}
}
else
{
tryagain($msg['t55'], $msg['t61'], $msg['t57'], 'oldpassword');
}
$style_sheet = send_style_sheet($msg['t56']);
$smarty->assign('sendoldpassword', true);
$smarty->assign('style_sheet', $style_sheet);
$smarty->display('profile.tpl');
die();
}
// send new password to registered email address
if(isset($req['sendnewpassword']))
{
$stmt = new Statement("SELECT * FROM {$GLOBALS['fc_config']['db']['pref']}users WHERE login=?");
$rs = $stmt->process($req['nick']);
if(($rec = $rs->next()) && $rec['profile'])
{
$profile = unserialize($rec['profile']);
}
else
{
tryagain($msg['t55'], $msg['t47'], $msg['t57'], 'newpassword');
}
if($profile['fullname'])
{
$profile['t05'] = $profile['email'];
}
if($profile['t05'] == $req['email'])
{
if(!ereg("^([0-9,a-z,A-Z]+)([.,_]([0-9,a-z,A-Z]+))*[@]([0-9,a-z,A-Z]+)([.,_,-]([0-9,a-z,A-Z]+))*[.]([0-9,a-z,A-Z]){2}([0-9,a-z,A-Z])?$", $profile['t05']))
{
tryagain($msg['t60'] . ' <a href="mailto:' . $FC_owner_email . '">' . $FC_owner_name . '</a>', $msg['t47'], $msg['t57'], 'newpassword');
}
$newpassword = makeRandomPassword();
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/plain; charset=UTF-8\n";
$headers .= "X-Mailer: php\n";
$headers .= "From: \"" . $FC_owner_name . "\" <" . $FC_owner_email . ">\n";
if(mail($req['email'], $msg['t51'] . ' ' . $rec['login'], $msg['t52'] . CRLF . CRLF . $newpassword . CRLF . CRLF . $msg['t53'], $headers))
{
$stmt = new Statement("UPDATE {$GLOBALS['fc_config']['db']['pref']}users SET password=? WHERE id=?");
if( $GLOBALS['fc_config']['encryptPass'] > 0 )
{
$newpassword = md5($newpassword);
}
$stmt->process($newpassword, $rec['id']);
}
else
{
tryagain($msg['t59'], $msg['t47'], $msg['t57'], 'newpassword');
}
}
else
{
tryagain($msg['t55'], $msg['t47'], $msg['t57'], 'newpassword');
}
$style_sheet = send_style_sheet($msg['t56']);
$smarty->assign('sendnewpassword', true);
$smarty->assign('style_sheet', $style_sheet);
$smarty->display('profile.tpl');
die();
}
// user finished selection of file so try to upload the file now
if(isset($req['load']))
{
$_FILES['img1']['name'] = strtolower($_FILES['img1']['name']); //make sure file name is lower case.
$_FILES['img1']['name'] = str_replace(' ', '_', $_FILES['img1']['name']); //get rid of spaces
$_FILES['img1']['name'] = str_replace('$', '_', $_FILES['img1']['name']); //get rid of '$'
$file_name = $_FILES['img1']['name']; //take the file name, and then get all the stuff after the last '.' (the file extension)
$file_name = strrchr($file_name, '.');
//make sure file type is supported
if(!in_array($file_name, $ext))
{
$error = $font . $msg['t23'];
foreach( $ext as $exts )
{
$error .= $exts . " ";
}
$error .= '<br> <br>';
}
if(!$error)
{
$file_size = $_FILES['img1']['size']; //make sure file isn't too large
if($file_size > $max_file_size)
{
$error = $font . $msg['t24'] . round(($file_size/1024), 0) . $msg['t25'] . round((( $max_file_size / 1024 ) ) , 2) . ' KB'. '<br> ';
}
}
if(!$error)
{
//get the file type from mime types and upload file to directory
if ($_FILES['img1'] != '')
{
$file_type = '/error';
if(!is_script($_FILES['img1']['tmp_name']))
{
if( $_FILES['img1']['type'] == "image/gif" ) $file_type = '.gif';
if( $_FILES['img1']['type'] == "image/pjpeg" ) $file_type = '.jpg';
if( $_FILES['img1']['type'] == "image/jpeg" ) $file_type = '.jpg';
if( $_FILES['img1']['type'] == "image/jpc" ) $file_type = '.jpg';
if( $_FILES['img1']['type'] == "image/bmp") $file_type = '.bmp';
$fw = $ufolder . $req['change_id'];
if(file_exists($fw . '.jpg')) unlink($fw . '.jpg');
if(file_exists($fw . '.gif')) unlink($fw . '.gif');
if(file_exists($fw . '.bmp')) unlink($fw . '.bmp');
$newtofile = $fw . $file_type; //name file with user id and save in profile image directory
copy($_FILES['img1']['tmp_name'], $newtofile) or $error = $font . $msg['t26'] . '<br> ';
}
else
{
$error = $font . $msg['t124'] . '<br> ';
}
}
else
{
$error = $font . $msg['t27'] . '<br> ';
}
}
// Update user profile with new URL to picture
if(!$error)
{
$user = ChatServer::getUser($req['change_id']);
$stmt = new Statement("SELECT profile FROM {$GLOBALS['fc_config']['db']['pref']}users WHERE id=?");
$rs = $stmt->process($user['id']);
if(($rec = $rs->next()) && $rec['profile'])
{
$profile = unserialize($rec['profile']);
}
else
{
$profile = array();
}
$profile['t12'] = $newtofile;
$req = array_merge($fields, $profile, $req);
$stmt = new Statement("UPDATE {$GLOBALS['fc_config']['db']['pref']}users SET profile=? WHERE id=?");
$stmt->process(serialize($profile), $user['id']);
}
}
// user clicked for upload of picture so show that page
if(isset($req['TCpicture']) || $error)
{
$user = ChatServer::getUser($req['change_id']);
if(!$error)
{
// update user profile fields first
foreach($fields as $k => $v)
{
$fields[$k] = $req[$k];
}
$stmt = new Statement("UPDATE {$GLOBALS['fc_config']['db']['pref']}users SET profile=? WHERE id=?");
$stmt->process(serialize($fields), $user['id']);
}
$style_sheet = send_style_sheet($msg['t32']);
$s_ext = '';
foreach ( $ext as $exts )
{
$s_ext.= $exts.' ';
}
$file_size = round(( $max_file_size / 1024 ) , 2);
$smarty->assign('TCpicture', true);
$smarty->assign('error', $error);
$smarty->assign('req', $req);
$smarty->assign('user', $user);
$smarty->assign('exts', $s_ext);
$smarty->assign('file_size', $file_size);
$smarty->assign('style_sheet', $style_sheet);
$smarty->display('profile.tpl');
die();
}
// user want to save the text in profile set and maybe also update password
if(isset($req['TCsave']))
{
$user = ChatServer::getUser($req['change_id']);
foreach($fields as $k => $v)
{
$fields[$k] = $req[$k];
}
$pwdmsg = ''; // fix
$fields['t14'] = trim($fields['t14']);
$fields['t15'] = trim($fields['t15']);
if((strlen($fields['t14']) > 0) || (strlen($fields['t15']) > 0))
{
if((strlen($fields['t14']) < 1) || (strlen($fields['t15']) < 1))
{
$pwdmsg = $msg['t40'];
}
// password change
if((strlen($fields['t14']) > 0) && (strlen($fields['t15']) > 0))
{
$stmt = new Statement("SELECT password FROM {$GLOBALS['fc_config']['db']['pref']}users WHERE id=?");
$rs = $stmt->process($user['id']);
$pwdmsg = $msg['t39'];
$rec = $rs->next();
if($fields['t14'] === $rec['password'] || md5($fields['t14']) === $rec['password'])
{
$stmt = new Statement("UPDATE {$GLOBALS['fc_config']['db']['pref']}users SET password=? WHERE id=?");
if( $GLOBALS['fc_config']['encryptPass'] > 0 )
{
$fields['t15'] = md5($fields['t15']);
}
$stmt->process($fields['t15'], $user['id']);
$pwdmsg = $msg['t38'];
}
$fields['t14'] = '';
$fields['t15'] = '';
}
}
foreach($fields as $k => $v)
{
$fields[$k] = removeEvilTags($v);
}
if(strlen(trim($fields['t12'])) < 2)
{
$fw = $ufolder . $req['change_id'];
if(file_exists($fw . '.jpg')) unlink($fw . '.jpg');
if(file_exists($fw . '.gif')) unlink($fw . '.gif');
if(file_exists($fw . '.bmp')) unlink($fw . '.bmp');
}
$stmt = new Statement("UPDATE {$GLOBALS['fc_config']['db']['pref']}users SET profile=? WHERE id=?");
$stmt->process(serialize($fields), $user['id']);
//update gender of user in chat
$gender = strtoupper(substr($fields['t43'], 0, 1));
$conn->process(array('c' => 'sgen', 'u' => $user['id'], 't' => ($gender != 'M' && $gender != 'F')? NULL : $gender));
//send notification to all users about new photo
//$conn->sendToAll(new Message('spht', $conn->userid, null, (strlen(trim($fields['t12'])) < 2)? '' : $fields['t12']));
}
// ****************************************
// display the user profile (default entry)
// ****************************************
$edit = (isset($req['flashchatid']) && ($req['id'] != SPY_USERID) && $req['userid'] == $req['id']);
if($req['admin_show_profile'])
$edit = true;
if(!$edit_allowed)
$edit = false;
$user = ChatServer::getUser($req['change_id']);
if(!$edit)
$user = ChatServer::getUser($req['userid']);
$stmt = new Statement("SELECT * FROM {$GLOBALS['fc_config']['db']['pref']}users WHERE id=?");
$rs = $stmt->process($user['id']);
if(($rec = $rs->next()) && $rec['profile'])
{
$test_profile = unserialize($rec['profile']);
if( is_array($test_profile) && array_key_exists('fullname', $test_profile))
{
$profile['t01'] = $test_profile['fullname'];
$profile['t04'] = $test_profile['age'];
$profile['t05'] = $test_profile['email'];
$profile['t06'] = $test_profile['msnm'];
$profile['t07'] = $test_profile['site'];
$profile['t10'] = $test_profile['icq'];
$profile['t13'] = $test_profile['comments'];
$profile['t41'] = $test_profile['aim'];
$profile['t42'] = $test_profile['yim'];
$profile['t43'] = $test_profile['gender'];
$profile['t44'] = $test_profile['location'];
}
else
{
$profile = unserialize($rec['profile']);
$profile['t13'] = str_replace('\\', '', $profile['t13']); // fix for those who enters multiple \
}
}
else
{
$profile = array();
}
$req = array_merge($fields, $profile, $req);
if($user)
{
if(!$edit)
{
foreach($req as $k => $v)
{
if(!$v) $msg[$k] = null;
}
}
$htmlSelect = '';
if($edit)
{
$htmlSelect = htmlSelect('t43', $gender_arr, $req['t43']);
}
else
{
$htmlSelect = Message::replaceBadWord($req['t43']);
}
if(substr($req['t12'], 0, 7) == 'http://' && $nick = strpos($req['t12'], 'nick_image'))
{
$req['t12'] = './' . substr($req['t12'], $nick);
}
$is_http = false;
$is_file_exists = false;
if(substr($req['t12'], 0, 7) == 'http://')
{
$is_http = true;
}
else if($req['t12'] && file_exists($req['t12']))
{
$is_file_exists = true;
$size = getimagesize($req['t12']);
if($size['0'] < $pictureWidth)
{
$pictureWidth = $size['0'];
}
}
$width150 = '<tr><td align="right" width="250">';
$width450 = '</td><td width="450">';
$infoLine1 = showInfoLine('t01').
showInfoLine('t02').
showInfoLine('t44').
showInfoLine('t03');
$infoLine2 = showInfoLine('t04').
showInfoLine('t05', 'mail').
showInfoLine('t07', 'link').
showInfoLine('t08', 'link').
showInfoLine('t41').
showInfoLine('t42').
showInfoLine('t10').
showInfoLine('t06');
$replaceBadWord_t13 = Message::replaceBadWord($req['t13']);
$is_writable = is_writable($ufolder);
$is_role_admin = ($rec['roles'] == ROLE_ADMIN);
$is_role_user = ($req['roles'] == ROLE_USER);
$style_sheet = send_style_sheet('"' . $user['login'] . '"');
// display a list of all profiles in users table
if($showAllProfiles || $is_role_admin)
{
$value = '';
//pages
$page_num = $_REQUEST['pg'];
if( ($page_num == '') && !is_numeric($page_num) )
$page_num = 1;
$page_num--;
$stmt = new Statement("SELECT count(*) users_amount FROM {$GLOBALS['fc_config']['db']['pref']}users WHERE profile <> ''");
$rs = $stmt->process();
$rec = $rs->next();
$limit = "";
$all_profiles = $rec['users_amount'];
if( $all_profiles > $profiles_per_page )
{
$limit = " LIMIT " . $page_num*$profiles_per_page . ", $profiles_per_page ";
}
//---
$stmt = new Statement("SELECT * FROM {$GLOBALS['fc_config']['db']['pref']}users WHERE profile <> '' ORDER BY login $limit");
$rs = $stmt->process();
if($rs->hasNext())
{
$value.= "</table><center><div><h2>{$msg['t22']}</h2></div></center>";
//---
if( $all_profiles > $profiles_per_page )
{
$value.= "<div align=center class=pages>All profeles {$all_profiles} | Showing Profiles ".
($page_num*$profiles_per_page+1). '-' . min((($page_num+1)*$profiles_per_page), $all_profiles) .
" | Page ";
for($i=1; $i<=ceil($all_profiles/$profiles_per_page); $i++)
{
if($i == $page_num+1)
{
$value.= "$i ";
continue;
}
$value.= "<a href=\"profile.php?userid={$_REQUEST['userid']}&lang={$_REQUEST['lang']}&pg=$i\">$i</a>";
}
$value.= "</div>";
}
//---
if(!$showGallery)
$value.= '<table align=center border=0 cellpadding=5 cellspacing=0 width=30%>';
else
$value.= '<table align=center border=0 cellpadding=5 cellspacing=2 width=80%><tr>';
$pics = 1;
while($rec = $rs->next())
{
if(isset($rec['profile']))
{
$profile = unserialize($rec['profile']);
if($showGallery)
{
$pict_msg = $msg['t45'];
if(!$profile['t12'])
{
$profile['t12'] = 'flashChat_slogo.png';
$pict_msg = $msg['t68'];
}
$profileLink = '<td align=center valign=middle width=18%><a href="' . $profile['t12'] . '" target="_blank"><img border=0 width=' . $thumbWidth . ' src="' . $profile['t12'] . '" alt="' . $pict_msg . '"></a>';
$profileLink .= "<br><a href=\"profile.php?pg={$_REQUEST['pg']}&userid=" . $rec['id'] . '&lang=' . $req['lang'] . '" title="' . $msg['t46'] . '" target="_self">' . $rec['login'] . '</a>';
if($req['flashchatid'] && ($req['roles'] == ROLE_ADMIN))
{
$profileLink .= '<br><form action="profile.php" method="post" name="fc_profile">';
$profileLink .= '<input type="hidden" name="flashchatid" value="' . $req['flashchatid'] . '">';
$profileLink .= '<input type="hidden" name="lang" value="' . $req['lang'] . '">';
$profileLink .= '<input type="hidden" name="userid" value="' . $req['id'] . '">';
$profileLink .= '<input type="hidden" name="cid" value="' . $rec['id'] . '">';
$profileLink .= '<input type="submit" name="admin_user_edit" value="Edit">';
$profileLink .= '</form>';
}
$value.= $profileLink . '</td>';
if($pics++ == $pics_row)
{
$pics = 1;
$value.= '</tr><tr>';
}
}
else
{
$profileLink = '<tr>';
if($profile['t12'])
{
$profileLink .= '<td align="right"><a href="' . $profile['t12'] . '" target="_blank"><img border=0 height=10 width=15 src="./profile/camera.gif" alt="' . $msg['t45'] . '"></a>';
}
else
{
$profileLink .= '<td></td>';
}
$profileLink .= '<td align="left"><a href="profile.php?userid=' . $rec['id'] . '&lang=' . $req['lang'] . '" title="' . $msg['t46'] . '">' . $rec['login'] . '</a></td></tr>';
$value.= $profileLink;
}
}
}
}
$smarty->assign('value', $value);
}
$smarty->assign('default', true);
$smarty->assign('msg', $msg);
$smarty->assign('user', $user);
$smarty->assign('req', $req);
$smarty->assign('edit', $edit);
$smarty->assign('infoLine1', $infoLine1);
$smarty->assign('infoLine2', $infoLine2);
$smarty->assign('width150', $width150);
$smarty->assign('width450', $width450);
$smarty->assign('htmlSelect', $htmlSelect);
$smarty->assign('is_writable', $is_writable);
$smarty->assign('is_role_admin', $is_role_admin);
$smarty->assign('is_role_user', $is_role_user);
$smarty->assign('ufolder', $ufolder);
$smarty->assign('is_http', $is_http);
$smarty->assign('is_file_exists', $is_file_exists);
$smarty->assign('pictureWidth', $pictureWidth);
$smarty->assign('replaceBadWord_t13', $replaceBadWord_t13);
$smarty->assign('pwdmsg', $pwdmsg);
$smarty->assign('showAllProfiles', $showAllProfiles);
$smarty->assign('style_sheet', $style_sheet);
$smarty->display('profile.tpl');
die();
}
else
{
$style_sheet = send_style_sheet($msg['t17'].$req['userid']);
$smarty->assign('not_user', true);
$smarty->assign('req', $req);
$smarty->assign('style_sheet', $style_sheet);
$smarty->display('profile.tpl');
die();
}
// ******** End of code
}
else // start of FlashChat standard registration page
{
require_once('inc/country.inc.php');
$req = array_merge($_GET, $_POST);
$fields = array(
'fullname' => '',
'email' => '',
'site' => '',
'icq' => '',
'aim' => '',
'yim' => '',
'msnm' => '',
'comments' => '',
'gender' => '',
'age' => '',
'location' => ''
);
if( isset($req['save']) )
{
if( $req['register'] )
{
//check if user existing
$stmt = new Statement("SELECT * FROM {$GLOBALS['fc_config']['db']['pref']}users WHERE login=? LIMIT 1");
$usr = $stmt->process($req['user_name']);
if( $usr->numRows > 0 || Message::replaceBadWord($req['user_name']) != $req['user_name'])
{
$register_succ = false;
$register = true;
$errmsg = str_replace('[user_name]', $req['user_name'], '[captcha]', $req['captcha'], $msg['t100']);
$req['user_name'] = '';
}
else
{
if( $usr->numRows != 0 )
{
$req['role'] = ROLE_USER;//always insert user
}
//---
$stmt = new Statement("INSERT INTO {$GLOBALS['fc_config']['db']['pref']}users (login,password,roles) VALUES (?,?,?)");
if( !isset($req['role']) ) $req['role'] = ROLE_USER;
if( $GLOBALS['fc_config']['encryptPass'] > 0 ) {$req['password'] = md5($req['password']);}
$userid = $stmt->process($req['user_name'] , $req['password'], $req['role']);
unset($req['user_name'] ,$req['password'],$req['register'], $req['role']);
if( isset($userid) && $userid > 0 ) $register_succ = true;
}
}
if($req['gender'] == 'male') $req['gender'] = $msg['t102'];
if($req['gender'] == 'female') $req['gender'] = $msg['t103'];
if($req['gender'] == 'other') $req['gender'] = $msg['t104'];
foreach($fields as $k => $v)
{
$fields[$k] = removeEvilTags($req[$k]);
}
$stmt = new Statement("UPDATE {$GLOBALS['fc_config']['db']['pref']}users SET profile=? WHERE id=?");
$stmt->process(serialize($fields), $userid);
$req['userid'] = $userid;
}
$edit = (isset($req['userid']) && ($req['userid'] != SPY_USERID) && ($userid == $req['userid'])) || $register;
$user = ChatServer::getUser($req['userid']);
$stmt = new Statement("SELECT profile FROM {$GLOBALS['fc_config']['db']['pref']}users WHERE id=?");
$rs = $stmt->process($req['userid']);
if(($rec = $rs->next()) && $rec['profile'])
{
$profile = unserialize($rec['profile']);
}
else
{
$profile = array();
}
$req = array_merge($fields, $profile, $req);
if( $register_succ === true )
{
$style_sheet = send_style_sheet($msg['t101']);
$user_name = stripslashes(str_replace('[user_name]', $_POST['user_name'], $msg['t106']));
$smarty->assign('register_succ', $register_succ);
$smarty->assign('user_name', $user_name);
$smarty->assign('style_sheet', $style_sheet);
$smarty->display('profile.tpl');
die();
}
else if($user || $register)
{
if(!$register)
{
$msgt = "Profile for user "{$user['login']}"";
}
else
{
$msgt = $msg['t101'];
$req['location'] = $default_country;
}
$style_sheet = send_style_sheet($msgt);
//---check if is registered users
$stmt = new Statement("SELECT * FROM {$GLOBALS['fc_config']['db']['pref']}users LIMIT 1");
$rs = $stmt->process();
$firstUser = $rs->numRows == 0;
//---
$is_role_user = $req['role'] == ROLE_USER || !isset($req['role']);
$is_role_admin = ($req['role'] == ROLE_ADMIN);
$is_role_spy = ($req['role'] == ROLE_SPY);
$is_role_customer = ($req['role'] == ROLE_CUSTOMER);
$is_live_support_mode = $GLOBALS['fc_config']['liveSupportMode'];
$htmlSelect_gender = htmlSelect('gender', $gender_arr, $req['gender']);
$gender = $gender_arr[$req['gender']];
session_start();
if (!isset($_POST['captcha']) || !isset($_SESSION['freecap_word_hash']) || $_SESSION['hash_func']($_POST['captcha']) != $_SESSION['freecap_word_hash'])
{
$error = TRUE;
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . "The word you entered did not match the image.";
}
unset($_SESSION['freecap_word_hash']);
$location = $countries[$req['location']];
$nl2br = nl2br($req['comments']);
$smarty->assign('req', $req);
$smarty->assign('user_or_register', ($user || $register));
$smarty->assign('user', $user);
$smarty->assign('register', $register);
$smarty->assign('firstUser', $firstUser);
$smarty->assign('errmsg', $errmsg);
$smarty->assign('edit', $edit);
$smarty->assign('enable_reg', $enable_reg);
$smarty->assign('ROLE_USER', ROLE_USER);
$smarty->assign('ROLE_ADMIN', ROLE_ADMIN);
$smarty->assign('ROLE_SPY', ROLE_SPY);
$smarty->assign('ROLE_CUSTOMER', ROLE_CUSTOMER);
$smarty->assign('is_role_user', $is_role_user);
$smarty->assign('is_role_admin', $is_role_admin);
$smarty->assign('is_role_spy', $is_role_spy);
$smarty->assign('is_role_customer', $is_role_customer);
$smarty->assign('is_live_support_mode', $is_live_support_mode);
$smarty->assign('htmlSelect_gender', $htmlSelect_gender);
$smarty->assign('gender', $gender);
$smarty->assign('htmlSelect_location', $htmlSelect_location);
$smarty->assign('location', $location);
$smarty->assign('nl2br', $nl2br);
$smarty->assign('style_sheet', $style_sheet);
$smarty->display('profile.tpl');
die();
}
else
{
$style_sheet = send_style_sheet($msg['t17'].$req['userid']);
$smarty->assign('req', $req);
$smarty->assign('style_sheet', $style_sheet);
$smarty->display('profile.tpl');
die();
}
}
?> |
asi siis selles et ma ei saa seda captchat kohustuslikuks
hetkel võib sinna panna midaiganes ...v oopis tühjaks jätta
|
|
| Kommentaarid: 35 loe/lisa |
Kasutajad arvavad: |
   |
:: |
2 :: |
0 :: |
29 |
|
| tagasi üles |
|
 |
nene
Kreisi kasutaja
liitunud: 20.03.2004
|
|
29.04.2008 22:35:06
|
|
|
| Mis sa tõesti arvad, et keegi viitsib kogu sellest koodihunnikust ennast läbi närida?
|
|
| Kommentaarid: 24 loe/lisa |
Kasutajad arvavad: |
|
:: |
0 :: |
1 :: |
23 |
|
| tagasi üles |
|
|
|
| lisa lemmikuks |
|
 |
sa ei või postitada uusi teemasid siia foorumisse
sa ei või vastata selle foorumi teemadele
sa ei või muuta oma postitusi selles foorumis
sa ei või kustutada oma postitusi selles foorumis
sa ei või vastata küsitlustele selles foorumis
sa ei saa lisada manuseid selles foorumis
sa võid manuseid alla laadida selles foorumis
|
|
Hinnavaatlus ei vastuta foorumis tehtud postituste eest.
|
:: KKK
:: otsing 
:: statistika
:: kasutajate nimekiri
:: kasutajate grupid
:: registreeri
teata moderaatorile
