API tools faq
paste
Guest User

Untitled

a guest
May 15th, 2013
140
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 38.71 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. require_once('./inc/smartyinit.php');
  3. require_once( INC_DIR . 'classes/paypal/pp_functions.php' );
  4.  
  5. //echo "</pre>";print_r($GLOBALS['fc_config']['fc_instance']);echo "</pre>";
  6. // ******** Start of customization variables
  7. $req = array_merge($_GET, $_POST);
  8.  
  9. // added on 090706 for chat instances
  10. if(isset($_GET[from]))
  11. {
  12. require_once( INC_DIR . 'classes/paypal/ipn_cls.php');
  13. require_once( INC_DIR . 'classes/paypal/process_paypal.php' );
  14.  
  15. }//if(isset($_GET[from]))
  16. // added on 090706 for chat instances
  17.  
  18.  
  19.  
  20. define('CRLF', "\r\n");
  21.  
  22. $enable_reg = false; // Enable registration options for admin/moderators and spies if set to true, set to false to disable these options
  23.  
  24. $ext = array('.gif', '.jpg', '.png', '.bmp'); // limit upload to these file types only
  25. $ufolder = './temp/nick_image/'; // picture upload folder
  26. $max_file_size = 500*1024; // max picture file size in bytes
  27. $edit_allowed = true; // limitation for guest chatters (only show registered users if false) if FlashChat in two instance mode
  28. $pictureWidth = 180; // picture display width limit pixels
  29. $thumbWidth = 90; // thumbnail picture display width limit in gallery pixels
  30. $showAllProfiles = true; // display list of links to all active profiles at each page
  31. $showGallery = true; // when displaying all profiles: use gallery style
  32. $FC_owner_email = 'xyz@your_domain.com'; // FlashChat owner email address, set as sender/reply to in password change
  33. $FC_owner_name = 'FlashChat Owner name'; // FlashChat owner name (link text)
  34. $pics_row = 4; // number of pictures per row when in showGallery mode
  35. $default_country = 'USA'; // default country in english at registration (must be found in /chat/inc/country.inc
  36. $profiles_per_page = 50; // visible profiles per page
  37.  
  38. require_once('./profile/en.php'); //default language is en ie english
  39. if ($req['lang'] == 'xx')
  40. require_once('./profile/xx.php'); // replace xx with your language attribute and make available this file in /chat/profile directory
  41. // duplicate this /profile/en.php if you need more than two languages
  42. // remember UTF-8 characters but not for messages t23-t27 (error messages)
  43. $smarty->assign('msg', $msg);
  44.  
  45. $gender_arr = array(
  46. 'male' => $msg['t102'],
  47. 'female' => $msg['t103'],
  48. 'other' => $msg['t104']
  49. );
  50. // ******** End of customizations
  51.  
  52. // ******** Begin of functions
  53. function send_style_sheet($msg) {
  54. $value = array(
  55. 'msg' => $msg,
  56. 'showBackground' => true, // set to true if you have a nice background to add
  57. 'bgcolor' => '#eeeeee', // text background color leave empty (=> '';) for no color (transparent)
  58. //'bgcolor' => htmlColor($GLOBALS['fc_config']['themes'][$GLOBALS['fc_config']['defaultTheme']]['enterRoomNotify']),
  59. 'bkgrnd' => $GLOBALS['fc_config']['themes'][$GLOBALS['fc_config']['defaultTheme']]['backgroundImage'], // default background is the default theme
  60. //'bkgrnd' => 'http://www.yourdomain.com/mybackgroundfile.jpg', // uncomment this line to use your own background image
  61. );
  62.  
  63. return $value;
  64. }
  65.  
  66. function removeEvilAttributes($tagSource) {
  67.  
  68. $stripAttrib = "' (style|class)=\"(.*?)\"'i";
  69. $tagSource = stripslashes($tagSource);
  70. $tagSource = preg_replace($stripAttrib, '', $tagSource);
  71.  
  72. return $tagSource;
  73. }
  74.  
  75. function removeEvilTags($source) {
  76.  
  77. $allowedTags = '<a><br><b><h1><h2><h3><h4><i><img><li><ol><p><strong><table><tr><td><th><u><ul>';
  78. $source = strip_tags($source, $allowedTags);
  79.  
  80. return preg_replace('/<(.*?)>/ie', "'<'.removeEvilAttributes('\\1').'>'", $source);
  81. }
  82.  
  83. function htmlSelect($name, $arr, $selected, $addprop='') {
  84. $ret = "<SELECT name=\"$name\" $addprop>";
  85.  
  86. foreach($arr as $k=>$v)
  87. {
  88. if($selected == $k)$sel = 'SELECTED';
  89. else $sel = '';
  90.  
  91. $ret .= "<option value=\"$k\" $sel>$v";
  92. }
  93.  
  94. $ret .= "</SELECT>";
  95.  
  96. return $ret;
  97. }
  98. // ******** End of functions
  99.  
  100. $cmsclass = strtolower( $GLOBALS['fc_config']['CMSsystem'] );
  101. $manageUsers = ($cmsclass == 'defaultcms') || ($cmsclass == 'statelesscms');
  102. if(!$manageUsers)
  103. {
  104. die('Profiles are only supported for defaultCMS and statelessCMS');
  105. }
  106.  
  107. $req['change_id'] = $req['userid'];
  108. if(isset($req['flashchatid']))
  109. {
  110. $req['id'] = $req['flashchatid'];
  111. $conn =& ChatServer::getConnection($req);
  112. $req['id'] = $conn->userid;
  113. if(!$req['id'])
  114. die ('<center><b>NoNo<br>You must be logged in to FlashChat to use this command</b></center>');
  115. $req['lang'] = $conn->lang;
  116. $user = ChatServer::getUser($req['id']);
  117.  
  118. $req['roles'] = $user['roles'];
  119.  
  120. if(isset($req['admin_user_edit']))
  121. $req['change_id'] = $req['cid'];
  122. if($req['admin_user_edit'] == 'hidden_edit')
  123. $req['change_id'] = $req['cid1'];
  124. }
  125.  
  126. if(!isset($req['lang']) && isset($req['id']))
  127. {
  128. $langStmt = new Statement('SELECT lang FROM '.$GLOBALS['fc_config']['db']['pref'].'connections WHERE id=?',215);
  129. $rs = $langStmt->process($req['id']);
  130. $rec = $rs->next();
  131. $req['lang'] = $rec['lang'];
  132. }
  133.  
  134. $font = '<center><div class="die"><center><br>'; // some error printouts in file upload section
  135.  
  136. $register = false;
  137. $fc_std_profile = false;
  138. $userid = 0;
  139. $error = false;
  140. if($req['register'] == 'true')
  141. {
  142. $fc_std_profile = true;
  143. $register = true;
  144. }
  145. if(isset($req['save']))
  146. {
  147. $fc_std_profile = true;
  148. }
  149.  
  150. if(!$fc_std_profile) // addon part
  151. {
  152. // ******** Begin of functions
  153. function makeRandomPassword()
  154. {
  155. $salt = 'abcdefghjkmnpqrstuvwxyzABCDEFGHJKMNPQRSTUVWXYZ0123456789';
  156. srand((double)microtime()*1000000);
  157. $i = 0;
  158. while ($i <= 8) {
  159. $num = rand() % 56;
  160. $tmp = substr($salt, $num, 1);
  161. $pass = $pass . $tmp;
  162. $i++;
  163. }
  164. return $pass;
  165. }
  166.  
  167. function tryagain($msg1, $msg2, $msg3, $type)
  168. {
  169. global $smarty;
  170.  
  171. $style_sheet = send_style_sheet($msg3);
  172. $tryagain_data = array(
  173. 'msg1' => $msg1,
  174. 'msg2' => $msg2,
  175. 'type' => $type
  176. );
  177.  
  178. $smarty->assign('tryagain', true);
  179. $smarty->assign('tryagain_data', $tryagain_data);
  180. $smarty->assign('style_sheet', $style_sheet);
  181. $smarty->display('profile.tpl');
  182. die();
  183. }
  184.  
  185. function showInfoLine($itm, $add='')
  186. {
  187. global $edit, $msg, $width150, $width450, $req;
  188.  
  189. $value = '';
  190.  
  191. if( !$msg[$itm] && !$edit ) return $value;
  192. $value.= $width150.$msg[$itm].$width450;
  193. if( $edit )
  194. {
  195. $value.= '<input type="text" name="' . $itm . '" size="60" value="' . $req[$itm] . '">';
  196. }
  197. else
  198. {
  199. $s = Message::replaceBadWord($req[$itm]);
  200. if( $add == 'link')
  201. $value.= '<a href="' . $s . '" target="_blank">' . $s . '</a>';
  202. else if( $add == 'mail')
  203. $value.= '<a href="mailto:' . $s . '">' . $s . '</a>';
  204. else
  205. $value.= $s;
  206. }
  207. $value.= '</td></tr>';
  208.  
  209. return $value;
  210. }
  211. // ******** End of functions
  212. // ******** Begin of variables
  213. $fields = array(
  214. 't01' => '',
  215. 't02' => '',
  216. 't03' => '',
  217. 't04' => '',
  218. 't05' => '',
  219. 't06' => '',
  220. 't07' => '',
  221. 't08' => '',
  222. 't09' => '',
  223. 't10' => '',
  224. 't11' => '',
  225. 't12' => '',
  226. 't13' => '',
  227. 't14' => '',
  228. 't15' => '',
  229. 't41' => '',
  230. 't42' => '',
  231. 't43' => '',
  232. 't44' => ''
  233. );
  234. // ******** End of variables
  235. // ******** Begin of code
  236. //user wants new password sent to registered email address
  237. if(isset($req['newpassword']))
  238. {
  239. $style_sheet = send_style_sheet($msg['t56']);
  240.  
  241. $smarty->assign('newpassword', true);
  242. $smarty->assign('style_sheet', $style_sheet);
  243. $smarty->display('profile.tpl');
  244. die();
  245. }
  246.  
  247. // user wants old password sent to registered email address
  248. if(isset($req['oldpassword']))
  249. {
  250. $style_sheet = send_style_sheet($msg['t56']);
  251.  
  252. $smarty->assign('oldpassword', true);
  253. $smarty->assign('style_sheet', $style_sheet);
  254. $smarty->display('profile.tpl');
  255. die();
  256. }
  257.  
  258. // send old password to registered email address
  259. if(isset($req['sendoldpassword']))
  260. {
  261. $stmt = new Statement('SELECT * FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE login=?');
  262. $rs = $stmt->process($req['nick']);
  263.  
  264. if(($rec = $rs->next()) && $rec['profile'])
  265. {
  266. $profile = unserialize($rec['profile']);
  267. }
  268. else
  269. {
  270. tryagain($msg['t55'], $msg['t61'], $msg['t57'], 'oldpassword');
  271. }
  272.  
  273. if(isset($profile['fullname']) && isset($profile['email']))
  274. {
  275. $profile['t05'] = $profile['email'];
  276. }
  277.  
  278. if($profile['t05'] == $req['email'])
  279. {
  280. if(!preg_match('/^([0-9,a-z,A-Z]+)([.,_]([0-9,a-z,A-Z]+))*[@]([0-9,a-z,A-Z]+)([.,_,-]([0-9,a-z,A-Z]+))*[.]([0-9,a-z,A-Z]){2}([0-9,a-z,A-Z])?$/', $profile['t05']))
  281. {
  282. tryagain($msg['t60'] . ' <a href="mailto:' . $FC_owner_email . '">' . $FC_owner_name . '</a>', $msg['t61'], $msg['t57'], 'oldpassword');
  283. }
  284.  
  285. //password encrypted generate new password
  286. if( $GLOBALS['fc_config']['encryptPass'] )
  287. {
  288. $newPass = makeRandomPassword();
  289. $rec['password'] = $newPass;
  290. }
  291.  
  292. $headers .= "MIME-Version: 1.0\n";
  293. $headers .= "Content-type: text/plain; charset=UTF-8\n";
  294. $headers .= "X-Mailer: php\n";
  295. $headers .= "From: \"" . $FC_owner_name . "\" <" . $FC_owner_email . ">\n";
  296.  
  297. if( mail($req['email'], $msg['t63'] . ' ' . $rec['login'], $msg['t64'] . CRLF . CRLF . $rec['password'] . CRLF . CRLF . $msg['t53'], $headers) )
  298. {
  299. //setup new password
  300. if( $GLOBALS['fc_config']['encryptPass'] )
  301. {
  302. $s = new Statement('UPDATE '.$GLOBALS['fc_config']['db']['pref'].'users SET `password`=MD5(?) WHERE login=? LIMIT 1');
  303. $r = $s->process($newPass, $req['nick']);
  304. }
  305. }
  306. else
  307. {
  308. tryagain($msg['t59'], $msg['t61'], $msg['t57'], 'oldpassword');
  309. }
  310. }
  311. else
  312. {
  313. tryagain($msg['t55'], $msg['t61'], $msg['t57'], 'oldpassword');
  314. }
  315.  
  316. $style_sheet = send_style_sheet($msg['t56']);
  317.  
  318. $smarty->assign('sendoldpassword', true);
  319. $smarty->assign('style_sheet', $style_sheet);
  320. $smarty->display('profile.tpl');
  321. die();
  322. }
  323.  
  324. // send new password to registered email address
  325. if(isset($req['sendnewpassword']))
  326. {
  327. $stmt = new Statement('SELECT * FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE login=?');
  328. $rs = $stmt->process($req['nick']);
  329.  
  330. if(($rec = $rs->next()) && $rec['profile'])
  331. {
  332. $profile = unserialize($rec['profile']);
  333. }
  334. else
  335. {
  336. tryagain($msg['t55'], $msg['t47'], $msg['t57'], 'newpassword');
  337. }
  338.  
  339. if($profile['fullname'])
  340. {
  341. $profile['t05'] = $profile['email'];
  342. }
  343.  
  344. if($profile['t05'] == $req['email'])
  345. {
  346. if(!preg_match('/^([0-9,a-z,A-Z]+)([.,_]([0-9,a-z,A-Z]+))*[@]([0-9,a-z,A-Z]+)([.,_,-]([0-9,a-z,A-Z]+))*[.]([0-9,a-z,A-Z]){2}([0-9,a-z,A-Z])?$/', $profile['t05']))
  347. {
  348. tryagain($msg['t60'] . ' <a href="mailto:' . $FC_owner_email . '">' . $FC_owner_name . '</a>', $msg['t47'], $msg['t57'], 'newpassword');
  349. }
  350.  
  351. $newpassword = makeRandomPassword();
  352. $headers .= "MIME-Version: 1.0\n";
  353. $headers .= "Content-type: text/plain; charset=UTF-8\n";
  354. $headers .= "X-Mailer: php\n";
  355. $headers .= "From: \"" . $FC_owner_name . "\" <" . $FC_owner_email . ">\n";
  356. if(mail($req['email'], $msg['t51'] . ' ' . $rec['login'], $msg['t52'] . CRLF . CRLF . $newpassword . CRLF . CRLF . $msg['t53'], $headers))
  357. {
  358. $stmt = new Statement('UPDATE '.$GLOBALS['fc_config']['db']['pref'].'users SET password=? WHERE id=?',125);
  359. if( $GLOBALS['fc_config']['encryptPass'] > 0 )
  360. {
  361. $newpassword = md5($newpassword);
  362. }
  363. $stmt->process($newpassword, $rec['id']);
  364. }
  365. else
  366. {
  367. tryagain($msg['t59'], $msg['t47'], $msg['t57'], 'newpassword');
  368. }
  369. }
  370. else
  371. {
  372. tryagain($msg['t55'], $msg['t47'], $msg['t57'], 'newpassword');
  373. }
  374.  
  375. $style_sheet = send_style_sheet($msg['t56']);
  376.  
  377. $smarty->assign('sendnewpassword', true);
  378. $smarty->assign('style_sheet', $style_sheet);
  379. $smarty->display('profile.tpl');
  380. die();
  381. }
  382.  
  383. // user finished selection of file so try to upload the file now
  384. if(isset($req['load']))
  385. {
  386. $_FILES['img1']['name'] = strtolower($_FILES['img1']['name']); //make sure file name is lower case.
  387. $_FILES['img1']['name'] = str_replace(' ', '_', $_FILES['img1']['name']); //get rid of spaces
  388. $_FILES['img1']['name'] = str_replace('$', '_', $_FILES['img1']['name']); //get rid of '$'
  389. $file_name = $_FILES['img1']['name']; //take the file name, and then get all the stuff after the last '.' (the file extension)
  390. $file_name = strrchr($file_name, '.');
  391.  
  392. //make sure file type is supported
  393. if(!in_array($file_name, $ext))
  394. {
  395. $error = $font . $msg['t23'];
  396. foreach( $ext as $exts )
  397. {
  398. $error .= $exts . " ";
  399. }
  400. $error .= '<br>&nbsp;<br>';
  401. }
  402.  
  403. if(!$error)
  404. {
  405. $file_size = $_FILES['img1']['size']; //make sure file isn't too large
  406. if($file_size > $max_file_size)
  407. {
  408. $error = $font . $msg['t24'] . round(($file_size/1024), 0) . $msg['t25'] . round((( $max_file_size / 1024 ) ) , 2) . ' KB'. '<br>&nbsp;';
  409. }
  410. }
  411.  
  412. if(!$error)
  413. {
  414. //get the file type from mime types and upload file to directory
  415. if ($_FILES['img1'] != '')
  416. {
  417. $file_type = '/error';
  418. if(!is_script($_FILES['img1']['tmp_name']))
  419. {
  420. if( $_FILES['img1']['type'] == "image/gif" ) $file_type = '.gif';
  421. if( $_FILES['img1']['type'] == "image/pjpeg" ) $file_type = '.jpg';
  422. if( $_FILES['img1']['type'] == "image/jpeg" ) $file_type = '.jpg';
  423. if( $_FILES['img1']['type'] == "image/jpc" ) $file_type = '.jpg';
  424. if( $_FILES['img1']['type'] == "image/bmp") $file_type = '.bmp';
  425.  
  426. $fw = $ufolder . $req['change_id'];
  427. if(file_exists($fw . '.jpg')) unlink($fw . '.jpg');
  428. if(file_exists($fw . '.gif')) unlink($fw . '.gif');
  429. if(file_exists($fw . '.bmp')) unlink($fw . '.bmp');
  430.  
  431. $newtofile = $fw . $file_type; //name file with user id and save in profile image directory
  432. copy($_FILES['img1']['tmp_name'], $newtofile) or $error = $font . $msg['t26'] . '<br>&nbsp;';
  433. }
  434. else
  435. {
  436. $error = $font . $msg['t124'] . '<br>&nbsp;';
  437. }
  438. }
  439. else
  440. {
  441. $error = $font . $msg['t27'] . '<br>&nbsp;';
  442. }
  443. }
  444.  
  445. // Update user profile with new URL to picture
  446. if(!$error)
  447. {
  448. $user = ChatServer::getUser($req['change_id']);
  449.  
  450. $stmt = new Statement('SELECT profile FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE id=?',120);
  451. $rs = $stmt->process($user['id']);
  452.  
  453. if(($rec = $rs->next()) && $rec['profile'])
  454. {
  455. $profile = unserialize($rec['profile']);
  456. }
  457. else
  458. {
  459. $profile = array();
  460. }
  461.  
  462. $profile['t12'] = $newtofile;
  463. $req = array_merge($fields, $profile, $req);
  464.  
  465. $stmt = new Statement('UPDATE '.$GLOBALS['fc_config']['db']['pref'].'users SET profile=? WHERE id=?',114);
  466. $stmt->process(serialize($profile), $user['id']);
  467. }
  468. }
  469.  
  470. // user clicked for upload of picture so show that page
  471. if(isset($req['TCpicture']) || $error)
  472. {
  473. $user = ChatServer::getUser($req['change_id']);
  474.  
  475. if(!$error)
  476. {
  477. // update user profile fields first
  478. foreach($fields as $k => $v)
  479. {
  480. $fields[$k] = $req[$k];
  481. }
  482.  
  483. $stmt = new Statement('UPDATE '.$GLOBALS['fc_config']['db']['pref'].'users SET profile=? WHERE id=?',114);
  484. $stmt->process(serialize($fields), $user['id']);
  485. }
  486.  
  487. $style_sheet = send_style_sheet($msg['t32']);
  488. $s_ext = '';
  489. foreach ( $ext as $exts )
  490. {
  491. $s_ext.= $exts.' ';
  492. }
  493. $file_size = round(( $max_file_size / 1024 ) , 2);
  494.  
  495. $smarty->assign('TCpicture', true);
  496. $smarty->assign('error', $error);
  497. $smarty->assign('req', $req);
  498. $smarty->assign('user', $user);
  499. $smarty->assign('exts', $s_ext);
  500. $smarty->assign('file_size', $file_size);
  501. $smarty->assign('style_sheet', $style_sheet);
  502. $smarty->display('profile.tpl');
  503. die();
  504. }
  505.  
  506.  
  507. // user want to save the text in profile set and maybe also update password
  508. if(isset($req['TCsave']))
  509. {
  510. $user = ChatServer::getUser($req['change_id']);
  511.  
  512. foreach($fields as $k => $v)
  513. {
  514. $fields[$k] = $req[$k];
  515. }
  516. $pwdmsg = ''; // fix
  517. $fields['t14'] = trim($fields['t14']);
  518. $fields['t15'] = trim($fields['t15']);
  519.  
  520. if((strlen($fields['t14']) > 0) || (strlen($fields['t15']) > 0))
  521. {
  522. if((strlen($fields['t14']) < 1) || (strlen($fields['t15']) < 1))
  523. {
  524. $pwdmsg = $msg['t40'];
  525. }
  526.  
  527. // password change
  528. if((strlen($fields['t14']) > 0) && (strlen($fields['t15']) > 0))
  529. {
  530. $stmt = new Statement('SELECT password FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE id=?',120);
  531. $rs = $stmt->process($user['id']);
  532. $pwdmsg = $msg['t39'];
  533. $rec = $rs->next();
  534. if($fields['t14'] === $rec['password'] || md5($fields['t14']) === $rec['password'])
  535. {
  536. $stmt = new Statement('UPDATE '.$GLOBALS['fc_config']['db']['pref'].'users SET password=? WHERE id=?',125);
  537. if( $GLOBALS['fc_config']['encryptPass'] > 0 )
  538. {
  539. $fields['t15'] = md5($fields['t15']);
  540. }
  541. $stmt->process($fields['t15'], $user['id']);
  542. $pwdmsg = $msg['t38'];
  543. }
  544. $fields['t14'] = '';
  545. $fields['t15'] = '';
  546. }
  547. }
  548.  
  549. foreach($fields as $k => $v)
  550. {
  551. $fields[$k] = removeEvilTags($v);
  552. }
  553.  
  554. if(strlen(trim($fields['t12'])) < 2)
  555. {
  556. $fw = $ufolder . $req['change_id'];
  557. if(file_exists($fw . '.jpg')) unlink($fw . '.jpg');
  558. if(file_exists($fw . '.gif')) unlink($fw . '.gif');
  559. if(file_exists($fw . '.bmp')) unlink($fw . '.bmp');
  560. }
  561.  
  562. $stmt = new Statement('UPDATE '.$GLOBALS['fc_config']['db']['pref'].'users SET profile=? WHERE id=?',114);
  563. $stmt->process(serialize($fields), $user['id']);
  564.  
  565. //update gender of user in chat
  566. $gender = strtoupper(substr($fields['t43'], 0, 1));
  567. $conn->process(array('c' => 'sgen', 'u' => $user['id'], 't' => ($gender != 'M' && $gender != 'F')? NULL : $gender));
  568.  
  569. //send notification to all users about new photo
  570. //$conn->sendToAll(new Message('spht', $conn->userid, null, (strlen(trim($fields['t12'])) < 2)? '' : $fields['t12']));
  571. }
  572.  
  573. // ****************************************
  574. // display the user profile (default entry)
  575. // ****************************************
  576.  
  577. $edit = (isset($req['flashchatid']) && ($req['id'] != SPY_USERID) && $req['userid'] == $req['id']);
  578. if($req['admin_show_profile'])
  579. $edit = true;
  580. if(!$edit_allowed)
  581. $edit = false;
  582.  
  583. $user = ChatServer::getUser($req['change_id']);
  584.  
  585. if(!$edit)
  586. $user = ChatServer::getUser($req['userid']);
  587.  
  588. $stmt = new Statement('SELECT * FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE id=?',120);
  589. $rs = $stmt->process($user['id']);
  590.  
  591. if(($rec = $rs->next()) && $rec['profile'])
  592. {
  593. $test_profile = unserialize($rec['profile']);
  594.  
  595. if( is_array($test_profile) && array_key_exists('fullname', $test_profile))
  596. {
  597. $profile['t01'] = $test_profile['fullname'];
  598. $profile['t04'] = $test_profile['age'];
  599. $profile['t05'] = $test_profile['email'];
  600. $profile['t06'] = $test_profile['msnm'];
  601. $profile['t07'] = $test_profile['site'];
  602. $profile['t10'] = $test_profile['icq'];
  603. $profile['t13'] = $test_profile['comments'];
  604. $profile['t41'] = $test_profile['aim'];
  605. $profile['t42'] = $test_profile['yim'];
  606. $profile['t43'] = $test_profile['gender'];
  607. $profile['t44'] = $test_profile['location'];
  608. }
  609. else
  610. {
  611. $profile = unserialize($rec['profile']);
  612. $profile['t13'] = str_replace('\\', '', $profile['t13']); // fix for those who enters multiple \
  613. }
  614. }
  615. else
  616. {
  617. $profile = array();
  618. }
  619.  
  620. $req = array_merge($fields, $profile, $req);
  621.  
  622. if($user)
  623. {
  624. if(!$edit)
  625. {
  626. foreach($req as $k => $v)
  627. {
  628. if(!$v) $msg[$k] = null;
  629. }
  630. }
  631.  
  632. $htmlSelect = '';
  633. if($edit)
  634. {
  635. $htmlSelect = htmlSelect('t43', $gender_arr, $req['t43']);
  636. }
  637. else
  638. {
  639. $htmlSelect = Message::replaceBadWord($req['t43']);
  640. }
  641.  
  642. if(substr($req['t12'], 0, 7) == 'http://' && $nick = strpos($req['t12'], 'nick_image'))
  643. {
  644. $req['t12'] = './' . substr($req['t12'], $nick);
  645. }
  646.  
  647. $is_http = false;
  648. $is_file_exists = false;
  649. if(substr($req['t12'], 0, 7) == 'http://')
  650. {
  651. $is_http = true;
  652. }
  653. else if($req['t12'] && file_exists($req['t12']))
  654. {
  655. $is_file_exists = true;
  656. $size = getimagesize($req['t12']);
  657. if($size['0'] < $pictureWidth)
  658. {
  659. $pictureWidth = $size['0'];
  660. }
  661. }
  662.  
  663. $width150 = '<tr><td align="right" width="250">';
  664. $width450 = '</td><td width="450">';
  665. $infoLine1 = showInfoLine('t01').
  666. showInfoLine('t02').
  667. showInfoLine('t44').
  668. showInfoLine('t03');
  669. $infoLine2 = showInfoLine('t04').
  670. showInfoLine('t05', 'mail').
  671. showInfoLine('t07', 'link').
  672. showInfoLine('t08', 'link').
  673. showInfoLine('t41').
  674. showInfoLine('t42').
  675. showInfoLine('t10').
  676. showInfoLine('t06');
  677. $replaceBadWord_t13 = Message::replaceBadWord($req['t13']);
  678. $is_writable = is_writable($ufolder);
  679. $is_role_admin = ($rec['roles'] == ROLE_ADMIN);
  680. $is_role_user = ($req['roles'] == ROLE_USER);
  681. $style_sheet = send_style_sheet('"' . $user['login'] . '"');
  682.  
  683. // display a list of all profiles in users table
  684. if($showAllProfiles || $is_role_admin)
  685. {
  686. $value = '';
  687.  
  688. //pages
  689. $page_num = $_REQUEST['pg'];
  690. if( ($page_num == '') && !is_numeric($page_num) )
  691. $page_num = 1;
  692.  
  693. $page_num--;
  694. $stmt = new Statement('SELECT count(*) users_amount FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE profile <> \'\'',121);
  695. $rs = $stmt->process();
  696. $rec = $rs->next();
  697. $limit = '';
  698. $all_profiles = $rec['users_amount'];
  699. if( $all_profiles > $profiles_per_page )
  700. {
  701. $limit = ' LIMIT ' . $page_num*$profiles_per_page . ', '.$profiles_per_page;
  702. }
  703. //---
  704. $stmt = new Statement('SELECT * FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE profile <> \'\' ORDER BY login '.$limit , 122 );
  705. $rs = $stmt->process();
  706.  
  707. if($rs->hasNext())
  708. {
  709. $value.= '</table><center><div width=50%><h2>'.$msg['t22'].'</h2></div></center>';
  710.  
  711. //---
  712. if( $all_profiles > $profiles_per_page )
  713. {
  714. $value.= '<div align=center class=pages>All profeles '.$all_profiles.' | Showing Profiles '.
  715. ($page_num*$profiles_per_page+1). '-' . min((($page_num+1)*$profiles_per_page), $all_profiles) .
  716. ' | Page ';
  717.  
  718. for($i=1; $i<=ceil($all_profiles/$profiles_per_page); $i++)
  719. {
  720. if($i == $page_num+1)
  721. {
  722. $value.= $i.' ';
  723. continue;
  724. }
  725. $value.= "<a href=\"profile.php?userid={$_REQUEST['userid']}&lang={$_REQUEST['lang']}&pg=$i\">$i</a>";
  726. }
  727.  
  728. $value.= '</div>';
  729. }
  730. //---
  731.  
  732. if(!$showGallery)
  733. $value.= '<table align=center border=0 cellpadding=5 cellspacing=0 width=30%>';
  734. else
  735. $value.= '<table align=center border=0 cellpadding=5 cellspacing=2 width=80%><tr>';
  736.  
  737. $pics = 1;
  738. while($rec = $rs->next())
  739. {
  740. if(isset($rec['profile']))
  741. {
  742. $profile = unserialize($rec['profile']);
  743. if($showGallery)
  744. {
  745. $pict_msg = $msg['t45'];
  746. if(!$profile['t12'])
  747. {
  748. $profile['t12'] = 'flashChat_slogo.png';
  749. $pict_msg = $msg['t68'];
  750. }
  751. $profileLink = '<td align=center valign=middle width=18%><a href="' . $profile['t12'] . '" target="_blank"><img border=0 width=' . $thumbWidth . ' border=0 src="' . $profile['t12'] . '" alt="' . $pict_msg . '"></a>';
  752. $profileLink .= "<br><a href=\"profile.php?pg={$_REQUEST['pg']}&userid=" . $rec['id'] . '&lang=' . $req['lang'] . '" title="' . $msg['t46'] . '" target="_self">' . $rec['login'] . '</a>';
  753.  
  754. if($req['flashchatid'] && ($req['roles'] == ROLE_ADMIN))
  755. {
  756. $profileLink .= '<br><form action="profile.php" method="post" name="fc_profile">';
  757. $profileLink .= '<input type="hidden" name="flashchatid" value="' . $req['flashchatid'] . '">';
  758. $profileLink .= '<input type="hidden" name="lang" value="' . $req['lang'] . '">';
  759. $profileLink .= '<input type="hidden" name="userid" value="' . $req['id'] . '">';
  760. $profileLink .= '<input type="hidden" name="cid" value="' . $rec['id'] . '">';
  761. $profileLink .= '<input type="submit" name="admin_user_edit" value="Edit">';
  762. $profileLink .= '</form>';
  763. }
  764.  
  765. $value.= $profileLink . '</td>';
  766.  
  767. if($pics++ == $pics_row)
  768. {
  769. $pics = 1;
  770. $value.= '</tr><tr>';
  771. }
  772.  
  773. }
  774. else
  775. {
  776.  
  777. $profileLink = '<tr>';
  778. if($profile['t12'])
  779. {
  780. $profileLink .= '<td align="right"><a href="' . $profile['t12'] . '" target="_blank"><img border=0 height=10 width=15 border=0 src="./profile/camera.gif" alt="' . $msg['t45'] . '"></a>';
  781. }
  782. else
  783. {
  784. $profileLink .= '<td></td>';
  785. }
  786. $profileLink .= '<td align="left"><a href="profile.php?userid=' . $rec['id'] . '&lang=' . $req['lang'] . '" title="' . $msg['t46'] . '">' . $rec['login'] . '</a></td></tr>';
  787. $value.= $profileLink;
  788. }
  789. }
  790. }
  791. }
  792. $smarty->assign('value', $value);
  793. }
  794.  
  795. $smarty->assign('default', true);
  796. $smarty->assign('msg', $msg);
  797. $smarty->assign('user', $user);
  798. $smarty->assign('req', $req);
  799. $smarty->assign('edit', $edit);
  800. $smarty->assign('infoLine1', $infoLine1);
  801. $smarty->assign('infoLine2', $infoLine2);
  802. $smarty->assign('width150', $width150);
  803. $smarty->assign('width450', $width450);
  804. $smarty->assign('htmlSelect', $htmlSelect);
  805. $smarty->assign('is_writable', $is_writable);
  806. $smarty->assign('is_role_admin', $is_role_admin);
  807. $smarty->assign('is_role_user', $is_role_user);
  808. $smarty->assign('ufolder', $ufolder);
  809. $smarty->assign('is_http', $is_http);
  810. $smarty->assign('is_file_exists', $is_file_exists);
  811. $smarty->assign('pictureWidth', $pictureWidth);
  812. $smarty->assign('replaceBadWord_t13', $replaceBadWord_t13);
  813. $smarty->assign('pwdmsg', $pwdmsg);
  814. $smarty->assign('showAllProfiles', $showAllProfiles);
  815. $smarty->assign('style_sheet', $style_sheet);
  816. $smarty->display('profile.tpl');
  817. die();
  818. }
  819. else
  820. {
  821. $style_sheet = send_style_sheet($msg['t17'].$req['userid']);
  822.  
  823. $smarty->assign('not_user', true);
  824. $smarty->assign('req', $req);
  825. $smarty->assign('style_sheet', $style_sheet);
  826. $smarty->display('profile.tpl');
  827. die();
  828. }
  829. // ******** End of code
  830. }
  831. else // start of FlashChat standard registration page
  832. {
  833. require_once('inc/country.inc.php');
  834. $req = array_merge($_GET, $_POST);
  835.  
  836. $fields = array(
  837. 'fullname' => '',
  838. 'email' => '',
  839. 'site' => '',
  840. 'icq' => '',
  841. 'aim' => '',
  842. 'yim' => '',
  843. 'msnm' => '',
  844. 'comments' => '',
  845. 'gender' => '',
  846. 'age' => '',
  847. 'location' => ''
  848. );
  849.  
  850.  
  851. if( isset($req['save']) )
  852. {
  853. if( $req['register'] )
  854. {
  855. //check if user existing
  856. //changed on 090706 for chat instances
  857. /*$stmt = new Statement("SELECT * FROM {$GLOBALS['fc_config']['db']['pref']}users WHERE login=? LIMIT 1");
  858. $usr = $stmt->process($req['user_name']);*/
  859.  
  860. $usrNumRows = 0;
  861.  
  862. if($req['fc_instance_purchase'] != 1)//for new chat instaqnce purchase no need to check if a member exists since new instance to be created (added on 090706 for chat instances
  863. {
  864. $stmt = new Statement('SELECT * FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE login=? and instance_id=? LIMIT 1',112);
  865. $usr = $stmt->process($req['user_name'], $_SESSION['session_inst']);
  866. $usrNumRows = $usr->numRows;
  867. }
  868. //changed on 090706 for chat instances ends here
  869.  
  870. if($usrNumRows > 0 || Message::replaceBadWord($req['user_name']) != $req['user_name'])
  871. {
  872. $register_succ = false;
  873. $register = true;
  874. $errmsg = str_replace('[user_name]', $req['user_name'], $msg['t100']);
  875. $req['user_name'] = '';
  876. $userid = -1;
  877. } else {
  878. if( $usrNumRows != 0 )
  879. {
  880. $req['role'] = ROLE_USER;//always insert user
  881. }
  882. // added on 090706 for chat instances
  883. if($req['is_paid'] == 1)
  884. {
  885. if(!isset($req['from']) )
  886. {
  887. if($req['fc_instance_purchase'] == 1)
  888. {
  889. $PAYPAL[transaction_type]='New_Instance_Purchase';
  890. $PAYPAL['business'] = $GLOBALS['fc_config']['fc_instance']['paypal_admin_bussiness_email'];
  891. $PAYPAL['amount'] = $GLOBALS['fc_config']['fc_instance']['instance_value'];
  892. $PAYPAL['currency_code'] = $GLOBALS['fc_config']['fc_instance']['admin_currency_type'];
  893. $PAYPAL['notify'] = paypal_notify_url().'&register=1&fc_instance_purchase=1';
  894. }
  895. else //if($req['fc_instance_purchase'] == 1)
  896. {
  897. $PAYPAL[transaction_type]='paid_registration_'+$_SESSION['session_inst_name'];
  898. $PAYPAL['business'] = $GLOBALS['fc_config']['paypal_bussiness_email'];
  899. $PAYPAL['amount'] = $GLOBALS['fc_config']['membership_amount'];
  900. $PAYPAL['currency_code'] = $GLOBALS['fc_config']['payment_currency_type'];
  901. $PAYPAL['notify'] = paypal_notify_url().'&register=1';
  902. }//if($req['fc_instance_purchase'] == 1)
  903. $PAYPAL['url'] = paypal_url();
  904. $PAYPAL['itemname'] = $PAYPAL[transaction_type];
  905. $PAYPAL['item_number'] = paypal_invoice_number();
  906. $PAYPAL['payer_email'] = $req['email'];
  907. $PAYPAL['payer_id'] = $req['user_name'];
  908. $PAYPAL['shipping'] = 0;
  909. $PAYPAL['return'] = paypal_return_url();
  910. $PAYPAL['cancel_return'] = paypal_cancel_url();
  911. //emulatepaypal();
  912. $smarty->assign('PAYPAL', $PAYPAL);
  913. $smarty->display('paypal_form.tpl');
  914. die();
  915. }//if(!isset($req['from'])
  916. }//if($req['is_paid'] == 1)
  917. // added on 090706 for chat instances ends here
  918. //---
  919. //changed on 090706 for chat instances
  920. /*$stmt = new Statement("INSERT INTO {$GLOBALS['fc_config']['db']['pref']}users (login,password,roles) VALUES (?,?,?)");
  921. if( !isset($req['role']) ) $req['role'] = ROLE_USER;
  922. if( $GLOBALS['fc_config']['encryptPass'] > 0 ) {$req['password'] = md5($req['password']);}
  923.  
  924. $userid = $stmt->process($req['user_name'] , $req['password'], $req['role']);*/
  925.  
  926. if( !isset($req['role']) ) $req['role'] = ROLE_USER;
  927.  
  928. $req['session_inst'] = $_SESSION['session_inst'];
  929. //added on 090706 for chat instance
  930. if($req['fc_instance_purchase'] == 1)
  931. {
  932. $req['role'] = ROLE_MODERATOR;
  933. $stmt = new Statement("SELECT * FROM {$GLOBALS['fc_config']['db']['pref']}config_instances WHERE is_default=1");
  934. $rs = $stmt->process();
  935. if($GLOBALS['fc_config']['payment_options']['debug_mode']) sprintf( $stmt->final_query.'<br>' );
  936. $rec = $rs->next();
  937. $fc_default_inst = $rec['id'];
  938.  
  939. //is_active,is_default,name,created_date
  940. $stmt = new Statement("INSERT INTO {$GLOBALS['fc_config']['db']['pref']}config_instances (is_active,is_default,name,created_date) VALUES ('1','0','NEW INSTANCE of {$req['user_name']}',NOW())");
  941. $req['session_inst'] = $stmt->process();
  942.  
  943. if($GLOBALS['fc_config']['payment_options']['debug_mode']) sprintf( $stmt->final_query.'<br>' );
  944. $fc_new_instance_queries = array("values"=>"INSERT INTO {$GLOBALS['fc_config']['db']['pref']}config_values
  945. ( instance_id,config_id,value,disabled )
  946. SELECT '{$req['session_inst']}',config_id,value,disabled
  947. FROM {$GLOBALS['fc_config']['db']['pref']}config_values
  948. WHERE {$GLOBALS['fc_config']['db']['pref']}config_values.instance_id = $fc_default_inst;",
  949. "rooms"=>"INSERT INTO {$GLOBALS['fc_config']['db']['pref']}rooms
  950. ( created,name,password,ispublic,ispermanent,instance_id )
  951. SELECT NOW() ,name,password,ispublic,ispermanent,
  952. '{$req['session_inst']}' FROM {$GLOBALS['fc_config']['db']['pref']}rooms
  953. WHERE {$GLOBALS['fc_config']['db']['pref']}rooms.instance_id = $fc_default_inst"
  954. );
  955. foreach($fc_new_instance_queries as $type=>$fc_new_instance_query)
  956. {
  957. mysql_query($fc_new_instance_query);//stmt doesnt work for subqueries
  958. if($GLOBALS['fc_config']['payment_options']['debug_mode']) sprintf( $fc_new_instance_query.'<br>' ); }//foreach($fc_new_instance_queries as $fc_new_instance_query)
  959. //admin/cnf_config.php?module=instances&method=Dublicate&ID=1
  960. }//if($req['fc_instance_purchase'] == 1)
  961.  
  962. $stmt = new Statement('INSERT INTO '.$GLOBALS['fc_config']['db']['pref'].'users (login,password,roles,instance_id) VALUES (?,?,?,?)',113);
  963. if( $GLOBALS['fc_config']['encryptPass'] > 0 ) {$req['password'] = md5($req['password']);}
  964. $userid = $stmt->process($req['user_name'] , $req['password'], $req['role'], $req['session_inst']);
  965. if($GLOBALS['fc_config']['payment_options']['debug_mode']) sprintf($stmt->final_query);
  966. //changed on 090706 for chat instances ends here
  967. unset($req['user_name'] ,$req['password'],$req['register'], $req['role']);
  968.  
  969. if( isset($userid) && $userid > 0 )
  970. {
  971. $register_succ = true;
  972. }
  973. //added on 090706 for chat instance
  974. if($req['fc_instance_purchase'] == 1)
  975. {
  976. //create instance code
  977. }
  978. //added on 090706 for chat instance ends here
  979. }
  980. }
  981.  
  982. if($req['gender'] == 'male') $req['gender'] = $msg['t102'];
  983. if($req['gender'] == 'female') $req['gender'] = $msg['t103'];
  984. if($req['gender'] == 'other') $req['gender'] = $msg['t104'];
  985.  
  986. foreach($fields as $k => $v)
  987. {
  988. $fields[$k] = removeEvilTags($req[$k]);
  989. }
  990. $stmt = new Statement('UPDATE '.$GLOBALS['fc_config']['db']['pref'].'users SET profile=? WHERE id=?', 114);
  991. $stmt->process(serialize($fields), $userid);
  992.  
  993. $req['userid'] = $userid;
  994. }
  995.  
  996. $edit = (isset($req['userid']) && ($req['userid'] != SPY_USERID) && ($userid == $req['userid'])) || $register;
  997.  
  998. $user = ChatServer::getUser($req['userid']);
  999.  
  1000. $stmt = new Statement('SELECT profile FROM '.$GLOBALS['fc_config']['db']['pref'].'users WHERE id=?',120);
  1001. $rs = $stmt->process($req['userid']);
  1002.  
  1003. if(($rec = $rs->next()) && $rec['profile'])
  1004. {
  1005. $profile = unserialize($rec['profile']);
  1006. }
  1007. else
  1008. {
  1009. $profile = array();
  1010. }
  1011.  
  1012. $req = array_merge($fields, $profile, $req);
  1013.  
  1014. if( $register_succ === true )
  1015. {
  1016. $style_sheet = send_style_sheet($msg['t101']);
  1017. $user_name = stripslashes(str_replace('[user_name]', $_POST['user_name'], $msg['t106']));
  1018.  
  1019. $smarty->assign('register_succ', $register_succ);
  1020. $smarty->assign('user_name', $user_name);
  1021. $smarty->assign('style_sheet', $style_sheet);
  1022.  
  1023. $smarty->display('profile.tpl');
  1024. die();
  1025. }
  1026. else if($user || $register)
  1027. {
  1028. if(!$register)
  1029. {
  1030. $msgt = 'Profile for user &quot;'.$user['login'].'&quot;';
  1031. }
  1032. else
  1033. {
  1034. $msgt = $msg['t101'];
  1035. $req['location'] = $default_country;
  1036. }
  1037.  
  1038. $style_sheet = send_style_sheet($msgt);
  1039.  
  1040. //---check if is registered users
  1041. $stmt = new Statement('SELECT * FROM '.$GLOBALS['fc_config']['db']['pref'].'users LIMIT 1',115);
  1042. $rs = $stmt->process();
  1043. $firstUser = $rs->numRows == 0;
  1044. //---
  1045.  
  1046. $is_role_user = $req['role'] == ROLE_USER || !isset($req['role']);
  1047. $is_role_admin = ($req['role'] == ROLE_ADMIN);
  1048. $is_role_spy = ($req['role'] == ROLE_SPY);
  1049. $is_role_customer = ($req['role'] == ROLE_CUSTOMER);
  1050. $is_live_support_mode = $GLOBALS['fc_config']['liveSupportMode'];
  1051.  
  1052. $htmlSelect_gender = htmlSelect('gender', $gender_arr, $req['gender']);
  1053. $gender = $gender_arr[$req['gender']];
  1054. $htmlSelect_location = htmlSelect('location', $countries, $req['location']);
  1055. $location = $countries[$req['location']];
  1056. $nl2br = nl2br($req['comments']);
  1057.  
  1058. $smarty->assign('req', $req);
  1059. $smarty->assign('user_or_register', ($user || $register));
  1060. $smarty->assign('user', $user);
  1061. $smarty->assign('register', $register);
  1062. $smarty->assign('firstUser', $firstUser);
  1063. $smarty->assign('errmsg', $errmsg);
  1064. $smarty->assign('edit', $edit);
  1065. $smarty->assign('enable_reg', $enable_reg);
  1066. $smarty->assign('ROLE_USER', ROLE_USER);
  1067. $smarty->assign('ROLE_ADMIN', ROLE_ADMIN);
  1068. $smarty->assign('ROLE_SPY', ROLE_SPY);
  1069. $smarty->assign('ROLE_CUSTOMER', ROLE_CUSTOMER);
  1070. $smarty->assign('is_role_user', $is_role_user);
  1071. $smarty->assign('is_role_admin', $is_role_admin);
  1072. $smarty->assign('is_role_spy', $is_role_spy);
  1073. $smarty->assign('is_role_customer', $is_role_customer);
  1074. $smarty->assign('is_live_support_mode', $is_live_support_mode);
  1075. $smarty->assign('htmlSelect_gender', $htmlSelect_gender);
  1076. $smarty->assign('gender', $gender);
  1077. $smarty->assign('htmlSelect_location', $htmlSelect_location);
  1078. $smarty->assign('location', $location);
  1079. $smarty->assign('nl2br', $nl2br);
  1080. $smarty->assign('style_sheet', $style_sheet);
  1081. // added on 090706 for chat instances
  1082. if($GLOBALS['fc_config']['is_paid_chat'] == 1 && !$firstUser && $register)
  1083. {
  1084. $smarty->assign('is_paid', 1);
  1085. $smarty->assign('session_inst', $_SESSION['session_inst']);
  1086. if($req['fc_instance_purchase'] == 1)
  1087. {
  1088. $smarty->assign('fc_instance_purchase', 1);
  1089. $smarty->assign('fc_roles', ROLE_MODERATOR);
  1090. }//if($req['fc_instance_purchase'] == 1)
  1091. $smarty->display('profile_paid.tpl');
  1092. die();
  1093. }//if($GLOBALS['fc_config']['is_paid_chat'] == 1 && !$firstUser && $register)
  1094. // added on 090706 for chat instances ends here
  1095. $smarty->display('profile.tpl');
  1096. die();
  1097. }
  1098. else
  1099. {
  1100. $style_sheet = send_style_sheet($msg['t17'].$req['userid']);
  1101. $smarty->assign('req', $req);
  1102. $smarty->assign('style_sheet', $style_sheet);
  1103. $smarty->display('profile.tpl');
  1104. die();
  1105. }
  1106. }
  1107. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!