API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 24th, 2016
78
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.61 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. $headers = 'From: noreply@website.org' . "rn" .
  4. 'Reply-To: noreply@website.org' . "rn" .
  5. 'X-Mailer: PHP/' . phpversion();
  6. function sec_session_start() {
  7. session_start();
  8. if (loggedin()){
  9. $session_name = 'session-' . rand ( 100000 , 999999 ); // Set a custom session name
  10. $secure = 'SECURE';
  11. $httponly = true;
  12. if (ini_set('session.use_only_cookies', 1) === FALSE) {
  13. header("Location: ../error.php?err=Could not initiate a safe session (ini_set)");
  14. exit();
  15. }
  16. $cookieParams = session_get_cookie_params();
  17. session_set_cookie_params($cookieParams["lifetime"],
  18. $cookieParams["path"],
  19. $cookieParams["domain"],
  20. $secure,
  21. $httponly);
  22. session_name($session_name);
  23. }
  24. }
  25. function connect_to_db(){
  26. $servername = "localhost";
  27. $db_name = "db_name";
  28. $db_username = "db_user";
  29. $db_password = "db_pass";
  30.  
  31. // Create connection
  32. $conn = new mysqli($servername, $db_username, $db_password, $db_name);
  33.  
  34. // Check connection
  35. if ($conn->connect_error) {
  36. setPrivateFlash("Connection to database failed".$conn->connect_error);
  37. die();
  38. }
  39.  
  40. return $conn;
  41. }
  42.  
  43. $conn = connect_to_db();
  44.  
  45. function sendView($view, $isWithAds){
  46. if ($isWithAds){
  47. include ("ads.php");
  48. }
  49. include ('header.php');
  50. echo '<div id="wrapper">';
  51. include ($view);
  52. echo '</div>';
  53. include ('footer.php');
  54. }
  55. function loggedin(){
  56. if (isset($_SESSION['loggedin'])){
  57. return true;
  58. }
  59. else{
  60. return false;
  61. }
  62. }
  63. function listErrorResults($result){
  64. if ($result->num_rows > 0){
  65. while($row = $result->fetch_assoc()){
  66. echo "<div class='row'>
  67. <div class='result-item inline center'>";
  68. $user = getUserByID($row["user_submitted"]);
  69. $definitionsResult = getDefinitions($row['id']);
  70. echo $definitionsResult->num_rows
  71. ."<div class='subtext'>
  72. definitions
  73. </div>
  74. </div>
  75. <div class='result-item inline word-wrap'>
  76. <div><a href='?error-post&id="
  77. .$row["id"]
  78. ."'>"
  79. .$row["description"]
  80. ."</a>
  81. </div>";
  82. $definitions = array();
  83. while($definitionRow = $definitionsResult->fetch_assoc()){
  84. $definitions[$definitionRow["source"]] = [""];
  85. }
  86. foreach ($definitions as $key => $definition){
  87. echo "<div class='tag-item subtext inline'>"
  88. .$key
  89. ."</div>";
  90. }
  91. echo "<div class='subtext inline'>Added "
  92. .$row["date_submitted"]
  93. ." by <a href='#'>"
  94. .$user['username']
  95. ."</a> <span title='reputation'>"
  96. .$user['reputation']
  97. ."</span>
  98. </div>
  99. </div>
  100. </div><hr>";
  101. }
  102. }
  103. else{
  104. echo "No results match your search. Please try again";
  105. }
  106. }
  107. function getUserByID($id){
  108. $result = selectQuery("select * from user where id=$id;");
  109. if ($result->num_rows > 0) {
  110. while($row = $result->fetch_assoc()){
  111. return $row;
  112. }
  113. } else {
  114. setPrivateFlash("Error: user not found.");
  115. }
  116. }
  117. function getFlagsByErrorId($error_id){
  118. return selectQuery("select * from error_flag where error_id=$error_id;");
  119. }
  120. function login($username, $password){
  121. $result = selectQuery("select * from user where password='$password' and username='$username';");
  122. if ($result->num_rows > 0) {
  123. while($row = $result->fetch_assoc()){
  124. $_SESSION['username'] = $username;
  125. $_SESSION['user_id'] = $row["id"];
  126. $_SESSION['loggedin'] = true;
  127. $_SESSION['user_role'] = $row["role"];
  128. }
  129. updateReputation($row["id"]);
  130. setFlash("Logged In");
  131.  
  132. } else {
  133. setFlash("Error: user password combination not found.");
  134. }
  135. }
  136. function logout(){
  137. unset($_SESSION['username']);
  138. unset($_SESSION['loggedin']);
  139. unset($_SESSION['user_id']);
  140. unset($_SESSION['role']);
  141. setFlash("Logged Out");
  142. }
  143. function register($username, $password, $email){
  144. executeQuery("insert into user (username, password, email) values ('$username', '$password', '$email');");
  145. }
  146. function updateEmail($user_id, $email){
  147. executeQuery("update user set email='$email' where id='$user_id';");
  148. }
  149. function updatePassword($user_id, $old_password, $new_password, $code, $email){
  150. if (isset($code) && isset($email)){
  151. $result = selectQuery("select * from password_reset_code where email='$email' and code=$code");
  152. if ($result->num_rows > 0){
  153. executeQuery("update user set password='$new_password' where email='$email';");
  154. executeQuery("delete from password_reset_code where email='$email';");
  155. setFlash("email:".$email." code:".$code);
  156. }
  157. }
  158. else{
  159. executeQuery("update user set password='$new_password' where id='$user_id' and password='$old_password';");
  160. }
  161. }
  162. function resetPassword($email){
  163. $result = selectQuery("select * from user where email='$email'");
  164. if ($result->num_rows > 0){
  165. setFlash("didn't find email");
  166. while($row = $result->fetch_assoc()){
  167. $code = rand ( 100000000000000000 , 999999999999999999 );
  168. setFlash("sendingEmail");
  169. mail($email, 'noreply', "Please use the following link to reset your password:rnrnhttp://website.org/eMre2011/?function=verify-password&code=".$code."&email=".$email );
  170. executeQuery("insert into password_reset_code (code, email) values ($code, '$email');");
  171. }
  172. }
  173. else{
  174. setFlash("Could not find email: $email");
  175. }
  176. }
  177. function verifyPassword($email, $code){
  178. $result = selectQuery("select * from password_reset_code where email='$email' and code=$code");
  179. if ($result->num_rows > 0){
  180. while($row = $result->fetch_assoc()){
  181. return true;
  182. }
  183. }
  184. else{
  185. setFlash("Could not find code/email combination: $code/$email");
  186. return false;
  187. }
  188. }
  189. function addErrorPost($description, $date, $user_id){
  190. if (!selectQuery("select * from error_post where description = '$description' and user_submitted = '$user_id' and date_submitted = '$date';")->num_rows > 0){
  191. executeQuery("insert into error_post (description, date_submitted, user_submitted) values ('$description', '$date_submitted', '$user_id');");
  192. setFlash("Error logged successfully");
  193. $result=selectQuery("select * from error_post where description = '$description' and user_submitted = '$user_submitted' and date_submitted = '$date';");
  194. if ($result->num_rows > 0) {
  195. while($row = $result->fetch_assoc()){
  196. subscribe('post', $row['id']);
  197. }
  198. }
  199. }
  200. }
  201. function addErrorFlag($error_id, $user_id){
  202. executeQuery("insert ignore into error_flag (error_id, user_id) values ('$error_id', '$user_id');");
  203. }
  204. function addVote($user_id, $definition_id, $up){
  205. executeQuery("insert into vote (user_id, definition_id, up) values ($user_id, $definition_id, $up) on duplicate key update up=$up ");
  206. }
  207. function deleteErrorPost($error_id){
  208. executeQuery("delete from error_post where id=$error_id;");
  209. setFlash("Error Deleted");
  210. }
  211. function getErrorPost($id){
  212. executeQuery("insert ignore into post_view (post_id, user_id) values ('$id', '".$_SESSION['user_id']."');");
  213. $result=selectQuery("select count(user_id) as total from post_view where post_id='$id'");
  214. $data=$result->fetch_assoc();
  215. $total=$data['total'];
  216. executeQuery("update error_post set views='$total' where id='$id';");
  217. return selectQuery("select * from error_post where id='$id';");
  218. }
  219. function getAllErrorPosts(){
  220. return selectQuery("select * from error_post order by id desc;");
  221. }
  222. function searchErrorPosts($search_terms){
  223. $keyWords = explode (' ', $search_terms);
  224. $query = "select * from error_post where description like ";
  225. foreach ($keyWords as $value){
  226. if ($value != $keyWords[0]){
  227. $query = $query." or description like ";
  228. }
  229. $query = $query."'%$value%'";
  230. }
  231. $query = $query.";";
  232. return selectQuery($query);
  233. }
  234. function addDefinition($source, $definition, $errorPostId, $userId, $date){
  235. executeQuery("insert into definition (source, definition_content, error_post_id, user_id, date) values ('$source', '$definition', '$errorPostId', '$userId', '$date');");
  236. $result=selectQuery("select * from subscription where type = 'post' and type_id = '$errorPostId';");
  237. if ($result->num_rows > 0){
  238. while($row = $result->fetch_assoc()){
  239. mail($row['email'], 'subscribed update', "Somebody added a definition for a post you are following. Follow this link to view the post:rnrn
  240. http://website.org/eMre2011/?error-post&id=$errorPostId", $headers);
  241. }
  242. }
  243. $result=selectQuery("select * from definition where source = '$source' and definition_content = '$definition' and error_post_id = '$errorPostId' and date = '$date'
  244. and user_id = '$userId';");
  245. if ($result->num_rows > 0){
  246. while($row = $result->fetch_assoc()){
  247. $result2=selectQuery("select * from user where id = '$userId';");
  248. if ($result2->num_rows > 0){
  249. while($row2 = $result2->fetch_assoc()){
  250. subscribe('definition', $row['id'], $row2['email']);
  251. subscribe('post', $errorPostId, $row2['email']);
  252. }
  253. }
  254. }
  255. }
  256. }
  257. function getDefinitions($errorPostId){
  258. return selectQuery("select * from definition where error_post_id='$errorPostId' order by votes desc;");
  259. }
  260. function updateDefinition($definition_id){
  261. $numVotes = 0;
  262. $result = selectQuery("select * from vote where definition_id='$definition_id';");
  263. if ($result->num_rows > 0){
  264. while($row = $result->fetch_assoc()){
  265. if ($row['up']){
  266. $numVotes++;
  267. }
  268. else{
  269. $numVotes--;
  270. }
  271. }
  272. }
  273. executeQuery("update definition set votes=$numVotes where id=$definition_id;");
  274. $result=selectQuery("select * from definition where error_post_id='$errorPostId' order by votes desc;");
  275. if ($result->num_rows > 0){
  276. $row = $result->fetch_assoc();
  277. executeQuery("update definition set elected=true where id=".$row['id'].";");
  278. executeQuery("update definition set elected=true where id=".$row['id']." and error_post_id='$errorPostId';");
  279. }
  280. }
  281. function subscribe($type, $id, $email){
  282. executeQuery("insert into subscription (type, type_id, email) values ('$type', '$id', '$email');");
  283. }
  284. function updateReputation($user_id){
  285. //insert calculation for user reputation.
  286. }
  287. function executeQuery($query){
  288. global $conn;
  289. if ($conn->query($query) === TRUE){
  290. //setFlash("Success");
  291. } else {
  292. setFlash("Error: " . $query . "<br>" . $conn->error);
  293. }
  294. }
  295. function selectQuery($query){
  296. global $conn;
  297. $result = $conn->query($query);
  298. return $result;
  299. }
  300. function sendFeedback($feedback, $subject){
  301. mail('info@website.org', $subject, $feedback);
  302. }
  303. function setFlash($message){
  304. $_SESSION['flash'] = "$message";
  305. }
  306. function setPrivateFlash($message){
  307. $_SESSION['flash-private'] = "$message";
  308. }
  309. function unsetFlash(){
  310. unset($_SESSION['flash']);
  311. unset($_SESSION['flash-private']);
  312. }
  313. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!