Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?PHP
- /* -----------------------------------------------------
- Bo-Blog 2 : The Blog Reloaded.
- <<A Bluview Technology Product>>
- 禁止使用Windows记事本修改文件,由此造成的一切使用不正常恕不解答!
- PHP+MySQL blog system.
- Code: Bob Shen
- Offical site: http://www.bo-blog.com
- Copyright (c) Bob Shen 中国-上海
- In memory of my university life
- ------------------------------------------------------- */
- if (!defined('VALIDREQUEST')) die ('Access Denied.');
- acceptrequest('job', 1);
- if (!$job) {
- $urlreturn=($_SERVER['HTTP_REFERER']=='') ? "index.php" : $_SERVER['HTTP_REFERER'];
- $m_b=new getblogs;
- $jobs="login.php?job=verify";
- $actionnow="{$lnc[253]} [<a href=\"login.php?job=register\">{$lnc[254]}</a>]";
- $formbody.=$t->set('form_eachline', array('text'=>"*{$lnc[132]}", 'formelement'=>"<input name='username' type='text' id='username' size='24' class='text' /><input type='hidden' name='urlreturn' value='{$urlreturn}' />"));
- $formbody.=$t->set('form_eachline', array('text'=>"*{$lnc[133]}", 'formelement'=>"<input type='password' class='text' size='24' name='password' id='password' />"));
- if ($mbcon['enableopenid']=='1') {
- $formbody.=$t->set('form_eachline', array('text'=>"", 'formelement'=>"{$lnc[314]}:"));
- $formbody.=$t->set('form_eachline', array('text'=>"OpenID", 'formelement'=>"<input name='openid_url' type='text' id='openid_url' size='32' class='text' />"));
- }
- $formbody.=$t->set('form_eachline', array('text'=>' ', 'formelement'=>"<input name=\"savecookie\" type=\"checkbox\" id=\"savecookie\" value=\"1\" checked='checked' />{$lnc[284]}"));
- plugin_runphp('loginform');
- if ($config['loginvalidation']==1) {
- $rand=rand (0,100000);
- $formbody.=$t->set('form_eachline', array('text'=>"*{$lnc[249]}", 'formelement'=>"<span id='securityimagearea'><img src='inc/securitycode.php?rand={$rand}' alt='' title='{$lnc[250]}'/></span> <input name='securitycode' type='text' id='securitycode' size='16' class='text' /> {$lnc[251]} [<a href=\"javascript: refreshsecuritycode('securityimagearea', 'securitycode');\">{$lnc[283]}</a>]"));
- }
- $section_body_main=$t->set('register', array('title'=>$actionnow, 'job'=>$jobs, 'registerbody'=>$formbody));
- announcebar();
- $bodymenu=$t->set('mainpage', array('pagebar'=>'', 'iftoppage'=>'none', 'ifbottompage'=>'none', 'ifannouncement'=>$ifannouncement, 'topannounce'=>$topannounce, 'mainpart'=>$section_body_main, 'currentpage'=>'', 'previouspageurl'=>'', 'nextpageurl'=>'', 'turningpages'=>'', 'totalpages'=>'', 'previouspageexists'=>'', 'nextpageexists'=>''));
- }
- if ($job=='adminlog') {
- $t=new template;
- $jobs="login.php?job=adminverify";
- $actionnow=$lnc[273];
- $formbody.=$t->set('form_eachline', array('text'=>$lnc[274], 'formelement'=>$lnc[275]));
- $formbody.=$t->set('form_eachline', array('text'=>"*{$lnc[132]}", 'formelement'=>"<input type='text' class='text' size='16' name='username' value='{$userdetail['username']}' disabled='disabled' />"));
- $formbody.=$t->set('form_eachline', array('text'=>"*{$lnc[133]}", 'formelement'=>"<input type='password' class='text' size='16' name='ipassword' />"));
- $section_body_main=$t->set('register', array('title'=>$actionnow, 'job'=>$jobs, 'registerbody'=>$formbody));
- announcebar();
- $bodymenu=$t->set('mainpage', array('pagebar'=>$pagebar, 'iftoppage'=>'none', 'ifbottompage'=>'none', 'ifannouncement'=>$ifannouncement, 'topannounce'=>$topannounce, 'mainpart'=>$section_body_main, 'currentpage'=>'', 'previouspageurl'=>'', 'nextpageurl'=>'', 'turningpages'=>'', 'totalpages'=>'', 'previouspageexists'=>'', 'nextpageexists'=>''));
- }
- if ($job=='adminverify') {
- acceptrequest('ipassword');
- $password=md5($_POST['ipassword']);
- $username=safe_convert(mystrtolower($userdetail['username']));
- $try=$blog->getbyquery("SELECT * FROM `{$db_prefix}user` WHERE LOWER(username)='{$username}'");
- if (!is_array($try)) {
- catcherror ($lnc[276]);
- } elseif ($try['userpsw']!=$password) {
- catcherror ($lnc[276]);
- }
- if ($db_defaultsessdir!=1) session_save_path("./{$db_tmpdir}");
- session_cache_limiter("private, must-revalidate");
- session_start();
- $_SESSION['admin_userid']=$try['userid'];
- $_SESSION['admin_psw']=$try['userpsw'];
- catchsuccess ($lnc[277], "{$lnc[278]}|admin.php");
- exit();
- }
- if (($job=='register' || $job=='doregister') && $logstat==1) catcherror($lnc[130]);
- if (($job=='modpro' || $job=='domodpro') && ($logstat!=1 || $userdetail['userid']==-1)) catcherror($lnc[131]);
- if ($job=='register' || $job=='modpro') {
- if ($config['registeron']!='1' && $job=='register') {
- catcherror($config['registeroffmess']);
- }
- $t=new template;
- if ($job=='register') {
- $actionnow=$lnc[79];
- $jobs="login.php?job=doregister";
- $formbody.=$t->set('form_eachline', array('text'=>"", 'formelement'=>"<p style=\"color: red; font-weight: bold;\">Lưu ý: Dòng có * bắt buộc phải nhập</p>"));
- $formbody.=$t->set('form_eachline', array('text'=>"*Tên tài khoản", 'formelement'=>"<input type='text' class='text' size='16' name='username' />"));
- $formbody.=$t->set('form_eachline', array('text'=>"*Mật khẩu", 'formelement'=>"<input type='password' class='text' size='16' name='password' />"));
- $formbody.=$t->set('form_eachline', array('text'=>"*{$lnc[134]}", 'formelement'=>"<input type='password' class='text' size='16' name='confirmpsw' />"));
- }
- if ($job=='modpro') {
- $jobs="login.php?job=domodpro";
- $actionnow=$lnc[90];
- $formbody.=$t->set('form_eachline', array('text'=>"*{$lnc[135]}", 'formelement'=>"<input type='password' class='text' size='16' name='password' /> {$lnc[137]}"));
- $formbody.=$t->set('form_eachline', array('text'=>"*{$lnc[136]}", 'formelement'=>"<input type='password' class='text' size='16' name='newpsw' /> {$lnc[137]}"));
- $formbody.=$t->set('form_eachline', array('text'=>"*{$lnc[138]}", 'formelement'=>"<input type='password' class='text' size='16' name='confirmpsw' /> {$lnc[137]}"));
- }
- $formbody.=$t->set('form_eachline', array('text'=>$lnc[139], 'formelement'=>"<input type='text' class='text' size='16' name='email' value='".stripslashes($userdetail['email'])."'/>"));
- if (($job=='register' && $mbcon['regadvance']=='1') || $job=='modpro') {
- $formbody.=$t->set('form_eachline', array('text'=>'*Số điện thoại', 'formelement'=>"<input type='text' class='text' size='16' name='skype' value='".stripslashes($userdetail['skype'])."'/>"));
- $formbody.=$t->set('form_eachline', array('text'=>'Họ & Tên', 'formelement'=>"<input type='text' class='text' size='16' name='homepage' value='".stripslashes($userdetail['homepage'])."'/>"));
- $formbody.=$t->set('form_eachline', array('text'=>'Năm sinh', 'formelement'=>"<select name='birthday'>
- <option value=''>Chọn</option>
- <option value='2005'>2005</option>
- <option value='2004'>2004</option>
- <option value='2003'>2003</option>
- <option value='2002'>2002</option>
- <option value='2001'>2001</option>
- <option value='2000'>2000</option>
- <option value='1999'>1999</option>
- <option value='1998'>1998</option>
- <option value='1997'>1997</option>
- <option value='1996'>1996</option>
- <option value='1995'>1995</option>
- <option value='1994'>1994</option>
- <option value='1993'>1993</option>
- <option value='1992'>1992</option>
- <option value='1991'>1991</option>
- <option value='1990'>1990</option>
- <option value='1989'>1989</option>
- <option value='1988'>1988</option>
- <option value='1987'>1987</option>
- <option value='1986'>1986</option>
- <option value='1985'>1985</option>
- <option value='1984'>1984</option>
- <option value='1983'>1983</option>
- <option value='1982'>1982</option>
- <option value='1981'>1981</option>
- <option value='1980'>1980</option>
- <option value='1979'>1979</option>
- <option value='1978'>1978</option>
- <option value='1977'>1977</option>
- <option value='1976'>1976</option>
- <option value='1975'>1975</option>
- <option value='1974'>1974</option>
- <option value='1973'>1973</option>
- <option value='1972'>1972</option>
- <option value='1971'>1971</option>
- <option value='1970'>1970</option>
- <option value='1969'>1969</option>
- <option value='1968'>1968</option>
- <option value='1967'>1967</option>
- <option value='1966'>1966</option>
- <option value='1965'>1965</option>
- <option value='1964'>1964</option>
- <option value='1963'>1963</option>
- <option value='1962'>1962</option>
- <option value='1961'>1961</option>
- <option value='1960'>1960</option>
- <option value='1959'>1959</option>
- <option value='1958'>1958</option>
- <option value='1957'>1957</option>
- <option value='1956'>1956</option>
- <option value='1955'>1955</option>
- <option value='1954'>1954</option>
- <option value='1953'>1953</option>
- <option value='1952'>1952</option>
- <option value='1951'>1951</option>
- <option value='1950'>1950</option>
- </select>"));
- $formbody.=$t->set('form_eachline', array('text'=>'Nghề nghiệp', 'formelement'=>"<input type='text' class='text' size='16' name='msn' value='".stripslashes($userdetail['msn'])."'/>"));
- $formbody.=$t->set('form_eachline', array('text'=>$lnc[146], 'formelement'=>"<select name='from'>
- <option value=''>Chọn</option>
- <option value='An Giang'>An Giang</option>
- <option value='Bà Rịa Vũng Tàu'>Bà Rịa - Vũng Tàu</option>
- <option value='Bắc Giang'>Bắc Giang</option>
- <option value='Bắc Giang'>Bắc Giang</option>
- <option value='Bạc Liêu'>Bạc Liêu</option>
- <option value='Bắc Ninh'>Bắc Ninh</option>
- <option value='Bến Tre'>Bến Tre</option>
- <option value='Bình Định'>Bình Định</option>
- <option value='Bình Dương'>Bình Dương</option>
- <option value='Bình Phước'>Bình Phước</option>
- <option value='Bình Thuận'>Bình Thuận</option>
- <option value='Cà Mau'>Cà Mau</option>
- <option value='Cao Bằng'>Cao Bằng</option>
- <option value='Đà Nẵng'>Đà Nẵng</option>
- <option value='Đắk Lắk'>Đắk Lắk</option>
- <option value='Đắk Nông'>Đắk Nông</option>
- <option value='Điện Biên'>Điện Biên</option>
- <option value='Đồng Nai'>Đồng Nai</option>
- <option value='Đồng Tháp'>Đồng Tháp</option>
- <option value='Gia Lai'>Gia Lai</option>
- <option value='Hà Giang'>Hà Giang</option>
- <option value='Hà Nam'>Hà Nam</option>
- <option value='Hà Nội'>Hà Nội</option>
- <option value='Hà Tĩnh'>Hà Tĩnh</option>
- <option value='Hải Dương'>Hải Dương</option>
- <option value='Hải Phòng'>Hải Phòng</option>
- <option value='Hậu Giang'>Hậu Giang</option>
- <option value='Hòa Bình'>Hòa Bình</option>
- <option value='Hưng Yên'>Hưng Yên</option>
- <option value='Khánh Hòa'>Khánh Hòa</option>
- <option value='Kiên Giang'>Kiên Giang</option>
- <option value='Kon Tum'>Kon Tum</option>
- <option value='Lai Châu'>Lai Châu</option>
- <option value='Lâm Đồng'>Lâm Đồng</option>
- <option value='Lạng Sơn'>Lạng Sơn</option>
- <option value='Lào Cai'>Lào Cai</option>
- <option value='Long An'>Long An</option>
- <option value='Nam Định'>Nam Định</option>
- <option value='Nghệ An'>Nghệ An</option>
- <option value='Ninh Bình'>Ninh Bình</option>
- <option value='Ninh Thuận'>Ninh Thuận</option>
- <option value='Phú Thọ'>Phú Thọ</option>
- <option value='Quảng Bình'>Quảng Bình</option>
- <option value='Quảng Nam'>Quảng Nam</option>
- <option value='Quảng Ngãi'>Quảng Ngãi</option>
- <option value='Quảng Ninh'>Quảng Ninh</option>
- <option value='Quảng Trị'>Quảng Trị</option>
- <option value='Sóc Trăng'>Sóc Trăng</option>
- <option value='Sơn La'>Sơn La</option>
- <option value='Tây Ninh'>Tây Ninh</option>
- <option value='Thái Bình'>Thái Bình</option>
- <option value='Thái Nguyên'>Thái Nguyên</option>
- <option value='Thanh Hóa'>Thanh Hóa</option>
- <option value='Thừa Thiên Huế'>Thừa Thiên Huế</option>
- <option value='Tiền Giang'>Tiền Giang</option>
- <option value='TP HCM'>TP. HCM</option>
- <option value='Trà Vinh'>Trà Vinh</option>
- <option value='Tuyên Quang'>Tuyên Quang</option>
- <option value='Vĩnh Long'>Vĩnh Long</option>
- <option value='Vĩnh Phúc'>Vĩnh Phúc</option>
- <option value='Yên Bái'>Yên Bái</option>
- <option value='Phú Yên'>Phú Yên</option>
- </select>"));
- $sex_sel=array('0'=>$lnc[141], '1'=>$lnc[142], '2'=>$lnc[143]);
- $sex_choice=array('0'=>'', '1'=>'', '2'=>'');
- $tmp_gender=$userdetail['gender'];
- $sex_choice[$tmp_gender]="checked=checked";
- $formbody.=$t->set('form_eachline', array('text'=>$lnc[144], 'formelement'=>"<input type='radio' name='gender' value='1' {$sex_choice[1]}/>{$lnc[142]} <input type='radio' name='gender' value='2' {$sex_choice[2]}/>{$lnc[143]} "));
- }
- plugin_runphp('registerform');
- if ($job=='register' && $config['registervalidation']==1) {
- $rand=rand (0,100000);
- $formbody.=$t->set('form_eachline', array('text'=>$lnc[249], 'formelement'=>"<span id='securityimagearea'><img src='inc/securitycode.php?rand={$rand}' alt='' title='{$lnc[250]}'/></span> <input name='securitycode' type='text' id='securitycode' size='16' class='text' /> {$lnc[251]} [<a href=\"javascript: refreshsecuritycode('securityimagearea', 'securitycode');\">{$lnc[283]}</a>]"));
- }
- $section_body_main=$t->set('register', array('title'=>$actionnow, 'job'=>$jobs, 'registerbody'=>$formbody));
- announcebar();
- $bodymenu=$t->set('mainpage', array('pagebar'=>$pagebar, 'iftoppage'=>'none', 'ifbottompage'=>'none', 'ifannouncement'=>$ifannouncement, 'topannounce'=>$topannounce, 'mainpart'=>$section_body_main, 'currentpage'=>'', 'previouspageurl'=>'', 'nextpageurl'=>'', 'turningpages'=>'', 'totalpages'=>'', 'previouspageexists'=>'', 'nextpageexists'=>''));
- }
- if ($job=='doregister' || $job=='domodpro') {
- acceptrequest('password,confirmpsw,email,homepage,gender,qq,msn,birthday,skype,from,intro,avatartype,avatarvalue', 0, 'post');
- extract_forbidden();
- if ($job=='doregister') {
- acceptrequest('username', 0, 'post');
- if ($config['registervalidation']==1) {
- acceptrequest('securitycode');
- if ($db_defaultsessdir!=1) session_save_path("./{$db_tmpdir}");
- session_cache_limiter("private, must-revalidate");
- session_start();
- if ($securitycode=='' || strtolower($securitycode)!=strtolower($_SESSION['code'])) catcherror($lnc[165]);
- }
- $username=trimplus(safe_convert($username));
- if ($username==='') catcherror ($lnc[154]);
- if (strlen($username)<$mbcon['minusenamelen'] || strlen($username)>$mbcon['maxusenamelen']) catcherror ($lnc[155]);
- if ($password==='' || $password!=$confirmpsw || strlen($password)<$mbcon['minpswlen']) catcherror ($lnc[156]);
- else $password=md5($password);
- $usercheck=mystrtolower($username);
- $try=$blog->getbyquery("SELECT userid FROM `{$db_prefix}user` WHERE LOWER(username)='{$usercheck}'");
- if (is_array($try)) catcherror ($lnc[157]);
- if (preg_search($username, $forbidden['banword']) || preg_search($username, $forbidden['keep'])) catcherror ($lnc[158]);
- } else {
- if ($password!=='') {
- if (md5($password)!=$userdetail['userpsw']) catcherror ($lnc[159]);
- acceptrequest('newpsw', 0, 'post');
- if ($newpsw==='' || $newpsw!=$confirmpsw || strlen($newpsw)<$mbcon['minpswlen']) catcherror ($lnc[160]);
- $userdetail['userpsw']=md5($newpsw); //PSW Changed here
- }
- }
- $email=trimplus(safe_convert($email));
- $homepage=trimplus(safe_convert($homepage));
- $gender=floor($gender);
- $qq=floor($qq);
- $birthday=trimplus(safe_convert($birthday));
- $msn=trimplus(safe_convert($msn));
- $skype=trimplus(safe_convert($skype));
- $from=trimplus(safe_convert($from));
- $intro=trimplus(safe_convert($intro));
- $avatartype=floor($avatartype);
- $avatarvalue=basename(trimplus(safe_convert($avatarvalue)));
- $avatarall="{$avatartype}|{$avatarvalue}";
- if (preg_search($intro, $forbidden['banword'])) catcherror ($lnc[161]);
- plugin_runphp('registerprocess');
- if ($job=='doregister') {
- $maxrecord=$blog->getsinglevalue("{$db_prefix}maxrec");
- $currentuserid=$maxrecord['maxuserid']+1;
- $imajikan=time();
- $blog->query("INSERT INTO `{$db_prefix}user` VALUES ('{$currentuserid}', '{$username}', '{$password}', '{$imajikan}', '1', '{$email}', '{$homepage}', '{$qq}', '{$msn}', '{$intro}', '{$gender}', '{$skype}', '{$from}', '{$birthday}', '{$userdetail['ip']}', '{$avatarall}','','','')");
- $blog->query("UPDATE `{$db_prefix}maxrec` SET `maxuserid`=`maxuserid`+1");
- $blog->query("UPDATE `{$db_prefix}counter` SET `users`=`users`+1");
- @setcookie ('userid', $currentuserid);
- @setcookie ('userpsw', $password);
- catchsuccess($lnc[162], "{$lnc[163]}|index.php");
- } else {
- $blog->query("UPDATE `{$db_prefix}user` SET `userpsw`='{$userdetail['userpsw']}', `email`='{$email}', homepage='{$homepage}', qq='{$qq}', msn='{$msn}', intro='{$intro}', gender='{$gender}', skype='{$skype}', `fromplace`='{$from}', birthday='{$birthday}', avatar='{$avatarall}' WHERE `userid`='{$userdetail['userid']}'");
- @setcookie ('userid', '', time()-3600);
- @setcookie ('userpsw', '', time()-3600);
- @setcookie ('userid', $userdetail['userid']);
- @setcookie ('userpsw', $userdetail['userpsw']);
- catchsuccess($lnc[164], "{$lnc[163]}|index.php");
- }
- }
- if ($job=='verify') {
- acceptrequest('savecookie,securitycode,urlreturn,openid_url');
- if ($config['loginvalidation']==1) {
- if ($db_defaultsessdir!=1) session_save_path("./{$db_tmpdir}");
- session_cache_limiter("private, must-revalidate");
- session_start();
- if ($securitycode=='' || strtolower($securitycode)!=strtolower($_SESSION['code'])) catcherror($lnc[165]);
- }
- if ($openid_url) {
- if ($mbcon['enableopenid']!='1') catcherror($lnc[315].$lnc[319]);
- $openid = $openid_url;
- $process_url = "{$config['blogurl']}/login.php?job=openidverify&savecookie={$savecookie}&urlreturn=".urlencode($urlreturn)."&securitycode={$securitycode}";
- prepareOpenID($openid, $process_url);
- exit();
- }
- $password=md5($_POST['password']);
- $username=safe_convert(mystrtolower($_POST['username']));
- plugin_runphp('loginprocess');
- $try=$blog->getbyquery("SELECT * FROM `{$db_prefix}user` WHERE LOWER(username)='{$username}' AND `userpsw`='{$password}'");
- if (!is_array($try)) {
- catcherror ($lnc[166]);
- } else {
- //die($try['nganluong_time']);
- $userid=$try['userid'];
- if ($savecookie==0) {
- setcookie ('userid', $userid);
- setcookie ('userpsw', $password);
- } else {
- $savecookielong=3600*24*30;
- setcookie ('userid', $userid, time()+$savecookielong);
- setcookie ('userpsw', $password, time()+$savecookielong);
- }
- $redirection=array("{$lnc[309]}|{$urlreturn}", "{$lnc[163]}|index.php");
- if ($try['usergroup']=='2') {
- $redirection[]="{$lnc[107]}|admin.php";
- $redirection[]="{$lnc[108]}|write.php?act=edit";
- }
- $savecookielong = 3600*24*30;
- setcookie ('nganluong_time', $try['nganluong_time'],time()+$savecookielong);
- setcookie ('nganluong_time_end', $try['nganluong_time_end'],time()+$savecookielong);
- catchsuccess ("{$lnc[167]} ".$username, $redirection);
- }
- }
- if ($job=='openidverify') {
- if ($mbcon['enableopenid']!='1') catcherror($lnc[315].$lnc[319]);
- $openidresult=completeOpenID();
- acceptrequest('savecookie,securitycode,urlreturn');
- if ($config['loginvalidation']==1) {
- if ($db_defaultsessdir!=1) session_save_path("./{$db_tmpdir}");
- session_cache_limiter("private, must-revalidate");
- session_start();
- if ($securitycode=='' || strtolower($securitycode)!=strtolower($_SESSION['code'])) catcherror($lnc[165]);
- }
- if ($savecookie==0) {
- setcookie ('openid_url_id', $openidresult['openidurl']);
- } else {
- $savecookielong=3600*24*30;
- setcookie ('openid_url_id', $openidresult['openidurl'], time()+$savecookielong);
- }
- $redirection=array("{$lnc[309]}|{$urlreturn}", "{$lnc[163]}|index.php");
- catchsuccess ("{$lnc[317]} ".$openidresult['openidurl'], $redirection);
- }
- if ($job=='logout') {
- plugin_runphp('logoutprocess');
- define ('isLogout', 1);
- setcookie ('userid', '', time()-3600);
- setcookie ('userpsw', '', time()-3600);
- setcookie ('openid_url_id', '', time()-3600);
- setcookie ('bloglanguage', '', time()-3600);
- setcookie ('blogtemplate', '', time()-3600);
- catchsuccess ($lnc[168], "{$lnc[163]}|index.php");
- }
- if ($job=='applylink') {
- checkpermission ('ApplyLink');
- $mycode1="<a href=\"{$config['blogurl']}\" target=\"_blank\" title=\"{$config['blogname']}\">{$config['blogname']}</a>";
- $mycode2="<a href=\"{$config['blogurl']}\" target=\"_blank\"><img src=\"{$config['bloglogo']}\" title=\"{$config['blogname']}\" alt=\"{$config['blogname']}\" border=\"0\"/></a>";
- $mycode1=htmlspecialchars($mycode1);
- $mycode2=htmlspecialchars($mycode2);
- $t=new template;
- $actionnow=$lnc[109];
- $jobs="login.php?job=doapplylink";
- $formbody.=$t->set('form_eachline', array('text'=>"*{$lnc[169]}", 'formelement'=>"<input type='text' class='text' size='20' name='sitename' />"));
- $formbody.=$t->set('form_eachline', array('text'=>"*{$lnc[170]}", 'formelement'=>"<input type='text' class='text' size='30' name='siteurl' />"));
- $formbody.=$t->set('form_eachline', array('text'=>$lnc[171], 'formelement'=>"<input type='text' class='text' size='30' name='sitelogo' /> {$lnc[172]}"));
- $formbody.=$t->set('form_eachline', array('text'=>$lnc[173], 'formelement'=>"<input type='text' class='text' size='30' name='siteintro' /> {$lnc[174]}"));
- $formbody.=$t->set('form_eachline', array('text'=>$lnc[175], 'formelement'=>"{$lnc[176]}<br/><ul><li>{$lnc[177]}<br/><textarea class='text' cols='40' rows='2' name='sitemycode1'>{$mycode1}</textarea></li><li>{$lnc[178]}<br/><textarea class='text' cols='40' rows='2' name='sitemycode2'>{$mycode2}</textarea></li></ul>"));
- if ($config['applylinkvalidation']==1) {
- $rand=rand (0,100000);
- $formbody.=$t->set('form_eachline', array('text'=>$lnc[249], 'formelement'=>"<span id='securityimagearea'><img src='inc/securitycode.php?rand={$rand}' alt='' title='{$lnc[250]}'/></span> <input name='securitycode' type='text' id='securitycode' size='16' class='text' /> {$lnc[251]} [<a href=\"javascript: refreshsecuritycode('securityimagearea', 'securitycode');\">{$lnc[283]}</a>]"));
- }
- $section_body_main=$t->set('register', array('title'=>$actionnow, 'job'=>$jobs, 'registerbody'=>$formbody));
- announcebar();
- $bodymenu=$t->set('mainpage', array('pagebar'=>$pagebar, 'iftoppage'=>'none', 'ifbottompage'=>'none', 'ifannouncement'=>$ifannouncement, 'topannounce'=>$topannounce, 'mainpart'=>$section_body_main, 'currentpage'=>'', 'previouspageurl'=>'', 'nextpageurl'=>'', 'turningpages'=>'', 'totalpages'=>'', 'previouspageexists'=>'', 'nextpageexists'=>''));
- }
- if ($job=='doapplylink') {
- checkpermission ('ApplyLink');
- acceptrequest('sitename,siteurl,sitelogo,siteintro');
- if ($config['applylinkvalidation']==1) {
- acceptrequest('securitycode');
- if ($db_defaultsessdir!=1) session_save_path("./{$db_tmpdir}");
- session_cache_limiter("private, must-revalidate");
- session_start();
- if ($securitycode=='' || strtolower($securitycode)!=strtolower($_SESSION['code'])) catcherror($lnc[165]);
- }
- $sitename=safe_convert(trimplus($sitename));
- $siteurl=safe_convert(trimplus($siteurl));
- $sitelogo=safe_convert(trimplus($sitelogo));
- $siteintro=safe_convert(trimplus($siteintro));
- if (!$sitename || !$siteurl) catcherror ($lnc[179]);
- $siteurl=urlconvert($siteurl);
- $sitelogo=urlconvert($sitelogo);
- $siteid=time().rand(0,10);
- if (preg_search($sitename, $forbidden['banword']) || preg_search($siteintro, $forbidden['banword']) || preg_search($siteurl, $forbidden['banword']) || preg_search($sitename, $forbidden['suspect']) || preg_search($siteintro, $forbidden['suspect']) || preg_search($siteurl, $forbidden['suspect'])) catcherror($lnc[214]);
- $addline="<?PHP exit();?><|>$siteid<|>$sitename<|>$siteurl<|>$sitelogo<|>$siteintro<|>\n";
- $filename="data/cache_applylinks.php";
- $oldcontent=@readfromfile($filename);
- $content=$addline.$oldcontent;
- if (!writetofile($filename, $content)) catcherror ($lnc[7].$filename);
- else catchsuccess ($lnc[180], "{$lnc[163]}|index.php");
- }
- if ($job=='ajaxverify') {
- acceptrequest('savecookie,securitycode');
- $savecookie=floor($savecookie);
- if ($config['loginvalidation']==1) {
- if ($db_defaultsessdir!=1) session_save_path("./{$db_tmpdir}");
- session_cache_limiter("private, must-revalidate");
- session_start();
- if ($securitycode=='' || strtolower($securitycode)!=strtolower($_SESSION['code'])) catcherror($lnc[165]);
- }
- $password=md5($_POST['password']);
- $username=safe_convert(mystrtolower($_POST['username']));
- $try=$blog->getbyquery("SELECT * FROM `{$db_prefix}user` WHERE LOWER(username)='{$username}' AND `userpsw`='{$password}'");
- if (!is_array($try)) {
- catcherror ($lnc[166]);
- } else {
- $userid=$try['userid'];
- catchsuccess ("{$userid}-{$password}-{$savecookie}");
- }
- }
- if ($job=='ajaxloginsuccess') {
- if ($permission['CP']==1) $destine=array("{$lnc[163]}|index.php", "{$lnc[107]}|admin.php");
- else $destine="{$lnc[163]}|index.php";
- catchsuccess("{$lnc[167]} ".$userdetail['username'], $destine);
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement