本文整理汇总了PHP中quickQuery函数的典型用法代码示例。如果您正苦于以下问题:PHP quickQuery函数的具体用法?PHP quickQuery怎么用?PHP quickQuery使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了quickQuery函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: _wobi_addWebseedfiles
function _wobi_addWebseedfiles($torrent_file_path, $relative_path, $httplocation, $hash)
{
$prefix = WOBI_PREFIX;
$fd = fopen($torrent_file_path, "rb") or die(errorMessage() . "File upload error 1</p>");
$alltorrent = fread($fd, filesize($torrent_file_path));
fclose($fd);
$array = BDecode($alltorrent);
// Add in Bittornado HTTP seeding spec
//
//add information into database
$info = $array["info"] or die("Invalid torrent file.");
$fsbase = $relative_path;
// We need single file only!
mysql_query("INSERT INTO " . $prefix . "webseedfiles (info_hash,filename,startpiece,endpiece,startpieceoffset,fileorder) values (\"{$hash}\", \"" . mysql_real_escape_string($fsbase) . "\", 0, " . (strlen($array["info"]["pieces"]) / 20 - 1) . ", 0, 0)");
// Edit torrent file
//
$data_array = $array;
$data_array["httpseeds"][0] = WOBI_URL . "/seed.php";
//$data_array["url-list"][0] = $httplocation;
$to_write = BEncode($data_array);
//write torrent file
$write_httpseed = fopen($torrent_file_path, "wb");
fwrite($write_httpseed, $to_write);
fclose($write_httpseed);
//add in piecelength and number of pieces
$query = "UPDATE " . $prefix . "summary SET piecelength=\"" . $info["piece length"] . "\", numpieces=\"" . strlen($array["info"]["pieces"]) / 20 . "\" WHERE info_hash=\"" . $hash . "\"";
quickQuery($query);
}示例2: send_pm
function send_pm($sender, $recepient, $subject, $msg)
{
global $FORUMLINK, $TABLE_PREFIX, $db_prefix, $CACHE_DURATION, $ipb_prefix;
if ($FORUMLINK == "ipb") {
ipb_send_pm($sender, $recepient, $subject, $msg);
} elseif (substr($FORUMLINK, 0, 3) == 'smf') {
# smf forum
# get smf_fid of recepient
$recepient = get_result('SELECT smf_fid FROM ' . $TABLE_PREFIX . 'users WHERE id=' . $recepient . ' LIMIT 1;', true, $CACHE_DURATION);
if (!isset($recepient[0])) {
return false;
}
# valid user
$recepient = $recepient[0]['smf_fid'];
if ($recepient == 0) {
return false;
}
# valid smf_fid
# get smf_fid of sender
# if sender id is invalid or 0, use System
$sender = $sender == 0 ? 0 : get_result('SELECT smf_fid, username FROM ' . $TABLE_PREFIX . 'users WHERE id=' . $sender . ' LIMIT 1;', true, $CACHE_DURATION);
if (!isset($sender[0])) {
$sender = array();
$sender['smf_fid'] = 0;
$sender['username'] = 'System';
} else {
$sender = $sender[0];
}
# insert message
quickQuery("INSERT INTO `{$db_prefix}personal_messages` (" . ($FORUMLINK == "smf" ? "`ID_MEMBER_FROM`, `fromName`" : "`id_member_from`, `from_name`") . ", `msgtime`, `subject`, `body`) VALUES (" . $sender['smf_fid'] . ", " . sqlesc($sender['username']) . ", UNIX_TIMESTAMP(), " . $subject . ", " . $msg . ")");
# get id of message
$pm_id = is_null($___mysqli_res = mysqli_insert_id($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res;
# insert recepient for message
quickQuery("INSERT INTO `{$db_prefix}pm_recipients` (" . ($FORUMLINK == "smf" ? "`ID_PM`, `ID_MEMBER`" : "`id_pm`, `id_member`") . ") VALUES (" . $pm_id . ", " . $recepient . ")");
# notify recepient
if ($FORUMLINK == "smf") {
quickQuery("UPDATE `{$db_prefix}members` SET `instantMessages`=`instantMessages`+1, `unreadMessages`=`unreadMessages`+1 WHERE `ID_MEMBER`=" . $recepient . " LIMIT 1");
} else {
quickQuery("UPDATE `{$db_prefix}members` SET `instant_messages`=`instant_messages`+1, `unread_messages`=`unread_messages`+1 WHERE `id_member`=" . $recepient . " LIMIT 1");
}
return true;
} else {
# internal PM system
# insert pm
quickQuery('INSERT INTO ' . $TABLE_PREFIX . 'messages (sender, receiver, added, subject, msg) VALUES (' . $sender . ', ' . $recepient . ', UNIX_TIMESTAMP(), ' . $subject . ', ' . $msg . ')');
return true;
}
return false;
}示例3: trimLog
/**
* (Static) Method to trim the action log (from over 500 back to 250 entries)
*/
function trimLog()
{
static $checked = 0;
// only check once per run
if ($checked) {
return;
}
// trim
$checked = 1;
$iTotal = quickQuery('SELECT COUNT(*) AS result FROM ' . sql_table('actionlog'));
// if size > 500, drop back to about 250
$iMaxSize = 500;
$iDropSize = 250;
if ($iTotal > $iMaxSize) {
$tsChop = quickQuery('SELECT timestamp as result FROM ' . sql_table('actionlog') . ' ORDER BY timestamp DESC LIMIT ' . $iDropSize . ',1');
sql_query('DELETE FROM ' . sql_table('actionlog') . ' WHERE timestamp < \'' . $tsChop . '\'');
}
}示例4: send_pm
function send_pm($sender, $recepient, $subject, $msg)
{
global $FORUMLINK, $TABLE_PREFIX, $db_prefix, $CACHE_DURATION;
if ($FORUMLINK == 'smf') {
# smf forum
# get smf_fid of recepient
$recepient = get_result('SELECT smf_fid FROM ' . $TABLE_PREFIX . 'users WHERE id=' . $recepient . ' LIMIT 1;', true, $CACHE_DURATION);
if (!isset($recepient[0])) {
return false;
}
# valid user
$recepient = $recepient[0]['smf_fid'];
if ($recepient == 0) {
return false;
}
# valid smf_fid
# get smf_fid of sender
# if sender id is invalid or 0, use System
$sender = $sender == 0 ? 0 : get_result('SELECT smf_fid, username FROM ' . $TABLE_PREFIX . 'users WHERE id=' . $sender . ' LIMIT 1;', true, $CACHE_DURATION);
if (!isset($sender[0])) {
$sender = array();
$sender['smf_fid'] = 0;
$sender['username'] = 'System';
} else {
$sender = $sender[0];
}
# insert message
quickQuery('INSERT INTO ' . $db_prefix . 'personal_messages (ID_MEMBER_FROM, fromName, msgtime, subject, body) VALUES (' . $sender['smf_fid'] . ', ' . sqlesc($sender['username']) . ', UNIX_TIMESTAMP(), ' . $subject . ', ' . $msg . ');');
# get id of message
$pm_id = mysql_insert_id();
# insert recepient for message
quickQuery('INSERT INTO ' . $db_prefix . 'pm_recipients (ID_PM, ID_MEMBER) VALUES (' . $pm_id . ', ' . $recepient . ');');
# notify recepient
quickQuery('UPDATE ' . $db_prefix . 'members SET instantMessages=instantMessages+1, unreadMessages=unreadMessages+1 WHERE ID_MEMBER=' . $recepient . ' LIMIT 1;');
return true;
} else {
# internal PM system
# insert pm
quickQuery('INSERT INTO ' . $TABLE_PREFIX . 'messages (sender, receiver, added, subject, msg) VALUES (' . $sender . ', ' . $recepient . ', UNIX_TIMESTAMP(), ' . $subject . ', ' . $msg . ')');
return true;
}
return false;
}示例5: deleteOnePlugin
/**
* @todo document this
*/
function deleteOnePlugin($pid, $callUninstall = 0)
{
global $manager;
$pid = intval($pid);
if (!$manager->pidInstalled($pid)) {
return _ERROR_NOSUCHPLUGIN;
}
$name = quickQuery('SELECT pfile as result FROM ' . sql_table('plugin') . ' WHERE pid=' . $pid);
/* // call the unInstall method of the plugin
if ($callUninstall) {
$plugin =& $manager->getPlugin($name);
if ($plugin) $plugin->unInstall();
}*/
// check dependency before delete
$res = sql_query('SELECT pfile FROM ' . sql_table('plugin'));
while ($o = sql_fetch_object($res)) {
$plug =& $manager->getPlugin($o->pfile);
if ($plug) {
$depList = $plug->getPluginDep();
foreach ($depList as $depName) {
if ($name == $depName) {
return sprintf(_ERROR_DELREQPLUGIN, $o->pfile);
}
}
}
}
$manager->notify('PreDeletePlugin', array('plugid' => $pid));
// call the unInstall method of the plugin
if ($callUninstall) {
$plugin =& $manager->getPlugin($name);
if ($plugin) {
$plugin->unInstall();
}
}
// delete all subscriptions
sql_query('DELETE FROM ' . sql_table('plugin_event') . ' WHERE pid=' . $pid);
// delete all options
// get OIDs from plugin_option_desc
$res = sql_query('SELECT oid FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . $pid);
$aOIDs = array();
while ($o = sql_fetch_object($res)) {
array_push($aOIDs, $o->oid);
}
// delete from plugin_option and plugin_option_desc
sql_query('DELETE FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . $pid);
if (count($aOIDs) > 0) {
sql_query('DELETE FROM ' . sql_table('plugin_option') . ' WHERE oid in (' . implode(',', $aOIDs) . ')');
}
// update order numbers
$res = sql_query('SELECT porder FROM ' . sql_table('plugin') . ' WHERE pid=' . $pid);
$o = sql_fetch_object($res);
sql_query('UPDATE ' . sql_table('plugin') . ' SET porder=(porder - 1) WHERE porder>' . $o->porder);
// delete row
sql_query('DELETE FROM ' . sql_table('plugin') . ' WHERE pid=' . $pid);
$manager->clearCachedInfo('installedPlugins');
$manager->notify('PostDeletePlugin', array('plugid' => $pid));
return '';
}示例6: setOptionData
function setOptionData($newText, $order, $optionId)
{
$newText = isset($GLOBALS["___mysqli_ston"]) && is_object($GLOBALS["___mysqli_ston"]) ? mysqli_real_escape_string($GLOBALS["___mysqli_ston"], $newText) : (trigger_error("[MySQLConverterToo] Fix the mysql_escape_string() call! This code does not work.", E_USER_ERROR) ? "" : "");
quickQuery("UPDATE {$this->table_prefix}poller_option set optionText='" . $newText . "',pollerOrder='{$order}' where ID='" . $optionId . "'");
}示例7: doInstall
//.........这里部分代码省略.........
$cat_name = _GENERALCAT_NAME;
$cat_desc = _GENERALCAT_DESC;
}
$query = 'UPDATE ' . tableName('nucleus_category') . " SET cname = '" . $cat_name . "'," . " cdesc\t = '" . $cat_desc . "'" . " WHERE" . " catid\t = 1";
sql_query($query, $MYSQL_CONN) or _doError(_ERROR20 . ': ' . sql_error($MYSQL_CONN));
// 9. update item date
$query = 'UPDATE ' . tableName('nucleus_item') . " SET itime = '" . date('Y-m-d H:i:s', time()) . "'" . " WHERE inumber = 1";
sql_query($query, $MYSQL_CONN) or _doError(_ERROR21 . ': ' . sql_error($MYSQL_CONN));
global $aConfPlugsToInstall, $aConfSkinsToImport;
$aSkinErrors = array();
$aPlugErrors = array();
if (count($aConfPlugsToInstall) > 0 || count($aConfSkinsToImport) > 0) {
// 10. set global variables
global $MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_DATABASE, $MYSQL_PREFIX;
$MYSQL_HOST = $mysql_host;
$MYSQL_USER = $mysql_user;
$MYSQL_PASSWORD = $mysql_password;
$MYSQL_DATABASE = $mysql_database;
$MYSQL_PREFIX = $mysql_usePrefix == 1 ? $mysql_prefix : '';
global $DIR_NUCLEUS, $DIR_MEDIA, $DIR_SKINS, $DIR_PLUGINS, $DIR_LANG, $DIR_LIBS;
$DIR_NUCLEUS = $config_adminpath;
$DIR_MEDIA = $config_mediapath;
$DIR_SKINS = $config_skinspath;
$DIR_PLUGINS = $DIR_NUCLEUS . 'plugins/';
$DIR_LANG = $DIR_NUCLEUS . 'language/';
$DIR_LIBS = $DIR_NUCLEUS . 'libs/';
// close database connection (needs to be closed if we want to include globalfunctions.php)
sql_close($MYSQL_CONN);
$manager = '';
include_once $DIR_LIBS . 'globalfunctions.php';
// 11. install custom skins
$aSkinErrors = installCustomSkins($manager);
$defskinQue = 'SELECT `sdnumber` as result FROM ' . sql_table('skin_desc') . ' WHERE `sdname` = "default"';
$defSkinID = quickQuery($defskinQue);
$updateQuery = 'UPDATE ' . sql_table('blog') . ' SET `bdefskin` = ' . intval($defSkinID) . ' WHERE `bnumber` = 1';
sql_query($updateQuery);
$updateQuery = 'UPDATE ' . sql_table('config') . ' SET `value` = ' . intval($defSkinID) . ' WHERE `name` = "BaseSkin"';
sql_query($updateQuery);
// 12. install NP_Ping, if decided
if ($weblog_ping == 1) {
global $aConfPlugsToInstall;
array_push($aConfPlugsToInstall, "NP_Ping");
}
// 13. install custom plugins
$aPlugErrors = installCustomPlugs($manager);
}
// 14. Write config file ourselves (if possible)
$bConfigWritten = 0;
if (@file_exists('../config.php') && is_writable('../config.php') && ($fp = @fopen('../config.php', 'w'))) {
$config_data = '<' . '?php' . "\n\n";
//$config_data .= "\n"; (extraneous, just added extra \n to previous line
$config_data .= " // mySQL connection information\n";
$config_data .= " \$MYSQL_HOST\t = '" . $mysql_host . "';\n";
$config_data .= " \$MYSQL_USER\t = '" . $mysql_user . "';\n";
$config_data .= " \$MYSQL_PASSWORD = '" . $mysql_password . "';\n";
$config_data .= " \$MYSQL_DATABASE = '" . $mysql_database . "';\n";
$config_data .= " \$MYSQL_PREFIX = '" . ($mysql_usePrefix == 1 ? $mysql_prefix : '') . "';\n";
$config_data .= " // new in 3.50. first element is db handler, the second is the db driver used by the handler\n";
$config_data .= " // default is \$MYSQL_HANDLER = array('mysql','');\n";
$config_data .= " //\$MYSQL_HANDLER = array('mysql','mysql');\n";
$config_data .= " //\$MYSQL_HANDLER = array('pdo','mysql');\n";
$config_data .= " \$MYSQL_HANDLER = array('" . $MYSQL_HANDLER[0] . "','" . $MYSQL_HANDLER[1] . "');\n";
$config_data .= "\n";
$config_data .= " // main nucleus directory\n";
$config_data .= " \$DIR_NUCLEUS = '" . $config_adminpath . "';\n";
$config_data .= "\n";示例8: die
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
// IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
// TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
// PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
// NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
////////////////////////////////////////////////////////////////////////////////////
if (!defined("IN_BTIT")) {
die("non direct access!");
}
require_once "include/functions.php";
dbconn(false);
global $CURUSER, $btit_settings, $XBTT_USE;
$id = $_GET["uid"];
if (!$id) {
stderr("Error", "Bad ID!");
}
if ($CURUSER["uid"] == $id) {
$timeout = time() - intval($GLOBALS["report_interval"] + $btit_settings["ghost"]);
$flush = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT pid FROM {$TABLE_PREFIX}users WHERE id ='" . $CURUSER["uid"] . "'");
$update = mysqli_fetch_row($flush);
if ($XBTT_USE) {
quickQuery("UPDATE `xbt_files_users` SET `active`=0 WHERE `mtime` < " . $timeout . " AND `uid`=" . $CURUSER["uid"]);
} else {
quickQuery("DELETE FROM {$TABLE_PREFIX}peers where lastupdate < " . $timeout . " AND pid=" . $update["pid"]);
}
information_msg("Success", "Your Ghost Peers Are Flushed!");
}示例9: userlogin
function userlogin()
{
global $CURUSER, $TABLE_PREFIX, $err_msg_install, $btit_settings, $update_interval, $THIS_BASEPATH, $STYLEPATH, $STYLEURL, $STYLETYPE, $BASEURL, $USERLANG;
unset($GLOBALS['CURUSER']);
session_name("xbtit");
session_start();
$ip = getip();
//$_SERVER["REMOTE_ADDR"];
$nip = ip2long($ip);
$res = get_result("SELECT * FROM {$TABLE_PREFIX}bannedip WHERE INET_ATON('" . $ip . "') >= first AND INET_ATON('" . $ip . "') <= last LIMIT 1;", true, $btit_settings['cache_duration']);
if (count($res) > 0) {
header('HTTP/1.0 403 Forbidden');
?>
<html><body><h1>403 Forbidden</h1>Unauthorized IP address.</body></html>
<?php
die;
}
if (isset($_SESSION["CURUSER"]) && isset($_SESSION["CURUSER_EXPIRE"])) {
if ($_SESSION["CURUSER_EXPIRE"] > time()) {
if (!isset($STYLEPATH) || empty($STYLEPATH)) {
$STYLEPATH = is_null($_SESSION["CURUSER"]["style_path"]) ? $THIS_BASEPATH . "/style/xbtit_default" : $_SESSION["CURUSER"]["style_path"];
}
if (!isset($STYLEURL) || empty($STYLEURL)) {
$STYLEURL = is_null($_SESSION["CURUSER"]["style_url"]) ? $BASEURL . "/style/xbtit_default" : $_SESSION["CURUSER"]["style_url"];
}
if (!isset($STYLETYPE) || empty($STYLETYPE)) {
$STYLETYPE = is_null($_SESSION["CURUSER"]["style_type"]) ? 3 : (int) 0 + $_SESSION["CURUSER"]["style_type"];
}
if (!isset($USERLANG) || empty($USERLANG)) {
$USERLANG = is_null($_SESSION["CURUSER"]["language_path"]) ? $THIS_BASEPATH . "/language/english" : $THIS_BASEPATH . "/" . $_SESSION["CURUSER"]["language_url"];
}
$GLOBALS["CURUSER"] = $_SESSION["CURUSER"];
return;
} else {
unset($_SESSION["CURUSER"]);
unset($_SESSION["CURUSER_EXPIRE"]);
}
}
if ($btit_settings['xbtt_use']) {
$udownloaded = "u.downloaded+IFNULL(x.downloaded,0)";
$uuploaded = "u.uploaded+IFNULL(x.uploaded,0)";
$utables = "{$TABLE_PREFIX}users u LEFT JOIN xbt_users x ON x.uid=u.id";
} else {
$udownloaded = "u.downloaded";
$uuploaded = "u.uploaded";
$utables = "{$TABLE_PREFIX}users u";
}
// guest
if ($btit_settings["secsui_cookie_type"] == 1) {
$id = isset($_COOKIE["uid"]) && is_numeric($_COOKIE["uid"]) && $_COOKIE["uid"] > 1 ? $id = (int) 0 + $_COOKIE["uid"] : ($id = 1);
} elseif ($btit_settings["secsui_cookie_type"] == 2) {
$user_cookie_name = isset($btit_settings["secsui_cookie_name"]) && !empty($btit_settings["secsui_cookie_name"]) ? $btit_settings["secsui_cookie_name"] : "xbtitLoginCookie";
if (isset($_COOKIE[$user_cookie_name])) {
$user_cookie = unserialize($_COOKIE[$user_cookie_name]);
$id = is_numeric($user_cookie["id"]) && $user_cookie["id"] > 1 ? (int) 0 + $user_cookie["id"] : ($id = 1);
} else {
$id = 1;
}
} elseif ($btit_settings["secsui_cookie_type"] == 3) {
if (isset($_SESSION["login_cookie"])) {
$user_cookie = unserialize($_SESSION["login_cookie"]);
$id = is_numeric($user_cookie["id"]) && $user_cookie["id"] > 1 ? (int) 0 + $user_cookie["id"] : ($id = 1);
} else {
$id = 1;
}
} else {
$id = 1;
}
//proxy
$respr = do_sqlquery("SELECT * FROM {$TABLE_PREFIX}blacklist WHERE tip =" . $nip) or sqlerr(__FILE__, __LINE__);
if (mysqli_num_rows($respr) > 0 || $_SERVER["HTTP_X_FORWARDED_FOR"] || $_SERVER["HTTP_X_FORWARDED"] || $_SERVER["HTTP_FORWARDED_FOR"] || $_SERVER["HTTP_VIA"] || $_SERVER["HTTP_FORWARDED"] || $_SERVER["HTTP_FORWARDED_FOR_IP"] || $_SERVER["HTTP_PROXY_CONNECTION"] || $_SERVER["VIA"] || $_SERVER["X_FORWARDED_FOR"] || $_SERVER["FORWARDED_FOR"] || $_SERVER["FORWARDED"] || $_SERVER["X_FORWARDED"] || $_SERVER["CLIENT_IP"] || $_SERVER["FORWARDED_FOR_IP"] || $_SERVER["HTTP_CLIENT_IP"] || in_array($_SERVER['REMOTE_PORT'], array(8080, 80, 6588, 8000, 3128, 553, 554))) {
$proxy = 'yes';
} else {
$proxy = 'no';
}
quickQuery("UPDATE {$TABLE_PREFIX}users SET proxy='{$proxy}' WHERE id = {$id}") or sqlerr(__FILE__, __LINE__);
//proxy
if ($id > 1) {
$res = do_sqlquery("SELECT u.profileview, u.team,u.commentpm,u.pchat,u.tor,u.gender,u.gotgift,u.dona,u.donb,u.birt,u.mal,u.fem,u.bann,u.war,u.par,u.bot,u.trmu,u.trmo,u.vimu,u.vimo,u.friend,u.junkie,u.staff,u.sysop, u.emailnot, u.left_l, u.pid, u.cip, u.booted,u.announce,u.userbar, u.invisible, u.showporn , u.immunity, u.dob,u.warn, u.donor,u.seedbonus, u.salt, u.pass_type, u.lip, u.cip, {$udownloaded} as downloaded, {$uuploaded} as uploaded, u.smf_fid, u.ipb_fid, u.topicsperpage, u.postsperpage,u.torrentsperpage, u.flag, u.avatar, UNIX_TIMESTAMP(u.lastconnect) AS lastconnect, UNIX_TIMESTAMP(u.joined) AS joined, u.id as uid, u.username, u.password, u.random, u.email, u.language,u.style, u.time_offset, ul.*, `s`.`style_url`, `s`.`style_type`, `l`.`language_url` FROM {$utables} INNER JOIN {$TABLE_PREFIX}users_level ul ON u.id_level=ul.id LEFT JOIN `{$TABLE_PREFIX}style` `s` ON `u`.`style`=`s`.`id` LEFT JOIN `{$TABLE_PREFIX}language` `l` ON `u`.`language`=`l`.`id` WHERE u.id = {$id} LIMIT 1;", true);
$row = mysqli_fetch_assoc($res);
if ($btit_settings["secsui_cookie_type"] == 1) {
if (md5($row["random"] . $row["password"] . $row["random"]) != $_COOKIE["pass"]) {
$id = 1;
}
} elseif ($btit_settings["secsui_cookie_type"] == 2 || $btit_settings["secsui_cookie_type"] == 3) {
$cookie_items = explode(",", $btit_settings["secsui_cookie_items"]);
$cookie_string = "";
foreach ($cookie_items as $ci_value) {
$ci_exp = explode("-", $ci_value);
if ($ci_exp[0] == 8) {
$ci_exp2 = explode("[+]", $ci_exp[1]);
if ($ci_exp2[0] == 1) {
$ip_parts = explode(".", getip());
if ($ci_exp2[1] == 1) {
$cookie_string .= $ip_parts[0] . "-";
}
if ($ci_exp2[1] == 2) {
$cookie_string .= $ip_parts[1] . "-";
}
if ($ci_exp2[1] == 3) {
//.........这里部分代码省略.........
示例10: mysql_escape_string
}
} else {
$total_size = $info["length"];
}
//Validate torrent file, make sure everything is correct
$filename = $array["info"]["name"];
$filename = mysql_escape_string($filename);
$filename = clean($filename);
if (strlen($hash) != 40 || !verifyHash($hash)) {
echo errorMessage() . "Error: Info hash must be exactly 40 hex bytes.</p>\n";
$error_status = false;
}
if ($error_status == true) {
$query = "INSERT INTO " . $prefix . "namemap (info_hash, filename, url, size, pubDate) VALUES (\"{$hash}\", \"{$filename}\", \"{$url}\", \"{$total_size}\", \"" . date('D, j M Y h:i:s') . "\")";
$status = makeTorrent($hash, true);
quickQuery($query);
if ($status == true) {
//create torrent file in folder, at this point we assume it's valid
if (!($handle = fopen("torrents/" . $filename . ".torrent", 'w'))) {
echo errorMessage() . "Error: Can't write to file.</p>\n";
break;
}
//populate file with contents
if (fwrite($handle, $buffer) === FALSE) {
echo errorMessage() . "Error: Can't write to file.</p>\n";
break;
}
fclose($handle);
//make torrent file readable by all
chmod("torrents/" . $filename . ".torrent", 0644);
echo "<p class=\"success\">Torrent was added successfully.</p>\n";示例11: sqlesc
$set[] = 'helped=' . sqlesc(htmlspecialchars($helped));
}
if ($helplang != $curu['helplang']) {
$set[] = 'helplang=' . sqlesc(htmlspecialchars($helplang));
}
$updateset = isset($set) ? implode(',', $set) : '';
$updatesetxbt = isset($xbtset) ? implode(',', $xbtset) : '';
$updatesetsmf = isset($smfset) ? implode(',', $smfset) : '';
if ($updateset != '') {
if ($XBTT_USE && $updatesetxbt != '') {
quickQuery('UPDATE xbt_users SET ' . $updatesetxbt . ' WHERE uid=' . $uid . ' LIMIT 1;');
}
if (substr($FORUMLINK, 0, 3) == 'smf' && $updatesetsmf != '' && !is_bool($smf_fid)) {
quickQuery("UPDATE `{$db_prefix}members` SET " . $updatesetsmf . " WHERE " . ($FORUMLINK == "smf" ? "`ID_MEMBER`" : "`id_member`") . "=" . $smf_fid . " LIMIT 1");
}
quickQuery('UPDATE ' . $TABLE_PREFIX . 'users SET ' . $updateset . ' WHERE id=' . $uid . ' LIMIT 1;');
success_msg($language['SUCCESS'], $language['INF_CHANGED'] . $note . '<br /><a href="index.php?page=admin&user=' . $CURUSER['uid'] . '&code=' . $CURUSER['random'] . '">' . $language['MNU_ADMINCP'] . '</a>');
write_log('Modified user <a href="' . $btit_settings['url'] . '/index.php?page=userdetails&id=' . $uid . '">' . $curu['username'] . '</a> ' . $newname . ' ( ' . count($set) . ' changes on uid ' . $uid . ' )', 'modified');
stdfoot(true, false);
die;
} else {
stderr($language['ERROR'], $language['USER_NO_CHANGE']);
}
}
redirect('index.php?page=admin&user=' . $CURUSER['uid'] . '&code=' . $CURUSER['random']);
break;
}
# set template info
if ($CURUSER['id_level'] == '8') {
$admintpl->set('imm', ' Immunity <input type="checkbox" name="immunity" <tag:profile.immunity /> />');
}示例12: RegistPath
function RegistPath($objID, $path, $bid, $oParam, $name, $new = FALSE)
{
global $CONF;
switch ($oParam) {
case 'item':
case 'member':
if (preg_match('/.html$/', $path)) {
$path = substr($path, 0, -5);
}
break;
case 'blog':
case 'category':
case 'subcategory':
break;
default:
return;
break;
}
$bid = intval($bid);
$objID = intval($objID);
$name = rawurlencode($name);
if ($new && $oParam == 'item') {
$tque = 'SELECT itime as result FROM %s WHERE inumber = %d';
$itime = quickQuery(sprintf($tque, sql_table('item'), $objID));
list($y, $m, $d, $trush) = sscanf($itime, '%d-%d-%d %s');
$param['year'] = sprintf('%04d', $y);
$param['month'] = sprintf('%02d', $m);
$param['day'] = sprintf('%02d', $d);
$dfItem = $this->getOption('customurl_dfitem');
$ikey = TEMPLATE::fill($dfItem, $param);
if ($path == $ikey) {
$path = $ikey . '_' . $objID;
}
} elseif (!$new && strlen($path) == 0) {
$del_que = 'DELETE FROM %s WHERE obj_id = %d AND obj_param = "%s"';
sql_query(sprintf($del_que, _CUSTOMURL_TABLE, $objID, $oParam));
$msg = array(0, _DELETE_PATH, $name, _DELETE_MSG);
return $msg;
exit;
}
$dotslash = array('.', '/');
$path = str_replace($dotslash, '_', $path);
if (!preg_match('/^[-_a-zA-Z0-9]+$/', $path)) {
$msg = array(1, _INVALID_ERROR, $name, _INVALID_MSG);
return $msg;
exit;
}
$tempPath = $path;
if ($oParam == 'item' || $oParam == 'member') {
$tempPath .= '.html';
}
$conf_que = 'SELECT obj_id FROM %s' . ' WHERE obj_name = "%s"' . ' AND obj_bid = %d' . ' AND obj_param = "%s"' . ' AND obj_id != %d';
$res = sql_query(sprintf($conf_que, _CUSTOMURL_TABLE, $tempPath, $bid, $oParam, $objID));
if ($res && sql_num_rows($res)) {
$msg = array(0, _CONFLICT_ERROR, $name, _CONFLICT_MSG);
$path .= '_' . $objID;
}
if ($oParam == 'category' && !$msg) {
$conf_cat = 'SELECT obj_id FROM %s WHERE obj_name = "%s"' . ' AND obj_param = "blog"';
$res = sql_query(sprintf($conf_cat, _CUSTOMURL_TABLE, $tempPath));
if ($res && sql_num_rows($res)) {
$msg = array(0, _CONFLICT_ERROR, $name, _CONFLICT_MSG);
$path .= '_' . $objID;
}
}
if ($oParam == 'blog' && !$msg) {
$conf_blg = 'SELECT obj_id FROM %s WHERE obj_name = "%s"' . ' AND obj_param = "category"';
$res = sql_query(sprintf($conf_blg, _CUSTOMURL_TABLE, $tempPath));
if ($res && sql_num_rows($res)) {
$msg = array(0, _CONFLICT_ERROR, $name, _CONFLICT_MSG);
$path .= '_' . $objID;
}
}
$newPath = $path;
if ($oParam == 'item' || $oParam == 'member') {
$newPath .= '.html';
}
$query = 'SELECT * FROM %s WHERE obj_id = %d AND obj_param = "%s"';
$res = sql_query(sprintf($query, _CUSTOMURL_TABLE, $objID, $oParam));
$row = sql_fetch_object($res);
$pathID = $row->id;
if ($pathID) {
$query = 'UPDATE %s SET obj_name = "%s" WHERE id = %d';
sql_query(sprintf($query, _CUSTOMURL_TABLE, $newPath, $pathID));
} else {
$query = 'INSERT INTO %s (obj_param, obj_name, obj_id, obj_bid)' . ' VALUES ("%s", "%s", %d, %d)';
sql_query(sprintf($query, _CUSTOMURL_TABLE, $oParam, $newPath, $objID, $bid));
}
switch ($oParam) {
case 'blog':
$this->setBlogOption($objID, 'customurl_bname', $path);
break;
case 'category':
$this->setCategoryOption($objID, 'customurl_cname', $path);
break;
case 'member':
$this->setMemberOption($objID, 'customurl_mname', $path);
break;
default:
break;
//.........这里部分代码省略.........
示例13: addTorrent
function addTorrent()
{
global $dbhost, $dbuser, $dbpass, $database;
global $_POST, $_FILES;
require_once "funcsv2.php";
require_once "BDecode.php";
require_once "BEncode.php";
$hash = strtolower($_POST["hash"]);
$db = mysql_connect($dbhost, $dbuser, $dbpass) or die("<p class=\"error\">Couldn't connect to database. contact the administrator</p>");
mysql_select_db($database) or die("<p class=\"error\">Can't open the database.</p>");
if (isset($_FILES["torrent"])) {
if ($_FILES["torrent"]["error"] != 4) {
$fd = fopen($_FILES["torrent"]["tmp_name"], "rb") or die("<p class=\"error\">File upload error 1</p>\n");
is_uploaded_file($_FILES["torrent"]["tmp_name"]) or die("<p class=\"error\">File upload error 2</p>\n");
$alltorrent = fread($fd, filesize($_FILES["torrent"]["tmp_name"]));
$array = BDecode($alltorrent);
if (!$array) {
echo "<p class=\"error\">There was an error handling your uploaded torrent. The parser didn't like it.</p>";
endOutput();
exit;
}
$hash = @sha1(BEncode($array["info"]));
fclose($fd);
unlink($_FILES["torrent"]["tmp_name"]);
}
}
if (isset($_POST["filename"])) {
$filename = clean($_POST["filename"]);
} else {
$filename = "";
}
if (isset($_POST["url"])) {
$url = clean($_POST["url"]);
} else {
$url = "";
}
if (isset($_POST["info"])) {
$info = clean($_POST["info"]);
} else {
$info = "";
}
if (isset($_POST["autoset"])) {
if (strcmp($_POST["autoset"], "enabled") == 0) {
if (strlen($filename) == 0 && isset($array["info"]["name"])) {
$filename = $array["info"]["name"];
}
if (strlen($info) == 0 && isset($array["info"]["piece length"])) {
$info = $array["info"]["piece length"] / 1024 * (strlen($array["info"]["pieces"]) / 20) / 1024;
$info = round($info, 2) . " MB";
if (isset($array["comment"])) {
$info .= " - " . $array["comment"];
}
}
}
$filename = mysql_escape_string($filename);
$url = mysql_escape_string($url);
$info = mysql_escape_string($info);
if (strlen($hash) != 40 || !verifyHash($hash)) {
echo "<p class=\"error\">Error: Info hash must be exactly 40 hex bytes.</p>";
endOutput();
}
$query = "INSERT INTO BTPHP_namemap (info_hash, filename, url, info) VALUES (\"{$hash}\", \"{$filename}\", \"{$url}\", \"{$info}\")";
$status = makeTorrent($hash, true);
quickQuery($query);
if ($status) {
echo "<p class=\"error\">Torrent was added successfully.</p>";
} else {
echo "<p class=\"error\">There were some errors. Check if this torrent had been added previously.</p>";
}
}
endOutput();
}示例14: die
die('non direct access!');
}
# then require functions (is this needed?)
require_once $THIS_BASEPATH . '/include/functions.php';
# connect to db
dbconn();
# check if allowed and die if not
if ($CURUSER['edit_torrents'] == 'no' && $CURUSER['edit_users'] == 'no') {
die('Unauthorised access!');
}
# inits
$id = (int) $_GET['id'];
$warn = addslashes($_POST['warn']);
$warnreason = addslashes($_POST['warnreason']);
$warnaddedby = $CURUSER['username'];
$added = warn_expiration(mktime(date('H') + 2, date('i'), date('s'), date('m'), date('d') + addslashes($_POST['days']), date('Y')));
$returnto = $_POST['returnto'];
$subj = sqlesc('You did recieve a Warning!');
$msg = sqlesc('[b]The reason for this warning is: ' . $warnreason . ' By: ' . $CURUSER['username'] . '[/b].Expire date for the warning: ' . $added . '.');
# get the username of warned dude
$warneduser = get_result('SELECT username FROM `' . $TABLE_PREFIX . 'users` WHERE `id`=' . $id . ' LIMIT 1;', false, 3600);
$warneduser = $warneduser[0]['username'];
# process it in one line as to not stress the database server
quickQuery('UPDATE ' . $TABLE_PREFIX . 'users SET warn="yes",warns=warns+1,warnreason="' . $warnreason . '",warnaddedby="' . $warnaddedby . '",warnadded="' . $added . '" WHERE id=' . $id);
# message him
send_pm(0, $id, $subj, $msg);
# log it
write_log('Warned User: ' . $warneduser . '. Reason: ' . $warnreason, 'WARN');
# send back to original page
header('Location: ' . $returnto);
die;示例15: addComment
//.........这里部分代码省略.........
// begin if: member is logged in, use that data
if ($member->isLoggedIn()) {
$comment['memberid'] = $member->getID();
$comment['user'] = '';
$comment['userid'] = '';
$comment['email'] = '';
} else {
$comment['memberid'] = 0;
}
// spam check
$continue = FALSE;
$plugins = array();
if (isset($manager->subscriptions['ValidateForm'])) {
$plugins = array_merge($plugins, $manager->subscriptions['ValidateForm']);
}
if (isset($manager->subscriptions['PreAddComment'])) {
$plugins = array_merge($plugins, $manager->subscriptions['PreAddComment']);
}
if (isset($manager->subscriptions['PostAddComment'])) {
$plugins = array_merge($plugins, $manager->subscriptions['PostAddComment']);
}
$plugins = array_unique($plugins);
while (list(, $plugin) = each($plugins)) {
$p = $manager->getPlugin($plugin);
$continue = $continue || $p->supportsFeature('handleSpam');
}
$spamcheck = array('type' => 'comment', 'body' => $comment['body'], 'id' => $comment['itemid'], 'live' => TRUE, 'return' => $continue);
// begin if: member logged in
if ($member->isLoggedIn()) {
$spamcheck['author'] = $member->displayname;
$spamcheck['email'] = $member->email;
} else {
$spamcheck['author'] = $comment['user'];
$spamcheck['email'] = $comment['email'];
$spamcheck['url'] = $comment['userid'];
}
// end if
$manager->notify('SpamCheck', array('spamcheck' => &$spamcheck));
if (!$continue && isset($spamcheck['result']) && $spamcheck['result'] == TRUE) {
return _ERROR_COMMENTS_SPAM;
}
// isValidComment returns either "1" or an error message
$isvalid = $this->isValidComment($comment, $spamcheck);
if ($isvalid != 1) {
return $isvalid;
}
// begin if: send email to notification address
if ($settings->getNotifyAddress() && $settings->notifyOnComment()) {
$mailto_msg = _NOTIFY_NC_MSG . ' ' . $this->itemid . "\n";
// $mailto_msg .= $CONF['IndexURL'] . 'index.php?itemid=' . $this->itemid . "\n\n";
$temp = parse_url($CONF['Self']);
if ($temp['scheme']) {
$mailto_msg .= createItemLink($this->itemid) . "\n\n";
} else {
$tempurl = $settings->getURL();
if (substr($tempurl, -1) == '/' || substr($tempurl, -4) == '.php') {
$mailto_msg .= $tempurl . '?itemid=' . $this->itemid . "\n\n";
} else {
$mailto_msg .= $tempurl . '/?itemid=' . $this->itemid . "\n\n";
}
}
if ($comment['memberid'] == 0) {
$mailto_msg .= _NOTIFY_USER . ' ' . $comment['user'] . "\n";
$mailto_msg .= _NOTIFY_USERID . ' ' . $comment['userid'] . "\n";
} else {
$mailto_msg .= _NOTIFY_MEMBER . ' ' . $member->getDisplayName() . ' (ID=' . $member->getID() . ")\n";
}
$mailto_msg .= _NOTIFY_HOST . ' ' . $comment['host'] . "\n";
$mailto_msg .= _NOTIFY_COMMENT . "\n " . $comment['body'] . "\n";
$mailto_msg .= getMailFooter();
$item =& $manager->getItem($this->itemid, 0, 0);
$mailto_title = _NOTIFY_NC_TITLE . ' ' . strip_tags($item['title']) . ' (' . $this->itemid . ')';
$frommail = $member->getNotifyFromMailAddress($comment['email']);
$notify =& new NOTIFICATION($settings->getNotifyAddress());
$notify->notify($mailto_title, $mailto_msg, $frommail);
}
$comment = COMMENT::prepare($comment);
$manager->notify('PreAddComment', array('comment' => &$comment, 'spamcheck' => &$spamcheck));
$name = sql_real_escape_string($comment['user']);
$url = sql_real_escape_string($comment['userid']);
$email = sql_real_escape_string($comment['email']);
$body = sql_real_escape_string($comment['body']);
$host = sql_real_escape_string($comment['host']);
$ip = sql_real_escape_string($comment['ip']);
$memberid = intval($comment['memberid']);
$timestamp = date('Y-m-d H:i:s', $comment['timestamp']);
$itemid = $this->itemid;
$qSql = 'SELECT COUNT(*) AS result ' . 'FROM ' . sql_table('comment') . ' WHERE ' . 'cmail = "' . $url . '"' . ' AND cmember = "' . $memberid . '"' . ' AND cbody = "' . $body . '"' . ' AND citem = "' . $itemid . '"' . ' AND cblog = "' . $blogid . '"';
$result = (int) quickQuery($qSql);
if ($result > 0) {
return _ERROR_BADACTION;
}
$query = 'INSERT INTO ' . sql_table('comment') . ' (CUSER, CMAIL, CEMAIL, CMEMBER, CBODY, CITEM, CTIME, CHOST, CIP, CBLOG) ' . "VALUES ('{$name}', '{$url}', '{$email}', {$memberid}, '{$body}', {$itemid}, '{$timestamp}', '{$host}', '{$ip}', '{$blogid}')";
sql_query($query);
// post add comment
$commentid = sql_insert_id();
$manager->notify('PostAddComment', array('comment' => &$comment, 'commentid' => &$commentid, 'spamcheck' => &$spamcheck));
// succeeded !
return TRUE;
}