The_Master_Chief
asked on
Novice user needs help
I am running Win 2K server SP4 with php installed as well as mysql.
I am hosting with IIS.
the error I get when I open index.php in my browser is this:
Notice: Undefined index: Language in f:\inetpub\wwwroot\library .php on line 24
Notice: Undefined variable: languagebase_dir in f:\inetpub\wwwroot\library .php on line 30
Notice: Undefined variable: language_user in f:\inetpub\wwwroot\library .php on line 30
Notice: Undefined variable: languagebase_dir in f:\inetpub\wwwroot\library .php on line 32
Notice: Undefined variable: language_default in f:\inetpub\wwwroot\library .php on line 32
Warning: main(//variables.php): failed to open stream: Invalid argument in f:\inetpub\wwwroot\library .php on line 34
Fatal error: main(): Failed opening required '//variables.php' (include_path='.;c:\php4\p ear') in f:\inetpub\wwwroot\library .php on line 34
I am hosting with IIS.
the error I get when I open index.php in my browser is this:
Notice: Undefined index: Language in f:\inetpub\wwwroot\library
Notice: Undefined variable: languagebase_dir in f:\inetpub\wwwroot\library
Notice: Undefined variable: language_user in f:\inetpub\wwwroot\library
Notice: Undefined variable: languagebase_dir in f:\inetpub\wwwroot\library
Notice: Undefined variable: language_default in f:\inetpub\wwwroot\library
Warning: main(//variables.php): failed to open stream: Invalid argument in f:\inetpub\wwwroot\library
Fatal error: main(): Failed opening required '//variables.php' (include_path='.;c:\php4\p
please post your code so we can get more info.
ASKER
<?
########################## ########## ########## ########## ########## ########## ########## ########## #
#
# project : phpBazar
# filename : index.php
# purpose : Index (Start) File
#
########################## ########## ########## ########## ########## ########## ########## ########## #
# Include Configs & Variables
########################## ########## ########## ########## ########## ########## ########## ########## #
require ("library.php");
# The Head-Section
########################## ########## ########## ########## ########## ########## ########## ########## #
include ($HEADER);
# The Main-Section
########################## ########## ########## ########## ########## ########## ########## ########## #
#echo"<p> \n";
echo" <table align=\"center\" border=\"0\" cellspacing=\"0\" cellpadding=\"1\" width=\"$wel_table_width\" >\n";
echo" <tr>\n";
echo" <td class=\"class1\">\n";
echo" <table align=\"center\" border=\"0\" cellspacing=\"0\" cellpadding=\"10\" width=\"100%\">\n";
echo" <tr>\n";
echo" <td class=\"class2\">\n";
include ("$language_dir/welcome.in c");
echo" </td>\n";
echo" </tr>\n";
echo" </table>\n";
echo" </td>\n";
echo" </tr>\n";
echo" </table>\n";
# The Foot-Section
########################## ########## ########## ########## ########## ########## ########## ########## #
include ($FOOTER);
# Browser Detection
########################## ########## ########## ########## ########## ########## ########## ########## #
#include ("$language_dir/browser.in c"); Maybe you want display Message if Browser NOT MSIE
?>
That was the index.php now here is library.php
<?
########################## ########## ########## ########## ########## ########## ########## ########## #
#
# project : phpBazar
# filename : library.php
# purpose : Library File
#
########################## ########## ########## ########## ########## ########## ########## ########## #
# Include Configs & Variables
########################## ########## ########## ########## ########## ########## ########## ########## #
require("config.php");
if ($HTTP_COOKIE_VARS["Langua ge"] && $show_languages){
$language_user=$HTTP_COOKI E_VARS["La nguage"];
}
$language_dir=$languagebas e_dir."/". $language_ user;
if (!is_file("$language_dir/v ariables.p hp")) {$language_dir=$languageba se_dir."/" .$language _default;}
require("$language_dir/var iables.php ");
if (is_file("sales.php")) {
include ("sales.php");
require("$language_dir/sal es_variabl es.php");
}
list($USERNAME)=explode(": ",$phpBaza r);
if (!strstr("$PHP_SELF","fram etop.php") ) {
mysql_connect($server, $db_user, $db_pass);
mysql_db_query($database, "INSERT INTO useronline VALUES ('$timestamp','$ip','$PHP_ SELF','$US ERNAME')") ;
mysql_close();
}
########################## ########## ########## ########## ########## ########## ########## ########## #
# Functions
########################## ########## ########## ########## ########## ########## ########## ########## #
function died($message) { //when we die, than with a nice window ;-)
if(!$message) {
$message = "There was an unknown error !";
}
$errormessage=rawurlencode ($message) ;
echo "<script language=\"JavaScript\">
history.back(1);
var winl = (screen.width - 300) / 2;
var wint = (screen.height - 150) / 2;
window.open(\"message.php? msg=$error message&ms gheader=Er ror\",\"Er ror\",\"wi dth=300,he ight=150,t op=\"+wint +\",left=\ "+winl+\", resizeable =no\");
</script>\n";
exit;
}
function memberfield($signup,$field name,$name ,$value) {
global $database,$server,$db_user ,$db_pass, $language_ dir,$memb_ newpublic, $image_dir
,$ad_no,$ad_yes;
$retval=false;
mysql_connect($server, $db_user, $db_pass);
$result=mysql_db_query($da tabase, "SELECT * FROM config WHERE type='member' AND name='$fieldname'") or died(mysql_error());
$field=mysql_fetch_array($ result);
if ($field[value]=="yes" && ($signup=="0" || ($signup=="1" && $field[value2]=="yes") || ($signup=="2" && $field[value5]=="yes")) ) { // if enabled
if ($signup=="2") {
// show Memberdetails
if ($field[value3]!="checkbox ") {
if ($fieldname=="homepage") {
if ($value && substr($value,0,7)!="http://") {$value="http://".$value;}
$retval="
<tr>
<td class=\"gbtable2\"><div class=\"maininputleft\">$n ame : </div></td>
<td class=\"gbtable2\"><div class=\"maininputright\">< a href=\"$value\" target=\"_blank\">$value</ a></div></ td>
</tr>
";
} else {
$retval="
<tr>
<td class=\"gbtable2\"><div class=\"maininputleft\">$n ame : </div></td>
<td class=\"gbtable2\"><div class=\"maininputright\">" .htmlspeci alchars($v alue)."</d iv></td>
</tr>
";
}
} else {
$retval="
<tr>
<td class=\"gbtable2\"><div class=\"maininputleft\">$n ame : </div></td>
";
if ($value) {
$retval.="
<td class=\"gbtable2\"><img src=\"$image_dir/icons/che cked2.gif\ " border=\"0\" alt=\"$ad_yes\"
onmouseover=\"window.statu s='$ad_yes '; return true;\"
onmouseout=\"window.status =''; return true;\"></td>\n";
} else {
$retval.="
<td class=\"gbtable2\"><img src=\"$image_dir/icons/sig nno.gif\" border=\"0\" alt=\"$ad_no\"
onmouseover=\"window.statu s='$ad_no' ; return true;\"
onmouseout=\"window.status =''; return true;\"></td>\n";
}
$retval.="
</tr>";
}
} else {
// signup
if (($signup=="1" || $signup=="0") && $field[value5]=="yes") {$publicinfo="$memb_newpub lic";} else {$publicinfo="";}
if ($field[value3]=="text" || $field[value3]=="") {
$retval="
<tr>
<td><div class=\"maininputleft\">$n ame $publicinfo: </div></td>
<td><input type=text name=\"$field[name]\" value=\"".htmlspecialchars ($value)." \"$readonl y></td>
</tr>
";
} elseif ($field[value3]=="url") {
if (!$value) {$value="http://";} elseif ($value && substr($value,0,7)!="http://") {$value="http://".$value;}
$retval="
<tr>
<td><div class=\"maininputleft\">$n ame $publicinfo: </div></td>
<td><input type=text name=\"$field[name]\" value=\"".htmlspecialchars ($value)." \"$readonl y></td>
</tr>
";
} elseif ($field[value3]=="select") {
if (!$value) {
$optionstr.="<option value=\"\">--------</optio n>";
}
if (is_file("./$language_dir/ $field[val ue4]")) {
$filename = "./$language_dir/$field[va lue4]";
$fd = fopen ($filename, "r");
$optionstr.= str_replace("\"$value\""," \"$value\" SELECTED",fread ($fd, filesize ($filename)));
fclose ($fd);
} else {
$options=explode("|",$fiel d[value4]) ;
for ($i=0; $i<count($options); $i++) {
if (!$signup && $options[$i]=="$value") {$selected="SELECTED";} else {$selected="";}
$optionstr.="<option value=\"".htmlspecialchars ($options[ $i])."\" $selected>".htmlspecialcha rs($option s[$i])."</ option>";
}
}
$retval="
<tr>
<td><div class=\"maininputleft\">$n ame $publicinfo: </div></td>
<td><select name=\"$field[name]\">
$optionstr
</select></td>
</tr>
";
} elseif ($field[value3]=="checkbox ") {
if ($signup && $field[value4]) $checked="CHECKED";
if (!$signup && $value) $checked="CHECKED";
$retval="
<tr>
<td><div class=\"maininputleft\">$n ame $publicinfo: </div></td>
<td><input type=checkbox name=\"$field[name]\" $checked></td>
</tr>
";
}
}
}
mysql_close();
return $retval;
}
function adfield($cat,$fieldname,$n ame="",$va lue="") {
global $database,$server,$db_user ,$db_pass, $language_ dir;
$retval=false;
$result=mysql_db_query($da tabase, "SELECT * FROM config WHERE type='cat' AND name='$fieldname' AND value='$cat'") or died(mysql_error());
$field=mysql_fetch_array($ result);
if ($field[value2]=="yes") { // if enabled
if ($field[value3]=="text" || $field[value3]=="url" || $field[value3]=="") {
if (!$value) {$value=$field[value4];}
$retval="
<tr>
<td><div class=\"maininputleft\">$n ame : </div></td>
<td><input type=text name=\"in[$field[name]]\" value=\"".htmlspecialchars ($value)." \"> ".htmlspecialchars($field[ value5])." </td>
</tr>
";
if ($field[value3]=="url") {$retval.="<!--url-->";}
} elseif ($field[value3]=="select") {
if (!$value) {
$optionstr.="<option value=\"\">--------</optio n>";
}
if (is_file("./$language_dir/ $field[val ue4]")) {
$filename = "./$language_dir/$field[va lue4]";
$fd = fopen ($filename, "r");
$optionstr.= str_replace("\"$value\""," \"$value\" SELECTED",fread ($fd, filesize ($filename)));
fclose ($fd);
} else {
$options=explode("|",$fiel d[value4]) ;
for ($i=0; $i<count($options); $i++) {
if (!$signup && $options[$i]=="$value") {$selected="SELECTED";} else {$selected="";}
$optionstr.="<option value=\"".htmlspecialchars ($options[ $i])."\" $selected>".htmlspecialcha rs($option s[$i])."</ option>";
}
}
$retval="
<tr>
<td><div class=\"maininputleft\">$n ame : </div></td>
<td><select name=\"in[$field[name]]\">
$optionstr
</select> $field[value5] </td>
</tr>
";
} elseif ($field[value3]=="checkbox ") {
if ($signup && $field[value4]) $checked="CHECKED";
if (!$signup && $value) $checked="CHECKED";
$retval="
<tr>
<td><div class=\"maininputleft\">$n ame : </div></td>
<td><input type=checkbox name=\"in[$field[name]]\" $checked></td>
</tr>
";
}
}
return $retval;
}
function adfieldunit($cat,$fieldnam e) {
global $database;
$retval=false;
$result=mysql_db_query($da tabase, "SELECT * FROM config WHERE type='cat' AND name='$fieldname' AND value='$cat'") or died(mysql_error());
$field=mysql_fetch_array($ result);
if ($field[value5]) {$retval=$field[value5];}
return $retval;
}
function searchfield($cat,$fieldnam e,$name="" ,$value="" ,$fieldsiz e="") {
global $database,$server,$db_user ,$db_pass, $language_ dir;
$retval=false;
$result=mysql_db_query($da tabase, "SELECT * FROM config WHERE type='cat' AND name='$fieldname' AND value='$cat'") or died(mysql_error());
$field=mysql_fetch_array($ result);
if ($field[value2]=="yes" && $field[value6]!="no") { // if enabled
if ($field[value3]=="text" || $field[value3]=="") {
$retval="
<tr>
<td><div class=\"maininputleft\">$n ame : </div></td>
<td><input type=\"text\" name=\"in[$field[name]]\" value=\"".htmlspecialchars ($value)." \" size=\"$fieldsize\"> ".htmlspecialchars($field[ value5])." </td>
</tr>
";
} elseif ($field[value3]=="select") {
if (!$value) {
$optionstr="<option value=\"\">--------</optio n>";
}
if (is_file("./$language_dir/ $field[val ue4]")) {
$filename = "./$language_dir/$field[va lue4]";
$fd = fopen ($filename, "r");
$optionstr.= str_replace("\"$value\""," \"$value\" SELECTED",fread ($fd, filesize ($filename)));
fclose ($fd);
} else {
$options=explode("|",$fiel d[value4]) ;
for ($i=0; $i<count($options); $i++) {
if (!$signup && $options[$i]=="$value") {$selected="SELECTED";} else {$selected="";}
$optionstr.="<option value=\"".htmlspecialchars ($options[ $i])."\" $selected>".htmlspecialcha rs($option s[$i])."</ option>";
}
}
if ($field[value6]=="minmax") {
$retval="
<tr>
<td><div class=\"maininputleft\">$n ame : </div></td>
<td><select name=\"in[$field[name]]\">
$optionstr
</select> - <select name=\"in2[$field[name]]\" >
$optionstr
</select> $field[value5] </td>
</tr>
";
} else {
$retval="
<tr>
<td><div class=\"maininputleft\">$n ame : </div></td>
<td><select name=\"in[$field[name]]\">
$optionstr
</select> $field[value5] </td>
</tr>
";
}
} elseif ($field[value3]=="checkbox ") {
if ($signup && $field[value4]) $checked="CHECKED";
if (!$signup && $value) $checked="CHECKED";
$retval="
<tr>
<td><div class=\"maininputleft\">$n ame : </div></td>
<td><input type=checkbox name=\"in[$field[name]]\" $checked></td>
</tr>
";
}
}
return $retval;
}
function logging($db,$uid,$username ,$event,$e xt) {
global $logging_enable,$database, $server,$d b_user,$db _pass,$ip, $client,$t imestamp,$ REMOTE_HOS T;
if ($logging_enable) {
if ($db) {mysql_connect($server, $db_user, $db_pass);}
mysql_db_query($database, "INSERT INTO logging (timestamp,userid,username ,ip,ipname ,client,ev ent,ext)
VALUES ('$timestamp','$uid','$use rname','$i p','$REMOT E_HOST','$ client','$ event','$e xt')") or died(mysql_error());
if ($db) {mysql_close();}
}
}
function getfile($filename) {
$fd = fopen ($filename, "r");
$contents = fread ($fd, filesize ($filename));
fclose ($fd);
return $contents;
}
function addslashesnew($string) {
if (get_magic_quotes_gpc()==1 ) {
return $string;
} else {
return addslashes($string);
}
}
function suppr($file) {
$delete = @unlink($file);
if (@file_exists($file)) {
$filesys = eregi_replace("/","\\",$fi le);
$delete = @system("del $filesys");
if (@file_exists($file)) {
$delete = @chmod ($file, 0775);
$delete = @unlink($file);
$delete = @system("del $filesys");
}
}
}
function dateToTime($date) { //input Format 2000-11-24, output Format: Unixtimestamp
list($y,$m,$d)=explode("-" ,substr($d ate,0,10)) ;
return mktime(0,0,0,$m,$d,$y);
}
function dateToStr($date) { //input Format 2000-11-24, output
global $dateformat;
if ($date!="0000-00-00 00:00:00") {
$temp=explode(" ",$date);
list($y,$m,$d)=explode("-" ,$temp[0]) ;
list($hh,$mm,$ss)=explode( ":",$temp[ 1]);
return date($dateformat,mktime($h h,$mm,$ss, $m,$d,$y)) ;
}
}
function str_repeats($input, $mult) { //str_repeat() - replacement (backward-comp.)
$ret = "";
while ($mult > 0) {
$ret .= $input;
$mult --;
}
return $ret;
}
function isbanned($userid) {
global $ip,$database;
$ban_query = mysql_db_query($database, "SELECT * FROM banned_ips") or died("Database Query Error");
while ($ips = mysql_fetch_row($ban_query )) {
if ($ips["0"] == $ip) {
return 1;
exit;
}
}
if ($userid) { // if $userid is empty IGNORE user_banned_check
$ban_query2 = mysql_db_query($database, "SELECT * FROM banned_users") or died("Database Query Error");
while ($users = mysql_fetch_row($ban_query 2)) {
if ($users["0"] == $userid) {
return 1;
exit;
}
}
}
return 0;
}
function encode_msg ($msg) {
global $image_dir,$database;
if ($msg) {
$msg = addslashesnew($msg); // Add SQL compatibilty
$msg = str_replace("\n", "<BR>", $msg); // Replace newline with <br>
$result = mysql_db_query($database, "SELECT * FROM smilies") or died("Query Error");
while ($db = mysql_fetch_array($result) ) {
$msg = str_replace($db[code], "<img src=".$image_dir."/smilies /".$db[fil e].">", $msg); // Smilie
}
}
return $msg;
}
function decode_msg ($msg) {
global $image_dir,$database;
if ($msg) {
# $msg = stripslashes($msg); // Remove SQL compatibilty
$msg = str_replace("<BR>", "\n", $msg); // Replace newline with <br>
$result = mysql_db_query($database, "SELECT * FROM smilies") or died("Query Error");
while ($db = mysql_fetch_array($result) ) {
$msg = str_replace("<img src=".$image_dir."/smilies /".$db[fil e].">",$db [code],$ms g); // Smilie
}
}
return $msg;
}
function wordwrap_msg($msg, $maxwordlen=40) { // Looooooong String Break
$eachword = explode(" " , eregi_replace("<BR>"," ",$msg)); // temp remove <BR>
for ($i=0; $i<count($eachword); $i++) {
if (strlen($eachword[$i])>$ma xwordlen) {
$msg = eregi_replace($eachword[$i ], chunk_split($eachword[$i], $maxwordle n), $msg); // replace long w
}
}
return $msg;
}
function badwords ($msg,$mod) {
global $database;
$msg=wordwrap_msg($msg);
$eachword = explode(" " , eregi_replace("<BR>"," ",$msg)); // temp remove <BR>
$result = mysql_db_query($database, "SELECT * FROM badwords") or died("Query Error");
while ($db = mysql_fetch_array($result) ) {
for ($i=0; $i<count($eachword); $i++) {
if (is_int(strpos($eachword[$ i],$db[bad word]))) {
if ($mod) {
$msg = eregi_replace($eachword[$i ], "<span class=\"censored\">".$each word[$i]." </span>", $msg); // Badword
} else {
$msg = eregi_replace($eachword[$i ], str_repeats("*", strlen($eachword[$i])), $msg); // Badword
}
}
}
}
return $msg;
}
function badwordsmail ($msg) {
global $database;
$eachword = explode(" ",$msg);
$result = mysql_db_query($database, "SELECT * FROM badwords") or died("Query Error");
while ($db = mysql_fetch_array($result) ) {
for ($i=0; $i<count($eachword); $i++) {
if (is_int(strpos($eachword[$ i],$db[bad word]))) {
$msg = eregi_replace($eachword[$i ], str_repeats("*", strlen($eachword[$i])), $msg); // Badword
}
}
}
return stripslashes($msg);
}
function strip_array ($in) { //foreach()-Replacement !!!
reset($in);
while ($array=each($in)) {
$ckey=$array['key'];
$cvalue=$array['value'];
$cvalue = str_replace("'", "''", $cvalue);
$cvalue = stripslashes($cvalue);
$cvalue = strip_tags($cvalue);
$out[$ckey] = $cvalue;
}
return $out;
}
function open_sales_window($value=" ") {
echo "<script language=javascript>
window.open(\"sales_buy.ph p\",\"Buy_ Membership \",\"width =780,heigh t=550,top= 10,left=10 ,scrollbar s=yes,resi zable=yes, toolbar=no ,directori es=no,stat us=no,menu bar=no\");
location.replace('classifi ed.php$val ue');
</script>";
}
function ico_email($value,$align="l eft") {
global $sales_lang_noaccess,$ad_s endemail,$ image_dir;
if (!$value) {
echo "<a href=\"sales_buy.php\"
onClick='enterWindow=windo w.open(\"s ales_buy.p hp\",\"Win dow\",\"wi dth=780,he ight=550,t op=10,left =10,scroll bars=yes,r esizable=y es,toolbar =no,direct ories=no,s tatus=no,m enubar=no\ "); return false'
onmouseover=\"window.statu s='$sales_ lang_noacc ess'; return true;\"
onmouseout=\"window.status =''; return true;\">
<img src=\"$image_dir/icons/ema il.gif\" border=\"0\" alt=\"$sales_lang_noaccess \" align=\"$align\" vspace=\"2\"
</a>\n";
} else {
echo "<a href=\"sendmail.php?$value \"
onClick='enterWindow=windo w.open(\"s endmail.ph p?$value\" ,\"EMail\" ,\"width=6 00,height= 430,top=10 0,left=100 ,scrollbar s=yes,resi zable=yes, toolbar=no ,directori es=no,stat us=no,menu bar=no\"); return false'
onmouseover=\"window.statu s='$ad_sen demail'; return true;\"
onmouseout=\"window.status =''; return true;\">
<img src=\"$image_dir/icons/ema il.gif\" border=\"0\" alt=\"$ad_sendemail\" align=\"$align\" vspace=\"2\"></a>\n";
}
}
function ico_icq($value,$align="lef t") {
global $sales_lang_noaccess,$ad_i cq,$image_ dir;
if (!$value) {
echo "<a href=\"sales_buy.php\"
onClick='enterWindow=windo w.open(\"s ales_buy.p hp\",\"Win dow\",\"wi dth=780,he ight=550,t op=10,left =10,scroll bars=yes,r esizable=y es,toolbar =no,direct ories=no,s tatus=no,m enubar=no\ "); return false'
onmouseover=\"window.statu s='$sales_ lang_noacc ess'; return true;\"
onmouseout=\"window.status =''; return true;\">
<img src=\"$image_dir/icons/icq .gif\" border=\"0\" alt=\"$sales_lang_noaccess \" align=\"$align\" vspace=\"2\"
</a>\n";
} else {
echo "<a href=\"http://wwp.icq.com/".$value."\" target=\"_blank\"
onmouseover=\"window.statu s='$ad_icq '; return true;\"
onmouseout=\"window.status =''; return true;\">
<img src=\"$image_dir/icons/icq .gif\" border=\"0\" alt=\"$ad_icq\" align=\"$align\" vspace=\"2\"></a>\n";
}
}
function ico_url($value,$align="lef t") {
global $sales_lang_noaccess,$ad_g otourl,$im age_dir;
if (!$value) {
echo "<a href=\"sales_buy.php\"
onClick='enterWindow=windo w.open(\"s ales_buy.p hp\",\"Win dow\",\"wi dth=780,he ight=550,t op=10,left =10,scroll bars=yes,r esizable=y es,toolbar =no,direct ories=no,s tatus=no,m enubar=no\ "); return false'
onmouseover=\"window.statu s='$sales_ lang_noacc ess'; return true;\"
onmouseout=\"window.status =''; return true;\">
<img src=\"$image_dir/icons/hom e.gif\" border=\"0\" alt=\"$sales_lang_noaccess \" align=\"$align\" vspace=\"2\"
</a>\n";
} else {
echo "<a href=\"$value\" target=\"_blank\"
onmouseover=\"window.statu s='$ad_got ourl ($value)'; return true;\"
onmouseout=\"window.status =''; return true;\">
<img src=\"$image_dir/icons/hom e.gif\" border=\"0\" alt=\"$ad_gotourl\" align=\"$align\" vspace=\"2\"></a>\n";
}
}
function ico_friend($value,$align=" left") {
global $ad_sendlink,$image_dir;
echo " <a href=\"sendmail.php?value\ "
onClick='enterWindow=windo w.open(\"s endmail.ph p?$value\" ,\"EMail\" ,\"width=6 00,height= 430,top=10 0,left=100 ,scrollbar s=yes,resi zable=yes, toolbar=no ,directori es=no,stat us=no,menu bar=no\"); return false'
onmouseover=\"window.statu s='$ad_sen dlink'; return true;\"
onmouseout=\"window.status =''; return true;\">
<img src=\"$image_dir/icons/lig htbulb2.gi f\" border=\"0\" alt=\"$ad_sendlink\" align=\"$align\" vspace=\"2\"></a>\n";
}
function ico_print($value,$align="l eft") {
global $ad_print,$image_dir;
echo " <a href=\"javascript:window.p rint()\"
onClick='javascript:window .print();'
onmouseover=\"window.statu s='$ad_pri nt'; return true;\"
onmouseout=\"window.status =''; return true;\">
<img src=\"$image_dir/icons/pri nt.gif\" border=\"0\" alt=\"$ad_print\" align=\"$align\" vspace=\"2\"></a>\n";
}
function ico_favorits($value,$align ="left") {
global $ad_favorits,$image_dir;
echo " <a href=\"favorits.php?$value \"
onClick='enterWindow=windo w.open(\"f avorits.ph p?$value\" ,\"Window\ ",\"width= 400,height =200,top=2 00,left=20 0\"); return false'
onmouseover=\"window.statu s='$ad_fav orits'; return true;\"
onmouseout=\"window.status =''; return true;\">
<img src=\"$image_dir/icons/che cked.gif\" border=\"0\" alt=\"$ad_favorits\" align=\"$align\" vspace=\"2\"></a>\n";
}
function ico_adrating($value,$align ="left") {
global $ad_rating,$image_dir;
echo " <a href=\"adrating.php?$value \"
onClick='enterWindow=windo w.open(\"a drating.ph p?$value\" ,\"Window\ ",\"width= 180,height =180,top=2 00,left=20 0\"); return false'
onmouseover=\"window.statu s='$ad_rat ing'; return true;\"
onmouseout=\"window.status =''; return true;\">
<img src=\"$image_dir/icons/han dup.gif\" border=\"0\" alt=\"$ad_rating\" align=\"$align\" vspace=\"2\"></a>\n";
}
function ico_info($value,$align="le ft") {
global $ad_member,$image_dir;
echo " <a href=\"members.php?$value\ "
onmouseover=\"window.statu s='$ad_mem ber'; return true;\"
onmouseout=\"window.status =''; return true;\">
<img src=\"$image_dir/icons/inf o.gif\" border=\"0\" alt=\"$ad_member\" align=\"$align\" vspace=\"2\"></a>\n";
}
# Classes
########################## ########## ########## ########## ########## ########## ########## ########## #
class authlib {
function register ($username, $password, $password2, $email, $sex, $acceptterms ,
$newsletter, $firstname, $lastname, $address, $zip, $city, $state, $country,
$phone, $cellphone, $icq, $homepage, $hobbys, $field1, $field2, $field3,
$field4, $field5, $field6, $field7, $field8, $field9, $field10 ) {
global $chat_interface,$chat_enab le,$chat_d atabase,$c hat_server ,$chat_db_ user,$chat _db_pass,
$forum_interface,$forum_en able,$foru m_database ,$forum_se rver,$foru m_db_user, $forum_db_ pass,
$gender,$genders,$admin_em ail,$reg_n otify,$url _to_start, $mail_msg, $server,$d b_user,$db _pass,
$database,$secret,$error,$ no_confirm ation,$aut o_login;
if (!$username || !$password || !$password2 || !$email || !$acceptterms) {
return $error[14];
} else {
if (!eregi("^[a-z0-9]+([_\\.- ][a-z0-9]+ )*@([a-z0- 9]+([\.-][ a-z0-9]+)* )+\\.[a-z] {2,}$", $email)) {
# if (!eregi("^([a-z0-9]+)(([a- z0-9._-]+) )*[@]([a-z 0-9]+)([._ -]([a-z0-9 ]+))*[.]([ a-z0-9]){2 }([a-z0-9] )?$", $email)) {
return $error[4];
}
if ($sex == "") {
return $error[11];
}
if (strlen($username) < 3) {
return $error[1];
}
if (strlen($username) > 20) {
return $error[2];
}
if (!ereg("^[[:alnum:]_-]+$", $username)) {
return $error[3];
}
if ($password != $password2) {
return $error[0];
}
if (strlen($password) < 3) {
return $error[5];
}
if (strlen($password) > 20) {
return $error[6];
}
if (!ereg("^[[:alnum:]_-]+$", $password)) {
return $error[7];
}
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database) ;
$query = mysql_query("select id from login where username = '$username'");
$result = mysql_num_rows($query);
if ($result > 0) {
mysql_close();
return $error[12];
}
$query = mysql_query("select id from userdata where email = '$email'");
$result = mysql_num_rows($query);
if ($result > 0) {
mysql_close();
return $error[13];
}
if ($no_confirmation) {
$is_success_first = mysql_query("insert into userdata (username, email, sex,
newsletter, firstname, lastname, address, zip, city, state, country,
phone, cellphone, icq, homepage, hobbys, field1, field2, field3,
field4, field5, field6, field7, field8, field9, field10, registered )
values ('$username', '$email', '$sex',
'$newsletter', '$firstname', '$lastname', '$address', '$zip', '$city', '$state', '$country',
'$phone', '$cellphone', '$icq', '$homepage', '$hobbys', '$field1', '$field2', '$field3',
'$field4', '$field5', '$field6', '$field7', '$field8', '$field9', '$field10', '$timestamp' )") or died(mysql_error());
if ($is_success_first) {
$is_success_second = mysql_query("insert into login (username, password) values ('$username', '$password')");
if ($is_success_second) {
// only if forum-interface
if ($is_success_second && $forum_database && $forum_enable && $forum_interface) {
include ("$forum_interface");
}
// only if chat-interface
if ($is_success_second && $chat_database && $chat_enable && $chat_interface) {
include ("$chat_interface");
}
}
}
$mailto = "$email";
$subject = "$mail_msg[0]";
$message = "$mail_msg[1]$username\n\n $mail_msg[ 2]$usernam e\n$mail_m sg[3]$pass word\n$mai l_msg[4]$e mail\n$mai l_msg[5]$s ex\n\n$mai l_msg[7]";
$from = "From: $admin_email\r\nReply-to: $admin_email\r\n";
@mail($mailto, $subject, $message, $from);
if ($auto_login) {
$login=$this->login($usern ame, $password);
if ($login!="2") {
$retval="$error[15]";
} else {
$retval=3;
}
}
} else {
$hash = substr(md5($secret.$userna me),0,10);
$is_success = mysql_query("insert into confirm values
('$hash', '$username', '$password', '$email', '$sex', now(),
'$newsletter', '$firstname', '$lastname', '$address', '$zip', '$city', '$state',
'$country', '$phone', '$cellphone', '$icq', '$homepage', '$hobbys', '$field1',
'$field2', '$field3', '$field4', '$field5', '$field6', '$field7', '$field8',
'$field9', '$field10')") or died(mysql_error());
mysql_close();
if (!$is_success) {
return $error[16];
}
$confirmurl = ("$url_to_start" . "/confirm.php?hash=" . "$hash" . "&nick=" . "$username");
$aolconfirmurl = ("AOL: <A HREF=\" $url_to_start" . "/confirm.php?hash=" . "$hash" . "&nick=" . "$username \">CLICK HERE</A>");
$mailto = "$email";
$subject = "$mail_msg[0]";
if (strstr($mailto,"aol")) { // For AOL-Users
$message = "$mail_msg[1]$username\n\n $mail_msg[ 2]$usernam e\n$mail_m sg[3]$pass word\n$mai l_msg[4]$e mail\n$mai l_msg[5]$s ex\n\n$mai l_msg[6]\n \n$aolconf irmurl\n\n $mail_msg[ 7]";
} else {
$message = "$mail_msg[1]$username\n\n $mail_msg[ 2]$usernam e\n$mail_m sg[3]$pass word\n$mai l_msg[4]$e mail\n$mai l_msg[5]$s ex\n\n$mai l_msg[6]\n \n$confirm url\n\n$ma il_msg[7]" ;
}
$from = "From: $admin_email\r\nReply-to: $admin_email\r\n";
@mail($mailto, $subject, $message, $from);
}
logging("1","","$username" ,"AUTH: new registration","Password: $password, EMail: $email, Sex: $sex");
if ($reg_notify) {
$mailto = "$reg_notify";
$subject = "NOTIFY $mail_msg[0]";
$message = "$mail_msg[8]$username\n$m ail_msg[3] $password\ n$mail_msg [4]$email\ n$mail_msg [5]$sex\n" ;
$from = "From: $admin_email\r\nReply-to: $admin_email\r\n";
@mail($mailto, $subject, $message, $from);
}
return 2;
}
}
function login ($username, $password) {
global $server,$db_user,$db_pass, $database, $secret,$e rror,$logi n_cookie_t ime,$cooki epath,$tim estamp;
if (!$username || !$password) {
return $error[14];
}
else {
if (!eregi("^[[:alnum:]_-]+$" , $username)) {
return $error[3];
}
if (!eregi("^[[:alnum:]_-]+$" , $password)) {
return $error[7];
}
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database) ;
$md5password=md5($password );
$query = mysql_query("select id from login where username = '$username' and (password = '$password' OR password = '$md5password')");
$result = mysql_num_rows($query);
$query2 = mysql_query("select level from userdata where username = '$username'");
$result2 = mysql_num_rows($query2);
mysql_close();
if ($result < 1) {
logging("1","","$username" ,"AUTH: bad login","Password: $password");
return $error[26]; //Not found
}
else {
list ($id) = mysql_fetch_row($query);
list ($level) = mysql_fetch_row($query2);
$password = md5($password);
$hash = md5($username.$password.$l evel.$secr et);
$cookietime=$timestamp+(36 00*$login_ cookie_tim e);
setcookie("phpBazar", "$username:$password:$hash :$id:$leve l", "$cookietime", "$cookiepath");
logging("1","","$username" ,"AUTH: login","");
return 2;
}
}
}
function is_logged () {
global $phpBazar, $secret;
$session_vars = explode(":", $phpBazar);
$hash = md5($session_vars[0].$sess ion_vars[1 ].$session _vars[4].$ secret);
if ($hash != $session_vars[2]) {
return false;
} else {
if ($session_vars[4]>7) {$moderator=true;} // Moderator Check
return array($session_vars[0], $session_vars[3], $moderator, $session_vars[1]);
}
}
function logout () {
global $cookiepath,$phpBazar;
$session_vars = explode(":", $phpBazar);
setcookie("phpBazar", "", "0", "$cookiepath");
logging("1","","$session_v ars[0]","A UTH: logout","");
}
function edit_retrieve ($id) {
global $admin_email,$url_to_start ,$mail_msg ,$server,$ db_user,$d b_pass,$da tabase,$se cret,$erro r;
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database) ;
$query = mysql_query("select * from userdata where id = '$id'");
mysql_close();
list ($id, $username, $email, $sex, $newsletter, $level, $votes, $lastvotedate, $ads,
$lastaddate, $firstname, $lastname, $address, $zip, $city, $state, $country,
$phone, $cellphone, $icq, $homepage, $hobbys, $field1, $field2, $field3,
$field4, $field5, $field6, $field7, $field8, $field9, $field10) = mysql_fetch_row($query);
return array($email, $sex, $newsletter, $level, $votes, $lastvotedate, $ads,
$lastaddate, $firstname, $lastname, $address, $zip, $city, $state, $country,
$phone, $cellphone, $icq, $homepage, $hobbys, $field1, $field2, $field3,
$field4, $field5, $field6, $field7, $field8, $field9, $field10);
}
function edit ($id, $sex, $newsletter, $firstname, $lastname, $address, $zip, $city, $state, $country,
$phone, $cellphone, $icq, $homepage, $hobbys, $field1, $field2, $field3, $field4,
$field5, $field6, $field7, $field8, $field9, $field10 ) {
global $gender,$genders,$server,$ db_user,$d b_pass,$da tabase,$se cret,$erro r;
# if ($firstname && (!eregi("^[a-z ]+$", $firstname))) {
# return $error[8];
# }
# if ($lastname && (!eregi("^[[:alnum:]_-]+$" , $lastname))) {
# return $error[8];
# }
if (ereg("[^0-9]", $icq)) {
return $error[10];
}
if ($sex == "") {
return $error[11];
}
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database) ;
$query = mysql_query("update userdata set sex = '$sex',
newsletter = '$newsletter',
firstname = '$firstname',
lastname = '$lastname',
address = '$address',
zip = '$zip',
city = '$city',
state = '$state',
country = '$country',
phone = '$phone',
cellphone = '$cellphone',
icq = '$icq',
homepage = '$homepage',
hobbys = '$hobbys',
field1 = '$field1',
field2 = '$field2',
field3 = '$field3',
field4 = '$field4',
field5 = '$field5',
field6 = '$field6',
field7 = '$field7',
field8 = '$field8',
field9 = '$field9',
field10 = '$field10'
where id = '$id'");
mysql_close();
logging("1","$id","","AUTH : updated data","");
if (!$query) {
$error[20];
}
return 2;
}
function confirm ($hash, $username) {
global $chat_interface,$chat_enab le,$chat_d atabase,$c hat_server ,$chat_db_ user,$chat _db_pass,
$forum_interface,$forum_en able,$foru m_database ,$forum_se rver,$foru m_db_user, $forum_db_ pass,
$confirm_mail,$conf_notify ,$admin_em ail,$url_t o_start,$m ail_msg,$s erver,$db_ user,$db_p ass,
$database,$secret,$error,$ timestamp, $auto_logi n;
if (!$hash || !$username) {
return $error[14];
}
else {
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database) ;
$query = mysql_query("select * from confirm where mdhash = '$hash' AND username = '$username'");
$result = mysql_num_rows($query);
if ($result < 1) {
mysql_close();
return $error[15];
}
list($hd,$username,$passwo rd,$email, $sex,$date ,$newslett er,$firstn ame,
$lastname,$address,$zip,$c ity,$state ,$country, $phone,$ce llphone,$i cq,
$homepage,$hobbys,$field1, $field2,$f ield3,$fie ld4,$field 5,$field6,
$field7,$field8,$field9,$f ield10) = mysql_fetch_row($query);
//calculate a possible id-difference, if only login-data will deleted
$result = mysql_query("SELECT * FROM userdata");
$tmpid1 = mysql_num_rows($result);
$result = mysql_query("SELECT * FROM login");
$tmpid2 = mysql_num_rows($result);
if ($tmpid1 != $tmpid2) {
$diff = $tmpid1-$tmpid2;
for ($i = 0; $i < $diff; $i++) {
mysql_query("insert into login (username, password) values ('$timestamp', '$timestamp')");
}
}
// end id-difference
$is_success_first = mysql_query("insert into userdata (username, email, sex,
newsletter, firstname, lastname, address, zip, city, state, country,
phone, cellphone, icq, homepage, hobbys, field1, field2, field3,
field4, field5, field6, field7, field8, field9, field10, registered )
values ('$username', '$email', '$sex',
'$newsletter', '$firstname', '$lastname', '$address', '$zip', '$city', '$state', '$country',
'$phone', '$cellphone', '$icq', '$homepage', '$hobbys', '$field1', '$field2', '$field3',
'$field4', '$field5', '$field6', '$field7', '$field8', '$field9', '$field10', '$timestamp' )") or died(mysql_error());
if ($is_success_first) {
$is_success_second = mysql_query("insert into login (username, password) values ('$username', '$password')");
if ($is_success_second) {
$is_success_third = mysql_query("delete from confirm where username = '$username'");
// only if forum-interface
if ($is_success_second && $forum_database && $forum_enable && $forum_interface) {
include ("$forum_interface");
}
// only if chat-interface
if ($is_success_second && $chat_database && $chat_enable && $chat_interface) {
include ("$chat_interface");
}
}
}
mysql_close();
if (!$is_success_first) {
return $error[16];
}
if (!$is_success_second) {
# Registration Error
return $error[17];
}
if (!$is_success_third) {
# Alert, Purge Account!!!
return 2;
}
logging("1","","$username" ,"AUTH: confirmed registration","");
$retval=2;
if ($auto_login) {
$login=$this->login($usern ame, $password);
if ($login!="2") {
$retval="$error[15]";
} else {
$retval=3;
}
}
if ($conf_notify) {
$mailto = "$conf_notify";
$subject = "NOTIFY $mail_msg[0]";
$message = "$mail_msg[8]$username\n$m ail_msg[3] $password\ n$mail_msg [4]$email\ n$mail_msg [5]$sex\n" ;
$from = "From: $admin_email\r\nReply-to: $admin_email\r\n";
@mail($mailto, $subject, $message, $from);
}
if ($confirm_mail) {
$mailto = "$email";
$subject = "NOTIFY $mail_msg[9]";
$message = "$mail_msg[10]$username\n\ n$mail_msg [11]";
$from = "From: $admin_email\r\nReply-to: $admin_email\r\n";
@mail($mailto, $subject, $message, $from);
}
return $retval;
}
}
function lostpwd ($email) {
global $admin_email,$url_to_start ,$mail_msg ,$server,$ db_user,$d b_pass,$da tabase,$se cret,$erro r;
if (!$email) {
return $error[14];
}
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database) ;
$query = mysql_query("select login.password, login.username from login, userdata where userdata.email = '$email' and login.id = userdata.id");
$result = mysql_num_rows($query);
mysql_close();
if ($result < 1) {
return $error[19];
}
list($password, $username) = mysql_fetch_row($query);
$confirmurl = ("$url_to_start" . "/confirm.php?hash=" . "$hash" . "&username=" . "$username");
$mailto = "$email";
$subject = "$mail_msg[12]";
$message = "$mail_msg[13]$username\n\ n$mail_msg [14]$usern ame\n$mail _msg[3]$pa ssword\n\n $mail_msg[ 15]";
$from = "From: $admin_email\r\nReply-to: $admin_email\r\n";
@mail($mailto, $subject, $message, $from);
logging("1","","$username" ,"AUTH: lost password sent","");
return 2;
}
function chemail ($id, $email, $email2) {
global $admin_email,$url_to_start ,$mail_msg ,$server,$ db_user,$d b_pass,$da tabase,$se cret,$erro r;
if ($email != $email2) {
return $error[14];
}
else {
if (!eregi("^([a-z0-9]+)([._- ]([a-z0-9] +))*[@]([a -z0-9]+)([ ._-]([a-z0 -9]+))*[.] ([a-z0-9]) {2}([a-z0- 9])?$", $email)) {
return $error[4];
}
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database) ;
$query = mysql_query("select id from userdata where email = '$email'");
$result = mysql_num_rows($query);
if ($result > 0) {
list($id_from_db) = mysql_fetch_row($query);
if ($id_from_db != $id) {
mysql_close();
return $error[13];
}
return $error[23];
}
$mdhash = substr(md5($id.$email.$sec ret),0,10) ;
$query = mysql_query("insert into confirm_email values ('$id', '$email', '$mdhash', now())");
if (!$query) {
mysql_close();
$error[20];
}
$confirmurl = ("$url_to_start" . "/confirm_email.php?mdhash =" . "$mdhash" . "&id=" . "$id" . "&email=" . "$email");
$mailto = "$email";
$subject = "$mail_msg[16]";
$message = "$mail_msg[17]\n\n$confirm url\n\n$ma il_msg[18] ";
$from = "From: $admin_email\r\nReply-to: $admin_email\r\n";
@mail($mailto, $subject, $message, $from);
logging("1","$id","","AUTH : new email change","");
return 2;
}
}
function confirm_email($id, $email, $mdhash) {
global $server,$db_user,$db_pass, $database, $secret,$e rror;
if (!$id || !$email || !$mdhash) {
return $error[14];
}
else {
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database) ;
$query = mysql_query("select * from confirm_email where id = '$id' AND email = '$email' AND mdhash = '$mdhash'");
$result = mysql_num_rows($query);
if ($result < 1) {
mysql_close();
return $error[15];
}
$update = mysql_query("update userdata set email = '$email' where id = '$id'");
$delete = mysql_query("delete from confirm_email where email = '$email'");
mysql_close();
logging("1","$id","","AUTH : confirmed email change","");
return 2;
}
}
function confirm_ad($id, $hash) {
global $server,$db_user,$db_pass, $database, $timeoutco nfirm,$err or;
if (!$id || !$hash) {
return $error[14];
}
else {
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database) ;
$query = mysql_query("select * from ads where id = '$id' AND timeoutnotify = '$hash'");
$result = mysql_num_rows($query);
if ($result < 1) {
mysql_close();
return $error[15];
}
$update = mysql_query("update ads set timeoutnotify = '',timeoutdays = timeoutdays+$timeoutconfir m where id = '$id'");
mysql_close();
return 2;
}
}
function chpass ($id, $password, $password2) {
global $server,$db_user,$db_pass, $database, $error;
if ($password != $password2) {
return $error[0];
}
else {
if (strlen($password) < 3) {
return $error[5];
}
if (strlen($password) > 20) {
return $error[6];
}
if (!ereg("^[[:alnum:]_-]+$", $password)) {
return $error[7];
}
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database) ;
$query = mysql_query("update login set password = '$password' where id = '$id'");
mysql_close();
if (!$query) {
return $error[21];
}
logging("1","$id","","AUTH : password changed","New Password: $password");
return 2;
}
}
function delete($id) {
global $server,$db_user,$db_pass, $database, $error,$ti mestamp;
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database) ;
$delstring="deleted_".$tim estamp;
if ($really_del_memb) { //if set really delete it
$query = mysql_query("update ads set deleted='1' where userid = '$id'");
$query = mysql_query("delete from login where id = '$id'");
$query = mysql_query("delete from userdata where id = '$id'");
} else { // or only overwrite the password :-) better
$query = mysql_query("update ads set deleted='1' where userid = '$id'");
$query = mysql_query("update login set password='$delstring' where id = '$id'");
}
mysql_close();
logging("1","$id","","AUTH : deleted","");
return 2;
}
}
$authlib = new authlib;
?>
##########################
#
# project : phpBazar
# filename : index.php
# purpose : Index (Start) File
#
##########################
# Include Configs & Variables
##########################
require ("library.php");
# The Head-Section
##########################
include ($HEADER);
# The Main-Section
##########################
#echo"<p> \n";
echo" <table align=\"center\" border=\"0\" cellspacing=\"0\" cellpadding=\"1\" width=\"$wel_table_width\"
echo" <tr>\n";
echo" <td class=\"class1\">\n";
echo" <table align=\"center\" border=\"0\" cellspacing=\"0\" cellpadding=\"10\" width=\"100%\">\n";
echo" <tr>\n";
echo" <td class=\"class2\">\n";
include ("$language_dir/welcome.in
echo" </td>\n";
echo" </tr>\n";
echo" </table>\n";
echo" </td>\n";
echo" </tr>\n";
echo" </table>\n";
# The Foot-Section
##########################
include ($FOOTER);
# Browser Detection
##########################
#include ("$language_dir/browser.in
?>
That was the index.php now here is library.php
<?
##########################
#
# project : phpBazar
# filename : library.php
# purpose : Library File
#
##########################
# Include Configs & Variables
##########################
require("config.php");
if ($HTTP_COOKIE_VARS["Langua
$language_user=$HTTP_COOKI
}
$language_dir=$languagebas
if (!is_file("$language_dir/v
require("$language_dir/var
if (is_file("sales.php")) {
include ("sales.php");
require("$language_dir/sal
}
list($USERNAME)=explode(":
if (!strstr("$PHP_SELF","fram
mysql_connect($server, $db_user, $db_pass);
mysql_db_query($database, "INSERT INTO useronline VALUES ('$timestamp','$ip','$PHP_
mysql_close();
}
##########################
# Functions
##########################
function died($message) { //when we die, than with a nice window ;-)
if(!$message) {
$message = "There was an unknown error !";
}
$errormessage=rawurlencode
echo "<script language=\"JavaScript\">
history.back(1);
var winl = (screen.width - 300) / 2;
var wint = (screen.height - 150) / 2;
window.open(\"message.php?
</script>\n";
exit;
}
function memberfield($signup,$field
global $database,$server,$db_user
,$ad_no,$ad_yes;
$retval=false;
mysql_connect($server, $db_user, $db_pass);
$result=mysql_db_query($da
$field=mysql_fetch_array($
if ($field[value]=="yes" && ($signup=="0" || ($signup=="1" && $field[value2]=="yes") || ($signup=="2" && $field[value5]=="yes")) ) { // if enabled
if ($signup=="2") {
// show Memberdetails
if ($field[value3]!="checkbox
if ($fieldname=="homepage") {
if ($value && substr($value,0,7)!="http://") {$value="http://".$value;}
$retval="
<tr>
<td class=\"gbtable2\"><div class=\"maininputleft\">$n
<td class=\"gbtable2\"><div class=\"maininputright\"><
</tr>
";
} else {
$retval="
<tr>
<td class=\"gbtable2\"><div class=\"maininputleft\">$n
<td class=\"gbtable2\"><div class=\"maininputright\">"
</tr>
";
}
} else {
$retval="
<tr>
<td class=\"gbtable2\"><div class=\"maininputleft\">$n
";
if ($value) {
$retval.="
<td class=\"gbtable2\"><img src=\"$image_dir/icons/che
onmouseover=\"window.statu
onmouseout=\"window.status
} else {
$retval.="
<td class=\"gbtable2\"><img src=\"$image_dir/icons/sig
onmouseover=\"window.statu
onmouseout=\"window.status
}
$retval.="
</tr>";
}
} else {
// signup
if (($signup=="1" || $signup=="0") && $field[value5]=="yes") {$publicinfo="$memb_newpub
if ($field[value3]=="text" || $field[value3]=="") {
$retval="
<tr>
<td><div class=\"maininputleft\">$n
<td><input type=text name=\"$field[name]\" value=\"".htmlspecialchars
</tr>
";
} elseif ($field[value3]=="url") {
if (!$value) {$value="http://";} elseif ($value && substr($value,0,7)!="http://") {$value="http://".$value;}
$retval="
<tr>
<td><div class=\"maininputleft\">$n
<td><input type=text name=\"$field[name]\" value=\"".htmlspecialchars
</tr>
";
} elseif ($field[value3]=="select")
if (!$value) {
$optionstr.="<option value=\"\">--------</optio
}
if (is_file("./$language_dir/
$filename = "./$language_dir/$field[va
$fd = fopen ($filename, "r");
$optionstr.= str_replace("\"$value\"","
fclose ($fd);
} else {
$options=explode("|",$fiel
for ($i=0; $i<count($options); $i++) {
if (!$signup && $options[$i]=="$value") {$selected="SELECTED";} else {$selected="";}
$optionstr.="<option value=\"".htmlspecialchars
}
}
$retval="
<tr>
<td><div class=\"maininputleft\">$n
<td><select name=\"$field[name]\">
$optionstr
</select></td>
</tr>
";
} elseif ($field[value3]=="checkbox
if ($signup && $field[value4]) $checked="CHECKED";
if (!$signup && $value) $checked="CHECKED";
$retval="
<tr>
<td><div class=\"maininputleft\">$n
<td><input type=checkbox name=\"$field[name]\" $checked></td>
</tr>
";
}
}
}
mysql_close();
return $retval;
}
function adfield($cat,$fieldname,$n
global $database,$server,$db_user
$retval=false;
$result=mysql_db_query($da
$field=mysql_fetch_array($
if ($field[value2]=="yes") { // if enabled
if ($field[value3]=="text" || $field[value3]=="url" || $field[value3]=="") {
if (!$value) {$value=$field[value4];}
$retval="
<tr>
<td><div class=\"maininputleft\">$n
<td><input type=text name=\"in[$field[name]]\" value=\"".htmlspecialchars
</tr>
";
if ($field[value3]=="url") {$retval.="<!--url-->";}
} elseif ($field[value3]=="select")
if (!$value) {
$optionstr.="<option value=\"\">--------</optio
}
if (is_file("./$language_dir/
$filename = "./$language_dir/$field[va
$fd = fopen ($filename, "r");
$optionstr.= str_replace("\"$value\"","
fclose ($fd);
} else {
$options=explode("|",$fiel
for ($i=0; $i<count($options); $i++) {
if (!$signup && $options[$i]=="$value") {$selected="SELECTED";} else {$selected="";}
$optionstr.="<option value=\"".htmlspecialchars
}
}
$retval="
<tr>
<td><div class=\"maininputleft\">$n
<td><select name=\"in[$field[name]]\">
$optionstr
</select> $field[value5] </td>
</tr>
";
} elseif ($field[value3]=="checkbox
if ($signup && $field[value4]) $checked="CHECKED";
if (!$signup && $value) $checked="CHECKED";
$retval="
<tr>
<td><div class=\"maininputleft\">$n
<td><input type=checkbox name=\"in[$field[name]]\" $checked></td>
</tr>
";
}
}
return $retval;
}
function adfieldunit($cat,$fieldnam
global $database;
$retval=false;
$result=mysql_db_query($da
$field=mysql_fetch_array($
if ($field[value5]) {$retval=$field[value5];}
return $retval;
}
function searchfield($cat,$fieldnam
global $database,$server,$db_user
$retval=false;
$result=mysql_db_query($da
$field=mysql_fetch_array($
if ($field[value2]=="yes" && $field[value6]!="no") { // if enabled
if ($field[value3]=="text" || $field[value3]=="") {
$retval="
<tr>
<td><div class=\"maininputleft\">$n
<td><input type=\"text\" name=\"in[$field[name]]\" value=\"".htmlspecialchars
</tr>
";
} elseif ($field[value3]=="select")
if (!$value) {
$optionstr="<option value=\"\">--------</optio
}
if (is_file("./$language_dir/
$filename = "./$language_dir/$field[va
$fd = fopen ($filename, "r");
$optionstr.= str_replace("\"$value\"","
fclose ($fd);
} else {
$options=explode("|",$fiel
for ($i=0; $i<count($options); $i++) {
if (!$signup && $options[$i]=="$value") {$selected="SELECTED";} else {$selected="";}
$optionstr.="<option value=\"".htmlspecialchars
}
}
if ($field[value6]=="minmax")
$retval="
<tr>
<td><div class=\"maininputleft\">$n
<td><select name=\"in[$field[name]]\">
$optionstr
</select> - <select name=\"in2[$field[name]]\"
$optionstr
</select> $field[value5] </td>
</tr>
";
} else {
$retval="
<tr>
<td><div class=\"maininputleft\">$n
<td><select name=\"in[$field[name]]\">
$optionstr
</select> $field[value5] </td>
</tr>
";
}
} elseif ($field[value3]=="checkbox
if ($signup && $field[value4]) $checked="CHECKED";
if (!$signup && $value) $checked="CHECKED";
$retval="
<tr>
<td><div class=\"maininputleft\">$n
<td><input type=checkbox name=\"in[$field[name]]\" $checked></td>
</tr>
";
}
}
return $retval;
}
function logging($db,$uid,$username
global $logging_enable,$database,
if ($logging_enable) {
if ($db) {mysql_connect($server, $db_user, $db_pass);}
mysql_db_query($database, "INSERT INTO logging (timestamp,userid,username
VALUES ('$timestamp','$uid','$use
if ($db) {mysql_close();}
}
}
function getfile($filename) {
$fd = fopen ($filename, "r");
$contents = fread ($fd, filesize ($filename));
fclose ($fd);
return $contents;
}
function addslashesnew($string) {
if (get_magic_quotes_gpc()==1
return $string;
} else {
return addslashes($string);
}
}
function suppr($file) {
$delete = @unlink($file);
if (@file_exists($file)) {
$filesys = eregi_replace("/","\\",$fi
$delete = @system("del $filesys");
if (@file_exists($file)) {
$delete = @chmod ($file, 0775);
$delete = @unlink($file);
$delete = @system("del $filesys");
}
}
}
function dateToTime($date) { //input Format 2000-11-24, output Format: Unixtimestamp
list($y,$m,$d)=explode("-"
return mktime(0,0,0,$m,$d,$y);
}
function dateToStr($date) { //input Format 2000-11-24, output
global $dateformat;
if ($date!="0000-00-00 00:00:00") {
$temp=explode(" ",$date);
list($y,$m,$d)=explode("-"
list($hh,$mm,$ss)=explode(
return date($dateformat,mktime($h
}
}
function str_repeats($input, $mult) { //str_repeat() - replacement (backward-comp.)
$ret = "";
while ($mult > 0) {
$ret .= $input;
$mult --;
}
return $ret;
}
function isbanned($userid) {
global $ip,$database;
$ban_query = mysql_db_query($database, "SELECT * FROM banned_ips") or died("Database Query Error");
while ($ips = mysql_fetch_row($ban_query
if ($ips["0"] == $ip) {
return 1;
exit;
}
}
if ($userid) { // if $userid is empty IGNORE user_banned_check
$ban_query2 = mysql_db_query($database, "SELECT * FROM banned_users") or died("Database Query Error");
while ($users = mysql_fetch_row($ban_query
if ($users["0"] == $userid) {
return 1;
exit;
}
}
}
return 0;
}
function encode_msg ($msg) {
global $image_dir,$database;
if ($msg) {
$msg = addslashesnew($msg); // Add SQL compatibilty
$msg = str_replace("\n", "<BR>", $msg); // Replace newline with <br>
$result = mysql_db_query($database, "SELECT * FROM smilies") or died("Query Error");
while ($db = mysql_fetch_array($result)
$msg = str_replace($db[code], "<img src=".$image_dir."/smilies
}
}
return $msg;
}
function decode_msg ($msg) {
global $image_dir,$database;
if ($msg) {
# $msg = stripslashes($msg); // Remove SQL compatibilty
$msg = str_replace("<BR>", "\n", $msg); // Replace newline with <br>
$result = mysql_db_query($database, "SELECT * FROM smilies") or died("Query Error");
while ($db = mysql_fetch_array($result)
$msg = str_replace("<img src=".$image_dir."/smilies
}
}
return $msg;
}
function wordwrap_msg($msg, $maxwordlen=40) { // Looooooong String Break
$eachword = explode(" " , eregi_replace("<BR>"," ",$msg)); // temp remove <BR>
for ($i=0; $i<count($eachword); $i++) {
if (strlen($eachword[$i])>$ma
$msg = eregi_replace($eachword[$i
}
}
return $msg;
}
function badwords ($msg,$mod) {
global $database;
$msg=wordwrap_msg($msg);
$eachword = explode(" " , eregi_replace("<BR>"," ",$msg)); // temp remove <BR>
$result = mysql_db_query($database, "SELECT * FROM badwords") or died("Query Error");
while ($db = mysql_fetch_array($result)
for ($i=0; $i<count($eachword); $i++) {
if (is_int(strpos($eachword[$
if ($mod) {
$msg = eregi_replace($eachword[$i
} else {
$msg = eregi_replace($eachword[$i
}
}
}
}
return $msg;
}
function badwordsmail ($msg) {
global $database;
$eachword = explode(" ",$msg);
$result = mysql_db_query($database, "SELECT * FROM badwords") or died("Query Error");
while ($db = mysql_fetch_array($result)
for ($i=0; $i<count($eachword); $i++) {
if (is_int(strpos($eachword[$
$msg = eregi_replace($eachword[$i
}
}
}
return stripslashes($msg);
}
function strip_array ($in) { //foreach()-Replacement !!!
reset($in);
while ($array=each($in)) {
$ckey=$array['key'];
$cvalue=$array['value'];
$cvalue = str_replace("'", "''", $cvalue);
$cvalue = stripslashes($cvalue);
$cvalue = strip_tags($cvalue);
$out[$ckey] = $cvalue;
}
return $out;
}
function open_sales_window($value="
echo "<script language=javascript>
window.open(\"sales_buy.ph
location.replace('classifi
</script>";
}
function ico_email($value,$align="l
global $sales_lang_noaccess,$ad_s
if (!$value) {
echo "<a href=\"sales_buy.php\"
onClick='enterWindow=windo
onmouseover=\"window.statu
onmouseout=\"window.status
<img src=\"$image_dir/icons/ema
</a>\n";
} else {
echo "<a href=\"sendmail.php?$value
onClick='enterWindow=windo
onmouseover=\"window.statu
onmouseout=\"window.status
<img src=\"$image_dir/icons/ema
}
}
function ico_icq($value,$align="lef
global $sales_lang_noaccess,$ad_i
if (!$value) {
echo "<a href=\"sales_buy.php\"
onClick='enterWindow=windo
onmouseover=\"window.statu
onmouseout=\"window.status
<img src=\"$image_dir/icons/icq
</a>\n";
} else {
echo "<a href=\"http://wwp.icq.com/".$value."\" target=\"_blank\"
onmouseover=\"window.statu
onmouseout=\"window.status
<img src=\"$image_dir/icons/icq
}
}
function ico_url($value,$align="lef
global $sales_lang_noaccess,$ad_g
if (!$value) {
echo "<a href=\"sales_buy.php\"
onClick='enterWindow=windo
onmouseover=\"window.statu
onmouseout=\"window.status
<img src=\"$image_dir/icons/hom
</a>\n";
} else {
echo "<a href=\"$value\" target=\"_blank\"
onmouseover=\"window.statu
onmouseout=\"window.status
<img src=\"$image_dir/icons/hom
}
}
function ico_friend($value,$align="
global $ad_sendlink,$image_dir;
echo " <a href=\"sendmail.php?value\
onClick='enterWindow=windo
onmouseover=\"window.statu
onmouseout=\"window.status
<img src=\"$image_dir/icons/lig
}
function ico_print($value,$align="l
global $ad_print,$image_dir;
echo " <a href=\"javascript:window.p
onClick='javascript:window
onmouseover=\"window.statu
onmouseout=\"window.status
<img src=\"$image_dir/icons/pri
}
function ico_favorits($value,$align
global $ad_favorits,$image_dir;
echo " <a href=\"favorits.php?$value
onClick='enterWindow=windo
onmouseover=\"window.statu
onmouseout=\"window.status
<img src=\"$image_dir/icons/che
}
function ico_adrating($value,$align
global $ad_rating,$image_dir;
echo " <a href=\"adrating.php?$value
onClick='enterWindow=windo
onmouseover=\"window.statu
onmouseout=\"window.status
<img src=\"$image_dir/icons/han
}
function ico_info($value,$align="le
global $ad_member,$image_dir;
echo " <a href=\"members.php?$value\
onmouseover=\"window.statu
onmouseout=\"window.status
<img src=\"$image_dir/icons/inf
}
# Classes
##########################
class authlib {
function register ($username, $password, $password2, $email, $sex, $acceptterms ,
$newsletter, $firstname, $lastname, $address, $zip, $city, $state, $country,
$phone, $cellphone, $icq, $homepage, $hobbys, $field1, $field2, $field3,
$field4, $field5, $field6, $field7, $field8, $field9, $field10 ) {
global $chat_interface,$chat_enab
$forum_interface,$forum_en
$gender,$genders,$admin_em
$database,$secret,$error,$
if (!$username || !$password || !$password2 || !$email || !$acceptterms) {
return $error[14];
} else {
if (!eregi("^[a-z0-9]+([_\\.-
# if (!eregi("^([a-z0-9]+)(([a-
return $error[4];
}
if ($sex == "") {
return $error[11];
}
if (strlen($username) < 3) {
return $error[1];
}
if (strlen($username) > 20) {
return $error[2];
}
if (!ereg("^[[:alnum:]_-]+$",
return $error[3];
}
if ($password != $password2) {
return $error[0];
}
if (strlen($password) < 3) {
return $error[5];
}
if (strlen($password) > 20) {
return $error[6];
}
if (!ereg("^[[:alnum:]_-]+$",
return $error[7];
}
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database)
$query = mysql_query("select id from login where username = '$username'");
$result = mysql_num_rows($query);
if ($result > 0) {
mysql_close();
return $error[12];
}
$query = mysql_query("select id from userdata where email = '$email'");
$result = mysql_num_rows($query);
if ($result > 0) {
mysql_close();
return $error[13];
}
if ($no_confirmation) {
$is_success_first = mysql_query("insert into userdata (username, email, sex,
newsletter, firstname, lastname, address, zip, city, state, country,
phone, cellphone, icq, homepage, hobbys, field1, field2, field3,
field4, field5, field6, field7, field8, field9, field10, registered )
values ('$username', '$email', '$sex',
'$newsletter', '$firstname', '$lastname', '$address', '$zip', '$city', '$state', '$country',
'$phone', '$cellphone', '$icq', '$homepage', '$hobbys', '$field1', '$field2', '$field3',
'$field4', '$field5', '$field6', '$field7', '$field8', '$field9', '$field10', '$timestamp' )") or died(mysql_error());
if ($is_success_first) {
$is_success_second = mysql_query("insert into login (username, password) values ('$username', '$password')");
if ($is_success_second) {
// only if forum-interface
if ($is_success_second && $forum_database && $forum_enable && $forum_interface) {
include ("$forum_interface");
}
// only if chat-interface
if ($is_success_second && $chat_database && $chat_enable && $chat_interface) {
include ("$chat_interface");
}
}
}
$mailto = "$email";
$subject = "$mail_msg[0]";
$message = "$mail_msg[1]$username\n\n
$from = "From: $admin_email\r\nReply-to: $admin_email\r\n";
@mail($mailto, $subject, $message, $from);
if ($auto_login) {
$login=$this->login($usern
if ($login!="2") {
$retval="$error[15]";
} else {
$retval=3;
}
}
} else {
$hash = substr(md5($secret.$userna
$is_success = mysql_query("insert into confirm values
('$hash', '$username', '$password', '$email', '$sex', now(),
'$newsletter', '$firstname', '$lastname', '$address', '$zip', '$city', '$state',
'$country', '$phone', '$cellphone', '$icq', '$homepage', '$hobbys', '$field1',
'$field2', '$field3', '$field4', '$field5', '$field6', '$field7', '$field8',
'$field9', '$field10')") or died(mysql_error());
mysql_close();
if (!$is_success) {
return $error[16];
}
$confirmurl = ("$url_to_start" . "/confirm.php?hash=" . "$hash" . "&nick=" . "$username");
$aolconfirmurl = ("AOL: <A HREF=\" $url_to_start" . "/confirm.php?hash=" . "$hash" . "&nick=" . "$username \">CLICK HERE</A>");
$mailto = "$email";
$subject = "$mail_msg[0]";
if (strstr($mailto,"aol")) { // For AOL-Users
$message = "$mail_msg[1]$username\n\n
} else {
$message = "$mail_msg[1]$username\n\n
}
$from = "From: $admin_email\r\nReply-to: $admin_email\r\n";
@mail($mailto, $subject, $message, $from);
}
logging("1","","$username"
if ($reg_notify) {
$mailto = "$reg_notify";
$subject = "NOTIFY $mail_msg[0]";
$message = "$mail_msg[8]$username\n$m
$from = "From: $admin_email\r\nReply-to: $admin_email\r\n";
@mail($mailto, $subject, $message, $from);
}
return 2;
}
}
function login ($username, $password) {
global $server,$db_user,$db_pass,
if (!$username || !$password) {
return $error[14];
}
else {
if (!eregi("^[[:alnum:]_-]+$"
return $error[3];
}
if (!eregi("^[[:alnum:]_-]+$"
return $error[7];
}
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database)
$md5password=md5($password
$query = mysql_query("select id from login where username = '$username' and (password = '$password' OR password = '$md5password')");
$result = mysql_num_rows($query);
$query2 = mysql_query("select level from userdata where username = '$username'");
$result2 = mysql_num_rows($query2);
mysql_close();
if ($result < 1) {
logging("1","","$username"
return $error[26]; //Not found
}
else {
list ($id) = mysql_fetch_row($query);
list ($level) = mysql_fetch_row($query2);
$password = md5($password);
$hash = md5($username.$password.$l
$cookietime=$timestamp+(36
setcookie("phpBazar", "$username:$password:$hash
logging("1","","$username"
return 2;
}
}
}
function is_logged () {
global $phpBazar, $secret;
$session_vars = explode(":", $phpBazar);
$hash = md5($session_vars[0].$sess
if ($hash != $session_vars[2]) {
return false;
} else {
if ($session_vars[4]>7) {$moderator=true;} // Moderator Check
return array($session_vars[0], $session_vars[3], $moderator, $session_vars[1]);
}
}
function logout () {
global $cookiepath,$phpBazar;
$session_vars = explode(":", $phpBazar);
setcookie("phpBazar", "", "0", "$cookiepath");
logging("1","","$session_v
}
function edit_retrieve ($id) {
global $admin_email,$url_to_start
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database)
$query = mysql_query("select * from userdata where id = '$id'");
mysql_close();
list ($id, $username, $email, $sex, $newsletter, $level, $votes, $lastvotedate, $ads,
$lastaddate, $firstname, $lastname, $address, $zip, $city, $state, $country,
$phone, $cellphone, $icq, $homepage, $hobbys, $field1, $field2, $field3,
$field4, $field5, $field6, $field7, $field8, $field9, $field10) = mysql_fetch_row($query);
return array($email, $sex, $newsletter, $level, $votes, $lastvotedate, $ads,
$lastaddate, $firstname, $lastname, $address, $zip, $city, $state, $country,
$phone, $cellphone, $icq, $homepage, $hobbys, $field1, $field2, $field3,
$field4, $field5, $field6, $field7, $field8, $field9, $field10);
}
function edit ($id, $sex, $newsletter, $firstname, $lastname, $address, $zip, $city, $state, $country,
$phone, $cellphone, $icq, $homepage, $hobbys, $field1, $field2, $field3, $field4,
$field5, $field6, $field7, $field8, $field9, $field10 ) {
global $gender,$genders,$server,$
# if ($firstname && (!eregi("^[a-z ]+$", $firstname))) {
# return $error[8];
# }
# if ($lastname && (!eregi("^[[:alnum:]_-]+$"
# return $error[8];
# }
if (ereg("[^0-9]", $icq)) {
return $error[10];
}
if ($sex == "") {
return $error[11];
}
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database)
$query = mysql_query("update userdata set sex = '$sex',
newsletter = '$newsletter',
firstname = '$firstname',
lastname = '$lastname',
address = '$address',
zip = '$zip',
city = '$city',
state = '$state',
country = '$country',
phone = '$phone',
cellphone = '$cellphone',
icq = '$icq',
homepage = '$homepage',
hobbys = '$hobbys',
field1 = '$field1',
field2 = '$field2',
field3 = '$field3',
field4 = '$field4',
field5 = '$field5',
field6 = '$field6',
field7 = '$field7',
field8 = '$field8',
field9 = '$field9',
field10 = '$field10'
where id = '$id'");
mysql_close();
logging("1","$id","","AUTH
if (!$query) {
$error[20];
}
return 2;
}
function confirm ($hash, $username) {
global $chat_interface,$chat_enab
$forum_interface,$forum_en
$confirm_mail,$conf_notify
$database,$secret,$error,$
if (!$hash || !$username) {
return $error[14];
}
else {
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database)
$query = mysql_query("select * from confirm where mdhash = '$hash' AND username = '$username'");
$result = mysql_num_rows($query);
if ($result < 1) {
mysql_close();
return $error[15];
}
list($hd,$username,$passwo
$lastname,$address,$zip,$c
$homepage,$hobbys,$field1,
$field7,$field8,$field9,$f
//calculate a possible id-difference, if only login-data will deleted
$result = mysql_query("SELECT * FROM userdata");
$tmpid1 = mysql_num_rows($result);
$result = mysql_query("SELECT * FROM login");
$tmpid2 = mysql_num_rows($result);
if ($tmpid1 != $tmpid2) {
$diff = $tmpid1-$tmpid2;
for ($i = 0; $i < $diff; $i++) {
mysql_query("insert into login (username, password) values ('$timestamp', '$timestamp')");
}
}
// end id-difference
$is_success_first = mysql_query("insert into userdata (username, email, sex,
newsletter, firstname, lastname, address, zip, city, state, country,
phone, cellphone, icq, homepage, hobbys, field1, field2, field3,
field4, field5, field6, field7, field8, field9, field10, registered )
values ('$username', '$email', '$sex',
'$newsletter', '$firstname', '$lastname', '$address', '$zip', '$city', '$state', '$country',
'$phone', '$cellphone', '$icq', '$homepage', '$hobbys', '$field1', '$field2', '$field3',
'$field4', '$field5', '$field6', '$field7', '$field8', '$field9', '$field10', '$timestamp' )") or died(mysql_error());
if ($is_success_first) {
$is_success_second = mysql_query("insert into login (username, password) values ('$username', '$password')");
if ($is_success_second) {
$is_success_third = mysql_query("delete from confirm where username = '$username'");
// only if forum-interface
if ($is_success_second && $forum_database && $forum_enable && $forum_interface) {
include ("$forum_interface");
}
// only if chat-interface
if ($is_success_second && $chat_database && $chat_enable && $chat_interface) {
include ("$chat_interface");
}
}
}
mysql_close();
if (!$is_success_first) {
return $error[16];
}
if (!$is_success_second) {
# Registration Error
return $error[17];
}
if (!$is_success_third) {
# Alert, Purge Account!!!
return 2;
}
logging("1","","$username"
$retval=2;
if ($auto_login) {
$login=$this->login($usern
if ($login!="2") {
$retval="$error[15]";
} else {
$retval=3;
}
}
if ($conf_notify) {
$mailto = "$conf_notify";
$subject = "NOTIFY $mail_msg[0]";
$message = "$mail_msg[8]$username\n$m
$from = "From: $admin_email\r\nReply-to: $admin_email\r\n";
@mail($mailto, $subject, $message, $from);
}
if ($confirm_mail) {
$mailto = "$email";
$subject = "NOTIFY $mail_msg[9]";
$message = "$mail_msg[10]$username\n\
$from = "From: $admin_email\r\nReply-to: $admin_email\r\n";
@mail($mailto, $subject, $message, $from);
}
return $retval;
}
}
function lostpwd ($email) {
global $admin_email,$url_to_start
if (!$email) {
return $error[14];
}
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database)
$query = mysql_query("select login.password, login.username from login, userdata where userdata.email = '$email' and login.id = userdata.id");
$result = mysql_num_rows($query);
mysql_close();
if ($result < 1) {
return $error[19];
}
list($password, $username) = mysql_fetch_row($query);
$confirmurl = ("$url_to_start" . "/confirm.php?hash=" . "$hash" . "&username=" . "$username");
$mailto = "$email";
$subject = "$mail_msg[12]";
$message = "$mail_msg[13]$username\n\
$from = "From: $admin_email\r\nReply-to: $admin_email\r\n";
@mail($mailto, $subject, $message, $from);
logging("1","","$username"
return 2;
}
function chemail ($id, $email, $email2) {
global $admin_email,$url_to_start
if ($email != $email2) {
return $error[14];
}
else {
if (!eregi("^([a-z0-9]+)([._-
return $error[4];
}
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database)
$query = mysql_query("select id from userdata where email = '$email'");
$result = mysql_num_rows($query);
if ($result > 0) {
list($id_from_db) = mysql_fetch_row($query);
if ($id_from_db != $id) {
mysql_close();
return $error[13];
}
return $error[23];
}
$mdhash = substr(md5($id.$email.$sec
$query = mysql_query("insert into confirm_email values ('$id', '$email', '$mdhash', now())");
if (!$query) {
mysql_close();
$error[20];
}
$confirmurl = ("$url_to_start" . "/confirm_email.php?mdhash
$mailto = "$email";
$subject = "$mail_msg[16]";
$message = "$mail_msg[17]\n\n$confirm
$from = "From: $admin_email\r\nReply-to: $admin_email\r\n";
@mail($mailto, $subject, $message, $from);
logging("1","$id","","AUTH
return 2;
}
}
function confirm_email($id, $email, $mdhash) {
global $server,$db_user,$db_pass,
if (!$id || !$email || !$mdhash) {
return $error[14];
}
else {
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database)
$query = mysql_query("select * from confirm_email where id = '$id' AND email = '$email' AND mdhash = '$mdhash'");
$result = mysql_num_rows($query);
if ($result < 1) {
mysql_close();
return $error[15];
}
$update = mysql_query("update userdata set email = '$email' where id = '$id'");
$delete = mysql_query("delete from confirm_email where email = '$email'");
mysql_close();
logging("1","$id","","AUTH
return 2;
}
}
function confirm_ad($id, $hash) {
global $server,$db_user,$db_pass,
if (!$id || !$hash) {
return $error[14];
}
else {
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database)
$query = mysql_query("select * from ads where id = '$id' AND timeoutnotify = '$hash'");
$result = mysql_num_rows($query);
if ($result < 1) {
mysql_close();
return $error[15];
}
$update = mysql_query("update ads set timeoutnotify = '',timeoutdays = timeoutdays+$timeoutconfir
mysql_close();
return 2;
}
}
function chpass ($id, $password, $password2) {
global $server,$db_user,$db_pass,
if ($password != $password2) {
return $error[0];
}
else {
if (strlen($password) < 3) {
return $error[5];
}
if (strlen($password) > 20) {
return $error[6];
}
if (!ereg("^[[:alnum:]_-]+$",
return $error[7];
}
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database)
$query = mysql_query("update login set password = '$password' where id = '$id'");
mysql_close();
if (!$query) {
return $error[21];
}
logging("1","$id","","AUTH
return 2;
}
}
function delete($id) {
global $server,$db_user,$db_pass,
mysql_connect($server, $db_user, $db_pass);
mysql_select_db($database)
$delstring="deleted_".$tim
if ($really_del_memb) { //if set really delete it
$query = mysql_query("update ads set deleted='1' where userid = '$id'");
$query = mysql_query("delete from login where id = '$id'");
$query = mysql_query("delete from userdata where id = '$id'");
} else { // or only overwrite the password :-) better
$query = mysql_query("update ads set deleted='1' where userid = '$id'");
$query = mysql_query("update login set password='$delstring' where id = '$id'");
}
mysql_close();
logging("1","$id","","AUTH
return 2;
}
}
$authlib = new authlib;
?>
the code is a bit old isnt it?
$HTTP_COOKIE_VARS and $PHP_SELF? I'm usinf PHP4 and these have changed to $_COOKIE and $_SERVER['PHP_SELF'], I'm not sure about the cookies but $php_self definately doesnt work any more.
$HTTP_COOKIE_VARS and $PHP_SELF? I'm usinf PHP4 and these have changed to $_COOKIE and $_SERVER['PHP_SELF'], I'm not sure about the cookies but $php_self definately doesnt work any more.
also try changing mysql_db_query(....) calls to mysql_query(...) calls
the code is indeed old... because mysql_db_query(...) has been deprecated since PHP 4.0.6
the code is indeed old... because mysql_db_query(...) has been deprecated since PHP 4.0.6
$PHP_SELF certainly does still work. I am on 4.2.X and I use it all the time.
Alan
Alan
I've got php 4.3.4, which I had to upgrade to because of email with attachments not working properly with windows, and $PHP_SELF doesnt work on that.
So since it has been dropped on this version at least, your code will not cease to work when php it is upgraded.(unless you switch globals on)
QUOTE: www.php.net
Perhaps the most controversial change in PHP is when the default value for the PHP directive register_globals went from ON to OFF in PHP 4.2.0.
Since PHP 4.1.0, superglobal arrays such as $_GET , $_POST, and $_SERVER, etc
So since it has been dropped on this version at least, your code will not cease to work when php it is upgraded.(unless you switch globals on)
QUOTE: www.php.net
Perhaps the most controversial change in PHP is when the default value for the PHP directive register_globals went from ON to OFF in PHP 4.2.0.
Since PHP 4.1.0, superglobal arrays such as $_GET , $_POST, and $_SERVER, etc
I am also on 4.3.4 although mine is unix. Perhaps we do have globals turned on because $PHP_SELF still works for me.
Alan
Alan
Oooo! bad security risk, What variable to you use to keep track of valid sessions? I'll just add this into the url and I'll have direct access to areas only accessible to people who log in.
<I had second thoughts about putting an example here as I dont want people to start cracking peoples websites>
<I had second thoughts about putting an example here as I dont want people to start cracking peoples websites>
Check your config.php, from the second notice of your thread, it seems your library.php can get the variable $languagebase_dir.
So it makes $language_dir wrong too. It leads to the fatal error to open the "variables.php" file:
"Fatal error: main(): Failed opening required '//variables.php' "
So it makes $language_dir wrong too. It leads to the fatal error to open the "variables.php" file:
"Fatal error: main(): Failed opening required '//variables.php' "
you need to declare all variables in the php version u are using => either pick another version, or declare the variables (var thing;), or find if there is a configuration option to prevent this mess (i don't think there is but needs to be checked)
why on earth do you have such a big complicated, and fairly deprecated code (if not completely) if you are a novice user ?
why on earth do you have such a big complicated, and fairly deprecated code (if not completely) if you are a novice user ?
ASKER
Yes, I am a novice user. You know I am probbly going to guve up in this question as I should probably know more about php before posting. Well I will give my points to whoever thinks they deserve it most I guess. How would I go about giving the points to all of you?
Sorry, it was my typo, it should be "can't" but not "can" in my last thread:
"it seems your library.php can't get the variable "
I think you must be using other people's php codes or download some package to install? Maybe you can ask for other similar php package to replace yours.
"it seems your library.php can't get the variable "
I think you must be using other people's php codes or download some package to install? Maybe you can ask for other similar php package to replace yours.
hi master, forget about those points.
if u are ready to script this by yourself and if you can explain exactly what you need, i'll be delighted to point out the usefull pages, how-to's and functions that could help you... at least those i know of...
in this case, i guess nobody around will be that much interested so you may jsut try alexb_orgAThotmailDOTcom
if u are ready to script this by yourself and if you can explain exactly what you need, i'll be delighted to point out the usefull pages, how-to's and functions that could help you... at least those i know of...
in this case, i guess nobody around will be that much interested so you may jsut try alexb_orgAThotmailDOTcom
skullnobrains: hei! are you allowed to post your e-mail address? I guess not, but you could at least play fair
power_wong: have you made your first steps to php? if you're in trouble, here's a tip for you: if you ask more specific questions, you will receive more specific answers; all you need to do is try
power_wong: have you made your first steps to php? if you're in trouble, here's a tip for you: if you ask more specific questions, you will receive more specific answers; all you need to do is try
The rule said email is allowed to be shown in profile, not sure about in the thread.
I don't understand what you mean, cj, I am helping The_Master_Chief to solve the problem of "Fatal error: main(): Failed opening required '//variables.php' " but not in trouble or asking question.
???
I don't understand what you mean, cj, I am helping The_Master_Chief to solve the problem of "Fatal error: main(): Failed opening required '//variables.php' " but not in trouble or asking question.
???
sorry for not scrolling up correctly nad seeing a different ID :-&
I do hope you'll forgive me
I do hope you'll forgive me
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
alan wrote
<< As for your problem, most of those messages are simply saying that some of the variables you are using aren't being properly initialized. >>
nice to see somebody else notices though the reason you invoke is different and may be the correct one.
that's constructive at least
Comment from gicutza_cj
skullnobrains: hei! are you allowed to post your e-mail address? I guess not, but you could at least play fair
1) check before you flame !!!
as far as i read, it is not forbidden and i don't really see why it should be since i'm the one to expose my own email to spammers and some silly people.
if it is let me know(moderator), accept my excuses(the thread) and i won't do it more.
2) what the hell are u talking about playing fair ?
i'm NOT PLAYING, i am just simply trying to help. if you want my points, tell the moderator you can have them as long as you leave me alone from now on.
3) the reason for which i did put my email in is written black on white and i don't think anybody around would be very interested by a series of tips for newbies and adapted to master's needs. if you are, send a mail.
4) this is master's thread and as allan pointed out you're not being much help flaming around and i have to loose my time answering.
<< As for your problem, most of those messages are simply saying that some of the variables you are using aren't being properly initialized. >>
nice to see somebody else notices though the reason you invoke is different and may be the correct one.
that's constructive at least
Comment from gicutza_cj
skullnobrains: hei! are you allowed to post your e-mail address? I guess not, but you could at least play fair
1) check before you flame !!!
as far as i read, it is not forbidden and i don't really see why it should be since i'm the one to expose my own email to spammers and some silly people.
if it is let me know(moderator), accept my excuses(the thread) and i won't do it more.
2) what the hell are u talking about playing fair ?
i'm NOT PLAYING, i am just simply trying to help. if you want my points, tell the moderator you can have them as long as you leave me alone from now on.
3) the reason for which i did put my email in is written black on white and i don't think anybody around would be very interested by a series of tips for newbies and adapted to master's needs. if you are, send a mail.
4) this is master's thread and as allan pointed out you're not being much help flaming around and i have to loose my time answering.