Location: PHPKode > projects > PHP Enter > link.php
<?php session_start();
/* * ********************************************************************
*  Copyright notice PHP Enter 4.1.6.
*
*  (c) 2011 Predrag Rukavina - admin[at]phpenter[dot]net
*  All rights reserved
*
*  This script is part of the PHP Enter project. 
*  The PHP Enter project is free software; you can redistribute it and/or
*  modify it under the terms of the GNU General Public License
*  as published by the Free Software Foundation; either version 2
*  of the License, or (at your option) any later version.
*
*  This program is distributed in the hope that it will be useful,
*  but WITHOUT ANY WARRANTY; without even the implied warranty of
*  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
*  GNU General Public License for more details.
*
*  You should have received a copy of the GNU General Public License
*  along with this program; if not, write to the Free Software
*  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
*  MA  02110-1301, USA.
*
*  This copyright notice MUST appear in all copies of the script!
* ********************************************************************** */
require_once ('salt.php');
require_once ('classes/securesession.class.php');
$ss = new SecSession();
$ss->check_browser = true;
$ss->check_ip_blocks = 2;
$ss->secure_word = $salt;
$ss->regenerate_id = true;
if (!$ss->Check() || !isset($_SESSION['loggedin']) || !$_SESSION['loggedin'])
  {
     header('Location: signin.php');
     die();
  }
if (!$_SESSION['inecsess'])
  {
    die();
  }
include ('settings.php');
require_once ('languages/lang_'.$langs.'.php');
$arecordSet =&$conn->Execute('SELECT * FROM categori ORDER BY name ASC');
if (!$arecordSet)
    print $conn->ErrorMsg();
else
    while (!$arecordSet->EOF) {
        if ($arecordSet->fields['cord'] == 0) {
            $aval[] = $arecordSet->fields;
        } else {
            $nval[] = $arecordSet->fields;
        }
        $arecordSet->MoveNext();
    }
$smarty->assign('categori',$aval);
$smarty->assign('subcat', @$nval);
$smarty->display('blank.php');
?>
<body>
<div style="float:left;margin-top:4px;color:#555;">
<div id="linkpanel">
<div id="blockhead"><?php echo $lang['LINKSTORY']; ?></div><br />
<span class="hal4">&nbsp;<a title="<?php echo $lang['LINKNO']; ?>" href="post.php"><?php echo $lang['LINKNO']; ?></a>
</span><br />
<form action="post.php" method="post">
<span class="hal4">&nbsp;<?php echo $lang['LINKWITH']; ?></span><br />
<input type="text" name="incname" class="cinput" style="width:340px;"><br /><br />
<input type="submit" value="<?php echo $lang['LINKSUB']; ?>" name="Submit" class="buton">
</form>
</div>
<br />
<div id="linkpanel">
<?php
$shouter = @$_SESSION['INC_USER_ID'];
$brecordSet = &$conn->Execute('SELECT * FROM users WHERE usid = ?', array($shouter));
if(!$brecordSet)
	print $conn->ErrorMsg();
else
	while(!$brecordSet->EOF) {
		$cfullname = $brecordSet->fields['fullname'];
		$cusername = $brecordSet->fields['username'];
		$chomep = $brecordSet->fields['homep'];
		$cbiosi = $brecordSet->fields['biosi'];
		$cthumbs = $brecordSet->fields['thumbs'];
		$brecordSet->MoveNext();
	} ?>
<span class="featuredcontainer">
<div id="blockhead"><?php echo $lang['LINKPROF'] ?>
<a href="uploads/<?php echo $cthumbs ?>"><img style="position:relative;top:-3px;" src="minthumb/<?php echo $cthumbs ?>" width="25px" height="25px" border="0"></a></div>
<br />
</span>
<?php if(isset($_POST['query'])) {
	if(get_magic_quotes_gpc()) {
		$fullname = stripslashes($_POST['fullname']);
		$homep = stripslashes($_POST['homep']);
		$biosi = stripslashes($_POST['biosi']);
	} else {
		$fullname = $_POST['fullname'];
		$homep = $_POST['homep'];
		$biosi = $_POST['biosi'];
		$biosi = htmlspecialchars($biosi);
	}
	$name = array($fullname,$homep,$biosi);
	foreach($name as $name) {
		if(preg_match("/%/",$name)) {
			echo "<center><div id='error'>$lang[INVALIDCHAR] '%' </div>";
			die();
		}
		if(preg_match("/;/",$name)) {
			echo "<center><div id='error'>$lang[INVALIDCHAR] ';' </div>";
			die();
		}
		if(preg_match("/</",$name)) {
			echo "<center><div id='error'>$lang[INVALIDCHAR] '<' </div>";
			die();
		}
		if(preg_match("/\\[/",$name)) {
			echo "<center><div id='error'>$lang[INVALIDCHAR] '[' </div>";
			die();
		}
	}
	if(strlen($homep) > 120) {
		echo "<center>Max Characters Field (URL): 120 <a href='javascript:history.go(-1)'>$lang[BOOKBACK]</a></center>";
		die();
	}
	if(strlen($biosi) > 800) {
		echo "<center>Max Characters Field (About Me): 800 <a href='javascript:history.go(-1)'>$lang[BOOKBACK]</a></center>";
		die();
	}
	if(strlen($fullname) > 100) {
		echo "<center>Max Characters Field (Full Name): 100 <a href='javascript:history.go(-1)'>$lang[BOOKBACK]</a></center>";
		die();
	}
        $sql = $conn->Prepare('UPDATE users SET fullname = ?, homep = ?, biosi = ? WHERE usid = ?');
        if($conn->Execute($sql,array($fullname,$homep,$biosi,$shouter)) === false) {
		print '<br /><div id="error">error inserting[1]: '.$conn->ErrorMsg().'</div><br />';
        }
	echo "<br />Successfully <a href='javascript:history.go(-1)'> $lang[BOOKBACK]</a></center>";
} else { ?>
<form method="post" action="link.php"><br /><br />
<span class="hal4">&nbsp;<?php echo $lang['LINKFULL']; ?></span><br />
<input type="text" name="fullname" class="cinput" value="<?php echo $cfullname ?>" style="width:340px;"><br /><br />
<span class="hal4">&nbsp;<?php echo $lang['LINKHOME']; ?></span><br />
<input type="text" name="homep" class="cinput" value="<?php echo $chomep ?>" style="width:340px;"><br /><br />
<span class="hal4">&nbsp;<?php echo $lang['LINKABOUT']; ?></span><br />
<textarea name="biosi" class="cinput" style="width:340px;"><?php echo $cbiosi; ?></textarea><br /><br />
<input type="submit" value="<?php echo $lang['LINKSUB']; ?>" name="query" class="buton" />
</form>
<?php } ?>
</div>
<?php
$drecordSet = &$conn->Execute('SELECT * FROM modules where modap = ? and mactive = ?', array(1,1));
if(!$drecordSet)
	print $conn->ErrorMsg();
else
	while(!$drecordSet->EOF) {
?>
<div id="bpanel">
<div id="blockhead"><?php echo $drecordSet->fields['modname'] ?></div>
<?php echo htmlspecialchars_decode($drecordSet->fields['mabstrt']); ?>
</div>
<?php
$drecordSet->MoveNext();
	}
?>
</div>
<div style="float:right;margin-top:4px;color:#555;">
<div id="linkpanel">
<div id="blockhead">
<?php echo $lang['LINKLINKS'] ?>
</div><br />
<div id="linkhead">
<img src="themes/<?php echo $themes; ?>/styles/images/penguin.png" width="22px" height="22px" title="Howdy <?php echo $_SESSION['INC_USER_NAME']; ?>"></a>
&nbsp;<?php echo $lang['RETHEADE'] ?>&nbsp;<?php echo $_SESSION['INC_USER_NAME']; ?>&nbsp;&nbsp;&nbsp;
<img src="themes/<?php echo $themes; ?>/styles/images/sign-out.png" width="16px" height="16px" title="<?php echo $lang['LINKOUT'] ?>">
<a title="<?php echo $lang['LINKOUT'] ?>" href="signout.php"><?php echo $lang['LINKOUT'] ?></a>
&nbsp;&nbsp;&nbsp;<img src="themes/<?php echo $themes; ?>/styles/images/newstory.png" width="16px" height="16px" title="<?php echo $lang['LINKNEWS'] ?>">
&nbsp;<a title="<?php echo $lang['LINKNEWS'] ?>" href="profile.php?id=<?php echo $_SESSION['INC_USER_ID']; ?>"><?php echo
$lang['LINKNEWS'] ?></a>
&nbsp;&nbsp; <img src="themes/<?php echo $themes; ?>/styles/images/messag.png" width="16px" height="16px" title="<?php echo $lang['LINKMESS'] ?>">
&nbsp;<a title="<?php echo $lang['LINKMESS'] ?>" href="messages.php"><?php echo $lang['LINKMESS'] ?></a>
</div>
</div>
<br />
<div id="linkpanel">
<div id="blockhead"><?php echo $lang['LINKTUBE']; ?></div><br />
<form action="postube.php" method="post">
<span class="hal4">&nbsp;<?php echo $lang['LINKTURL']; ?></span> <font style="font-size:9px;"><?php echo $lang['TOOLS3']; ?></font><br />
<input type="text" name="yadress" class="cinput" style="width:340px;"><br /><br />
<input type="submit"  value="<?php echo $lang['LINKSUB']; ?>" name="Submit" class="buton">
</form>
</div>
<br />
<div id="linkpanel">
<div id="blockhead">
<?php echo $lang['LINKGAL'] ?>
</div><br />
<form action="postimg.php" enctype="multipart/form-data" method="post">
<span class="hal4">&nbsp;<?php echo $lang['LINKIMT'] ?></span>
<br />
<input type="text" name="gtitle" size="35" />
<br />
<br />
<span class="hal4">&nbsp;<?php echo $lang['LINKIMG'] ?></span>
<br />
<input type="file" name="image" />
<br /><br />
<input type="submit"  value="<?php echo $lang['LINKSUB']; ?>" name="query" class="buton">
</form>
</div>
<br />
<div id="linkpanel">
<script>
function goto(site) {
var msg = confirm("<?php echo $lang['LINKALER'] ?>")
if (msg) {window.location.href = site}
else (null)
}
</script>
<div id="blockhead"><?php echo $lang['LINKNEWS'] ?></div><br />
<?php
$shouter = @$_SESSION['INC_USER_ID'];
$crecordSet = &$conn->Execute('SELECT * FROM newser where buserid = ? ORDER by blogid desc', array($shouter));
if(!$crecordSet)
	print $conn->ErrorMsg();
else
	while(!$crecordSet->EOF) {
echo "<strong>".$crecordSet->fields['btexty']."</strong><br /><a href=\"edit.php?id=".$crecordSet->fields['blogid']."&mod=".$crecordSet->fields['editor']."\">$lang[LINKEDIT]</a> <a href=\"javascript:goto('delete.php?id=".$crecordSet->fields['blogid']."&file=".$crecordSet->fields['images']."')\">$lang[LINKDEL]</a>";
if($crecordSet->fields['main'] == 0 && $payoffon == 1){
?>
<br /><?php echo $lang['MAKESPONSOR']; ?><br />
<form action='checkout.php?id=<?php echo $crecordSet->fields['blogid'] ?>' METHOD='POST'>
	<input type='image' name='paypal_submit' id='paypal_submit' src='themes/<?php echo $themes; ?>/styles/images/btn_paynow_SM.gif' border='0' width="37px" height="23px" align='top' alt='Pay with PayPal'/>
</form><br />
<?php
}else{
if($payoffon == 1){ ?><br /><?php echo $lang['SPONSOR']; ?><br /><br /><?php }else{ ?> <br /> <?php } ?>
<?php
}
$crecordSet->MoveNext();
	}
if($payoffon == 1){
echo $lang['SPONSORNO'];
}
if($payoffon == 1){
?>
<script src='https://www.paypalobjects.com/js/external/dg.js' type='text/javascript'></script>
<script>
	var dg = new PAYPAL.apps.DGFlow(
	{
		trigger: 'paypal_submit',
		expType: 'instant'
		 //PayPal will decide the experience type for the buyer based on his/her 'Remember me on your computer' option.
	});
</script>
<?php } ?>
</div>
<br />
</div>
</div>
<?php
$smarty->display('footer.php');
$arecordSet->Close();
$brecordSet->Close();
$crecordSet->Close();
$conn->Close();
######################################
##link.php                    4.1.4.##
######################################
?>
Return current item: PHP Enter