if (eregi("config.php",$_SERVER['PHP_SELF']))
{
Header("Location: index.php");
die();
}
$dbhost = "db2.tawi.fi";
$dbuname = "offline";
$dbpass = "BNyqvist260";
$dbname = "usr_offline";
$dbtype = "MySQL";
?>
$the_include = "db";
include("".$the_include."/mysql.php");
$db = new sql_db($dbhost, $dbuname, $dbpass, $dbname, false);
if(!$db->db_connect_id) {
die("Could not connect to the database");
}
?>
if ( !defined('IN_TWS') )
{
die("Hacking attempt");
}
define('DELETED', -1);
define('ANONYMOUS', 1);
define('USER', 1);
define('ADMIN', 2);
define('MOD', 3);
// Session parameters
define('SESSION_METHOD_COOKIE', 100);
define('SESSION_METHOD_GET', 101);
define('USERS_TABLE', 'tws_users');
define('SESSIONS_TABLE', 'sessions');
define('CONFIG_TABLE', 'config');
?>
include 'config.ses.php';
include 'bots.ses.php';
if (areyouabot())
{
// We will not give any session to this dumb sun of a bitch
} else if (isset($_COOKIE[$_session_cookie_name]) && $_COOKIE[$_session_cookie_name] != "") {
$sess = update_session();
} else {
$sess = new_session();
}
$_session = get_session_vars($sess);
?>
function encode_ip($dotquad_ip)
{
$ip_sep = explode('.', $dotquad_ip);
return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
}
function decode_ip($int_ip)
{
$hexipbang = explode('.', chunk_split($int_ip, 2, '.'));
return hexdec($hexipbang[0]). '.' . hexdec($hexipbang[1]) . '.' . hexdec($hexipbang[2]) . '.' . hexdec($hexipbang[3]);
}
function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '', $err_file = '', $sql = '')
{
if(defined('HAS_DIED'))
{
die("message_die() was called multiple times. This isn't supposed to happen.");
}
define(HAS_DIED, 1);
echo "\n
\n" . $msg_title . "\n
\n" . $msg_text . "\n
\n" . $sql . "\n";
exit;
}
function read_config()
{
global $db;
$sql = "select * from config";
$res = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($res))
{
$config[$row['config_name']] = $row['config_value'];
}
return $config;
}
function check_email($mail_address)
{
$pattern = "/^[\w-]+(\.[\w-]+)*@";
$pattern .= "([0-9a-z][0-9a-z-]*[0-9a-z]\.)+([a-z]{2,4})$/i";
if (preg_match($pattern, $mail_address))
{
$parts = explode("@", $mail_address);
if (checkdnsrr($parts[1], "MX"))
{
echo "The e-mail address is valid.";
// return true;
} else {
echo "The e-mail host is not valid.";
// return false;
}
} else {
echo "The e-mail address contains invalid characters.";
// return false;
}
}
function generate_reference($userid, $orderid)
{
$ref = sprintf("%s%s", $userid, $orderid);
// Calculate reference number
if (strlen($ref) < 19) for ($i=strlen($ref);$i<19;$i++)
$ref = sprintf("0%s",$ref);
$ref1 = "7137137137137137137";
$refsum1 = 0;
$refsum2 = 0;
for ($i=0;$i<19;$i++)
$refsum2 = $refsum2 + $ref[$i] * $ref1[$i];
$refsum1 = ceil($refsum2 / 10) * 10;
$reference = sprintf("%s%s",$ref,$refsum1-$refsum2);
return trim(ltrim($reference,"0"));
}
?>
if ( !defined('IN_TWS') )
{
die("Hacking attempt");
}
function login($username, $user_password)
{
global $db, $message, $section, $_session_cookie_domain, $index;
$sql = "select user_password, user_newpasswd, user_id, user_active from tws_users"
." where username='$username'";
$result = $db->sql_query($sql);
$setinfo = $db->sql_fetchrow($result);
if (($db->sql_numrows($result)==1) && ($setinfo['user_id'] != 1) && ($setinfo['user_password'] != ""))
{
if ($setinfo['user_active'] == 1)
{
$dbpass = $setinfo['user_password'];
$non_crypt_pass = $user_password;
$new_pass = md5($user_password);
// Do we use the new password set by reminder?
if ($setinfo['user_newpasswd'] != "" && ($setinfo['user_newpasswd'] == $non_crypt_pass))
{
// Yes, will use this password in the future
$sql = "update tws_users set user_password = '". md5($setinfo['user_newpasswd']) ."'"
.", user_newpasswd = NULL where user_id = ". $setinfo['user_id'];
$db->sql_query($sql);
$sql = "select user_password from tws_users where user_id = ". $setinfo['user_id'];
$res = $db->sql_query($sql);
$row = $db->sql_fetchrow($res);
$dbpass = $row['user_password'];
} else {
// No, the old password is used. Delete the new password
$sql = "update tws_users set user_newpasswd = null where user_id = ". $setinfo['user_id'];
$db->sql_query($sql);
}
// Update password in database if it's not encrypted
if ($dbpass == $non_crypt_pass)
{
$db->sql_query("update tws_users set user_password='$new_pass' where user_id = ". $setinfo['user_id']);
$sql = "select user_password from tws_users where user_id = ". $setinfo['user_id'];
$res = $db->sql_query($sql);
$row = $db->sql_fetchrow($res);
$dbpass = $row['user_password'];
}
if ($dbpass != $new_pass)
{
// Wrong pass
$msg = "Fel lösenord!";
$needle_start = strpos($msg, "[[reminder/");
if ($needle_start)
{
$needle_stop = strpos($msg, "]]", $needle_start);
if ($needle_stop)
{
$needle = substr($msg, $needle_start, $needle_stop - $needle_start);
$needle_braker = strpos($needle, "/");
if ($needle_braker)
{
$new_msg = substr($msg, 0, $needle_start);
$new_msg .= '';
$new_msg .= substr($needle, $needle_braker +1) .'';
$new_msg .= substr($msg, $needle_stop +2);
$msg = $new_msg;
}
}
}
$message[] .= $msg;
} else {
// Correct pass
$sess = update_session($setinfo['user_id'], 1);
set_session_var('user_id', $setinfo['user_id']);
set_session_var('username', $username);
set_session_var('password', $non_crypt_pass);
docookie($setinfo['user_id'], $username, $dbpass);
// Update lastvisit
$sql = "update tws_users set user_lastvisit = now() where user_id = ". $setinfo['user_id'];
$db->sql_query($sql);
// View news page if they were on confirm/signup when they logged in
if ($section == "tickets" && ($page == "confirm" || $page == "signup" || $page = "reminder"))
{
$section = "news";
$page = "default";
}
}
} else if ($setinfo['user_active'] == 0) {
// User inactive
$message[] .= "Användar kontot är låst!";
} else {
// User erased?
$message[] .= "Denna användare är raderad!";
}
} else {
$message[] .= "Användarnamnet finns ej!";
}
}
function logout()
{
session_flush();
header("Location: index.php");
die();
}
function docookie($setuser_id, $setusername, $setuser_password)
{
$info = base64_encode("$setuser_id:$setusername:$setuser_password");
set_session_var('user', $info);
}
function is_user()
{
global $db, $_session, $_cache_is_user;
if (!isset($_session['user'])) return 0;
if (isset($_cache_is_user)) return 1;
$user = $_session['user'];
$user = base64_decode($user);
$user = explode(":", $user);
$uid = "$user[0]";
$pwd = "$user[2]";
$uid = addslashes($uid);
$uid = intval($uid);
if ($uid != "" AND $pwd != "") {
$sql = "SELECT user_password FROM tws_users WHERE user_id='$uid'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$pass = $row['user_password'];
if($pass == $pwd && $pass != "") {
$_cache_is_user = 1;
return 1;
}
}
return 0;
}
function show_loginform()
{
echo "\n";
//echo "\n";
}
?>
if ( !defined('IN_TWS') )
{
die("Hacking attempt");
}
/* -=- Logout -=- */
if (isset($_GET['logout']))
{
logout();
}
/* -=- Login -=- */
if (isset($_POST['user_password']))
{
if (trim($_POST['username']) != "")
{
login($_POST['username'], $_POST['user_password']);
}
}
/* -=- Signup -=- */
if ($_POST['action'] == "signup")
{
// Signup
$sign_nick = $_POST['username'];
$sign_fname = $_POST['fname'];
$sign_lname = $_POST['lname'];
$sign_email = strtolower($_POST['email']);
$sign_email_verify = strtolower($_POST['email_verify']);
$sign_birthdate = $_POST['birthdate'];
$sign_hemkommun = $_POST['hemkommun'];
$sign_telefon = $_POST['telefon'];
$sign_accept = $_POST['sign_accept'];
$emailExists = 0;
$nickTaken = 0;
// If spam posted, then user does NOT want any spam -> spam = 0
if (!isset($_POST['sign_spam'])) $sign_spam = 1; else $sign_spam = 0;
// Check for required fiels and validate them
if (!validate_nick($sign_nick))
{
$tmpText = str_replace ("[[username]]", $sign_nick, $langa['validate_nick']);
$message[] .= $tmpText;
} else {
// Nick taken?
$sql = "select username from users where username = '". $sign_nick ."'";
$res = $db->sql_query($sql);
if ($db->sql_numrows($res) > 0)
{
$nickTaken = 1;
$message[] .= $langa['validate_nick_taken'];
}
$db->sql_freeresult($res);
}
if (!validate_fname($sign_fname))
{
$message[] .= $langa['validate_fname'];
}
if (!validate_lname($sign_lname))
{
$message[] .= $langa['validate_lname'];
}
if (!validate_email($sign_email))
{
$message[] .= $langa['validate_email'];
} else {
// Email exists?
$sql = "select user_email from users where user_email = '". $sign_email ."'";
$res = $db->sql_query($sql);
if ($db->sql_numrows($res) > 0)
{
$emailExists = 1;
$message[] .= $langa['validate_email_exists'];
} else {
// Verify check
if ($sign_email != $sign_email_verify)
{
$message[] .= $langa['validate_email_verify_error'];
}
}
$db->sql_freeresult($res);
}
if (!validate_birthdate($sign_birthdate))
{
$message[] .= $langa['validate_birthdate'];
}
if (($sign_accept != "accept") && ($sign_nrtickets > 0))
{
$message[] .= $langa['you_must_accept'];
}
if (!$emailExists && !$nickTaken && !isset($message))
{
// Register new user
$newpass = generate_pass();
$sql = "insert into users (username, fname, lname, user_email, user_hometown,user_phone, user_birthdate, user_password, user_regdate, user_spam) values"
." ('$sign_nick', '$sign_fname', '$sign_lname', '$sign_email', '$sign_hemkommun', '$sign_telefon',"
." '$sign_birthdate', '$newpass', now(), $sign_spam)";
if ($db->sql_query($sql))
{
// User registered
$sql = "select user_id from users where username = '". $sign_nick ."'";
$res = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($res))
{
$user_id = $row['user_id'];
$db->sql_freeresult($res);
// Send activation key
send_actkey($user_id);
$message[] .= $langa['signup_actkey_sent'];
// Reserve tickets
if ($sign_nrtickets > 0)
{
$orderid = reserve_tickets($user_id, $sign_nrtickets);
if ($orderid > 0)
{
// X tickets reserved
if ($sign_nrjolt > 0)
{
$sql = "select rad_id from ord_rad where order_id = ". $orderid
." order by rad_id desc limit 1";
$res = $db->sql_query($sql);
$rad_id = $db->sql_fetchfield("rad_id");
$rad_id += 10;
$sql = "insert into ord_rad (order_id, rad_id, product_id, pcs, price)"
." values($orderid, $rad_id, 200, $sign_nrjolt, 30)";
$db->sql_query($sql);
$jolt_price = $sign_nrjolt * 30;
$sql = "update ord set total = total + $jolt_price where faktnr = ". $orderid;
$db->sql_query($sql);
}
// bring up next page (booking)
update_session($user_id, 0);
set_session_var('user_id', $user_id);
set_session_var('newuser_book', 1);
$step = 2;
// header("Location: index.php?section=tickets&page=book");
// die();
} else {
$message[] .= $langa['function_error'];
}
} else {
// He didn't want any tickets, bring up a thank you page
$step = 3;
}
} else {
$message[] .= $langa['function_error'];
}
}
}
}
/* -=- Profile -=- */
if (is_user() && isset($_POST['action']) && ($_POST['action'] == 'profile_change')) {
// change profile data
$check['username'] = $_session['username'];
$check['user_id'] = $_session['user_id'];
if ($_session['password'] == $_POST['password'])
{
$nick = $_POST['uname'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$email = strtolower($_POST['email']);
$hemkommun = $_POST['hemkommun'];
$telefon = $_POST['telefon'];
$sql_fields = "";
if (!isset($_POST['spam'])) $spam = 1; else $spam = 0;
$sql_fields .= ($sql_fields != "" ? ", " : "") ."user_spam = ". $spam;
if (isset($_POST['cl_book'])) $cl_book = 1; else $cl_book = 0;
$sql_fields .= ($sql_fields != "" ? ", " : "") ."user_cl_book = ". $cl_book;
if (isset($_POST['forum_logout'])) $forum_logout = 1; else $forum_logout = 0;
$sql_fields .= ($sql_fields != "" ? ", " : "") ."user_forum_logout = ". $forum_logout;
if ($check['user_id'] != 1463)
{
// fname
if (!validate_fname($fname))
{
$message[] .= "Otillåtna tecken i förnamn.";
} else $sql_fields .= ($sql_fields != "" ? ", " : "") . "fname = '". $fname ."'";
// lname
if (!validate_lname($lname))
{
$message[] .= "Otillåtna tecken i efternamn.";
} else $sql_fields .= ($sql_fields != "" ? ", " : "") . "lname = '". $lname ."'";
}
$sql = "update users set ". ($sql_fields != "" ? $sql_fields . ", " : "")
."user_hometown = '$hemkommun', user_phone = '$telefon'"
." where username = '". $check['username'] ."'";
$db->sql_query($sql);
// nick
if ($check['username'] != $nick)
{
$res = $db->sql_query("select username from users where username = '". $nick ."'");
if ($res)
{
$numrows = $db->sql_numrows($res);
if ($numrows == 0)
{
// not found, nick is not occupied
if (validate_nick($nick))
{
$db->sql_query("UPDATE users SET username = '". $nick ."' WHERE username = '". $check['username'] ."'");
set_session_var('username', $nick);
// renew check, TODO, FIXME
$sql = "select user_id from users where username = '". $nick ."'";
$res = $db->sql_query($sql);
$row = $db->sql_fetchrow($res);
$check['username'] = $nick;
$check['user_id'] = $row['user_id'];
$db->sql_freeresult($res);
} else {
$tmpText = str_replace ("[[username]]", $nick, $langa['process_nick_error']);
$message[] .= $tmpText;
}
} else {
$tmpText = str_replace ("[[username]]", $nick, $langa['process_nick_busy']);
$message[] .= $tmpText;
}
$db->sql_freeresult($res);
}
}
// email
$res = $db->sql_query("SELECT user_email FROM users WHERE username = '". $nick ."'");
if ($res)
{
$row = $db->sql_fetchrow($res);
if ($row)
{
$current_email = $row['user_email'];
if ($current_email != $email)
{
// new email
$sql = "SELECT user_email FROM users WHERE username != '". $check['username'] ."'"
." AND (user_email = '". $email ."' OR user_newemail = '". $email ."')";
$res = $db->sql_query($sql);
if ($res && ($db->sql_numrows($res) == 0))
{
// don't exists -> good
if (validate_email($email))
{
// new email is in valid format
$emailUpdate = "update users set user_newemail = '". $email ."' where user_id = ". $check['user_id'];
$db->sql_query($emailUpdate);
if (send_actkey($check['user_id'], 0, 1))
{
// new confirm key sent
$message[] .= $langa['process_new_key_sent'];
} else {
$message[] .= "Unexpected error. Contact an admin.";
}
} else {
$message[] .= $langa['process_email_error'];
}
unset ($emailUpdate);
} else {
$message[] .= $langa['process_email_exist'];
}
}
unset ($row);
$db->sql_freeresult($result);
}
}
// password
if ($_POST['newpass'])
{
// check so both passwords match
if ($_POST['newpass'] == $_POST['verifypass'])
{
// validate password
if (validate_password($_POST['newpass']))
{
$newpass = $_POST['newpass'];
$db->sql_query("update users set user_password = '". $newpass ."' where username = '". $check['username'] ."'");
// And the forum...
$db->sql_query("update cluster_forum.pun_users set password = '". md5($newpass) ."' where username = '". $check['username'] ."'");
// Save new data cookies
login($check['username'], $newpass);
unset ($newpass);
$message[] .= $langa['process_pass_changed'];
} else {
// invalid
$message[] .= $langa['process_pass_error'];
}
} else {
$message[] .= $langa['process_pass_donot_match'];
}
}
} else {
$message[] .= $langa['process_wrong_pass'];
}
unset ($check);
}
/* -=- Erase profile/account -=- */
if (is_user() && isset($_POST['action']) && ($_POST['action'] == 'profile_erase'))
{
// Erase account if no tickets assigned
$user_id = $_session['user_id'];
if (isset($_POST['step']) && $_POST['step'] == "2")
{
// User has acknowledge he wants out
$sql = "select * from tickets where owner = ". $user_id ." or user = ". $user_id;
$res = $db->sql_query($sql);
if ($db->sql_numrows($res) > 0)
{
// There are tickets, not safe to erase account
$message[] .= $langa['profile_cant_erase'];
} else {
// No ticket, erase account
//$sql = "delete from users where user_id = ". $user_id;
$sql = "update users set user_active = -1 where user_id = ". $user_id;
$db->sql_query($sql);
// Inactivate forum account
$sql = "update cluster_forum.pun_users set status = -2 where user_id = ". $user_id;
$db->sql_query($sql);
session_flush();
}
} else {
// Ask user if he's sure
$step = 2;
$message[] .= $langa['profile_erase_are_you_sure'];
}
}
/* -=- Password / activationkey reminder -=- */
if (isset($_POST['action']) && ($_POST['action'] == 'reminder') && ($_POST['email'] != "")) {
// Send new password or activation key
$user_email = $_POST['email'];
if (validate_email($user_email))
{
$sql = "select user_id, username, user_actkey, user_active from users where user_email = '". $user_email ."'";
$res = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($res))
{
// Found user
if ($row['user_actkey'] != "")
{
cl_log("Skickar ny aktiveringsnyckel till ". $row['username'], $row['user_id']);
// Send activation key
if (send_actkey($row['user_id']))
{
$message[] .= $langa['reminder_new_key_in_email'];
$step = 2;
} else {
$message[] .= $langa['function_error'];
}
} else {
cl_log("Skickar nytt lösenord till ". $row['username'], $row['user_id']);
// Scramble new password and send it
if (send_newpass($row['user_id']))
{
$message[] .= $langa['reminder_new_pass_in_email'];
$step = 2;
} else {
$message[] .= $langa['function_error'];
}
}
} else {
// Email not found -> no user using this email
cl_log("E-post adressen ". $user_email ." existerar inte");
$message[] .= $langa['user_email_not_exists'];
}
} else {
$message[] .= $langa['validate_email'];
}
}
/* -=- Invoice -=- */
if (is_user() && $_POST['invoice_action'] == "invoice_check")
{
// Someone has payed their ticket
if (isset($_POST['box']))
{
$box = $_POST['box'];
foreach ($box as $key => $value)
{
// Who's order?
$sql = "select kundnr from ord where faktnr = ". $key;
$res = $db->sql_query($sql);
if ($res)
{
if ($row = $db->sql_fetchrow($res))
{
$user_id = $row['kundnr'];
// Mark order payed
$sql = "update ord set status = 4, paydatetime = now()"
." where faktnr = ". $key;
$db->sql_query($sql);
// Change state on his tickets from (unact) reserved to booked
$sql = "update tickets set state = 1"
." where owner = ". $user_id ." and (state = 2 or state = 3)";
$db->sql_query($sql);
}
}
}
}
}
/* -=- Cancel invoice -=- */
if (is_user() && $_POST['invoice_action'] == "invoice_cancel")
{
// We dont want this order, erase it and free the tickets
if (isset($_POST['box']))
{
$box = $_POST['box'];
foreach ($box as $key => $value)
{
// Who's order?
$sql = "select kundnr from ord where faktnr = ". $key;
$res = $db->sql_query($sql);
if ($res)
{
$row = $db->sql_fetchrow($res);
$user_id = $row['kundnr'];
// Mark order cancelled
$sql = "update ord set status = 3 where faktnr = ". $key;
$db->sql_query($sql);
// Unbook any reserved seats
$sql = "select ticketno from tickets"
." where owner = ". $user_id ." and (state = 2 or state = 3)";
$res = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($res))
{
$sql = "update seats set ticketno = null where ticketno='". $row['ticketno'] ."'";
$db->sql_query($sql);
}
// Free his tickets
$sql = "update tickets set state = 1, owner = null, user = null"
." where owner = ". $user_id ." and (state = 2 or state = 3)";
$db->sql_query($sql);
}
}
}
}
/* -=- Free invoice -=- */
if (is_user() && $_POST['invoice_action'] == "invoice_free")
{
// Anullera, men låt jappen få biljetterna
if (isset($_POST['box']))
{
$box = $_POST['box'];
foreach ($box as $key => $value)
{
// Who's order?
$sql = "select kundnr from ord where faktnr = ". $key;
$res = $db->sql_query($sql);
if ($res)
{
$row = $db->sql_fetchrow($res);
$user_id = $row['kundnr'];
// Mark order overdue
$sql = "update ord set status = 2 where faktnr = ". $key;
$db->sql_query($sql);
// Change state on his tickets from (unact) reserved to booked
$sql = "update tickets set state = 1"
." where owner = ". $user_id ." and (state = 2 or state = 3)";
$db->sql_query($sql);
}
}
}
}
?>
Offline Oy Ab -- Kaskö
$tageframe = htmlspecialchars($_GET["url"]);
$pageframe = 'swe_frame.php';
if ($tageframe == 'presentkort.php' or
$tageframe == 'medlem/' or
$tageframe == 'foreningen.php' or
$tageframe == 'LangL.php' or
$tageframe == 'reklamen/' )
{
//if ($tageframe) {
$pageframe = $tageframe;
}
//echo $pageframe;
?>