Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| c0dd4dc727 | |||
| a1a41c76e3 |
@ -1,3 +1,9 @@
|
||||
Version 1.9.2 - Jun. 4, 2015
|
||||
Avoid using mysqlnd-only functions
|
||||
|
||||
Version 1.9.1 - Jun. 3, 2015
|
||||
Bugfixes
|
||||
|
||||
Version 1.9 - Jun. 1, 2015
|
||||
Added more captchas
|
||||
Splitted guest access and global password
|
||||
|
||||
36
chat.php
36
chat.php
@ -701,11 +701,12 @@ function send_notes($type){
|
||||
mysqli_stmt_close($stmt);
|
||||
echo "<b>$I[notessaved]</b> ";
|
||||
}
|
||||
$dateformat=get_setting('dateformat');
|
||||
$stmt=mysqli_prepare($mysqli, "SELECT `lastedited`, `editedby`, `text` FROM `$C[prefix]notes` WHERE `type`=? ORDER BY `lastedited` DESC LIMIT 1");
|
||||
mysqli_stmt_bind_param($stmt, 's', $type);
|
||||
mysqli_stmt_execute($stmt);
|
||||
mysqli_stmt_bind_result($stmt, $lastedited, $editedby, $text);
|
||||
if(mysqli_stmt_fetch($stmt)) printf($I['lastedited'], $editedby, date(get_setting('dateformat'), $lastedited));
|
||||
if(mysqli_stmt_fetch($stmt)) printf($I['lastedited'], $editedby, date($dateformat, $lastedited));
|
||||
mysqli_stmt_close($stmt);
|
||||
echo "</p><$H[form]>";
|
||||
if($type=='staff') echo hidden('action', 'notes');
|
||||
@ -1105,6 +1106,7 @@ function create_session($setup){
|
||||
add_user_defaults();
|
||||
if($setup) $U['incognito']=true;
|
||||
if(get_setting('captcha')>0 && ($U['status']==1 || !$C['dismemcaptcha'])){
|
||||
if(!isSet($_REQUEST['challenge'])) send_error($I['wrongcaptcha']);
|
||||
if(!$C['memcached']){
|
||||
$stmt=mysqli_prepare($mysqli, "SELECT `$C[prefix]code` FROM `captcha` WHERE `id`=?");
|
||||
mysqli_stmt_bind_param($stmt, 'i', $_REQUEST['challenge']);
|
||||
@ -1210,13 +1212,12 @@ function check_login(){
|
||||
global $C, $I, $M, $U, $mysqli;
|
||||
$ga=get_setting('guestaccess');
|
||||
if(isSet($_POST['session'])){
|
||||
$stmt=mysqli_prepare($mysqli, "SELECT * FROM `$C[prefix]sessions` WHERE `session`=?");
|
||||
$stmt=mysqli_prepare($mysqli, "SELECT `session`, `nickname`, `displayname`, `status`, `refresh`, `fontinfo`, `style`, `lastpost`, `passhash`, `postid`, `boxwidth`, `boxheight`, `useragent`, `kickmessage`, `bgcolour`, `notesboxheight`, `notesboxwidth`, `entry`, `timestamps`, `embed`, `incognito` FROM `$C[prefix]sessions` WHERE `session`=?");
|
||||
mysqli_stmt_bind_param($stmt, 's', $_POST['session']);
|
||||
mysqli_stmt_execute($stmt);
|
||||
$result=mysqli_stmt_get_result($stmt);
|
||||
$U=mysqli_fetch_array($result, MYSQLI_ASSOC);
|
||||
mysqli_stmt_close($stmt);
|
||||
if(isSet($U['session'])){
|
||||
mysqli_stmt_bind_result($stmt, $U['session'], $U['nickname'], $U['displayname'], $U['status'], $U['refresh'], $U['fontinfo'], $U['style'], $U['lastpost'], $U['passhash'], $U['postid'], $U['boxwidth'], $U['boxheight'], $U['useragent'], $U['kickmessage'], $U['bgcolour'], $U['notesboxheight'], $U['notesboxwidth'], $U['entry'], $U['timestamps'], $U['embed'], $U['incognito']);
|
||||
if(mysqli_stmt_fetch($stmt)){
|
||||
mysqli_stmt_close($stmt);
|
||||
if($U['status']==0){
|
||||
setcookie($C['cookiename'], false);
|
||||
send_error("$I[kicked]<br>$U[kickmessage]");
|
||||
@ -1224,6 +1225,7 @@ function check_login(){
|
||||
setcookie($C['cookiename'], $U['session']);
|
||||
}
|
||||
}else{
|
||||
mysqli_stmt_close($stmt);
|
||||
setcookie($C['cookiename'], false);
|
||||
send_error($I['expire']);
|
||||
|
||||
@ -1441,13 +1443,13 @@ function parse_sessions(){
|
||||
|
||||
function check_member(){
|
||||
global $C, $I, $U, $mysqli;
|
||||
$stmt=mysqli_prepare($mysqli, "SELECT * FROM `$C[prefix]members` WHERE `nickname`=?");
|
||||
$stmt=mysqli_prepare($mysqli, "SELECT `nickname`, `passhash`, `status`, `refresh`, `colour`, `bgcolour`, `fontface`, `fonttags`, `boxwidth`, `boxheight`, `notesboxwidth`, `notesboxheight`, `lastlogin`, `timestamps`, `embed`, `incognito` FROM `$C[prefix]members` WHERE `nickname`=?");
|
||||
mysqli_stmt_bind_param($stmt, 's', $U['nickname']);
|
||||
mysqli_stmt_execute($stmt);
|
||||
$result=mysqli_stmt_get_result($stmt);
|
||||
mysqli_stmt_close($stmt);
|
||||
if($temp=mysqli_fetch_array($result, MYSQLI_ASSOC)){
|
||||
mysqli_stmt_bind_result($stmt, $temp['nickname'], $temp['passhash'], $temp['status'], $temp['refresh'], $temp['colour'], $temp['bgcolour'], $temp['fontface'], $temp['fonttags'], $temp['boxwidth'], $temp['boxheight'], $temp['notesboxwidth'], $temp['notesboxheight'], $temp['lastlogin'], $temp['timestamps'], $temp['embed'], $temp['incognito']);
|
||||
if(mysqli_stmt_fetch($stmt)){
|
||||
if($temp['passhash']==$U['passhash']){
|
||||
mysqli_stmt_close($stmt);
|
||||
$U=$temp;
|
||||
$time=time();
|
||||
$stmt=mysqli_prepare($mysqli, "UPDATE `$C[prefix]members` SET `lastlogin`=? WHERE `nickname`=?");
|
||||
@ -1455,6 +1457,7 @@ function check_member(){
|
||||
mysqli_stmt_execute($stmt);
|
||||
mysqli_stmt_close($stmt);
|
||||
}else{
|
||||
mysqli_stmt_close($stmt);
|
||||
send_error($I['wrongpass']);
|
||||
}
|
||||
}
|
||||
@ -1480,12 +1483,12 @@ function register_guest($status){
|
||||
if(!isSet($P[$_REQUEST['name']])) send_admin(sprintf($I['cantreg'], $_REQUEST['name']));
|
||||
read_members();
|
||||
if(isSet($A[$_REQUEST['name']])) send_admin(sprintf($I['alreadyreged'], $_REQUEST['name']));
|
||||
$stmt=mysqli_prepare($mysqli, "SELECT * FROM `$C[prefix]sessions` WHERE `nickname`=? AND `status`='1'");
|
||||
$stmt=mysqli_prepare($mysqli, "SELECT `session`, `nickname`, `displayname`, `passhash`, `refresh`, `fontinfo`, `bgcolour`, `boxwidth`, `boxheight`, `notesboxwidth`, `notesboxheight`, `timestamps`, `embed`, `incognito` FROM `$C[prefix]sessions` WHERE `nickname`=? AND `status`='1'");
|
||||
mysqli_stmt_bind_param($stmt, 's', $_REQUEST['name']);
|
||||
mysqli_stmt_execute($stmt);
|
||||
$result=mysqli_stmt_get_result($stmt);
|
||||
mysqli_stmt_close($stmt);
|
||||
if($reg=mysqli_fetch_array($result, MYSQL_ASSOC)){
|
||||
mysqli_stmt_bind_result($stmt, $reg['session'], $reg['nickname'], $reg['displayname'], $reg['passhash'], $reg['refresh'], $reg['fontinfo'], $reg['bgcolour'], $reg['boxwidth'], $reg['boxheight'], $reg['notesboxwidth'], $reg['notesboxheight'], $reg['timestamps'], $reg['embed'], $reg['incognito']);
|
||||
if(mysqli_stmt_fetch($stmt)){
|
||||
mysqli_stmt_close($stmt);
|
||||
$reg['status']=$status;
|
||||
if(preg_match('/#([a-f0-9]{6})/i', $reg['fontinfo'], $match)) $reg['colour']=$match[1];
|
||||
else $reg['colour']=$C['coltxt'];
|
||||
@ -1494,6 +1497,7 @@ function register_guest($status){
|
||||
mysqli_stmt_execute($stmt);
|
||||
mysqli_stmt_close($stmt);
|
||||
}else{
|
||||
mysqli_stmt_close($stmt);
|
||||
send_admin(sprintf($I['cantreg'], $_REQUEST['name']));
|
||||
}
|
||||
$stmt=mysqli_prepare($mysqli, "INSERT INTO `$C[prefix]members` (`nickname`, `passhash`, `status`, `refresh`, `colour`, `bgcolour`, `boxwidth`, `boxheight`, `notesboxwidth`, `notesboxheight`, `regedby`, `timestamps`, `embed`, `incognito`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
|
||||
@ -2329,7 +2333,7 @@ function load_lang(){
|
||||
function load_config(){
|
||||
global $C;
|
||||
$C=array(
|
||||
'version' =>'1.9', // Script version
|
||||
'version' =>'1.9.2', // Script version
|
||||
'dbversion' =>8, // Database version
|
||||
'showcredits' =>false, // Allow showing credits
|
||||
'colbg' =>'000000', // Background colour
|
||||
@ -2358,7 +2362,7 @@ function load_config(){
|
||||
'dbpass' =>'YOUR_DB_PASS', // Database password
|
||||
'dbname' =>'public_chat', // Database
|
||||
'prefix' =>'', // Prefix - Set this to a unique value for every chat, if you have more than 1 chats on the same database or domain
|
||||
'memcached' =>'false', // Enable/disable memcached caching true/false - needs php5-memcached and a memcached server.
|
||||
'memcached' =>false, // Enable/disable memcached caching true/false - needs php5-memcached and a memcached server.
|
||||
'memcachedhost' =>'localhost', // Memcached server
|
||||
'memcachedport' =>'11211', // Memcached server
|
||||
'captchachars' =>'0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', // Characters used for captcha generation
|
||||
|
||||
Reference in New Issue
Block a user