read()) { if ($f != '.' && $f != '..') { $fullpath = $path.'/'.$f; if (is_link($fullpath)) continue; elseif (!is_dir($fullpath)) { if (!chmod($fullpath, 0664)) return FALSE; } elseif(!chmod_group($fullpath)) return FALSE; } } $d->close(); if(chmod($path, 0775)) return TRUE; else return FALSE; } # obtain the uid given a Users.Username # function uid_from_username($username="") { if (!$username) { return ""; } $dbh = db_connect(); $q = "SELECT ID FROM Users WHERE Username = '".mysql_real_escape_string($username) ."'"; $result = db_query($q, $dbh); if (!$result) { return "None"; } $row = mysql_fetch_row($result); return $row[0]; } # obtain the uid given a Users.Email # function uid_from_email($email="") { if (!$email) { return ""; } $dbh = db_connect(); $q = "SELECT ID FROM Users WHERE Email = '".mysql_real_escape_string($email) ."'"; $result = db_query($q, $dbh); if (!$result) { return "None"; } $row = mysql_fetch_row($result); return $row[0]; } # check user privileges # function check_user_privileges() { $type = account_from_sid($_COOKIE['AURSID']); return ($type == 'Trusted User' || $type == 'Developer'); } /** * Generate clean url with edited/added user values * * Makes a clean string of variables for use in URLs based on current $_GET and * list of values to edit/add to that. Any empty variables are discarded. * * ex. print "http://example.com/test.php?" . mkurl("foo=bar&bar=baz") * * @param string $append string of variables and values formatted as in URLs * ex. mkurl("foo=bar&bar=baz") * @return string clean string of variables to append to URL, urlencoded */ function mkurl($append) { $get = $_GET; $append = explode('&', $append); $uservars = array(); $out = ''; foreach ($append as $i) { $ex = explode('=', $i); $uservars[$ex[0]] = $ex[1]; } foreach ($uservars as $k => $v) { $get[$k] = $v; } foreach ($get as $k => $v) { if ($v !== '') { $out .= '&' . urlencode($k) . '=' . urlencode($v); } } return substr($out, 5); } function get_salt($user_id) { $dbh = db_connect(); $salt_q = "SELECT Salt FROM Users WHERE ID = '$user_id'"; $salt_result = mysql_fetch_row(db_query($salt_q, $dbh)); return $salt_result[0]; } function save_salt($user_id, $passwd) { $dbh = db_connect(); $salt = generate_salt(); $hash = salted_hash($passwd, $salt); $salting_q = "UPDATE Users SET Salt = '$salt'" . ", Passwd = '$hash' WHERE ID = '$user_id'"; return db_query($salting_q, $dbh); } function generate_salt() { return md5(uniqid(mt_rand(), true)); } function salted_hash($passwd, $salt) { if (strlen($salt) != 32) { trigger_error('Salt does not look like an md5 hash', E_USER_WARNING); } return md5($salt . $passwd); } function parse_comment($comment) { $url_pattern = '/(\b(?:https?|ftp):\/\/[\w\/\#~:.?+=&%@!\-;,]+?' . '(?=[.:?\-;,]*(?:[^\w\/\#~:.?+=&%@!\-;,]|$)))/iS'; $matches = preg_split($url_pattern, $comment, -1, PREG_SPLIT_DELIM_CAPTURE); $html = ''; for ($i = 0; $i < count($matches); $i++) { if ($i % 2) { # convert links $html .= '' . htmlspecialchars($matches[$i]) . ''; } else { # convert everything else $html .= nl2br(htmlspecialchars($matches[$i])); } } return $html; }