This page lists files in the current directory. You can view content, get download/execute commands for Wget, Curl, or PowerShell, or filter the list using wildcards (e.g., `*.sh`).
wget 'https://sme10.lists2.roe3.org/admsnippets/README'https://github.com/DorianNiemiecSVRJS/admsnippet
To install AdmSnippet, first copy the files to a web host.
After copying files to a web host, import the data into a database
from "init.sql" file.
After importing the data, copy "config.example.php" file to "config.php",
and modify the configuration. Properties are explained in code comments.
The default credentials are:
- Username: "admin"
- Password: "admin"
After installing AdmSnippet, it's strongly recommended to change the
default credentials.
If you want to add analytics code, add it to js/analytics.js file.
wget 'https://sme10.lists2.roe3.org/admsnippets/category.php'<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
?>
<?php define("ADMSNIPPET", null); ?>
<?php include("config.php"); ?>
<?php include("includes/setup.php"); ?>
<?php
$categoryid = 0;
$categoryname = null;
$badrequest = false;
$queryerror = false;
$entry = null;
$page_number = 1;
if (isset($_GET['page']) && is_numeric($_GET['page'])) {
$page_number = intval($_GET['page']);
}
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
$badrequest = true;
} else {
$categoryid = intval($_GET['id']);
$categorystmt = mysqli_prepare($db, 'SELECT name FROM categories WHERE id = ?');
if ($categorystmt) {
mysqli_stmt_bind_param($categorystmt, 'i', $categoryid);
mysqli_stmt_execute($categorystmt);
$categoryresult = mysqli_stmt_get_result($categorystmt);
if ($categoryresult) {
$result = mysqli_fetch_assoc($categoryresult);
if ($result) {
$categoryname = $result['name'];
}
} else {
$queryerror = true;
}
mysqli_stmt_close($categorystmt);
} else {
$queryerror = true;
}
}
if ($badrequest) {
http_response_code(400);
$page_title = "Invalid category";
$page_description = "The category URL is invalid.";
} elseif ($queryerror) {
http_response_code(500);
$page_title = "Problem with retrieving the category";
$page_description = "An error occurred when retrieving the category.";
} elseif (!$categoryname) {
http_response_code(404);
$page_title = "Category not found";
$page_description = "The category doesn't currently exist.";
} else {
$page_title = "Category: $categoryname";
$page_description = "Explore various snippets from $categoryname category on AdmSnippet";
}
?>
<?php include("includes/header.php"); ?>
<main class="page">
<div class="container">
<?php
if ($badrequest) {
echo '<h1>Invalid category</h1>
<p>The category URL is invalid.</p>';
} elseif ($queryerror) {
echo '<h1>Problem with retrieving the category</h1>
<p>An error occurred when retrieving the category.</p>';
} elseif (!$result) {
echo '<h1>Category not found</h1>
<p>The category doesn\'t currently exist.</p>';
} else {
echo '<h1>Category: ' . htmlentities($categoryname) . '</h1>
<form class="search-form" action="' . htmlspecialchars(APP_ROOT) . 'search.php">
<input type="text" name="q" class="search-input">
<input type="hidden" name="category" value="' . htmlentities($categoryid) . '">
<input type="submit" value="Search" class="search-button">
</form>';
echo '<div class="entries-outside">';
$entries = null;
$entrystmt = mysqli_prepare($db, 'SELECT snippets.id AS "id",
snippets.title AS "name",
snippets.category_id AS "category_id",
categories.name AS "category",
snippets.user_id AS "user_id",
users.name AS "user",
snippets.date AS "date",
snippets.description AS "description",
(SELECT COUNT(*) FROM votes WHERE votes.snippet_id = snippets.id AND votes.is_downvote = 0)
- (SELECT COUNT(*) FROM votes WHERE votes.snippet_id = snippets.id AND votes.is_downvote = 1) AS "votes",
IFNULL((SELECT (is_downvote = 0) FROM votes WHERE votes.snippet_id = snippets.id AND votes.user_id = ? AND votes.user_id <> -1 AND is_downvote = 0), 0) AS "upvoted",
IFNULL((SELECT (is_downvote = 1) FROM votes WHERE votes.snippet_id = snippets.id AND votes.user_id = ? AND votes.user_id <> -1 AND is_downvote = 1), 0) AS "downvoted"
FROM snippets
INNER JOIN categories
ON snippets.category_id = categories.id
INNER JOIN users
ON snippets.user_id = users.id
WHERE snippets.category_id = ?
ORDER BY (votes / 5) - ((UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(snippets.date)) / 86400)
DESC LIMIT ' . strval((intval($page_number) - 1) * 10) . ', 10;');
if ($entrystmt) {
mysqli_stmt_bind_param($entrystmt, 'iii', $user, $user, $categoryid);
mysqli_stmt_execute($entrystmt);
$entries = mysqli_stmt_get_result($entrystmt);
}
if ($entries) {
$entries_present = false;
while ($entry = mysqli_fetch_assoc($entries)) {
$entries_present = true;
echo '<div class="entry-outside">
<div class="entry-votes">
<form action="' . htmlspecialchars(APP_ROOT) . 'vote.php" method="post">
<input type="submit" value="▲" class="entry-vote-button' . ($entry['upvoted'] ? ' entry-vote-active' : '') . '" title="Upvote">
<input type="hidden" name="action" value="' . (!$entry['upvoted'] ? 'up' : 'reset') . '">
<input type="hidden" name="id" value="' . htmlspecialchars($entry['id']) . '">
<input type="hidden" name="redirect" value="' . htmlspecialchars($_SERVER['REQUEST_URI']) . '">
<input type="hidden" name="csrf" value="' . htmlspecialchars($csrf_token) . '">
</form>
<span class="entry-vote-count">' . htmlspecialchars($entry['votes']) . '</span>
<form action="' . htmlspecialchars(APP_ROOT) . 'vote.php" method="post">
<input type="submit" value="▼" class="entry-vote-button' . ($entry['downvoted'] ? ' entry-vote-active' : '') . '" title="Downvote">
<input type="hidden" name="action" value="' . (!$entry['downvoted'] ? 'down' : 'reset') . '">
<input type="hidden" name="id" value="' . htmlspecialchars($entry['id']) . '">
<input type="hidden" name="redirect" value="' . htmlspecialchars($_SERVER['REQUEST_URI']) . '">
<input type="hidden" name="csrf" value="' . htmlspecialchars($csrf_token) . '">
</form>
</div>
<div class="entry-body">
' . ($entry['user_id'] == $user ? '<form action="' . htmlspecialchars(APP_ROOT) . 'delete.php" method="post" class="entry-action">
<input type="submit" value="Delete" class="button">
<input type="hidden" name="id" value="' . htmlspecialchars($entry['id']) . '">
<input type="hidden" name="csrf" value="' . htmlspecialchars($csrf_token) . '">
</form><form action="' . htmlspecialchars(APP_ROOT) . 'edit.php" class="entry-action">
<input type="submit" value="Edit" class="button">
<input type="hidden" name="id" value="' . htmlspecialchars($entry['id']) . '">
</form>' : '') . '
<h3><a href="' . htmlspecialchars(APP_ROOT) . 'snippet.php?id=' . htmlspecialchars($entry['id']) . '">' . htmlspecialchars($entry['name']) . '</a></h3>
<p><a href="' . htmlspecialchars(APP_ROOT) . 'category.php?id=' . htmlspecialchars($entry['category_id']) . '">' . htmlspecialchars($entry['category']) . '</a> |
by <a href="' . htmlspecialchars(APP_ROOT) . 'user.php?id=' . htmlspecialchars($entry['user_id']) . '">' . htmlspecialchars($entry['user']) . '</a> |
submitted in ' . htmlspecialchars(date('F j, Y', strtotime($entry['date']))) . '</p>
<p>' . htmlspecialchars($entry['description']) . '</p>
</div>
</div>';
}
if (!$entries_present) echo "<p>No snippets.</p>";
mysqli_stmt_close($entrystmt);
} else {
echo "<p>An error has occurred during retrieval of user's snippets!</p>";
}
echo '</div>';
$qtystmt = mysqli_prepare($db, 'SELECT * FROM snippets WHERE category_id = ?;');
if ($qtystmt) {
mysqli_stmt_bind_param($qtystmt, 'i', $categoryid);
mysqli_stmt_execute($qtystmt);
mysqli_stmt_store_result($qtystmt);
$qty = intval(mysqli_stmt_num_rows($qtystmt));
$maxpages = ceil($qty / 10);
$page_beg = $page_number - 2;
$page_end = $page_number + 2;
if ($page_end > $maxpages) {
$page_beg -= $page_end - $maxpages;
$page_end = $maxpages;
}
if ($page_beg < 1) {
$page_end += 1 - $page_beg;
$page_beg = 1;
}
if ($maxpages > 1) {
echo '<div class="pagination">';
if ($page_number > 1) {
echo '<a href="' . htmlspecialchars(APP_ROOT) . 'explore.php?page=' . htmlspecialchars($page_number - 1) . '">‹</a>';
}
for ($i = 0; $i < 5 && $i < $maxpages; $i++) {
$curpageno = $page_beg + $i;
if ($curpageno == $page_number) {
echo '<span class="pagination-active">' . htmlspecialchars($curpageno) . '</span>';
} else {
echo '<a href="' . htmlspecialchars(APP_ROOT) . 'explore.php?page=' . htmlspecialchars($curpageno) . '">' . htmlspecialchars($curpageno) . '</a>';
}
}
if ($page_number < $maxpages) {
echo '<a href="' . htmlspecialchars(APP_ROOT) . 'explore.php?page=' . htmlspecialchars($page_number + 1) . '">›</a>';
}
echo '</div>';
}
mysqli_stmt_close($qtystmt);
}
}
?>
</div>
</main>
<?php include("includes/footer.php"); ?>
<?php include("includes/finalize.php"); ?>
wget 'https://sme10.lists2.roe3.org/admsnippets/changepassword.php'<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
?>
<?php define("ADMSNIPPET", null); ?>
<?php include("config.php"); ?>
<?php include("includes/setup.php"); ?>
<?php
if ($user == -1) {
header('Location: ' . (APP_ROOT . 'login.php?redirect=' . urlencode(APP_ROOT . 'changepassword.php')));
http_response_code(302);
include("includes/finalize.php");
exit;
}
$error_message = null;
$page_title = "Change password";
$page_description = "Change your password on AdmSnippet.";
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!isset($_POST['csrf']) || $_POST['csrf'] != $csrf_token) {
$error_message = "Potential CSRF attack detected.";
} elseif (!isset($_POST['curpass'], $_POST['pass'], $_POST['pass2']) || !$_POST['curpass'] || !$_POST['pass'] || !$_POST['pass2']) {
$error_message = "You need to input passwords.";
} elseif ($_POST['pass'] != $_POST['pass2']) {
$error_message = "Passwords don't match.";
} else {
$result = null;
$stmt = mysqli_prepare($db, 'SELECT password FROM users WHERE id = ?;');
if ($stmt) {
mysqli_stmt_bind_param($stmt, 'i', $user);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
if ($result) {
$entry = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
if ($entry && password_verify($_POST['curpass'], $entry['password'])) {
$hashed_password = password_hash($_POST['pass'], PASSWORD_DEFAULT);
$stmt2 = mysqli_prepare($db, 'UPDATE users SET password = ? WHERE id = ?;');
if ($stmt2) {
mysqli_stmt_bind_param($stmt2, 'si', $hashed_password, $user);
$isexecsuccess = mysqli_stmt_execute($stmt2);
if (!$isexecsuccess) {
mysqli_stmt_close($stmt2);
$error_message = 'An internal server error has occurred during changing the password.';
} else {
$isupdated = mysqli_stmt_affected_rows($stmt2) > 0;
mysqli_stmt_close($stmt2);
if ($isupdated) {
header('Location: ' . (APP_ROOT . 'user.php?id=' . urlencode($user)));
http_response_code(302);
include("includes/finalize.php");
exit;
} else {
$error_message = 'An internal server error has occurred during changing the password.';
}
}
} else {
$error_message = 'An internal server error has occurred during changing the password.';
}
} else {
$error_message = 'Invalid password.';
}
} else {
mysqli_stmt_close($stmt);
$error_message = 'An internal server error has occurred during changing the password.';
}
} else {
$error_message = 'An internal server error has occurred during changing the password.';
}
}
}
?>
<?php include("includes/header.php"); ?>
<main class="page">
<div class="container">
<h1>Change password</h1>
<form action="<?php echo htmlspecialchars(APP_ROOT); ?>changepassword.php" method="post" class="form-visible">
<div class="form-element">
<label for="curpass">Current password:</label>
<input type="password" type="text" name="curpass" id="curpass" required>
</div>
<div class="form-element">
<label for="pass">Password:</label>
<input type="password" name="pass" id="pass" required>
</div>
<div class="form-element">
<label for="pass2">Confirm password:</label>
<input type="password" name="pass2" id="pass2" required>
</div>
<?php
if ($error_message) {
echo '<p class="form-error">' . htmlspecialchars($error_message) . '</p>';
}
?>
<input type="hidden" name="csrf" value="<?php echo htmlspecialchars($csrf_token); ?>">
<input type="submit" value="Change password" class="button">
</form>
</div>
</main>
<?php include("includes/footer.php"); ?>
<?php include("includes/finalize.php"); ?>
wget 'https://sme10.lists2.roe3.org/admsnippets/config.example.php'<?php
// MySQL/MariaDB configuration
define('MYSQL_HOST', "localhost");
define('MYSQL_USER', "adminsnippet");
define('MYSQL_PASS', "adminsnippet");
define('MYSQL_DB', "adminsnippet");
// Root URL for AdmSnippet
define('APP_ROOT', '/');
// Questions for registration CAPTCHA. Below are the sample CAPTCHA questions
define('CAPTCHA_QUESTIONS', [
'What is the capital of France?' => 'Paris'
'What is the first or the last letter of "AdmSnippet"?' => [
'A',
't'
]
]);
?>
wget 'https://sme10.lists2.roe3.org/admsnippets/config.php'<?php
// MySQL/MariaDB configuration
define('MYSQL_HOST', "localhost");
define('MYSQL_USER', "mdrone");
define('MYSQL_PASS', "einstein");
define('MYSQL_DB', "adminsnippet");
// Root URL for AdmSnippet
define('APP_ROOT', '/admsnippets/');
// Questions for registration CAPTCHA. Below are the sample CAPTCHA questions
define('CAPTCHA_QUESTIONS', [
'What is the capital of France?' => 'Paris'
]);
?>
wget 'https://sme10.lists2.roe3.org/admsnippets/delete.php'<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
?>
<?php define("ADMSNIPPET", null); ?>
<?php include("config.php"); ?>
<?php include("includes/setup.php"); ?>
<?php
$invalidmethod = true;
$badrequest = false;
$servererror = false;
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$invalidmethod = false;
if (!isset($_POST['id']) || !is_numeric($_POST['id'])) {
$badrequest = true;
} elseif (!isset($_POST['csrf']) || $_POST['csrf'] != $csrf_token) {
$badrequest = true;
} else {
$stmt = mysqli_prepare($db, 'DELETE FROM snippets WHERE id = ? AND user_id = ?;');
$snippetid = intval($_POST['id']);
if ($stmt) {
mysqli_stmt_bind_param($stmt, 'ii', $snippetid, $user);
$isexecsuccess = mysqli_stmt_execute($stmt);
if (!$isexecsuccess) {
mysqli_stmt_close($stmt);
$servererror = true;
} else {
$isdeleted = mysqli_stmt_affected_rows($stmt) > 0;
mysqli_stmt_close($stmt);
if ($isdeleted) {
// The previous prepared statement adds a user ID condition.
// If the snippet gets deleted (affected rows are greater than 0), and the error didn't occur (the -1 value),
// also delete votes for a non-existent snippet.
$stmt2 = mysqli_prepare($db, 'DELETE FROM votes WHERE snippet_id = ?;');
if ($stmt2) {
mysqli_stmt_bind_param($stmt2, 'i', $snippetid);
$isexecsuccess2 = mysqli_stmt_execute($stmt2);
if (!$isexecsuccess2) {
$servererror = true;
}
mysqli_stmt_close($stmt2);
} else {
$servererror = true;
}
}
}
} else {
$servererror = true;
}
}
}
if ($invalidmethod) {
http_response_code(405);
$page_title = "Invalid method";
$page_description = "Invalid method was used while attempting to delete a snippet.";
} elseif ($servererror) {
http_response_code(500);
$page_title = "Error while deleting a snippet";
$page_description = "An internal server error has occurred while deleting a snippet.";
} elseif ($badrequest) {
http_response_code(400);
$page_title = "Invalid deletion request";
$page_description = "The request for snippet deletion is invalid.";
} else {
header('Location: ' . (APP_ROOT . 'user.php?id=' . urlencode($user)));
http_response_code(302);
include("includes/finalize.php");
exit;
}
?>
<?php include("includes/header.php"); ?>
<main class="page">
<div class="container">
<?php
if ($invalidmethod) {
echo '<h1>Invalid method</h1>
<p>Invalid method was used while attempting to delete a snippet.</p>';
} elseif ($servererror) {
echo '<h1>Error while deleting a snippet</h1>
<p>An internal server error has occurred while deleting a snippet.</p>';
} elseif ($badrequest) {
echo '<h1>Invalid deletion request</h1>
<p>The request for snippet deletion is invalid.</p>';
}
?>
</div>
</main>
<?php include("includes/footer.php"); ?>
<?php include("includes/finalize.php"); ?>
wget 'https://sme10.lists2.roe3.org/admsnippets/deletemyaccount.php'<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
?>
<?php define("ADMSNIPPET", null); ?>
<?php include("config.php"); ?>
<?php include("includes/setup.php"); ?>
<?php
if ($user == -1) {
header('Location: ' . (APP_ROOT . 'login.php?redirect=' . urlencode(APP_ROOT . 'deletemyaccount.php')));
http_response_code(302);
include("includes/finalize.php");
exit;
}
$error_message = null;
$page_title = "Delete my account";
$page_description = "Are you sure to delete your account on AdmSnippet? You will lose all the snippets you have uploaded on AdmSnippet.";
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!isset($_POST['csrf']) || $_POST['csrf'] != $csrf_token) {
$error_message = "Potential CSRF attack detected.";
} elseif (!isset($_POST['pass']) || !$_POST['pass']) {
$error_message = "You need to input password.";
} else {
$passwordresult = null;
$passwordstmt = mysqli_prepare($db, 'SELECT password FROM users WHERE id = ?;');
if ($passwordstmt) {
mysqli_stmt_bind_param($passwordstmt, 'i', $user);
mysqli_stmt_execute($passwordstmt);
$passwordresult = mysqli_stmt_get_result($passwordstmt);
if ($passwordresult) {
$passwordentry = mysqli_fetch_assoc($passwordresult);
mysqli_stmt_close($passwordstmt);
if ($passwordentry && password_verify($_POST['pass'], $passwordentry['password'])) {
$stmt = mysqli_prepare($db, 'DELETE FROM users WHERE id = ? AND is_admin = 0;');
if ($stmt) {
mysqli_stmt_bind_param($stmt, 'i', $user);
$isexecsuccess = mysqli_stmt_execute($stmt);
if ($isexecsuccess) {
$isdeleted = mysqli_stmt_affected_rows($stmt) > 0;
mysqli_stmt_close($stmt);
if ($isdeleted) {
$stmt2 = mysqli_prepare($db, 'DELETE FROM votes WHERE user_id = ?;');
if ($stmt2) {
mysqli_stmt_bind_param($stmt2, 'i', $user);
$isexecsuccess2 = mysqli_stmt_execute($stmt2);
mysqli_stmt_close($stmt2);
if ($isexecsuccess2) {
$stmt3 = mysqli_prepare($db, 'DELETE FROM snippets WHERE user_id = ?;');
if ($stmt3) {
mysqli_stmt_bind_param($stmt3, 'i', $user);
$isexecsuccess3 = mysqli_stmt_execute($stmt3);
mysqli_stmt_close($stmt3);
if ($isexecsuccess3) {
header('Location: ' . APP_ROOT);
http_response_code(302);
include("includes/finalize.php");
exit;
} else {
$error_message = 'An internal server error has occurred during the account deletion.';
}
} else {
$error_message = 'An internal server error has occurred during the account deletion.';
}
} else {
$error_message = 'An internal server error has occurred during the account deletion.';
}
} else {
$error_message = 'An internal server error has occurred during the account deletion.';
}
} else {
$error_message = 'An internal server error has occurred during the account deletion.';
}
} else {
mysqli_stmt_close($stmt);
$error_message = 'An internal server error has occurred during the account deletion.';
}
} else {
$error_message = 'An internal server error has occurred during the account deletion.';
}
} else {
$error_message = 'Invalid password.';
}
} else {
mysqli_stmt_close($passwordstmt);
$error_message = 'An internal server error has occurred during the account verification.';
}
} else {
$error_message = 'An internal server error has occurred during the account verification.';
}
}
}
?>
<?php include("includes/header.php"); ?>
<main class="page">
<div class="container">
<h1>Delete my account</h1>
<p>Are you sure to delete your account on AdmSnippet? You will lose all the snippets you have uploaded on AdmSnippet.</p>
<form action="<?php echo htmlspecialchars(APP_ROOT); ?>deletemyaccount.php" method="post" class="form-visible">
<div class="form-element">
<label for="pass">Password:</label>
<input type="password" name="pass" id="pass" required>
</div>
<?php
if ($error_message) {
echo '<p class="form-error">' . htmlspecialchars($error_message) . '</p>';
}
?>
<input type="submit" value="Delete my account" class="button">
<input type="hidden" name="csrf" value="<?php echo htmlspecialchars($csrf_token); ?>">
</form>
</div>
</main>
<?php include("includes/footer.php"); ?>
<?php include("includes/finalize.php"); ?>
wget 'https://sme10.lists2.roe3.org/admsnippets/edit.php'<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
?>
<?php define("ADMSNIPPET", null); ?>
<?php include("config.php"); ?>
<?php include("includes/setup.php"); ?>
<?php
if ($user == -1) {
header('Location: ' . (APP_ROOT . 'login.php?redirect=' . urlencode(APP_ROOT . 'submit.php')));
http_response_code(302);
include("includes/finalize.php");
exit;
}
$error_message = null;
$snippetid = null;
$badrequest = false;
$queryerror = false;
$result = null;
$snippet_categoryid = null;
$snippet_title = null;
$snippet_description = null;
$snippet_snippet = null;
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!isset($_POST['id']) || !is_numeric($_POST['id'])) {
$badrequest = true;
} else {
$snippetid = intval($_POST['id']);
}
} else {
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
$badrequest = true;
} else {
$snippetid = intval($_GET['id']);
}
}
if (!$badrequest) {
$snippetstmt = mysqli_prepare($db, 'SELECT category_id, title, description, snippet FROM snippets WHERE id = ? AND user_id = ?;');
if ($snippetstmt) {
mysqli_stmt_bind_param($snippetstmt, 'ii', $snippetid, $user);
mysqli_stmt_execute($snippetstmt);
$snippetresult = mysqli_stmt_get_result($snippetstmt);
if ($snippetresult) {
$result = mysqli_fetch_assoc($snippetresult);
mysqli_stmt_close($snippetstmt);
if ($result) {
$snippet_categoryid = $result['category_id'];
$snippet_title = $result['title'];
$snippet_description = $result['description'];
$snippet_snippet = $result['snippet'];
}
} else {
mysqli_stmt_close($snippetstmt);
$queryerror = true;
}
} else {
$queryerror = true;
}
}
if ($badrequest) {
http_response_code(400);
$page_title = "Invalid snippet";
$page_description = "The client tried to access an invalid snippet.";
} elseif ($queryerror) {
http_response_code(500);
$page_title = "Problem with retrieving the snippet";
$page_description = "An error occurred when retrieving the snippet.";
} elseif (!$result) {
http_response_code(404);
$page_title = "Snippet not found";
$page_description = "The snippet either doesn't currently exist or you don\'t have a permission to edit the snippet.";
} else {
$page_title = "Edit";
$page_description = "Edit your snippet on AdmSnippet.";
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!isset($_POST['csrf']) || $_POST['csrf'] != $csrf_token) {
$error_message = "Potential CSRF attack detected.";
} elseif (!isset($_POST['title'], $_POST['desc'], $_POST['content'], $_POST['category']) || !$_POST['title'] || !$_POST['desc'] || !$_POST['content'] || !is_numeric($_POST['category'])) {
$error_message = "You need to input the title, description and contents, and select the category.";
} else {
$categoryid = intval($_POST['category']);
$categorystmt = mysqli_prepare($db, 'SELECT * FROM categories WHERE id = ?;');
if ($categorystmt) {
mysqli_stmt_bind_param($categorystmt, 'i', $categoryid);
mysqli_stmt_execute($categorystmt);
mysqli_stmt_store_result($categorystmt);
$categoryexists = intval(mysqli_stmt_num_rows($categorystmt)) > 0;
mysqli_stmt_close($categorystmt);
if ($categoryexists) {
$stmt = mysqli_prepare($db, 'UPDATE snippets SET category_id = ?, title = ?, description = ?, snippet = ? WHERE id = ? AND user_id = ?;');
if ($stmt) {
mysqli_stmt_bind_param($stmt, 'isssii', $categoryid, $_POST['title'], $_POST['desc'], $_POST['content'], $snippetid, $user);
$isexecsuccess = mysqli_stmt_execute($stmt);
if (!$isexecsuccess) {
mysqli_stmt_close($stmt);
$error_message = 'An internal server error has occurred during the submission.';
} else {
$isupdated = mysqli_stmt_affected_rows($stmt) > 0;
mysqli_stmt_close($stmt);
if ($isupdated) {
header('Location: ' . (APP_ROOT . 'snippet.php?id=' . urlencode($snippetid)));
http_response_code(302);
include("includes/finalize.php");
exit;
} else {
$error_message = 'An internal server error has occurred during the submission.';
}
}
} else {
$error_message = 'An internal server error has occurred during the submission.';
}
} else {
$error_message = 'The category for the snippet doesn\'t exist.';
}
} else {
$error_message = 'An internal server error has occurred during the submission.';
}
}
}
}
?>
<?php include("includes/header.php"); ?>
<main class="page">
<div class="container">
<?php
if ($badrequest) {
echo '<h1>Invalid snippet</h1>
<p>The snippet editing URL is invalid.</p>';
} elseif ($queryerror) {
echo '<h1>Problem with retrieving the snippet</h1>
<p>An error occurred when retrieving the snippet.</p>';
} elseif (!$result) {
echo '<h1>Snippet not found</h1>
<p>The snippet either doesn\'t currently exist or you don\'t have a permission to edit the snippet.</p>';
} else {
echo '<h1>Edit</h1>
<form action="' . htmlspecialchars(APP_ROOT) .'edit.php" method="post" class="form-visible">
<div class="form-element">
<label for="title">Title:</label>
<input type="text" name="title" id="title" value="' . htmlspecialchars($snippet_title) . '" required maxlength="255">
</div>
<div class="form-element">
<label for="category">Category:</label>
<select name="category" id="category">';
$categories = mysqli_query($db, 'SELECT id, name FROM categories ORDER BY id;');
if ($categories) {
while ($category = mysqli_fetch_assoc($categories)) {
echo '<option value="' . htmlspecialchars($category['id']) . '"' . ($category['id'] == $snippet_categoryid ? ' selected' : '') . '>' . htmlspecialchars($category['name']) . '</option>';
}
}
echo '</select>
</div>
<div class="form-element form-full">
<label for="desc">Description:</label>
<input type="text" name="desc" id="desc" maxlength="8191" value="' . htmlspecialchars($snippet_description) . '">
</div>
<div class="form-element">
<label for="content">Content:</label>
<textarea name="content" id="content" class="form-code-textbox" required>' . htmlspecialchars($snippet_snippet) . '</textarea>
</div>';
if ($error_message) {
echo '<p class="form-error">' . htmlspecialchars($error_message) . '</p>';
}
echo '<input type="hidden" name="csrf" value="' . htmlspecialchars($csrf_token) . '">
<input type="hidden" name="id" value="' . htmlspecialchars($snippetid) . '">
<input type="submit" value="Submit" class="button">
</form>';
}
?>
</div>
</main>
<?php include("includes/footer.php"); ?>
<?php include("includes/finalize.php"); ?>
wget 'https://sme10.lists2.roe3.org/admsnippets/explore.php'<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
?>
<?php define("ADMSNIPPET", null); ?>
<?php include("config.php"); ?>
<?php include("includes/setup.php"); ?>
<?php
$userid = 0;
$page_number = 1;
if (isset($_GET['page']) && is_numeric($_GET['page'])) {
$page_number = intval($_GET['page']);
}
$page_title = "Explore";
$page_description = "Explore various snippets on AdmSnippet";
?>
<?php include("includes/header.php"); ?>
<main class="page">
<div class="container">
<h1>Explore</h1>
<form class="search-form" action="<?php echo htmlspecialchars(APP_ROOT); ?>search.php">
<input type="text" name="q" class="search-input">
<input type="submit" value="Search" class="search-button">
</form>
<?php
if ($page_number == 1) {
echo '<h2 class="topsnippets-heading">Categories</h2>';
$categories = mysqli_query($db, 'SELECT id, name FROM categories;');
if ($categories) {
echo '<ul class="categories">';
while ($category = mysqli_fetch_assoc($categories)) {
echo '<li><a href="' . htmlentities(APP_ROOT) . 'category.php?id=' . htmlentities(urlencode($category['id'])) . '">' . htmlentities($category['name']) . '</a></li>';
}
echo '</ul>';
} else {
echo "<p>An error has occurred during retrieval of categories snippets!</p>";
}
echo '<h2 class="topsnippets-heading">Snippets</h2>';
}
echo '<div class="entries-outside">';
$entries = null;
$entrystmt = mysqli_prepare($db, 'SELECT snippets.id AS "id",
snippets.title AS "name",
snippets.category_id AS "category_id",
categories.name AS "category",
snippets.user_id AS "user_id",
users.name AS "user",
snippets.date AS "date",
snippets.description AS "description",
(SELECT COUNT(*) FROM votes WHERE votes.snippet_id = snippets.id AND votes.is_downvote = 0)
- (SELECT COUNT(*) FROM votes WHERE votes.snippet_id = snippets.id AND votes.is_downvote = 1) AS "votes",
IFNULL((SELECT (is_downvote = 0) FROM votes WHERE votes.snippet_id = snippets.id AND votes.user_id = ? AND votes.user_id <> -1 AND is_downvote = 0), 0) AS "upvoted",
IFNULL((SELECT (is_downvote = 1) FROM votes WHERE votes.snippet_id = snippets.id AND votes.user_id = ? AND votes.user_id <> -1 AND is_downvote = 1), 0) AS "downvoted"
FROM snippets
INNER JOIN categories
ON snippets.category_id = categories.id
INNER JOIN users
ON snippets.user_id = users.id
ORDER BY (votes / 5) - ((UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(snippets.date)) / 86400)
DESC LIMIT ' . strval(max(intval($page_number) - 1, 0) * 10) . ', 10;');
if ($entrystmt) {
mysqli_stmt_bind_param($entrystmt, 'ii', $user, $user);
mysqli_stmt_execute($entrystmt);
$entries = mysqli_stmt_get_result($entrystmt);
}
if ($entries) {
$entries_present = false;
while ($entry = mysqli_fetch_assoc($entries)) {
$entries_present = true;
echo '<div class="entry-outside">
<div class="entry-votes">
<form action="' . htmlspecialchars(APP_ROOT) . 'vote.php" method="post">
<input type="submit" value="▲" class="entry-vote-button' . ($entry['upvoted'] ? ' entry-vote-active' : '') . '" title="Upvote">
<input type="hidden" name="action" value="' . (!$entry['upvoted'] ? 'up' : 'reset') . '">
<input type="hidden" name="id" value="' . htmlspecialchars($entry['id']) . '">
<input type="hidden" name="redirect" value="' . htmlspecialchars($_SERVER['REQUEST_URI']) . '">
<input type="hidden" name="csrf" value="' . htmlspecialchars($csrf_token) . '">
</form>
<span class="entry-vote-count">' . htmlspecialchars($entry['votes']) . '</span>
<form action="' . htmlspecialchars(APP_ROOT) . 'vote.php" method="post">
<input type="submit" value="▼" class="entry-vote-button' . ($entry['downvoted'] ? ' entry-vote-active' : '') . '" title="Downvote">
<input type="hidden" name="action" value="' . (!$entry['downvoted'] ? 'down' : 'reset') . '">
<input type="hidden" name="id" value="' . htmlspecialchars($entry['id']) . '">
<input type="hidden" name="redirect" value="' . htmlspecialchars($_SERVER['REQUEST_URI']) . '">
<input type="hidden" name="csrf" value="' . htmlspecialchars($csrf_token) . '">
</form>
</div>
<div class="entry-body">
' . ($entry['user_id'] == $user ? '<form action="' . htmlspecialchars(APP_ROOT) . 'delete.php" method="post" class="entry-action">
<input type="submit" value="Delete" class="button">
<input type="hidden" name="id" value="' . htmlspecialchars($entry['id']) . '">
<input type="hidden" name="csrf" value="' . htmlspecialchars($csrf_token) . '">
</form><form action="' . htmlspecialchars(APP_ROOT) . 'edit.php" class="entry-action">
<input type="submit" value="Edit" class="button">
<input type="hidden" name="id" value="' . htmlspecialchars($entry['id']) . '">
</form>' : '') . '
<h3><a href="' . htmlspecialchars(APP_ROOT) . 'snippet.php?id=' . htmlspecialchars($entry['id']) . '">' . htmlspecialchars($entry['name']) . '</a></h3>
<p><a href="' . htmlspecialchars(APP_ROOT) . 'category.php?id=' . htmlspecialchars($entry['category_id']) . '">' . htmlspecialchars($entry['category']) . '</a> |
by <a href="' . htmlspecialchars(APP_ROOT) . 'user.php?id=' . htmlspecialchars($entry['user_id']) . '">' . htmlspecialchars($entry['user']) . '</a> |
submitted in ' . htmlspecialchars(date('F j, Y', strtotime($entry['date']))) . '</p>
<p>' . htmlspecialchars($entry['description']) . '</p>
</div>
</div>';
}
if (!$entries_present) echo "<p>No snippets.</p>";
mysqli_stmt_close($entrystmt);
} else {
if ($entrystmt) mysqli_stmt_close($entrystmt);
echo "<p>An error has occurred during retrieval of snippets!</p>";
}
echo '</div>';
$qtyresult = mysqli_query($db, 'SELECT * FROM snippets;');
if ($qtyresult) {
mysqli_store_result($db);
$qty = intval(mysqli_num_rows($qtyresult));
$maxpages = ceil($qty / 10);
$page_beg = $page_number - 2;
$page_end = $page_number + 2;
if ($page_end > $maxpages) {
$page_beg -= $page_end - $maxpages;
$page_end = $maxpages;
}
if ($page_beg < 1) {
$page_end += 1 - $page_beg;
$page_beg = 1;
}
if ($maxpages > 1) {
echo '<div class="pagination">';
if ($page_number > 1) {
echo '<a href="' . htmlspecialchars(APP_ROOT) . 'explore.php?page=' . htmlspecialchars($page_number - 1) . '">‹</a>';
}
for ($i = 0; $i < 5 && $i < $maxpages; $i++) {
$curpageno = $page_beg + $i;
if ($curpageno == $page_number) {
echo '<span class="pagination-active">' . htmlspecialchars($curpageno) . '</span>';
} else {
echo '<a href="' . htmlspecialchars(APP_ROOT) . 'explore.php?page=' . htmlspecialchars($curpageno) . '">' . htmlspecialchars($curpageno) . '</a>';
}
}
if ($page_number < $maxpages) {
echo '<a href="' . htmlspecialchars(APP_ROOT) . 'explore.php?page=' . htmlspecialchars($page_number + 1) . '">›</a>';
}
echo '</div>';
}
}
?>
</div>
</main>
<?php include("includes/footer.php"); ?>
<?php include("includes/finalize.php"); ?>
wget 'https://sme10.lists2.roe3.org/admsnippets/favicon.ico'wget 'https://sme10.lists2.roe3.org/admsnippets/init.sql'--
-- Database: `adminsnippet`
--
-- --------------------------------------------------------
--
-- Struktura tabeli dla tabeli `categories`
--
DROP TABLE IF EXISTS `categories`;
CREATE TABLE `categories` (
`id` int(11) NOT NULL,
`name` varchar(255) NOT NULL
);
--
-- Dumping data for table `categories`
--
INSERT INTO `categories` (`id`, `name`) VALUES
(1, 'Backup and Recovery'),
(2, 'Database Management'),
(3, 'Firewall and Security'),
(4, 'Monitoring and Logging'),
(5, 'Network Configuration'),
(6, 'Operating System Configuration'),
(7, 'Scripting Languages (e.g. Bash, Python, PowerShell)'),
(8, 'Server Management (e.g. Apache httpd, NGINX, IIS)'),
(9, 'User Management and Authentication'),
(10, 'Virtualization and Containerization'),
(11, 'Web Server Configuration');
-- --------------------------------------------------------
--
-- Struktura tabeli dla tabeli `snippets`
--
DROP TABLE IF EXISTS `snippets`;
CREATE TABLE `snippets` (
`id` int(11) NOT NULL,
`category_id` int(11) NOT NULL,
`user_id` int(11) NOT NULL,
`title` varchar(255) NOT NULL,
`date` datetime NOT NULL,
`description` varchar(8191) DEFAULT NULL,
`snippet` mediumtext NOT NULL
);
-- --------------------------------------------------------
--
-- Struktura tabeli dla tabeli `users`
--
DROP TABLE IF EXISTS `users`;
CREATE TABLE `users` (
`id` int(11) NOT NULL,
`name` varchar(255) NOT NULL,
`password` varchar(255) NOT NULL,
`joined` date NOT NULL,
`is_admin` tinyint(4) NOT NULL DEFAULT 0
);
--
-- Dumping data for table `users`
--
INSERT INTO `users` (`id`, `name`, `password`, `joined`, `is_admin`) VALUES
(1, 'admin', '$2y$10$JW6PUyyErzH0/gEWxqF8BeXg0ghIbobA87dTXly8.t8kjc4KE5dSO', '1970-01-01', 1);
-- --------------------------------------------------------
--
-- Struktura tabeli dla tabeli `votes`
--
DROP TABLE IF EXISTS `votes`;
CREATE TABLE `votes` (
`id` int(11) NOT NULL,
`snippet_id` int(11) NOT NULL,
`user_id` int(11) NOT NULL,
`is_downvote` tinyint(4) NOT NULL DEFAULT 0
);
--
-- Indeksy dla zrzutów tabel
--
--
-- Indeksy dla tabeli `categories`
--
ALTER TABLE `categories`
ADD PRIMARY KEY (`id`);
--
-- Indeksy dla tabeli `snippets`
--
ALTER TABLE `snippets`
ADD PRIMARY KEY (`id`);
ALTER TABLE `snippets` ADD FULLTEXT KEY `title` (`title`,`description`);
--
-- Indeksy dla tabeli `users`
--
ALTER TABLE `users`
ADD PRIMARY KEY (`id`);
--
-- Indeksy dla tabeli `votes`
--
ALTER TABLE `votes`
ADD PRIMARY KEY (`id`);
--
-- AUTO_INCREMENT for dumped tables
--
--
-- AUTO_INCREMENT for table `categories`
--
ALTER TABLE `categories`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=12;
--
-- AUTO_INCREMENT for table `snippets`
--
ALTER TABLE `snippets`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=2;
--
-- AUTO_INCREMENT for table `users`
--
ALTER TABLE `users`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=2;
--
-- AUTO_INCREMENT for table `votes`
--
ALTER TABLE `votes`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
COMMIT;
wget 'https://sme10.lists2.roe3.org/admsnippets/login.php'<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
?>
<?php define("ADMSNIPPET", null); ?>
<?php include("config.php"); ?>
<?php include("includes/setup.php"); ?>
<?php
$redirect = null;
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['redirect']) && strlen($_POST['redirect']) > 0 && $_POST['redirect'][0] == "/" && (strlen($_POST['redirect']) == 1 || $_POST['redirect'][1] != "/")) {
$redirect = $_POST['redirect'];
} elseif (isset($_GET['redirect']) && strlen($_GET['redirect']) > 0 && $_GET['redirect'][0] == "/" && (strlen($_GET['redirect']) == 1 || $_GET['redirect'][1] != "/")) {
$redirect = $_GET['redirect'];
}
if ($user != -1) {
header('Location: ' . ($redirect ? $redirect : APP_ROOT));
http_response_code(302);
include("includes/finalize.php");
exit;
}
$error_message = null;
$page_title = "Log in";
$page_description = "Log into AdmSnippet to upload snippets and vote.";
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!isset($_POST['csrf']) || $_POST['csrf'] != $csrf_token) {
$error_message = "Potential CSRF attack detected.";
} elseif (!isset($_POST['user'], $_POST['pass']) || !$_POST['user'] || !$_POST['pass']) {
$error_message = "You need to input username/password.";
} else {
$result = null;
$stmt = mysqli_prepare($db, 'SELECT id, password FROM users WHERE name = ?;');
if ($stmt) {
mysqli_stmt_bind_param($stmt, 's', $_POST['user']);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
if ($result) {
$entry = mysqli_fetch_assoc($result);
mysqli_stmt_close($stmt);
if ($entry && password_verify($_POST['pass'], $entry['password'])) {
$_SESSION['user'] = $entry['id'];
header('Location: ' . ($redirect ? $redirect : APP_ROOT));
http_response_code(302);
include("includes/finalize.php");
exit;
} else {
$error_message = 'Invalid username/password.';
}
} else {
mysqli_stmt_close($stmt);
$error_message = 'An internal server error has occurred during logging in.';
}
} else {
$error_message = 'An internal server error has occurred during logging in.';
}
}
}
?>
<?php include("includes/header.php"); ?>
<main class="page">
<div class="container">
<h1>Log in</h1>
<form action="<?php echo htmlspecialchars(APP_ROOT); ?>login.php" method="post" class="form-visible">
<div class="form-element">
<label for="user">Username:</label>
<input type="text" name="user" id="user" required maxlength="255">
</div>
<div class="form-element">
<label for="pass">Password:</label>
<input type="password" name="pass" id="pass" required>
</div>
<?php
if ($redirect) {
echo '<input type="hidden" name="redirect" value="' . htmlspecialchars($redirect) . '">';
}
?>
<?php
if ($error_message) {
echo '<p class="form-error">' . htmlspecialchars($error_message) . '</p>';
}
?>
<p>Don't have an account? <a href="<?php echo htmlspecialchars(APP_ROOT); ?>register.php<?php echo htmlspecialchars($redirect ? '?redirect=' . urlencode($redirect) : '') ?>">Register on AdmSnippet.</a></p>
<input type="hidden" name="csrf" value="<?php echo htmlspecialchars($csrf_token); ?>">
<input type="submit" value="Log in" class="button">
</form>
</div>
</main>
<?php include("includes/footer.php"); ?>
<?php include("includes/finalize.php"); ?>
wget 'https://sme10.lists2.roe3.org/admsnippets/logout.php'<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
?>
<?php define("ADMSNIPPET", null); ?>
<?php include("config.php"); ?>
<?php include("includes/setup.php"); ?>
<?php
$redirect = null;
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['redirect']) && strlen($_POST['redirect']) > 0 && $_POST['redirect'][0] == "/" && (strlen($_POST['redirect']) == 1 || $_POST['redirect'][1] != "/")) {
$redirect = $_POST['redirect'];
} elseif (isset($_GET['redirect']) && strlen($_GET['redirect']) > 0 && $_GET['redirect'][0] == "/" && (strlen($_GET['redirect']) == 1 || $_GET['redirect'][1] != "/")) {
$redirect = $_GET['redirect'];
}
if ($user == -1) {
header('Location: ' . ($redirect ? $redirect : APP_ROOT));
http_response_code(302);
include("includes/finalize.php");
exit;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST['csrf']) && $_POST['csrf'] == $csrf_token) {
unset($_SESSION['user']);
}
header('Location: ' . ($redirect ? $redirect : APP_ROOT));
http_response_code(302);
include("includes/finalize.php");
exit;
}
http_response_code(405);
$page_title = "Invalid method";
$page_description = "Invalid method was used while attempting to log out.";
?>
<?php include("includes/header.php"); ?>
<main class="page">
<div class="container">
<h1>Invalid method</h1>
<p>Invalid method was used while attempting to log out.</p>
</div>
</main>
<?php include("includes/footer.php"); ?>
<?php include("includes/finalize.php"); ?>
wget 'https://sme10.lists2.roe3.org/admsnippets/privacy.php'<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
?>
<?php define("ADMSNIPPET", null); ?>
<?php include("config.php"); ?>
<?php include("includes/setup.php"); ?>
<?php
$page_title = "Privacy Policy";
$page_description = "Read on our privacy policy on how we collect, use, and protect your data.";
?>
<?php include("includes/header.php"); ?>
<main class="page">
<div class="container">
<h1>Privacy Policy</h1>
<p>Effective date: September 28, 2024</p>
<h2>1. Introduction</h2>
<p>Welcome to <b>AdmSnippet</b>.</p>
<p><b>AdmSnippet</b> (“us”, “we”, or “our”) operates <b>www.admsnippet.com</b> (hereinafter referred to as <b>“Service”</b>).</p>
<p>Our Privacy Policy governs your visit to <b>www.admsnippet.com</b>, and explains how we collect, safeguard and disclose information that results from your use of our Service.</p>
<p>We use your data to provide and improve Service. By using Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.</p>
<p>Our Terms and Conditions (<b>“Terms”</b>) govern all use of our Service and together with the Privacy Policy constitutes your agreement with us (<b>“agreement”</b>).</p>
<h2>2. Definitions</h2>
<ul>
<li><b>SERVICE</b> means the www.admsnippet.com website operated by AdmSnippet.</li>
<li><b>PERSONAL DATA</b> means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).</li>
<li><b>USAGE DATA</b> is data collected automatically either generated by the use of Service or from Service infrastructure itself (for example, the duration of a page visit).</li>
<li><b>COOKIES</b> are small files stored on your device (computer or mobile device).</li>
<li><b>DATA CONTROLLER</b> means a natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your data.</li>
<li><b>DATA PROCESSORS (OR SERVICE PROVIDERS)</b> means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.</li>
<li><b>DATA SUBJECT</b> is any living individual who is the subject of Personal Data.</li>
<li><b>THE USER</b> is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data.</li>
</ul>
<h2>3. Information Collection and Use</h2>
<p>We collect several different types of information for various purposes to provide and improve our Service to you.</p>
<h2>4. Types of Data Collected</h2>
<h3>Usage Data</h3>
<p>We may collect information that your browser sends whenever you visit our Service or when you access Service by or through any device (<b>“Usage Data”</b>).</p>
<p>This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.</p>
<p>When you access Service with a device, this Usage Data may include information such as the type of device you use, your device unique ID, the IP address of your device, your device operating system, the type of Internet browser you use, unique device identifiers and other diagnostic data.</p>
<h3>Tracking Cookies Data</h3>
<p>We use cookies and similar tracking technologies to track the activity on our Service and we hold certain information.</p>
<p>Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyze our Service.</p>
<p>You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.</p>
<p>Examples of Cookies we use:</p>
<ol>
<li><b>Session Cookies:</b> We use Session Cookies to operate our Service.</li>
<li><b>Security Cookies:</b> We use Security Cookies for security purposes.</li>
</ol>
<h2>5. Use of Data</h2>
<p>AdmSnippet uses the collected data for various purposes:</p>
<ol>
<li>to provide and maintain our Service;</li>
<li>to notify you about changes to our Service;</li>
<li>to allow you to participate in interactive features of our Service when you choose to do so;</li>
<li>to provide customer support;</li>
<li>to gather analysis or valuable information so that we can improve our Service;</li>
<li>to monitor the usage of our Service;</li>
<li>to detect, prevent and address technical issues;</li>
<li>to fulfil any other purpose for which you provide it;</li>
<li>to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;</li>
<li>to provide you with notices about your account and/or subscription, including expiration and renewal notices, email-instructions, etc.;</li>
<li>to provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information;</li>
<li>in any other way we may describe when you provide the information;</li>
<li>for any other purpose with your consent.</li>
</ol>
<h2>6. Retention of Data</h2>
<p>We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.</p>
<p>We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.</p>
<h2>7. Transfer of Data</h2>
<p>Your information, including Personal Data, may be transferred to – and maintained on – computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.</p>
<p>If you are located outside Poland and choose to provide information to us, please note that we transfer the data, including Personal Data, to Poland and process it there.</p>
<p>Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.</p>
<p>AdmSnippet will take all the steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organisation or a country unless there are adequate controls in place including the security of your data and other personal information.</p>
<h2>8. Disclosure of Data</h2>
<p>We may disclose personal information that we collect, or you provide:</p>
<ol>
<li><b>Business Transaction.</b></li>
<p>If we or our subsidiaries are involved in a merger, acquisition or asset sale, your Personal Data may be transferred.</p>
<li><b>Other cases. We may disclose your information also:</b></li>
<ol>
<li>to our subsidiaries and affiliates;</li>
<li>to contractors, service providers, and other third parties we use to support our business;</li>
<li>to fulfill the purpose for which you provide it;</li>
<li>for the purpose of including your company’s logo on our website;</li>
<li>for any other purpose disclosed by us when you provide the information;</li>
<li>with your consent in any other cases;</li>
<li>if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the Company, our customers, or others.</li>
</ol>
</ol>
<h2>9. Security of Data</h2>
<p>The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.</p>
<h2>10. Your Data Protection Rights Under General Data Protection Regulation (GDPR)</h2>
<p>If you are a resident of the European Union (EU) and European Economic Area (EEA), you have certain data protection rights, covered by GDPR.</p>
<p>We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.</p>
<p>If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please email us at <b>niemiecdorian2008.backup@gmail.com</b>.</p>
<p>In certain circumstances, you have the following data protection rights:</p>
<ol>
<li>the right to access, update or to delete the information we have on you;</li>
<li>the right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete;</li>
<li>the right to object. You have the right to object to our processing of your Personal Data;</li>
<li>the right of restriction. You have the right to request that we restrict the processing of your personal information;</li>
<li>the right to data portability. You have the right to be provided with a copy of your Personal Data in a structured, machine-readable and commonly used format;</li>
<li>the right to withdraw consent. You also have the right to withdraw your consent at any time where we rely on your consent to process your personal information;</li>
</ol>
<p>Please note that we may ask you to verify your identity before responding to such requests. Please note, we may not able to provide Service without some necessary data.</p>
<p>You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).</p>
<h2>11. Your Data Protection Rights Under the California Privacy Protection Act (CalOPPA)</h2>
<p>CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States (and conceivable the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy.</p>
<p>According to CalOPPA we agree to the following:</p>
<ol>
<li>users can visit our site anonymously;</li>
<li>our Privacy Policy link includes the word “Privacy”, and can easily be found on the home page of our website;</li>
<li>users will be notified of any privacy policy changes on our Privacy Policy Page;</li>
<li>users are able to change their personal information by emailing us at <b>niemiecdorian2008.backup@gmail.com</b>.</li>
</ol>
<h2>12. Your Data Protection Rights Under the California Consumer Privacy Act (CCPA)</h2>
<p>If you are a California resident, you are entitled to learn what data we collect about you, ask to delete your data and not to sell (share) it. To exercise your data protection rights, you can make certain requests and ask us:</p>
<p><b>0.1. What personal information we have about you. If you make this request, we will return to you:</b></p>
<ol>
<li>The categories of personal information we have collected about you.</li>
<li>The categories of sources from which we collect your personal information.</li>
<li>The business or commercial purpose for collecting or selling your personal information.</li>
<li>The categories of third parties with whom we share personal information.</li>
<li>The specific pieces of personal information we have collected about you.</li>
<li>A list of categories of personal information that we have sold, along with the category of any other company we sold it to. If we have not sold your personal information, we will inform you of that fact.</li>
<li>A list of categories of personal information that we have disclosed for a business purpose, along with the category of any other company we shared it with.</li>
</ol>
<p>Please note, you are entitled to ask us to provide you with this information up to two times in a rolling twelve-month period. When you make this request, the information provided may be limited to the personal information we collected about you in the previous 12 months.</p>
<ol>
<li><b>To delete your personal information. If you make this request, we will delete the personal information we hold about you as of the date of your request from our records and direct any service providers to do the same. In some cases, deletion may be accomplished through de-identification of the information. If you choose to delete your personal information, you may not be able to use certain functions that require your personal information to operate.</b></li>
<li><b>To stop selling your personal information. We don’t sell or rent your personal information to any third parties for any purpose. We do not sell your personal information for monetary consideration. However, under some circumstances, a transfer of personal information to a third party, or within our family of companies, without monetary consideration may be considered a “sale” under California law. You are the only owner of your Personal Data and can request disclosure or deletion at any time.</b></li>
</ol>
<p>If you submit a request to stop selling your personal information, we will stop making such transfers.</p>
<p>Please note, if you ask us to delete or stop selling your data, it may impact your experience with us, and you may not be able to participate in certain programs or membership services which require the usage of your personal information to function. But in no circumstances, we will discriminate against you for exercising your rights.</p>
<p>To exercise your California data protection rights described above, please send your request(s) by email: <b>niemiecdorian2008.backup@gmail.com</b>.</p>
<p>Your data protection rights, described above, are covered by the CCPA, short for the California Consumer Privacy Act. To find out more, visit the official California Legislative Information website. The CCPA took effect on 01/01/2020.</p>
<h2>13. Service Providers</h2>
<p>We may employ third party companies and individuals to facilitate our Service (<b>“Service Providers”</b>), provide Service on our behalf, perform Service-related services or assist us in analysing how our Service is used.</p>
<p>These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.</p>
<h2>14. Analytics</h2>
<p>We may use third-party Service Providers to monitor and analyze the use of our Service.</p>
<h2>15. Behavioral Remarketing</h2>
<p>We may use remarketing services to advertise on third party websites to you after you visited our Service. We and our third-party vendors use cookies to inform, optimise and serve ads based on your past visits to our Service.</p>
<h2>16. Links to Other Sites</h2>
<p>Our Service may contain links to other sites that are not operated by us. If you click a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.</p>
<p>We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.</p>
<p>For example, the outlined <a href="https://policymaker.io/privacy-policy/">privacy policy</a> has been made using <a href="https://policymaker.io/">PolicyMaker.io</a>, a free tool that helps create high-quality legal documents. PolicyMaker’s <a href="https://policymaker.io/privacy-policy/">privacy policy generator</a> is an easy-to-use tool for creating a <a href="https://policymaker.io/blog-privacy-policy/">privacy policy for blog</a>, website, e-commerce store or mobile app.</p>
<h2>17. Changes to This Privacy Policy</h2>
<p>We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.</p>
<p>We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update “effective date” at the top of this Privacy Policy.</p>
<p>You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.</p>
<h2>18. Contact Us</h2>
<p>If you have any questions about this Privacy Policy, please contact us by email: <b>niemiecdorian2008.backup@gmail.com</b>.</p>
</div>
</main>
<?php include("includes/footer.php"); ?>
<?php include("includes/finalize.php"); ?>
wget 'https://sme10.lists2.roe3.org/admsnippets/raw.php'<?php define("ADMSNIPPET", null); ?>
<?php include("config.php"); ?>
<?php include("includes/setup.php"); ?>
<?php
$snippetid = 0;
$badrequest = false;
$queryerror = false;
$entry = null;
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
$badrequest = true;
} else {
$snippetid = intval($_GET['id']);
$entrystmt = mysqli_prepare($db, 'SELECT snippet FROM snippets WHERE id = ?');
if ($entrystmt) {
mysqli_stmt_bind_param($entrystmt, 'i', $snippetid);
mysqli_stmt_execute($entrystmt);
$entryresult = mysqli_stmt_get_result($entrystmt);
if ($entryresult) {
$result = mysqli_fetch_assoc($entryresult);
mysqli_stmt_close($entrystmt);
} else {
mysqli_stmt_close($entrystmt);
$queryerror = true;
}
} else {
$queryerror = true;
}
}
header('Content-Type: text/plain; charset=utf-8');
if ($badrequest) {
http_response_code(400);
echo "Invalid snippet";
} elseif ($queryerror) {
http_response_code(500);
echo "Problem with retrieving the snippet";
} elseif (!$result) {
http_response_code(404);
echo "Snippet not found";
} else {
echo $result['snippet'];
}
?>
<?php include("includes/finalize.php"); ?>
wget 'https://sme10.lists2.roe3.org/admsnippets/register.php'<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
?>
<?php define("ADMSNIPPET", null); ?>
<?php include("config.php"); ?>
<?php include("includes/setup.php"); ?>
<?php
$redirect = null;
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['redirect']) && strlen($_POST['redirect']) > 0 && $_POST['redirect'][0] == "/" && (strlen($_POST['redirect']) == 1 || $_POST['redirect'][1] != "/")) {
$redirect = $_POST['redirect'];
} elseif (isset($_GET['redirect']) && strlen($_GET['redirect']) > 0 && $_GET['redirect'][0] == "/" && (strlen($_GET['redirect']) == 1 || $_GET['redirect'][1] != "/")) {
$redirect = $_GET['redirect'];
}
if ($user != -1) {
header('Location: ' . ($redirect ? $redirect : APP_ROOT));
http_response_code(302);
include("includes/finalize.php");
exit;
}
$question = null;
if (!isset($_SESSION['captcha']) || !isset(CAPTCHA_QUESTIONS[$_SESSION['captcha']])) {
$question = array_rand(CAPTCHA_QUESTIONS);
$_SESSION['captcha'] = $question;
} else {
$question = $_SESSION['captcha'];
}
$answers = CAPTCHA_QUESTIONS[$question];
$error_message = null;
$page_title = "Register";
$page_description = "Register in AdmSnippet to upload snippets and vote.";
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!isset($_POST['csrf']) || $_POST['csrf'] != $csrf_token) {
$error_message = "Potential CSRF attack detected.";
} elseif (!isset($_POST['user'], $_POST['pass'], $_POST['pass2'], $_POST['captcha']) || !$_POST['user'] || !$_POST['pass'] || !$_POST['pass2'] || !$_POST['captcha']) {
$error_message = "You need to input username/password and answer the CAPTCHA.";
} elseif ($_POST['pass'] != $_POST['pass2']) {
$error_message = "Passwords don't match.";
} elseif (!preg_match('/^[A-Za-z0-9]+$/', $_POST['user'])) {
$error_message = "Username must consist only of alphanumeric characters.";
} else {
$captcha_valid = false;
if (is_array($answers)) {
foreach ($answers as $answer) {
if (strcasecmp($answer, trim($_POST['captcha'])) == 0) {
$captcha_valid = true;
break;
}
}
} else {
if (strcasecmp($answers, trim($_POST['captcha'])) == 0) {
$captcha_valid = true;
}
}
if ($captcha_valid) {
$hashed_password = password_hash($_POST['pass'], PASSWORD_DEFAULT);
$stmt = mysqli_prepare($db, 'SELECT * FROM users WHERE name = ?');
if ($stmt) {
mysqli_stmt_bind_param($stmt, 's', $_POST['user']);
mysqli_stmt_execute($stmt);
mysqli_stmt_store_result($stmt);
$userexists = intval(mysqli_stmt_num_rows($stmt));
mysqli_stmt_close($stmt);
if (!$userexists) {
$stmt2 = mysqli_prepare($db, 'INSERT INTO users (name, password, joined, is_admin) VALUES (?, ?, NOW(), 0);');
if ($stmt2) {
mysqli_stmt_bind_param($stmt2, 'ss', $_POST['user'], $hashed_password);
mysqli_stmt_execute($stmt2);
$insert_id = mysqli_stmt_insert_id($stmt2);
mysqli_stmt_close($stmt2);
if ($insert_id) {
$_SESSION['user'] = $insert_id;
header('Location: ' . ($redirect ? $redirect : APP_ROOT));
http_response_code(302);
include("includes/finalize.php");
exit;
} else {
$error_message = 'An error has occurred during the registration.';
}
} else {
$error_message = 'An error has occurred during the registration.';
}
} else {
// Prevent user enumeration
$error_message = 'An error has occurred during the registration.';
}
} else {
$error_message = 'An error has occurred during the registration.';
}
} else {
// Change the CAPTCHA question
$question = array_rand(CAPTCHA_QUESTIONS);
$_SESSION['captcha'] = $question;
$answers = CAPTCHA_QUESTIONS[$question];
$error_message = 'Wrong CAPTCHA answer.';
}
}
}
?>
<?php include("includes/header.php"); ?>
<main class="page">
<div class="container">
<h1>Register</h1>
<form action="<?php echo htmlspecialchars(APP_ROOT); ?>register.php" method="post" class="form-visible">
<div class="form-element">
<label for="user">Username:</label>
<input type="text" name="user" id="user" required maxlength="255" pattern="[A-Za-z0-9]+">
</div>
<div class="form-element">
<label for="pass">Password:</label>
<input type="password" name="pass" id="pass" required>
</div>
<div class="form-element">
<label for="pass2">Confirm password:</label>
<input type="password" name="pass2" id="pass2" required>
</div>
<div class="form-captcha">
<label for="captcha"><?php echo htmlspecialchars($question); ?></label>
<input type="text" name="captcha" id="captcha" required>
</div>
<?php
if ($redirect) {
echo '<input type="hidden" name="redirect" value="' . htmlspecialchars($redirect) . '">';
}
?>
<?php
if ($error_message) {
echo '<p class="form-error">' . htmlspecialchars($error_message) . '</p>';
}
?>
<p>Already have an account? <a href="<?php echo htmlspecialchars(APP_ROOT); ?>login.php<?php echo htmlspecialchars($redirect ? '?redirect=' . urlencode($redirect) : '') ?>">Log into AdmSnippet.</a></p>
<input type="hidden" name="csrf" value="<?php echo htmlspecialchars($csrf_token); ?>">
<input type="submit" value="Register" class="button">
</form>
</div>
</main>
<?php include("includes/footer.php"); ?>
<?php include("includes/finalize.php"); ?>
wget 'https://sme10.lists2.roe3.org/admsnippets/robots.txt'User-agent: *
Disallow: /admin/
Disallow: /changepassword.php
Disallow: /config.php
Disallow: /delete.php
Disallow: /deletemyaccount.php
Disallow: /edit.php
Disallow: /includes/
Disallow: /login.php
Disallow: /logout.php
Disallow: /register.php
Disallow: /search.php
Disallow: /submit.php
Disallow: /vote.phpwget 'https://sme10.lists2.roe3.org/admsnippets/search.php'<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
?>
<?php define("ADMSNIPPET", null); ?>
<?php include("config.php"); ?>
<?php include("includes/setup.php"); ?>
<?php
$userid = 0;
$page_number = 1;
if (isset($_GET['page']) && is_numeric($_GET['page'])) {
$page_number = intval($_GET['page']);
}
$query = '';
if (isset($_GET['q'])) {
$query = $_GET['q'];
}
$categoryid = -1;
if (isset($_GET['category']) && is_numeric($_GET['category'])) {
$categoryid = intval($_GET['category']);
if ($categoryid < 0) $categoryid = -1;
}
$page_title = $categoryid > -1 ? "Category search" : "Search";
$page_description = "Search various snippets on AdmSnippet";
?>
<?php include("includes/header.php"); ?>
<main class="page">
<div class="container">
<h1><?php echo $categoryid > -1 ? "Category search" : "Search"; ?></h1>
<form class="search-form" action="<?php echo htmlspecialchars(APP_ROOT); ?>search.php">
<input type="text" name="q" class="search-input">
<input type="submit" value="Search" class="search-button">
<?php
if ($categoryid > -1) {
echo '<input type="hidden" name="category" value="' . htmlspecialchars($categoryid) . '">';
}
?>
</form>
<?php
if ($query) {
echo '<div class="entries-outside">';
$querylike = '%' . str_replace(array('!','%','_','['), array('!!','!%','!_', '!['), $query) . '%';
$entries = null;
$entrystmt = mysqli_prepare($db, 'SELECT snippets.id AS "id",
snippets.title AS "name",
snippets.category_id AS "category_id",
categories.name AS "category",
snippets.user_id AS "user_id",
users.name AS "user",
snippets.date AS "date",
snippets.description AS "description",
(SELECT COUNT(*) FROM votes WHERE votes.snippet_id = snippets.id AND votes.is_downvote = 0)
- (SELECT COUNT(*) FROM votes WHERE votes.snippet_id = snippets.id AND votes.is_downvote = 1) AS "votes",
IFNULL((SELECT (is_downvote = 0) FROM votes WHERE votes.snippet_id = snippets.id AND votes.user_id = ? AND votes.user_id <> -1 AND is_downvote = 0), 0) AS "upvoted",
IFNULL((SELECT (is_downvote = 1) FROM votes WHERE votes.snippet_id = snippets.id AND votes.user_id = ? AND votes.user_id <> -1 AND is_downvote = 1), 0) AS "downvoted",
MATCH (snippets.title, snippets.description) AGAINST (? IN NATURAL LANGUAGE MODE) AS "score"
FROM snippets
INNER JOIN categories
ON snippets.category_id = categories.id
INNER JOIN users
ON snippets.user_id = users.id
HAVING (score > 0
OR snippets.title LIKE ?
OR snippets.description LIKE ?)
AND (snippets.category_id = ?
OR ? = -1)
ORDER BY (votes / 5) - ((UNIX_TIMESTAMP(NOW()) - UNIX_TIMESTAMP(snippets.date)) / 86400)
DESC, score DESC
LIMIT ' . strval(max(intval($page_number) - 1, 0) * 10) . ', 10;');
if ($entrystmt) {
mysqli_stmt_bind_param($entrystmt, 'iisssii', $user, $user, $query, $querylike, $querylike, $categoryid, $categoryid);
mysqli_stmt_execute($entrystmt);
$entries = mysqli_stmt_get_result($entrystmt);
}
if ($entries) {
$entries_present = false;
while ($entry = mysqli_fetch_assoc($entries)) {
$entries_present = true;
echo '<div class="entry-outside">
<div class="entry-votes">
<form action="' . htmlspecialchars(APP_ROOT) . 'vote.php" method="post">
<input type="submit" value="▲" class="entry-vote-button' . ($entry['upvoted'] ? ' entry-vote-active' : '') . '" title="Upvote">
<input type="hidden" name="action" value="' . (!$entry['upvoted'] ? 'up' : 'reset') . '">
<input type="hidden" name="id" value="' . htmlspecialchars($entry['id']) . '">
<input type="hidden" name="redirect" value="' . htmlspecialchars($_SERVER['REQUEST_URI']) . '">
<input type="hidden" name="csrf" value="' . htmlspecialchars($csrf_token) . '">
</form>
<span class="entry-vote-count">' . htmlspecialchars($entry['votes']) . '</span>
<form action="' . htmlspecialchars(APP_ROOT) . 'vote.php" method="post">
<input type="submit" value="▼" class="entry-vote-button' . ($entry['downvoted'] ? ' entry-vote-active' : '') . '" title="Downvote">
<input type="hidden" name="action" value="' . (!$entry['downvoted'] ? 'down' : 'reset') . '">
<input type="hidden" name="id" value="' . htmlspecialchars($entry['id']) . '">
<input type="hidden" name="redirect" value="' . htmlspecialchars($_SERVER['REQUEST_URI']) . '">
<input type="hidden" name="csrf" value="' . htmlspecialchars($csrf_token) . '">
</form>
</div>
<div class="entry-body">
' . ($entry['user_id'] == $user ? '<form action="' . htmlspecialchars(APP_ROOT) . 'delete.php" method="post" class="entry-action">
<input type="submit" value="Delete" class="button">
<input type="hidden" name="id" value="' . htmlspecialchars($entry['id']) . '">
<input type="hidden" name="csrf" value="' . htmlspecialchars($csrf_token) . '">
</form><form action="' . htmlspecialchars(APP_ROOT) . 'edit.php" class="entry-action">
<input type="submit" value="Edit" class="button">
<input type="hidden" name="id" value="' . htmlspecialchars($entry['id']) . '">
</form>' : '') . '
<h3><a href="' . htmlspecialchars(APP_ROOT) . 'snippet.php?id=' . htmlspecialchars($entry['id']) . '">' . htmlspecialchars($entry['name']) . '</a></h3>
<p><a href="' . htmlspecialchars(APP_ROOT) . 'category.php?id=' . htmlspecialchars($entry['category_id']) . '">' . htmlspecialchars($entry['category']) . '</a> |
by <a href="' . htmlspecialchars(APP_ROOT) . 'user.php?id=' . htmlspecialchars($entry['user_id']) . '">' . htmlspecialchars($entry['user']) . '</a> |
submitted in ' . htmlspecialchars(date('F j, Y', strtotime($entry['date']))) . '</p>
<p>' . htmlspecialchars($entry['description']) . '</p>
</div>
</div>';
}
if (!$entries_present) echo "<p>No snippets found matching the <b>“" . htmlspecialchars($query) . "”</b> query.</p>
<ul>
<li>Check your search query</li>
<li>Try searching different keywords</li>
<li>Try replacing some keywords with more general ones</li>
" . ($categoryid > -1 ? '<li>Try using <a href="' . htmlentities(APP_ROOT) . 'search.php?q=' . htmlentities(urlencode($query)) . '">general search.</a></li>': '') . "
</ul>";
mysqli_stmt_close($entrystmt);
} else {
if ($entrystmt) mysqli_stmt_close($entrystmt);
echo "<p>An error has occurred when searching snippets!</p>";
}
echo '</div>';
$qtystmt = mysqli_prepare($db, 'SELECT * FROM snippets
WHERE (MATCH (snippets.title, snippets.description) AGAINST (? IN NATURAL LANGUAGE MODE)
OR snippets.title LIKE ?
OR snippets.description LIKE ?)
AND (snippets.category_id = ?
OR ? = -1);');
if ($qtystmt) {
mysqli_stmt_bind_param($qtystmt, 'sssii', $query, $querylike, $querylike, $categoryid, $categoryid);
mysqli_stmt_execute($qtystmt);
mysqli_stmt_store_result($qtystmt);
$qty = intval(mysqli_stmt_num_rows($qtystmt));
$maxpages = ceil($qty / 10);
$page_beg = $page_number - 2;
$page_end = $page_number + 2;
if ($page_end > $maxpages) {
$page_beg -= $page_end - $maxpages;
$page_end = $maxpages;
}
if ($page_beg < 1) {
$page_end += 1 - $page_beg;
$page_beg = 1;
}
if ($maxpages > 1) {
echo '<div class="pagination">';
if ($page_number > 1) {
echo '<a href="' . htmlspecialchars(APP_ROOT) . 'explore.php?page=' . htmlspecialchars($page_number - 1) . '">‹</a>';
}
for ($i = 0; $i < 5 && $i < $maxpages; $i++) {
$curpageno = $page_beg + $i;
if ($curpageno == $page_number) {
echo '<span class="pagination-active">' . htmlspecialchars($curpageno) . '</span>';
} else {
echo '<a href="' . htmlspecialchars(APP_ROOT) . 'explore.php?page=' . htmlspecialchars($curpageno) . '">' . htmlspecialchars($curpageno) . '</a>';
}
}
if ($page_number < $maxpages) {
echo '<a href="' . htmlspecialchars(APP_ROOT) . 'explore.php?page=' . htmlspecialchars($page_number + 1) . '">›</a>';
}
echo '</div>';
}
}
} else {
echo '<br>';
}
?>
</div>
</main>
<?php include("includes/footer.php"); ?>
<?php include("includes/finalize.php"); ?>
wget 'https://sme10.lists2.roe3.org/admsnippets/snippet.php'<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
?>
<?php define("ADMSNIPPET", null); ?>
<?php include("config.php"); ?>
<?php include("includes/setup.php"); ?>
<?php
$snippetid = 0;
$badrequest = false;
$queryerror = false;
$entry = null;
$result = null;
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
$badrequest = true;
} else {
$snippetid = intval($_GET['id']);
$entrystmt = mysqli_prepare($db, 'SELECT snippets.id AS "id",
snippets.title AS "name",
snippets.category_id AS "category_id",
categories.name AS "category",
snippets.user_id AS "user_id",
users.name AS "user",
snippets.date AS "date",
snippets.description AS "description",
snippets.snippet AS "snippet",
(SELECT COUNT(*) FROM votes WHERE votes.snippet_id = snippets.id AND votes.is_downvote = 0)
- (SELECT COUNT(*) FROM votes WHERE votes.snippet_id = snippets.id AND votes.is_downvote = 1) AS "votes",
IFNULL((SELECT (is_downvote = 0) FROM votes WHERE votes.snippet_id = snippets.id AND votes.user_id = ? AND votes.user_id <> -1 AND is_downvote = 0), 0) AS "upvoted",
IFNULL((SELECT (is_downvote = 1) FROM votes WHERE votes.snippet_id = snippets.id AND votes.user_id = ? AND votes.user_id <> -1 AND is_downvote = 1), 0) AS "downvoted"
FROM snippets
INNER JOIN categories
ON snippets.category_id = categories.id
INNER JOIN users
ON snippets.user_id = users.id
WHERE snippets.id = ?');
if ($entrystmt) {
mysqli_stmt_bind_param($entrystmt, 'iii', $user, $user, $snippetid);
mysqli_stmt_execute($entrystmt);
$entryresult = mysqli_stmt_get_result($entrystmt);
if ($entryresult) {
$result = mysqli_fetch_assoc($entryresult);
mysqli_stmt_close($entrystmt);
} else {
mysqli_stmt_close($entrystmt);
$queryerror = true;
}
} else {
$queryerror = true;
}
}
if ($badrequest) {
http_response_code(400);
$page_title = "Invalid snippet";
$page_description = "The client tried to access an invalid snippet.";
} elseif ($queryerror) {
http_response_code(500);
$page_title = "Problem with retrieving the snippet";
$page_description = "An error occurred when retrieving the snippet.";
} elseif (!$result) {
http_response_code(404);
$page_title = "Snippet not found";
$page_description = "The snippet doesn't currently exist.";
} else {
$page_title = $result['name'];
$page_description = $result['description'] ? $result['description'] : ("View the " . $result['name'] . " snippet.");
}
?>
<?php include("includes/header.php"); ?>
<main class="page">
<div class="container">
<?php
if ($badrequest) {
echo '<h1>Invalid snippet</h1>
<p>The snippet URL is invalid.</p>';
} elseif ($queryerror) {
echo '<h1>Problem with retrieving the snippet</h1>
<p>An error occurred when retrieving the snippet.</p>';
} elseif (!$result) {
echo '<h1>Snippet not found</h1>
<p>The snippet doesn\'t currently exist.</p>';
} else {
echo '<div class="entries-inside">
<div class="entry-outside">
<div class="entry-votes">
<form action="' . htmlspecialchars(APP_ROOT) . 'vote.php" method="post">
<input type="submit" value="▲" class="entry-vote-button' . ($result['upvoted'] ? ' entry-vote-active' : '') . '" title="Upvote">
<input type="hidden" name="action" value="' . (!$result['upvoted'] ? 'up' : 'reset') . '">
<input type="hidden" name="id" value="' . htmlspecialchars($result['id']) . '">
<input type="hidden" name="redirect" value="' . htmlspecialchars($_SERVER['REQUEST_URI']) . '">
<input type="hidden" name="csrf" value="' . htmlspecialchars($csrf_token) . '">
</form>
<span class="entry-vote-count">' . htmlspecialchars($result['votes']) . '</span>
<form action="' . htmlspecialchars(APP_ROOT) . 'vote.php" method="post">
<input type="submit" value="▼" class="entry-vote-button' . ($result['downvoted'] ? ' entry-vote-active' : '') . '" title="Downvote">
<input type="hidden" name="action" value="' . (!$result['downvoted'] ? 'down' : 'reset') . '">
<input type="hidden" name="id" value="' . htmlspecialchars($result['id']) . '">
<input type="hidden" name="redirect" value="' . htmlspecialchars($_SERVER['REQUEST_URI']) . '">
<input type="hidden" name="csrf" value="' . htmlspecialchars($csrf_token) . '">
</form>
</div>
<div class="entry-body">
<h1>' . htmlspecialchars($result['name']) . '</h1>
<p><a href="' . htmlspecialchars(APP_ROOT) . 'category.php?id=' . htmlspecialchars($result['category_id']) . '">' . htmlspecialchars($result['category']) . '</a> |
by <a href="' . htmlspecialchars(APP_ROOT) . 'user.php?id=' . htmlspecialchars($result['user_id']) . '">' . htmlspecialchars($result['user']) . '</a> |
submitted in ' . htmlspecialchars(date('F j, Y', strtotime($result['date']))) . '</p>
<p>' . htmlspecialchars($result['description']) . '</p>
<div class="button-row">
<a href="' . htmlspecialchars(APP_ROOT) . 'raw.php?id=' . htmlspecialchars($result['id']) . '" class="button">View raw</a>' .
($result['user_id'] == $user ? '<form action="' . htmlspecialchars(APP_ROOT) . 'delete.php" method="post">
<input type="submit" value="Delete" class="button">
<input type="hidden" name="id" value="' . htmlspecialchars($result['id']) . '">
<input type="hidden" name="csrf" value="' . htmlspecialchars($csrf_token) . '">
</form><form action="' . htmlspecialchars(APP_ROOT) . 'edit.php">
<input type="submit" value="Edit" class="button">
<input type="hidden" name="id" value="' . htmlspecialchars($result['id']) . '">
</form>' : "" ) . '
</div>
</div>
</div>
</div>
<pre class="entry-contents">' . htmlspecialchars($result['snippet']) . '</pre>';
}
?>
</div>
</main>
<?php include("includes/footer.php"); ?>
<?php include("includes/finalize.php"); ?>
wget 'https://sme10.lists2.roe3.org/admsnippets/submit.php'<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
?>
<?php define("ADMSNIPPET", null); ?>
<?php include("config.php"); ?>
<?php include("includes/setup.php"); ?>
<?php
if ($user == -1) {
header('Location: ' . (APP_ROOT . 'login.php?redirect=' . urlencode(APP_ROOT . 'submit.php')));
http_response_code(302);
include("includes/finalize.php");
exit;
}
$error_message = null;
$page_title = "Submit";
$page_description = "Submit your snippet to AdmSnippet to help server administrators.";
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!isset($_POST['csrf']) || $_POST['csrf'] != $csrf_token) {
$error_message = "Potential CSRF attack detected.";
} elseif (!isset($_POST['title'], $_POST['desc'], $_POST['content'], $_POST['category']) || !$_POST['title'] || !$_POST['desc'] || !$_POST['content'] || !is_numeric($_POST['category'])) {
$error_message = "You need to input the title, description and contents, and select the category.";
} else {
$categoryid = intval($_POST['category']);
$categorystmt = mysqli_prepare($db, 'SELECT * FROM categories WHERE id = ?;');
if ($categorystmt) {
mysqli_stmt_bind_param($categorystmt, 'i', $categoryid);
mysqli_stmt_execute($categorystmt);
mysqli_stmt_store_result($categorystmt);
$categoryexists = intval(mysqli_stmt_num_rows($categorystmt)) > 0;
mysqli_stmt_close($categorystmt);
if ($categoryexists) {
$stmt = mysqli_prepare($db, 'INSERT INTO snippets (category_id, user_id, title, date, description, snippet) VALUES (?, ?, ?, NOW(), ?, ?);');
if ($stmt) {
mysqli_stmt_bind_param($stmt, 'iisss', $categoryid, $user, $_POST['title'], $_POST['desc'], $_POST['content']);
mysqli_stmt_execute($stmt);
$insert_id = mysqli_stmt_insert_id($stmt);
mysqli_stmt_close($stmt);
if ($insert_id) {
header('Location: ' . (APP_ROOT . 'snippet.php?id=' . urlencode($insert_id)));
http_response_code(302);
include("includes/finalize.php");
exit;
} else {
$error_message = 'An internal server error has occurred during the submission.';
}
} else {
$error_message = 'An internal server error has occurred during the submission.';
}
} else {
$error_message = 'The category for the snippet doesn\'t exist.';
}
} else {
$error_message = 'An internal server error has occurred during the submission.';
}
}
}
?>
<?php include("includes/header.php"); ?>
<main class="page">
<div class="container">
<h1>Submit</h1>
<form action="<?php echo htmlspecialchars(APP_ROOT); ?>submit.php" method="post" class="form-visible">
<div class="form-element">
<label for="title">Title:</label>
<input type="text" name="title" id="title" required maxlength="255">
</div>
<div class="form-element">
<label for="category">Category:</label>
<select name="category" id="category">
<?php
$categories = mysqli_query($db, 'SELECT id, name FROM categories ORDER BY id;');
if ($categories) {
while ($category = mysqli_fetch_assoc($categories)) {
echo '<option value="' . htmlspecialchars($category['id']) . '">' . htmlspecialchars($category['name']) . '</option>';
}
}
?>
</select>
</div>
<div class="form-element form-full">
<label for="desc">Description:</label>
<input type="text" name="desc" id="desc" maxlength="8191">
</div>
<div class="form-element">
<label for="content">Content:</label>
<textarea name="content" id="content" class="form-code-textbox" required></textarea>
</div>
<?php
if ($error_message) {
echo '<p class="form-error">' . htmlspecialchars($error_message) . '</p>';
}
?>
<input type="hidden" name="csrf" value="<?php echo htmlspecialchars($csrf_token); ?>">
<input type="submit" value="Submit" class="button">
</form>
</div>
</main>
<?php include("includes/footer.php"); ?>
<?php include("includes/finalize.php"); ?>
wget 'https://sme10.lists2.roe3.org/admsnippets/tos.php'<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
?>
<?php define("ADMSNIPPET", null); ?>
<?php include("config.php"); ?>
<?php include("includes/setup.php"); ?>
<?php
$page_title = "Terms and Conditions";
$page_description = "Understand your rights and responsibilities when using AdmSnippet. Our Terms and Conditions page show you condition for using our website, ensuring a fair experience for all users.";
?>
<?php include("includes/header.php"); ?>
<main class="page">
<div class="container">
<h1>Terms and Conditions</h1>
<p>Last updated: September 28, 2024</p>
<h2>1. Introduction</h2>
<p>Welcome to <b>AdmSnippet</b> (“Company”, “we”, “our”, “us”)!</p>
<p>These Terms of Service (“Terms”, “Terms of Service”) govern your use of our website located at <b>www.admsnippet.com</b> (together or individually “Service”) operated by <b>AdmSnippet</b>.</p>
<p>AdmSnippet is a database of user-submitted server administration scripts and configuration files, which allows server administrators to easily find scripts for their server administration needs. Users can submit snippets, and upvote or downvote snippets. Snippets are also divided into categories. Users can also search for snippets using AdmSnippet's built-in search engine. Users can create their accounts in order to submit snippets.</p>
<p>Our Privacy Policy also governs your use of our Service and explains how we collect, safeguard and disclose information that results from your use of our web pages.</p>
<p>Your agreement with us includes these Terms and our Privacy Policy (“Agreements”). You acknowledge that you have read and understood Agreements, and agree to be bound of them.</p>
<p>If you do not agree with (or cannot comply with) Agreements, then you may not use the Service, but please let us know by emailing at <b>niemiecdorian2008.backup@gmail.com</b> so we can try to find a solution. These Terms apply to all visitors, users and others who wish to access or use Service.</p>
<h2>2. Communications</h2>
<p>By using our Service, you agree to subscribe to newsletters, marketing or promotional materials and other information we may send. However, you may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or by emailing at niemiecdorian2008.backup@gmail.com.</p>
<h2>3. Contests, Sweepstakes and Promotions</h2>
<p>Any contests, sweepstakes or other promotions (collectively, “Promotions”) made available through Service may be governed by rules that are separate from these Terms of Service. If you participate in any Promotions, please review the applicable rules as well as our Privacy Policy. If the rules for a Promotion conflict with these Terms of Service, Promotion rules will apply.</p>
<h2>4. Content</h2>
<p>Our Service allows you to post, link, store, share and otherwise make available certain information, text, graphics, videos, or other material (“Content”). You are responsible for Content that you post on or through Service, including its legality, reliability, and appropriateness.</p>
<p>By posting Content on or through Service, You represent and warrant that: (i) Content is yours (you own it) and/or you have the right to use it and the right to grant us the rights and license as provided in these Terms, and (ii) that the posting of your Content on or through Service does not violate the privacy rights, publicity rights, copyrights, contract rights or any other rights of any person or entity. We reserve the right to terminate the account of anyone found to be infringing on a copyright.</p>
<p>You retain any and all of your rights to any Content you submit, post or display on or through Service and you are responsible for protecting those rights. We take no responsibility and assume no liability for Content you or any third party posts on or through Service. However, by posting Content using Service you grant us the right and license to use, modify, publicly perform, publicly display, reproduce, and distribute such Content on and through Service. You agree that this license includes the right for us to make your Content available to other users of Service, who may also use your Content subject to these Terms.</p>
<p>AdmSnippet has the right but not the obligation to monitor and edit all Content provided by users.</p>
<p>In addition, Content found on or through this Service are the property of AdmSnippet or used with permission. You may not distribute, modify, transmit, reuse, download, repost, copy, or use said Content, whether in whole or in part, for commercial purposes or for personal gain, without express advance written permission from us.</p>
<h2>5. Prohibited Uses</h2>
<p>You may use Service only for lawful purposes and in accordance with Terms. You agree not to use Service:</p>
<ul>
<li>In any way that violates any applicable national or international law or regulation.</li>
<li>For the purpose of exploiting, harming, or attempting to exploit or harm minors in any way by exposing them to inappropriate content or otherwise.</li>
<li>To transmit, or procure the sending of, any advertising or promotional material, including any “junk mail”, “chain letter,” “spam,” or any other similar solicitation.</li>
<li>To impersonate or attempt to impersonate Company, a Company employee, another user, or any other person or entity.</li>
<li>In any way that infringes upon the rights of others, or in any way is illegal, threatening, fraudulent, or harmful, or in connection with any unlawful, illegal, fraudulent, or harmful purpose or activity.</li>
<li>To engage in any other conduct that restricts or inhibits anyone’s use or enjoyment of AdmSnippet or which may harm or offend AdmSnippet or users of the Service.</li>
</ul>
<p>Additionally, you agree not to:</p>
<ul>
<li>Use Service in any manner that could disable, overburden, damage, or impair Service or interfere with any other party’s use of Service, including their ability to engage in real time activities through Service.</li>
<li>Use any robot, spider, or other automatic device, process, or means to access Service for any purpose, including monitoring or copying any of the material on Service.</li>
<li>Use any manual process to monitor or copy any of the material on Service or for any other unauthorized purpose without our prior written consent.</li>
<li>Use any device, software, or routine that interferes with the proper working of Service.</li>
<li>Introduce any viruses, trojan horses, worms, logic bombs, or other material which is malicious or technologically harmful.</li>
<li>Attempt to gain unauthorized access to, interfere with, damage, or disrupt any parts of Service, the server on which Service is stored, or any server, computer, or database connected to Service.</li>
<li>Attack Service via a denial-of-service attack or a distributed denial-of-service attack.</li>
<li>Take any action that may damage or falsify Company rating.</li>
<li>Otherwise attempt to interfere with the proper working of Service.</li>
</ul>
<h2>6. Analytics</h2>
<p>We may use third-party Service Providers to monitor and analyze the use of our Service.</p>
<h2>7. Accounts</h2>
<p>You are responsible for maintaining the confidentiality of your account and password, including but not limited to the restriction of access to your computer and/or account. You agree to accept responsibility for any and all activities or actions that occur under your account and/or password, whether your password is with our Service or a third-party service. You must notify us immediately upon becoming aware of any breach of security or unauthorized use of your account.</p>
<p>You may not use as a username the name of another person or entity or that is not lawfully available for use, a name or trademark that is subject to any rights of another person or entity other than you, without appropriate authorization. You may not use as a username any name that is offensive, vulgar or obscene.</p>
<p>We reserve the right to refuse service, terminate accounts, remove or edit content, or cancel orders in our sole discretion.</p>
<h2>8. Intellectual Property</h2>
<p>Service and its original content (excluding Content provided by users), features and functionality are and will remain the exclusive property of AdmSnippet and its licensors. Service is protected by copyright, trademark, and other laws of and foreign countries. Our trademarks may not be used in connection with any product or service without the prior written consent of AdmSnippet.</p>
<h2>9. Copyright Policy</h2>
<p>We respect the intellectual property rights of others. It is our policy to respond to any claim that Content posted on Service infringes on the copyright or other intellectual property rights (“Infringement”) of any person or entity.</p>
<p>If you are a copyright owner, or authorized on behalf of one, and you believe that the copyrighted work has been copied in a way that constitutes copyright infringement, please submit your claim via email to niemiecdorian2008.backup@gmail.com, with the subject line: “Copyright Infringement” and include in your claim a detailed description of the alleged Infringement as detailed below, under “DMCA Notice and Procedure for Copyright Infringement Claims”</p>
<p>You may be held accountable for damages (including costs and attorneys’ fees) for misrepresentation or bad-faith claims on the infringement of any Content found on and/or through Service on your copyright.</p>
<h2>10. DMCA Notice and Procedure for Copyright Infringement Claims</h2>
<p>You may submit a notification pursuant to the Digital Millennium Copyright Act (DMCA) by providing our Copyright Agent with the following information in writing (see 17 U.S.C 512(c)(3) for further detail):</p>
<ol>
<li>An electronic or physical signature of the person authorized to act on behalf of the owner of the copyright’s interest;</li>
<li>A description of the copyrighted work that you claim has been infringed, including the URL (i.e., web page address) of the location where the copyrighted work exists or a copy of the copyrighted work;</li>
<li>Identification of the URL or other specific location on Service where the material that you claim is infringing is located;</li>
<li>Your address, telephone number, and email address;</li>
<li>A statement by you that you have a good faith belief that the disputed use is not authorized by the copyright owner, its agent, or the law;</li>
<li>A statement by you, made under penalty of perjury, that the above information in your notice is accurate and that you are the copyright owner or authorized to act on the copyright owner’s behalf.</li>
</ol>
<p>You can contact our Copyright Agent via email at niemiecdorian2008.backup@gmail.com.</p>
<h2>11. Error Reporting and Feedback</h2>
<p>You may provide us either directly at niemiecdorian2008.backup@gmail.com or via third party sites and tools with information and feedback concerning errors, suggestions for improvements, ideas, problems, complaints, and other matters related to our Service (“Feedback”). You acknowledge and agree that: (i) you shall not retain, acquire or assert any intellectual property right or other right, title or interest in or to the Feedback; (ii) Company may have development ideas similar to the Feedback; (iii) Feedback does not contain confidential information or proprietary information from you or any third party; and (iv) Company is not under any obligation of confidentiality with respect to the Feedback. In the event the transfer of the ownership to the Feedback is not possible due to applicable mandatory laws, you grant Company and its affiliates an exclusive, transferable, irrevocable, free-of-charge, sub-licensable, unlimited and perpetual right to use (including copy, modify, create derivative works, publish, distribute and commercialize) Feedback in any manner and for any purpose.</p>
<h2>12. Links To Other Web Sites</h2>
<p>Our Service may contain links to third party web sites or services that are not owned or controlled by AdmSnippet.</p>
<p>AdmSnippet has no control over, and assumes no responsibility for the content, privacy policies, or practices of any third party web sites or services. We do not warrant the offerings of any of these entities/individuals or their websites.</p>
<p>For example, the outlined <a href="https://policymaker.io/terms-and-conditions/">Terms of Use</a> have been created using <a href="https://policymaker.io/">PolicyMaker.io</a>, a free web application for generating high-quality legal documents. PolicyMaker’s <a href="https://policymaker.io/terms-and-conditions/">Terms and Conditions generator</a> is an easy-to-use free tool for creating an excellent standard Terms of Service template for a website, blog, e-commerce store or app.</p>
<p>YOU ACKNOWLEDGE AND AGREE THAT COMPANY SHALL NOT BE RESPONSIBLE OR LIABLE, DIRECTLY OR INDIRECTLY, FOR ANY DAMAGE OR LOSS CAUSED OR ALLEGED TO BE CAUSED BY OR IN CONNECTION WITH USE OF OR RELIANCE ON ANY SUCH CONTENT, GOODS OR SERVICES AVAILABLE ON OR THROUGH ANY SUCH THIRD PARTY WEB SITES OR SERVICES.</p>
<p>WE STRONGLY ADVISE YOU TO READ THE TERMS OF SERVICE AND PRIVACY POLICIES OF ANY THIRD PARTY WEB SITES OR SERVICES THAT YOU VISIT.</p>
<h2>13. Disclaimer Of Warranty</h2>
<p>THESE SERVICES ARE PROVIDED BY COMPANY ON AN “AS IS” AND “AS AVAILABLE” BASIS. COMPANY MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, AS TO THE OPERATION OF THEIR SERVICES, OR THE INFORMATION, CONTENT OR MATERIALS INCLUDED THEREIN. YOU EXPRESSLY AGREE THAT YOUR USE OF THESE SERVICES, THEIR CONTENT, AND ANY SERVICES OR ITEMS OBTAINED FROM US IS AT YOUR SOLE RISK.</p>
<p>NEITHER COMPANY NOR ANY PERSON ASSOCIATED WITH COMPANY MAKES ANY WARRANTY OR REPRESENTATION WITH RESPECT TO THE COMPLETENESS, SECURITY, RELIABILITY, QUALITY, ACCURACY, OR AVAILABILITY OF THE SERVICES. WITHOUT LIMITING THE FOREGOING, NEITHER COMPANY NOR ANYONE ASSOCIATED WITH COMPANY REPRESENTS OR WARRANTS THAT THE SERVICES, THEIR CONTENT, OR ANY SERVICES OR ITEMS OBTAINED THROUGH THE SERVICES WILL BE ACCURATE, RELIABLE, ERROR-FREE, OR UNINTERRUPTED, THAT DEFECTS WILL BE CORRECTED, THAT THE SERVICES OR THE SERVER THAT MAKES IT AVAILABLE ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS OR THAT THE SERVICES OR ANY SERVICES OR ITEMS OBTAINED THROUGH THE SERVICES WILL OTHERWISE MEET YOUR NEEDS OR EXPECTATIONS.</p>
<p>COMPANY HEREBY DISCLAIMS ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, STATUTORY, OR OTHERWISE, INCLUDING BUT NOT LIMITED TO ANY WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, AND FITNESS FOR PARTICULAR PURPOSE.</p>
<p>THE FOREGOING DOES NOT AFFECT ANY WARRANTIES WHICH CANNOT BE EXCLUDED OR LIMITED UNDER APPLICABLE LAW.</p>
<h2>14. Limitation Of Liability</h2>
<p>EXCEPT AS PROHIBITED BY LAW, YOU WILL HOLD US AND OUR OFFICERS, DIRECTORS, EMPLOYEES, AND AGENTS HARMLESS FOR ANY INDIRECT, PUNITIVE, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGE, HOWEVER IT ARISES (INCLUDING ATTORNEYS’ FEES AND ALL RELATED COSTS AND EXPENSES OF LITIGATION AND ARBITRATION, OR AT TRIAL OR ON APPEAL, IF ANY, WHETHER OR NOT LITIGATION OR ARBITRATION IS INSTITUTED), WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE, OR OTHER TORTIOUS ACTION, OR ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, INCLUDING WITHOUT LIMITATION ANY CLAIM FOR PERSONAL INJURY OR PROPERTY DAMAGE, ARISING FROM THIS AGREEMENT AND ANY VIOLATION BY YOU OF ANY FEDERAL, STATE, OR LOCAL LAWS, STATUTES, RULES, OR REGULATIONS, EVEN IF COMPANY HAS BEEN PREVIOUSLY ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. EXCEPT AS PROHIBITED BY LAW, IF THERE IS LIABILITY FOUND ON THE PART OF COMPANY, IT WILL BE LIMITED TO THE AMOUNT PAID FOR THE PRODUCTS AND/OR SERVICES, AND UNDER NO CIRCUMSTANCES WILL THERE BE CONSEQUENTIAL OR PUNITIVE DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF PUNITIVE, INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE PRIOR LIMITATION OR EXCLUSION MAY NOT APPLY TO YOU.</p>
<h2>15. Termination</h2>
<p>We may terminate or suspend your account and bar access to Service immediately, without prior notice or liability, under our sole discretion, for any reason whatsoever and without limitation, including but not limited to a breach of Terms.</p>
<p>If you wish to terminate your account, you may simply discontinue using Service.</p>
<p>All provisions of Terms which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability.</p>
<h2>16. Governing Law</h2>
<p>These Terms shall be governed and construed in accordance with the laws of Poland, which governing law applies to agreement without regard to its conflict of law provisions.</p>
<p>Our failure to enforce any right or provision of these Terms will not be considered a waiver of those rights. If any provision of these Terms is held to be invalid or unenforceable by a court, the remaining provisions of these Terms will remain in effect. These Terms constitute the entire agreement between us regarding our Service and supersede and replace any prior agreements we might have had between us regarding Service.</p>
<h2>17. Changes To Service</h2>
<p>We reserve the right to withdraw or amend our Service, and any service or material we provide via Service, in our sole discretion without notice. We will not be liable if for any reason all or any part of Service is unavailable at any time or for any period. From time to time, we may restrict access to some parts of Service, or the entire Service, to users, including registered users.</p>
<h2>18. Amendments To Terms</h2>
<p>We may amend Terms at any time by posting the amended terms on this site. It is your responsibility to review these Terms periodically.</p>
<p>Your continued use of the Platform following the posting of revised Terms means that you accept and agree to the changes. You are expected to check this page frequently so you are aware of any changes, as they are binding on you.</p>
<p>By continuing to access or use our Service after any revisions become effective, you agree to be bound by the revised terms. If you do not agree to the new terms, you are no longer authorized to use Service.</p>
<h2>19. Waiver And Severability</h2>
<p>No waiver by Company of any term or condition set forth in Terms shall be deemed a further or continuing waiver of such term or condition or a waiver of any other term or condition, and any failure of Company to assert a right or provision under Terms shall not constitute a waiver of such right or provision.</p>
<p>If any provision of Terms is held by a court or other tribunal of competent jurisdiction to be invalid, illegal or unenforceable for any reason, such provision shall be eliminated or limited to the minimum extent such that the remaining provisions of Terms will continue in full force and effect.</p>
<h2>20. Acknowledgement</h2>
<p>BY USING SERVICE OR OTHER SERVICES PROVIDED BY US, YOU ACKNOWLEDGE THAT YOU HAVE READ THESE TERMS OF SERVICE AND AGREE TO BE BOUND BY THEM.</p>
<h2>21. Contact Us</h2>
<p>Please send your feedback, comments, requests for technical support by email: <b>niemiecdorian2008.backup@gmail.com</b>.</p>
</div>
</main>
<?php include("includes/footer.php"); ?>
<?php include("includes/finalize.php"); ?>
wget 'https://sme10.lists2.roe3.org/admsnippets/user.php'<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
?>
<?php define("ADMSNIPPET", null); ?>
<?php include("config.php"); ?>
<?php include("includes/setup.php"); ?>
<?php
$userid = 0;
$result = null;
$badrequest = false;
$queryerror = false;
$entry = null;
$username = null;
$joined = null;
$page_number = 1;
if (isset($_GET['page']) && is_numeric($_GET['page'])) {
$page_number = intval($_GET['page']);
}
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
$badrequest = true;
} else {
$userid = intval($_GET['id']);
$userstmt = mysqli_prepare($db, 'SELECT name, joined FROM users WHERE id = ?');
if ($userstmt) {
mysqli_stmt_bind_param($userstmt, 'i', $userid);
mysqli_stmt_execute($userstmt);
$userresult = mysqli_stmt_get_result($userstmt);
if ($userresult) {
$result = mysqli_fetch_assoc($userresult);
mysqli_stmt_close($userstmt);
if ($result) {
$username = $result['name'];
$joined = date('F j, Y', strtotime($result['joined']));
}
} else {
mysqli_stmt_close($userstmt);
$queryerror = true;
}
} else {
$queryerror = true;
}
}
if ($badrequest) {
http_response_code(400);
$page_title = "Invalid user";
$page_description = "The user URL is invalid.";
} elseif ($queryerror) {
http_response_code(500);
$page_title = "Problem with retrieving the user";
$page_description = "An error occurred when retrieving the user.";
} elseif (!$username) {
http_response_code(404);
$page_title = "User not found";
$page_description = "The user doesn't currently exist.";
} else {
$page_title = "User: $username";
$page_description = "View profile for $username.";
}
?>
<?php include("includes/header.php"); ?>
<main class="page">
<div class="container">
<?php
if ($badrequest) {
echo '<h1>Invalid user</h1>
<p>The user URL is invalid.</p>';
} elseif ($queryerror) {
echo '<h1>Problem with retrieving the user</h1>
<p>An error occurred when retrieving the user.</p>';
} elseif (!$result) {
echo '<h1>User not found</h1>
<p>The user doesn\'t currently exist.</p>';
} else {
echo '<h1>User: ' . htmlspecialchars($username) . '</h1>';
echo '<p>Joined ' . htmlspecialchars($joined) . '</p>';
if ($userid == $user) {
echo '<div class="button-row">
<form action="' . htmlspecialchars(APP_ROOT) . 'changepassword.php">
<input type="submit" value="Change password" class="button">
</form><form action="' . htmlspecialchars(APP_ROOT) . 'deletemyaccount.php">
<input type="submit" value="Delete my account" class="button">
</form>
</div>';
}
echo '<h2 class="topsnippets-heading">User\'s snippets</h2>';
echo '<div class="entries-outside">';
$entries = null;
$entrystmt = mysqli_prepare($db, 'SELECT snippets.id AS "id",
snippets.title AS "name",
snippets.category_id AS "category_id",
categories.name AS "category",
snippets.user_id AS "user_id",
users.name AS "user",
snippets.date AS "date",
snippets.description AS "description",
(SELECT COUNT(*) FROM votes WHERE votes.snippet_id = snippets.id AND votes.is_downvote = 0)
- (SELECT COUNT(*) FROM votes WHERE votes.snippet_id = snippets.id AND votes.is_downvote = 1) AS "votes",
IFNULL((SELECT (is_downvote = 0) FROM votes WHERE votes.snippet_id = snippets.id AND votes.user_id = ? AND votes.user_id <> -1 AND is_downvote = 0), 0) AS "upvoted",
IFNULL((SELECT (is_downvote = 1) FROM votes WHERE votes.snippet_id = snippets.id AND votes.user_id = ? AND votes.user_id <> -1 AND is_downvote = 1), 0) AS "downvoted"
FROM snippets
INNER JOIN categories
ON snippets.category_id = categories.id
INNER JOIN users
ON snippets.user_id = users.id
WHERE snippets.user_id = ?
ORDER BY snippets.date
DESC LIMIT ' . strval(max(intval($page_number) - 1, 0) * 10) . ', 10;');
if ($entrystmt) {
mysqli_stmt_bind_param($entrystmt, 'iii', $user, $user, $userid);
mysqli_stmt_execute($entrystmt);
$entries = mysqli_stmt_get_result($entrystmt);
}
if ($entries) {
$entries_present = false;
while ($entry = mysqli_fetch_assoc($entries)) {
$entries_present = true;
echo '<div class="entry-outside">
<div class="entry-votes">
<form action="' . htmlspecialchars(APP_ROOT) . 'vote.php" method="post">
<input type="submit" value="▲" class="entry-vote-button' . ($entry['upvoted'] ? ' entry-vote-active' : '') . '" title="Upvote">
<input type="hidden" name="action" value="' . (!$entry['upvoted'] ? 'up' : 'reset') . '">
<input type="hidden" name="id" value="' . htmlspecialchars($entry['id']) . '">
<input type="hidden" name="redirect" value="' . htmlspecialchars($_SERVER['REQUEST_URI']) . '">
<input type="hidden" name="csrf" value="' . htmlspecialchars($csrf_token) . '">
</form>
<span class="entry-vote-count">' . htmlspecialchars($entry['votes']) . '</span>
<form action="' . htmlspecialchars(APP_ROOT) . 'vote.php" method="post">
<input type="submit" value="▼" class="entry-vote-button' . ($entry['downvoted'] ? ' entry-vote-active' : '') . '" title="Downvote">
<input type="hidden" name="action" value="' . (!$entry['downvoted'] ? 'down' : 'reset') . '">
<input type="hidden" name="id" value="' . htmlspecialchars($entry['id']) . '">
<input type="hidden" name="redirect" value="' . htmlspecialchars($_SERVER['REQUEST_URI']) . '">
<input type="hidden" name="csrf" value="' . htmlspecialchars($csrf_token) . '">
</form>
</div>
<div class="entry-body">
' . ($entry['user_id'] == $user ? '<form action="' . htmlspecialchars(APP_ROOT) . 'delete.php" method="post" class="entry-action">
<input type="submit" value="Delete" class="button">
<input type="hidden" name="id" value="' . htmlspecialchars($entry['id']) . '">
<input type="hidden" name="csrf" value="' . htmlspecialchars($csrf_token) . '">
</form><form action="' . htmlspecialchars(APP_ROOT) . 'edit.php" class="entry-action">
<input type="submit" value="Edit" class="button">
<input type="hidden" name="id" value="' . htmlspecialchars($entry['id']) . '">
</form>' : '') . '
<h3><a href="' . htmlspecialchars(APP_ROOT) . 'snippet.php?id=' . htmlspecialchars($entry['id']) . '">' . htmlspecialchars($entry['name']) . '</a></h3>
<p><a href="' . htmlspecialchars(APP_ROOT) . 'category.php?id=' . htmlspecialchars($entry['category_id']) . '">' . htmlspecialchars($entry['category']) . '</a> |
by <a href="' . htmlspecialchars(APP_ROOT) . 'user.php?id=' . htmlspecialchars($entry['user_id']) . '">' . htmlspecialchars($entry['user']) . '</a> |
submitted in ' . htmlspecialchars(date('F j, Y', strtotime($entry['date']))) . '</p>
<p>' . htmlspecialchars($entry['description']) . '</p>
</div>
</div>';
}
if (!$entries_present) echo "<p>No snippets.</p>";
mysqli_stmt_close($entrystmt);
} else {
if ($entrystmt) mysqli_stmt_close($entrystmt);
echo "<p>An error has occurred during retrieval of user's snippets!</p>";
}
echo '</div>';
$qtystmt = mysqli_prepare($db, 'SELECT * FROM snippets WHERE user_id = ?;');
if ($qtystmt) {
mysqli_stmt_bind_param($qtystmt, 'i', $userid);
mysqli_stmt_execute($qtystmt);
mysqli_stmt_store_result($qtystmt);
$qty = intval(mysqli_stmt_num_rows($qtystmt));
$maxpages = ceil($qty / 10);
$page_beg = $page_number - 2;
$page_end = $page_number + 2;
if ($page_end > $maxpages) {
$page_beg -= $page_end - $maxpages;
$page_end = $maxpages;
}
if ($page_beg < 1) {
$page_end += 1 - $page_beg;
$page_beg = 1;
}
if ($maxpages > 1) {
echo '<div class="pagination">';
if ($page_number > 1) {
echo '<a href="' . htmlspecialchars(APP_ROOT) . 'user.php?id=' . htmlspecialchars($userid) . '&page=' . htmlspecialchars($page_number - 1) . '">‹</a>';
}
for ($i = 0; $i < 5 && $i < $maxpages; $i++) {
$curpageno = $page_beg + $i;
if ($curpageno == $page_number) {
echo '<span class="pagination-active">' . htmlspecialchars($curpageno) . '</span>';
} else {
echo '<a href="' . htmlspecialchars(APP_ROOT) . 'user.php?id=' . htmlspecialchars($userid) . '&page=' . htmlspecialchars($curpageno) . '">' . htmlspecialchars($curpageno) . '</a>';
}
}
if ($page_number < $maxpages) {
echo '<a href="' . htmlspecialchars(APP_ROOT) . 'user.php?id=' . htmlspecialchars($userid) . '&page=' . htmlspecialchars($page_number + 1) . '">›</a>';
}
echo '</div>';
}
mysqli_stmt_close($qtystmt);
}
}
?>
</div>
</main>
<?php include("includes/footer.php"); ?>
<?php include("includes/finalize.php"); ?>
wget 'https://sme10.lists2.roe3.org/admsnippets/vote.php'<?php
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
?>
<?php define("ADMSNIPPET", null); ?>
<?php include("config.php"); ?>
<?php include("includes/setup.php"); ?>
<?php
$redirect = null;
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['redirect']) && strlen($_POST['redirect']) > 0 && $_POST['redirect'][0] == "/" && (strlen($_POST['redirect']) == 1 || $_POST['redirect'][1] != "/")) {
$redirect = $_POST['redirect'];
}
if ($user == -1) {
header('Location: ' . (APP_ROOT . 'login.php?redirect=' . urlencode($redirect ? $redirect : (APP_ROOT . 'snippet.php?id=' . urlencode($_POST['id'])))));
http_response_code(302);
include("includes/finalize.php");
exit;
}
$invalidmethod = true;
$badrequest = false;
$servererror = false;
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$invalidmethod = false;
if (!isset($_POST['id']) || !is_numeric($_POST['id'])) {
$badrequest = true;
} elseif (!isset($_POST['csrf']) || $_POST['csrf'] != $csrf_token) {
$badrequest = true;
} elseif (!isset($_POST['action'])) {
$badrequest = true;
} elseif ($_POST['action'] == 'reset' || $_POST['action'] == 'up' || $_POST['action'] == 'down') {
$stmt = mysqli_prepare($db, 'DELETE FROM votes WHERE snippet_id = ? AND user_id = ?;');
$snippetid = intval($_POST['id']);
if ($stmt) {
mysqli_stmt_bind_param($stmt, 'ii', $snippetid, $user);
$isexecsuccess = mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
if (!$isexecsuccess) {
$servererror = true;
} else {
if ($_POST['action'] == 'up' || $_POST['action'] == 'down') {
$isdownvote = $_POST['action'] == 'down' ? 1 : 0;
$stmt2 = mysqli_prepare($db, 'INSERT INTO votes (snippet_id, user_id, is_downvote) VALUES (?, ?, ?);');
if ($stmt2) {
mysqli_stmt_bind_param($stmt2, 'iii', $snippetid, $user, $isdownvote);
$isexecsuccess2 = mysqli_stmt_execute($stmt2);
mysqli_stmt_close($stmt2);
if (!$isexecsuccess2) {
$servererror = true;
}
} else {
$servererror = true;
}
}
}
} else {
$servererror = true;
}
} else {
$badrequest = true;
}
}
if ($invalidmethod) {
http_response_code(405);
$page_title = "Invalid method";
$page_description = "Invalid method was used while attempting to vote.";
} elseif ($servererror) {
http_response_code(500);
$page_title = "Error while voting";
$page_description = "An internal server error has occurred while voting.";
} elseif ($badrequest) {
http_response_code(400);
$page_title = "Invalid vote";
$page_description = "The request for voting is invalid.";
} else {
header('Location: ' . ($redirect ? $redirect : (APP_ROOT . 'snippet.php?id=' . urlencode($_POST['id']))));
http_response_code(302);
include("includes/finalize.php");
exit;
}
?>
<?php include("includes/header.php"); ?>
<main class="page">
<div class="container">
<?php
if ($invalidmethod) {
echo '<h1>Invalid method</h1>
<p>Invalid method was used while attempting to vote.</p>';
} elseif ($servererror) {
echo '<h1>Error while voting</h1>
<p>An internal server error has occurred while voting.</p>';
} elseif ($badrequest) {
echo '<h1>Invalid vote</h1>
<p>The request for voting is invalid.</p>';
}
?>
</div>
</main>
<?php include("includes/footer.php"); ?>
<?php include("includes/finalize.php"); ?>