<?
/*
=============================================
Движок: SHCMS Engine
=============================================
Название файла: Основные настройки
=============================================
Official website: http://shcms.ru
=============================================
*/
//Защищаем функции настроек от посторонне глаз
defined('SHCMS') or die('Переход на данных раздел запрещено');
session_name("SHCMS");
session_start();
// время запуска скрипта
define('TIME_START', microtime(true));
ini_set('magic_quotes_gpc', 0);
ini_set('magic_quotes_runtime', 0);
// Корневой каталог
define("H", $_SERVER["DOCUMENT_ROOT"].'/');
// Текущая страница
define('URL', urlencode($_SERVER['REQUEST_URI']));
// Текущая страница
define('IS_MAIN', $_SERVER ['SCRIPT_NAME'] == '/index.php');
//Код проверяет версию в PHP.
version_compare(PHP_VERSION, '5.2','>')or die('Трубуется PHP >= 5.2');
// время жизни сессии
define('SESSION_TIME_SHCMS', 600);
// время жизни сессии
ini_set('session.cache_expire', SESSION_TIME_SHCMS);
//Время
define('TIME', time());
//SHCMS
define('SHCMS',true);
// Текущие сутки
define('TODAY', mktime(0, 0, 0));
// игнорировать повторяющиеся ошибки
ini_set('ignore_repeated_errors', true);
define('H', $_SERVER ['DOCUMENT_ROOT']); // корневая директория сайта
// показываем только фатальные ошибки
ini_set('error_reporting', e_error);
//непосредственно, включаем показ ошибок
ini_set('display_errors', true);
// Установка кодировки для mb_string
if (function_exists('mb_internal_encoding')) { mb_internal_encoding('UTF-8'); }
//Установка кодировки для iconv
if(function_exists('Iconv')) { iconv_set_encoding('internal_encoding','UTF-8'); }
/* ---------------------- */
/*
-------------------------------
Соединение с базой
-------------------------------
*/
include_once 'config.php';
$user_db = DBUSER;
$user_user = DBNAME;
$user_localhost = DBHOST;
$user_pass = DBPASS;
/*
-------------------------------
Функция автоматическая загрузка классов
-------------------------------
*/
include_once''.H.'/system/inc/classes/uploads.class.php';
include_once''.H.'/system/inc/classes/BBcodeParser.class.php';
include_once''.H.'/system/inc/classes/smiles.class.php';
include_once''.H.'/system/inc/classes/mysql.class.php';
include_once''.H.'/system/inc/classes/navigation.class.php';
include_once''.H.'/system/inc/classes/timedate.class.php';
include_once''.H.'/system/inc/classes/text_list.class.php';
include_once''.H.'/system/inc/classes/log.class.php';
include_once''.H.'/system/inc/classes/smile.class.php';
include_once''.H.'/system/inc/classes/ini.class.php';
include_once''.H.'/system/inc/classes/users_position.class.php';
if(DBPASS == false)
{
$db = mysql_connect(DBHOST, DBUSER,DBPASS);
if (!$db) {die('Ошибка соединения: ' . mysql_error());}
if (!mysql_select_db(DBNAME)) {die('Ошибка выбора базы данных: ' . mysql_error()); }}
else{
$db = mysql_connect(DBHOST, DBUSER, DBPASS);
if (!$db) {die('Ошибка соединения: ' . mysql_error());}
if (!mysql_select_db(DBNAME)) {die('Ошибка выбора базы данных: ' . mysql_error()); }
}
/* --------------------------------- */
if (substr(PHP_OS, 0, 3) == 'WIN') { define('OS_WINDOWS', true); define('OS_UNIX', false); define('PEAR_OS', 'Windows'); }
else { define('OS_WINDOWS', false); define('OS_UNIX', true); define('PEAR_OS', 'Unix'); }
/*
---------------------
Генератор пороля
---------------------
*/
function conservation($max_valu=20, $trupe=3) {
$shcms__="";
$small_letters="abcdefghijklmnopqrstuvwxyz";
$numbers="0123456789";
mt_srand((double)microtime()*1000000);
for ($i=0; $i<$max_valu; $i++) { $type=mt_rand(1,min($trupe,3));
switch ($type):
case '2': $shcms__.=$small_letters[mt_rand(0,25)]; break;
case '1':$shcms__.=$numbers[mt_rand(0,9)]; break;
endswitch;}
return $shcms__;
}$conservation=&conservation();
/*
=
*/
@ob_start ();
@ob_implicit_flush ( 0 );
/*
------------------------
Массивы с настройками
------------------------
*/
$shcms_engine = array();
$set=array();
define(DIR_SHCMS,'/shcms/',TRUE);
date_default_timezone_set('Europe/Moscow');
$time_date = time() + $sdvigclock * 3600;
$mon = date("m", $time_date);
if (substr($mon, 0, 1) == 0) {
$mon = str_replace("0", "", $mon);
}$day = date("d", $time_date);
if (substr($day, 0, 1) == 0) {
$day = str_replace("0", "", $day);
}
$ip=false;
if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARDED_FOR']!='127.0.0.1' && ereg("^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$",$_SERVER['HTTP_X_FORWARDED_FOR']))
{
$ip2['xff']=$_SERVER['HTTP_X_FORWARDED_FOR'];
$ipa[] = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
if(isset($_SERVER['HTTP_CLIENT_IP']) && $_SERVER['HTTP_CLIENT_IP']!='127.0.0.1' && ereg("^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$",$_SERVER['HTTP_CLIENT_IP']))
{
$ip2['cl']=$_SERVER['HTTP_CLIENT_IP'];
$ipa[] = $_SERVER['HTTP_CLIENT_IP'];
}
if(isset($_SERVER['REMOTE_ADDR']) && ereg("^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$",$_SERVER['REMOTE_ADDR']))
{
$ip2['add']=$_SERVER['REMOTE_ADDR'];
$ipa[] = $_SERVER['REMOTE_ADDR'];
}
$ip=$ipa[0];
$iplong =ip2long($ip);
if (isset($_SERVER['HTTP_USER_AGENT']))
{
$ua=$_SERVER['HTTP_USER_AGENT'];
$ua=strtok($ua, '/');
$ua=strtok($ua, '(');
$ua=eregi_replace('[^a-z_\./ 0-9\-]', null, $ua);
if (isset($_SERVER['HTTP_X_OPERAMINI_PHONE_UA']) && ereg('Opera',$ua))
{$ua_om=$_SERVER['HTTP_X_OPERAMINI_PHONE_UA'];
$ua_om=strtok($ua_om, '/');
$ua_om=strtok($ua_om, '(');
$ua_om=eregi_replace('[^a-z_\. 0-9\-]', null, $ua_om);
$ua='Opera Mini ('.$ua_om.')';}
}else $ua='Нет данных';
$id = isset ($_REQUEST['id']) ? abs(intval($_REQUEST['id'])) : false;
$page = isset ($_REQUEST['page']) && $_REQUEST['page'] > 0 ? intval($_REQUEST['page']) : 1;
$start = isset ($_GET['start']) ? abs(intval($_GET['start'])) : 0;
$act = isset ($_GET['act']) ? trim($_GET['act']) : '';
$secure_pass = isset($_GET['secure_pass']) ? trim($_GET['secure_pass']) : '';
$do = isset ($_GET['do']) ? trim($_GET['do']) : '';
$agn = htmlentities(substr($_SERVER['HTTP_USER_AGENT'], 0, 100), ENT_QUOTES);
class shcms_ip_ {
public $ip;
public $flood_chk = 1;
public $flood_interval = '120';
public $flood_limit = '50';
public $flood_file = "SHCMS_Cache.tmp";
private $requests;
function __construct() {
$this->ip = ip2long($this->getip());
// Проверка адреса IP на HTTP флуд
if ($this->flood_chk) {
$this->requests = $this->reqcount();
}
}
// Получаем реальный адрес IP
private function getip() {
if (isset ($_SERVER['HTTP_X_FORWARDED_FOR']) && $this->ip_valid($_SERVER['HTTP_X_FORWARDED_FOR'])) {
return $_SERVER['HTTP_X_FORWARDED_FOR'];
}
elseif ($_SERVER['REMOTE_ADDR']) {
return $_SERVER['REMOTE_ADDR'];
}
else {
die('Unknown IP');
}
}
// Счетчик числа обращений с данного IP
private function reqcount() {
global $rootpath;
$tmp = array();
$requests = 1;
if (!file_exists('system/tmp/'. $this->flood_file))
$in = fopen('system/tmp/'. $this->flood_file, "w+");
else
$in = fopen('system/tmp/'. $this->flood_file, "r+");
$now = time();
while ($block = fread($in, 8)) {
$arr = unpack("Lip/Ltime", $block);
if (($now - $arr['time']) > $this->flood_interval) {
continue;
}
if ($arr['ip'] == $this->ip) {
$requests++;
}
$tmp[] = $arr;
}
fseek($in, 0);
ftruncate($in, 0);
for ($i = 0; $i < count($tmp); $i++) {
fwrite($in, pack('LL', $tmp[$i]['ip'], $tmp[$i]['time']));
}
fwrite($in, pack('LL', $this->ip, $now));
fclose($in);
return $requests;
}
// Валидация IP адреса
function ip_valid($ip = '') {
$d = explode('.', $ip);
for ($x = 0; $x < 4; $x++)
if (!is_numeric($d[$x]) || ($d[$x] < 0) || ($d[$x] > 255))
return false;
return $ip;
}
}
$shcms_ip_ = new shcms_ip_();
$vi_shcms = $shcms_ip_->ip;
$ipp = long2ip($ipl);
unset ($shcms_ip_);
/*
--------------------------------
Вывод коэффициента сжатия
--------------------------------
*/
function zipcount() {
global $set;
if ($set['gzip']) {
$Contents = ob_get_contents();
$gzib_file = strlen($Contents);
$gzib_file_out = strlen(gzcompress($Contents, 9));
$gzib_pro = round(100 - (100 / ($gzib_file / $gzib_file_out)), 1);
echo '<div>Cжатие вкл. (' . $gzib_pro . '%)</div>';
} else {
echo '<div>Cжатие выкл.</div>';
}
}
/*
----------------------------
Проверяем переменные
----------------------------
*/
function shcms_sh_shcms($engine_str) {
$engine_str = htmlentities(trim($engine_str), ENT_QUOTES, 'UTF-8');
$engine_str = nl2br($engine_str);
$engine_str = strtr($engine_str, array (chr(0)=> '',chr(1)=> '',chr(2)=> '',chr(3)=> '',chr(4)=> '',chr(5)=> '',chr(6)=> '',chr(7)=> '',chr(8)=> '',chr(9)=> '',chr(10)=> '',chr(11)=> '',chr(12)=> '',chr(13)=> '',chr(14)=> '',chr(15)=> '',chr(16)=> '',chr(17)=> '',chr(18)=> '',chr(19)=> '',chr(20)=> '',chr(21)=> '',chr(22)=> '',chr(23)=> '',chr(24)=> '',chr(25)=> '',chr(26)=> '',chr(27)=> '',chr(28)=> '',chr(29)=> '',chr(30)=> '',chr(31)=> ''));
$engine_str = str_replace("\'", "'", $engine_str);
$engine_str = str_replace('\\', "\", $engine_str);
$engine_str = mysql_real_escape_string($engine_str);
return $engine_str;
}
/*
------------------------------
Функция сообщение об ошибках
------------------------------
*/
function error($errors = false, $links = '') {
if ($errors) {$out = '';if (is_array($errors)) {foreach ($errors as $val)$out .= '<div>' . $val . '</div>';}
else {$out .= '<br />' . $errors;}$out .= '<p>' . $links. '</p>';
return $out;} else {return false;
}}
function rus_lat($engine_str) {
$engine_str= strtr($engine_str, array (
'а' => 'a','б' => 'b','в' => 'v','г' => 'g','д' => 'd','е' => 'e','ё' => 'e','ж' => 'j','з' => 'z','и' => 'i','й' => 'i','к' => 'k','л' => 'l','м' => 'm',
'н' => 'n','о' => 'o','п' => 'p','р' => 'r','с' => 's','т' => 't','у' => 'u','ф' => 'f','х' => 'h','ц' => 'c','ч' => 'ch','ш' => 'sh','щ' => 'sch','ъ' => "",
'ы' => 'y','ь' => "",'э' => 'ye','ю' => 'yu','я' => 'ya'));
return $engine_str;
}
$method_logs = $_SERVER['REQUEST_METHOD'];
$server_port =$_SERVER['SERVER_PORT'];
/*
-----------------------------------
Авторизуемся по SESSION
-----------------------------------
*/
if (isset ($_SESSION['id_address']) && isset ($_SESSION['use_password'])) {
$user_id = intval($_SESSION['id_address']);
$user_ps = $_SESSION['use_password'];
}
/*
-----------------------------------
Авторизуемся по COOKIE
-----------------------------------
*/
elseif (isset ($_COOKIE['ip_address']) && isset ($_COOKIE['use_password'])) {
$user_id = intval(base64_decode($_COOKIE['ip_address']));
$_SESSION['id_address'] = $user_id;
$user_ps = md5($_COOKIE['use_password']);
$_SESSION['use_password'] = $user_ps;
$cookauth = true;
}
/*
-----------------------------------
Запрос в DB
-----------------------------------
*/
if ($user_id && $user_ps) {
$req = mysql_query("SELECT * FROM `users` WHERE `id` = '$user_id' LIMIT 1");
if (mysql_num_rows($req)) {
$datauser = mysql_fetch_assoc($req);
if ($user_ps === $datauser['password']) {
$set_user = array();
$set_user = unserialize($datauser['set_user']);
if (empty ($set_user)) {$set_user['avatar'] = 1;$set_user['smileys'] = 1;$set_user['translit'] = 1;$set_user['quick_go'] = 1;$set_user['gzip'] = 1;
$set_user['online'] = 1;$set_user['movings'] = 1;$set_user['digest'] = 1;$set_user['sdvig'] = 0;$set_user['kmess'] = 10;$set_user['skin'] = 'default';}
$poster = (int) $set_user['kmess'];
$login = $datauser['login'];
$rights = $datauser['rights'];
if ($datauser['lastdate'] < ($time_date - 3600) && $set_user['digest'] && $headmod == 'mainpage')
header('Location: ' . $home . '/index.php?act=digest&last=' . $datauser['lastdate']);
}
else {
unset ($_SESSION['id_address']);
unset ($_SESSION['use_password']);
setcookie('cuid', '');
setcookie('cups', '');
$user_id = false;
$user_ps = false;
}
}
else {
unset ($_SESSION['id_address']);
unset ($_SESSION['use_password']);
setcookie('cuid', '');
setcookie('cups', '');
$user_id = false;
$user_ps = false;
}
}
$users_nav = mysql_fetch_array(mysql_query("SELECT * FROM users WHERE id=".$user_id.""));
/*
----------------------
Для не авторизованных
----------------------
*/
function registrat($link = NULL) {
global $user_id;
if (!isset($user_id))
{
if ($link==NULL)$link=H.'index.php?'.SID;
header("Location: $link");exit;}}
function unreg($unregi = "")
{
global $user_id;
if (isset($user_id))
{
if ($unregi=="")$unregi='/';
header("Location: $unregi");
exit;
}
}
function size($size) {
if ($size >= 1073741824) {
$size = round($size / 1073741824 * 100) / 100 . ' Gb';
} elseif ($size >= 1048576) {
$size = round($size / 1048576 * 100) / 100 . ' Mb';
} elseif ($size >= 1024) {
$size = round($size / 1024 * 100) / 100 . ' Kb';
} else {
$size = $size . ' b';
}
return $size;
}
/*
======================
Генератор пороля 2
======================
*/
function passgen($len = 32) {
$password = '';
$small = 'abcdefghijklmnopqrstuvwxyz';
$large = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$numbers = '1234567890';
for ($i = 0; $i < $len; $i++) {
switch (mt_rand(1, 3)) {
case 3 :
$password .= $large [mt_rand(0, 25)];
break;
case 2 :
$password .= $small [mt_rand(0, 25)];
break;
case 1 :
$password .= $numbers [mt_rand(0, 9)];
break;
}
}
return $password;
}
/*
----------------------------------
Копирайт снимать запрещено
----------------------------------
*/
class copyr
{
function copyright()
{
echo '<div class="copyright"><a title="Copyright SHCMS Engine" href="http://shcms.ru">© SHCMS Engine</a></div>';
echo '
<!-- Copyright (c) 2012, shcms.ru -->
<!-- Powered by SHCMS Engine [ www.shcms.ru ] -->
';
}
}
$object = new copyr;
class copyrweb
{
function copyrightweb()
{
echo '<a title="Copyright SHCMS Engine" href="http://shcms.ru">© SHCMS Engine</a>';
echo '
<!-- Copyright (c) 2012, shcms.ru -->
<!-- Powered by SHCMS Engine [ www.shcms.ru ] -->
';
}
}
$objectweb = new copyrweb;
/*
-----------------------------------------
Обработка смайликов, тэгов.
-----------------------------------------
*/
function handling_smileys($pag_smil,$bbcode_smiley_smiley=true,$parser=true,$smiles=true)
{
if ($bbcode_smiley_smiley==true)
{
$bb_c_s=$pag_smil;
$pag_smil=bb_codes($pag_smil);
}
if ($parser==true)
{
$bb_c_s=$pag_smil;
$BBcodeParser = new BBcodeParser;
$pag_smil=$BBcodeParser->parserString($pag_smil);
}
if ($smiles==true)
{
$bb_c_s=$pag_smil;
$smile_class = new Smiles;
$pag_smil=$smile_class->Smileclass($pag_smil);
}
return $pag_smil;
}
$titles_home= mysql_fetch_array(mysql_query("SELECT * FROM settings_shcms"));
$title_homes = $titles_home['title'];
function bbco($arr)
{
$arr[0]=html_entity_decode($arr[0], ENT_QUOTES, 'UTF-8');
return '<div class="cit" style="overflow:scroll;clip:auto;max-width:480px;">'.preg_replace('#<code>(.*?)</code>#si', '\\1' ,highlight_string($arr[0],1)).'</div>'."\n";
}
function link_list($link_linkes)
{
global $shcms_engine ;
return '<a href="'.$link_linkes[1].'">'.$link_linkes[2].'</a>';
}
function link_spoiler($link_spoiler)
{global $shcms_engine ;
return '<div class="spoiler"><b>
<a href="#" onclick="show_hide(\'#'.$link_spoiler[1].'\');">'.$link_spoiler[1].'</a></b>
<div id="'.$link_spoiler[1].'" style="display: none; overflow: hidden; vertical-align: top;">'.$link_spoiler[2].'</div></div>';
}
function bb_php_code($php_code) {
$php_code = strtr($php_code, array ( '<br />' => '','\\' => 'SHCMS_ENGINE_/' ));
$php_code = strtr($php_code, array('<br />' => '', '\\' => 'SHCMS_ENGINE_/'));
$php_code = html_entity_decode(trim($php_code), ENT_QUOTES, 'UTF-8');
$php_code = substr($php_code, 0, 2) != "<?" ? "<?php\n" . $php_code . "\n?>" : $php_code;
$php_code = highlight_string(stripslashes($php_code), true);
$php_code = strtr($php_code, array('SHCMS_ENGINE_/' => '\', ':' => ':', '[' => '['));
return '<div class="codephp">' . $php_code . '</div>';
}
function hidden_text($link_hide)
{
global $user_id;
if(isset($user_id))
{
$link_hide = '<div class="hide"><b>Скрытый текст </b><br/> '.$link_hide.'</div>';
} else {
$link_hide = '<div class="hide"><b>Скрытый текст</b> <br/>Для отображения текста необходимо пройти авторизацию на сайте.</div>';
}
return $link_hide;
}
/*
-----------------------------------------
Обработка ссылок и тэгов
-----------------------------------------
*/
function bb_codes($message = '') {
$message = preg_replace('#\[small\](.*?)\[/small\]#si', '<div style="font-size: smaller;">\1</div>', $message);
$message = preg_replace(array ('#\[php\](.*?)\[\/php\]#se'), array ("''.bb_php_code('$1').''"), str_replace("]\n", "]", $message));
$message= preg_replace_callback('/\[url=(.+)\](.+)\[\/url\]/isU', 'link_list', $message);
$message= preg_replace_callback('/\[spoiler=(.+)\](.+)\[\/spoiler\]/isU', 'link_spoiler', $message);
$message = preg_replace('#\[img\](.*?)\[/img\]#si', '<img src="\1"/>', $message);
$message = preg_replace('#\[hide\](.*?)\[/hide\]#ie', 'hidden_text("\1")', $message);
return $message;
}
mysql_query("UPDATE users SET datelast=".time()." WHERE id=$user_id");
include_once'array_name.php';
$user_them = mysql_query("SELECT * FROM users");
$users_them = mysql_fetch_array($user_them);
$h_ua = str_replace('windows ce', '', strtolower($_SERVER['HTTP_USER_AGENT']));
if (
!$h_ua ||
strpos($h_ua, 'windows') !== false ||
strpos($h_ua, 'linux') !== false ||
strpos($h_ua, 'bsd') !== false ||
strpos($h_ua, 'x11') !== false ||
strpos($h_ua, 'unix') !== false ||
strpos($h_ua, 'macintosh') !== false ||
strpos($h_ua, 'macos') !== false)
{
$brodilka = "web";
} else {
$brodilka = "wap";
}
class adminka
{
function admin()
{
$admin_users = mysql_fetch_array(mysql_query("SELECT * FROM users WHERE id=".$user_id.""));
if($admin_users['team'] == 6)
{header("Refresh:1; url=/");
include_once'../template/foot.php';
exit;}
}
}
$adminka = new adminka;
$sys = mysql_fetch_array(mysql_query("SELECT * FROM online_guest"));
if(!$user_id)
{
if($sys['ip'] == $vi_shcms)
{
mysql_query("UPDATE online_guest SET ip='$vi_shcms',time='$time_date',ua='$ua' WHERE ip = $sys[ip]");
}
else
{
mysql_query("INSERT INTO online_guest (ip,time,ua) VALUES('$vi_shcms','$time_date',ua='$ua')");
}
}
mysql_query("DELETE FROM `online_guest` WHERE `time` < '".(time()-600)."' AND ip='$vi_shcms'");
mysql_query("OPTIMIZE TABLE `online_guest`");
?>