<?php
//AUTH
$id = intval($_SESSION['id']);
$password = mysql_escape_string($_SESSION['password']);
$q = mysql_query("SELECT * FROM `chat_users` WHERE `id` = '".$id."' AND `password` = '".md5($password)."';");

if(mysql_affected_rows() == 0)
{
}
else
{
$user = mysql_fetch_array($q);
$nickname = $user['nickname'];
$smiles = $user['smiles'];
$translit  = $user['translit'];
$msgs  = $user['msgs'];
$refresh = $user['refresh'];
$fsize = $user['fsize'];
$ip = $user['ip'];
$ua = $user['ua'];
$security = $user['security'];
$level = $user['level'];
$kick = $user['kick'];
$moder = $user['moder'];
$reason = $user['reason'];
}
//END AUTH

if($kick > time())
{
echo "$css";
echo'<title>'.$ttl.'</title>';
echo'<div class="d3">Ошибка</div>';
echo'<div class="d5">';
echo "Вы забаненны!!!<br/> Разбан через  <u>".($kick - time())."</u> сек.<br/>\n";
echo "Причина: $reason</div>\n";
echo'<div class="d3">';
echo"$sitefoot";
echo'</div>';
echo "</body></html>";
exit();
}


$q = mysql_query("SELECT * FROM `chat_banned` WHERE `ip` = '".getenv('REMOTE_ADDR')."' AND `ua` = '-';");

if(mysql_num_rows($q) != 0)
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");

echo "$css";
echo'<title>'.$ttl.'</title>';
echo'<div class="d3">Ошибка</div>';
echo "<div class=\"d5\">Вы забаненны!!!<br/>Вам запрещен доступ в чат!!!</div>\n";
echo'<div class="d3">';
echo"$sitefoot";
echo'</div>';
echo "</body></html>";
exit();
}

$q = mysql_query("SELECT * FROM `chat_banned` WHERE `ip` = '".getenv('REMOTE_ADDR')."' AND `ua` = '".htmlspecialchars(getenv('HTTP_USER_AGENT'))."';");

if(mysql_num_rows($q) != 0)
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");

echo "$css";
echo'<title>'.$ttl.'</title>';
echo'<div class="d3">Ошибка</div>';
echo "<div class=\"d5\">Вы забаненны!!!<br/>Вам запрещен доступ в чат!!!</div>\n";
echo'<div class="d3">';
echo"$sitefoot";
echo'</div>';
echo "</body></html>";
exit();
}
?>