<?php
require_once('/home/chat/www/conf.php');
db_connect();
if (@$_GET['action'] == 'logout' && session_is_registered('nick') && session_is_registered('pass')) logout();
$cls = new chat;
if (substr($_SERVER['QUERY_STRING'],0,5) == $_SESSION['reg'] && substr($_SERVER['QUERY_STRING'],0,5) != '' && $_SERVER['SERVER_NAME'] == server)
{
require_once(rootpath.'freg.php'); exit();
}
$qveri = explode('&',$_SERVER['QUERY_STRING']);
$qveri = explode('/',$qveri['0']);
$target = $qveri;
if ($target['0'] != '')
{
if ($target['0'] == $_SESSION['reg1'])
{require_once(rootpath.'all_online.php'); exit();}
if ($target['0'] == $_SESSION['reg2'])
{require_once(rootpath.'lost_password.php'); exit();}
}
if ($_SERVER['REQUEST_METHOD'] == 'POST' && $_SERVER['SERVER_NAME'] == server)
{
if (!empty($_POST['login']) && !empty($_POST['pass']) && (time() - $_SESSION['antibot']) > 10)
{
if (!preg_match('/[^A-ZА-Яа-яa-z0-9\-_@=\:\ ]/i', $_POST['login'])
&& !preg_match('/[^a-zA-Z0-9\-_]/i', $_POST['pass'])
&& check($_POST['pass']) && checkl($_POST['login']))
{
if (strlen($_POST['login']) >= 3 && strlen($_POST['login']) <= 15
&& strlen($_POST['pass']) >= 4 && strlen($_POST['pass']) <= 15)
{
if (checked($_POST['login']) && checked($_POST['pass']))
{
if (mysql_fetch_object(mysql_query('SELECT `login` FROM `chat_users` WHERE `login` = "'.trim(addslashes(htmlspecialchars($_POST['login']))).'"')))
{
if (mysql_fetch_object(mysql_query('SELECT `pass` FROM `chat_users` WHERE `login` = "'.trim(addslashes(htmlspecialchars($_POST['login']))).'" AND `pass` = "'.trim(addslashes(htmlspecialchars($_POST['pass']))).'"')))
{
$_SESSION['nick'] = addslashes(htmlspecialchars($_POST['login']));
session_register('nick');
$_SESSION['pass'] = addslashes(htmlspecialchars($_POST['pass']));
session_register('pass');
$_SESSION['visit'] = time();
session_register('visit');
$_SESSION['user_agent'] = trim(substr(addslashes(htmlspecialchars($_SERVER['HTTP_USER_AGENT'])),0,65));
session_register('user_agent');
$_SESSION['ip'] = addslashes(htmlspecialchars($_SERVER['REMOTE_ADDR']));
session_register('ip');
if (session_is_registered('nick') && session_is_registered('pass') && session_is_registered('visit')
&& session_is_registered('user_agent') && session_is_registered('ip'))
{
if (!mysql_fetch_object(mysql_query('SELECT `session` FROM `chat_session` WHERE `login` = "'.$_SESSION['nick'].'"')))
{
$dir = substr(session_id(),(strlen(session_id())/2),strlen(session_id())).session_id().substr(session_id(),0,(strlen(session_id())/2));
if (!is_dir(rootpath.'session/'.$dir))
{
if (@mkdir(rootpath.'session/'.$dir.'/', 0777)
&& copy(rootpath.'temp.php',rootpath.'session/'.$dir.'/index.php'))
{
if (!session_is_registered('backout') && isset($_GET['id']) && $url = @mysql_fetch_object(@mysql_query('SELECT `wapsite` FROM `chat_users` WHERE `id` = '.intval($_GET['id']))))
{
if (!empty($url->wapsite))
{
$_SESSION['backout'] = $url->wapsite; session_register('backout');
}
}
mysql_query('INSERT INTO `chat_session` SET `login` = "'.$_SESSION['nick'].'", `session` = "'.trim(htmlspecialchars(addslashes($dir))).'", `timeout` = "'.time().'"');
header('location: '.rootlink.'session/'.$dir.'/?'.SID);
exit();
}
else
{
$error = 'Авторизация невозможна по техническим причинам.';
}
}
else
{
$error = 'Невозможно создать учетную запись..';
}
}
else
{
$error = 'Ртот пользователь сейчас РІ чате.';
}
}
else
{
$error = 'Сбой текущей сессии.';
}
}
else
{
$error = 'Пароль введён неверно.';
}
}
else
{
$error = 'Пользователь не найден в базе.';
}
}
else
{
$error = 'Введённые данные не прошли обработку.';
}
}
else
{
$error = 'Нарушены границы ввода данных.';
}
}
else
{
$error = 'Обнаружены недопустимые символы.';
}
}
else
{
$error = 'Данные не введены.';
}
}
else
{
$error = 'Добро пожаловать.';
}
if (isset($_GET['not_found'])) {$error = 'Вы пытались перейти по несуществующему адресу.';}
else if(isset($_GET['bad_browser'])) {$error = 'Недопустимый браузер для текущей сессии.';}
else if(isset($_GET['exit'])) {$error = 'Выход прошел успешно.';}
if (isset($_GET['id']) && !session_is_registered('backout')) {$idurl = 'id='.intval($_GET['id']).'&';}
$pr_count = mysql_fetch_array(@mysql_query('SELECT COUNT(*) FROM `chat_session` WHERE `timeout` > "'.intval(time()-600).'"'));
$count = $pr_count['0'];
$q_regs = mysql_fetch_array(@mysql_query('SELECT COUNT(*) from `'.$px.$utable.'`'));
$cls->a_header('WapMoto чат');
$cls->write('<div class="d1"><center><font style="color:#A9FCFE;font-size:17px;text-decoration:underline;">WAPMOTO ЧАТ</font></center>'.
'<h4 align="center">Р’ РіРѕСЂРѕРґРєРµ<br/>[<a href="?'.ref1.'&'.SID.'">'.$count.'</a>]<br/></h4></div><div class="d0">');
echo (!empty($error) ? '<font style="color:#f00; font-size:15px;">'.trim(addslashes(htmlspecialchars($error))).'</font>' : $error);
$cls->form('?'.$idurl.SID,post);
$cls->input('Логин',login,'15','15',$_SESSION['nicks']);
$cls->input('Пароль',pass,'15','15');
$cls->end_form('Войти');
echo '</div><div class="d1"><a href="?'.substr(ref,0,5).'&'.SID.'">'.$lang['reg'].'</a><br/>
<a href="?'.ref2.'&'.SID.'">Забыл пароль</a><br/>';
$cls->write('<span style="background-color:#000000; color:#ffffff">'.
'Пользователей: '.$q_regs['0'].
'</span><br/>');
echo (!empty($_GET['url']) ? '<a href="http://'.trim(addslashes(htmlspecialchars($_GET['url']))).'">'.trim(addslashes(htmlspecialchars($_GET['url']))).'</a>' : $_GET['url']);
$cls->write('</div>');
$cls->a_footer();
$_SESSION['reg'] = substr(ref,0,5); session_register('reg');
$_SESSION['reg1'] = ref1; session_register('reg1');
$_SESSION['reg2'] = ref2; session_register('reg2');
$_SESSION['antibot'] = time(); session_register('antibot');
function logout()
{
$__all__visit__time = mysql_fetch_object(mysql_query('SELECT `adtime` FROM `chat_users` WHERE `login` = "'.$_SESSION['nick'].'"'));
mysql_query('UPDATE `chat_users` SET `adtime` = "'.($__all__visit__time->adtime+intval($_SESSION['dtime'])).'" WHERE `login` = "'.$_SESSION['nick'].'"');
if (session_is_registered('backout'))
{
$burl = @mysql_fetch_object(@mysql_query('SELECT `wapsite` FROM `chat_users` WHERE `wapsite` = '.trim($_SESSION['backout'])));
}
$dr = substr(session_id(),(strlen(session_id())/2),strlen(session_id())).session_id().substr(session_id(),0,(strlen(session_id())/2));
if (!empty($dr) && is_dir(rootpath.'session/'.$dr))
{
unlink(rootpath.'session/'.substr(session_id(),(strlen(session_id())/2),strlen(session_id())).session_id().substr(session_id(),0,(strlen(session_id())/2)).'/index.php');
rmdir(rootpath.'session/'.substr(session_id(),(strlen(session_id())/2),strlen(session_id())).session_id().substr(session_id(),0,(strlen(session_id())/2)));
}
mysql_query('DELETE FROM `chat_session` WHERE `login` = "'.$_SESSION['nick'].'"');
session_unregister('nick');
session_unregister('pass');
session_unregister('user_agent');
session_unregister('visit');
session_unregister('ip');
unset($_SESSION['nick']);
unset($_SESSION['pass']);
unset($_SESSION['user_agent']);
unset($_SESSION['visit']);
unset($_SESSION['ip']);
session_destroy();
if (!empty($burl->wapsite))
{
header('location: http://'.$burl->wapsite);
exit();
}
else
{
header('location: '.rootlink.'?exit');
exit();
}
}
@mysql_close();
ob_end_flush();
?>