<?php
require 'incs/header.php';
require 'incs/ini.php';
if(!isset($_SESSION['sgb_admp'])){
include('incs/bcheck.php');
}
$arr = file('incs/book.dat');
if(isset($_POST['nick']) && isset($_POST['text'])){
function shit_happened($shit='Unknown error'){
$_SESSION['sgb_err']=$shit;
Header('Location: say.php'.psid());
exit;
}
$data = htmlspecialchars($data);
if(ini_get('magic_quotes_gpc')){
$data = stripslashes($data);
}
$data['mail']=safe_var($_POST['mail']);
$data['sity']=safe_var($_POST['sity']);
$data['nick']=safe_var($_POST['nick']);
$data['text']=safe_var($_POST['text'],true);
$data['time']=date('d.m.y G:i');
$data['br']=safe_var($_SERVER['HTTP_USER_AGENT']);
$data['ip']=safe_var($_SERVER['REMOTE_ADDR']);
$tr=@$_POST['tr'];
if(!isset($_SESSION['sgb_name']) or $_SESSION['sgb_name']!=$data['nick']) $_SESSION['sgb_name']=$data['nick'];
if(!isset($_SESSION['sgb_mail']) or $_SESSION['sgb_mail']!=$data['mail']) $_SESSION['sgb_mail']=$data['mail'];
if(!isset($_SESSION['sgb_sity']) or $_SESSION['sgb_sity']!=$data['sity']) $_SESSION['sgb_sity']=$data['sity'];
if($CONF['captcha'] && (!isset($_POST['code']) || $_POST['code']!=$_SESSION['sgb_code'])){
shit_happened('<center><span style="color: red">Heвepнo ввeдено число с картинки.</span></center>');
}
if($CONF['kod']){
if($_POST['key'] != $_SESSION['key']){
shit_happened('<center><span style="color: red">Heвepнo ввeдён зaщитный кoд!<br />..либо вообще не введён!</span></center>');
}
}
if(strlen($data['nick'])>20) shit_happened('<center><span style="color: red">Куда такой большой ник?</span></center>');
if(strlen($data['mail'])>25) shit_happened('<center><span style="color: red">Ну такого огромного мыла я ещё невидал))</span></center>');
if(strlen($data['sity'])>25) shit_happened('<center><span style="color: red">Больно огромное название города!</span></center>');
if($data['sity']) {
if(strlen($data['sity'])<2) shit_happened('<center><span style="color: red">Что эт за город за такой, в котором меньше 2х буков?</span></center>'); }
if(strlen($data['text'])>2000) shit_happened('<center><span style="color: red">В сообщении не должно быть более 2000 символов!</span></center>'.round(strlen($data['text'])/1024,1).'kb > 2,0kb)');
if ($data['mail']){
if(!preg_match('/[\dA-Za-z_\.-]+@[A-Za-z_-]+\.[\dA-Za-z]{2,4}/',$data['mail'])) shit_happened('<center><span style="color: red">Heвepный фopмaт e-mail.</span></center>');}
if(empty($data['nick']) || empty($data['text'])) shit_happened('<center><span style="color: red">Обязательные поля незаполнены!</span></center>');
$cnt=count($arr);
if($cnt>0){
$post=unserialize($arr[0]);
if($data['text']==$post['text']) shit_happened('<center><span style="color: red">Не жми так часто на "добавить"</span></center>');
}
// транслит текста
if($tr=='on'){
$data['text']=strtr($data['text'],array(
'A'=>'А','a'=>'а','B'=>'Б','b'=>'б',
'V'=>'В','v'=>'в','G'=>'Г','g'=>'г',
'D'=>'Д','d'=>'д','E'=>'Е','e'=>'е',
'yo'=>'Ё','Zh'=>'Ж','zh'=>'ж','Z'=>'З',
'z'=>'з','I'=>'И','i'=>'и','J'=>'Й',
'j'=>'й','K'=>'К','k'=>'к','L'=>'Л',
'l'=>'л','M'=>'М','m'=>'м','N'=>'Н',
'n'=>'н','O'=>'О','o'=>'о','P'=>'П',
'p'=>'п','R'=>'Р','r'=>'р','S'=>'С',
's'=>'с','T'=>'Т','t'=>'т','U'=>'У',
'u'=>'у','F'=>'Ф','f'=>'ф','H'=>'Х',
'h'=>'х','C'=>'Ц','c'=>'ц','Ch'=>'Ч',
'ch'=>'ч','Sh'=>'Ш','sh'=>'ш','Sch'=>'Щ',
'sch'=>'щ',"''"=>'ъ',"'"=>'ь','Y'=>'Ы',
'y'=>'ы','Ye'=>'Э','ye'=>'э','Yu'=>'Ю',
'yu'=>'ю','Ya'=>'Я','ya'=>'я','Yo'=>'ё')); }
// транслит ника
if($tr=='on'){
$data['nick']=strtr($data['nick'],array(
'A'=>'А','a'=>'а','B'=>'Б','b'=>'б',
'V'=>'В','v'=>'в','G'=>'Г','g'=>'г',
'D'=>'Д','d'=>'д','E'=>'Е','e'=>'е',
'yo'=>'Ё','Zh'=>'Ж','zh'=>'ж','Z'=>'З',
'z'=>'з','I'=>'И','i'=>'и','J'=>'Й',
'j'=>'й','K'=>'К','k'=>'к','L'=>'Л',
'l'=>'л','M'=>'М','m'=>'м','N'=>'Н',
'n'=>'н','O'=>'О','o'=>'о','P'=>'П',
'p'=>'п','R'=>'Р','r'=>'р','S'=>'С',
's'=>'с','T'=>'Т','t'=>'т','U'=>'У',
'u'=>'у','F'=>'Ф','f'=>'ф','H'=>'Х',
'h'=>'х','C'=>'Ц','c'=>'ц','Ch'=>'Ч',
'ch'=>'ч','Sh'=>'Ш','sh'=>'ш','Sch'=>'Щ',
'sch'=>'щ',"''"=>'ъ',"'"=>'ь','Y'=>'Ы',
'y'=>'ы','Ye'=>'Э','ye'=>'э','Yu'=>'Ю',
'yu'=>'ю','Ya'=>'Я','ya'=>'я','Yo'=>'ё')); }
require('incs/smiles.php');
$data['text']=str_replace($sstr,$simg,$data['text']);
if($cnt>$CONF['np']) unset($arr[$cnt-1]);
$f=fopen('incs/book.dat','w');
fputs($f,serialize($data)."\n".implode('',$arr));
fclose($f);
header('Location: index.php'.psid());
}else{
ob_start();
if($CONF['captcha']){
//CAPTCHA string length
$length = mt_rand(5,6);
// symbols used to draw CAPTCHA
$allowed_sym = '23456789abcdeghkmnpqsuvxyz'; //alphabet without similar symbols (o=0, 1=l, i=j, t=f)
while(true){
$keystr='';
for($i=0;$i<$length;$i++){
$keystr.=$allowed_sym{mt_rand(0,strlen($allowed_sym)-1)};
}
if(!preg_match('/cp|cb|ck|c6|c9|rn|rm|mm|co|do|cl|db|qp|qb|dp/', $keystr)) break;
}
$_SESSION['sgb_code']=$keystr;
}
include 'fig/head.php';
echo '<title>Написать в гостевую</title>';
if(isset($_SESSION['sgb_err'])){
print('Oшибкa: '.$_SESSION['sgb_err']); unset($_SESSION['sgb_err']);
}
echo '<div class="hu2">
<form action="say.php'.psid().'" method="post"><br />
<span style="color: red">*</span>Имя<small>(мах 20 сим)</small>:<br />
<input type="text" name="nick" maxlength="20" size="13" ';
if(isset($_SESSION['sgb_name'])){
print('value="'.$_SESSION['sgb_name'].'"');
}
print(' /><br /><input type="checkbox" name="tr" />-тpaнcлит ника<br /><br />
<span style="color: #4169E1">*</span>E-мыло<small>(мах 25 сим)</small>:<br/><input type="text" name="mail" ');
if(isset($_SESSION['sgb_mail'])){
print('value="'.$_SESSION['sgb_mail'].'"');
}
print(' /><br /><span style="color: #4169E1">*</span>Откуда<small>(мах 25 сим)</small>:<br/><input type="text" name="sity" ');
if(isset($_SESSION['sgb_sity'])){
print('value="'.$_SESSION['sgb_sity'].'"');
}
print(' /><br /><span style="color: red">*</span>Сообщение<small>(мах 2000 сим)</small>:<br /><textarea name="text" rows="4" cols="34">');
if(isset($_GET['n']) && isset($arr[$_GET['n']])){
$_GET['n']=intval($_GET['n']);
$post = unserialize($arr[$_GET['n']]);
print($post['nick'].', ');
}
echo '</textarea><br /><input type="checkbox" name="tr" />-тpaнcлит сообщения<br /><br />';
if($CONF['kod']){
$key = mt_rand(1000,9999);
$_SESSION['key'] = $key;
echo '<span style="color: red">*</span> введите код
<span style="color: #0112b8">'.$key.'</span>:<br />
<input type="text" name="key" maxlength="10" size="5"/><br /><br />';}
if($CONF['captcha']){
echo 'Bвeдитe кoд c изoбpaжения:<br />
<img src="img.php'.psid().'" alt="code" /><br />
<input type="text" name="code" maxlength="10" size="7" /><br />';}
echo '<input type="submit" value="Добавить" />
</form><br /><span style="color: red">*</span> - обязательно для заполнения.<br />
<span style="color: #4169E1">*</span> - необязательное поле ввода.<br /><hr />
<a href="smile.php'.psid().'">→Cмaйлы</a><br />
<a href="prav.php'.psid().'">→Пpaвилa</a><br />
<a href="index.php'.psid().'">←B гocтeвую</a>';
include 'fig/nizz.php';
ob_end_flush();
}
?>