Просмотр файла chat_servis/user.php

Размер файла: 10.4Kb
<?
Error_Reporting(E_ALL & ~E_NOTICE);          

header ("Content-type:text/vnd.wap.wml; charset=utf-8");

list($msec,$sec)=explode(chr(32),microtime()); 
$HeadTime=$sec+$msec;	

$ref=rand(10000,1000000);
require("conf.inc.php");
global $REMOTE_ADDR;
global $HTTP_USER_AGENT;

$id=@mysql_escape_string($id);
$pass=@mysql_escape_string($pass);
$login=@mysql_escape_string($login);

$link=mysql_pconnect ($DB_HOST, $DB_USER, $DB_PASS);
mysql_select_db($DB_NAME);

if(empty($id)) {
$find_user=mysql_query("Select * from users where cid='".$cid."' AND login='".$login."' and pass='".$pass."'") or die("Querry error");
} else {
$find_user=mysql_query("Select * from users where cid='".$cid."' AND id='".$id."' and pass='".$pass."'") or die("Querry error");
}
if(mysql_affected_rows()==0)
{
echo <<<END
	<?xml version="1.0" encoding="UTF-8"?>
	<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
	<wml>
		<card id="search" title="РџРѕРёСЃРє">
			<p align="center">
				&#x41B;&#x43E;&#x433;&#x438;&#x43D; &#x438;&#x43B;&#x438; &#x43F;&#x430;&#x440;&#x43E;&#x43B;&#x44C; &#x43D;&#x435;&#x432;&#x435;&#x440;&#x43D;&#x44B;, &#x43F;&#x440;&#x43E;&#x432;&#x435;&#x440;&#x44C;&#x442;&#x435; &#x432;&#x430;&#x448; &#x432;&#x432;&#x43E;&#x434;.
			</p>
		</card>
	</wml>
END;
return 0;
}
else
{
$row=mysql_fetch_array($find_user);
$login=$row['login'];
$id=$row['id'];
$admin=$row['admin'];
$pass = UrlEncode($pass);

  			if (($row["browser"]!==$HTTP_USER_AGENT) or ($row["ip"]!==$REMOTE_ADDR))
  			{
				mysql_query("update users set browser='$HTTP_USER_AGENT', ip='$REMOTE_ADDR' where cid='".$cid."' AND id='$id';");
			}
			//Проверка, не забанен ли ip+browser:
			mysql_query ("Select * from bannedib WHERE cid='".$cid."' AND (ip = '".$REMOTE_ADDR."')and(browser = '".$HTTP_USER_AGENT."')");
			if(mysql_affected_rows()!=0)
			{
				echo <<<END
				<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
					<wml>
						<card id="error" title="Забанен">
							<p align="center">
								&#x412;&#x44B; &#x437;&#x430;&#x431;&#x430;&#x43D;&#x435;&#x43D;&#x44B; &#x43F;&#x43E; &#x441;&#x432;&#x44F;&#x437;&#x43A;&#x435; ip+browser!
							</p>
						</card>
					</wml>
END;
				exit;
				}

$id=@mysql_escape_string($id);
$pass=@mysql_escape_string($pass);
$who=@mysql_escape_string($who);
$action=@mysql_escape_string($action);

$q_u2=@mysql_query("select * from users where cid='".$cid."' AND id='$dbid';");
$data2=@mysql_fetch_array($q_u2);
$trans=$row['trans'];
$dblogin=$data2['login'];

echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\" \"http://www.wapforum.org/DTD/wml12.dtd\">\n";
echo "<wml>\n";
echo "<card title=\"$dblogin\">\n";
echo "<p align=\"left\">\n";
$rand=rand(0,100000);
?>
<input name="msg<? print $rand; ?>" emptyok="true"/><br/>
<select name="private" value="-.-">
<option value="-.-">&#x412;&#x441;&#x435;&#x43C;</option>
<option value="<? print $id.".".$dbid; ?>">&#x41F;&#x440;&#x438;&#x432;&#x430;&#x442;&#x43D;&#x43E;</option>
</select><br/>
<? if ($trans==1) { ?>
<select multiple="true" name="tran">
<option value="user">Translit</option></select><br/>
<? } ?>
<anchor>&#x421;&#x43A;&#x430;&#x437;&#x430;&#x442;&#x44C;<go href="room.php?id=<? print htmlspecialchars(stripslashes(trim($id))); ?>&amp;pass=<? print htmlspecialchars(stripslashes(trim($pass))); ?>&amp;room=<? print htmlspecialchars(stripslashes(trim($room))); ?>&amp;cid=<? print htmlspecialchars(stripslashes(trim($cid))); ?>&amp;ref=<? print htmlspecialchars(stripslashes(trim($rand))); ?>" method="post">
<postfield name="id" value="<? print htmlspecialchars(stripslashes(trim($id))); ?>"/>
<postfield name="pass" value="<? print htmlspecialchars(stripslashes(trim($pass))); ?>"/>
<postfield name="room" value="<? print htmlspecialchars(stripslashes(trim($room))); ?>"/>
<postfield name="private" value="$(private)"/>
<postfield name="msg" value="<? print "$dblogin, ";?>$(msg<? print $rand; ?>)"/>
<? if ($trans==1){ ?>
<postfield name="tran" value="$(tran)"/>
<? } ?>
<postfield name="ref" value="<? print htmlspecialchars(stripslashes(trim($rand))); ?>"/>
</go></anchor><br/> 
<? 
$q_u=@mysql_query("select * from users where cid='".$cid."' AND id='$dbid';");
if (@MySQL_Num_rows($q_u)==0) {print "&#x442;&#x430;&#x43A;&#x43E;&#x433;&#x43E; &#x44E;&#x437;&#x435;&#x440;&#x430; &#x43D;&#x435; &#x441;&#x443;&#x449;&#x435;&#x441;&#x442;&#x432;&#x443;&#x435;&#x442;!<br/>"; 
} else {
$data=@mysql_fetch_array($q_u);
$login=$data['login'];
$login=$data['dblogin'];
$moder=$row['moder'];
$admin=$row['admin'];
$smoder=$row['smoder'];
$vip=$row['vip'];
$user_moder=$data['moder'];
$user_smoder=$data['smoder'];
$user_vip=$data['vip'];
$user_admin=$data['admin'];
$to=$data['email'];
$from=$row['email'];
$photo=$data['photo'];
$vposts=$data['vposts'];
$status=$data['status'];
if($data['sex']=="m") { $sex = "&#x41C;&#x443;&#x436;"; } else { $sex = "&#x416;&#x435;&#x43D;"; }
if(!empty($photo)) { print "&#x424;&#x43E;&#x442;&#x43E;: <a href=\"$photo\">".$data['login']."</a><br/>"; } else {
print "&#x418;&#x43C;&#x44F;: ".$data['name']." <br/>";
print "&#x41B;&#x43E;&#x433;&#x438;&#x43D;: ".$data['login']." <br/>"; }
print "&#x41F;&#x43E;&#x43B;: $sex <br/>";
print "&#x414;&#x435;&#x43D;&#x44C; &#x440;&#x43E;&#x436;&#x434;&#x435;&#x43D;&#x44C;&#x44F;: ".$data['bday']."-".$data['bmonth']."-".$data['byear']."<br/>";
print "&#x413;&#x43E;&#x440;&#x43E;&#x434;: ".$data['live']." <br/>";
print "&#x41C;&#x43E;&#x431;&#x438;&#x43B;&#x430;: ".$data['mobile'] ."<br/>";
print "e-mail: ".$to."<br/>";
print "WAP-&#x441;&#x430;&#x439;&#x442;: <a href=\"".$data['url']."\">".$data['url']."</a> <br/>";
print "ICQ: ".$data['icq']." <br/>";
print "&#x421;&#x442;&#x430;&#x442;&#x443;&#x441;: $status <br/>";
print "&#x41F;&#x43E;&#x441;&#x442;&#x44B;: ".$data['posts']." <br/>";
print "&#x41E; &#x441;&#x435;&#x431;&#x435;: ".$data['about']." <br/>";
print "&#x414;&#x430;&#x442;&#x430; &#x440;&#x435;&#x433;&#x438;&#x441;&#x442;&#x440;&#x430;&#x446;&#x438;&#x438;: ".$data['regdate']." <br/>";
if(!empty($admin)) { 
print "
IP: ".$data['ip']." <br/>
Browser: ".$data['browser']." <br/>";
}
$dblogin = UrlEncode($dblogin);
if(!empty($smoder)) 
{
 echo "***<br/><a href=\"smoder.php?id=$id&amp;pass=$pass&amp;cid=$cid&amp;ref=$rand\">&#x412; &#x441;-&#x43C;&#x43E;&#x434;&#x435;&#x440;&#x43A;&#x443;</a><br/>";
 echo "<a href=\"smoder.php?id=$id&amp;pass=$pass&amp;cid=$cid&amp;mod=kick&amp;who=$dblogin&amp;ref=$rand\">&#x41F;&#x43D;&#x443;&#x442;&#x44C;</a><br/>";
 echo "<a href=\"smoder.php?id=$id&amp;pass=$pass&amp;cid=$cid&amp;mod=ipb&amp;who=$dblogin&amp;action=view&amp;ref=$rand\">&#x417;&#x430;&#x431;&#x430;&#x43D;&#x438;&#x442;&#x44C; &#x43F;&#x43E; ip</a><br/>";

}
if(!empty($moder))
{
 echo "***<br/><a href=\"moder.php?id=$id&amp;pass=$pass&amp;cid=$cid&amp;ref=$rand\">&#x412; &#x43C;&#x43E;&#x434;&#x435;&#x440;&#x43A;&#x443;</a><br/>";
 echo "<a href=\"moder.php?id=$id&amp;pass=$pass&amp;cid=$cid&amp;mod=kick&amp;who=$dblogin&amp;ref=$rand\">&#x41F;&#x43D;&#x443;&#x442;&#x44C;</a><br/>";

}
if(!empty($vip))
{
 echo "***<br/><a href=\"vip.php?id=$id&amp;pass=$pass&amp;cid=$cid&amp;ref=$rand\">&#x412; V.I.P. panel</a><br/>";
 echo "<a href=\"vip.php?id=$id&amp;pass=$pass&amp;cid=$cid&amp;mod=kick&amp;who=$dblogin&amp;ref=$rand\">&#x41F;&#x43D;&#x443;&#x442;&#x44C;</a><br/>";

}
if(!empty($admin)) {
 echo "***<br/><a href=\"admin.php?id=$id&amp;pass=$pass&amp;cid=$cid&amp;ref=$rand\">&#x412; &#x430;&#x434;&#x43C;&#x438;&#x43D;&#x43A;&#x443;</a><br/>";
 echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;cid=$cid&amp;mod=kick&amp;who=$dblogin&amp;ref=$rand\">&#x41F;&#x43D;&#x443;&#x442;&#x44C;</a><br/>";
 echo "<a href=\"admin.php?id=$id&amp;pass=$pass&amp;cid=$cid&amp;mod=ipb&amp;who=$dblogin&amp;action=view&amp;ref=$rand\">&#x417;&#x430;&#x431;&#x430;&#x43D;&#x438;&#x442;&#x44C; &#x43F;&#x43E; ip</a><br/>";

}
}
}
print "***<br/><a href=\"room.php?id=$id&amp;pass=$pass&amp;room=$room&amp;cid=$cid&amp;ref=$rand\">&#x41D;&#x430;&#x437;&#x430;&#x434;</a><br/>";
?>
</p>
</card>
</wml>
<?
@mysql_close();
exit;
?>