<?
Error_Reporting(E_ALL & ~E_NOTICE); /////////////// игнорируем ошибки
header ("Content-type:text/vnd.wap.wml; charset=utf-8");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-relative");
list($msec,$sec)=explode(chr(32),microtime());
$HeadTime=$sec+$msec;
$ref=rand(1000000,1000000);
require("conf.inc.php");
global $REMOTE_ADDR;
global $HTTP_USER_AGENT;
$link=mysql_connect ($DB_HOST, $DB_USER, $DB_PASS) or die ('<wml><card id="dberror" title="Ошибка" ontimer="http://prowap.ru/chat"><timer value="15"/>'.
'<p>'.
'Р?звините, РЅРѕ база данных РЅРµ доступна РІ данный момент!'.
'<br/>'.
'<anchor>Назад<prev/></anchor><br/>'.
'<a href="/">[PROwap.ru]</a>'.
'</p>'.
'</card>'.
'</wml>');
mysql_select_db($DB_NAME) or die ('<wml><card id="dberror" title="Ошибка" ontimer="http://prowap.ru/chat"><timer value="15"/>'.
'<p>'.
'Р?звините, РЅРѕ база данных РЅРµ доступна РІ данный момент!'.
'<br/>'.
'<anchor>Назад<prev/></anchor><br/>'.
'<a href="/">[Waps.Org.Ru]</a>'.
'</p>'.
'</card>'.
'</wml>');
$qsetts = @mysql_query("select `val2` from `setts` where cid='".$cid."' AND var='".$room."' and mod='room';");
$setts = @mysql_fetch_array($qsetts);
$title=$setts['val2'];
$find_user=mysql_query("Select * from users where cid='".$cid."' AND id='".$id."' and pass='".$pass."'") or die ('<wml><card id="dberror" title="Ошибка" ontimer="http://waps.org.ru"><timer value="15"/>'.
'<p>'.
'Р?звините, РЅРѕ база данных РЅРµ доступна РІ данный момент!'.
'<br/>'.
'<anchor>Назад<prev/></anchor><br/>'.
'<a href="/">[PROwap.ru]</a>'.
'</p>'.
'</card>'.
'</wml>');
if(mysql_affected_rows()==0)
{
echo <<<END
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
<wml>
<card id="search" title="РџРѕРёСЃРє">
<p align="center">
Логин или пароль неверны, проверьте ваш ввод.
</p>
</card>
</wml>
END;
return 0;
}
else
{
$row=mysql_fetch_array($find_user);
$login=$row['login'];
$admin=$row['admin'];
$vip=$row['vip'];
$moder=$row['moder'];
$smoder=$row['smoder'];
$smile=$row['smile'];
$posts=$row['posts'];
$translit=$row['trans'];
$avr = $row["time_update"];
$max = $row["num_msgs"];
$ban=$row['ban'];
$banb=$row['banb'];
$banf=$row['banf'];
$banw=$row['banw'];
$exban=explode(".",$ban);
$ban1=$exban[0];
$ban2=$exban[1];
$pass = UrlEncode($pass);
if(!empty($ban)) {
if(intval($ban2)+intval($banf) >= time()) { $enter=intval($banf)-(time()-intval($ban2));
} else { mysql_query("update users set ban='0', banf='0' where cid='".$cid."' AND id='$id';"); }
echo <<<END
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
<wml>
<card id="Выпнут" title="Выпнут." ontimer="index.php?cid=$cid&ref=$ref"><timer value="100"/>
<p align="center">
$banb справедливо выпроводил вас из чата!<br/> Вернётесь через $enter(сек) <br/>
Причина: $banw
</p>
</card>
</wml>
END;
}
else
{
//система безопасности
if (($row["browser"]!==$HTTP_USER_AGENT) or ($row["ip"]!==$REMOTE_ADDR))
{
if ($row['safe']==1)
{
echo <<<END
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
<wml>
<card id="proverka" title="Внимание!">
<p align="center">
<a href="room.php?id=$id&pass=$pass&room=$room&cid=$cid&ref=$ref">Продолжить</a><br/>
<b>Предупреждение о безопасности!</b><br/>
Внимание! Ваш текущий browser или ip адрес не совпадают с ip+browser последнего захода. Это может означать, что кто-то заходит с Вашего ника. Рекомендуем сменить ваш пароль.
<br/>
<u>Ваши текущие данные:</u>
<br/>ip: $REMOTE_ADDR <br/> browser: $HTTP_USER_AGENT
<u>Данные с последнего захода:</u>
<br/>ip: $ipp <br/> browser: $softt <br/>
(Отключить систему безопасности можно в настройках чата, но этого делать не рекомендуется.)<br/>
<a href="room.php?id=$id&pass=$pass&room=$room&cid=$cid&ref=$ref">Продолжить</a><br/>
</p>
</card>
</wml>
END;
mysql_query("update users set browser='$HTTP_USER_AGENT', ip='$REMOTE_ADDR' where cid='".$cid."' AND id='$id';");
return 0;
} else {
mysql_query("update users set browser='$HTTP_USER_AGENT', ip='$REMOTE_ADDR' where cid='".$cid."' AND id='$id';");
}
}
//конец проверки
//Проверка, не забанен ли ip+browser:
mysql_query ("Select * from bannedib WHERE cid='".$cid."' AND (ip = '".$REMOTE_ADDR."')and(browser = '".$HTTP_USER_AGENT."')");
if(mysql_affected_rows()!=0)
{
echo <<<END
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
<wml>
<card id="error" title="Забанен">
<p align="center">
Вы забанены по связке ip+browser!
</p>
</card>
</wml>
END;
exit;
}
//подсчёт онлайна
mysql_query("update users set ltime='".time()."', lroom='".$room."' where cid='".$cid."' AND id='$id';");
//конец онлайна
//Конец проверки
// С транслита - на русский (в утф)
function trun_to_rus($str)
{
$str=strtolower($str);
$str=str_replace("ch","С‡",$str);
$str=str_replace("sc","С‰",$str);
$str=str_replace("‘‘","СЉ",$str);
$str=str_replace("ye","СЌ",$str);
$str=str_replace("yu","СЋ",$str);
$str=str_replace("ya","СЏ",$str);
$str=str_replace("yi","С‹",$str);
$str=str_replace("yo","С‘",$str);
$str=str_replace("sh","С€",$str);
$str=strtr($str,array("a"=>"Р°","b"=>"Р±","v"=>"РІ","g"=>"Рі","d"=>"Рґ","e"=>"Рµ","j"=>"Р¶","z"=>"Р·","i"=>"Рё","y"=>"Р№","k"=>"Рє","l"=>"Р»","m"=>"Рј","n"=>"РЅ","o"=>"Рѕ","p"=>"Рї","r"=>"СЂ","s"=>"СЃ","t"=>"С‚","u"=>"Сѓ","f"=>"С„","h"=>"С…","c"=>"С†","w"=>"С€","x"=>"С‹","'"=>"СЊ"));
return $str;
}
if($tran=="user") { $nik=strtok($msg," "); $msg=trun_to_rus($msg); $msg=strstr($msg," "); $msg=$nik.$msg; }
if($tran=="toall") $msg=trun_to_rus($msg);
$msg = str_replace(chr("13"), " ", $msg);
$msg = str_replace(chr("10"), " ", $msg);
$msg = str_replace("\\n", " ", $msg);
$msg = trim(" $msg ");
if($msg)
{
$mdata = 500;
$msg = (htmlspecialchars($msg));
$msg = str_replace("$", "$$", $msg);
if ($row["trans"]==0) $msg = eregi_replace("((http://))((([a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z;]{2,3}))|(([0-9]{1,3}\.){3}([0-9]{1,3})))((/|\?)[a-z0-9~#%&'_\+=:;\?\.-]*)*)", "<a href=\"\\0\">\\3</a>", $msg);
$str1="";
$str2=$msg;
require("smiles/convert_to_smiles.php");
$msg = $str1.$msg;
if(($row['admin'] or $row['smoder']) && $bold)
$msg = '<b>'.$msg.'</b>';
if(($row['admin'] or $row['smoder'] or $row['moder'] or $row['vip']) && $underline)
$msg = '<u>'.$msg.'</u>';
//Антифлуд
$r = mysql_query("SELECT msg FROM room WHERE cid='".$cid."' AND idl = '".$id."' order by id desc LIMIT 1");
$a = mysql_fetch_array($r);
if($private) $pr = @explode('.',$private);
if ($a["msg"] !== $msg)
{
$time = time();
$posts = $row["posts"];
$posts++;
mysql_query ("insert into room values(0,'$login','$id','$msg','$room','".$pr[0]."','".$pr[1]."',NOW(),'$id','".time()."','$cid')");
mysql_query ("Update users set posts='".$posts."' where cid='".$cid."' AND id ='".$id."'");
$rnd = rand(0,10000000000);
$kol++;
}
}
$res = @mysql_query ("select * from room where cid='".$cid."' AND room='".$room."' AND ((`pr_to` = '-' AND `pr_from` = '-') OR (`pr_from` = '".$id."' OR `pr_to` = '".$id."')) order by id desc limit $max");
$onli = @mysql_query("SELECT count(*) FROM users WHERE cid='".$cid."' AND lroom='".$room."' AND ltime>'".intval(time()-1200)."'");
$count = @mysql_fetch_array($onli);
$time=date ("H:i");
$r = mysql_query ("Select id from letters WHERE cid='".$cid."' AND (to_user = '".$login."')and(new = '1') ");
$inb = mysql_affected_rows();
print "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.1//EN\" \"http://www.wapforum.org/DTD/wml_1.1.xml\">\n";
echo "<wml>\n";
if ($avr!==0) echo "<card id=\"room\" title=\"$title-(".$count['count(*)'].")\" ontimer=\"room.php?id=$id&pass=$pass&room=$room&cid=$cid&ref=$ref\"><timer value=\"$avr\"/>\n";
else echo "<card id=\"room\" title=\"$title-(".$count['count(*)'].")\" >\n";
echo "<do type=\"options\" name=\"refresh\" label=\"Обновить\"><go href=\"room.php?id=$id&pass=$pass&room=$room&cid=$cid&ref=$ref\"/></do>\n";
echo "<do type=\"options\" name=\"add\" label=\"Сказать\"><go href=\"#add\"/></do>\n";
echo "<do type=\"options\" name=\"zapis\" label=\"Записки($inb)\"><go href=\"letters/index.php?id=$id&pass=$pass&cid=$cid&ref=$ref\"/></do>\n";
echo "<do type=\"options\" name=\"kto\" label=\"Кто где?\"><go href=\"online.php?id=$id&pass=$pass&cid=$cid&ref=$ref\"/></do>\n";
echo "<do type=\"options\" name=\"enter\" label=\"Прихожая\"><go href=\"enter.php?id=$id&pass=$pass&cid=$cid&ref=$ref\"/></do>\n";
echo "<p mode=\"wrap\">\n";
echo "<a href=\"#add\">Сказать</a><br/>\n";
echo "<a href=\"room.php?id=$id&pass=$pass&room=$room&cid=$cid&ref=$ref\">Обновить</a>\n";
while ($lines = mysql_fetch_array ($res))
{
$dblogin=$lines['login'];
$dbid=$lines['dbid'];
$dbmsg=$lines['msg'];
$dbtime=$lines['time'];
$pr_from=$lines['pr_from'];
$pr_to=$lines['pr_to'];
if($smile==0)
{
$dbmsgearch = array (
"'<[\/\!]*?[^<>]*?>'si");
$replace = array (
"*вырезанo*");
$dbmsg = preg_replace ($dbmsgearch, $replace, $dbmsg);
$dbmsg=preg_replace("/\[!\[/","<",$dbmsg);
$dbmsg=preg_replace("/\]!\]/",">",$dbmsg);
}
if(($pr_from=="-")&&($pr_to=="-")) {
echo "<br/><b><a href=\"user.php?id=$id&pass=$pass&room=$room&dbid=$dbid&cid=$cid&ref=$ref\">$dblogin</a></b> [$dbtime]<br/>$dbmsg";
} else {
echo "<br/><b><a href=\"user.php?id=$id&pass=$pass&room=$room&dbid=$dbid&cid=$cid&ref=$ref\">$dblogin</a>[!]</b> [$dbtime]<br/>$dbmsg";
}
}
$page_next = $max; //Убрал +$num
echo "<br/><a href=\"history.php?id=$id&pass=$pass&room=$room&num=$page_next&cid=$cid&ref=$ref\">История</a>\n";
echo "<br/><a href=\"enter.php?id=$id&pass=$pass&cid=$cid&ref=$ref\">Прихожая</a><br/>\n";
list($msec,$sec)=explode(chr(32),microtime());
echo "[".round(($sec+$msec)-$HeadTime,4)."]";
echo "</p>\n";
echo "</card>\n";
echo "<card id=\"add\" title=\"Написать\">\n";
echo "<p mode=\"wrap\">\n";
echo "<input name=\"msg$ref\" maxlength=\"500\" title=\"Текст\"/><br/>\n";
if ($translit==1){
echo "<select multiple=\"true\" name=\"tran\">\n";
echo "<option value=\"toall\">Translit</option></select><br/>\n";
}
if(($row['admin']) or ($row['smoder']))
{
echo '<select multiple="true" name="bold"><option value="1">Жирный</option></select><br/>';
echo '<select multiple="true" name="underline"><option value="1">Подчеркнутый</option></select><br/>';
}
if(($row['vip']) or ($row['moder']))
{
echo '<select multiple="true" name="underline"><option value="1">Подчеркнутый</option></select><br/>';
}
echo "<anchor title=\"send\">Сказать<go href=\"room.php?id=$id&pass=$pass&room=$room&cid=$cid&ref=$ref\" method=\"post\">\n";
echo "<postfield name=\"msg\" value=\"$(msg$ref)\"/>\n";
echo "<postfield name=\"private\" value=\"-.-\"/>\n";
echo "<postfield name=\"tran\" value=\"$(tran)\"/>\n";
echo "<postfield name=\"bold\" value=\"$(bold)\"/>\n";
echo "<postfield name=\"underline\" value=\"$(underline)\"/>\n";
echo "</go></anchor>\n";
echo "<br/>\n";
echo "<a href=\"room.php?id=$id&pass=$pass&room=$room&cid=$cid&ref=$ref\">В чат</a>\n";
echo "</p>\n";
echo "</card>\n";
echo "</wml>\n";
}
}
mysql_close($link);
?>