Просмотр файла pyramid/add.php

Размер файла: 11.56Kb
<?php

require_once"../template/start.php";
require_once"../template/regglobals.php";
require_once"../template/config.php";
require_once"../template/functions.php";
require_once"../template/antidos.php";
require_once"../template/cookies.php";
require_once"../template/gzip.php";
require_once"../template/header.php";
require_once"../template/referer.php";
include_once"../template/isset.php";

$browser=htmlspecialchars(stripslashes(getenv('HTTP_USER_AGENT')));

if (getenv("HTTP_X_FORWARDED_FOR"))
 { $ip=htmlspecialchars(stripslashes(getenv("HTTP_X_FORWARDED_FOR"))); }
   else { $ip=htmlspecialchars(stripslashes($_SERVER['REMOTE_ADDR'])); }


$date = date("d F/H:i");
$date = str_replace("January","января",$date);
$date = str_replace("February","февраля",$date);
$date = str_replace("March","марта",$date);
$date = str_replace("April","апреля",$date);
$date = str_replace("May","мая",$date);
$date = str_replace("June","июня",$date);
$date = str_replace("July","июля",$date);
$date = str_replace("August","августа",$date);
$date = str_replace("September","сентября",$date);
$date = str_replace("October","октября",$date);
$date = str_replace("November","ноября",$date);
$date = str_replace("December","декабря",$date);

if (isset($_POST['login'])) $login = $_POST['login'];
if (isset($_POST['icq'])) $icq = $_POST['icq'];
if (isset($_POST['msg'])) $msg = $_POST['msg'];
if (isset($_POST['name'])) $name = $_POST['name'];
if (isset($_POST['email'])) $email = $_POST['email'];
if (isset($_POST['phone'])) $phone = $_POST['phone'];
if (isset($_POST['city'])) $city = $_POST['city'];
if (isset($_POST['about'])) $about = $_POST['about'];
if (isset($_POST['years'])) $years = $_POST['years'];
if (isset($_POST['photo'])) $photo = $_POST['photo'];
if (isset($_POST['status'])) $status = $_POST['status'];

$name = htmlspecialchars(stripslashes($name));
$icq = htmlspecialchars(stripslashes($icq));
$email = htmlspecialchars(stripslashes($email));
$phone = htmlspecialchars(stripslashes($phone));
$city = htmlspecialchars(stripslashes($city));
$about = htmlspecialchars(stripslashes($about));
$login = htmlspecialchars(stripslashes($login));
$status = htmlspecialchars(stripslashes($status));
$years = htmlspecialchars(stripslashes($years));
$browser = htmlspecialchars(stripslashes($browser));
$photo = htmlspecialchars(stripslashes($photo));
$ip = htmlspecialchars(stripslashes($ip));

include_once "data/set.php";

if($config_floodstime > 0){
if(flooder($ip, $php_self) == TRUE ){header ("Location: new.php?flood&".SID); exit;}
$flood_file = fopen(BASEDIR."local/flood.dat", "a+");
flock ($flood_file,LOCK_EX);
fputs ($flood_file,"$time|$ip|$php_self|\r\n");
fflush($flood_file);
flock ($flood_file,LOCK_UN);
fclose($flood_file);   
}

$browser = str_replace("|","",$browser);
$ip = str_replace("|","",$ip);
$name = str_replace("|","",$name);
$icq = str_replace("|","",$icq);
$email = str_replace("|","",$email);
$phone = str_replace("|","",$phone);
$city = str_replace("|","",$city);
$about = str_replace("|","",$about);
$login = str_replace("|","",$login);
$status = str_replace("|","",$status);
$years = str_replace("|","",$years);
$msg = str_replace("|","",$msg);
############################

$msg = str_replace(':)','<img src="pyramid/img/smile/23.gif" alt="">',$msg);
$msg = str_replace(':-)','<img src="pyramid/img/smile/23.gif" alt="">',$msg);
$msg = str_replace(':(','<img src="pyramid/img/smile/11.gif" alt="">',$msg);
$msg = str_replace(':-(','<img src="pyramid/img/smile/11.gif" alt="">',$msg);
$msg = str_replace(':D','<img src="pyramid/img/smile/7.gif" alt="">',$msg);
$msg = str_replace(':-D','<img src="pyramid/img/smile/7.gif" alt="">',$msg);
$msg = str_replace('rofl','<img src="pyramid/img/smile/7.gif" alt="">',$msg);
$msg = str_replace('sm2','<img src="pyramid/img/smile/1.gif" alt="">',$msg);
$msg = str_replace('sm3','<img src="pyramid/img/smile/2.gif" alt="">',$msg);
$msg = str_replace('sm4','<img src="pyramid/img/smile/3.gif" alt="">',$msg);
$msg = str_replace('sm5','<img src="pyramid/img/smile/4.gif" alt="">',$msg);
$msg = str_replace('sm6','<img src="pyramid/img/smile/5.gif" alt="">',$msg);
$msg = str_replace('sm7','<img src="pyramid/img/smile/6.gif" alt="">',$msg);
$msg = str_replace('sm8','<img src="pyramid/img/smile/8.gif" alt="">',$msg);
$msg = str_replace('sm9','<img src="pyramid/img/smile/9.gif" alt="">',$msg);
$msg = str_replace('sm10','<img src="pyramid/img/smile/10.gif" alt="">',$msg);
$msg = str_replace('sm11','<img src="pyramid/img/smile/11.gif" alt="">',$msg);
$msg = str_replace('sm12','<img src="pyramid/img/smile/13.gif" alt="">',$msg);
$msg = str_replace('sm13','<img src="pyramid/img/smile/14.gif" alt="">',$msg);
$msg = str_replace('sm14','<img src="pyramid/img/smile/15.gif" alt="">',$msg);
$msg = str_replace('sm15','<img src="pyramid/img/smile/16.gif" alt="">',$msg);
$msg = str_replace('sm16','<img src="pyramid/img/smile/17.gif" alt="">',$msg);
$msg = str_replace('sm17','<img src="pyramid/img/smile/18.gif" alt="">',$msg);
$msg = str_replace('sm18','<img src="pyramid/img/smile/19.gif" alt="">',$msg);
$msg = str_replace('sm19','<img src="pyramid/img/smile/20.gif" alt="">',$msg);
$msg = str_replace('ku','<img src="pyramid/img/smile/21.gif" alt="">',$msg);
$msg = str_replace('love','<img src="pyramid/img/smile/22.gif" alt="">',$msg);

$msg = str_replace("cookie","",$msg);
$msg = str_replace("mage()","",$msg);
$msg = str_replace("Image()","",$msg);
$msg = str_replace("script","",$msg);
$msg = str_replace("<!","",$msg);
$msg = str_replace("<script>","",$msg);
$msg = str_replace("alert","",$msg);
$msg = str_replace("include","",$msg);
$msg = str_replace("inquire","",$msg);
$msg = str_replace("@","",$msg);
$msg = str_replace("exit;","",$msg);
$msg = str_replace("default;","",$msg);
$msg = str_replace(";","",$msg);
$msg = str_replace("}","",$msg);
$msg = str_replace("{","",$msg);
$msg = str_replace("()","",$msg);
$msg = str_replace("*","",$msg);
$msg = str_replace("#","",$msg);
$msg = str_replace("%","",$msg);
$msg = str_replace("$","",$msg);
$msg = str_replace(".html","",$msg);
$msg = str_replace(".zip","",$msg);
$msg = str_replace(".php","",$msg);
$msg = str_replace("--","",$msg);

############################
$msg = str_replace("://","",$msg);
$msg = str_replace("wap","",$msg);
$msg = str_replace("WAP","",$msg);
$msg = str_replace("ru","",$msg);
$msg = str_replace("net","",$msg);
$msg = str_replace("com","",$msg);
$msg = str_replace("us","",$msg);
$msg = str_replace("cn","",$msg);
$msg = str_replace("h2m","",$msg);
$msg = str_replace("wen","",$msg);
$msg = str_replace("org","",$msg); // и т д . . . . . . . .

	$photo = str_replace("exit;","",$photo);
	$photo = str_replace(",","",$photo);
	$photo = str_replace("'","",$photo);
	$photo = str_replace("@","",$photo);
	$photo = str_replace("!","",$photo);
	$photo = str_replace("<","",$photo);
	$photo = str_replace(">","",$photo);
	$photo = str_replace("]","",$photo);
	$photo = str_replace("[","",$photo);
	$photo = str_replace("{","",$photo);
	$photo = str_replace("}","",$photo);
	$photo = str_replace("#","",$photo);
	$photo = str_replace("|","",$photo);
	$photo = str_replace("$","",$photo);
	$photo = str_replace("%","",$photo);
	$photo = str_replace("^","",$photo);
	$photo = str_replace("*","",$photo);
	$photo = str_replace("(","",$photo);
	$photo = str_replace(")","",$photo);
	$photo = str_replace("=","",$photo);
	$photo = str_replace("+","",$photo);
	$photo = str_replace("cookie","",$photo);
	$photo = str_replace("mage()","",$photo);
	$photo = str_replace("<script>","",$photo);
	$photo = str_replace("php.","",$photo);
	$photo = str_replace("PHP.","",$photo);
	$photo = str_replace("dat.","",$photo);
	$photo = str_replace("zip.","",$photo);
	$photo = str_replace("DAT.","",$photo);
	$photo = str_replace("ZIP.","",$photo);
	$photo = str_replace("Zip.","",$photo);
	$photo = str_replace("html.","",$photo);


#######################


if(empty($login)){echo'<br><center><big>Заполните поле "Имя/Ник"!</big></center>';
include_once "../themes/$config_themes/foot.php";
exit;}
if(empty($icq)){echo'<br><center><big>Заполните поле "ICQ"!</big></center>';
include_once "../themes/$config_themes/foot.php";
exit;}
if(empty($msg)){echo'<br><center><big>Заполните поле "Сообщение"!</big></center>';
include_once "../themes/$config_themes/foot.php";
exit;}
if(empty($status)){echo'<br><center><big>Вы не выбрали ваш статус. Повторите.</big></center>';
include_once "../themes/$config_themes/foot.php";
exit;}

if(eregi("[^0-9]", $icq)){
echo '<center>Ошибка! В поле "ICQ" разрешено добавлять только цифры!</center>';
exit;}

if(isset($login{20})){
echo'<br><center><big>Слишком длинный ник! Максимум - 20симв.</big></center>';
include_once "../themes/$config_themes/foot.php";
exit;}
if(isset($name{20})){
echo'<br><center><big>Слишком длинное имя! Максимум - 20симв.</big></center>';
include_once "../themes/$config_themes/foot.php";
exit;}
if(isset($icq{9})){
echo'<br><center><big>Слишком длинный ICQ! Максимум - 9симв.</big></center>';
include_once "../themes/$config_themes/foot.php";
exit;}
if(isset($email{30})){
echo'<br><center><big>Слишком длинный E-mail ! Максимум - 30симв.</big></center>';
include_once "../themes/$config_themes/foot.php";
exit;}
if(isset($phone{15})){
echo'<br><center><big>Слишком длинный "номер"! Максимум - 15симв.</big></center>';
include_once "../themes/$config_themes/foot.php";
exit;}
if(isset($city{30})){
echo'<br><center><big>Слишком длинное название города! Максимум - 30симв.</big></center>';
include_once "../themes/$config_themes/foot.php";
exit;}
if(isset($about{200})){
echo'<br><center><big>Слишком длинная биография! Максимум - 200симв.</big></center>';
include_once "../themes/$config_themes/foot.php";
exit;}

$text = @file("data/setting.dat");
if ($text!=""){
$ms = explode("|",$text[0]);}

if(isset($msg{$ms[7]})){
echo'<br><center><big>Слишком длинное сообщение! Максимум - '.$ms[7].' симв.</big></center>';
include_once "../themes/$config_themes/foot.php";
exit;}
if(isset($photo{70})){
echo'<br><center><big>Слишком длинное url для фото! Максимум - 70симв.</big></center>';
include_once "../themes/$config_themes/foot.php";
exit;}
#######################
$uin = rand(1000000,9999999);	//хотябы в год раз нажимайте на "очистить"

$text=$uin.'|'.$icq.'|'.$msg.'|'.$status.'|';
$text=str_replace("\r\n", "", $text);
$fp=fopen("data/list.dat","a+");
chmod ("data/list.dat", 0666);
flock($fp,LOCK_EX);
fputs($fp,"$text\r\n");
flock($fp,LOCK_UN);
fclose($fp);
chmod ("data/list.dat", 0666); 

$text=$uin.'|'.$login.'|'.$icq.'|'.$msg.'|'.$name.'|'.$email.'|'.$phone.'|'.$city.'|'.$about.'|'.$years.'|'.$status.'|'.$photo.'|'.$date.'|'.$browser.'|'.$ip.'|';

if(!file_exists("data/$uin.log")){
$fp=fopen("data/$uin.log","w");
flock($fp,LOCK_EX);
fputs($fp,"$text");
fflush($fp);
flock($fp,LOCK_UN);
fclose($fp);
chmod ("data/$uin.log", 0666);
}else{
echo'<br>Неизвестная ошибка!<br><a href="new.php?'.SID.'">Повторить</a><br>';
include_once "../themes/$config_themes/foot.php";
exit;}

header ("Location: ../index.php?".SID);

?>