<?php
#-----------------------------------------------------#
# ********* WAP-MOTORS ********* #
# Made by : VANTUZ #
# E-mail : [email protected] #
# Site : http://pizdec.ru #
# WAP-Site : http://visavi.net #
# ICQ : 36-44-66 #
# Вы не имеете право вносить изменения в код скрипта #
#-----------------------------------------------------#
/************************************************/
// show reply mod. by demeros //
/************************************************/
require_once"../template/start.php";
require_once"../template/regglobals.php";
require_once"../template/config.php";
require_once"../template/functions.php";
require_once"../template/antidos.php";
require_once"../template/gzip.php";
require_once"../template/header.php";
include_once"../template/pclzip.php";
require_once"../template/rprivat.php";
$uz=check($uz);
if ($provlog==$_SESSION['log'] && $provpar==md5($_SESSION['par']) && $_SESSION['log']!="" && md5($_SESSION['par'])!=""){
if($uz==""){header ("Location: privat.php?action=submit&isset=nouz&uz=$uz&".SID); exit;}
if($uz==$log){header ("Location: privat.php?action=submit&isset=noprivlog&uz=$uz&".SID); exit;}
if (preg_match('|^[a-z0-9_\-]+$|i',$uz)){
$str=strlen($mess);
if($mess=="" || $str<6){header ("Location: privat.php?action=submit&isset=nomess&uz=$uz&".SID); exit;}
$proverka = file("../local/profil/$uz.prof");
$ster=strlen($uz);
if (empty($proverka) || $ster<1){
{header ("Location: privat.php?action=submit&isset=nouzer&".SID); exit;}
} else {
$filesize= filesize("../local/privat/$uz.$config_priv");
$filesize=round($filesize/1024,2);
$pers=round($filesize*100/$config_limitsmail);
if($pers>="99"){header ("Location: privat.php?action=submit&isset=fullmail&uz=$uz&".SID); exit;}
$iglines=file("../local/dataignor/$uz.dat");
$igcount=count($iglines);
for ($ign=0; $ign<$igcount; $ign++) {
list(,$igbase)=explode("|",$iglines[$ign]);
if ($log == $igbase) {$result="ok"; }}
if($result=="ok"){header ("Location: privat.php?action=submit&isset=ignoring&uz=$uz&".SID); exit;}
//--------------------- Новый антифлуд -----------------------------//
if($config_floodstime > 0){
if(flooder($ip, $php_self) == TRUE ){header ("Location: privat.php?action=submit&isset=antiflood&uz=$uz&".SID); exit;}
$flood_file = fopen(BASEDIR."local/flood.dat", "a+");
flock ($flood_file,LOCK_EX);
fputs ($flood_file, "$sitetime|$ip|$php_self|\r\n");
fflush($flood_file);
flock ($flood_file,LOCK_UN);
fclose($flood_file);
}
$mess = check($mess);
$log = check($log);
$mess = utf_substr($mess,0,1000);
if($trans=="y"){$mess=transliter($mess);}
$mess = antimat($mess);
$mess = smiles($mess);
$mess=base64_encode($mess);
/***********************************************Отправка файлов*****************************************************************************/
if($config_add_privat_data=="1")
{
if(isset($_FILES['userfile']))/*********Проверка на наличие файла**************/
{/*Проверка на заполнения ящика файлами*/
if($config_users_quote==0){$config_users_quote=1;}
if(is_file("../local/privat/fdata/$uz.dat")){
$file2=file_get_contents("../local/privat/fdata/$uz.dat");
$summ=(int)$file2;}else{$summ=1;}
$summ=round(round($summ/1024,2)*100/(int)$config_users_quote);
if($summ>="99"){header ("Location: privat.php?action=files&isset=fullmail&uz=$uz&".SID); exit;}
/******************************************/
$trans1= array("Ь","Ъ","Ё","Ж","Ч","Ш","Щ","Э","Ю","Я","ё","ж","ч","ш","щ","э","ю","я","А","Б","В","Г","Д","Е","З","И","Й","К","Л","М","Н","О","П","Р","С","Т","У","Ф","Х","Ц","Ы","а","б","в","г","д","е","з","и","й","к","л","м","н","о","п","р","с","т","у","ф","х","ц","ы","ъ","ь");
$trans2= array("","","JO","ZH","CH","SH","SCH","JE","JY","JA","jo","zh","ch","sh","sch","je","jy","ja","A","B","V","G","D","E","Z","I","J","K","L","M","N","O","P","R","S","T","U","F","H","C","Y","a","b","v","g","d","e","z","i","j","k","l","m","n","o","p","r","s","t","u","f","h","c","y","","");
$format=explode(",",$config_type);
if($_FILES['userfile']['size'] > 0 && ($_FILES['userfile']['size'])/1024 < $config_add_privat_fsize )/*Проверка на размер файла*/
{
$ext = strtolower(strrchr($_FILES['userfile']['name'], '.'));
$ext=str_replace('.','',$ext);
$fname=$_FILES['userfile']['name'];
$fname=check($fname);
$fname=str_replace($trans1,$trans2,$fname);
$fname=strtolower($fname);
if(in_array($ext,$format))/*Проверка на разрешенные расширения*/
{
$ftype = $_FILES['userfile']['type'];
if(!eregi('php',$ftype) && !eregi('htm',$ftype) && !eregi('inc',$ftype) && !eregi('wml',$ftype) && !eregi('xml',$ftype))/*Проверка типа файла*/
{
/******************Убераем запрещенные символы из имени******************/
$fname=str_replace(' ','_',$fname);
$fname=str_replace('\'','_',$fname);
$fname=str_replace('"','_',$fname);
$fname=str_replace('?','',$fname);
$fname=str_replace('~','',$fname);
$fname=str_replace('../','',$fname);
$fname=str_replace('|','',$fname);
$fname=str_replace('+','',$fname);
$fname=str_replace('%','',$fname);
$fname=str_replace('^','',$fname);
$fname=str_replace('&','',$fname);
$fname=str_replace('@','',$fname);
$fname=str_replace('!','',$fname);
$fname=str_replace('`','',$fname);
$fname=str_replace('(','',$fname);
$fname=str_replace('[','',$fname);
$fname=str_replace(']','',$fname);
$fname=str_replace('#','',$fname);
$fname=str_replace('=','',$fname);
$fname=str_replace(')','',$fname);
$fname=str_replace('ь','',$fname);
/////////////////////////////////////////////////////////////////////////////////
$fname=''.$uz.'.'.$fname.'';/*Новое имя для файла*/
if(is_dir($config_add_privat_fpath) && $config_add_privat_fpath!='.' && $config_add_privat_fpath!='..')/*Если указаная директория существует*/
{
if(copy($_FILES['userfile']['tmp_name'], "$config_add_privat_fpath/$fname"))/*Если файл был сохранен на сервере*/
{
chmod("$config_add_privat_fpath/$fname", 0777);
if($config_zip_privat=="1")/*Если включено архивирование*/
{
$zfname=''.$fname.'.zip';
$zip= new PclZip("$config_add_privat_fpath/$zfname");
if($zip->create("$config_add_privat_fpath/$fname",PCLZIP_OPT_REMOVE_PATH, "$config_add_privat_fpath/")!=0)/*Если архив создан*/
{
chmod("$config_add_privat_fpath/$zfname", 0777);
unlink("$config_add_privat_fpath/$fname");
}
$fname=$zfname;/*Имя для архивированого файла*/
}
/*Если файл был загружен,записываем его размер*/
$fp=fopen(BASEDIR."local/privat/fdata/$uz.dat","a+");
$fpp=file_get_contents("../local/privat/fdata/$uz.dat");
$sizef=(int)$fpp + $_FILES['userfile']['size'];
clear_files("../local/privat/fdata/$uz.dat");
flock ($fp,LOCK_EX);
fputs($fp,$sizef);
fflush ($fp);
flock ($fp,LOCK_UN);
fclose($fp);
////////////////////////////////////////////////////
}
else{header ("Location: privat.php?action=files&error=ferr&uz=$uz&".SID); exit;}
}
else{header ("Location: privat.php?action=files&error=nodir&uz=$uz&".SID); exit;}
}
else{header ("Location: privat.php?action=files&error=extention&uz=$uz&".SID); exit;}
}
else{header ("Location: privat.php?action=files&error=extention&uz=$uz&".SID); exit;}
}
else{header ("Location: privat.php?action=files&error=fbig&uz=$uz&".SID); exit;}
}
if(!empty($fname)){$fname=base64_encode("$fname");}else{$fname=0;}/*Если файл был загружен,записываем в сообщение ссылку*/
}
/*Проверяем входящие по заданым атрибутам( ник отправителя и дата отправления ) ,если есть соответствие-записываем в файл*/
$mesr=check($mesr);
if($config_reply_privat=="1")
{
$file = file("../local/privat/$log.$config_priv");
$count=count($file);
for($i=0;$i<$count;$i++)
{
$udats = explode("|",$file[$i]);
$lg=$udats[0];
$tt=$udats[2];
if($lg==$uz && $tt==$mesr)
{
$rep=$udats[1];
}
}
}
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
if($config_privat_antireklama==1 && !empty($config_privat_checkers))
{
antireklamap($mess,$sitetime,$rep,$log,$uz);
}
$mess=defence_go($mess,$uz);
$tex=$log.'|'.$mess.'|'.$sitetime.'|'.$rep.'|1|'.$fname.'|';
$tex=preg_replace ("|[\r\n]+|si","",$tex);
//------------------------------ Запись в профиль ----------------------------//
$ufile = file(BASEDIR."local/profil/$uz.prof");
$udata = explode(":||:",$ufile[0]);
$udata[10]++;
for ($u=0; $u<$config_userprofkey; $u++){
$utext.=$udata[$u].':||:';}
if($udata[0]!="" && $udata[1]!="" && $udata[4]!="" && $utext!=""){
$fp=fopen(BASEDIR."local/profil/$uz.prof","a+");
flock ($fp,LOCK_EX);
ftruncate ($fp,0);
fputs($fp,$utext);
fflush ($fp);
flock ($fp,LOCK_UN);
fclose($fp);
unset($utext);
}
$fp=fopen(BASEDIR."local/privat/$uz.$config_priv","a+");
flock ($fp,LOCK_EX);
fputs($fp,"$tex\r\n");
fflush ($fp);
flock ($fp,LOCK_UN);
fclose($fp);
$tex2=$uz.'|'.$mess.'|'.$sitetime.'|1|0|'.$fname.'|';
$tex2=preg_replace ("|[\r\n]+|si","",$tex2);
$fp=fopen(BASEDIR."local/dataoutput/$log.$config_priv","a+");
flock ($fp,LOCK_EX);
fputs($fp,"$tex2\r\n");
fflush ($fp);
flock ($fp,LOCK_UN);
fclose($fp);
chmod ($fp, 0666);
chmod (BASEDIR."local/dataoutput/$log.$config_priv", 0666);
$file=file(BASEDIR."local/dataoutput/$log.$config_priv");
$i = count($file);
if ($i>=20) {
$fp=fopen(BASEDIR."local/dataoutput/$log.$config_priv","w");
flock ($fp,LOCK_EX);
unset($fname);
fputs($fp, implode($file));
flock ($fp,LOCK_UN);
fclose($fp);
}
header ("Location: privat.php?isset=mail&".SID); exit;
}}
else {header ("Location: privat.php?action=submit&isset=nouzer&".SID); exit;}}
else {
header ("Location: ../index.php?isset=inputoff&".SID); exit;
}
?>