<?php
/************************************************/
// show reply mod. by demeros //
/************************************************/
require_once"../template/start.php";
require_once"../template/regglobals.php";
require_once"../template/config.php";
require_once"../template/functions.php";
require_once"../template/antidos.php";
require_once"../template/gzip.php";
require_once"../template/header.php";
require_once"../template/rprivat.php";
include_once"../template/pclzip.php";
if ($provlog==$_SESSION['log'] && $provpar==md5($_SESSION['par']) && $_SESSION['log']!="" && md5($_SESSION['par'])!=""){
if($dostup==101 || $dostup==102){
$cat=(int)$cat;
$pol=(int)$pol;
if($cat==""){header ("Location: privat.php?action=spam_ready&isset=nouz&cat=$cat&pol=$pol&".SID); exit;}
$str=strlen($mess);
if($mess=="" || $str<6){header ("Location: privat.php?action=spam_ready&isset=nomess&cat=$cat&pol=$pol&".SID); exit;}
$ifadmin = file(BASEDIR."local/datatmp/adminlist.dat");
$fileu = file(BASEDIR."local/datatmp/userlist.dat");
$mess = check($mess);
$log = check($log);
$mess = utf_substr($mess,0,1000);
if($trans=="y"){$mess=transliter($mess);}
$mess = antimat($mess);
$mess = smiles($mess);
$mess=base64_encode($mess);
/*Если есть файлы adminlist.dat & userlist.dat*/
if (empty($ifadmin) || empty($fileu) ){
header ("Location: privat.php?action=spam&error=noadm&".SID); exit;}
else {
$ifadmin=array_reverse($ifadmin);
$totalu = count($fileu);
/*Если прикрепили файл*/
if(isset($_FILES['userfile']))/*********Проверка на наличие файла**************/
{
$trans1= array("Ь","Ъ","Ё","Ж","Ч","Ш","Щ","Э","Ю","Я","ё","ж","ч","ш","щ","э","ю","я","А","Б","В","Г","Д","Е","З","И","Й","К","Л","М","Н","О","П","Р","С","Т","У","Ф","Х","Ц","Ы","а","б","в","г","д","е","з","и","й","к","л","м","н","о","п","р","с","т","у","ф","х","ц","ы","ъ","ь");
$trans2= array("","","JO","ZH","CH","SH","SCH","JE","JY","JA","jo","zh","ch","sh","sch","je","jy","ja","A","B","V","G","D","E","Z","I","J","K","L","M","N","O","P","R","S","T","U","F","H","C","Y","a","b","v","g","d","e","z","i","j","k","l","m","n","o","p","r","s","t","u","f","h","c","y","","");
$format=explode(",",$config_type);
if($_FILES['userfile']['size'] > 0 && ($_FILES['userfile']['size'])/1024 < $config_add_privat_fsize )/*Проверка на размер файла*/
{
$ext = strtolower(strrchr($_FILES['userfile']['name'], '.'));
$ext=str_replace('.','',$ext);
$fname=$_FILES['userfile']['name'];
$fname=check($fname);
$fname=str_replace($trans1,$trans2,$fname);
$fname=strtolower($fname);
if(in_array($ext,$format))/*Проверка на разрешенные расширения*/
{
$ftype = $_FILES['userfile']['type'];
if(!eregi('php',$ftype) && !eregi('htm',$ftype) && !eregi('inc',$ftype) && !eregi('wml',$ftype) && !eregi('xml',$ftype))/*Проверка типа файла*/
{
/******************Убераем запрещенные символы из имени******************/
$fname=str_replace(' ','_',$fname);
$fname=str_replace('\'','_',$fname);
$fname=str_replace('"','_',$fname);
$fname=str_replace('?','',$fname);
$fname=str_replace('~','',$fname);
$fname=str_replace('../','',$fname);
$fname=str_replace('|','',$fname);
$fname=str_replace('+','',$fname);
$fname=str_replace('%','',$fname);
$fname=str_replace('^','',$fname);
$fname=str_replace('&','',$fname);
$fname=str_replace('@','',$fname);
$fname=str_replace('!','',$fname);
$fname=str_replace('`','',$fname);
$fname=str_replace('(','',$fname);
$fname=str_replace('[','',$fname);
$fname=str_replace(']','',$fname);
$fname=str_replace('#','',$fname);
$fname=str_replace('=','',$fname);
$fname=str_replace(')','',$fname);
$fname=str_replace('ь','',$fname);
/////////////////////////////////////////////////////////////////////////////////
$fname='system_mail.'.$fname.''; /*Новое имя для файла*/
if(is_dir($config_add_privat_fpath) && $config_add_privat_fpath!='.' && $config_add_privat_fpath!='..')/*Если указаная директория существует*/
{
if(copy($_FILES['userfile']['tmp_name'], "$config_add_privat_fpath/$fname"))/*Если файл был сохранен на сервере*/
{
chmod("$config_add_privat_fpath/$fname", 0777);
if($config_zip_privat=="1")/*Если включено архивирование*/
{
$zfname=''.$fname.'.zip';
$zip= new PclZip("$config_add_privat_fpath/$zfname");
if($zip->create("$config_add_privat_fpath/$fname",PCLZIP_OPT_REMOVE_PATH, "$config_add_privat_fpath/")!=0)/*Если архив создан*/
{
chmod("$config_add_privat_fpath/$zfname", 0777);
unlink("$config_add_privat_fpath/$fname");
}
$fname=$zfname;/*Имя для архивированого файла*/
}
}
else{header ("Location: privat.php?action=spam&error=ferr&".SID); exit;}
}
else{header ("Location: privat.php?action=spam&error=nodir&".SID); exit;}
}
else{header ("Location: privat.php?action=spam&error=extention&".SID); exit;}
}
else{header ("Location: privat.php?action=spam&error=extention&".SID); exit;}
}
else{header ("Location: privat.php?action=spam&error=fbig&".SID); exit;}
}
if(!empty($fname)){$fname=base64_encode($fname);}else{$fname=0;}/*Если файл был загружен,записываем в сообщение ссылку*/
/*Определяем кому слать письма*/
if($cat!="5" && $cat!="7"){
foreach($ifadmin as $key=>$value)
{$ainfo=explode("|",$value);
$ainfo[2]=(int)$ainfo[2];
if($cat=="1"){$uz="Спам Супер Админам";
if($ainfo[2]==101 ){if($log!=$ainfo[1]){if(spam_add($ainfo[1],$mess,$log,$sitetime,$pol,$fname)==TRUE){ $kol++;}}}}
if($cat=="2"){$uz="Спам Админам";
if($ainfo[2]==102 ){if($log!=$ainfo[1]){if(spam_add($ainfo[1],$mess,$log,$sitetime,$pol,$fname)==TRUE){ $kol++;}}}}
if($cat=="3"){$uz="Спам Старшим модерам";
if($ainfo[2]==103 ){if(spam_add($ainfo[1],$mess,$log,$sitetime,$pol,$fname)==TRUE){ $kol++;}}}
if($cat=="4"){$uz="Спам Модерам";
if($ainfo[2]==105){if(spam_add($ainfo[1],$mess,$log,$sitetime,$pol,$fname)==TRUE){ $kol++;}}}
if($cat=="6"){$uz="Спам Только для администрации";
if($ainfo[2]>=101 || $ainfo[2]<=105 ){if($log!=$ainfo[1]){if(spam_add($ainfo[1],$mess,$log,$sitetime,$pol,$fname)==TRUE){ $kol++;}}}}
}}
else
{for($i=0;$i<$totalu;$i++)
{$uinf=explode("|",$fileu[$i]);
if($cat=="7")
{$uz="Спам для всех юзеров";
if($uinf[2]!=$log){
if(spam_add($uinf[2],$mess,$log,$sitetime,$pol,$fname)==TRUE){ $kol++;}
}
}
if($cat=="5")
{$uz="Спам для юзеров";
if(search_ing($uinf[2])==TRUE && $uinf[2]!=$log ){
if(spam_add($uinf[2],$mess,$log,$sitetime,$pol,$fname)==TRUE){ $kol++;} }
}}}
/*Если количество писем ==0 сообщаем об ошибке*/
if($kol<=0)
{$kol=0;
header ("Location: privat.php?error=nadd&".SID); exit;
}
/*если есть кому отправлять-пишем в профиль и отправляем*/
else{
$tex2=$uz.'|'.$mess.'|'.$sitetime.'|0|0|0|';
$tex2=preg_replace ("|[\r\n]+|si","",$tex2);
$fp=fopen(BASEDIR."local/dataoutput/$log.$config_priv","a+");
flock ($fp,LOCK_EX);
fputs($fp,"$tex2\r\n");
fflush ($fp);
flock ($fp,LOCK_UN);
fclose($fp);
chmod ($fp, 0666);
chmod (BASEDIR."local/dataoutput/$log.$config_priv", 0666);
$file=file(BASEDIR."local/dataoutput/$log.$config_priv");
$i = count($file);
if ($i>=20) {
$fp=fopen(BASEDIR."local/dataoutput/$log.$config_priv","w");
flock ($fp,LOCK_EX);
unset($file[0]);
fputs($fp, implode($file));
flock ($fp,LOCK_UN);
fclose($fp);
}
header ("Location: privat.php?error=sended&kol=$kol&".SID); exit;
}
}
}else{header ("Location: privat.php?".SID); exit;}}
else {
header ("Location: ../index.php?isset=inputoff&".SID); exit;
}
?>