Просмотр файла zagrcent/mail.php

<?php 
error_reporting(7);
require_once('nast.php');
require_once('shapka.php');
require_once('func.php');
require_once('function.php');
require_once('win_to_utf.php');
 
include('db.php');
print $beginpage;
include('rekl.php');
$ip=mysql_escape_string($REMOTE_ADDR);
$Host=preg_replace('/:\d+/s','',getenv('HTTP_HOST'));
$user=mysql_escape_string($HTTP_USER_AGENT);
$file=mysql_escape_string($file);
while($file[0]=='/')
$sd=substr($file,1,strlen($file));
$dirname=dirname($file);
$basename=basename($file);
$filesize=@filesize($file);
$result=mysql_query("SELECT * from `file` WHERE `sd`='$dirname' and `file`='$basename' limit 1");
if($filesize>1024)
$filesize=round($filesize/1024,2).' кб';
else
$filesize=$filesize.' бт';
if(!strstr($dirname,"..") and file_exists($file) and filesize($file)<=$maxfile)
{if(!mysql_num_rows($result))
{
mysql_query("INSERT into `file` VALUES(0,'$dirname','$basename','0','".time()."','".time()."')");
$infof['rat']=0;
$infof['ldate']=time();
}
else
{
$infof=mysql_fetch_array($result);
}
$papka=explode('/',$dirname);
$papka[0]='';
$papkaname=transdir(join('/',$papka));
$filename=translit($basename);
print "Папка: $papkaname<br/>";
print "Файл: $filename<br/>";
$infop=mysql_fetch_row(mysql_query("SELECT MAX(`time`) FROM `send` WHERE `ip`='$ip' or `user`='$user'"));
if($infop[0]>time()-60)
print "Ошибка!Вы не можете отправлять файлы ччаще, чем 1 раз в 1 минуту.Пожалуйста повторите попытку позднее<br/>";
else
	{
	class Mail
{
	var $sendto = array();
	var $acc = array();
	var $abcc = array();
	var $aattach = array();
	var $xheaders = array();
	var $priorities = array( '1 (Highest)', '2 (High)', '3 (Normal)', '4 (Low)', '5 (Lowest)' );
	var $charset = "utf-8";
	var $ctencoding = "7bit";
	var $receipt = 0;
 
function Mail()
{
	$this->autoCheck( true );
	$this->boundary= "--" . md5( uniqid("myboundary") );
}
 
		
 
function autoCheck( $bool )
{
	if( $bool )
		$this->checkAddress = true;
	else
		$this->checkAddress = false;
}
 
function Subject( $subject )
{
	$this->xheaders['Subject'] = strtr( $subject, "\r\n" , "  " );
}
 
 
function From( $from )
{
 
	if( ! is_string($from) ) {
		echo "Class Mail: error, From is not a string";
		exit;
	}
	$this->xheaders['From'] = $from;
}
 
function ReplyTo( $address )
{
 
	if( ! is_string($address) ) 
		return false;
	
	$this->xheaders["Reply-To"] = $address;
		
}
 
function Receipt()
{
	$this->receipt = 1;
}
 
function To( $to )
{
 
	// TODO : test validit? sur to
	if( is_array( $to ) )
		$this->sendto= $to;
	else 
		$this->sendto[] = $to;
 
	if( $this->checkAddress == true )
		$this->CheckAdresses( $this->sendto );
 
}
 
 
function Cc( $cc )
{
	if( is_array($cc) )
		$this->acc= $cc;
	else 
		$this->acc[]= $cc;
		
	if( $this->checkAddress == true )
		$this->CheckAdresses( $this->acc );
	
}
 
function Bcc( $bcc )
{
	if( is_array($bcc) ) {
		$this->abcc = $bcc;
	} else {
		$this->abcc[]= $bcc;
	}
 
	if( $this->checkAddress == true )
		$this->CheckAdresses( $this->abcc );
}
 
 
function Body( $body, $charset="" )
{
	$this->body = $body;
	
	if( $charset != "" ) {
		$this->charset = strtolower($charset);
		if( $this->charset != "us-ascii" )
			$this->ctencoding = "8bit";
	}
}
 
 
function Organization( $org )
{
	if( trim( $org != "" )  )
		$this->xheaders['Organization'] = $org;
}
 
 
function Priority( $priority )
{
	if( ! intval( $priority ) )
		return false;
		
	if( ! isset( $this->priorities[$priority-1]) )
		return false;
 
	$this->xheaders["X-Priority"] = $this->priorities[$priority-1];
	
	return true;
	
}
 
function Attach( $filename, $filetype = "", $disposition = "inline" )
{
	if( $filetype == "" )
		$filetype = "application/x-unknown-content-type";
		
	$this->aattach[] = $filename;
	$this->actype[] = $filetype;
	$this->adispo[] = $disposition;
}
 
function BuildMail()
{
 
 
	$this->headers = "";
 
	if( count($this->acc) > 0 )
		$this->xheaders['CC'] = implode( ", ", $this->acc );
	
	if( count($this->abcc) > 0 ) 
		$this->xheaders['BCC'] = implode( ", ", $this->abcc );
	
 
	if( $this->receipt ) {
		if( isset($this->xheaders["Reply-To"] ) )
			$this->xheaders["Disposition-Notification-To"] = $this->xheaders["Reply-To"];
		else 
			$this->xheaders["Disposition-Notification-To"] = $this->xheaders['From'];
	}
	
	if( $this->charset != "" ) {
		$this->xheaders["Mime-Version"] = "1.0";
		$this->xheaders["Content-Type"] = "text/plain; charset=$this->charset";
		$this->xheaders["Content-Transfer-Encoding"] = $this->ctencoding;
	}
 
	$this->xheaders["X-Mailer"] = "Php/libMailv1.3";
	if( count( $this->aattach ) > 0 ) {
		$this->_build_attachement();
	} else {
		$this->fullBody = $this->body;
	}
 
	reset($this->xheaders);
	while( list( $hdr,$value ) = each( $this->xheaders )  ) {
		if( $hdr != "Subject" )
			$this->headers .= "$hdr: $value\n";
	}
	
 
}
 
function Send()
{
	$this->BuildMail();
	$this->strTo = implode( ", ", $this->sendto );
	$res = @mail( $this->strTo, $this->xheaders['Subject'], $this->fullBody, $this->headers );
 
}
 
function Get()
{
	$this->BuildMail();
	$mail = "To: " . $this->strTo . "\n";
	$mail .= $this->headers . "\n";
	$mail .= $this->fullBody;
	return $mail;
}
function ValidEmail($address)
{
	if( ereg( ".*<(.+)>", $address, $regs ) ) {
		$address = $regs[1];
	}
 	if(ereg( "^[^@  ]+@([a-zA-Z0-9\-]+\.)+([a-zA-Z0-9\-]{2}|net|com|gov|mil|org|edu|int|ru|ua|eu)\$",$address) ) 
 		return true;
 	else
 		return false;
}
 
 
function CheckAdresses( $aad )
{
	for($i=0;$i< count( $aad); $i++ ) {
		if( ! $this->ValidEmail( $aad[$i]) ) {
			echo "Class Mail, method Mail : invalid address $aad[$i]";	
			exit;
		}
	}
}
 
function _build_attachement()
{
 
	$this->xheaders["Content-Type"] = "multipart/mixed;\n boundary=\"$this->boundary\"";
 
	$this->fullBody = "This is a multi-part message in MIME format.\n--$this->boundary\n";
	$this->fullBody .= "Content-Type: text/plain; charset=$this->charset\nContent-Transfer-Encoding: $this->ctencoding\n\n" . $this->body ."\n";
	
	$sep= chr(13) . chr(10);
	
	$ata= array();
	$k=0;
	for( $i=0; $i < count( $this->aattach); $i++ ) {
		
		$filename = $this->aattach[$i];
		$basename = basename($filename);
		$ctype = $this->actype[$i];	// content-type
		$disposition = $this->adispo[$i];
		
		if( ! file_exists( $filename) ) {
			echo "Class Mail, method attach : file $filename can't be found"; exit;
		}
		$subhdr= "--$this->boundary\nContent-type: $ctype;\n name=\"$basename\"\nContent-Transfer-Encoding: base64\nContent-Disposition: $disposition;\n  filename=\"$basename\"\n";
		$ata[$k++] = $subhdr;
 
		$linesz= filesize( $filename)+1;
		$fp= fopen( $filename, 'r' );
		$ata[$k++] = chunk_split(base64_encode(fread( $fp, $linesz)));
		fclose($fp);
	}
	$this->fullBody .= implode($sep, $ata);
}
 
 
} //class mail
if(!$act)
	{
		if($str=='wml')
		{
$r=rand(1,1000);
echo "email:<br/></small>
<input name=\"mail$r\" type=\"text\" title=\"\" value=\"\" maxlength=\"15\"/><br/>
<small>Комментарии:<br/></small>
<input name=\"komm$r\" type=\"text\" title=\"\" value=\"\" maxlength=\"150\"/><br/>
<anchor title=\"go\">Отправить<go href=\"mail.php?act=nar&amp;str=$str&amp;file=$file\" method=\"post\">
<postfield name=\"mail\" value=\"$(mail$r)\"/>
<postfield name=\"komm\" value=\"$(komm$r)\"/>
<postfield name=\"all\" value=\"$(all)\"/>";
echo "</go></anchor><br/><small>"; 
		}
		else
		{
	print"
	<form action=\"mail.php?act=nar&amp;str=$str&amp;file=$file\" method=\"post\">
	email:<br/>
	<input name=\"mail\" maxlength=\"450\" value=\"\"/><br/>
	Комментарии:<br/>
	<input name=\"komm\" maxlength=\"450\" value=\"\"/><br/>
	<input type=\"submit\" name=\"a\" value=\"отправить\"/>
	</form>";
		}
	}
	else
	{
	$mail=mysql_escape_string($mail);
	$komm=mysql_escape_string($komm);
	$err='';
	if(0==preg_match("/^[0-9a-z\-._]+@[0-9a-z_\-.]+\.[a-z]{2,3}$/si", $mail))
	$err.='Ошибка!Введите адрес сайта ввиде login@server.com<br/>';
	if($err)
	print $err;
	else
		{
		if(r($file)=="txt" || strpos($name,".dat"))$o="text/plain";
if(r($file)=="gif")$o="image/gif";
if(r($file)=="jpg" || r($file)=="jpeg")$o="image/jpeg";
if(r($file)=="png")$o="image/png";
if(r($file)=="zip")$o="archive/zip";
if(r($file)=="rar")$o="archive/rar";
if(r($file)=="mid")$o="media/midi";
if(r($file)=="mmf")$o="media/mmf";
if(r($file)=="jar")$o="application/java-archive";
if(r($file)=="jad")$o="archive/jar";
if(r($file)=="thm")$o="archive/vnd.eri";
if(r($file)=="nth")$o="archive/vnh.nth";
if(r($file)=="3gp")$o="video/3gpp";
if(r($file)=="avi")$o="video/avi";
if(r($file)=="mp3")$o="media/mp3";
if(r($file)=="sdt")$o="application/vnd.siemens-mp.theme";
if(r($file)=="scs")$o="application/vnd.siemens-mp.skin";
if(r($file)=="sis")$o="application/vnd.symbian.install";
$subj="Vam fajl ot $Host";
$mess='Данный файл был отослан вам посетителем сайта '.$Host.$komm;
//$mess=utf_to_win($mess);
//$mess=convert_cyr_string($mess, "w","k");
$m=new Mail;
$m->From("files@$Host");
$m->To("$mail");
$m->Subject("$subj");
$m->Body($mess);
$m->Priority(4);
$m->Attach(@realpath($file),$o);
$m->Send();
print 'Ваше сообщение успешно отправлено<br/>';
mysql_query("INSERT into `send` VALUES('0','$mail','".time()."','$ip','$user')");
		}
	}
	}
}
else
{
print 'Ошибка!Неверно указан файл<br/>';
}
$t=explode('/',dirname($file));
$t[0]='';
//unset($t[0]);
print $razd."<a href=\"sd.php?sd=".substr(join('/',$t),1,150)."&amp;str=$str\">Вернуться в папку /".transdir($t[count($t)-1])."</a><br/>";
print '&gt;<a href="index.php?str='.$str.'">Выбрать раздел</a><br/>';
print $endpage;
?>