<?php
error_reporting(E_ALL);
ob_start();
ob_implicit_flush(0);
session_name("sid");
session_start();
include 'config.php';
include 'functions.php';
// соединяемся с mysql
$lnk = mysql_connect($hostname,$username,$password);
if (!mysql_select_db($dbname, $lnk)) exit ("Can not connect to mysql");
mysql_query("SET NAMES utf8");
$ndate = date('j.m.y G:i');
$ip=delhtml($_SERVER['REMOTE_ADDR']);
$ua=delhtml(@$_SERVER['HTTP_USER_AGENT']);
if (isset($_SERVER["HTTP_X_OPERAMINI_PHONE_UA"])) {
$ip=delhtml($_SERVER["HTTP_X_FORWARDED_FOR"]);
$ua=delhtml($_SERVER["HTTP_X_OPERAMINI_PHONE_UA"]);
}
$newuser=false;
// устанавливаем offline, для юзарей, которые не появлялись в течении 5-ти минут
mysql_query("UPDATE zn_anket SET online='0' WHERE lastdate < CURRENT_TIMESTAMP()-INTERVAL 5 MINUTE");
if (isset($_REQUEST['mode'])) {$mode=$_REQUEST['mode'];} else {$mode='menu';}
// проверяем логин и пароль
if (isset($_REQUEST['login']) && isset($_REQUEST['pass'])) {
$login=trim(delhtml($_REQUEST['login']));
$pass=trim(delhtml($_REQUEST['pass']));
$_SESSION['login']=$login;
$_SESSION['pass']=$pass;
} else {
if (isset($_SESSION['login']) && isset($_SESSION['pass'])) {
$login=trim(delhtml($_SESSION['login']));
$pass=trim(delhtml($_SESSION['pass']));
} else {
$login=false;
$pass=false;
}
}
if (strstr($login, '=') or strstr($login, '%') or strstr($login, '?') or strstr($login, '&') or strstr($login, "'") or strstr($login, '"')) {
echo "Недопустимые символы в логине<br/>";
$mode='main';$login=false;$pass=false;
}
// проверяем, не заблокирован ли ip
$res=mysql_query("SELECT * FROM zn_ban WHERE ip='$ip' AND ua='$ua'");
if (mysql_num_rows($res)>0) {
echo "Access denied<br/>";
$mode='main';$login=false;$pass=false;
}
if ($login && $pass) {
if (($login=="") || ($pass=="")) {
$mode='main';
} else {
$res = mysql_query("SELECT * FROM zn_anket WHERE login='$login' AND pass='$pass'");
if (mysql_num_rows($res)!=0) {
$userinfo=mysql_fetch_array($res);
if ($userinfo['banned']==1) {
echo "Доступ запрещен<br/>";$mode='main';$login=false;$pass=false;
}
$userid=intval($userinfo['id']);
// записываем онлайн, дату, ip и ua
mysql_query("UPDATE zn_anket SET online='1', room=NULL, lastdate=CURRENT_TIMESTAMP(), ip='$ip', ua='$ua' WHERE login='$login'");
if (!empty($_REQUEST['r'])) {
$or=intval($_REQUEST['r']);
mysql_query("UPDATE zn_anket SET room='$or' WHERE login='$login'");
}
if (is_null($userinfo['name'])) {
if ($mode!='anketsave') {$mode='anket';}
$newuser=true;
$_SESSION['newuser']=true;
}
if (!is_null($userinfo['caponpage'])) {$caponpage=$userinfo['caponpage'];}
if (!is_null($userinfo['mesonpage'])) {$mesonpage=$userinfo['mesonpage'];}
if (!is_null($userinfo['autoupdate'])) {
if ($userinfo['autoupdate']=='no') {
unset($autoupdate);
} else {
$autoupdate=$userinfo['autoupdate'];
}
}
$res=mysql_query("SELECT * FROM zn_messages WHERE new='1' AND komu='$login'");
if (mysql_num_rows($res)!=0) {
$nm=mysql_num_rows($res);
echo "<a href=\"$workdir/?mode=friends\">Новых сообщений: $nm</a></div><div class=\"b\">";
}
} else {
echo "Неверный nick/пароль<br/>";
unset($_SESSION['pass']);
$mode='main';
}
}
} else {
if (($mode!='avtologin') && ($mode!='masteru') && (!strstr($mode, "reg"))) {$mode='main';}
}
// устанавливаем обратную ссылку
if (isset($_REQUEST['back'])) {
$back=delhtml($_REQUEST['back']);
$_SESSION['back']=$back;
} else {
if (isset($_SESSION['back'])) {
$back=delhtml($_SESSION['back']);
} else {
$back=$backlink;
}
}
// опредиляем режим вывода (html/wml)
if (isset($_REQUEST['w'])) {
$wmode=$_REQUEST['w'];
$_SESSION['w']=$wmode;
} else {
if (isset($_SESSION['w'])) {
$wmode=$_SESSION['w'];
} else {
$wmode='wml';
if (strstr($_SERVER['HTTP_ACCEPT'], "text/html")) {$wmode='html';}
if (strstr($_SERVER['HTTP_USER_AGENT'], "Opera")) {$wmode='html';}
if (strstr($_SERVER['HTTP_USER_AGENT'], "Mozilla")) {$wmode='html';}
}
}
if (stristr($_SERVER['HTTP_USER_AGENT'], "Google")) {$wmode='html';}
if (stristr($_SERVER['HTTP_USER_AGENT'], "Yandex")) {$wmode='html';}
// дата и время
if (($mode=='main') || ($mode=='exit')) {
echo date("d.m.Y H:i")."<br/>";
}
// лого
if (($mode=='main') || ($mode=='exit')) {
echo "<img src=\"$workdir/logo.gif\" alt=\"ZNWAP.RU\"/><br/>";
}
if (strstr($mode, "reg")) {include "reg.php";}
if (strstr($mode, "admin")) {include "admin.php";}
if (strstr($mode, "photo")) {include "photo.php";}
if (strstr($mode, "anket")) {include "anket.php";}
if (strstr($mode, "chat")) {include "chat.php";}
if (strstr($mode, "zn_news")) {include "news.php";}
if (strstr($mode, "foto_top")) {include "foto_top.php";}
include "mes.php";
include "main.php";
$banner="";
if ($randlink) {
$l=file("reklama.txt");
$lc=count($l);
$n=rand(0, $lc-1);
$randlink=$l[$n];
$banner.="$randlink<br/>";
}
// начало html-страницы
$htmlheader='<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta http-equiv="Cache-Control" content="no-cache,no-store,must-revalidate"/>
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon"/>';
if (isset($autoupdate) && isset($redirecturl) && ($redirecturl!="") &&($autoupdate!=0)) {
$htmlheader.="<meta http-equiv=\"Refresh\" content=\"$autoupdate; URL=$redirecturl\"/>";
}
$htmlheader.='<title>ERO-Знакомства</title>
<style type="text/css">
body { font-size: 11px; font-family: "Courier new"; color: #000000; background-color: #FFFFFF }
a:link,a:active,a:visited { text-decoration: underline; color : #551a8b }
a:hover { text-decoration: none; color : #000000 }
div { margin: 1px 0px 1px 0px; padding: 1px 1px 1px 1px; font-size: 11px;}
table { margin: 1px 0px 1px 0px; padding: 1px 1px 1px 1px;}
.b {margin: 1px; border-top: 2px solid #000000; border-left: 2px solid #000000; border-right: 2px solid #000000; border-bottom: 2px solid #000000; padding: 2px; vertical-align: middle; }
.c {margin: 0px; border-top: 2px solid #000000; border-left: 2px solid #000000; border-right: 2px solid #000000; border-bottom: 2px solid #000000; padding: 2px; vertical-align: middle; background-color: #FF0000; color: #ffffff;}
</style>
</head>
<body><div class="c" align="center"><b>ZNWAP.RU</b><br/>'.$banner.'</div><div class="b">';
// конец html-страницы
echo '</div><div class="c"><p align="center"><a href="http://'.$back.'">'.$back.'</a><br/>';
if ((CheckCanGzip()) && ($wmode=='html')) {echo '<u>gzip=on</u>';}
if (($mode=='menu') || ($mode=='main')) {
if ($wmode=='html') {
echo "<br/><u>html</u> <a href=\"$workdir/?mode=$mode&w=wml\">wml</a>";
} else {
echo "<br/><a href=\"$workdir/?mode=$mode&w=html\">html</a> <u>wml</u>";
}
}
echo '<br/>© ZnWAP.Ru 2007-2008<br/></p></div>';
echo '</body></html>';
// получаем содержимое буфера
$text = ob_get_contents();
ob_end_clean();
// запрет кеширования
header("Cache-Control: no-cache,must-revalidate");
header("Pragma: no-cache");
$body="";
if ($wmode=='wml') {
header('Content-Type: text/vnd.wap.wml; charset=utf-8');
include "wml.php";
} else {
header('Content-Type: text/html; charset=utf-8');
$body=$htmlheader.$text;
}
if (empty($_COOKIE['sid'])) {
$body=preg_replace_callback("/\<a[^\>]*href\s*\=\s*\"(\S*)\"[^\>]*\>/is", "insertsid1", $body);
$body=preg_replace_callback("/\<form[^\>]*\>/i", "insertsid2", $body);
$body=preg_replace_callback("/\<go[^\>]*\>/i", "insertsid3", $body);
}
if ($wmode=='html') {
GzDocOut($body);
} else {
echo $body;
}
// закрываем соединение с mysql
mysql_close($lnk);
?>