Просмотр файла system/sys.php

Размер файла: 12.18Kb
<?php
// by mides, 1da.su

// choose whether you wanna show the error or not; 1 - yes, 0 - no
$debugmode = 0;
if ($debugmode) {
  @error_reporting(E_ALL);
  @ini_set('display_errors', true);
  @ini_set('html_errors', true);
  @ini_set('error_reporting', E_ALL);
} else {
  @error_reporting(E_ALL ^ E_NOTICE);
  @ini_set('display_errors', false);
  @ini_set('html_errors', false);
  @ini_set('error_reporting', E_ALL ^ E_NOTICE);
} 

// check $_GET to make sure it's Ok
foreach ($_GET as $check_url) {
	if (!is_string($check_url) || !preg_match('#^(?:[a-z0-9_\-/]+|\.+(?!/))*$#i', $check_url)) {
    	header ('Location: ../');
    	exit;
	} 
} 
unset($check_url);

// let's connect to our DataBase
require_once 'db.php';
$connect = mysql_connect(DBHOST, DBUSER, DBPASS) or die(mysql_error('Ошибка подключения к БД. Неверный пользователь или пароль.'));
mysql_query('SET NAMES `utf8`', $connect);
mysql_select_db(DBNAME, $connect) or die('Не правильно прописано название БД.');

define ('HOME', $_SERVER['HTTP_HOST']);
define ('HTTPHOME', 'http://'.HOME);

// getting main variables
$id = isset($_GET['id']) ? abs(intval($_GET['id'])) : 0;
$act = isset($_GET['act']) ? check($_GET['act']) : FALSE;
$title = isset($title) ? $title : FALSE;
$m_title = empty($title) ? HOME : $title.' - '.HOME;
$page = isset($_GET['p']) ? abs(intval($_GET['p'])) : 1;
$pages = isset($pages) ? abs(intval($pages)) : 0;
$ok = isset($_GET['ok']) ? 1 : FALSE;
$spam = isset($_SESSION['spam']) ? $_SESSION['spam'] : FALSE;

$level = 0;
$flevel = '';
while (!file_exists($flevel.'a.php') && $level < 5) {
	$flevel .= '../';
	++$level;
} 
unset($level);
define ('FLEVEL', $flevel);

// let's get the default site settings
$config_r = mysql_query("SELECT * FROM `config` WHERE `id` = 1");
$config = mysql_fetch_assoc($config_r);

if (isset($_COOKIE['ulogin']) and isset($_COOKIE['upass'])) {
	$ulogin = check($_COOKIE['ulogin']);
	$upass = check($_COOKIE['upass']);
		
	$query = mysql_query("SELECT * FROM `users` WHERE `login` = '$ulogin' and `pass` = '$upass' LIMIT 1");
	$u = mysql_fetch_assoc($query);
	
	if ($u['id']) {
		$config['style'] = $u['style'];
		$config['onpage'] = $u['onpage'];
					
		$online_r = mysql_query("SELECT `id_user` FROM `online` WHERE `id_user` = '$u[id]'");
		if (mysql_num_rows($online_r)) {
			mysql_query("UPDATE `online` SET `place` = '$title', `time` = '".time()."' WHERE `id_user` = '$u[id]'");
		} else {
			mysql_query("INSERT INTO `online` SET `id_user` = '$u[id]', `place` = '$title', `time` = '".time()."'");
		}
		mysql_query("DELETE FROM `online` WHERE `time` <= '".(time() - 60 * 3)."'");
			
		if ($u['locked'] > time()) {
			header('location: ../locked.php');
		}
		mysql_query("UPDATE `users` SET `locked` = 0, `locked_who` = '', `reason` = '' WHERE `locked` < '".time()."'");

		if ($u['login'] != $ulogin or $u['pass'] != $upass) {
			setcookie('login', '', time() - 86400*31);
			setcookie('pass', '', time() - 86400*31);
		}
	}
} else {
	$u = 0;
}

if (!file_exists($flevel.'inc/styles/'.$config['style'].'/style.css')) {
	$config['style'] = 'default';
}

define('TIME', time());

// CC FUNCTIONS

function access($access) {
	global $u;
	if ($u['id']) {
		if ($u['access'] == $access or $u['access'] > $access) {
			return true;
		}
	}
	return false;
}

function access2($id_user) {
	$user_r = mysql_query("SELECT `access` FROM `users` WHERE `id` = '$id_user'");
	$user = mysql_fetch_assoc($user_r);
	switch($user['access']) {
		case '1': $access = 'Куратор'; break;
		case '2': $access = 'Модератор'; break;
		case '3': $access = 'Администратор'; break;
		default: $access = 'Пользователь'; break;
	}
	return $access;
}

function bb($msg){
	$result_sm = mysql_query("SELECT * FROM `smiles`");
	while ($s = mysql_fetch_assoc($result_sm)) {
		$msg = str_replace($s['code'], '<img src="'.FLEVEL.$s['path'].'" alt="'.$s['code'].'" />', $msg);
	}			
	$msg = preg_replace("#\[red\](.*?)\[/red\]#si", "<span style=\"color: red\">\\1</span>", $msg);
	$msg = preg_replace("#\[blue\](.*?)\[/blue\]#si", "<span style=\"color: blue\">\\1</span>", $msg);
	$msg = preg_replace("#\[black\](.*?)\[/black\]#si", "<span style=\"color: black\">\\1</span>", $msg);
	$msg = preg_replace("#\[green\](.*?)\[/green\]#si", "<span style=\"color: green\">\\1</span>", $msg);
	$msg = preg_replace("#\[orange\](.*?)\[/orange\]#si", "<span style=\"color: orange\">\\1</span>", $msg);
	$msg = preg_replace("#\[pink\](.*?)\[/pink\]#si", "<span style=\"color: pink\">\\1</span>", $msg);
	$msg = preg_replace("#\[gray\](.*?)\[/gray\]#si", "<span style=\"color: gray\">\\1</span>", $msg);
	$msg = preg_replace("#\[big\](.*?)\[/big\]#si", "<span style=\"font-size: 20px\">\\1</span>", $msg);
	$msg = preg_replace("#\[small\](.*?)\[/small\]#si", "<span style=\"font-size: 8px\">\\1</span>", $msg);
	$msg = preg_replace("#\[b\](.*?)\[/b\]#si", "<b>\\1</b>", $msg);
	$msg = preg_replace("#\[u\](.*?)\[/u\]#si", "<u>\\1</u>", $msg);
	$msg = preg_replace("#\[i\](.*?)\[/i\]#si", "<i>\\1</i>", $msg);
	$msg = preg_replace("#\[strike\](.*?)\[/strike\]#si", "<strike>\\1</strike>", $msg);
	$msg = preg_replace("#\[q\](.*?)\[/q\]#si", "<div class=\"quote\">\\1</div>", $msg);
	$msg = preg_replace_callback('~\[url=((https?|ftp)://.+?)\](.+?)\[/url\]|((https?|ftp)://[0-9a-zа-яё/.;?=\(\)\_\-&%#]+)~ui', 'url_replace', $msg);
	return nl2br($msg);
}

function ccdate($time, $user_4_online) {
	if (date('d.m.y', $time) == date('d.m.y', time())) {
		$date = date('<b>H:i</b>', $time);
	} else {
		$date = date('d.m.y, H:i', $time);
	}
	
	if (isset($user_4_online)) {
		$online_r = mysql_query("SELECT `id` FROM `online` WHERE `id_user` = '$user_4_online'");
		if (mysql_num_rows($online_r)) {
			$date = '<font color="green">'.$date.'</font>';
		}
	}
	return '<span style="font-size: 10px">'.$date.'</span>';
}

function check($check){
	$check = htmlspecialchars(mysql_real_escape_string($check));
	
	//$search = array('|', '\'', '$', '\\', '^', '%', '`', "\0", "\x00", "\x1A", "‮⁄∩");
	//$replace = array('&#124;', '&#39;', '&#36;', '&#92;', '&#94;', '&#37;', '&#96;', '', '', '', '');
	//$msg = str_replace($search, $replace, $msg);
	
	//$msg = stripslashes(trim($msg));
	return $check;
}

function error($error){
    echo '<div class="title">Ошибка!</div><div class="main">'.$error;
    return;
}

function ext($filename) {
    return substr(strrchr($filename, '.'), 1);
}

function generate($number){
	$arr = array('a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','r','s','t','u','v','x','y','z','A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','R','S','T','U','V','X','Y','Z','1','2','3','4','5','6','7','8','9','0');  
    // Генерируем пароль  
    $pass = '';  
    for($i = 0; $i < $number; $i++){
		// Вычисляем случайный индекс массива
		$index = rand(0, count($arr) - 1);
		$pass .= $arr[$index];  
    }
	return $pass;  
}

// gonna be deleted soon
function get_id($login){
	$user_r = mysql_query("SELECT `id` FROM `users` WHERE `login` = '$login'");
	$user = mysql_fetch_assoc($user_r);
	if (isset($user['id'])) {
		return $user['id'];
	}
	return FALSE;
}

function id($login){
	$user_r = mysql_query("SELECT `id` FROM `users` WHERE `login` = '$login'");
	$user = mysql_fetch_assoc($user_r);
	if (isset($user['id'])) {
		return $user['id'];
	}
	return FALSE;
}

function info($info){
    echo '<div class="title">Информация</div><div class="main">'.$info;
    return;
}

function login($id) {
	if ($id == 0) {
		return 'Гость';
	} elseif ($id == -1) {
		return 'System';
	} else {
		$user_r = mysql_query("SELECT `login`, `access` FROM `users` WHERE `id` = '$id'");
		$user = mysql_fetch_assoc($user_r);
		if ($user['login']) {
			switch($user['access']) {
				case '1': $user['login'] = '<font color="green">'.$user['login'].'</font>'; break;
				case '2': $user['login'] = '<font color="blue">'.$user['login'].'</font>'; break;
				case '3': $user['login'] = '<font color="red">'.$user['login'].'</font>'; break;
				default: $user['login']; break;
			}
			return $user['login'];
		} else {
			return '<font color="grey">удален</font>';
		}
	}
}

function login_simple($id){
	if ($id == 0) {
		return 'Гость';
	} else {
		$user_r = mysql_query("SELECT `login` FROM `users` WHERE `id` = '$id'");
		$user = mysql_fetch_assoc($user_r);
		if ($user['login']) {
			return $user['login'];
		} else {
			return 'удален';
		}
	}
}

function nav($link){
    echo '</div><div class="navigation"><a href="'.$link.'">Назад</a><br /><a href="../">На главную</a></div>';
    return;
}

function nav2($link, $link_name){
    echo '</div><div class="navigation"><a href="'.$link.'">'.$link_name.'</a><br /><a href="../">На главную</a></div>';
    return;
}

function navig($page, $link, $pages) {
	if ($pages > 1) {
		echo '</div><div class="main">Cтр.: ';
		for ($k = 1; $k <= $pages; $k++) {
			if ( $k == 1 or $k == $pages or 2 >= ($page - $k) and -2 <= ($page - $k) ) {
				if ($k == $page) {
					$write = '<u>'.$k.'</u> ';
				} else {
					$write = '<a href="'.$link.'p='.$k.'">'.$k.'</a> ';
				}
				echo $write;
			}
		}
	}
}

function nav_main(){
    echo '</div><div class="navigation"><a href="'.HTTPHOME.'">На главную</a></div>';
    return;
}

function note() {
	if (isset($_SESSION['note'])) {
		echo '<b>'.$_SESSION['note'].'</b><br />';
		unset($_SESSION['note']);
	}
}

function online($time, $id_user) {
	$online_r = mysql_query("SELECT `id` FROM `online` WHERE `id_user` = '$id_user'");
	if (mysql_num_rows($online_r)) {
		return '<font color="green">'.$time.'</font>';
	} else {
		return $time;
	}
}

function redirect($url) {
	header('location: '.$url);
	exit;
}

function size($filesize) {
	if ($filesize < 1000000) {
		$kb = round($filesize / 1000, 3);
		$result = $kb.' Kb';
	} else {
		$mb = round($filesize / 1000000, 3);
		$result = $mb.' Mb';
	}
	return $result;
}

function str_to_en($string) {
    $converter = array(
        'а' => 'a',   'б' => 'b',   'в' => 'v',
        'г' => 'g',   'д' => 'd',   'е' => 'e',
        'ё' => 'e',   'ж' => 'zh',  'з' => 'z',
        'и' => 'i',   'й' => 'y',   'к' => 'k',
        'л' => 'l',   'м' => 'm',   'н' => 'n',
        'о' => 'o',   'п' => 'p',   'р' => 'r',
        'с' => 's',   'т' => 't',   'у' => 'u',
        'ф' => 'f',   'х' => 'h',   'ц' => 'c',
        'ч' => 'ch',  'ш' => 'sh',  'щ' => 'sch',
        'ь' => '\'',  'ы' => 'y',   'ъ' => '\'',
        'э' => 'e',   'ю' => 'yu',  'я' => 'ya',
        
        'А' => 'A',   'Б' => 'B',   'В' => 'V',
        'Г' => 'G',   'Д' => 'D',   'Е' => 'E',
        'Ё' => 'E',   'Ж' => 'Zh',  'З' => 'Z',
        'И' => 'I',   'Й' => 'Y',   'К' => 'K',
        'Л' => 'L',   'М' => 'M',   'Н' => 'N',
        'О' => 'O',   'П' => 'P',   'Р' => 'R',
        'С' => 'S',   'Т' => 'T',   'У' => 'U',
        'Ф' => 'F',   'Х' => 'H',   'Ц' => 'C',
        'Ч' => 'Ch',  'Ш' => 'Sh',  'Щ' => 'Sch',
        'Ь' => '\'',  'Ы' => 'Y',   'Ъ' => '\'',
        'Э' => 'E',   'Ю' => 'Yu',  'Я' => 'Ya',
    );
	return strtr($string, $converter);
}

function tp($title){
	echo '<div class="title">'.$title.'</div><div class="main">';
    return;
}

function url_replace($m) {
	if (!isset($m[4])) {
		$target = (strpos($m[1], HOME) === false) ? ' target="_blank"' : '';
		return '<a href="'.$m[1].'"'.$target.'>'.check(rawurldecode(html_entity_decode($m[3], ENT_QUOTES, 'utf-8'))).'</a>';
	} else {
		$target = (strpos($m[4], HOME) === false) ? ' target="_blank"' : '';
		return '<a href="'.$m[4].'"'.$target.'>'.check(rawurldecode(html_entity_decode($m[4], ENT_QUOTES, 'utf-8'))).'</a>';
	} 
}

function user($id, $field) {
	$user_r = mysql_query("SELECT `$field` FROM `users` WHERE `id` = '$id'");
	$user = mysql_fetch_assoc($user_r);
	if (isset($user[$field])) {
		return $user[$field];
	}
	return FALSE;
}























?>