<?php
#==============================================================================================#
# Name : Imperial CHAT #
# Made by : MaZaFaKa (___хакер___) #
# MODED : vipsds ( BOT ) #
# ICQ : 350502220 (vipsds) #
# E-mai : [email protected] #
# По всем вопросам и дополнительным модам обращайтесь на выше указанные данные #
#==============================================================================================#
error_reporting(0);
include('start.php');
include("config.php");
include("./includes/constants/letters");
include("./includes/".$ver."/banned");
$ttl ="Почтовый ящик";
$old_letters = 10; //DAYS
$fd = fopen("system/letters.dat", "r");
$clear_time = intval(fgets($fd));
fclose($fd);
if($clear_time < time())
{
$delete = mysql_query("DELETE FROM `chat_letters` WHERE `time` < '".(time() - (3600 * 24 * $old_letters))."';");
$fd = fopen("system/letters.dat", "w");
flock($fd, LOCK_EX);
$puts = fputs($fd, (time() + 3600 * 24 * $old_letters));
flock($fd, LOCK_UN);
fclose($fd);
}
list($msec, $sec) = explode(chr(32), microtime());
$headtime = $sec + $msec;
$nocache = rand(1000, 9999);
///////////////////////////////////////////////////////////////////////
$title = htmlspecialchars(mysql_escape_string(trim($_POST['title'])));
$nick = htmlspecialchars(mysql_escape_string(trim($_POST['nick'])));
$text = htmlspecialchars(mysql_escape_string(trim($_POST['text'])));
///////////////////////////////////////////////////////////////////////
$banner = file("system/banner.dat");
$ssylka = trim($banner[0]);
$img = trim($banner[1]);
$pochta = trim($banner[3]);
switch($ver)
{
////////////////////////////////////////////////////////
//WML VERSION
////////////////////////////////////////////////////////
case 'wml':
header("Content-type: text/vnd.wap.wml; charset=utf-8");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-revalidate");
//AUTH
$id = intval($_SESSION['id']);
$password = mysql_escape_string($_SESSION['password']);
$q = mysql_query("SELECT `level` FROM `chat_users` WHERE `id` = '".$id."' AND `password` = '".md5($password)."';");
if(mysql_affected_rows() == 0)
{
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.3//EN\" \"http://www.wapforum.org/DTD/wml13.dtd\"><wml>\n";
echo "<card title=\"ERROR\" ontimer=\"/wml\"><timer value=\"15\"/><p align=\"left\">\n";
echo "<small>Ошибка авторизации!<br/>\n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/>[".round(($sec+$msec)-$headtime,5)."] sec<br/>\n";
echo "</small></p></card></wml>";
exit();
}
else
{
$nickname = mysql_result($q, 0, 'nickname');
}
//END AUTH
$level = mysql_result($q, 0);
if($level < 4)
{
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.3//EN\" \"http://www.wapforum.org/DTD/wml13.dtd\"><wml>\n";
echo "<card title=\"ERROR\" ontimer=\"menu.php?ver=wml&".SID."&pass=$pass&\"><timer value=\"15\"/><p align=\"left\">\n";
echo "<small>Доступ запрещен<br/>\n";
echo"<br/>$wmlfoot";
list($msec, $sec) = explode(chr(32), microtime());
echo "[".round(($sec+$msec)-$headtime,5)."] сек.<br/>\n";
echo "</small></p></card></wml>";
exit();
}
//ONLINE
$online = time() + 60;
$update = mysql_query("UPDATE `chat_users` SET `time` = '".$online."', `place` = 0, `ip` = '".getenv('REMOTE_ADDR')."', `ua` = '".htmlspecialchars(getenv('HTTP_USER_AGENT'))."' WHERE `id` = '".$id."';");
//END ONLINE
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.3//EN\" \"http://www.wapforum.org/DTD/wml13.dtd\"><wml>\n";
echo "<card title=\"".$ttl."\"><p align=\"left\">\n";
if(isset($_GET['mod']))
{
$mod = $_GET['mod'];
}
else
{
$mod = "";
}
switch($mod)
{
case 'delete':
$lid = intval($_GET['lid']);
$q = mysql_query("DELETE FROM `chat_letters` WHERE `lid` = '".$lid."';");
if(mysql_affected_rows() != 0)
{
echo LETTER_ARE_REMOVED."<br/>\n";
}
else
{
echo LETTER_DOES_NOT_EXISTS."<br/>\n";
}
break;
case 'view':
$lid = intval($_GET['lid']);
$q = mysql_query("SELECT * FROM `chat_letters` WHERE `lid` = '".$lid."';");
if(mysql_num_rows($q) == 0)
{
echo LETTER_DOES_NOT_EXISTS."<br/>";
echo "<br/>• <a href=\"/adletters.php?".SID."&ver=wml\">Почтовый ящик</a><br/>\n";
echo "• <a href=\"/menu/wml\">В прихожую</a><br/>\n";
include('banners/pochta');
echo"<br/>";
echo"$wmlfoot";
echo "</p></card></wml>";
exit();
}
$letter = mysql_fetch_array($q);
$lid = $letter['lid'];
$to = $letter['to'];
$from = $letter['from'];
$title = $letter['subject'];
$text = $letter['body'];
$date = $letter['date'];
if($to == $id)
{
$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$from."';");
$nick = mysql_result($q, 0);
echo "<u>".LETTER_TITLE.":</u> $title<br/>\n";
echo "<u>".LETTER_FROM.":</u> $nick<br/>\n";
echo "<u>".LETTER_DATE.":</u> $date<br/>\n";
echo "<u>".LETTER_BODY.":</u> $text<br/>\n";
}
else
{
$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$to."';");
$nick = mysql_result($q, 0);
echo "<u>".LETTER_TITLE.":</u> $title<br/>\n";
echo "<u>".LETTER_TO.":</u> $nick<br/>\n";
echo "<u>".LETTER_DATE.":</u> $date<br/>\n";
echo "<u>".LETTER_BODY.":</u> $text<br/>\n";
}
echo "<a href=\"/adletters.php?".SID."&ver=wml&mod=delete&lid=$lid&nocache=$nocache\">Удалить</a><br/>\n";
break;
default:
echo INBOX.":<br />\n";
$q = mysql_query("SELECT COUNT(*) FROM `chat_letters`;");
$all = mysql_result($q, 0);
if(isset($_GET['page']))
{
$page = intval($_GET['page']);
}
else
{
$page = 0;
}
if($page < 0) $page = 0;
if($page > intval($all/ONPAGE)) $page = intval($all/ONPAGE);
$limit = ($page * ONPAGE).", ".($page * ONPAGE + ONPAGE);
$q = mysql_query("SELECT `lid`, `date`, `subject`, `from`, `read` FROM `chat_letters` ;");
if(mysql_num_rows($q) == 0)
{
echo INBOX_IS_NOT."<br/>\n";
}
while($letter = mysql_fetch_array($q))
{
$lid = $letter['lid'];
$title = $letter['subject'];
$read = $letter['read'];
$from = $letter['from'];
$data = $letter['date'];
$qq = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$from."';");
$nick = mysql_result($qq, 0);
$qqid = mysql_query("SELECT `id` FROM `chat_users` WHERE `nickname` = '".$nick."';");
$useriid = mysql_result($qqid, 0);
if($read == 0)
{
echo "<a href=\"/adletters.php?".SID."&ver=wml&mod=view&lid=$lid\">[$data]<b>[НЕ ПРОЧИТАНО]</b> <br/>$title</a> (<a href=\"info.php?".SID."&uid=".$useriid."&ver=wml\">$nick</a>)<br/>\n";
}
else
{
echo "<a href=\"/adletters.php?".SID."&ver=wml&mod=view&lid=$lid\">[$data]<b>[ПРОЧИТАНО]</b> <br/> $title</a> (<a href=\"info.php?".SID."&uid=".$useriid."&ver=wml\">$nick</a>)<br/>\n";
}
}
if($page > 0)
{
echo "<a href='/adletters.php?".SID."&ver=wml&page=".($page - 1)."'>".htmlspecialchars("<<<")."</a><br />\n";
}
if($all > $page * ONPAGE + ONPAGE)
{
echo "<a href='/adletters.php?".SID."&ver=wml&page=".($page + 1)."'>".htmlspecialchars(">>>")."</a><br />\n";
}
break;
}
if(!empty($mod)) echo "<br/>• <a href=\"letters.php?".SID."&ver=wml\">Почтовый ящик</a><br/>\n";
echo "• <a href=\"/menu/wml\">В прихожую</a><br/>\n";
include('banners/pochta');
echo"<br/>";
echo"$wmlfoot";
echo "</p></card></wml>";
break;
////////////////////////////////////////////////////////
//HTML VERSION
////////////////////////////////////////////////////////
case 'html':
header("Content-type: text/html; charset=utf-8");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-revalidate");
//AUTH
$id = intval($_SESSION['id']);
$password = mysql_escape_string($_SESSION['password']);
$q = mysql_query("SELECT `level` FROM `chat_users` WHERE `id` = '".$id."' AND `password` = '".md5($password)."';");
if(mysql_affected_rows() == 0)
{
echo "$css";
echo'<title>'.$ttl.'</title>';
echo'<div class="d3">Ошибка</div>';
echo "<div class=\"d5\">Ошибка авторизации!</div>\n";
echo'<div class="d3">';
include('banners/pochta');
echo'</div>';
echo"$sitefoot";
echo'</div>';
echo "</body></html>";
exit();
}
else
{
$nickname = mysql_result($q, 0, 'nickname');
}
//END AUTH
$level = mysql_result($q, 0);
if($level < 4)
{
echo "$css";
echo'<title>'.$ttl.'</title>';
echo'<div class="d3">'.$ttl.'</div>';
echo "Доступ запрещен<br/>\n";
echo'<div class="d3">';
echo"$sitefoot";
list($msec, $sec) = explode(chr(32), microtime());
echo "[".round(($sec+$msec)-$headtime,5)."] сек.<br/>\n";
echo'</div>';
echo "</body></html>";
exit();
}
//ONLINE
$online = time() + 60;
$update = mysql_query("UPDATE `chat_users` SET `time` = '".$online."', `place` = 0, `ip` = '".getenv('REMOTE_ADDR')."', `ua` = '".htmlspecialchars(getenv('HTTP_USER_AGENT'))."' WHERE `id` = '".$id."';");
//END ONLINE
echo "$css";
echo'<title>'.$ttl.'</title>';
echo'<div class="d3">'.$ttl.'</div>';
if(isset($_GET['mod']))
{
$mod = $_GET['mod'];
}
else
{
$mod = "";
}
switch($mod)
{
case 'delete':
$lid = intval($_GET['lid']);
$q = mysql_query("DELETE FROM `chat_letters` WHERE `lid` = '".$lid."';");
if(mysql_affected_rows() != 0)
{
echo LETTER_ARE_REMOVED."<br/>\n";
}
else
{
echo LETTER_DOES_NOT_EXISTS."<br/>\n";
}
break;
case 'view':
$lid = intval($_GET['lid']);
$q = mysql_query("SELECT * FROM `chat_letters` WHERE `lid` = '".$lid."' ;");
if(mysql_num_rows($q) == 0)
{
echo LETTER_DOES_NOT_EXISTS."<br/>";
echo "<div class=\"d1\">• <a href=\"/adletters.php?".SID."&ver=html\">Почта</a></div><br/>\n";
echo "<div class=\"d1\">• <a href=\"/menu/html\">В прихожую</a><br/>";
include('banners/pochta');
echo'</div>';
echo'<div class="d3">';
echo"$sitefoot";
echo'</div>';
echo "</body></html>";
exit();
}
$letter = mysql_fetch_array($q);
$lid = $letter['lid'];
$to = $letter['to'];
$from = $letter['from'];
$title = $letter['subject'];
$text = $letter['body'];
$date = $letter['date'];
if($to == $id)
{
$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$from."';");
$nick = mysql_result($q, 0);
echo "<u>".LETTER_TITLE.":</u> $title<br/>\n";
echo "<u>".LETTER_FROM.":</u> $nick<br/>\n";
echo "<u>".LETTER_DATE.":</u> $date<br/>\n";
echo "<u>".LETTER_BODY.":</u> $text<br/>\n";
}
else
{
$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$to."';");
$nick = mysql_result($q, 0);
echo "<u>".LETTER_TITLE.":</u> $title<br/>\n";
echo "<u>".LETTER_TO.":</u> $nick<br/>\n";
echo "<u>".LETTER_DATE.":</u> $date<br/>\n";
echo "<u>".LETTER_BODY.":</u> $text<br/>\n";
}
echo "<a href=\"/adletters.php?".SID."&ver=html&mod=delete&lid=$lid&nocache=$nocache\">Удалить</a><br/>\n";
break;
default:
echo INBOX.":<br />\n";
$q = mysql_query("SELECT COUNT(*) FROM `chat_letters` ;");
$all = mysql_result($q, 0);
if(isset($_GET['start'])) $start = $_GET['start'];
else $start = 0;
if($start < 0) $start = 0;
if($start > $all) $start = 0;
$q = mysql_query("SELECT `lid`, `date`, `from`, `subject`, `read` FROM `chat_letters`;");
//
if ($start > 10) print "<a href=\"/adletters.php?".SID."&start=0&ver=html\"><<<<</a><br/>";
if ($start > 0) print "<a href=\"/adletters.php?".SID."&start=".($start-5)."&ver=html\"><<<</a><br/>";
if(mysql_num_rows($q) == 0)
{
echo INBOX_IS_NOT."<br/>\n";
}
//
while($letter = mysql_fetch_array($q))
{
$lid = $letter['lid'];
$title = $letter['subject'];
$read = $letter['read'];
$date = $letter['date'];
$from = $letter['from'];
$qq = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$from."';");
$nick = mysql_result($qq, 0);
$qqid = mysql_query("SELECT `id` FROM `chat_users` WHERE `nickname` = '".$nick."';");
$useriid = mysql_result($qqid, 0);
if($read == 0)
{
echo "<a href=\"/adletters.php?".SID."&ver=html&mod=view&lid=$lid\">[$date]<b>[НЕ ПРОЧИТАНО]</b> <br/> $title</a> (<a href=\"/info.php?".SID."&uid=".$useriid."&ver=html\">$nick</a>)<br/>\n";
}
else
{
echo "<a href=\"/adletters.php?".SID."&ver=html&mod=view&lid=$lid\">[$date]<b>[ПРОЧИТАНО]</b> <br/> $title</a> (<a href=\"/info.php?".SID."&uid=".$useriid."&ver=html\">$nick</a>)<br/>\n";
}
}
if ($all > $start + 5) print "<a href=\"/adletters.php?".SID."&start=".($start+5)."&ver=html\">>>></a><br/>";
if ($all - $start > 10) print "<a href=\"/adletters.php?".SID."&start=".($all-5)."&ver=html\">>>>></a><br/>";
break;
}
if(!empty($mod)) echo "<div class=\"d1\">• <a href=\"/adletters.php?".SID."&ver=html\">Почтовый ящик</a></div>\n";
echo "<div class=\"d1\">• <a href=\"/menu/html\">В прихожую</a><br/>";
include('banners/pochta');
echo'</div>';
echo'<div class="d3">';
echo"$sitefoot";
echo'</div>';
echo "</body></html>";
break;
}
?>