<?php
//***********************************************//
// HwapCms - бесплатная wap CMS //
// Автор: wap_masterok //
// Официальный сайт //
// http://wap-help.ru //
// //
//***********************************************//
if(file_exists('inc/db_dat.php') or file_exists('../inc/db_dat.php')) {
require("db_dat.php");
require("db.php");
}else{
header('location: /install/');
}
@error_reporting(E_ALL ^ E_NOTICE);
@ini_set('display_errors', false);
@ini_set('html_errors', false);
@ini_set('error_reporting', E_ALL ^ E_NOTICE);
// дополнительная проверка $_GET
foreach ($_GET as $check_url) {
if (!is_string($check_url) || !preg_match('#^(?:[a-z0-9_\-/]+|\.+(?!/))*$#i', $check_url)) {
header ('Location: ../');
exit;
}
}
unset($check_url);
// настройки
$set['site'] = $_SERVER['HTTP_HOST'];
$home=$set['site'];
$set['onpage'] = 10;
$online_users = mysql_result(mysql_query("SELECT count(*) FROM `users` WHERE `last` > '".(time()-300)."'"), 0);
$mail = mysql_result(mysql_query("SELECT count(*) FROM `mail` WHERE `to_id` = '".$user['id']."'"), 0);
if (isset($_COOKIE['userlogin']) and isset($_COOKIE['userpass'])) {
$userlogin = check($_COOKIE['userlogin']);
$userpass = check($_COOKIE['userpass']);
$query = mysql_query("SELECT * FROM `users` WHERE `login` = '$userlogin' and `pass` = '$userpass' LIMIT 1");
$user = mysql_fetch_assoc($query);
if (isset($user['id'])) {
$config['onpage'] = $user['onpage'];
if ($user['login'] != $userlogin or $user['pass'] != $userpass) {
setcookie('userlogin', '', time() - 86400*31);
setcookie('userpass', '', time() - 86400*31);
}
}
}
$mail = mysql_result(mysql_query("SELECT count(*) FROM `mail` WHERE `to_id` = '".$user['id']."'"), 0);
$jur = mysql_result(mysql_query("SELECT count(*) FROM `jurnal` WHERE `id_user` = '".$user['id']."'"), 0);
$chat = mysql_result(mysql_query("SELECT count(*) FROM `chat`"), 0);
function check($check){
$check = htmlspecialchars(mysql_real_escape_string($check));
$search = array('|', '\'', '$', '\\', '^', '%', '`', "\0", "\x00", "\x1A", "⁄∩");
$replace = array('|', ''', '$', '\', '^', '%', '`', '', '', '', '');
$msg = str_replace($search, $replace, $msg);
$msg = stripslashes(trim($msg));
return $check;
}
function generate($number){
$arr = array('a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','r','s','t','u','v','x','y','z','A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','R','S','T','U','V','X','Y','Z','1','2','3','4','5','6','7','8','9','0');
// Генерируем пароль
$pass = '';
for($i = 0; $i < $number; $i++){
// Вычисляем случайный индекс массива
$index = rand(0, count($arr) - 1);
$pass .= $arr[$index];
}
return $pass;
}
function vremja($time=NULL)
{
global $user;
if ($time==NULL)$time=time();
if (isset($user))$time=$time+$user['set_timesdvig']*60*60;
$timep="".date("j M Y в H:i", $time)."";
$time_p[0]=date("j n Y", $time);
$time_p[1]=date("H:i", $time);
if ($time_p[0]==date("j n Y"))$timep=date("H:i:s", $time);
if (isset($user)){
if ($time_p[0]==date("j n Y", time()+$user['set_timesdvig']*60*60))$timep=date("H:i:s", $time);
if ($time_p[0]==date("j n Y", time()-60*60*(24-$user['set_timesdvig'])))$timep="Вчера в $time_p[1]";}
else{
if ($time_p[0]==date("j n Y"))$timep=date("H:i:s", $time);
if ($time_p[0]==date("j n Y", time()-60*60*24))$timep="Вчера в $time_p[1]";}
$timep=str_replace("Jan","Янв",$timep);
$timep=str_replace("Feb","Фев",$timep);
$timep=str_replace("Mar","Марта",$timep);
$timep=str_replace("May","Мая",$timep);
$timep=str_replace("Apr","Апр",$timep);
$timep=str_replace("Jun","Июня",$timep);
$timep=str_replace("Jul","Июля",$timep);
$timep=str_replace("Aug","Авг",$timep);
$timep=str_replace("Sep","Сент",$timep);
$timep=str_replace("Oct","Окт",$timep);
$timep=str_replace("Nov","Ноября",$timep);
$timep=str_replace("Dec","Дек",$timep);
return $timep;
}
function maketime($string) {
if($string < 3600){
$string = sprintf("%02d:%02d", (int)($string / 60) % 60, $string % 60);
}else{
$string = sprintf("%02d:%02d:%02d", (int)($string / 3600) % 24, (int)($string / 60) % 60, $string % 60);
};
return $string;
};
$id = isset($_REQUEST['id']) ? abs(intval($_REQUEST['id'])) : false;
$act = isset($_GET['act']) ? check($_GET['act']) : FALSE;
$otv = isset($_REQUEST['otv']) ? abs(intval($_REQUEST['otv'])) : false;
$del = isset($_REQUEST['del']) ? abs(intval($_REQUEST['del'])) : false;
$edit = isset($_REQUEST['edit']) ? abs(intval($_REQUEST['edit'])) : false;
$versions='1 beta';
$new_posts = mysql_result(mysql_query("SELECT count(*) FROM `mail` WHERE `status` = '0' AND `to_id` = '$user[id]' "), 0);
$new_jur = mysql_result(mysql_query("SELECT count(*) FROM `jurnal` WHERE `new` = '0' AND `id_user` = '$user[id]' "), 0);
$tems_forum = mysql_result(mysql_query("SELECT count(*) FROM `forum` WHERE `type` = 'tema'"), 0);
$otvets_forum = mysql_result(mysql_query("SELECT count(*) FROM `forum` WHERE `type` = ''"), 0);
$guest = mysql_result(mysql_query("SELECT count(*) FROM `guest`"), 0);
if ($user['id']) {
mysql_query("UPDATE `users` SET `last` = '".time()."' WHERE `id` = '$user[id]' LIMIT 1");
}
function bb($msg){
$result_sm = mysql_query("SELECT * FROM `smiles`");
while ($s = mysql_fetch_assoc($result_sm)) {
$msg = str_replace($s['code'], '<img src="/'.$s['path'].'" alt="'.$s['code'].'" />', $msg);
}
$msg = str_replace('script', '-', $msg);
$msg = preg_replace("#\[red\](.*?)\[/red\]#si", "<span style=\"color: red\">\\1</span>", $msg);
$msg = preg_replace("#\[blue\](.*?)\[/blue\]#si", "<span style=\"color: blue\">\\1</span>", $msg);
$msg = preg_replace("#\[black\](.*?)\[/black\]#si", "<span style=\"color: black\">\\1</span>", $msg);
$msg = preg_replace("#\[green\](.*?)\[/green\]#si", "<span style=\"color: green\">\\1</span>", $msg);
$msg = preg_replace("#\[orange\](.*?)\[/orange\]#si", "<span style=\"color: orange\">\\1</span>", $msg);
$msg = preg_replace("#\[pink\](.*?)\[/pink\]#si", "<span style=\"color: pink\">\\1</span>", $msg);
$msg = preg_replace("#\[gray\](.*?)\[/gray\]#si", "<span style=\"color: gray\">\\1</span>", $msg);
$msg = preg_replace("#\[big\](.*?)\[/big\]#si", "<span style=\"font-size: 20px\">\\1</span>", $msg);
$msg = preg_replace("#\[small\](.*?)\[/small\]#si", "<span style=\"font-size: 8px\">\\1</span>", $msg);
$msg = preg_replace("#\[b\](.*?)\[/b\]#si", "<b>\\1</b>", $msg);
$msg = preg_replace("#\[u\](.*?)\[/u\]#si", "<u>\\1</u>", $msg);
$msg = preg_replace("#\[i\](.*?)\[/i\]#si", "<i>\\1</i>", $msg);
$msg = preg_replace("#\[strike\](.*?)\[/strike\]#si", "<strike>\\1</strike>", $msg);
$msg = preg_replace("#\[q\](.*?)\[/q\]#si", "<div class=\"quote\">\\1</div>", $msg);
$msg = preg_replace_callback('~\[url=((https?|ftp)://.+?)\](.+?)\[/url\]|((https?|ftp)://[0-9a-zа-яё/.;?=\(\)\_\-&%#]+)~ui', 'url_replace', $msg);
return nl2br($msg);
}
function bbpanel($form, $field) {
return '<script language="JavaScript" type="text/javascript">
function tag(text1, text2) {
if ((document.selection)) {
document.' . $form . '.' . $field . '.focus();
document.' . $form . '.document.selection.createRange().text = text1+document.' . $form . '.document.selection.createRange().text+text2;
} else if(document.forms[\'' . $form . '\'].elements[\'' . $field . '\'].selectionStart!=undefined) {
var element = document.forms[\'' . $form . '\'].elements[\'' . $field . '\'];
var str = element.value;
var start = element.selectionStart;
var length = element.selectionEnd - element.selectionStart;
element.value = str.substr(0, start) + text1 + str.substr(start, length) + text2 + str.substr(start + length);
} else
document.' . $form . '.' . $field . '.value += text1+text2;
}
</script>
<a href="javascript:tag(\'[b]\', \'[/b]\')"><img src="/images/bb/bold.png" alt="b" title="Жирный"/></a>
<a href="javascript:tag(\'[i]\', \'[/i]\')"><img src="/images/bb/italic.png" alt="i" title="Наклонный"/></a>
<a href="javascript:tag(\'[u]\', \'[/u]\')"><img src="/images/bb/underline.png" alt="u" title="Подчёркнутый"/></a>
<a href="javascript:tag(\'[strike]\', \'[/strike]\')"><img src="/images/bb/strike.png" alt="s" title="Перечёркнутый"/></a>
<a href="javascript:tag(\'[url=]\', \'[/url]\')"><img src="/images/bb/link.png" alt="url" title="Ссылка" /></a>
<a href="javascript:tag(\' :)\', \'\')"><img src="/images/smiles/1.gif" alt=":)" title=":)" /></a>
<a href="javascript:tag(\' :(\', \'\')"><img src="/images/smiles/7.gif" alt=":(" title=":(" /></a>
<a href="javascript:tag(\' ;/\', \'\')"><img src="/images/smiles/33.gif" alt=";/" title=";/" /></a>';
}
function links_preg1($arr)
{
global $set;
if (preg_match('#^http://'.preg_quote($_SERVER['HTTP_HOST']).'#',$arr[1]) || !preg_match('#://#',$arr[1]))
return '<a href="'.$arr[1].'">'.$arr[2].'</a>';
else
return '<a'.($set['web']?' target="_blank"':null).' href="'.$arr[1].'">'.$arr[2].'</a>';
}
function links($msg)
{
global $set;
$msg=preg_replace_callback('/\[url=(.+)\](.+)\[\/url\]/isU', 'links_preg1', $msg);
return $msg;
}
function pages($page, $link, $pages) {
if ($pages > 1) {
echo '</div><div class="menu">Cтр.: ';
for ($k = 1; $k <= $pages; $k++) {
if ( $k == 1 or $k == $pages or 2 >= ($page - $k) and -2 <= ($page - $k) ) {
if ($k == $page) {
$write = '<u>'.$k.'</u> ';
} else {
$write = '<a href="'.$link.'p='.$k.'">'.$k.'</a> ';
}
echo $write;
}
}
}
}
$ok = isset($_GET['ok']) ? 1 : FALSE;
function user($id,$razm,$login,$last){
if($last > time()-600){
$on = '[ON]';
}
if($last < time()-600){
$on ='[OFF]';
}
if (file_exists('images/avatars/'.$id.'.png')){echo '<div class="tmn"><img width="'.$razm.'" height="'.$razm.'" src="images/avatars/'.$id.'.png" alt="o"><a href="/user.php?id='.$id.'"> '.$login.' <span class="green">'.$on.'</span></a></div>';} else {echo '<div class="tmn"><img width="'.$razm.'" height="'.$razm.'" src="/images/avatars/noavatar.png" alt="o"><a href="/user.php?id='.$id.'"> '.$login.' <span class="green">'.$on.'</span></a></div>';}
}
$s = mysql_query("SELECT * FROM `users` WHERE `id` ='".$id."'");
$ank_user = mysql_fetch_assoc($s);
if ($user['id']) {
mysql_query("UPDATE `users` SET `last` = '".time()."' WHERE `id` = '$user[id]' LIMIT 1");
}
if($ank_user['last'] > time()-600){
$on = '[ON]';
}
if($ank_user['last'] < time()-600){
$on ='[OFF]';
}
//Строго запрещенно снимать копирайт!
function foot(){
if ($_SERVER['PHP_SELF'] != '/index.php') {
echo '<div class="main"><div class="cat"><a href="/"><img src="/images/home.png" alt="home" /> На Главную</a></div></div>';
}
echo '<div class="copy"><center> <a href="http://wap-help.ru">© HwapCMS</a></center></div>';
echo '</body>';
echo '</html>';
}
$ban = mysql_query("SELECT `id` FROM `ban` WHERE `id_user` = '$user[id]' and `time_ban` > '".TIME()."'");
if (mysql_num_rows($ban)) {
header('location: /user/ban.php');
}
//количество пользователей
$us = mysql_query("SELECT COUNT(*) FROM users");
$us_k = mysql_fetch_row($us);
$user_kol = $us_k[0];
//название разделов или топика
function for_link($id,$type){
$f_l = mysql_query("SELECT * FROM `forum` WHERE `type`='".$type."' AND `id`='".$id."'");
$for_link = mysql_fetch_assoc($f_l);
if($type=='kat' OR $type=='raz') {
echo '<div class="nv"><a href="/forum/">Форум</a> - <b>'.$for_link['text'].'</b></div>';
}else{
echo '<div class="nv"><a href="/forum/">Форум</a> - <b>'.$for_link['name'].'</b></div>';
}
}
?>