Просмотр файла index.php

Размер файла: 34.23Kb
<?php

include('configuration.php');

if(!isset($_REQUEST['ac'])|| $_REQUEST['ac'] =='')
 $_REQUEST['ac'] = 'lgn';

if(!isset($_SESSION['sid']) && !isset($_REQUEST['sid']) && $_REQUEST['ac'] != 'lgn' && $_REQUEST['ac'] != 'fgp' && $_REQUEST['ac'] != 'rst' 
&& $_REQUEST['ac'] != 'rgs')
{
	header('Location: index.php?ac=lgn&err=1');
	exit();
}
if(isset($_REQUEST['sid']))
{
	chkses($_REQUEST['sid']);
}else if(isset($_SESSION['sid']))
{
	chkses($_SESSION['sid']);
}

chklog();

if($_REQUEST['ac'] == 'lgn')
{	
	$user = getuser($_REQUEST['user']);
	if(isset($_REQUEST['return']))
	{
		$smarty->assign('return', urlencode($_REQUEST['return']));
	}
	if(isset($_REQUEST['err']))
	{
		$smarty->assign('err', $lang['you_must_log_in']);
	}
	if(isset($_REQUEST['user']) && chkeus($_REQUEST['user']) == false)
	{
		$smarty->assign('err', sprintf($lang['dont_exist'], $_REQUEST['user']));
	}
	else if(isset($_REQUEST['user']) && chkeus($_REQUEST['user']) && md5($_REQUEST['pass']) != $user['password'])
	{
		$smarty->assign('photo', getsetphoto($user['id']));
		$smarty->assign('user', $user);
	}
	else if(isset($_REQUEST['user']) && chkeus($_REQUEST['user']) && md5($_REQUEST['pass']) == $user['password'])
	{
		if(!isset($_REQUEST['return']))
		{
			header('Location: index.php?ac=hme&sid=' . addses($user['id'], $_REQUEST['rem']));
			exit();
		}
		else
		{
			header('Location: ?'.urldecode($_REQUEST['return']).'&sid=' . addses($user['id'], $_REQUEST['rem']));
			exit();
		}
	}
	$smarty->assign('page', 'm/login.tpl');
}
else if($_REQUEST['ac'] == 'rgs')
{
	if($_prefs['regenabled']	==	'yes')
	{
		if(!isset($_SESSION['an']))
		{
			$_SESSION['an'] = 100;
		}
		if($_REQUEST['ans'] != $_SESSION['an'])
		{
			$digit	= rand(1, 10);
			$number	= rand(1, 10);
			$calc	= $digit.'+'.$number;
			$_SESSION['calc'] = $calc;
			$calc = $_SESSION['calc'];
			$an		= $digit+$number;
			$_SESSION['an'] = $an;
		}
		$calc = $_SESSION['calc'];
		$an = $_SESSION['an'];
		$tme = time()-$_prefs['reg_iplock'];
		$row = mysql_fetch_array(mysql_query('SELECT COUNT(*) FROM _users WHERE reg_ip="'.$_SERVER['REMOTE_ADDR'].'" AND 
		reg_date>"'.$tme.'"'));
		$smarty->assign('user', $_REQUEST['user']);
		$smarty->assign('pass', $_REQUEST['pass']);
	
		if($row[0] > 0)
		{
			$smarty->assign('err', $lang['reglock']);
			$smarty->assign('lock', 1);
		}
		else
		{
			if(isset($_REQUEST['user']) && strlen($_REQUEST['user']) < 3 || strlen($_REQUEST['user']) > 15 || scharin($_REQUEST['user']) || 
			spacesin($_REQUEST['user']))
			{
				$smarty->assign('err', $lang['invalid_user']);
			}
			else if(chkuser($_REQUEST['user']))
			{
				$smarty->assign('err', sprintf($lang['user_exist'], $_REQUEST['user']));
			}
			else
			{
				$_SESSION['username'] = $_REQUEST['user'];
				$smarty->assign('info', sprintf($lang['user_valid'], $_SESSION['username']));
				if(isset($_REQUEST['email']) && (strlen($_REQUEST['email']) < 7 || strlen($_REQUEST['email']) > 50 || 
				!filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL)))
				{
					$smarty->assign('err', $lang['invalid_email']);
				}
				else if(chkmail($_REQUEST['email']))
				{
					$smarty->assign('err', sprintf($lang['email_exist'], $_REQUEST['email']));
				}
				else if(isset($_REQUEST['pass']) && strlen($_REQUEST['pass']) < 3 || strlen($_REQUEST['pass']) > 15 || schar($_REQUEST['pass']))
				{
					$smarty->assign('err', $lang['invalid_password']);
				}
				else if($_REQUEST['pass'] != $_REQUEST['repass'])
				{
					$smarty->assign('err', $lang['password_dont']);
				}
				else if(isset($_REQUEST['ans']))
				{
					if($_REQUEST['ans'] != $an)
					{
						$smarty->assign('err', $lang['invalid_answer']);
					}
					else
					{
						if(isset($_SESSION['username']) && $_REQUEST['email'] && $_REQUEST['pass'] == $_REQUEST['repass'] && $_REQUEST['ans'] == $an 
						&& adduser($_SESSION['username'], $_REQUEST['pass'], $_REQUEST['email'], $_prefs['language']) && $row[0] < 1)
						{
							$smarty->assign('result', 1);
						}
					}
				}
			}
		}
	}
	else
	{
		$smarty->assign('disable', $lang['regdisabled']);
	}
	$smarty->assign('calc', $calc);
	$smarty->assign('email', $_REQUEST['email']);
	$smarty->assign('username', $_SESSION['username']);
	$smarty->assign('page', 'm/register.tpl');
}
else if($_REQUEST['ac'] == 'fgp')
{
	if(isset($_REQUEST['info']) && $_REQUEST['info'] == '')
	{
		$smarty->assign('err', $lang['req_pass_emp']);
	}
	else if(isset($_REQUEST['info']) && chkeus($_REQUEST['info']) == false)
	{
		$smarty->assign('err', $lang['user_or_email_invalid']);
	}
	else if(isset($_REQUEST['info'])  && ForgotPassword($_REQUEST['info']))
	{
		$smarty->assign('ok', $lang['pwresetsuccess']);
	}
	$smarty->assign('page', 'm/forget.tpl');
}
else if($_REQUEST['ac'] == "rst")
{
	if($_REQUEST['id'])
	{
		if($_REQUEST['rkey'])
		{
			if(ResetPassword($_REQUEST['id'], $_REQUEST['rkey']) == true)
			{
				$smarty->assign('reset', 1);
			}
		}
	}
	$smarty->assign('page', 'm/forget.tpl');
}
else if($_REQUEST['ac'] == 'lgu')
{
	$chkd = mysql_query('DELETE FROM _session WHERE id="'.check($_REQUEST['sid']).'"');
	session_destroy();
	header('Location: index.php');
	exit();
}
else if($_REQUEST['ac'] == 'hme')
{
	if(getdetail($ses['userid']) == 0)
	{
		$smarty->assign('update', 1);
	}
	if(strlen($_REQUEST['post']) > 0 && AddToWall($_REQUEST['id'], $_REQUEST['post']) == true)
	{
		header('location: '.$_prefs['selfurl'].'?ac=hme&sid='.chklog());
		exit();
	}
	$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
	$PerPage = 7;
	$Count = GetFeedCount();
	$pageCount = max(1, ceil($Count / max(1, $PerPage)));
	$pageNo = min($pageCount, max(1, $pageNo));
	$FeedList = GetFeedList($pageNo, $PerPage);
	$smarty->assign('Count', $Count);
	$smarty->assign('perPage', $PerPage);
	$smarty->assign('pageNo', $pageNo);
	$smarty->assign('pageCount', $pageCount);
	$smarty->assign('feed', $FeedList);
	$friendrequest = FriendRequestCount();
	$FriendRequestList = FriendRequestList();
	$smarty->assign('friend', $friendrequest);
	$smarty->assign('notify', GetNotifyList());
	$smarty->assign('friendrequest', $FriendRequestList);
	if($pageNo>1)
	{
		$ppage = $pageNo-1;
		$smarty->assign("newer", $ppage);
	}
	if($pageNo<$pageCount)
	{
		$npage = $pageNo+1;
		$smarty->assign("older", $npage);
	}
	$smarty->assign('page', 'm/home.tpl');
}
else if($_REQUEST['ac'] == 'prf')
{
	$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
	$PerPage = 7;
	$Count = GetWallCount($_REQUEST['id']);
	$pageCount = max(1, ceil($Count / max(1, $PerPage)));
	$pageNo = min($pageCount, max(1, $pageNo));
	$WallList = GetWallList($_REQUEST['id'], $pageNo, $PerPage);
	$smarty->assign('Count', $Count);
	$smarty->assign('perPage', $PerPage);
	$smarty->assign('pageNo', $pageNo);
	$smarty->assign('pageCount', $pageCount);
	$smarty->assign('wall', $WallList);
	if(!isset($_REQUEST['id']))
	{
		$_REQUEST['id'] = $ses['userid'];
	}
	$info = getuserinfo(check($_REQUEST['id']));
	if(CheckFriend($_REQUEST['id']) == 1)
	{
		$smarty->assign('conf', 1);
	}
	else if(CheckFriend($_REQUEST['id']) == 2)
	{
		$smarty->assign('pend', 1);
	}
	else if(CheckFriend($_REQUEST['id']) == 3)
	{
		$smarty->assign('accp', 1);
	}
	if(strlen($_REQUEST['post']) > 0 && AddToWall($_REQUEST['id'], $_REQUEST['post']) == true)
	{
		header('location: '.$_prefs['selfurl'].'?ac=prf&id='.$_REQUEST['id'].'&sid='.chklog());
		exit();
	}
	if($_REQUEST['do'] == "abt")
	{
		$smarty->assign('do', $_REQUEST['do']);
		$detail = getdetail($_REQUEST['id']);
		if(isset($_REQUEST['y']) || isset($_REQUEST['gender'])|| isset($_REQUEST['country']) || isset($_REQUEST['interested']) || isset($_REQUEST['about']))
		{
			$dob = $_REQUEST['m'].' - '.$_REQUEST['d'].' - '.$_REQUEST['y'];
			if(getage($dob) < 12 || getage($dob) >= 40)
			{
				$smarty->assign('msg', $lang['age_inappropriate']);
			}else if($_REQUEST['gender'] ==  '')
			{
				$smarty->assign('msg', $lang['select_gender']);
			}else{
				$chk = mysql_fetch_array(mysql_query('SELECT COUNT(*) FROM _detail WHERE userid="'.check($ses['userid']).'"'));
				$tm = time();
				if($chk[0] < 1)
				{
					$insert = mysql_query('INSERT INTO _detail SET userid="'.check($ses['userid']).'", dob="'.check($dob).'", 
					sex="'.check($_REQUEST['gender']).'", country="'.check($_REQUEST['country']).'", about="'.check($_REQUEST['about']).'", 
					interest="'.check($_REQUEST['interested']).'", relationship="'.check($_REQUEST['relationship']).'", uptm="'.$tm.'"');
					$smarty->assign('ok', 1);
				}else{
					$update = mysql_query('UPDATE _detail SET dob="'.check($dob).'", 
					sex="'.check($_REQUEST['gender']).'", country="'.check($_REQUEST['country']).'", about="'.check($_REQUEST['about']).'", 
					interest="'.check($_REQUEST['interested']).'", relationship="'.check($_REQUEST['relationship']).'", uptm="'.$tm.'" 
					WHERE userid="'.check($ses['userid']).'"');
					$smarty->assign('ok', 1);
				}
			}
		}
		if(isset($detail['dob']))
		{
			$dob = explode("-", $detail['dob']);
			$_REQUEST['m'] = $dob[0];
			$_REQUEST['d'] = $dob[1];
			$_REQUEST['y'] = $dob[2];
		}
		if($detail['dob'] > 0)
		{
			$age = getage($detail['dob']);
		}
		if(!isset($_REQUEST['gender']))
		{
			$_REQUEST['gender'] = $detail['sex'];
		}
		if(!isset($_REQUEST['interested']))
		{
			$_REQUEST['interested'] = $detail['interest'];
		}
		if(!isset($_REQUEST['country']))
		{
			$_REQUEST['country'] = ucfirst($detail['country']);
		}
		if(!isset($_REQUEST['relationship']))
		{
			$_REQUEST['relationship'] = $detail['relationship'];
		}
		if(!isset($_REQUEST['about']))
		{
			$_REQUEST['about'] = $detail['about'];
		}
		$smarty->assign('se', $_REQUEST['interested']);
		$smarty->assign('gen', $_REQUEST['gender']);
		$smarty->assign('m', $_REQUEST['m']);
		$smarty->assign('d', $_REQUEST['d']);
		$smarty->assign('y', $_REQUEST['y']);
		$smarty->assign('age', $age);
		$smarty->assign('country', $_REQUEST['country']);
		$smarty->assign('relationship', $_REQUEST['relationship']);
		$smarty->assign('gender', $_REQUEST['gender']);
		$smarty->assign('about', $_REQUEST['about']);
	}
	if($pageNo>1)
	{
		$ppage = $pageNo-1;
		$smarty->assign("newer", $ppage);
	}
	if($pageNo<$pageCount)
	{
		$npage = $pageNo+1;
		$smarty->assign("older", $npage);
	}
	$smarty->assign('info', $info);
	$smarty->assign('on_wall', sprintf($lang['write_on_wall'], ucfirst($info['username'])));
	$smarty->assign('username', ucfirst($info['username']));
	$smarty->assign('photo', getsetphoto($_REQUEST['id']));
	$smarty->assign('page', 'm/profile.tpl');
}
else if($_REQUEST['ac'] == 'cmt')
{
	$PerPage = 7;
	$Count = GetCommentCount($_REQUEST['stid'], 0);
	$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : max(1, ceil($Count / max(1, $PerPage)));
	$pageCount = max(1, ceil($Count / max(1, $PerPage)));
	$pageNo = min($pageCount, max(1, $pageNo));
	$ComList = GetCommentList($_REQUEST['stid'], 0, 0, $pageNo, $PerPage, 'ASC');
	$smarty->assign('like', GetLikeUser($_REQUEST['stid'], 0, 0, 0));
	$smarty->assign('lk', GetLikeCount($_REQUEST['stid'], 0, 0, 0));
	$smarty->assign('Count', $Count);
	$smarty->assign('perPage', $PerPage);
	$smarty->assign('pageNo', $pageNo);
	$smarty->assign('pageCount', $pageCount);
	$smarty->assign('comment', $ComList);
	$smarty->assign('stid', $_REQUEST['stid']);
	if(strlen($_REQUEST['comment']) > 0 && AddComment($_REQUEST['stid'], 0, 0, $_REQUEST['comment']) == true)
	{
		$info = mysql_query('SELECT userid FROM _story WHERE id="'.check($_REQUEST['stid']).'"');
		$user = mysql_fetch_array($info);
		$inf = mysql_query('SELECT * FROM _comment WHERE stid="'.check($_REQUEST['stid']).'" AND userid="'.check($user[0]).'"');
		if(mysql_num_rows($inf) == 0)
		{
			notify($user[0], $_REQUEST['stid'], 0, 0, 0, 1);
		}
		$in = mysql_query('SELECT DISTINCT userid FROM _comment WHERE stid="'.check($_REQUEST['stid']).'" AND userid!="'.check($ses['userid']).'"');
		while($ft = mysql_fetch_array($in))
		{
			notify($ft[0], $_REQUEST['stid'], 0, 0, 0, 1);
		}
		header('location: '.$_prefs['selfurl'].'?ac=cmt&stid='.$_REQUEST['stid'].'&sid='.chklog());
		exit();
	}
	if($pageNo>1)
	{
		$ppage = $pageNo-1;
		$smarty->assign("newer", $ppage);
	}
	if($pageNo<$pageCount)
	{
		$npage = $pageNo+1;
		$smarty->assign("older", $npage);
	}
	$smarty->assign('tinf', GetStoryInfo($_REQUEST['stid']));
	$smarty->assign('page', 'm/comment.tpl');
}
else if($_REQUEST['ac'] == 'sae')
{
	if(isset($_REQUEST['mess']) && AddToWall($ses['userid'], $_REQUEST['mess'], $_REQUEST['stid']) == true)
	{
		header('location: '.$_prefs['selfurl'].'?ac=prf&id='.$ses['userid'].'&sid='.chklog());
		exit();
	}
	$smarty->assign('stinf', GetStoryInfo($_REQUEST['stid']));
	$smarty->assign('stid', $_REQUEST['stid']);
	$smarty->assign('page', 'm/share.tpl');
}
else if($_REQUEST['ac'] == 'lke')
{
	if(isset($_REQUEST['stid']))
	{
		$_REQUEST['wid'] = $_REQUEST['stid'];
	}
	if(isset($_REQUEST['cid']) || isset($_REQUEST['wid']) || isset($_REQUEST['alid']) || isset($_REQUEST['pid']))
	{
		if($_REQUEST['do'] == 'ppl')
		{
			$PerPage = 7;
			$Count = GetLikeCount($_REQUEST['wid'], $_REQUEST['cid'], $_REQUEST['alid'], $_REQUEST['pid']);
			$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : max(1, ceil($Count / max(1, $PerPage)));
			$pageCount = max(1, ceil($Count / max(1, $PerPage)));
			$pageNo = min($pageCount, max(1, $pageNo));
			$lkeList = GetLikeList($_REQUEST['wid'], $_REQUEST['cid'], $_REQUEST['alid'], $_REQUEST['pid'], $pageNo, $PerPage, 'ASC');
			$smarty->assign('Count', $Count);
			$smarty->assign('perPage', $PerPage);
			$smarty->assign('pageNo', $pageNo);
			$smarty->assign('pageCount', $pageCount);
			$smarty->assign('like', $lkeList);
		}
		else if(AddToLike($_REQUEST['wid'], $_REQUEST['cid'], $_REQUEST['alid'], $_REQUEST['pid']) == true)
		{
			if($_REQUEST['wid'])
			{
				$url = '?ac=cmt&stid='.$_REQUEST['wid'];
			}
			if($_REQUEST['alid'])
			{
				$url = '?ac=pho&alid='.$_REQUEST['alid'];
			}
			if($_REQUEST['pid'])
			{
				$url = '?ac=pho&pid='.$_REQUEST['pid'];
			}
			header('location: '.$_prefs['selfurl'].$url.'&sid='.chklog());
			exit();
		}
	}
	$smarty->assign('page', 'm/like.tpl');
}
else if($_REQUEST['ac'] == 'fnd')
{
	if(isset($_REQUEST['id']))
	{
		if(SendFriend($_REQUEST['id']) == false)
		{
			$smarty->assign('err', 1);
		}
	}
	else
	{
		if(!isset($_REQUEST['fid']))
		{
			$_REQUEST['fid'] = $ses['userid'];
		}
		$PerPage = 5;
		$Count = FriendCount($_REQUEST['fid'], $_REQUEST['user']);
		$pageCount = max(1, ceil($Count / max(1, $PerPage)));
		$pageNo = min($pageCount, max(1, $pageNo));
		$FriendList = GetFriendList($_REQUEST['fid'], $_REQUEST['user'], $pageNo, $PerPage);
		$smarty->assign('Count', $Count);
		$smarty->assign('perPage', $PerPage);
		$smarty->assign('pageNo', $pageNo);
		$smarty->assign('pageCount', $pageCount);
		$smarty->assign('friend', $FriendList);
	}
	$smarty->assign('fid', $_REQUEST['fid']);
	$smarty->assign('user', $_REQUEST['user']);
	$smarty->assign('page', 'm/friends.tpl');
}
else if($_REQUEST['ac'] == 'srh')
{
	$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
	if($pageNo == 1)
	{
		$PerPage = 5;
	}
	else
	{
		$PerPage = 10;
	}
	$Count = GetSearchCount($_REQUEST['q']);
	if($Count == 0)
	{
		$smarty->assign('err', sprintf($lang['no_result'], check($_REQUEST['q'])));
	}
	$pageCount = max(1, ceil($Count / max(1, $PerPage)));
	$pageNo = min($pageCount, max(1, $pageNo));
	$SearchList = GetSearchList($_REQUEST['q'], $pageNo, $PerPage);
	$smarty->assign('Count', $Count);
	$smarty->assign('perPage', $PerPage);
	$smarty->assign('pageNo', $pageNo);
	$smarty->assign('pageCount', $pageCount);
	$smarty->assign('sear', $SearchList);
	$smarty->assign('q', $_REQUEST['q']);
	if($pageNo<$pageCount)
	{
		$npage = $pageNo+1;
		$smarty->assign("older", $npage);
	}
	$smarty->assign('page', 'm/search.tpl');
}
else if($_REQUEST['ac'] == 'stn')
{
	if($_REQUEST['step'] == 1)
	{
		$smarty->assign('step', 1);
		if(isset($_REQUEST['album']) || isset($_REQUEST['photo']) || isset($_FILES['uphoto']))
		{
			$msg = cphoto($_REQUEST['album'], $_REQUEST['photo'], $_FILES['uphoto']);
			if(strpos($msg,"_"))
			{
				$smarty->assign('url', $msg);
			}else{
				$smarty->assign('msg', $msg);
			}
		}
	}else if($_REQUEST['step'] == 2)
	{
		
		if($ses['step'] == 0)
		{
			$update = mysql_query('UPDATE _users SET step="1" WHERE id="'.check($ses['userid']).'"');
		}
		if(isset($_REQUEST['y']) || isset($_REQUEST['gender']) || isset($_REQUEST['about']))
		{
			$dob = $_REQUEST['m'].' - '.$_REQUEST['d'].' - '.$_REQUEST['y'];
			if(getage($dob) < 12 || getage($dob) >= 40)
			{
				$smarty->assign('msg', $lang['age_inappropriate']);
			}else if($_REQUEST['gender'] ==  '')
			{
				$smarty->assign('msg', $lang['select_gender']);
			}else{
				$chk = mysql_fetch_array(mysql_query('SELECT COUNT(*) FROM _detail WHERE userid="'.check($ses['userid']).'"'));
				$tm = time();
				if($chk[0] < 1)
				{
					$insert = mysql_query('INSERT INTO _detail SET userid="'.check($ses['userid']).'", dob="'.check($dob).'", sex="'.check($_REQUEST['gender']).'",
					about="'.check($_REQUEST['about']).'", uptm="'.$tm.'"');
					$update = mysql_query('UPDATE _users SET step="3" WHERE id="'.check($ses['userid']).'"');
					$smarty->assign('ok', 1);
				}else{
					$update = mysql_query('UPDATE _detail SET dob="'.check($dob).'", sex="'.check($_REQUEST['gender']).'", about="'.check($_REQUEST['about']).'", 
					uptm="'.$tm.'" WHERE userid="'.check($ses['userid']).'"');
					$smarty->assign('ok', 1);
				}
			}
		}
	}
	$detail = getdetail($ses['userid']);
	if(isset($detail['dob']))
	{
		$dob = explode("-",$detail['dob']);
		$_REQUEST['m'] = $dob[0];
		$_REQUEST['d'] = $dob[1];
		$_REQUEST['y'] = $dob[2];
	}
	$_REQUEST['gender'] = $detail['sex'];
	if($_REQUEST['gender'] == 1)
	{
		$smarty->assign('sex', 1);
	}else if($_REQUEST['gender'] == 2)
	{
		$smarty->assign('sel', 1);
	}
	$_REQUEST['about'] = $detail['about'];
	$smarty->assign('m', $_REQUEST['m']);
	$smarty->assign('d', $_REQUEST['d']);
	$smarty->assign('y', $_REQUEST['y']);
	$smarty->assign('gender', $_REQUEST['gender']);
	$smarty->assign('about', $_REQUEST['about']);
	$smarty->assign('album', $_REQUEST['album']);
	$smarty->assign('photo', $_REQUEST['photo']);
	$smarty->assign('page', 'm/setting.tpl');
}
else if($_REQUEST['ac'] == 'msg')
{
	$PerPage = 7;
	$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
	$Count = GetMessageCount($_REQUEST['mid'], $_REQUEST['type']);
	$pageCount = max(1, ceil($Count / max(1, $PerPage)));
	$pageNo = min($pageCount, max(1, $pageNo));
	$MessageList = GetMessageList($_REQUEST['mid'], $pageNo, $PerPage, 'DESC', $_REQUEST['type']);
	$Compose = ComposeMessage($_REQUEST['mid'], $_REQUEST['message'], $_REQUEST['type']);
	$chk = mysql_fetch_array(mysql_query('SELECT COUNT(DISTINCT toid) FROM _messages WHERE mid="'.check($_REQUEST['mid']).'"'));
	$smarty->assign('Count', $Count);
	$smarty->assign('perPage', $PerPage);
	$smarty->assign('pageNo', $pageNo);
	$smarty->assign('pageCount', $pageCount);
	$smarty->assign('mess', $MessageList);
	$smarty->assign('convo', GetMessageUser($_REQUEST['mid']));
	$smarty->assign('cnvo', count(explode(urldecode(','), $_REQUEST['mid'])));
	$smarty->assign('cnv', $chk[0]);
	$smarty->assign('id', urlencode($_REQUEST['mid']));
	$smarty->assign('type', $_REQUEST['type']);
	if(isset($_REQUEST['mid']) || isset($_REQUEST['v']))
	{
		if(GetMessageIDCount($_REQUEST['mid'], $_REQUEST['type']) > 0 && $_REQUEST['do'] != 'cme')
		{
			header('location: '.$_prefs['selfurl'].'?ac=msg&do=cme&mid='.$_REQUEST['mid'].'&sid='.chklog());
			exit();
		}
		if(isset($_REQUEST['do']))
		{
			GetMessageDo($_REQUEST['mid'], $_REQUEST['do'], $_REQUEST['sel'], $_REQUEST['type']);
			if($_REQUEST['do'] == 3)
			{
				$smarty->assign('select', 1);
			}else if($_REQUEST['do'] == 'cme')
			{
				if($_REQUEST['v'] == 'add')
				{
					$PerPage = 7;
					$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
					$smarty->assign('composelist', 1);
					$Count = GetComposeCount($_REQUEST['q']);
					$pageCount = max(1, ceil($Count / max(1, $PerPage)));
					$pageNo = min($pageCount, max(1, $pageNo));
					$ComposeList = GetComposeList($_REQUEST['q'],  $pageNo, $PerPage, 'DESC');
					$smarty->assign('Count', $Count);
					$smarty->assign('perPage', $PerPage);
					$smarty->assign('pageNo', $pageNo);
					$smarty->assign('pageCount', $pageCount);
					$smarty->assign('cme', $ComposeList);
				}
				$smarty->assign('compose', 1);
			}
		}	
		if(isset($_REQUEST['message']))
		{
			if($Compose != 1)
			{
				$smarty->assign('msg', $Compose);
			}else{
				header('Location: index.php?ac=msg&mid='.$_REQUEST['mid'].'&sid='.$ses['id']);
				exit();
			}
		}
		viewmessage($_REQUEST['mid']);
	}
	else if(!isset($_REQUEST['mid']) || $_REQUEST['mid']== '')
	{
		$PerPage = 7;
		$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
		$Count = GetInboxCount($_REQUEST['type']);
		$pageCount = max(1, ceil($Count / max(1, $PerPage)));
		$pageNo = min($pageCount, max(1, $pageNo));
		$InboxList = GetInboxList($pageNo, $PerPage, 'DESC', $_REQUEST['type']);
		$smarty->assign('in', $InboxList);
		if($Count == 0)
		{
			$smarty->assign('nomess', 1);
		}
	}
	if(isset($_REQUEST['q']))
	{
		$PerPage = 7;
		$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
		$Count = GetInboxSearchCount($_REQUEST['q'], $_REQUEST['type']);
		$pageCount = max(1, ceil($Count / max(1, $PerPage)));
		$pageNo = min($pageCount, max(1, $pageNo));
		$InboxSearch = GetInboxSearchList($_REQUEST['q'], $pageNo, $PerPage, 'DESC', $_REQUEST['type']);
		$smarty->assign('Count', $Count);
		$smarty->assign('search', $_REQUEST['q']);
		$smarty->assign('perPage', $PerPage);
		$smarty->assign('pageNo', $pageNo);
		$smarty->assign('pageCount', $pageCount);
		$smarty->assign('in', $InboxSearch);
		if($Count == 0)
		{
			$smarty->assign('nomess', 1);
		}
	}
	if($pageNo>1)
	{
		$ppage = $pageNo-1;
		$smarty->assign("newer", $ppage);
	}
	if($pageNo<$pageCount)
	{
		$npage = $pageNo+1;
		$smarty->assign("older", $npage);
	}
	$smarty->assign('page', 'm/message.tpl');
}
else if($_REQUEST['ac'] == 'pho')
{
	if(!isset($_REQUEST['id']))
	{
		$_REQUEST['id'] = $ses['userid'];
	}
	$PerPage = 7;
	$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
	if(!isset($_REQUEST['alid']) || !isset($_REQUEST['pid']))
	{
		$Count = GetAlbumCount($_REQUEST['id']);
		$pageCount = max(1, ceil($Count / max(1, $PerPage)));
		$pageNo = min($pageCount, max(1, $pageNo));
		$AlbumList = GetAlbumList($_REQUEST['id'], $pageNo, $PerPage, 'DESC');
		$smarty->assign('aluser', getusername($_REQUEST['id']));
		$smarty->assign('id', $_REQUEST['id']);
		$smarty->assign('Count', $Count);
		$smarty->assign('perPage', $PerPage);
		$smarty->assign('pageNo', $pageNo);
		$smarty->assign('pageCount', $pageCount);
		$smarty->assign('album', $AlbumList);
	}
	if(isset($_REQUEST['do']))
	{
		if($_REQUEST['do'] == 'add')
		{
			if($_REQUEST['alid'] > 0)
			{
				$url = '&alid='.$_REQUEST['alid'];
			}
			if(isset($_REQUEST['album']) || isset($_REQUEST['photo']) || isset($_FILES['uphoto']))
			{
				$msg = uphoto($_REQUEST['album'], $_REQUEST['photo'], $_FILES['uphoto']);
				if(strpos($msg,"_"))
				{
					header('location: '.$_prefs['selfurl'].'?ac=pho'.$url.'&sid='.chklog());
				}else{
					$smarty->assign('msg', $msg);
				}
			}
			$smarty->assign('albinfo', AlbumInfo($_REQUEST['alid']));
			$smarty->assign('alid', $_REQUEST['alid']);
			$smarty->assign('photo', $_REQUEST['photo']);
			$smarty->assign('album', $_REQUEST['album']);
		}
		else if($_REQUEST['do'] == 'prf')
		{
			UpdateProfilePhoto($_REQUEST['pid']);
		}
		else if($_REQUEST['do'] == 'alb')
		{
			UpdateAlbumPhoto($_REQUEST['pid']);
		}
		$smarty->assign('do', $_REQUEST['do']);
	}
	if(isset($_REQUEST['alid']))
	{
		$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
		$Count = GetAlbumPhotoCount($_REQUEST['alid']);
		$pageCount = max(1, ceil($Count / max(1, $PerPage)));
		$pageNo = min($pageCount, max(1, $pageNo));
		$albuminfo = AlbumInfo($_REQUEST['alid']);
		$AlbumPhotoList = GetAlbumPhotoList($_REQUEST['alid'], $pageNo, $PerPage, 'DESC');
		$smarty->assign('aluser', getusername($_REQUEST['id']));
		$smarty->assign('like', GetLikeUser(0, 0, $_REQUEST['alid'], 0));
		$smarty->assign('lk', GetLikeCount(0, 0, $_REQUEST['alid'], 0));
		$smarty->assign('Count', $Count);
		$smarty->assign('perPage', $PerPage);
		$smarty->assign('pageNo', $pageNo);
		$smarty->assign('pageCount', $pageCount);
		$smarty->assign('albumphoto', $AlbumPhotoList);
		$smarty->assign('albuser', getusername($albuminfo['userid']));
		$smarty->assign('albinfo', $albuminfo);
		$smarty->assign('alid', $_REQUEST['alid']);
	}
	if(isset($_REQUEST['pid']))
	{
		$Per = 1;
		$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
		$Count = GetPhotoCount($_REQUEST['pid']);
		$pageCount = max(1, ceil($Count / max(1, $Per)));
		$pageNo = min($pageCount, max(1, $pageNo));
		$PhotoList = GetPhotoList($_REQUEST['pid'], $pageNo, $Per, 'DESC');
		$smarty->assign('pid', $_REQUEST['pid']);
		foreach($PhotoList as $phid=>$pho)
		{
			$_REQUEST['pid'] = $phid;
		}
		$smarty->assign('like', GetLikeUser(0, 0, 0, $_REQUEST['pid']));
		$smarty->assign('lk', GetLikeCount(0, 0, 0, $_REQUEST['pid']));
		$smarty->assign('Count', $Count);
		$smarty->assign('perPage', $Per);
		$smarty->assign('pageCount', $pageCount);
		$smarty->assign('photo', $PhotoList);
	}
	$Ccount = GetCommentCount(0, $_REQUEST['alid'], $_REQUEST['pid']);
	$ppageNo = (isset($_REQUEST['page'])) ? $_REQUEST['page'] : max(1, ceil($Ccount / max(1, $PerPage)));
	$ppageCount = max(1, ceil($Ccount / max(1, $PerPage)));
	$ppageNo = min($ppageCount, max(1, $ppageNo));
	$ComList = GetCommentList(0, $_REQUEST['alid'], $_REQUEST['pid'], $ppageNo, $PerPage, 'ASC');
	$smarty->assign('Ccount', $Ccount);
	$smarty->assign('ppageNo', $ppageNo);
	$smarty->assign('ppageCount', $ppageCount);
	$smarty->assign('comment', $ComList);
	if(strlen($_REQUEST['comment']) > 0 && AddComment(0, $_REQUEST['alid'], $_REQUEST['pid'], $_REQUEST['comment']) == true)
	{
		$info = mysql_query('SELECT userid FROM _photo WHERE albumid="'.check($_REQUEST['alid']).'" OR id="'.check($_REQUEST['pid']).'"');
		$user = mysql_fetch_array($info);
		$inf = mysql_query('SELECT * FROM _comment WHERE pid="'.check($_REQUEST['pid']).'" AND alid="'.check($_REQUEST['alid']).'" 
				AND userid="'.check($user[0]).'"');
		if(mysql_num_rows($inf) == 0)
		{
			notify($user[0], 0, 0, $_REQUEST['pid'], $_REQUEST['alid'], 1);
		}
		$in = mysql_query('SELECT DISTINCT userid FROM _comment WHERE pid="'.check($_REQUEST['pid']).'" AND alid="'.check($_REQUEST['alid']).'" 
				AND userid!="'.check($ses['userid']).'"');
		while($ft = mysql_fetch_array($in))
		{
			notify($user[0], 0, 0, $_REQUEST['pid'], $_REQUEST['alid'], 1);
		}
		if($_REQUEST['alid'] > 0)
		{
			$url = '&alid='.$_REQUEST['alid'];
		}
		if($_REQUEST['pid'] > 0)
		{
			$url = '&pid='.$_REQUEST['pid'];
		}
		header('location: '.$_prefs['selfurl'].'?ac=pho'.$url.'&sid='.chklog());
		exit();
	}
	if($pageNo>1)
	{
		$page = $pageNo-1;
		$smarty->assign("next", $page);
	}
	if($pageNo<$pageCount)
	{
		$npage = $pageNo+1;
		$smarty->assign("prev", $npage);
	}
	if($ppageNo>1)
	{
		$ppage = $ppageNo-1;
		$smarty->assign("newer", $ppage);
	}
	if($ppageNo<$ppageCount)
	{
		$npage = $ppageNo+1;
		$smarty->assign("older", $npage);
	}
	$smarty->assign('ainf', AlbumInfo($_REQUEST['alid']));
	$smarty->assign('page', 'm/photo.tpl');
}
else if($_REQUEST['ac'] == 'on')
{
	$PerPage = 7;
	if(!isset($_REQUEST['typ'])|| $_REQUEST['typ'] =='')
	{
		$_REQUEST['typ'] = 2;
	}
	$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
	$Count = GetOnlineCount($_REQUEST['q'], $_REQUEST['typ']);
	$pageCount = max(1, ceil($Count / max(1, $PerPage)));
	$pageNo = min($pageCount, max(1, $pageNo));
	$Online = GetOnlineList($_REQUEST['q'], $_REQUEST['typ'], $pageNo, $PerPage, 'DESC');
	$smarty->assign('Count', $Count);
	$smarty->assign('search', $_REQUEST['q']);
	$smarty->assign('type', $_REQUEST['typ']);
	if(strlen($_REQUEST['q']) > 0)
	{
		$smarty->assign('result', sprintf($lang['no_result'], $_REQUEST['q']));
	}
	if($pageNo>1)
	{
		$page = $pageNo-1;
		$smarty->assign("newer", $page);
	}
	if($pageNo<$pageCount)
	{
		$npage = $pageNo+1;
		$smarty->assign("older", $npage);
	}
	$smarty->assign('perPage', $PerPage);
	$smarty->assign('pageNo', $pageNo);
	$smarty->assign('pageCount', $pageCount);
	$smarty->assign('online', $Online);	
	$smarty->assign('page', 'm/online.tpl');
}
else if($_REQUEST['ac'] == 'nfc')
{
	if(isset($_REQUEST['id']))
	{
		GoNotifyID($_REQUEST['id']);
	}
	$PerPage = 10;
	$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
	$Count = NotificationCount();
	$pageCount = max(1, ceil($Count / max(1, $PerPage)));
	$pageNo = min($pageCount, max(1, $pageNo));
	viewnotification();
	$NotifyList = GetNotificationList($pageNo, $PerPage, 'DESC');
	$smarty->assign('notify', $NotifyList);
	$smarty->assign('page', 'm/notification.tpl');
}
else if($_REQUEST['ac'] == 'gop')
{
	if(isset($_REQUEST['id']))
	{
		if(isset($_REQUEST['post']) && AddToWall(0, $_REQUEST['post'], $_REQUEST['stid'], $_REQUEST['id']) == true)
		{
			header('location: '.$_prefs['selfurl'].'?ac=gop&id='.$_REQUEST['id'].'&sid='.chklog());
			exit();
		}
		$grou = getgroupinfo($_REQUEST['id']);
		if(isset($_REQUEST['do']))
		{
			if($_REQUEST['do'] == 'abt')
			{
				if(isset($_REQUEST['group']))
				{
					if(strlen($_REQUEST['group']) < 3 || strlen($_REQUEST['group']) > 15)
					{
						$smarty->assign('err', $lang['invalid_group']);
					}
					else if(chkgroup($_REQUEST['group']) && $_REQUEST['group'] != $grou['grp'])
					{
						$smarty->assign('err', sprintf($lang['group_exist'], $_REQUEST['group']));
					}
					else
					{
						if(isset($_REQUEST['group']) && upgroup($_REQUEST['id'], $_REQUEST['group'], $_REQUEST['describe'], $_REQUEST['priv']))
						{
						}
					}
				}
			}
			if($_REQUEST['do'] == 'mbs')
			{
				$PerPage = 7;
				$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
				$Coun = GetGroupMemberCount($_REQUEST['id']);
				$pageCount = max(1, ceil($Count / max(1, $PerPage)));
				$pageNo = min($pageCount, max(1, $pageNo));
				$member = GetGroupMemberList($_REQUEST['id'], $pageNo, $PerPage, 'DESC');
				$smarty->assign('member', $member);
				$smarty->assign('Coun', $Coun);
			}
			if($_REQUEST['do'] == 'add')
			{
				$PerPage = 7;
				$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
				$Co = GetAddMemberCount($_REQUEST['id'], $_REQUEST['friend']);
				$pageCount = max(1, ceil($Count / max(1, $PerPage)));
				$pageNo = min($pageCount, max(1, $pageNo));
				$user = GetAddMemberList($_REQUEST['id'], $_REQUEST['friend'], $pageNo, $PerPage, 'DESC');
				$smarty->assign('user', $user);
				$smarty->assign('friend', $_REQUEST['friend']);
				$smarty->assign('Co', $Co);
				if(isset($_REQUEST['sel']))
				{
					for($i=0;$i<count($_REQUEST['sel']);$i++)
					{
						$in = mysql_query('INSERT INTO _members SET userid="'.check($_REQUEST['sel'][$i]).'", byid="'.check($ses['userid']).'", 
								grp="'.check($_REQUEST['id']).'",  dtm="'.time().'", level=0');
					}
					if($in)
					{
						header('location: '.$_prefs['selfurl'].'?ac=gop&id='.$_REQUEST['id'].'&sid='.$ses['id']);
						exit();
					}
				}
			}
		}
		else
		{
			$PerPage = 7;
			$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
			$Count = GetGroupWallCount($_REQUEST['id']);
			$pageCount = max(1, ceil($Count / max(1, $PerPage)));
			$pageNo = min($pageCount, max(1, $pageNo));
			$group = GetGroupWallList($_REQUEST['id'], $pageNo, $PerPage, 'DESC');
			$smarty->assign('grop', $group);
			$smarty->assign('Count', $Count);
		}
		$smarty->assign('group', $grou);
	}
	else
	{
		if(isset($_REQUEST['do']))
		{
			if($_REQUEST['do'] == 'cae')
			{
				if(isset($_REQUEST['group']))
				{
					if(strlen($_REQUEST['group']) < 3 || strlen($_REQUEST['group']) > 15)
					{
						$smarty->assign('err', $lang['invalid_group']);
					}
					else if(chkgroup($_REQUEST['group']))
					{
						$smarty->assign('err', sprintf($lang['group_exist'], $_REQUEST['group']));
					}
					else
					{
						if(isset($_REQUEST['group']) && addgroup($_REQUEST['group'], $_REQUEST['describe'], $_REQUEST['priv']))
						{
						}
					}
				}	
			}
		}
		else
		{
			$PerPage = 7;
			$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
			$Count = GetGroupCount();
			$pageCount = max(1, ceil($Count / max(1, $PerPage)));
			$pageNo = min($pageCount, max(1, $pageNo));
			$group = GetGroupList($pageNo, $PerPage, 'DESC');
			$rec = GetRecGroupList();
			$smarty->assign('recc', count($rec));
			$smarty->assign('rec', $rec);
			$smarty->assign('grp', $group);
		}
	}
	$smarty->assign('Count', $Count);
	$smarty->assign('id', $_REQUEST['id']);
	$smarty->assign('do', $_REQUEST['do']);
	if($pageNo>1)
	{
		$page = $pageNo-1;
		$smarty->assign("newer", $page);
	}
	if($pageNo<$pageCount)
	{
		$npage = $pageNo+1;
		$smarty->assign("older", $npage);
	}
	$smarty->assign('perPage', $PerPage);
	$smarty->assign('pageNo', $pageNo);
	$smarty->assign('pageCount', $pageCount);
	$smarty->assign('page', 'm/group.tpl');
}
else if($_REQUEST['ac'] == 'tub' && isset($_REQUEST['img']) && isset($_REQUEST['x']) && isset($_REQUEST['y']))
{
	$file = htmlspecialchars($_GET['img']);
	$y = $_REQUEST['x'];
	$x = $_REQUEST['y'];
	list(, , $type,) = getimagesize($file);
	if($type == 1)
	{
		$funci= 'imagecreatefromgif';
	}
	if($type == 2)
	{
		$funci = 'imagecreatefromjpeg';
	}
	if($type == 3)
	{
		$funci = 'imagecreatefrompng';
	}
	if($type)
	{
		$im1 = $funci($file);
		$im2 = imagecreatetruecolor($y,$x);
		imagecopyresized($im2, $im1, 0,0,0,0,$y,$x, imagesx($im1), imagesy($im1));
		if($type == 1)
		{
			header('Content-type: image/gif');
			imagegif($im2);
		}
		else if($type == 2)
		{
			header('Content-type: image/jpeg');
			imagejpeg($im2);
		}
		else if($type == 3)
		{
			header('Content-type: image/png');
			imagepng($im2);
		}
	}
	exit();
}
$smarty->display('m/index.tpl');
?>