View file katrinka.ru/msgsend.php

File size: 10.62Kb
<?php
  include 'config.php';
  include 'guestbook/mylib.php';
  $msglimit=20;
  $postlimit=100;
  if (!checkagent($_SERVER['HTTP_USER_AGENT'])) { noemul(); exit; }
  list ($opname, $chatok) = check_op($_SERVER['REMOTE_ADDR']);
  if (!$chatok) { unk_op(); exit; }
  session_start();
  $message=$_POST['message'];
  $agent=$_SERVER['HTTP_USER_AGENT'];
  $addr=$_SERVER['REMOTE_ADDR'];
#  $r=htmlspecialchars(trim($_POST['r']),ENT_QUOTES);
  $to=htmlspecialchars(trim($_POST['to_id']),ENT_QUOTES);
  $tr=htmlspecialchars(trim($_POST['tr']),ENT_QUOTES);
  $sie=0;
  if ($tr) $message=tr_conv($message);
  $message=htmlspecialchars(trim($message),ENT_QUOTES);
  $tto=htmlspecialchars(trim($_POST['login']),ENT_QUOTES);
  if (ereg("^SIE-.*",$_SERVER['HTTP_USER_AGENT'])) $sie=1;
  if (ereg("^Alcatel-.*",$_SERVER['HTTP_USER_AGENT'])) $sie=1;
  if (ereg("^MOT-.*",$_SERVER['HTTP_USER_AGENT'])) $sie=1;
  if (ereg("^SEC-.*",$_SERVER['HTTP_USER_AGENT'])) $sie=1;
  if (ereg("^Panasonic-.*",$_SERVER['HTTP_USER_AGENT'])) $sie=1;

  $uid=0;
  $access=0;
  $lang=$_POST['lang'];
  if ((trim($_COOKIE['Login'])!='')&&(trim($_COOKIE['Password'])!='')) {
	$login=htmlspecialchars(trim($_COOKIE['Login']),ENT_QUOTES);
	$pass=htmlspecialchars(trim($_COOKIE['Password']),ENT_QUOTES);
  } else {
	$login=htmlspecialchars(trim($_POST['login']),ENT_QUOTES);
	$pass=htmlspecialchars(trim($_POST['pass']),ENT_QUOTES);
#	$sie=1;
  }
    if (!($conn=pg_connect("host=$dbhost port=$dbport dbname=$dbname user=$dbuser password=$dbpass"))) exit;
	if (isset($_SESSION['id'])) {
		$uid=$_SESSION['id'];
		$res=pg_query($conn,"select moder,access,lastagent,temp_ban,posts from users where id='$uid';");
		if (pg_result($res,0,0)) $uid=0;
		$access=pg_result($res,0,1);
		$lastagent=pg_result($res,0,2);
		$temp_ban=pg_result($res,0,3);
		$posts=pg_result($res,0,4);
		$_SESSION['access']=$access;
	} else {
	$res=pg_query($conn,"select id,access,lastagent,temp_ban from users where login='$login' and passwd='$pass' and moder=0;");
	if (pg_numrows($res)==1) {
		$uid=pg_result($res,0,0);
		$access=pg_result($res,0,1);
		$lastagent=pg_result($res,0,2);
		$temp_ban=pg_result($res,0,3);
		$_SESSION['id']=$uid;
		$_SESSION['access']=$access;
	}
	}
#	if ($uid) {
#		setcookie("Login", $login, time()+864000, "/");
#		setcookie("Password", $pass, time()+864000, "/"); 
#	}

  if ($agent!=$lastagent) {
	session_unset();
	setcookie("Login", "", time()-3600, "/");
	setcookie("Password", "", time()-3600, "/");
	pg_close($conn);
	if ($_GET['lang']=='eng') header("Location: index.php?lang=eng"); 
	else header("Location: index.php");
	exit;
  }

  if (($tto!='')&&(!$to)) {
	$res=pg_query($conn,"select id from users where login='$tto';");
	if (pg_numrows($res)==1) $to=pg_result($res,0,0);
  }
 
  if ($to) {
	$res=pg_query($conn,"select moder,posts,access from users where id='$to';");
	$rows=pg_numrows($res);
	if ($rows==1) { 
		$to_mod=pg_result($res,0,0);
		$to_p=pg_result($res,0,1);
		$to_acc=pg_result($res,0,2);
	}
	else $to=0;
  }

  if ((!$to)||($to_mod))
  {
	  header("Content-type: text/vnd.wap.wml");
?>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
<wml>
<card id="SignErr" title="&#x041E;&#x0448;&#x0438;&#x0431;&#x043A;&#x0430;">
<p align="center">
Recipient is unknown.<br/>
<a href="/">&#x041D;&#x0430; &#x0433;&#x043B;&#x0430;&#x0432;&#x043D;&#x0443;&#x044E;</a>
</p>
</card>
</wml>
<?php
	pg_close($conn);
	exit;
    }

  $res=pg_query($conn,"select count(*) from messages where to_u='$to';");
  $tomsg=pg_result($res,0,0);
  $res=pg_query($conn,"select count(*) from messages where to_u='$uid';");
  $mymsg=pg_result($res,0,0);
  
  if (($tomsg > $msglimit)&&($to_acc!=4))
  {
	  header("Content-type: text/vnd.wap.wml");
?>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
<wml>
<card id="SignErr" title="&#x041E;&#x0448;&#x0438;&#x0431;&#x043A;&#x0430;">
<p align="center">
Recipient's mailbox is full...<br/>
<a href="/">&#x041D;&#x0430; &#x0433;&#x043B;&#x0430;&#x0432;&#x043D;&#x0443;&#x044E;</a>
</p>
</card>
</wml>
<?php
	pg_close($conn);
	exit;
    }

  if (($mymsg > $msglimit)&&($access!=4))
  {
	  header("Content-type: text/vnd.wap.wml");
?>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
<wml>
<card id="SignErr" title="&#x041E;&#x0448;&#x0438;&#x0431;&#x043A;&#x0430;">
<p align="center">
Your mailbox is full... Please, delete some messages.<br/>
<a href="/">&#x041D;&#x0430; &#x0433;&#x043B;&#x0430;&#x0432;&#x043D;&#x0443;&#x044E;</a>
</p>
</card>
</wml>
<?php
	pg_close($conn);
	exit;
    }

  if ($posts < $postlimit)
  {
	  header("Content-type: text/vnd.wap.wml");
?>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
<wml>
<card id="SignErr" title="&#x041E;&#x0448;&#x0438;&#x0431;&#x043A;&#x0430;">
<p align="center">
You need at least 100 posts to send private messages...<br/>
<a href="/">&#x041D;&#x0430; &#x0433;&#x043B;&#x0430;&#x0432;&#x043D;&#x0443;&#x044E;</a>
</p>
</card>
</wml>
<?php
	pg_close($conn);
	exit;
    }

  if ($to_p < $postlimit)
  {
	  header("Content-type: text/vnd.wap.wml");
?>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
<wml>
<card id="SignErr" title="&#x041E;&#x0448;&#x0438;&#x0431;&#x043A;&#x0430;">
<p align="center">
Recipient needs at least 100 posts to recieve private messages...<br/>
<a href="/">&#x041D;&#x0430; &#x0433;&#x043B;&#x0430;&#x0432;&#x043D;&#x0443;&#x044E;</a>
</p>
</card>
</wml>
<?php
	pg_close($conn);
	exit;
    }

  if ($message=="")
  {
	  header("Content-type: text/vnd.wap.wml");
?>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
<wml>
<card id="SignErr" title="&#x041E;&#x0448;&#x0438;&#x0431;&#x043A;&#x0430;">
<p align="center">
&#x041D;&#x0435; &#x0432;&#x0441;&#x0435; &#x043F;&#x043E;&#x043B;&#x044F; &#x0437;&#x0430;&#x043F;&#x043E;&#x043B;&#x043D;&#x0435;&#x043D;&#x044B;<br/>
<a href="/">&#x041D;&#x0430; &#x0433;&#x043B;&#x0430;&#x0432;&#x043D;&#x0443;&#x044E;</a>
</p>
</card>
</wml>
<?php
	pg_close($conn);
	exit;
    }
  
  if (($message==".")||($message=="..")||($message=="...")||($message=="....")||($message==",")||($message==",,")||($message==",,,")||($message==":")||($message==";"))
  {
	  header("Content-type: text/vnd.wap.wml");
?>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
<wml>
<card id="SignErr" title="&#x041E;&#x0448;&#x0438;&#x0431;&#x043A;&#x0430;">
<p align="center">
&#x041D;&#x0435; &#x0432;&#x0441;&#x0435; &#x043F;&#x043E;&#x043B;&#x044F; &#x0437;&#x0430;&#x043F;&#x043E;&#x043B;&#x043D;&#x0435;&#x043D;&#x044B;<br/>
<a href="/">&#x041D;&#x0430; &#x0433;&#x043B;&#x0430;&#x0432;&#x043D;&#x0443;&#x044E;</a>
</p>
</card>
</wml>
<?php
	pg_close($conn);
	exit;
    }
  
  if (!$uid)
  {
	  header("Content-type: text/vnd.wap.wml");
?>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
<wml>
<card id="SignErr" title="&#x041E;&#x0448;&#x0438;&#x0431;&#x043A;&#x0430;">
<p align="center">
Bad login or password.
<a href="/">&#x041D;&#x0430; &#x0433;&#x043B;&#x0430;&#x0432;&#x043D;&#x0443;&#x044E;</a>
</p>
</card>
</wml>
<?php
	pg_close($conn);
	exit;
    }
	
	if ($temp_ban > time())
	{
	  header("Content-type: text/vnd.wap.wml");
?>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
<wml>
<card id="SignErr" title="&#x041E;&#x0448;&#x0438;&#x0431;&#x043A;&#x0430;">
<p align="center">
<?php print "Banned till ".strftime("%d %b %G %T", $temp_ban)."<br/>\n"; ?>
<a href="/">&#x041D;&#x0430; &#x0433;&#x043B;&#x0430;&#x0432;&#x043D;&#x0443;&#x044E;</a>
</p>
</card>
</wml>
<?php
	pg_close($conn);
	exit;
	}

  if ($uid==$to)
  {
	  header("Content-type: text/vnd.wap.wml");
?>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
<wml>
<card id="SignErr" title="&#x041E;&#x0448;&#x0438;&#x0431;&#x043A;&#x0430;">
<p align="center">
Access DENIED.<br/>
<a href="/">&#x041D;&#x0430; &#x0433;&#x043B;&#x0430;&#x0432;&#x043D;&#x0443;&#x044E;</a>
</p>
</card>
</wml>
<?php
	pg_close($conn);
	exit;
    }

	$message=substr($message, 0, 1600);

  
	$dtime=time()-300;
	$res=pg_query($conn,"select message from messages where fr_u='$uid' and time > '$dtime' order by id desc limit 1;");

	if (pg_numrows($res)) {
		if ($message==pg_result($res,0,0)) {
	  header("Content-type: text/vnd.wap.wml");
?>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
<wml>
<?php
		print "<card id=\"SignDup\" title=\"Wait\" ontimer=\"http://wap.katrinka.ru/messages.php?lang=".$lang."&amp;".SID."\">\n";
?>
<timer value="20"/>
<p align="center">
Please wait... We are taking you back to the messages...<br/>
<a href="/">&#x041D;&#x0430; &#x0433;&#x043B;&#x0430;&#x0432;&#x043D;&#x0443;&#x044E;</a>
</p>
</card>
</wml>
<?php
		pg_close($conn);
		exit;
		}
	}
	
	$mtime=time();
	$res=pg_query($conn,"select id from users_ignore where who='$uid' and uid='$to';");
	if (pg_numrows($res)==0) {
		pg_query($conn,"begin;");
   		$res=pg_query($conn,"insert into messages (fr_u,to_u,message,time,host,agent) values ('$uid','$to','$message','$mtime','$addr','$agent');");
		pg_query($conn,"end;");
	}
	if (!$res) { pg_close($conn); exit; }
    pg_close($conn);
	$link=sprintf("Location: messages.php?lang=%s&PHPSESSID=%s", $lang, session_id());
	if (!$sie) {
		header($link);
	} else {
		setcookie("Login", $login, time()+864000, "/");
		setcookie("Password", $pass, time()+864000, "/");
	  header("Content-type: text/vnd.wap.wml");
?>
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml_1.2.dtd">
<wml>
<?php
print "<card id=\"SignOk\" title=\"&#x0421;&#x043F;&#x0430;&#x0441;&#x0438;&#x0431;&#x043E;!\" ontimer=\"http://wap.katrinka.ru/messages.php?lang=".$lang."&amp;".SID."\" onenterbackward=\"http://wap.katrinka.ru/\">\n";
?>
<timer value="10"/>
<p align="center">
&#x0412;&#x0430;&#x0448;&#x0430; &#x0437;&#x0430;&#x043F;&#x0438;&#x0441;&#x044C; &#x0434;&#x043E;&#x0431;&#x0430;&#x0432;&#x043B;&#x0435;&#x043D;&#x0430;<br/>
<?php
print "<a href=\"messages.php?lang=".$lang."\">&#x041F;&#x0440;&#x043E;&#x0441;&#x043C;&#x043E;&#x0442;&#x0440;</a>\n";
?>
</p>
</card>
</wml>
<?php
	}
?>