View file game/chat/photo.php

File size: 11.65Kb
<?php
//POWERED by ILI
// ICQ : 197042
//site: ili.wab.ru
// ilichat v4.0
error_reporting(0);
require_once"./includes/functions/gzip.php";
include('start.php');
include("config.php");
include("./includes/".$ver."/banned");

list($msec, $sec) = explode(chr(32), microtime()); 
$headtime = $sec + $msec;

$nocache = rand(1000, 9999);

switch($ver)
{
////////////////////////////////////////////////////////
//WML VERSION
////////////////////////////////////////////////////////
case 'wml':
header ("Content-type: text/vnd.wap.wml; charset=utf-8");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-revalidate");

//AUTH
$id = intval($_SESSION['id']);
$password = mysql_escape_string($_SESSION['password']);
$q = mysql_query("SELECT `level` FROM `chat_users` WHERE `id` = '".$id."' AND `password` = '".md5($password)."';");
if(mysql_num_rows($q) == 0)
{
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.3//EN\" \"http://www.wapforum.org/DTD/wml13.dtd\"><wml>\n";
echo "<card title=\"ERROR\" ontimer=\"index.php?ver=wml\"><timer value=\"15\"/><p align=\"left\">\n";
echo "<small>Ошибка авторизации!<br/>\n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/>[".round(($sec+$msec)-$headtime,5)."] sec<br/>\n";
echo "</small>";
require_once "includes/functions/gzip_foot.php";
echo "</p></card></wml>";
ob_end_flush();
exit();
}
//END AUTH

$level = mysql_result($q, 0);

//ONLINE
$online = time() + 60;
$update = mysql_query("UPDATE `chat_users` SET `time` = '".$online."', `place` = 0, `ip` = '".getenv('REMOTE_ADDR')."', `ua` = '".htmlspecialchars(getenv('HTTP_USER_AGENT'))."' WHERE `id` = '".$id."';");
//END ONLINE

echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.3//EN\" \"http://www.wapforum.org/DTD/wml13.dtd\"><wml>\n";
echo "<card title=\"Загрузка фото\"><p align=\"left\">\n";

if(isset($_GET['mod']))
{
$mod = $_GET['mod'];
}
else
{
$mod = "";
}

switch($mod)
{
case 'add':
$sql = mysql_query("SELECT `photo` FROM `chat_users` WHERE `id` = '".$id."';");
$photo_type = mysql_result($sql, 0);

if(file_exists("photos/".$id.".$photo_type"))
{
echo "Удалите сначала текущую фотографию.<br/>\n";
break;
}

if(!isset($_POST['action']) && !isset($_GET['uid']))
{
echo "Адрес:<br/>\n";
echo "<input type=\"text\" name=\"url$nocache\" value=\"http://\" maxlength=\"200\"/><br/>\n";
echo "<anchor>[Добавить]<go href=\"photo.php?".SID."&amp;ver=wml&amp;nocache=$nocache&amp;mod=add\" method=\"post\">\n";
echo "<postfield name=\"url\" value=\"$(url$nocache)\"/>\n";
echo "<postfield name=\"action\" value=\"load\"/>\n";
echo "</go></anchor><br/>\n";
}
else
{
$photo_info = getimagesize($url);
	if(!$photo_info)
	{
	echo "Ошибка при загрузке фото. Возможно, вы неправильно написали URL фотографии.<br/>\n";
	break;
	}

	switch($photo_info[2])
	{
	default:
	echo "К закачке разрешены только JPEG, GIF, PNG.<br/>\n";
	echo "<a href=\"photo.php?".SID."&amp;ver=wml\">Фото</a><br/>\n";
	echo "<br/><a href=\"menu.php?".SID."&amp;ver=wml\">Меню чата</a><br/>\n";
	list($msec, $sec) = explode(chr(32), microtime());
	echo "<br/><small>[".round(($sec+$msec)-$headtime,5)."] sec</small><br/>\n";
	require_once "includes/functions/gzip_foot.php";
	echo "</p></card></wml>";
	ob_end_flush();
	exit();
	break;
	
	//GIF
	
	case 1:
	$sql = mysql_query("UPDATE `chat_users` SET `photo` = 'gif' WHERE `id` = '".$id."';");
	$pd = imagecreatefromgif($url);
	imagegif($pd, "photos/".$id.".gif");
	imagedestroy($pd);
	echo "Фотография успешно загружена!<br/>\n";
	echo "<img src=\"photos/".$id.".gif?".rand(10000, 99999)."\" alt=\"photo\" /><br/>\n";
	break;

	//JPEG
	
	case 2:
	$sql = mysql_query("UPDATE `chat_users` SET `photo` = 'jpg' WHERE `id` = '".$id."';");
	$pd = imagecreatefromjpeg($url);
	imagejpeg($pd, "photos/".$id.".jpg");
	imagedestroy($pd);
	echo "Фотография успешно загружена!<br/>\n";
	echo "<img src=\"photos/".$id.".jpg?".rand(10000, 99999)."\" alt=\"photo\" /><br/>\n";
	break;

	//PNG
	
	case 3:
	$sql = mysql_query("UPDATE `chat_users` SET `photo` = 'png' WHERE `id` = '".$id."';");
	$pd = imagecreatefrompng($url);
	imagepng($pd, "photos/".$id.".png");
	imagedestroy($pd);
	echo "Фотография успешно загружена!<br/>\n";
	echo "<img src=\"photos/".$id.".png?".rand(10000, 99999)."\" alt=\"photo\" /><br/>\n";
	break;
	}

}
break;

case 'del':
$sql = mysql_query("SELECT `photo` FROM `chat_users` WHERE `id` = '".$id."';");
$photo_type = mysql_result($sql, 0);

if(!file_exists("photos/".$id.".$photo_type"))
{
echo "Фотографии не существует.<br/>\n";
break;
}

if(!isset($_GET['accept']))
{
echo "Вы уверены, что хотите удалить текущую фотографию?<br/>\n";
echo "<a href=\"photo.php?".SID."&amp;ver=wml&amp;mod=del&amp;accept\">[Да]</a> <a href=\"menu.php?".SID."&amp;ver=wml\">[Нет]</a><br/>\n";
}
else
{
	if(unlink("photos/".$id.".$photo_type"))
	{
	echo "Фотография успешно удалена!<br/>\n";
	}
	else
	{
	echo "При удалении произошла ошибка...<br/>\n";
	}

}
break;

default:
$sql = mysql_query("SELECT `photo` FROM `chat_users` WHERE `id` = '".$id."';");
$photo_type = mysql_result($sql, 0);

echo "Загрузка фотографии через URL (адресу):<br/>\n";

	if(file_exists("photos/".$id.".$photo_type"))
	{
	echo "Для загрузки новой фотографии удалите текущую.<br/>\n";
	echo "Текущая фотография:<br/>\n";
	echo "<img src=\"photos/".$id.".$photo_type?".rand(10000, 99999)."\" alt=\"photo\" /><br/>\n";
	echo "<a href=\"photo.php?".SID."&amp;ver=wml&amp;mod=del\">[Удалить]</a><br/>\n";
	}
	else
	{
	echo "Фотографии нет.<br/>\n";
	echo "<a href=\"photo.php?".SID."&amp;ver=wml&amp;mod=add\">[Добавить]</a><br/>\n";
	}
}

if(!empty($mod)) echo "<a href=\"photo.php?".SID."&amp;ver=wml\">Фото</a><br/>\n";
echo "<br/><a href=\"menu.php?".SID."&amp;ver=wml\">Меню чата</a><br/>\n";
list($msec, $sec) = explode(chr(32), microtime());
echo "<br/><small>[".round(($sec+$msec)-$headtime,5)."] sec</small><br/>\n";
require_once "includes/functions/gzip_foot.php";
echo "</p></card></wml>";
ob_end_flush();
break;

////////////////////////////////////////////////////////
//HTML VERSION
////////////////////////////////////////////////////////
case 'html':
$my_title = "Фото";
if(!isset($_COOKIE['theme'])) $_COOKIE['theme'] = 1;
include_once "themes/".intval($_COOKIE['theme'])."/index.php";

//AUTH
$id = intval($_SESSION['id']);
$password = mysql_escape_string($_SESSION['password']);
$q = mysql_query("SELECT `level` FROM `chat_users` WHERE `id` = '".$id."' AND `password` = '".md5($password)."';");
if(mysql_num_rows($q) == 0)
{
echo "Ошибка авторизации!<br/>\n";
include_once "themes/".intval($_COOKIE['theme'])."/foot.php";
exit();
}
//END AUTH

$level = mysql_result($q, 0);

//ONLINE
$online = time() + 60;
$update = mysql_query("UPDATE `chat_users` SET `time` = '".$online."', `place` = 0, `ip` = '".getenv('REMOTE_ADDR')."', `ua` = '".htmlspecialchars(getenv('HTTP_USER_AGENT'))."' WHERE `id` = '".$id."';");
//END ONLINE


if(isset($_GET['mod']))
{
$mod = $_GET['mod'];
}
else
{
$mod = "";
}

if(isset($_GET['mod']))
{
$mod = $_GET['mod'];
}
else
{
$mod = "";
}

switch($mod)
{
case 'add':
$sql = mysql_query("SELECT `photo` FROM `chat_users` WHERE `id` = '".$id."';");
$photo_type = mysql_result($sql, 0);

if(file_exists("photos/".$id.".$photo_type"))
{
echo "Удалите сначала текущую фотографию.<br/>\n";
break;
}

if(!isset($_POST['action']) && !isset($_GET['uid']))
{
echo "<form action=\"photo.php?".SID."&amp;ver=html&amp;nocache=$nocache&amp;mod=add\" method=\"post\">\n";
echo "Адрес:<br/>\n";
echo "<input type=\"text\" name=\"url\" value=\"http://\" maxlength=\"200\" /><br/>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"auth\" />\n";
echo "<input type=\"submit\" value=\"Закачать\" /></form>\n";
}
else
{
$photo_info = getimagesize($url);
	if(!$photo_info)
	{
	echo "Ошибка при загрузке фото. Возможно, вы неправильно написали URL фотографии.<br/>\n";
	break;
	}

	switch($photo_info[2])
	{
	default:
	echo "К закачке разрешены только JPEG, GIF, PNG.<br/>\n";
	echo "<a href=\"photo.php?".SID."&amp;ver=html\">Фото</a><br/>\n";
	echo "<br/><a href=\"menu.php?".SID."&amp;ver=html\">Меню чата</a><br/>";
	include_once "themes/".intval($_COOKIE['theme'])."/foot.php";
	exit();
	break;
	
	//GIF
	
	case 1:
	$sql = mysql_query("UPDATE `chat_users` SET `photo` = 'gif' WHERE `id` = '".$id."';");
	$pd = imagecreatefromgif($url);
	imagegif($pd, "photos/".$id.".gif");
	imagedestroy($pd);
	echo "Фотография успешно загружена!<br/>\n";
	echo "<img src=\"photos/".$id.".gif?".rand(10000, 99999)."\" alt=\"photo\" /><br/>\n";
	break;

	//JPEG
	
	case 2:
	$sql = mysql_query("UPDATE `chat_users` SET `photo` = 'jpg' WHERE `id` = '".$id."';");
	$pd = imagecreatefromjpeg($url);
	imagejpeg($pd, "photos/".$id.".jpg");
	imagedestroy($pd);
	echo "Фотография успешно загружена!<br/>\n";
	echo "<img src=\"photos/".$id.".jpg?".rand(10000, 99999)."\" alt=\"photo\" /><br/>\n";
	break;

	//PNG
	
	case 3:
	$sql = mysql_query("UPDATE `chat_users` SET `photo` = 'png' WHERE `id` = '".$id."';");
	$pd = imagecreatefrompng($url);
	imagepng($pd, "photos/".$id.".png");
	imagedestroy($pd);
	echo "Фотография успешно загружена!<br/>\n";
	echo "<img src=\"photos/".$id.".png?".rand(10000, 99999)."\" alt=\"photo\" /><br/>\n";
	break;
	}

}
break;

case 'del':
$sql = mysql_query("SELECT `photo` FROM `chat_users` WHERE `id` = '".$id."';");
$photo_type = mysql_result($sql, 0);

if(!file_exists("photos/".$id.".$photo_type"))
{
echo "Фотографии не существует.<br/>\n";
break;
}

if(!isset($_GET['accept']))
{
echo "Вы уверены, что хотите удалить текущую фотографию?<br/>\n";
echo "<a href=\"photo.php?".SID."&amp;ver=html&amp;mod=del&amp;accept\">[Да]</a> <a href=\"menu.php?".SID."&amp;ver=html\">[Нет]</a><br/>\n";
}
else
{
	if(unlink("photos/".$id.".$photo_type"))
	{
	echo "Фотография успешно удалена!<br/>\n";
	}
	else
	{
	echo "При удалении произошла ошибка...<br/>\n";
	}

}
break;

default:
$sql = mysql_query("SELECT `photo` FROM `chat_users` WHERE `id` = '".$id."';");
$photo_type = mysql_result($sql, 0);

echo "Загрузка фотографии через URL (адресу):<br/>\n";

	if(file_exists("photos/".$id.".$photo_type"))
	{
	echo "Для загрузки новой фотографии удалите текущую.<br/>\n";
	echo "Текущая фотография:<br/>\n";
	echo "<img src=\"photos/".$id.".$photo_type?".rand(10000, 99999)."\" alt=\"photo\" /><br/>\n";
	echo "<a href=\"photo.php?".SID."&amp;ver=html&amp;mod=del\">[Удалить]</a><br/>\n";
	}
	else
	{
	echo "Фотографии нет.<br/>\n";
	echo "<a href=\"photo.php?".SID."&amp;ver=html&amp;mod=add\">[Добавить]</a><br/>\n";
	}

echo "<a href=\"upload.php?".SID."&amp;ver=html\">[Загрузка через HTML-форму]</a><br/>\n";
}

if(!empty($mod)) echo "<a href=\"photo.php?".SID."&amp;ver=html\">Фотография</a><br/>\n";
echo "<a href=\"menu.php?".SID."&amp;ver=html\">Меню чата</a><br/>";
include_once "themes/".intval($_COOKIE['theme'])."/foot.php";
break;
}
?>