<?
Error_Reporting(E_ALL & ~E_NOTICE);
header ("Content-type:text/vnd.wap.wml; charset=utf-8");
list($msec,$sec)=explode(chr(32),microtime());
$HeadTime=$sec+$msec;
$ref=rand(10000,1000000);
require("conf.inc.php");
global $REMOTE_ADDR;
global $HTTP_USER_AGENT;
$id=@mysql_escape_string($id);
$pass=@mysql_escape_string($pass);
$login=@mysql_escape_string($login);
$link=mysql_pconnect ($DB_HOST, $DB_USER, $DB_PASS);
mysql_select_db($DB_NAME);
if(empty($id)) {
$find_user=mysql_query("Select * from users where cid='".$cid."' AND login='".$login."' and pass='".$pass."'") or die("Querry error");
} else {
$find_user=mysql_query("Select * from users where cid='".$cid."' AND id='".$id."' and pass='".$pass."'") or die("Querry error");
}
if(mysql_affected_rows()==0)
{
echo <<<END
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
<wml>
<card id="search" title="РџРѕРСвЂВВВРЎРѓР С”">
<p align="center">
Логин или пароль неверны, проверьте ваш ввод.
</p>
</card>
</wml>
END;
return 0;
}
else
{
$row=mysql_fetch_array($find_user);
$login=$row['login'];
$id=$row['id'];
$admin=$row['admin'];
$pass = UrlEncode($pass);
if (($row["browser"]!==$HTTP_USER_AGENT) or ($row["ip"]!==$REMOTE_ADDR))
{
mysql_query("update users set browser='$HTTP_USER_AGENT', ip='$REMOTE_ADDR' where cid='".$cid."' AND id='$id';");
}
//Проверка, не забанен ли ip+browser:
mysql_query ("Select * from bannedib WHERE cid='".$cid."' AND (ip = '".$REMOTE_ADDR."')and(browser = '".$HTTP_USER_AGENT."')");
if(mysql_affected_rows()!=0)
{
echo <<<END
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
<wml>
<card id="error" title="Забанен">
<p align="center">
Вы забанены по связке ip+browser!
</p>
</card>
</wml>
END;
exit;
}
$id=@mysql_escape_string($id);
$pass=@mysql_escape_string($pass);
$who=@mysql_escape_string($who);
$action=@mysql_escape_string($action);
$q_u2=@mysql_query("select * from users where cid='".$cid."' AND id='$dbid';");
$data2=@mysql_fetch_array($q_u2);
$trans=$row['trans'];
$dblogin=$data2['login'];
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\" \"http://www.wapforum.org/DTD/wml12.dtd\">\n";
echo "<wml>\n";
echo "<card title=\"$dblogin\">\n";
echo "<p align=\"left\">\n";
$rand=rand(0,100000);
?>
<input name="msg<? print $rand; ?>" emptyok="true"/><br/>
<select name="private" value="-.-">
<option value="-.-">Всем</option>
<option value="<? print $id.".".$dbid; ?>">Приватно</option>
</select><br/>
<? if ($trans==1) { ?>
<select multiple="true" name="tran">
<option value="user">Translit</option></select><br/>
<? } ?>
<anchor>Сказать<go href="room.php?id=<? print htmlspecialchars(stripslashes(trim($id))); ?>&pass=<? print htmlspecialchars(stripslashes(trim($pass))); ?>&room=<? print htmlspecialchars(stripslashes(trim($room))); ?>&cid=<? print htmlspecialchars(stripslashes(trim($cid))); ?>&ref=<? print htmlspecialchars(stripslashes(trim($rand))); ?>" method="post">
<postfield name="id" value="<? print htmlspecialchars(stripslashes(trim($id))); ?>"/>
<postfield name="pass" value="<? print htmlspecialchars(stripslashes(trim($pass))); ?>"/>
<postfield name="room" value="<? print htmlspecialchars(stripslashes(trim($room))); ?>"/>
<postfield name="private" value="$(private)"/>
<postfield name="msg" value="<? print "$dblogin, ";?>$(msg<? print $rand; ?>)"/>
<? if ($trans==1){ ?>
<postfield name="tran" value="$(tran)"/>
<? } ?>
<postfield name="ref" value="<? print htmlspecialchars(stripslashes(trim($rand))); ?>"/>
</go></anchor><br/>
<?
$q_u=@mysql_query("select * from users where cid='".$cid."' AND id='$dbid';");
if (@MySQL_Num_rows($q_u)==0) {print "такого юзера не существует!<br/>";
} else {
$data=@mysql_fetch_array($q_u);
$login=$data['login'];
$login=$data['dblogin'];
$moder=$row['moder'];
$admin=$row['admin'];
$smoder=$row['smoder'];
$vip=$row['vip'];
$user_moder=$data['moder'];
$user_smoder=$data['smoder'];
$user_vip=$data['vip'];
$user_admin=$data['admin'];
$to=$data['email'];
$from=$row['email'];
$photo=$data['photo'];
$vposts=$data['vposts'];
$status=$data['status'];
if($data['sex']=="m") { $sex = "Муж"; } else { $sex = "Жен"; }
if(!empty($photo)) { print "Фото: <a href=\"$photo\">".$data['login']."</a><br/>"; } else {
print "Имя: ".$data['name']." <br/>";
print "Логин: ".$data['login']." <br/>"; }
print "Пол: $sex <br/>";
print "День рожденья: ".$data['bday']."-".$data['bmonth']."-".$data['byear']."<br/>";
print "Город: ".$data['live']." <br/>";
print "Мобила: ".$data['mobile'] ."<br/>";
print "e-mail: ".$to."<br/>";
print "WAP-сайт: <a href=\"".$data['url']."\">".$data['url']."</a> <br/>";
print "ICQ: ".$data['icq']." <br/>";
print "Статус: $status <br/>";
print "Посты: ".$data['posts']." <br/>";
print "О себе: ".$data['about']." <br/>";
print "Дата регистрации: ".$data['regdate']." <br/>";
if(!empty($admin)) {
print "
IP: ".$data['ip']." <br/>
Browser: ".$data['browser']." <br/>";
}
$dblogin = UrlEncode($dblogin);
if(!empty($smoder))
{
echo "***<br/><a href=\"smoder.php?id=$id&pass=$pass&cid=$cid&ref=$rand\">В с-модерку</a><br/>";
echo "<a href=\"smoder.php?id=$id&pass=$pass&cid=$cid&mod=kick&who=$dblogin&ref=$rand\">Пнуть</a><br/>";
echo "<a href=\"smoder.php?id=$id&pass=$pass&cid=$cid&mod=ipb&who=$dblogin&action=view&ref=$rand\">Забанить по ip</a><br/>";
}
if(!empty($moder))
{
echo "***<br/><a href=\"moder.php?id=$id&pass=$pass&cid=$cid&ref=$rand\">В модерку</a><br/>";
echo "<a href=\"moder.php?id=$id&pass=$pass&cid=$cid&mod=kick&who=$dblogin&ref=$rand\">Пнуть</a><br/>";
}
if(!empty($vip))
{
echo "***<br/><a href=\"vip.php?id=$id&pass=$pass&cid=$cid&ref=$rand\">В V.I.P. panel</a><br/>";
echo "<a href=\"vip.php?id=$id&pass=$pass&cid=$cid&mod=kick&who=$dblogin&ref=$rand\">Пнуть</a><br/>";
}
if(!empty($admin)) {
echo "***<br/><a href=\"admin.php?id=$id&pass=$pass&cid=$cid&ref=$rand\">В админку</a><br/>";
echo "<a href=\"admin.php?id=$id&pass=$pass&cid=$cid&mod=kick&who=$dblogin&ref=$rand\">Пнуть</a><br/>";
echo "<a href=\"admin.php?id=$id&pass=$pass&cid=$cid&mod=ipb&who=$dblogin&action=view&ref=$rand\">Забанить по ip</a><br/>";
}
}
}
print "***<br/><a href=\"room.php?id=$id&pass=$pass&room=$room&cid=$cid&ref=$rand\">Назад</a><br/>";
?>
</p>
</card>
</wml>
<?
@mysql_close();
exit;
?>