View file pages/addpriv.php

File size: 12.53Kb
<?php
#-----------------------------------------------------#
#          ********* WAP-MOTORS *********             #
#             Made by   :  VANTUZ                     #
#               E-mail  :  [email protected]         #
#                 Site  :  http://pizdec.ru           #
#             WAP-Site  :  http://visavi.net          #
#                  ICQ  :  36-44-66                   #
#  Вы не имеете право вносить изменения в код скрипта #
#-----------------------------------------------------#	
/************************************************/
//    show reply mod. by demeros                            //
/************************************************/		
require_once"../template/start.php";
require_once"../template/regglobals.php";
require_once"../template/config.php";
require_once"../template/functions.php";
require_once"../template/antidos.php";
require_once"../template/gzip.php";
require_once"../template/header.php";
include_once"../template/pclzip.php";
require_once"../template/rprivat.php";

$uz=check($uz); 


if ($provlog==$_SESSION['log'] && $provpar==md5($_SESSION['par']) && $_SESSION['log']!="" && md5($_SESSION['par'])!=""){
		
if($uz==""){header ("Location: privat.php?action=submit&isset=nouz&uz=$uz&".SID); exit;}
if($uz==$log){header ("Location: privat.php?action=submit&isset=noprivlog&uz=$uz&".SID); exit;}

if (preg_match('|^[a-z0-9_\-]+$|i',$uz)){
$str=strlen($mess);
if($mess=="" || $str<6){header ("Location: privat.php?action=submit&isset=nomess&uz=$uz&".SID); exit;}
$proverka = file("../local/profil/$uz.prof"); 
$ster=strlen($uz);



if (empty($proverka) || $ster<1){
{header ("Location: privat.php?action=submit&isset=nouzer&".SID); exit;}	
} else {

$filesize= filesize("../local/privat/$uz.$config_priv");
$filesize=round($filesize/1024,2);
$pers=round($filesize*100/$config_limitsmail);
if($pers>="99"){header ("Location: privat.php?action=submit&isset=fullmail&uz=$uz&".SID); exit;}




$iglines=file("../local/dataignor/$uz.dat");
$igcount=count($iglines);
for ($ign=0; $ign<$igcount; $ign++) { 
list(,$igbase)=explode("|",$iglines[$ign]); 
if ($log == $igbase) {$result="ok"; }}
if($result=="ok"){header ("Location: privat.php?action=submit&isset=ignoring&uz=$uz&".SID); exit;}


 //--------------------- Новый антифлуд -----------------------------//
if($config_floodstime > 0){
if(flooder($ip, $php_self) == TRUE ){header ("Location: privat.php?action=submit&isset=antiflood&uz=$uz&".SID); exit;}
$flood_file = fopen(BASEDIR."local/flood.dat", "a+");
flock ($flood_file,LOCK_EX);
fputs ($flood_file, "$sitetime|$ip|$php_self|\r\n");
fflush($flood_file);
flock ($flood_file,LOCK_UN);
fclose($flood_file);   
}


$mess = check($mess);
$log = check($log);
$mess = utf_substr($mess,0,1000);

if($trans=="y"){$mess=transliter($mess);}
$mess = antimat($mess);
$mess = smiles($mess); 
$mess=base64_encode($mess);


/***********************************************Отправка файлов*****************************************************************************/
if($config_add_privat_data=="1")
    {
     if(isset($_FILES['userfile']))/*********Проверка на наличие файла**************/
        {/*Проверка на заполнения ящика файлами*/
            if($config_users_quote==0){$config_users_quote=1;}
			if(is_file("../local/privat/fdata/$uz.dat")){
            $file2=file_get_contents("../local/privat/fdata/$uz.dat");
            $summ=(int)$file2;}else{$summ=1;}
            $summ=round(round($summ/1024,2)*100/(int)$config_users_quote);
            if($summ>="99"){header ("Location: privat.php?action=files&isset=fullmail&uz=$uz&".SID); exit;}
         /******************************************/
		
         $trans1= array("Ь","Ъ","Ё","Ж","Ч","Ш","Щ","Э","Ю","Я","ё","ж","ч","ш","щ","э","ю","я","А","Б","В","Г","Д","Е","З","И","Й","К","Л","М","Н","О","П","Р","С","Т","У","Ф","Х","Ц","Ы","а","б","в","г","д","е","з","и","й","к","л","м","н","о","п","р","с","т","у","ф","х","ц","ы","ъ","ь");
         $trans2= array("","","JO","ZH","CH","SH","SCH","JE","JY","JA","jo","zh","ch","sh","sch","je","jy","ja","A","B","V","G","D","E","Z","I","J","K","L","M","N","O","P","R","S","T","U","F","H","C","Y","a","b","v","g","d","e","z","i","j","k","l","m","n","o","p","r","s","t","u","f","h","c","y","","");
         $format=explode(",",$config_type);
                     
         
		    if($_FILES['userfile']['size'] > 0 && ($_FILES['userfile']['size'])/1024 < $config_add_privat_fsize )/*Проверка на размер файла*/
            {
             $ext = strtolower(strrchr($_FILES['userfile']['name'], '.'));
             $ext=str_replace('.','',$ext);
             $fname=$_FILES['userfile']['name'];
             $fname=check($fname);
             $fname=str_replace($trans1,$trans2,$fname);
             $fname=strtolower($fname);
			             
             if(in_array($ext,$format))/*Проверка на разрешенные расширения*/ 
			    {
                 $ftype = $_FILES['userfile']['type'];
				 
                 if(!eregi('php',$ftype) && !eregi('htm',$ftype) && !eregi('inc',$ftype) && !eregi('wml',$ftype) && !eregi('xml',$ftype))/*Проверка типа файла*/
				    {
					 /******************Убераем запрещенные символы из имени******************/
                     $fname=str_replace(' ','_',$fname);
                     $fname=str_replace('\'','_',$fname);
                     $fname=str_replace('"','_',$fname);
                     $fname=str_replace('?','',$fname);
                     $fname=str_replace('~','',$fname);
                     $fname=str_replace('../','',$fname);
                     $fname=str_replace('|','',$fname);
                     $fname=str_replace('+','',$fname);
                     $fname=str_replace('%','',$fname);
                     $fname=str_replace('^','',$fname);
                     $fname=str_replace('&','',$fname);
                     $fname=str_replace('@','',$fname);
                     $fname=str_replace('!','',$fname);
                     $fname=str_replace('`','',$fname);
                     $fname=str_replace('(','',$fname);
                     $fname=str_replace('[','',$fname);
                     $fname=str_replace(']','',$fname);
                     $fname=str_replace('#','',$fname);
                     $fname=str_replace('=','',$fname);
                     $fname=str_replace(')','',$fname);
                     $fname=str_replace('ь','',$fname);
					 /////////////////////////////////////////////////////////////////////////////////
                     $fname=''.$uz.'.'.$fname.'';/*Новое имя для файла*/
					 
                     if(is_dir($config_add_privat_fpath) && $config_add_privat_fpath!='.' && $config_add_privat_fpath!='..')/*Если указаная директория существует*/
					    {
                                   
                         if(copy($_FILES['userfile']['tmp_name'], "$config_add_privat_fpath/$fname"))/*Если файл был сохранен на сервере*/
						    {
                             chmod("$config_add_privat_fpath/$fname", 0777);
                                       
                             if($config_zip_privat=="1")/*Если включено архивирование*/
							    {
                                 $zfname=''.$fname.'.zip';
                                 $zip= new PclZip("$config_add_privat_fpath/$zfname");
								 
                                 if($zip->create("$config_add_privat_fpath/$fname",PCLZIP_OPT_REMOVE_PATH, "$config_add_privat_fpath/")!=0)/*Если архив создан*/
                                    {
								     chmod("$config_add_privat_fpath/$zfname", 0777);
                                     unlink("$config_add_privat_fpath/$fname");
								    }
                                     $fname=$zfname;/*Имя для архивированого файла*/
                                }
                                 /*Если файл был загружен,записываем его размер*/            
                                 $fp=fopen(BASEDIR."local/privat/fdata/$uz.dat","a+");
                                 $fpp=file_get_contents("../local/privat/fdata/$uz.dat");
                                 $sizef=(int)$fpp + $_FILES['userfile']['size'];
                                 clear_files("../local/privat/fdata/$uz.dat");
                                 flock ($fp,LOCK_EX);                                                              
                                 fputs($fp,$sizef);
                                 fflush ($fp);
                                 flock ($fp,LOCK_UN);
                                 fclose($fp);  
                                 ////////////////////////////////////////////////////
                                  
                               
                            }
						    else{header ("Location: privat.php?action=files&error=ferr&uz=$uz&".SID); exit;}
                        }
						else{header ("Location: privat.php?action=files&error=nodir&uz=$uz&".SID); exit;}
                    }
                    else{header ("Location: privat.php?action=files&error=extention&uz=$uz&".SID); exit;}
                }
                else{header ("Location: privat.php?action=files&error=extention&uz=$uz&".SID); exit;}
            }
			else{header ("Location: privat.php?action=files&error=fbig&uz=$uz&".SID); exit;}
			
        }
          if(!empty($fname)){$fname=base64_encode("$fname");}else{$fname=0;}/*Если файл был загружен,записываем в сообщение ссылку*/
    }

/*Проверяем входящие по заданым атрибутам(  ник отправителя и дата отправления ) ,если есть соответствие-записываем в файл*/
    $mesr=check($mesr);
     if($config_reply_privat=="1")
    {
	 $file = file("../local/privat/$log.$config_priv");
     $count=count($file);
     for($i=0;$i<$count;$i++)
        {
		 $udats = explode("|",$file[$i]);
         $lg=$udats[0];
         $tt=$udats[2];
		 
         if($lg==$uz && $tt==$mesr)
            {
			 $rep=$udats[1];
			}
        }
    }
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////


if($config_privat_antireklama==1 && !empty($config_privat_checkers))
{
antireklamap($mess,$sitetime,$rep,$log,$uz);
}
$mess=defence_go($mess,$uz);
$tex=$log.'|'.$mess.'|'.$sitetime.'|'.$rep.'|1|'.$fname.'|'; 
$tex=preg_replace ("|[\r\n]+|si","",$tex);


//------------------------------ Запись в профиль ----------------------------//
$ufile = file(BASEDIR."local/profil/$uz.prof"); 
$udata = explode(":||:",$ufile[0]);

$udata[10]++;
for ($u=0; $u<$config_userprofkey; $u++){
$utext.=$udata[$u].':||:';}

if($udata[0]!="" && $udata[1]!="" && $udata[4]!="" && $utext!=""){
$fp=fopen(BASEDIR."local/profil/$uz.prof","a+");  
flock ($fp,LOCK_EX); 
ftruncate ($fp,0);                                                              
fputs($fp,$utext);
fflush ($fp);
flock ($fp,LOCK_UN);
fclose($fp);  
unset($utext);	 
}

$fp=fopen(BASEDIR."local/privat/$uz.$config_priv","a+");  
flock ($fp,LOCK_EX);                                                              
fputs($fp,"$tex\r\n");
fflush ($fp);
flock ($fp,LOCK_UN);
fclose($fp);  


$tex2=$uz.'|'.$mess.'|'.$sitetime.'|1|0|'.$fname.'|'; 
$tex2=preg_replace ("|[\r\n]+|si","",$tex2);

$fp=fopen(BASEDIR."local/dataoutput/$log.$config_priv","a+");  
flock ($fp,LOCK_EX);                                                              
fputs($fp,"$tex2\r\n");
fflush ($fp);
flock ($fp,LOCK_UN);
fclose($fp);  
chmod ($fp, 0666);
chmod (BASEDIR."local/dataoutput/$log.$config_priv", 0666);

$file=file(BASEDIR."local/dataoutput/$log.$config_priv"); 
$i = count($file);
if ($i>=20) {
$fp=fopen(BASEDIR."local/dataoutput/$log.$config_priv","w");
flock ($fp,LOCK_EX);
unset($fname);
fputs($fp, implode($file));
flock ($fp,LOCK_UN);
fclose($fp);
}


header ("Location: privat.php?isset=mail&".SID); exit;

}} 
else {header ("Location: privat.php?action=submit&isset=nouzer&".SID); exit;}} 
else {
header ("Location: ../index.php?isset=inputoff&".SID); exit;
}

?>