View file pages/addspam.php

File size: 9.38Kb
<?php
/************************************************/
//    show reply mod. by demeros                                         //
/************************************************/		
require_once"../template/start.php";
require_once"../template/regglobals.php";
require_once"../template/config.php";
require_once"../template/functions.php";
require_once"../template/antidos.php";
require_once"../template/gzip.php";
require_once"../template/header.php";
require_once"../template/rprivat.php";
include_once"../template/pclzip.php";

if ($provlog==$_SESSION['log'] && $provpar==md5($_SESSION['par']) && $_SESSION['log']!="" && md5($_SESSION['par'])!=""){
if($dostup==101 || $dostup==102){
$cat=(int)$cat;
$pol=(int)$pol;
if($cat==""){header ("Location: privat.php?action=spam_ready&isset=nouz&cat=$cat&pol=$pol&".SID); exit;}
$str=strlen($mess);
if($mess=="" || $str<6){header ("Location: privat.php?action=spam_ready&isset=nomess&cat=$cat&pol=$pol&".SID); exit;}
$ifadmin = file(BASEDIR."local/datatmp/adminlist.dat"); 
$fileu = file(BASEDIR."local/datatmp/userlist.dat");
$mess = check($mess);
$log = check($log);
$mess = utf_substr($mess,0,1000);
if($trans=="y"){$mess=transliter($mess);}
$mess = antimat($mess);
$mess = smiles($mess); 
$mess=base64_encode($mess);
/*Если есть файлы adminlist.dat & userlist.dat*/
if (empty($ifadmin) || empty($fileu) ){
header ("Location: privat.php?action=spam&error=noadm&".SID); exit;} 
else {

$ifadmin=array_reverse($ifadmin);
$totalu = count($fileu);
/*Если прикрепили файл*/

if(isset($_FILES['userfile']))/*********Проверка на наличие файла**************/
        {
         $trans1= array("Ь","Ъ","Ё","Ж","Ч","Ш","Щ","Э","Ю","Я","ё","ж","ч","ш","щ","э","ю","я","А","Б","В","Г","Д","Е","З","И","Й","К","Л","М","Н","О","П","Р","С","Т","У","Ф","Х","Ц","Ы","а","б","в","г","д","е","з","и","й","к","л","м","н","о","п","р","с","т","у","ф","х","ц","ы","ъ","ь");
         $trans2= array("","","JO","ZH","CH","SH","SCH","JE","JY","JA","jo","zh","ch","sh","sch","je","jy","ja","A","B","V","G","D","E","Z","I","J","K","L","M","N","O","P","R","S","T","U","F","H","C","Y","a","b","v","g","d","e","z","i","j","k","l","m","n","o","p","r","s","t","u","f","h","c","y","","");
         $format=explode(",",$config_type);
                     
         
		    if($_FILES['userfile']['size'] > 0 && ($_FILES['userfile']['size'])/1024 < $config_add_privat_fsize )/*Проверка на размер файла*/
            {
             $ext = strtolower(strrchr($_FILES['userfile']['name'], '.'));
             $ext=str_replace('.','',$ext);
             $fname=$_FILES['userfile']['name'];
             $fname=check($fname);
             $fname=str_replace($trans1,$trans2,$fname);
             $fname=strtolower($fname);
			             
             if(in_array($ext,$format))/*Проверка на разрешенные расширения*/ 
			    {
                 $ftype = $_FILES['userfile']['type'];
				 
                 if(!eregi('php',$ftype) && !eregi('htm',$ftype) && !eregi('inc',$ftype) && !eregi('wml',$ftype) && !eregi('xml',$ftype))/*Проверка типа файла*/
				    {
					 /******************Убераем запрещенные символы из имени******************/
                     $fname=str_replace(' ','_',$fname);
                     $fname=str_replace('\'','_',$fname);
                     $fname=str_replace('"','_',$fname);
                     $fname=str_replace('?','',$fname);
                     $fname=str_replace('~','',$fname);
                     $fname=str_replace('../','',$fname);
                     $fname=str_replace('|','',$fname);
                     $fname=str_replace('+','',$fname);
                     $fname=str_replace('%','',$fname);
                     $fname=str_replace('^','',$fname);
                     $fname=str_replace('&','',$fname);
                     $fname=str_replace('@','',$fname);
                     $fname=str_replace('!','',$fname);
                     $fname=str_replace('`','',$fname);
                     $fname=str_replace('(','',$fname);
                     $fname=str_replace('[','',$fname);
                     $fname=str_replace(']','',$fname);
                     $fname=str_replace('#','',$fname);
                     $fname=str_replace('=','',$fname);
                     $fname=str_replace(')','',$fname);
                     $fname=str_replace('ь','',$fname);
					 /////////////////////////////////////////////////////////////////////////////////
                     $fname='system_mail.'.$fname.''; /*Новое имя для файла*/
					 
                     if(is_dir($config_add_privat_fpath) && $config_add_privat_fpath!='.' && $config_add_privat_fpath!='..')/*Если указаная директория существует*/
					    {
                                   
                         if(copy($_FILES['userfile']['tmp_name'], "$config_add_privat_fpath/$fname"))/*Если файл был сохранен на сервере*/
						    {
                             chmod("$config_add_privat_fpath/$fname", 0777);
                                       
                             if($config_zip_privat=="1")/*Если включено архивирование*/
							    {
                                 $zfname=''.$fname.'.zip';
                                 $zip= new PclZip("$config_add_privat_fpath/$zfname");
								 
                                 if($zip->create("$config_add_privat_fpath/$fname",PCLZIP_OPT_REMOVE_PATH, "$config_add_privat_fpath/")!=0)/*Если архив создан*/
                                    {
								     chmod("$config_add_privat_fpath/$zfname", 0777);
                                     unlink("$config_add_privat_fpath/$fname");
								    }
                                     $fname=$zfname;/*Имя для архивированого файла*/
                                }
                                 
                                  
                            }
						    else{header ("Location: privat.php?action=spam&error=ferr&".SID); exit;}
                        }
						else{header ("Location: privat.php?action=spam&error=nodir&".SID); exit;}
                    }
                    else{header ("Location: privat.php?action=spam&error=extention&".SID); exit;}
                }
                else{header ("Location: privat.php?action=spam&error=extention&".SID); exit;}
            }
			else{header ("Location: privat.php?action=spam&error=fbig&".SID); exit;}
			
        }
          if(!empty($fname)){$fname=base64_encode($fname);}else{$fname=0;}/*Если файл был загружен,записываем в сообщение ссылку*/
    

/*Определяем кому слать письма*/
if($cat!="5" && $cat!="7"){
foreach($ifadmin as $key=>$value)
{$ainfo=explode("|",$value);
$ainfo[2]=(int)$ainfo[2];
if($cat=="1"){$uz="Спам Супер Админам";
if($ainfo[2]==101 ){if($log!=$ainfo[1]){if(spam_add($ainfo[1],$mess,$log,$sitetime,$pol,$fname)==TRUE){ $kol++;}}}}
if($cat=="2"){$uz="Спам Админам";
if($ainfo[2]==102 ){if($log!=$ainfo[1]){if(spam_add($ainfo[1],$mess,$log,$sitetime,$pol,$fname)==TRUE){ $kol++;}}}}
if($cat=="3"){$uz="Спам Старшим модерам";
if($ainfo[2]==103 ){if(spam_add($ainfo[1],$mess,$log,$sitetime,$pol,$fname)==TRUE){ $kol++;}}}
if($cat=="4"){$uz="Спам Модерам";
if($ainfo[2]==105){if(spam_add($ainfo[1],$mess,$log,$sitetime,$pol,$fname)==TRUE){ $kol++;}}}
if($cat=="6"){$uz="Спам Только для администрации";
if($ainfo[2]>=101 || $ainfo[2]<=105 ){if($log!=$ainfo[1]){if(spam_add($ainfo[1],$mess,$log,$sitetime,$pol,$fname)==TRUE){ $kol++;}}}}
}}
else
{for($i=0;$i<$totalu;$i++)
{$uinf=explode("|",$fileu[$i]);
if($cat=="7")
{$uz="Спам для всех юзеров";
if($uinf[2]!=$log){
if(spam_add($uinf[2],$mess,$log,$sitetime,$pol,$fname)==TRUE){ $kol++;}
}
}
if($cat=="5")
{$uz="Спам для юзеров";


if(search_ing($uinf[2])==TRUE && $uinf[2]!=$log ){
if(spam_add($uinf[2],$mess,$log,$sitetime,$pol,$fname)==TRUE){ $kol++;} }

}}}
/*Если количество писем ==0 сообщаем об ошибке*/
if($kol<=0)
{$kol=0;
header ("Location: privat.php?error=nadd&".SID); exit;
}
/*если есть кому отправлять-пишем в профиль и отправляем*/
else{
$tex2=$uz.'|'.$mess.'|'.$sitetime.'|0|0|0|'; 
$tex2=preg_replace ("|[\r\n]+|si","",$tex2);
$fp=fopen(BASEDIR."local/dataoutput/$log.$config_priv","a+");  
flock ($fp,LOCK_EX);                                                              
fputs($fp,"$tex2\r\n");
fflush ($fp);
flock ($fp,LOCK_UN);
fclose($fp);  
chmod ($fp, 0666);
chmod (BASEDIR."local/dataoutput/$log.$config_priv", 0666);
$file=file(BASEDIR."local/dataoutput/$log.$config_priv"); 
$i = count($file);
if ($i>=20) {
$fp=fopen(BASEDIR."local/dataoutput/$log.$config_priv","w");
flock ($fp,LOCK_EX);
unset($file[0]);
fputs($fp, implode($file));
flock ($fp,LOCK_UN);
fclose($fp);
}
header ("Location: privat.php?error=sended&kol=$kol&".SID); exit;
}
}
}else{header ("Location: privat.php?".SID); exit;}}
else {
header ("Location: ../index.php?isset=inputoff&".SID); exit;
}
?>