<?php
require ( dirname ( __FILE__ ) . '/config.php' );
session_start();
$n = isset ( $_REQUEST['n'] ) ? intval ( $_REQUEST['n'] ) : 5;
$m = isset ( $_REQUEST['m'] ) ? intval ( $_REQUEST['m'] ) : 3;
$id = isset ( $_REQUEST['id'] ) ? intval ( $_REQUEST['id'] ) : 1;
$mode = isset ( $_GET['mode'] ) ? htmlspecialchars ( $_GET['mode'] ) : '';
$load = isset ( $_GET['load'] ) ? htmlspecialchars ( $_GET['load'] ) : '';
$c_tmp = mysql_query("SELECT COUNT(`id`) FROM `tmp_text`");
$tmp = mysql_result($c_tmp, 0);
if ( $_SERVER['QUERY_STRING'] == 'admin' )
{
header ( "Content-type: text/html; charset=utf-8" );
echo "<HTML><HEAD><TITLE>Админ</TITLE></HEAD></BODY>";
echo "<FORM method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">Пароль:<br/><input name=\"pass\"><br/><input type=\"submit\" value=\"Войти\"></FORM></BODY></HTML>";
exit;
}
if ( isset ( $_POST['pass']) AND $_POST['pass'] == $admin )
$_SESSION['admin'] = TRUE;
$a = isset ( $_SESSION['admin'] ) ? TRUE : FALSE;
if ( $a AND isset ( $_GET['del'] ) )
mysql_unbuffered_query ( "DELETE FROM `bashorg_quotes` WHERE `id`=" . intval ( $_GET['del'] ) );
mysql_unbuffered_query ( "DELETE FROM `ip` WHERE `uid`=" . intval ( $_GET['del'] ) );
if ( isset($_GET['del_ip'] ) AND $a )
{
mysql_unbuffered_query("TRUNCATE `ip`") or die(mysql_error());
}
$id = abs ( $id );
switch ( $m )
{
case 1: // По порядку, с новых
$query = "SELECT * FROM `bashorg_quotes` ORDER BY `id` DESC LIMIT " . $id . ", " . $n;
break;
case 2: // По порядку, старые
$query = "SELECT * FROM `bashorg_quotes` ORDER BY `id` LIMIT " . $id . ", " . $n;
break;
case 3: // Случайные
$all = mysql_result ( mysql_query ( "SELECT COUNT(*) FROM `bashorg_quotes`"), 0 );
$rand = rand ( 1, $all );
$query = "SELECT * FROM `bashorg_quotes` LIMIT " . $rand . ", " . $n;
break;
case 5: // Топ 10 лучших
$query = "SELECT * FROM `bashorg_quotes` ORDER BY `plus` DESC LIMIT 10";
break;
case 6: // Топ 10 худших
$query = "SELECT * FROM `bashorg_quotes` ORDER BY `minus` DESC LIMIT 10";
break;
case 4: // RSS
header ( "Content-type: application/xml; charset=windows-1251" );
$query = mysql_query ( "SELECT `quote` FROM `bashorg_quotes` ORDER BY `id` DESC LIMIT 50 ");
echo '<?xml version="1.0" encoding="windows-1251"?>
<rss version="2.0"
xmlns:atom="http://www.w3.org/2005/Atom"
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:content="http://purl.org/rss/1.0/modules/content/">
<channel>
<title>RSS quotes</title>
<link>http://wap-zone.org/</link>
<description>' . iconv ( "UTF-8", "WINDOWS-1251", "Цитатник Рунета" ) . '</description>
<language>ru</language>
';
while ( $quote = mysql_fetch_array ( $query ) )
{
echo '<item>
<title>Цитата</title>
<description>
' . htmlspecialchars ( $quote['quote'] ) . '
</description>
</item>';
}
echo '</channel></rss>';
exit;
break;
}
switch ( $load )
{
case 'add':
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\" \"http://www.wapforum.org/DTD/xhtml-mobile10-flat.dtd\">";
echo "<html><head>";
echo "<meta http-equiv=\"Content-Type\" content=\"application/xhtml+xml; charset=UTF-8\"/>";
echo '<link rel="stylesheet" type="text/css" href="../theme/'.$themes.'.css"/>';
echo "<title>BiWap.Net</title>";
echo "<style type=\"text/css\">";
echo "</style></head>";
echo "<body><div style=\"text-align: left\">";
echo "<div class=\"title_bord\"><div class=\"title\">";
echo "BiWap.Net - В мире Загрузок!</div></div><br/>";
echo '<div class="title_bord">';
echo '<form action="./add.php?id=' . $id . '&m=' . $m . '&n=' . $n . '" method="post">';
echo '#Текст:<br/>';
echo '<textarea cols="25" rows="3" name="text"></textarea><br/>';
echo "<img src=\"./code.php?".session_name()."=".session_id()."\" alt=\"Control\"/><br/>";
echo "Текст с картинки:<br/>";
echo "<input name=\"control\" maxlength=\"6\" format=\"*N\"/><br/>";
echo "<input type=\"hidden\" name=\"mode\" value=\"check\"/>";
echo "<input type=\"hidden\" name=\"".session_name()."\" value=\"".session_id()."\"/>";
echo '<input type="submit" value="Написать"/></form>';
echo '<a href="./index.php?id=' . $id . '&m=' . $m . '&n=' . $n . '">Назад</a>';
echo '</div>';
include 'functions.inc.php';
include '../foot.php';
exit();
break;
case 'v':
$kol = '10';
@$num = mysql_num_rows(mysql_query("SELECT (`id`) FROM `bashorg_quotes` WHERE quote LIKE '*trtrtr%'"));
$page = isset($_GET['page']) ? intval($_GET['page']) : 1;
$all = ceil($num/$kol);
if ($page>$all || $page<1) {
$page=1; $start=0;
} else {
$start = $page*$kol-$kol;
}
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\" \"http://www.wapforum.org/DTD/xhtml-mobile10-flat.dtd\">";
echo "<html><head>";
echo "<meta http-equiv=\"Content-Type\" content=\"application/xhtml+xml; charset=UTF-8\"/>";
echo '<link rel="stylesheet" type="text/css" href="../theme/'.$themes.'.css"/>';
echo "<title>BiWap.Net</title>";
echo "<style type=\"text/css\">";
echo "</style></head>";
echo "<body><div style=\"text-align: left\">";
echo "<div class=\"title_bord\"><div class=\"title\">";
echo "BiWap.Net - В мире Загрузок!</div></div><br/>";
echo '
<div class="title_bord">
<div class="a">';
$m ==1 ? print "<b>Новые</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=1&n=" . $n . "&id=" . $id . "\">Новые</a>";
print "|";
$m ==2 ? print "<b>Старые</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=2&n=" . $n . "&id=" . $id . "\">Старые</a>";
print "|";
$m ==3 ? print "<b>Случайные</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=3&n=" . $n . "&id=" . $id . "\">Случайные</a>";
print "|";
$m ==5 ? print "<b>Топ 10</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=5&n=" . $n . "&id=" . $id . "\">Топ 10</a>";
print "|";
$m ==6 ? print "<b>сТоп 10</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=6&n=" . $n . "&id=" . $id . "\">сТоп 10</a>";
print "|";
print " <a href=\"" . $_SERVER['PHP_SELF'] . "?m=4\">RSS</a>|";//exit($query);
echo '</div></div>';
if($num<1){
echo '<b>Пусто!!</b><br/>';
}else{
$WR=mysql_query("SELECT * FROM `bashorg_quotes` WHERE quote LIKE '*trtrtr%' ORDER BY id DESC LIMIT ".$start.",".$kol."");
while($q=mysql_fetch_array($WR)){
$q['quote'] = str_replace('*trtrtr','',$q['quote']);
echo '<table width="350"><tr><td>Цитата <b>#' . $q['id'] . '</b></td><td>Рейтинг: <a href="./index.php?id=' . $id . '&m=' . $m . '&n=' . $n . '&pid=' . $q['id'] . '">[+]</a>' . $q['plus'] . '/<a href="./index.php?id=' . $id . '&n=' . $n . '&m=' . $m . '&mid=' . $q['id'] . '">[-]</a>' . $q['minus'] . '</td></tr></table>';
echo str_replace ( "\n", "<br/>", htmlspecialchars ( iconv ( 'Windows-1251', 'UTF-8', $q['quote'] ) ) ) ;
}
}
echo '<br/>';
for($i =1; $i <= $all; $i++)
{
echo $pr=(($i == 1 || $i == $all || abs($i-$page) < 2) ? ($i == $page ? " [$i] " : ' <b><a href="./index.php?load=v&page='.$i.'&id=' . $id . '&m=' . $m . '&n=' . $n . '">'.$i.'</a></b>') : (($pr == ' ... ' || $pr == '')? '' : ' ... '));
}
echo '<br/><a href="./index.php?id=' . $id . '&m=' . $m . '&n=' . $n . '">Назад</a>';
echo '</div></div>';
include_once 'functions.inc.php';
include_once '../foot.php';
exit();
break;
}
if($a){
switch ( $mode )
{
case 'tmp_text':
$kol = '10';
@$num = mysql_num_rows(mysql_query("SELECT (`id`) FROM `tmp_text`"));
$page = isset($_GET['page']) ? intval($_GET['page']) : 1;
$all = ceil($num/$kol);
if ($page>$all || $page<1) {
$page=1; $start=0;
} else {
$start = $page*$kol-$kol;
}
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\" \"http://www.wapforum.org/DTD/xhtml-mobile10-flat.dtd\">";
echo "<html><head>";
echo "<meta http-equiv=\"Content-Type\" content=\"application/xhtml+xml; charset=UTF-8\"/>";
echo '<link rel="stylesheet" type="text/css" href="../theme/'.$themes.'.css"/>';
echo "<title>BiWap.Net</title>";
echo "<style type=\"text/css\">";
echo "</style></head>";
echo "<body><div style=\"text-align: left\">";
echo "<div class=\"title_bord\"><div class=\"title\">";
echo "BiWap.Net - В мире Загрузок!</div></div><br/>";
if($num<1){
echo '<b>Пусто!!</b><br/>';
}else{
$WR=mysql_query("SELECT * FROM `tmp_text` ORDER BY id DESC LIMIT ".$start.",".$kol."");
while($q=mysql_fetch_array($WR)){
$q['text'] = htmlspecialchars($q['text']);
echo '#Текст: <b>'.nl2br($q['text']).'</b><br/>';
echo '<a href="./index.php?mode=mod&dbid='.$q['id'].'&ms=1&id=' . $id . '&m=' . $m . '&n=' . $n . '">Разрешить</a> | ';
echo '<a href="./index.php?mode=mod&dbid='.$q['id'].'&ms=2&id=' . $id . '&m=' . $m . '&n=' . $n . '">Удалить</a>';
echo '<hr/>';
}
}
for($i =1; $i <= $all; $i++)
{
echo $pr=(($i == 1 || $i == $all || abs($i-$page) < 2) ? ($i == $page ? " [$i] " : ' <b><a href="./index.php?m=tmp_text&page='.$i.'">'.$i.'</a></b>') : (($pr == ' ... ' || $pr == '')? '' : ' ... '));
}
echo '<br/><a href="./index.php?id=' . $id . '&m=' . $m . '&n=' . $n . '">Назад</a>';
include 'functions.inc.php';
include '../foot.php';
exit();
break;
case 'mod':
$dbid = intval($_GET['dbid']);
$ms = intval($_GET['ms']);
$row = mysql_fetch_array(mysql_query("SELECT * FROM `tmp_text` WHERE id='".$dbid."'"));
$row['text'] = htmlspecialchars($row['text']);
if($ms == '1'){
$row['text'] = htmlspecialchars ( iconv ( 'UTF-8', 'WINDOWS-1251', trim ( $row['text'] ) ) );
mysql_unbuffered_query ( "INSERT INTO `bashorg_quotes` ( `quote` ) VALUES ( '*trtrtr" . $row['text'] . "') " );
mysql_unbuffered_query ( "DELETE FROM `tmp_text` WHERE `id`=".intval($dbid)."");
$sPathFile = "log.dat";
$fp = @fopen($sPathFile, "r");
$iCounter = 0;
if ($fp)
{
$iCounter = intval(fgets($fp, 100));
fclose($fp);
}
$iCounter++;
$fp = fopen($sPathFile, "w");
if ($fp)
{
fputs($fp, strval($iCounter));
fclose($fp);
}
}else{
mysql_unbuffered_query ( "DELETE FROM `tmp_text` WHERE `id`=".intval($dbid)."");
}
header('Location: ./index.php?id=' . $id . '&m=' . $m . '&n=' . $n . '');
exit();
break;
case 'wew':
$text = (isset($_POST['text'])) ? mysql_escape_string(trim($_POST['text'])) : '';
$text = substr($text,0,1000);
if(empty($text)){
header('Location: ./index.php?id=' . $id . '&m=' . $m . '&n=' . $n . '');
exit();
}else{
$quote = htmlspecialchars ( iconv ( 'UTF-8', 'WINDOWS-1251', trim ( $text ) ) );
mysql_unbuffered_query("INSERT INTO `bashorg_quotes` VALUES('NULL','". $text."','0','0')") or die(mysql_error());
}
header('Location: ./index.php?id=' . $id . '&m=' . $m . '&n=' . $n . '');
break;
}
}
$ip = mysql_escape_string(trim($_SERVER['REMOTE_ADDR']));
// Голос
if ( !empty ( $_GET['pid']) )
{
$PR2=mysql_query("SELECT * FROM `ip` WHERE `uid`='".intval($_GET['pid'])."' AND `ip`='".$ip."' LIMIT 1");
if(mysql_num_rows($PR2))
{
header('Location: ./index.php?id=' . $id . '&m=' . $m . '&n=' . $n . '');
exit();
}else{
mysql_unbuffered_query ( "UPDATE `bashorg_quotes` SET `plus`=`plus`+1 WHERE `id`=" . intval ( $_GET['pid'] ) );//exit(mysql_error());
mysql_unbuffered_query("INSERT INTO `ip` VALUES('NULL','". intval($_GET['pid'])."','".$ip."')") or die(mysql_error());
}
}
if ( !empty ( $_GET['mid']) )
{
$PR2=mysql_query("SELECT * FROM `ip` WHERE `uid`='".intval($_GET['mid'])."' AND `ip`='".$ip."' LIMIT 1");
if(mysql_num_rows($PR2))
{
header('Location: ./index.php?id=' . $id . '&m=' . $m . '&n=' . $n . '');
exit();
}else{
mysql_unbuffered_query ( "UPDATE `bashorg_quotes` SET `minus`=`minus`+1 WHERE `id`=" . intval ( $_GET['mid'] ) );
mysql_unbuffered_query("INSERT INTO `ip` VALUES('NULL','". intval($_GET['mid'])."','".$ip."')") or die(mysql_error());
}
}
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\" \"http://www.wapforum.org/DTD/xhtml-mobile10-flat.dtd\">";
echo "<html><head>";
echo "<meta http-equiv=\"Content-Type\" content=\"application/xhtml+xml; charset=UTF-8\"/>";
echo '<link rel="stylesheet" type="text/css" href="../theme/'.$themes.'.css"/>';
echo "<title>BiWap.Net</title>";
echo "<style type=\"text/css\">";
echo "</style></head>";
echo "<body><div style=\"text-align: left\">";
echo "<div class=\"title_bord\"><div class=\"title\">";
echo "BiWap.Net - В мире Загрузок!</div></div><br/>";
echo '
<div class="title_bord">
<div class="a">';
$m ==1 ? print "<b>Новые</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=1&n=" . $n . "&id=" . $id . "\">Новые</a>";
print "|";
$m ==2 ? print "<b>Старые</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=2&n=" . $n . "&id=" . $id . "\">Старые</a>";
print "|";
$m ==3 ? print "<b>Случайные</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=3&n=" . $n . "&id=" . $id . "\">Случайные</a>";
print "|";
$m ==5 ? print "<b>Топ 10</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=5&n=" . $n . "&id=" . $id . "\">Топ 10</a>";
print "|";
$m ==6 ? print "<b>сТоп 10</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=6&n=" . $n . "&id=" . $id . "\">сТоп 10</a>";
print "|";
print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=4\">RSS</a>|";//exit($query);
$query = mysql_query ( $query ) or die ( mysql_error () );
while ( $quote = mysql_fetch_array ( $query ) )
{
$quote['quote'] = str_replace('*trtrtr','',$quote['quote']);
echo '</div></div><div class="title_bord">
<div class="a"><div class="i_bar_t">';
echo '<table width="350"><tr><td>Цитата <b>#' . $quote['id'] . '</b></td><td>Рейтинг: <a href="' . $_SERVER['PHP_SELF'] . '?id=' . $id . '&m=' . $m . '&n=' . $n . '&pid=' . $quote['id'] . '">[+]</a>' . $quote['plus'] . '/<a href="' . $_SERVER['PHP_SELF'] . '?id=' . $id . '&n=' . $n . '&m=' . $m . '&mid=' . $quote['id'] . '">[-]</a>' . $quote['minus'] . '</td></tr></table>';
echo str_replace ( "\n", "<br/>", htmlspecialchars ( iconv ( 'Windows-1251', 'UTF-8', $quote['quote'] ) ) ) ;
if ( $a )
echo '<br/><a href="' . $_SERVER['PHP_SELF'] . '?id=' . $id . '&m=' . $m . '&n=' . $n . '&del=' . $quote['id'] . '">[Удалить]</a>';
echo '</div></div></div>---';
$nid = $quote['id'];
}
echo "<br/><a href=\"" . $_SERVER['PHP_SELF'] . "?n=" . $n . "&m=" . $m . "&id=";
$m == 1 ? print ( $id - $n + 1 ) : print ( $nid + $n - 1 );
echo "\">Следующая</a>";
echo "</div>";
echo "На страницу: ";
$n ==1 ? print "1" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?n=1&m=" . $m . "&id=" . $id . "\">1</a>";
print ", ";
$n ==2 ? print "2" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?n=2&m=" . $m . "&id=" . $id . "\">2</a>";
print ", ";
$n ==5 ? print "5" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?n=5&m=" . $m . "&id=" . $id . "\">5</a>";
print ", ";
$n ==10 ? print "10" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?n=10&m=" . $m . "&id=" . $id . "\">10</a>";
echo '<br/>';
$od = file_get_contents('log.dat');
echo 'Одобрено:'.$od.' | На проверке:'.$tmp.'<br/>';
echo '<a href="./index.php?load=add&id=' . $id . '&m=' . $m . '&n=' . $n . '">Добавить свою цитату</a>';
if ( $a )
{
$c_tmp = mysql_query("SELECT COUNT(`id`) FROM `tmp_text`");
$tmp = mysql_result($c_tmp, 0);
echo '<br/>';
echo '<a href="./index.php?mode=tmp_text&id=' . $id . '&m=' . $m . '&n=' . $n . '">Модерация текстов('.$tmp.')</a><br/>';
echo '<a href="./index.php?del_ip=del&id=' . $id . '&m=' . $m . '&n=' . $n . '">Очистить IP адреса</a>';
echo "<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "?mode=wew&id=" . $id . "&m=" . $m . "&n=" . $n . "\">";
echo "Добавить цитату<br/>
<textarea cols=\"20\" rows=\"4\" name=\"text\"></textarea>
<br/>
<input type=\"submit\" value=\"OK!\"/></form>";
}
echo '
</div>';
include 'functions.inc.php';
include '../foot.php';
?>