View file includes/header.php

File size: 11.75Kb
<?php
#-----------------------------------------------------#
#          ********* ROTORCMS *********               #
#              Made by  :  VANTUZ                     #
#               E-mail  :  [email protected]         #
#                 Site  :  http://pizdec.ru           #
#             WAP-Site  :  http://visavi.net          #
#                  ICQ  :  36-44-66                   #
#  Вы не имеете право вносить изменения в код скрипта #
#        для его дальнейшего распространения          #
#-----------------------------------------------------#	
if (!defined('BASEDIR')) {
    header('Location:../index.php');
    exit;
} 

if (isset($_SERVER['PHP_SELF'])) {
    $php_self = check(substr($_SERVER['PHP_SELF'], 1));
} 
if (isset($_SERVER['REQUEST_URI'])) {
    $request_uri = check(urldecode(substr(strtok($_SERVER['REQUEST_URI'], 'S'), 1)));
} 
if (isset($_SERVER['HTTP_REFERER'])) {
    $http_referer = check(urldecode(strtok($_SERVER['HTTP_REFERER'], 'S')));
} else {
    $http_referer = 'Не определено';
} 
if (empty($_SESSION['log'])) {
    $username = $config['guestsuser'];
} else {
    $username = $_SESSION['log'];
} 
if (empty($_SESSION['brow'])) {
    $_SESSION['brow'] = GetUserAgent();
} 
if (empty($request_uri)) {
    $request_uri = 'index.php';
} 
$brow = $_SESSION['brow'];
# ###########################################################################################
# #                            Сжатие и буферизация данныx                                 ##
# ###########################################################################################
if ($config['gzip'] == 1 && extension_loaded('zlib') && ini_get('zlib.output_compression') != 'On' && ini_get('output_handler') != 'ob_gzhandler' && ini_get('output_handler') != 'zlib.output_compression') {
    if (isset($_SERVER['HTTP_ACCEPT_ENCODING'])) {
        $gzencode = $_SERVER['HTTP_ACCEPT_ENCODING'];
    } elseif (isset($_SERVER['HTTP_ACCEPT_ENCODING'])) {
        $gzencode = $_SERVER['HTTP_TE'];
    } else {
        $gzencode = false;
    } 

    $support_gzip = (strpos($gzencode, 'gzip') !== false);
    $support_deflate = (strpos($gzencode, 'deflate') !== false);

    if ($support_gzip && $support_deflate) {
        $support_deflate = false;
    } 

    if ($support_gzip) {
        header("Content-Encoding: gzip");
        ob_start("compress_output_gzip");
    } 

    if ($support_deflate) {
        header("Content-Encoding: deflate");
        ob_start("compress_output_deflate");
    } 

    if (!$support_gzip && !$support_deflate) {
        ob_start();
        $config['gzip'] = 0;
    } 
} else {
    ob_start();
    $config['gzip'] = 0;
} 

ob_start('ob_processing');
# ###########################################################################################
# #                                 Проверка на ip-бан                                     ##
# ###########################################################################################
$querybanip = DB :: $dbh -> query("SELECT `ban_ip` FROM `ban`;");
$arrbanip = $querybanip -> fetchAll();

if (count($arrbanip) > 0) {
    foreach($arrbanip as $ipdata) {
        $ipmatch = 0;
        $ipsplit = explode('.', $ip);
        $dbsplit = explode('.', $ipdata['ban_ip']);

        for($i = 0;$i < 4;$i++) {
            if ($ipsplit[$i] == $dbsplit[$i] || $dbsplit[$i] == '*') {
                $ipmatch += 1;
            } 
        } 

        if ($ipmatch == 4) {
            if (!strstr($php_self, 'pages/banip.php')) {
                header ('Location: ' . $config['home'] . '/pages/banip.php?' . SID);
                exit;
            } 
        } //бан по IP
    } 
} 
# ###########################################################################################
# #                               Авторизация по cookies                                   ##
# ###########################################################################################
if ($config['cookies'] == 1) {
    if (empty($_SESSION['log']) && empty($_SESSION['par'])) {
        if (isset($_COOKIE['cooklog']) && isset($_COOKIE['cookpar'])) {
            $unlog = check(xoft_decode($_COOKIE['cooklog'], $config['keypass']));
            $unpar = xoft_decode($_COOKIE['cookpar'], $config['keypass']);

            $checkdata = DB :: $dbh -> queryFetch("SELECT * FROM `users` WHERE `users_login`=? LIMIT 1;", array($unlog));

            if (!empty($checkdata)) {
                if ($checkdata['users_login'] == $unlog && $checkdata['users_pass'] == md5(md5($unpar))) {
                    session_regenerate_id(1);

                    $_SESSION['log'] = $unlog;
                    $_SESSION['par'] = $unpar;
                    $_SESSION['my_ip'] = $ip;

                    DB :: $dbh -> query("UPDATE `users` SET `users_visits`=`users_visits`+1, `users_timelastlogin`=? WHERE `users_login`=?", array(SITETIME, $unlog));
                } 
            } 
        } 
    } 
} 
// -------------------------------------------------------------//
if ($_SERVER['HTTP_HOST']) {
    $config['servername'] = $_SERVER['HTTP_HOST'];
} else {
    $config['servername'] = $_SERVER['SERVER_NAME'];
} 
if (substr($config['servername'], 0, 4) == 'www.') {
    $config['servername'] = preg_replace('#www\.#', '', $config['servername'], 1);
} 
if (substr($config['servername'], 0, 4) == 'wap.') {
    $config['servername'] = preg_replace('#wap\.#', '', $config['servername'], 1);
} 
// ---------------------- Установка сессионных переменных -----------------------//
$log = '';
if (empty($_SESSION['counton'])) {
    $_SESSION['counton'] = 0;
} 
if (empty($_SESSION['currs'])) {
    $_SESSION['currs'] = SITETIME;
} 
if (empty($_SESSION['token'])) {
    $_SESSION['token'] = generate_password(6);
} 
if (empty($_SESSION['protect'])) {
    $_SESSION['protect'] = mt_rand(1000, 9999);
} 
$_SESSION['timeon'] = maketime(SITETIME - $_SESSION['currs']);
# ###########################################################################################
# #                                     Авторизация                                        ##
# ###########################################################################################
if (is_user()) {
    $log = check($_SESSION['log']);

    $querycheck = DB :: $dbh -> query("SELECT * FROM `users` WHERE `users_login`=? LIMIT 1;", array($log));
    $udata = $querycheck -> fetch();

//---------------------- Переопределение глобальных настроек -------------------------//
    $config['themes'] = $udata['users_themes'];         # Скин/тема по умолчанию
    $config['bookpost'] = $udata['users_postguest'];    # Вывод сообщений в гостевой
    $config['postnews'] = $udata['users_postnews'];     # Новостей на страницу
    $config['forumpost'] = $udata['users_postforum'];   # Вывод сообщение в форуме
    $config['forumtem'] = $udata['users_themesforum'];  # Вывод тем в форуме
    $config['boardspost'] = $udata['users_postboard'];  # Вывод объявлений
    $config['timeclocks'] = $udata['users_timezone'];   # Временной сдвиг 
    $config['showtime'] = $udata['users_showtime'];     # Вывод часов и дня недели
    $config['privatpost'] = $udata['users_postprivat']; # Вывод писем в привате
    $config['navigation'] = $udata['users_navigation']; # Быстрый переход

    if ($udata['users_ban'] == 1) {
        if (!strstr($php_self, 'pages/ban.php') && !strstr($php_self, 'pages/pravila.php')) {
            header ('Location: ' . $config['home'] . '/pages/ban.php?log=' . $log . '&' . SID);
            exit;
        } 
    } 

    if ($config['regkeys'] > 0 && $udata['users_confirmreg'] > 0 && empty($udata['users_ban'])) {
        if (!strstr($php_self, 'pages/key.php') && !strstr($php_self, 'input.php')) {
            header ('Location: ' . $config['home'] . '/pages/key.php?log=' . $log . '&' . SID);
            exit;
        } 
    } 

    if ($udata['users_sumcredit'] > 0 && SITETIME > $udata['users_timecredit'] && empty($udata['users_ban'])) {
        if (!strstr($php_self, 'games/kredit.php')) {
            header ('Location: ' . $config['home'] . '/games/kredit.php?' . SID);
            exit;
        } 
    } 
    // ---------------------- функция проверки ip и браузера -----------------------//
    if ($udata['users_ipbinding'] == 1) {
        if ($_SESSION['my_ip'] != $ip) {
            $_SESSION = array();
            session_unset();
            setcookie(session_name(), '', 0, '/', '');
            session_destroy();
            header ('Location: ' . $config['home'] . '/' . $request_uri);
            exit;
        } 
    } 
    // ------------------------ Запись текущей страницы для админов -----------------------------//
    if (strstr($php_self, basename(ADMINDIR))) {
        DB :: $dbh -> query("INSERT INTO `admlog` (`admlog_user`, `admlog_request`, `admlog_referer`, `admlog_ip`, `admlog_brow`, `admlog_time`) VALUES (?, ?, ?, ?, ?, ?);", array($log, $request_uri, $http_referer, $ip, $brow, SITETIME));

        DB :: $dbh -> query("DELETE FROM `admlog` WHERE `admlog_time` < (SELECT MIN(`admlog_time`) FROM (SELECT `admlog_time` FROM `admlog` ORDER BY `admlog_time` DESC LIMIT 300) AS del);");
    } 
    // -------------------------- Дайджест ------------------------------------//
    $queryvisit = DB :: $dbh -> query("SELECT * FROM `visit` WHERE `visit_user`=? LIMIT 1;", array($log));
    $visits = $queryvisit -> fetch();

    if (!empty($visits)) {
        $lifetime = SITETIME - $visits['visit_nowtime'];
        if ($visits['visit_count'] < 300 && $lifetime > 5 && $lifetime < 300) {
            $usertime = $lifetime;
        } else {
            $usertime = 0;
        } 

        DB :: $dbh -> query("UPDATE `visit` SET `visit_self`=?, `visit_ip`=?, `visit_count`=?, `visit_allcount`=`visit_allcount`+1, `visit_nowtime`=?, `visit_alltime`=`visit_alltime`+? WHERE `visit_user`=?;", array($php_self, $ip, $_SESSION['counton'], SITETIME, $usertime, $log));
    } else {
        DB :: $dbh -> query("INSERT INTO `visit` (`visit_user`, `visit_self`, `visit_ip`, `visit_nowtime`)  VALUES (?, ?, ?, ?);", array($log, $php_self, $ip, SITETIME));
    } 
} 
// ------------------------ Отключение кеширования -----------------------------//
if ($config['nocache'] == 0) {
    header("Cache-Control: no-store, no-cache, must-revalidate");
    header("Expires: " . date("r"));
} else {
    header("Cache-Control: public");
    header("Expires: " . date("r", time() + 600));
} 
// ------------------------ Автоопределение системы -----------------------------//
if (!empty($_SERVER['HTTP_USER_AGENT']) && !empty($config['webthemes']) && empty($_SESSION['my_themes'])) {
    if (empty($_SESSION['log']) || empty($_SESSION['par'])) {
        if (stristr($_SERVER['HTTP_USER_AGENT'], 'windows') || stristr($_SERVER['HTTP_USER_AGENT'], 'linux') ||
                stristr($_SERVER['HTTP_USER_AGENT'], 'macintosh') || stristr($_SERVER['HTTP_USER_AGENT'], 'unix') ||
                stristr($_SERVER['HTTP_USER_AGENT'], 'macos') || stristr($_SERVER['HTTP_USER_AGENT'], 'bsd')) {
            $config['themes'] = $config['webthemes'];
        } 
    } 
} 

if (isset($_SESSION['my_themes'])) {
    $config['themes'] = $_SESSION['my_themes'];
} 
ob_start('mc');
if (!file_exists(BASEDIR . 'themes/' . $config['themes'] . '/index.php')) {
    $config['themes'] = 'default';
} 
if ($config['closedsite'] == 1 && !strstr($php_self, 'pages/closed.php') && !strstr($php_self, 'input.php') && $log != $config['nickname']) {
    header ('Location: ' . $config['home'] . '/pages/closed.php?' . SID);
    exit;
} 

?>