View file includes/header.php

File size: 11.12Kb
<?php
#-----------------------------------------------------#
#          ********* ROTORCMS *********               #
#              Made by  :  VANTUZ                     #
#               E-mail  :  [email protected]         #
#                 Site  :  http://pizdec.ru           #
#             WAP-Site  :  http://visavi.net          #
#                  ICQ  :  36-44-66                   #
#  Вы не имеете право вносить изменения в код скрипта #
#        для его дальнейшего распространения          #
#-----------------------------------------------------#
if (!defined('BASEDIR')) {
  header('Location:../index.php');
  exit;
} 

if (isset($_SERVER['PHP_SELF'])) {
  $php_self = check(substr($_SERVER['PHP_SELF'], 1));
} 
if (isset($_SERVER['REQUEST_URI'])) {
  $request_uri = check(urldecode(substr(strtok($_SERVER['REQUEST_URI'], 'S'), 1)));
} 
if (isset($_SERVER['HTTP_REFERER'])) {
  $http_referer = check(urldecode(strtok($_SERVER['HTTP_REFERER'], 'S')));
} else {
  $http_referer = 'Не определено';
} 
if (empty($_SESSION['log'])) {
  $username = $config['guestsuser'];
} else {
  $username = $_SESSION['log'];
} 
if (empty($_SESSION['brow'])) {
  $_SESSION['brow'] = GetUserAgent();
} 
if (empty($request_uri)) {
  $request_uri = 'index.php';
} 
$brow = $_SESSION['brow'];
# ###########################################################################################
# #                            Сжатие и буферизация данныx                                 ##
# ###########################################################################################
if (!empty($config['gzip']) && extension_loaded('zlib') && ini_get('zlib.output_compression') != 'On' && ini_get('output_handler') != 'ob_gzhandler' && ini_get('output_handler') != 'zlib.output_compression') {
  if (isset($_SERVER['HTTP_ACCEPT_ENCODING'])) {
    $gzencode = $_SERVER['HTTP_ACCEPT_ENCODING'];
  } elseif (isset($_SERVER['HTTP_TE'])) {
    $gzencode = $_SERVER['HTTP_TE'];
  } else {
    $gzencode = false;
  } 

  $support_gzip = (strpos($gzencode, 'gzip') !== false);
  $support_deflate = (strpos($gzencode, 'deflate') !== false);

  if ($support_gzip) {
    header("Content-Encoding: gzip");
    ob_start("compress_output_gzip");
  } elseif ($support_deflate) {
    header("Content-Encoding: deflate");
    ob_start("compress_output_deflate");
  } 
} 

ob_start('ob_processing');
# ###########################################################################################
# #                                 Проверка на ip-бан                                     ##
# ###########################################################################################
if (file_exists(DATADIR . "temp/ipban.dat")) {
  $arrbanip = unserialize(file_get_contents(DATADIR . "temp/ipban.dat"));
} else {
  $querybanip = DB :: $dbh -> query("SELECT `ban_ip` FROM `ban`;");
  $arrbanip = $querybanip -> fetchAll();
} 

if (count($arrbanip) > 0) {
  foreach($arrbanip as $ipdata) {
    $ipmatch = 0;
    $ipsplit = explode('.', $ip);
    $dbsplit = explode('.', $ipdata['ban_ip']);

    for($i = 0;$i < 4;$i++) {
      if ($ipsplit[$i] == $dbsplit[$i] || $dbsplit[$i] == '*') {
        $ipmatch += 1;
      } 
    } 

    if ($ipmatch == 4) {
      if (!strstr($php_self, 'pages/banip.php')) {
        header ('Location: ' . $config['home'] . '/pages/banip.php?' . SID);
        exit;
      } 
    } //бан по IP
  } 
} 
# ###########################################################################################
# #                               Авторизация по cookies                                   ##
# ###########################################################################################
if (!empty($config['cookies'])) {
  if (empty($_SESSION['log']) && empty($_SESSION['par'])) {
    if (isset($_COOKIE['cooklog']) && isset($_COOKIE['cookpar'])) {
      $unlog = check(xoft_decode($_COOKIE['cooklog'], $config['keypass']));
      $unpar = xoft_decode($_COOKIE['cookpar'], $config['keypass']);

      $checkdata = DB :: $dbh -> queryFetch("SELECT * FROM `users` WHERE `users_login`=? LIMIT 1;", array($unlog));

      if (!empty($checkdata)) {
        if ($checkdata['users_login'] == $unlog && $checkdata['users_pass'] == md5(md5($unpar))) {
          session_regenerate_id(1);

          $_SESSION['log'] = $unlog;
          $_SESSION['par'] = $unpar;
          $_SESSION['my_ip'] = $ip;

          DB :: $dbh -> query("UPDATE `users` SET `users_visits`=`users_visits`+1, `users_timelastlogin`=? WHERE `users_login`=? LIMIT 1;", array(SITETIME, $unlog));
        } 
      } 
    } 
  } 
} 
// -------------------------------------------------------------//
if ($_SERVER['HTTP_HOST']) {
  $config['servername'] = $_SERVER['HTTP_HOST'];
} else {
  $config['servername'] = $_SERVER['SERVER_NAME'];
} 
if (substr($config['servername'], 0, 4) == 'www.') {
  $config['servername'] = preg_replace('#www\.#', '', $config['servername'], 1);
} 
if (substr($config['servername'], 0, 4) == 'wap.') {
  $config['servername'] = preg_replace('#wap\.#', '', $config['servername'], 1);
} 
// ---------------------- Установка сессионных переменных -----------------------//
$log = '';
if (empty($_SESSION['counton'])) {
  $_SESSION['counton'] = 0;
} 
if (empty($_SESSION['currs'])) {
  $_SESSION['currs'] = SITETIME;
} 
if (empty($_SESSION['token'])) {
  $_SESSION['token'] = generate_password(6);
} 
if (empty($_SESSION['protect'])) {
  $_SESSION['protect'] = mt_rand(1000, 9999);
} 
$_SESSION['timeon'] = maketime(SITETIME - $_SESSION['currs']);
# ###########################################################################################
# #                                     Авторизация                                        ##
# ###########################################################################################
if (is_user()) {
  $log = check($_SESSION['log']);

  $udata = DB :: $dbh -> queryFetch("SELECT * FROM `users` WHERE `users_login`=? LIMIT 1;", array($log)); 
  // ---------------------- Переопределение глобальных настроек -------------------------//
  $config['themes'] = $udata['users_themes']; # Скин/тема по умолчанию
  $config['bookpost'] = $udata['users_postguest']; # Вывод сообщений в гостевой
  $config['postnews'] = $udata['users_postnews']; # Новостей на страницу
  $config['forumpost'] = $udata['users_postforum']; # Вывод сообщение в форуме
  $config['forumtem'] = $udata['users_themesforum']; # Вывод тем в форуме
  $config['boardspost'] = $udata['users_postboard']; # Вывод объявлений
  $config['timeclocks'] = $udata['users_timezone']; # Временной сдвиг 
  $config['showtime'] = $udata['users_showtime']; # Вывод часов и дня недели
  $config['privatpost'] = $udata['users_postprivat']; # Вывод писем в привате
  $config['navigation'] = $udata['users_navigation']; # Быстрый переход
  if ($udata['users_ban'] == 1) {
    if (!strstr($php_self, 'pages/ban.php') && !strstr($php_self, 'pages/pravila.php')) {
      header ('Location: ' . $config['home'] . '/pages/ban.php?log=' . $log . '&' . SID);
      exit;
    } 
  } 

  if ($config['regkeys'] > 0 && $udata['users_confirmreg'] > 0 && empty($udata['users_ban'])) {
    if (!strstr($php_self, 'pages/key.php') && !strstr($php_self, 'input.php')) {
      header ('Location: ' . $config['home'] . '/pages/key.php?log=' . $log . '&' . SID);
      exit;
    } 
  } 

  if ($udata['users_sumcredit'] > 0 && SITETIME > $udata['users_timecredit'] && empty($udata['users_ban'])) {
    if (!strstr($php_self, 'games/kredit.php')) {
      header ('Location: ' . $config['home'] . '/games/kredit.php?' . SID);
      exit;
    } 
  } 
  // ---------------------- функция проверки ip и браузера -----------------------//
  if (!empty($udata['users_ipbinding'])) {
    if ($_SESSION['my_ip'] != $ip) {
      $_SESSION = array();
      session_unset();
      setcookie(session_name(), '', 0, '/', '');
      session_destroy();
      header ('Location: ' . $config['home'] . '/' . $request_uri);
      exit;
    } 
  } 
  // ------------------------ Запись текущей страницы для админов -----------------------------//
  if (strstr($php_self, basename(ADMINDIR))) {
    DB :: $dbh -> query("INSERT INTO `admlog` (`admlog_user`, `admlog_request`, `admlog_referer`, `admlog_ip`, `admlog_brow`, `admlog_time`) VALUES (?, ?, ?, ?, ?, ?);", array($log, $request_uri, $http_referer, $ip, $brow, SITETIME));

    DB :: $dbh -> query("DELETE FROM `admlog` WHERE `admlog_time` < (SELECT MIN(`admlog_time`) FROM (SELECT `admlog_time` FROM `admlog` ORDER BY `admlog_time` DESC LIMIT 300) AS del);");
  } 
  // -------------------------- Дайджест ------------------------------------//
  $visits = DB :: $dbh -> queryFetch("SELECT * FROM `visit` WHERE `visit_user`=? LIMIT 1;", array($log));

  if (!empty($visits)) {
    $lifetime = SITETIME - $visits['visit_nowtime'];
    if ($lifetime > 5 && $lifetime < 300 && $visits['visit_count'] < 300) {
      DB :: $dbh -> query("UPDATE `visit` SET `visit_self`=?, `visit_ip`=?, `visit_count`=?, `visit_allcount`=`visit_allcount`+1, `visit_nowtime`=?, `visit_alltime`=`visit_alltime`+? WHERE `visit_user`=? LIMIT 1;", array($php_self, $ip, $_SESSION['counton'], SITETIME, $lifetime, $log));
    } else {
      DB :: $dbh -> query("UPDATE `visit` SET `visit_nowtime`=? WHERE `visit_user`=? LIMIT 1;", array(SITETIME, $log));
    } 
  } else {
    DB :: $dbh -> query("INSERT INTO `visit` (`visit_user`, `visit_self`, `visit_ip`, `visit_nowtime`)  VALUES (?, ?, ?, ?);", array($log, $php_self, $ip, SITETIME));
  } 
} 
// ------------------------ Отключение кеширования -----------------------------//
if ($config['nocache'] == 0) {
  header("Cache-Control: no-store, no-cache, must-revalidate");
  header("Expires: " . date("r"));
} else {
  header("Cache-Control: public");
  header("Expires: " . date("r", time() + 600));
} 
// ------------------------ Автоопределение системы -----------------------------//
if (!empty($_SERVER['HTTP_USER_AGENT']) && !empty($config['webthemes']) && empty($_SESSION['my_themes'])) {
  if (empty($_SESSION['log']) || empty($_SESSION['par'])) {
    if (stristr($_SERVER['HTTP_USER_AGENT'], 'windows') || stristr($_SERVER['HTTP_USER_AGENT'], 'linux') ||
        stristr($_SERVER['HTTP_USER_AGENT'], 'macintosh') || stristr($_SERVER['HTTP_USER_AGENT'], 'unix') ||
        stristr($_SERVER['HTTP_USER_AGENT'], 'macos') || stristr($_SERVER['HTTP_USER_AGENT'], 'bsd')) {
      $config['themes'] = $config['webthemes'];
    } 
  } 
} 

if (isset($_SESSION['my_themes'])) {
  $config['themes'] = $_SESSION['my_themes'];
} 
ob_start('mc');
if (!file_exists(BASEDIR . 'themes/' . $config['themes'] . '/index.php')) {
  $config['themes'] = 'default';
} 
if ($config['closedsite'] == 1 && !strstr($php_self, 'pages/closed.php') && !strstr($php_self, 'input.php') && $log != $config['nickname']) {
  header ('Location: ' . $config['home'] . '/pages/closed.php?' . SID);
  exit;
} 

?>