View file comm/obmen/index.php

File size: 7.53Kb
<?php
include_once '../../sys/inc/start.php';

if(isset($_GET['showinfo']) || !isset($_GET['f']) || isset($_GET['komm'])){
	include_once '../../sys/inc/compress.php';
	}

include_once '../../sys/inc/sess.php';
include_once '../../sys/inc/home.php';
include_once '../../sys/inc/settings.php';
include_once '../../sys/inc/db_connect.php';
include_once '../../sys/inc/ipua.php';
include_once '../../sys/inc/fnc.php';
include_once '../../sys/inc/user.php';

if(isset($_GET['id_comm'])){
	$id_comm = intval($_GET['id_comm']);
	}else{
		header("Location: /index.php");
		}

$admin = mysql_fetch_array(mysql_query("SELECT * FROM `community_user_incomm` WHERE `cid` = '$id_comm' AND `uid` = '".$user['id']."'"));
$activate = mysql_fetch_array(mysql_query("SELECT * FROM `community_user_incomm` WHERE `cid` = '$id_comm' AND `uid` = '".$user['id']."' LIMIT 1"));
$comm = mysql_fetch_array(mysql_query('SELECT * FROM `community_comm` WHERE `id` = '.$id_comm.' LIMIT 1'));
$dir = mysql_fetch_array(mysql_query("SELECT * FROM `comm_obmen_dir` WHERE `dir` = '".esc($_GET['d'])."' AND `id_comm` = '".$id_comm."'"));
	$ft=esc(urldecode($_GET['f']));
	$namet=eregi_replace('\.[^\.]*$', NULL, $ft);
$file_t = mysql_fetch_array(mysql_query("SELECT * FROM `comm_obmen_files` WHERE `name` = '".$namet."' AND `id_comm` = '".$id_comm."'"));

if($id_comm==0 || $id_comm<0){
	header("Location: err.php?err=fuck_haker");}
	else if($comm['status']==2 && $activate['activate']==0){
		header("Location: err.php?err=not_participant");
		}else if(mysql_result(mysql_query("SELECT COUNT(*) FROM `comm_ban` WHERE `id_user` = '$user[id]' AND `id_comm` = '$id' AND `time` > '$time'"), 0)!=0){
			header('Location: ban.php?id='.$id);
			}else if($id_comm!=$comm['id']){
				header("Location: err.php?err=no_community");
				}else if($dir['dir']!=esc($_GET['d'])){
					header("Location: err.php?err=no_dir");
					}else if($file_t['name']!=$namet){
						header("Location: err.php?err=no_file");
						}else{

if(isset($_GET['d']) && esc($_GET['d'])!=NULL){
	$l=ereg_replace("\.{2,}",NULL,esc(urldecode($_GET['d'])));
	$l=ereg_replace("\./|/\.",NULL,$l);
	$l=ereg_replace("(/){1,}","/",$l);
	$l='/'.ereg_replace("(^(/){1,})|((/){1,}$)","",$l);
	}else{
		$l='/';
		}

if($l=='/'){
	$dir_id['upload']=0;
	$id_dir=0;
	$l='/';
	}else if(mysql_result(mysql_query("SELECT COUNT(*) FROM `comm_obmen_dir` WHERE `dir` = '/$l' OR `dir` = '$l/' OR `dir` = '$l' AND `id_comm` = '$id_comm' LIMIT 1"),0)!=0){
		$dir_id=mysql_fetch_array(mysql_query("SELECT * FROM `comm_obmen_dir` WHERE `dir` = '/$l' OR `dir` = '$l/' OR `dir` = '$l' AND `id_comm` = '$id_comm' LIMIT 1"));
		$id_dir=$dir_id['id'];
		}else{
			$dir_id['upload']=0;
			$id_dir=0;
			$l='/';
			}

if(isset($_GET['f'])){
	$f=esc(urldecode($_GET['f']));
	$name=eregi_replace('\.[^\.]*$', NULL, $f);
	$ras=strtolower(eregi_replace('^.*\.', NULL, $f));
	$ras=str_replace('jad', 'jar', $ras);

if(mysql_result(mysql_query("SELECT COUNT(*) FROM `comm_obmen_files` WHERE `id_dir` = '$id_dir' AND `name`='$name' AND `ras` = '$ras' AND `id_comm` = '$id_comm' LIMIT 1"),0)!=0){
	$file_id=mysql_fetch_array(mysql_query("SELECT * FROM `comm_obmen_files` WHERE `id_dir` = '$id_dir' AND `name`='$name' AND `ras` = '$ras' AND `id_comm` = '$id_comm' LIMIT 1"));
	$ras=$file_id['ras'];
	$file=H."sys/comm/obmen/files/$file_id[id].dat";
	$name=$file_id['name'];
	$size=$file_id['size'];

if(!isset($_GET['showinfo']) && !isset($_GET['komm']) && is_file(H.'sys/comm/obmen/files/'.$file_id['id'].'.dat')){

if($ras=='jar' && strtolower(eregi_replace('^.*\.', NULL, $f))=='jad'){
	include_once H.'sys/inc/zip.php';
	$zip=new PclZip(H.'sys/comm/obmen/files/'.$file_id['id'].'.dat');
	$content = $zip->extract(PCLZIP_OPT_BY_NAME, "META-INF/MANIFEST.MF" ,PCLZIP_OPT_EXTRACT_AS_STRING);
	$jad=eregi_replace("(MIDlet-Jar-URL:( )*[^(\n|\r)]*)", NULL, $content[0]['content']);
	$jad=eregi_replace("(MIDlet-Jar-Size:( )*[^(\n|\r)]*)(\n|\r)", NULL, $jad);
	$jad=trim($jad);
	$jad.="\r\nMIDlet-Jar-Size: ".filesize(H.'sys/comm/obmen/files/'.$file_id['id'].'.dat')."";
	$jad.="\r\nMIDlet-Jar-URL: /comm/obmen$dir_id[dir]$file_id[name].$file_id[ras]";
	$jad=br($jad,"\r\n");
	header('Content-Type: text/vnd.sun.j2me.app-descriptor');
	header('Content-Disposition: attachment; filename="'.$file_id['name'].'.jad";');
	echo $jad;
	exit;
	}

@mysql_query("UPDATE `comm_obmen_files` SET `k_loads` = '".($file_id['k_loads']+1)."' WHERE `id` = '$file_id[id]' AND `id_comm` = '$id_comm' LIMIT 1");
DownloadFile(H.'sys/comm/obmen/files/'.$file_id['id'].'.dat', $name.'.'.$ras, ras_to_mime($ras));
exit;
}else if(isset($_GET['komm']) && is_file(H.'sys/comm/obmen/files/'.$file_id['id'].'.dat')){
	$set['title']='Обменник - Комментарии - '.$file_id['name'];
	$_SESSION['page']=1;

include_once '../../sys/inc/thead.php';
title();

if(isset($user) && $admin['uid']==$user['id'] || $user['id']==$file_id['id_user']){
	include 'inc/komm_act.php';
	}

include_once 'inc/komm.php';

echo '&#187;&nbsp;<a href="index.php?d='.$dir_id['dir'].'&amp;f='.urlencode($file_id['name']).'.'.$file_id['ras'].'&amp;id_comm='.$id_comm.'&amp;showinfo">К описанию</a><br/>';
echo '&#187;&nbsp;<a href="index.php?d='.$dir_id['dir'].'&amp;id_comm='.$id_comm.'">В папку</a><br/>';
echo '&#187;&nbsp;<a href="'.H.'comm/comm.php?id='.$id_comm.'">В сообщество</a></div>';
include_once '../../sys/inc/tfoot.php';
exit;
}else{
	$set['title']='Обменник - '.$file_id['name'];

include_once '../../sys/inc/thead.php';
title();

if(isset($user) && $admin['uid']==$user['id'] && $admin['priv']>0){
	include 'inc/file_act.php';
	}

err();
aut();
echo '<div class="menu">';

if(is_file("inc/file/$ras.php")){
	include "inc/file/$ras.php";
	}else{
		include_once 'inc/file.php';
		}

if(isset($user) && $admin['uid']==$user['id']){
if($file_id['ras']=='jar'){
	echo '&#187;&nbsp;<a href="index.php?d='.$dir_id['dir'].'&amp;f='.urlencode($file_id['name']).'.jad&amp;id_comm='.$id_comm.'">Скачать</a> <a href="index.php?d='.$dir_id['dir'].'&amp;f='.urlencode($file_id['name']).'.'.$file_id['ras'].'&amp;id_comm='.$id_comm.'">JAR</a> ('.$file_id['k_loads'].')<br/>';
	}else{
		echo '&#187;&nbsp;<a href="index.php?d='.$dir_id['dir'].'&amp;f='.urlencode($file_id['name']).'.'.$file_id['ras'].'&amp;id_comm='.$id_comm.'">Скачать</a> ('.$file_id['ras'].')<br/>';
		echo '<b>Скачали</b>: '.$file_id['k_loads'].' раз.<br/>';
		}

echo '<input type="text" value="http://'.$_SERVER['HTTP_HOST'].'/comm/obmen/index.php?d='.$dir_id['dir'].'&f='.urlencode($file_id['name']).'.'.$file_id['ras'].'&id_comm='.$id_comm.'"/><br/>';
}else{
	echo '<div class="err">Чтобы скачивать файлы Вам нужно вступить в сообщество.</div>';
	}

echo '&#187;&nbsp;<a href="index.php?d='.$dir_id['dir'].'&amp;f='.urlencode($file_id['name']).'.'.$file_id['ras'].'&amp;id_comm='.$id_comm.'&amp;komm">Комментарии</a> ('.mysql_result(mysql_query("SELECT COUNT(*) FROM `comm_obmen_komm` WHERE `id_file` = '$file_id[id]' AND `id_comm` = '$id_comm'"), 0).')<br/>';
echo '&#187;&nbsp;<a href="index.php?d='.$dir_id['dir'].'&amp;id_comm='.$id_comm.'">В папку</a><br/>';
echo '&#187;&nbsp;<a href="'.H.'comm/comm.php?id='.$id_comm.'">В сообщество</a><br/>';

if(isset($user) && $admin['uid']==$user['id'] && $admin['priv']>0){
	include 'inc/file_form.php';
	}

echo '</div>';
include_once '../../sys/inc/tfoot.php';
}
}
}else{
include_once 'inc/dir.php';
}
}

include_once '../../sys/inc/tfoot.php';
?>