File size: 5.36Kb
<?php
########################################
## WAP-ENGINE ##
########################################
## ##
## Автор : CHUMA (Токарев Владимир) ##
## e-mail : [email protected] ##
## WAP : http://wap-engine.ru ##
## ##
########################################
## ВЫ НЕ ИМЕЕТЕ ПРАВО ##
## ИЗМЕНЯТЬ КОД СКРИПТА ##
## ДЛЯ ДАЛЬНЕЙШЕГО РАСПРОСТРАНЕНИЯ! ##
########################################
include ('../../config.php');
include ('../../templates/run.php');
include ('../../templates/func.php');
####################
$banlist = file('../../data/ban.txt');
$base = '../../data/stol.txt';
$gb_flood = '../../data/flood_stol.txt';
$gb_flood_list = file($gb_flood);
$flood_time = time();
if(isset($_SESSION['sespass']) && isset($passw) && $_SESSION['sespass'] == $passw)
{
$name_guest = $login;
}
else
{
$name_guest = 'Гость';
}
$kategory = filter($_POST['kategory']);
$naz = filter($_POST['naz']);
$msg = filter($_POST['msg']);
$msg = str_replace('|', '', $msg);
$popravka = $sdvigclock*3600;
$time = date('H:i:s', time() + $popravka);
$date = date('d.m.Y', time() + $popravka);
$ip = filter($_SERVER['REMOTE_ADDR']);
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$brauzer = strtok($user_agent,' ');
$brauzer = filter($brauzer);
$brauzer = str_replace('|', '', $brauzer);
$ban = $brauzer.'||'.$ip;
foreach ($banlist as $key => $string)
{
if($ban == trim(array_shift($banlist)))
{
$errb = 1;
}
}
$date_now = date ('YmdHis', time() + $popravka);
if($bantime > $date_now)
{
$errb = 2;
}
$for = filter($_POST['for']);
$for = str_replace('|', '', $for);
$nicks = file('../../data/nicks.php');
$count_nicks = count($nicks);
$count_nicks = $count_nicks - 2;
for($i=2; $i <= $count_nicks; $i++)
{
if($for == trim($nicks[$i]))
{
$user_est = 1;
break;
}
}
# Проверка на флуд
$flood = 0;
foreach ($gb_flood_list as $key => $string)
{
$flood_arr = explode('|', $string);
if(trim($flood_arr[0]) == $ip && trim($flood_arr[1]) + $antiflood_stol >= $flood_time)
{
$flood = 1;
break;
}
}
# Проверка на флуд
if(!empty($for) && strlen($for) > 20)
{
header("Location: add.php?err=1");
}
elseif(!empty($for) && empty($user_est))
{
header("Location: add.php?err=2");
}
elseif(empty($kategory))
{
header("Location: add.php?err=12");
}
elseif(empty($naz))
{
header("Location: add.php?err=10");
}
elseif(empty($msg))
{
header("Location: add.php?err=3");
}
elseif(strlen($naz) > 250)
{
header("Location: add.php?err=11");
}
elseif(strlen($msg) > 500)
{
header("Location: add.php?err=4");
}
elseif($name_guest=="Гость" && empty($_POST['imgrand']))
{
header("Location: add.php?err=5");
}
elseif($name_guest=="Гость" && !empty($_POST['imgrand']) && $_POST['imgrand'] != $_SESSION['rand'])
{
header("Location: add.php?err=6");
}
elseif($name_guest=="Гость" && $errb == 1)
{
header("Location: add.php?err=7");
}
elseif($errb == 2)
{
header("Location: add.php?err=8");
}
elseif($name_guest=="Гость" && $dostup_guest == "0")
{
header("Location: add.php?err=9");
}
elseif($flood == 1)
{
header("Location: index.php?err=flood");
}
else
{
if ($_POST[msgtrans]==1)
{
$msg = tr_to_win($msg);
}
if ($_POST[naztrans]==1)
{
$naz = tr_to_win($naz);
}
$msg = smiles($msg);
$msg = antimat($msg);
$msg = bbcodes($msg);
$msg = stripslashes($msg);
$msg = str_replace("\r\n", '<br />', $msg);
$naz = smiles($naz);
$naz = antimat($naz);
$naz = bbcodes($naz);
$naz = stripslashes($naz);
$naz = str_replace("\r\n", '<br />', $naz);
$back = @file_get_contents($base);
if(!empty($nick_name))
{
$name_guest = $name_guest.'::'.$nick_name.'::'.$nick_color;
}
$for_user_f = @file('../../data/users/'.$for.'.php');
$for_nick_name = trim($for_user_f[37]);
if(!empty($for_nick_name))
{
$for_nick_name_arr = explode('::', $for_nick_name);
$for_nick_name_user = $for_nick_name_arr[0];
$for_nick_name_color = $for_nick_name_arr[1];
$for = $for.'::'.$for_nick_name_user.'::'.$for_nick_name_color;
}
write_to_file($base, "$name_guest|$for|$brauzer|$ip|$time|$date|$kategory|$naz|$msg"."\r\n"."$back");
if(isset($_SESSION['sespass']) && isset($passw) && $_SESSION['sespass'] == $passw)
{
$mes_guest = $mes_guest + 1;
$rating = $rating + 1;
if($rating == 10 && $status == '5')
{
$status = '4';
}
$str_to_user_file = str_user_data(); # Строка данных пользователя находится в файле templates/func.php
write_to_file('../../data/users/'.$login.'.php', "<?php\r\n/*\r\n$str_to_user_file\r\n*/\r\n?>");
}
# Запись в базу антифлуда
$flood_list_new = $ip.'|'.$flood_time."\r\n";
foreach ($gb_flood_list as $key => $string)
{
$flood_arr = explode('|', $string);
if(trim($flood_arr[0]) != $ip && trim($flood_arr[1]) + $antiflood_stol >= $flood_time)
{
$flood_list_new .= trim($flood_arr[0]).'|'.trim($flood_arr[1])."\r\n";
}
}
write_to_file($gb_flood, $flood_list_new);
# Запись в базу антифлуда
header ('Location: index.php?'.session_name().'='.session_id().'');
}
####################
?>