<?php
include('configuration.php');
if(!isset($_REQUEST['ac'])|| $_REQUEST['ac'] =='')
$_REQUEST['ac'] = 'lgn';
if(!isset($_SESSION['sid']) && !isset($_REQUEST['sid']) && $_REQUEST['ac'] != 'lgn' && $_REQUEST['ac'] != 'fgp' && $_REQUEST['ac'] != 'rst'
&& $_REQUEST['ac'] != 'rgs')
{
header('Location: index.php?ac=lgn&err=1');
exit();
}
if(isset($_REQUEST['sid']))
{
chkses($_REQUEST['sid']);
}else if(isset($_SESSION['sid']))
{
chkses($_SESSION['sid']);
}
chklog();
if($_REQUEST['ac'] == 'lgn')
{
$user = getuser($_REQUEST['user']);
if(isset($_REQUEST['return']))
{
$smarty->assign('return', urlencode($_REQUEST['return']));
}
if(isset($_REQUEST['err']))
{
$smarty->assign('err', $lang['you_must_log_in']);
}
if(isset($_REQUEST['user']) && chkeus($_REQUEST['user']) == false)
{
$smarty->assign('err', sprintf($lang['dont_exist'], $_REQUEST['user']));
}
else if(isset($_REQUEST['user']) && chkeus($_REQUEST['user']) && md5($_REQUEST['pass']) != $user['password'])
{
$smarty->assign('photo', getsetphoto($user['id']));
$smarty->assign('user', $user);
}
else if(isset($_REQUEST['user']) && chkeus($_REQUEST['user']) && md5($_REQUEST['pass']) == $user['password'])
{
if(!isset($_REQUEST['return']))
{
header('Location: index.php?ac=hme&sid=' . addses($user['id'], $_REQUEST['rem']));
exit();
}
else
{
header('Location: ?'.urldecode($_REQUEST['return']).'&sid=' . addses($user['id'], $_REQUEST['rem']));
exit();
}
}
$smarty->assign('page', 'm/login.tpl');
}
else if($_REQUEST['ac'] == 'rgs')
{
if($_prefs['regenabled'] == 'yes')
{
if(!isset($_SESSION['an']))
{
$_SESSION['an'] = 100;
}
if($_REQUEST['ans'] != $_SESSION['an'])
{
$digit = rand(1, 10);
$number = rand(1, 10);
$calc = $digit.'+'.$number;
$_SESSION['calc'] = $calc;
$calc = $_SESSION['calc'];
$an = $digit+$number;
$_SESSION['an'] = $an;
}
$calc = $_SESSION['calc'];
$an = $_SESSION['an'];
$tme = time()-$_prefs['reg_iplock'];
$row = mysql_fetch_array(mysql_query('SELECT COUNT(*) FROM _users WHERE reg_ip="'.$_SERVER['REMOTE_ADDR'].'" AND
reg_date>"'.$tme.'"'));
$smarty->assign('user', $_REQUEST['user']);
$smarty->assign('pass', $_REQUEST['pass']);
if($row[0] > 0)
{
$smarty->assign('err', $lang['reglock']);
$smarty->assign('lock', 1);
}
else
{
if(isset($_REQUEST['user']) && strlen($_REQUEST['user']) < 3 || strlen($_REQUEST['user']) > 15 || scharin($_REQUEST['user']) ||
spacesin($_REQUEST['user']))
{
$smarty->assign('err', $lang['invalid_user']);
}
else if(chkuser($_REQUEST['user']))
{
$smarty->assign('err', sprintf($lang['user_exist'], $_REQUEST['user']));
}
else
{
$_SESSION['username'] = $_REQUEST['user'];
$smarty->assign('info', sprintf($lang['user_valid'], $_SESSION['username']));
if(isset($_REQUEST['email']) && (strlen($_REQUEST['email']) < 7 || strlen($_REQUEST['email']) > 50 ||
!filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL)))
{
$smarty->assign('err', $lang['invalid_email']);
}
else if(chkmail($_REQUEST['email']))
{
$smarty->assign('err', sprintf($lang['email_exist'], $_REQUEST['email']));
}
else if(isset($_REQUEST['pass']) && strlen($_REQUEST['pass']) < 3 || strlen($_REQUEST['pass']) > 15 || schar($_REQUEST['pass']))
{
$smarty->assign('err', $lang['invalid_password']);
}
else if($_REQUEST['pass'] != $_REQUEST['repass'])
{
$smarty->assign('err', $lang['password_dont']);
}
else if(isset($_REQUEST['ans']))
{
if($_REQUEST['ans'] != $an)
{
$smarty->assign('err', $lang['invalid_answer']);
}
else
{
if(isset($_SESSION['username']) && $_REQUEST['email'] && $_REQUEST['pass'] == $_REQUEST['repass'] && $_REQUEST['ans'] == $an
&& adduser($_SESSION['username'], $_REQUEST['pass'], $_REQUEST['email'], $_prefs['language']) && $row[0] < 1)
{
$smarty->assign('result', 1);
}
}
}
}
}
}
else
{
$smarty->assign('disable', $lang['regdisabled']);
}
$smarty->assign('calc', $calc);
$smarty->assign('email', $_REQUEST['email']);
$smarty->assign('username', $_SESSION['username']);
$smarty->assign('page', 'm/register.tpl');
}
else if($_REQUEST['ac'] == 'fgp')
{
if(isset($_REQUEST['info']) && $_REQUEST['info'] == '')
{
$smarty->assign('err', $lang['req_pass_emp']);
}
else if(isset($_REQUEST['info']) && chkeus($_REQUEST['info']) == false)
{
$smarty->assign('err', $lang['user_or_email_invalid']);
}
else if(isset($_REQUEST['info']) && ForgotPassword($_REQUEST['info']))
{
$smarty->assign('ok', $lang['pwresetsuccess']);
}
$smarty->assign('page', 'm/forget.tpl');
}
else if($_REQUEST['ac'] == "rst")
{
if($_REQUEST['id'])
{
if($_REQUEST['rkey'])
{
if(ResetPassword($_REQUEST['id'], $_REQUEST['rkey']) == true)
{
$smarty->assign('reset', 1);
}
}
}
$smarty->assign('page', 'm/forget.tpl');
}
else if($_REQUEST['ac'] == 'lgu')
{
$chkd = mysql_query('DELETE FROM _session WHERE id="'.check($_REQUEST['sid']).'"');
session_destroy();
header('Location: index.php');
exit();
}
else if($_REQUEST['ac'] == 'hme')
{
if(getdetail($ses['userid']) == 0)
{
$smarty->assign('update', 1);
}
if(strlen($_REQUEST['post']) > 0 && AddToWall($_REQUEST['id'], $_REQUEST['post']) == true)
{
header('location: '.$_prefs['selfurl'].'?ac=hme&sid='.chklog());
exit();
}
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
$PerPage = 7;
$Count = GetFeedCount();
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
$FeedList = GetFeedList($pageNo, $PerPage);
$smarty->assign('Count', $Count);
$smarty->assign('perPage', $PerPage);
$smarty->assign('pageNo', $pageNo);
$smarty->assign('pageCount', $pageCount);
$smarty->assign('feed', $FeedList);
$friendrequest = FriendRequestCount();
$FriendRequestList = FriendRequestList();
$smarty->assign('friend', $friendrequest);
$smarty->assign('notify', GetNotifyList());
$smarty->assign('friendrequest', $FriendRequestList);
if($pageNo>1)
{
$ppage = $pageNo-1;
$smarty->assign("newer", $ppage);
}
if($pageNo<$pageCount)
{
$npage = $pageNo+1;
$smarty->assign("older", $npage);
}
$smarty->assign('page', 'm/home.tpl');
}
else if($_REQUEST['ac'] == 'prf')
{
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
$PerPage = 7;
$Count = GetWallCount($_REQUEST['id']);
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
$WallList = GetWallList($_REQUEST['id'], $pageNo, $PerPage);
$smarty->assign('Count', $Count);
$smarty->assign('perPage', $PerPage);
$smarty->assign('pageNo', $pageNo);
$smarty->assign('pageCount', $pageCount);
$smarty->assign('wall', $WallList);
if(!isset($_REQUEST['id']))
{
$_REQUEST['id'] = $ses['userid'];
}
$info = getuserinfo(check($_REQUEST['id']));
if(CheckFriend($_REQUEST['id']) == 1)
{
$smarty->assign('conf', 1);
}
else if(CheckFriend($_REQUEST['id']) == 2)
{
$smarty->assign('pend', 1);
}
else if(CheckFriend($_REQUEST['id']) == 3)
{
$smarty->assign('accp', 1);
}
if(strlen($_REQUEST['post']) > 0 && AddToWall($_REQUEST['id'], $_REQUEST['post']) == true)
{
header('location: '.$_prefs['selfurl'].'?ac=prf&id='.$_REQUEST['id'].'&sid='.chklog());
exit();
}
if($_REQUEST['do'] == "abt")
{
$smarty->assign('do', $_REQUEST['do']);
$detail = getdetail($_REQUEST['id']);
if(isset($_REQUEST['y']) || isset($_REQUEST['gender'])|| isset($_REQUEST['country']) || isset($_REQUEST['interested']) || isset($_REQUEST['about']))
{
$dob = $_REQUEST['m'].' - '.$_REQUEST['d'].' - '.$_REQUEST['y'];
if(getage($dob) < 12 || getage($dob) >= 40)
{
$smarty->assign('msg', $lang['age_inappropriate']);
}else if($_REQUEST['gender'] == '')
{
$smarty->assign('msg', $lang['select_gender']);
}else{
$chk = mysql_fetch_array(mysql_query('SELECT COUNT(*) FROM _detail WHERE userid="'.check($ses['userid']).'"'));
$tm = time();
if($chk[0] < 1)
{
$insert = mysql_query('INSERT INTO _detail SET userid="'.check($ses['userid']).'", dob="'.check($dob).'",
sex="'.check($_REQUEST['gender']).'", country="'.check($_REQUEST['country']).'", about="'.check($_REQUEST['about']).'",
interest="'.check($_REQUEST['interested']).'", relationship="'.check($_REQUEST['relationship']).'", uptm="'.$tm.'"');
$smarty->assign('ok', 1);
}else{
$update = mysql_query('UPDATE _detail SET dob="'.check($dob).'",
sex="'.check($_REQUEST['gender']).'", country="'.check($_REQUEST['country']).'", about="'.check($_REQUEST['about']).'",
interest="'.check($_REQUEST['interested']).'", relationship="'.check($_REQUEST['relationship']).'", uptm="'.$tm.'"
WHERE userid="'.check($ses['userid']).'"');
$smarty->assign('ok', 1);
}
}
}
if(isset($detail['dob']))
{
$dob = explode("-", $detail['dob']);
$_REQUEST['m'] = $dob[0];
$_REQUEST['d'] = $dob[1];
$_REQUEST['y'] = $dob[2];
}
if($detail['dob'] > 0)
{
$age = getage($detail['dob']);
}
if(!isset($_REQUEST['gender']))
{
$_REQUEST['gender'] = $detail['sex'];
}
if(!isset($_REQUEST['interested']))
{
$_REQUEST['interested'] = $detail['interest'];
}
if(!isset($_REQUEST['country']))
{
$_REQUEST['country'] = ucfirst($detail['country']);
}
if(!isset($_REQUEST['relationship']))
{
$_REQUEST['relationship'] = $detail['relationship'];
}
if(!isset($_REQUEST['about']))
{
$_REQUEST['about'] = $detail['about'];
}
$smarty->assign('se', $_REQUEST['interested']);
$smarty->assign('gen', $_REQUEST['gender']);
$smarty->assign('m', $_REQUEST['m']);
$smarty->assign('d', $_REQUEST['d']);
$smarty->assign('y', $_REQUEST['y']);
$smarty->assign('age', $age);
$smarty->assign('country', $_REQUEST['country']);
$smarty->assign('relationship', $_REQUEST['relationship']);
$smarty->assign('gender', $_REQUEST['gender']);
$smarty->assign('about', $_REQUEST['about']);
}
if($pageNo>1)
{
$ppage = $pageNo-1;
$smarty->assign("newer", $ppage);
}
if($pageNo<$pageCount)
{
$npage = $pageNo+1;
$smarty->assign("older", $npage);
}
$smarty->assign('info', $info);
$smarty->assign('on_wall', sprintf($lang['write_on_wall'], ucfirst($info['username'])));
$smarty->assign('username', ucfirst($info['username']));
$smarty->assign('photo', getsetphoto($_REQUEST['id']));
$smarty->assign('page', 'm/profile.tpl');
}
else if($_REQUEST['ac'] == 'cmt')
{
$PerPage = 7;
$Count = GetCommentCount($_REQUEST['stid'], 0);
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : max(1, ceil($Count / max(1, $PerPage)));
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
$ComList = GetCommentList($_REQUEST['stid'], 0, 0, $pageNo, $PerPage, 'ASC');
$smarty->assign('like', GetLikeUser($_REQUEST['stid'], 0, 0, 0));
$smarty->assign('lk', GetLikeCount($_REQUEST['stid'], 0, 0, 0));
$smarty->assign('Count', $Count);
$smarty->assign('perPage', $PerPage);
$smarty->assign('pageNo', $pageNo);
$smarty->assign('pageCount', $pageCount);
$smarty->assign('comment', $ComList);
$smarty->assign('stid', $_REQUEST['stid']);
if(strlen($_REQUEST['comment']) > 0 && AddComment($_REQUEST['stid'], 0, 0, $_REQUEST['comment']) == true)
{
$info = mysql_query('SELECT userid FROM _story WHERE id="'.check($_REQUEST['stid']).'"');
$user = mysql_fetch_array($info);
$inf = mysql_query('SELECT * FROM _comment WHERE stid="'.check($_REQUEST['stid']).'" AND userid="'.check($user[0]).'"');
if(mysql_num_rows($inf) == 0)
{
notify($user[0], $_REQUEST['stid'], 0, 0, 0, 1);
}
$in = mysql_query('SELECT DISTINCT userid FROM _comment WHERE stid="'.check($_REQUEST['stid']).'" AND userid!="'.check($ses['userid']).'"');
while($ft = mysql_fetch_array($in))
{
notify($ft[0], $_REQUEST['stid'], 0, 0, 0, 1);
}
header('location: '.$_prefs['selfurl'].'?ac=cmt&stid='.$_REQUEST['stid'].'&sid='.chklog());
exit();
}
if($pageNo>1)
{
$ppage = $pageNo-1;
$smarty->assign("newer", $ppage);
}
if($pageNo<$pageCount)
{
$npage = $pageNo+1;
$smarty->assign("older", $npage);
}
$smarty->assign('tinf', GetStoryInfo($_REQUEST['stid']));
$smarty->assign('page', 'm/comment.tpl');
}
else if($_REQUEST['ac'] == 'sae')
{
if(isset($_REQUEST['mess']) && AddToWall($ses['userid'], $_REQUEST['mess'], $_REQUEST['stid']) == true)
{
header('location: '.$_prefs['selfurl'].'?ac=prf&id='.$ses['userid'].'&sid='.chklog());
exit();
}
$smarty->assign('stinf', GetStoryInfo($_REQUEST['stid']));
$smarty->assign('stid', $_REQUEST['stid']);
$smarty->assign('page', 'm/share.tpl');
}
else if($_REQUEST['ac'] == 'lke')
{
if(isset($_REQUEST['stid']))
{
$_REQUEST['wid'] = $_REQUEST['stid'];
}
if(isset($_REQUEST['cid']) || isset($_REQUEST['wid']) || isset($_REQUEST['alid']) || isset($_REQUEST['pid']))
{
if($_REQUEST['do'] == 'ppl')
{
$PerPage = 7;
$Count = GetLikeCount($_REQUEST['wid'], $_REQUEST['cid'], $_REQUEST['alid'], $_REQUEST['pid']);
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : max(1, ceil($Count / max(1, $PerPage)));
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
$lkeList = GetLikeList($_REQUEST['wid'], $_REQUEST['cid'], $_REQUEST['alid'], $_REQUEST['pid'], $pageNo, $PerPage, 'ASC');
$smarty->assign('Count', $Count);
$smarty->assign('perPage', $PerPage);
$smarty->assign('pageNo', $pageNo);
$smarty->assign('pageCount', $pageCount);
$smarty->assign('like', $lkeList);
}
else if(AddToLike($_REQUEST['wid'], $_REQUEST['cid'], $_REQUEST['alid'], $_REQUEST['pid']) == true)
{
if($_REQUEST['wid'])
{
$url = '?ac=cmt&stid='.$_REQUEST['wid'];
}
if($_REQUEST['alid'])
{
$url = '?ac=pho&alid='.$_REQUEST['alid'];
}
if($_REQUEST['pid'])
{
$url = '?ac=pho&pid='.$_REQUEST['pid'];
}
header('location: '.$_prefs['selfurl'].$url.'&sid='.chklog());
exit();
}
}
$smarty->assign('page', 'm/like.tpl');
}
else if($_REQUEST['ac'] == 'fnd')
{
if(isset($_REQUEST['id']))
{
if(SendFriend($_REQUEST['id']) == false)
{
$smarty->assign('err', 1);
}
}
else
{
if(!isset($_REQUEST['fid']))
{
$_REQUEST['fid'] = $ses['userid'];
}
$PerPage = 5;
$Count = FriendCount($_REQUEST['fid'], $_REQUEST['user']);
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
$FriendList = GetFriendList($_REQUEST['fid'], $_REQUEST['user'], $pageNo, $PerPage);
$smarty->assign('Count', $Count);
$smarty->assign('perPage', $PerPage);
$smarty->assign('pageNo', $pageNo);
$smarty->assign('pageCount', $pageCount);
$smarty->assign('friend', $FriendList);
}
$smarty->assign('fid', $_REQUEST['fid']);
$smarty->assign('user', $_REQUEST['user']);
$smarty->assign('page', 'm/friends.tpl');
}
else if($_REQUEST['ac'] == 'srh')
{
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
if($pageNo == 1)
{
$PerPage = 5;
}
else
{
$PerPage = 10;
}
$Count = GetSearchCount($_REQUEST['q']);
if($Count == 0)
{
$smarty->assign('err', sprintf($lang['no_result'], check($_REQUEST['q'])));
}
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
$SearchList = GetSearchList($_REQUEST['q'], $pageNo, $PerPage);
$smarty->assign('Count', $Count);
$smarty->assign('perPage', $PerPage);
$smarty->assign('pageNo', $pageNo);
$smarty->assign('pageCount', $pageCount);
$smarty->assign('sear', $SearchList);
$smarty->assign('q', $_REQUEST['q']);
if($pageNo<$pageCount)
{
$npage = $pageNo+1;
$smarty->assign("older", $npage);
}
$smarty->assign('page', 'm/search.tpl');
}
else if($_REQUEST['ac'] == 'stn')
{
if($_REQUEST['step'] == 1)
{
$smarty->assign('step', 1);
if(isset($_REQUEST['album']) || isset($_REQUEST['photo']) || isset($_FILES['uphoto']))
{
$msg = cphoto($_REQUEST['album'], $_REQUEST['photo'], $_FILES['uphoto']);
if(strpos($msg,"_"))
{
$smarty->assign('url', $msg);
}else{
$smarty->assign('msg', $msg);
}
}
}else if($_REQUEST['step'] == 2)
{
if($ses['step'] == 0)
{
$update = mysql_query('UPDATE _users SET step="1" WHERE id="'.check($ses['userid']).'"');
}
if(isset($_REQUEST['y']) || isset($_REQUEST['gender']) || isset($_REQUEST['about']))
{
$dob = $_REQUEST['m'].' - '.$_REQUEST['d'].' - '.$_REQUEST['y'];
if(getage($dob) < 12 || getage($dob) >= 40)
{
$smarty->assign('msg', $lang['age_inappropriate']);
}else if($_REQUEST['gender'] == '')
{
$smarty->assign('msg', $lang['select_gender']);
}else{
$chk = mysql_fetch_array(mysql_query('SELECT COUNT(*) FROM _detail WHERE userid="'.check($ses['userid']).'"'));
$tm = time();
if($chk[0] < 1)
{
$insert = mysql_query('INSERT INTO _detail SET userid="'.check($ses['userid']).'", dob="'.check($dob).'", sex="'.check($_REQUEST['gender']).'",
about="'.check($_REQUEST['about']).'", uptm="'.$tm.'"');
$update = mysql_query('UPDATE _users SET step="3" WHERE id="'.check($ses['userid']).'"');
$smarty->assign('ok', 1);
}else{
$update = mysql_query('UPDATE _detail SET dob="'.check($dob).'", sex="'.check($_REQUEST['gender']).'", about="'.check($_REQUEST['about']).'",
uptm="'.$tm.'" WHERE userid="'.check($ses['userid']).'"');
$smarty->assign('ok', 1);
}
}
}
}
$detail = getdetail($ses['userid']);
if(isset($detail['dob']))
{
$dob = explode("-",$detail['dob']);
$_REQUEST['m'] = $dob[0];
$_REQUEST['d'] = $dob[1];
$_REQUEST['y'] = $dob[2];
}
$_REQUEST['gender'] = $detail['sex'];
if($_REQUEST['gender'] == 1)
{
$smarty->assign('sex', 1);
}else if($_REQUEST['gender'] == 2)
{
$smarty->assign('sel', 1);
}
$_REQUEST['about'] = $detail['about'];
$smarty->assign('m', $_REQUEST['m']);
$smarty->assign('d', $_REQUEST['d']);
$smarty->assign('y', $_REQUEST['y']);
$smarty->assign('gender', $_REQUEST['gender']);
$smarty->assign('about', $_REQUEST['about']);
$smarty->assign('album', $_REQUEST['album']);
$smarty->assign('photo', $_REQUEST['photo']);
$smarty->assign('page', 'm/setting.tpl');
}
else if($_REQUEST['ac'] == 'msg')
{
$PerPage = 7;
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
$Count = GetMessageCount($_REQUEST['mid'], $_REQUEST['type']);
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
$MessageList = GetMessageList($_REQUEST['mid'], $pageNo, $PerPage, 'DESC', $_REQUEST['type']);
$Compose = ComposeMessage($_REQUEST['mid'], $_REQUEST['message'], $_REQUEST['type']);
$chk = mysql_fetch_array(mysql_query('SELECT COUNT(DISTINCT toid) FROM _messages WHERE mid="'.check($_REQUEST['mid']).'"'));
$smarty->assign('Count', $Count);
$smarty->assign('perPage', $PerPage);
$smarty->assign('pageNo', $pageNo);
$smarty->assign('pageCount', $pageCount);
$smarty->assign('mess', $MessageList);
$smarty->assign('convo', GetMessageUser($_REQUEST['mid']));
$smarty->assign('cnvo', count(explode(urldecode(','), $_REQUEST['mid'])));
$smarty->assign('cnv', $chk[0]);
$smarty->assign('id', urlencode($_REQUEST['mid']));
$smarty->assign('type', $_REQUEST['type']);
if(isset($_REQUEST['mid']) || isset($_REQUEST['v']))
{
if(GetMessageIDCount($_REQUEST['mid'], $_REQUEST['type']) > 0 && $_REQUEST['do'] != 'cme')
{
header('location: '.$_prefs['selfurl'].'?ac=msg&do=cme&mid='.$_REQUEST['mid'].'&sid='.chklog());
exit();
}
if(isset($_REQUEST['do']))
{
GetMessageDo($_REQUEST['mid'], $_REQUEST['do'], $_REQUEST['sel'], $_REQUEST['type']);
if($_REQUEST['do'] == 3)
{
$smarty->assign('select', 1);
}else if($_REQUEST['do'] == 'cme')
{
if($_REQUEST['v'] == 'add')
{
$PerPage = 7;
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
$smarty->assign('composelist', 1);
$Count = GetComposeCount($_REQUEST['q']);
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
$ComposeList = GetComposeList($_REQUEST['q'], $pageNo, $PerPage, 'DESC');
$smarty->assign('Count', $Count);
$smarty->assign('perPage', $PerPage);
$smarty->assign('pageNo', $pageNo);
$smarty->assign('pageCount', $pageCount);
$smarty->assign('cme', $ComposeList);
}
$smarty->assign('compose', 1);
}
}
if(isset($_REQUEST['message']))
{
if($Compose != 1)
{
$smarty->assign('msg', $Compose);
}else{
header('Location: index.php?ac=msg&mid='.$_REQUEST['mid'].'&sid='.$ses['id']);
exit();
}
}
viewmessage($_REQUEST['mid']);
}
else if(!isset($_REQUEST['mid']) || $_REQUEST['mid']== '')
{
$PerPage = 7;
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
$Count = GetInboxCount($_REQUEST['type']);
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
$InboxList = GetInboxList($pageNo, $PerPage, 'DESC', $_REQUEST['type']);
$smarty->assign('in', $InboxList);
if($Count == 0)
{
$smarty->assign('nomess', 1);
}
}
if(isset($_REQUEST['q']))
{
$PerPage = 7;
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
$Count = GetInboxSearchCount($_REQUEST['q'], $_REQUEST['type']);
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
$InboxSearch = GetInboxSearchList($_REQUEST['q'], $pageNo, $PerPage, 'DESC', $_REQUEST['type']);
$smarty->assign('Count', $Count);
$smarty->assign('search', $_REQUEST['q']);
$smarty->assign('perPage', $PerPage);
$smarty->assign('pageNo', $pageNo);
$smarty->assign('pageCount', $pageCount);
$smarty->assign('in', $InboxSearch);
if($Count == 0)
{
$smarty->assign('nomess', 1);
}
}
if($pageNo>1)
{
$ppage = $pageNo-1;
$smarty->assign("newer", $ppage);
}
if($pageNo<$pageCount)
{
$npage = $pageNo+1;
$smarty->assign("older", $npage);
}
$smarty->assign('page', 'm/message.tpl');
}
else if($_REQUEST['ac'] == 'pho')
{
if(!isset($_REQUEST['id']))
{
$_REQUEST['id'] = $ses['userid'];
}
$PerPage = 7;
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
if(!isset($_REQUEST['alid']) || !isset($_REQUEST['pid']))
{
$Count = GetAlbumCount($_REQUEST['id']);
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
$AlbumList = GetAlbumList($_REQUEST['id'], $pageNo, $PerPage, 'DESC');
$smarty->assign('aluser', getusername($_REQUEST['id']));
$smarty->assign('id', $_REQUEST['id']);
$smarty->assign('Count', $Count);
$smarty->assign('perPage', $PerPage);
$smarty->assign('pageNo', $pageNo);
$smarty->assign('pageCount', $pageCount);
$smarty->assign('album', $AlbumList);
}
if(isset($_REQUEST['do']))
{
if($_REQUEST['do'] == 'add')
{
if($_REQUEST['alid'] > 0)
{
$url = '&alid='.$_REQUEST['alid'];
}
if(isset($_REQUEST['album']) || isset($_REQUEST['photo']) || isset($_FILES['uphoto']))
{
$msg = uphoto($_REQUEST['album'], $_REQUEST['photo'], $_FILES['uphoto']);
if(strpos($msg,"_"))
{
header('location: '.$_prefs['selfurl'].'?ac=pho'.$url.'&sid='.chklog());
}else{
$smarty->assign('msg', $msg);
}
}
$smarty->assign('albinfo', AlbumInfo($_REQUEST['alid']));
$smarty->assign('alid', $_REQUEST['alid']);
$smarty->assign('photo', $_REQUEST['photo']);
$smarty->assign('album', $_REQUEST['album']);
}
else if($_REQUEST['do'] == 'prf')
{
UpdateProfilePhoto($_REQUEST['pid']);
}
else if($_REQUEST['do'] == 'alb')
{
UpdateAlbumPhoto($_REQUEST['pid']);
}
$smarty->assign('do', $_REQUEST['do']);
}
if(isset($_REQUEST['alid']))
{
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
$Count = GetAlbumPhotoCount($_REQUEST['alid']);
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
$albuminfo = AlbumInfo($_REQUEST['alid']);
$AlbumPhotoList = GetAlbumPhotoList($_REQUEST['alid'], $pageNo, $PerPage, 'DESC');
$smarty->assign('aluser', getusername($_REQUEST['id']));
$smarty->assign('like', GetLikeUser(0, 0, $_REQUEST['alid'], 0));
$smarty->assign('lk', GetLikeCount(0, 0, $_REQUEST['alid'], 0));
$smarty->assign('Count', $Count);
$smarty->assign('perPage', $PerPage);
$smarty->assign('pageNo', $pageNo);
$smarty->assign('pageCount', $pageCount);
$smarty->assign('albumphoto', $AlbumPhotoList);
$smarty->assign('albuser', getusername($albuminfo['userid']));
$smarty->assign('albinfo', $albuminfo);
$smarty->assign('alid', $_REQUEST['alid']);
}
if(isset($_REQUEST['pid']))
{
$Per = 1;
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
$Count = GetPhotoCount($_REQUEST['pid']);
$pageCount = max(1, ceil($Count / max(1, $Per)));
$pageNo = min($pageCount, max(1, $pageNo));
$PhotoList = GetPhotoList($_REQUEST['pid'], $pageNo, $Per, 'DESC');
$smarty->assign('pid', $_REQUEST['pid']);
foreach($PhotoList as $phid=>$pho)
{
$_REQUEST['pid'] = $phid;
}
$smarty->assign('like', GetLikeUser(0, 0, 0, $_REQUEST['pid']));
$smarty->assign('lk', GetLikeCount(0, 0, 0, $_REQUEST['pid']));
$smarty->assign('Count', $Count);
$smarty->assign('perPage', $Per);
$smarty->assign('pageCount', $pageCount);
$smarty->assign('photo', $PhotoList);
}
$Ccount = GetCommentCount(0, $_REQUEST['alid'], $_REQUEST['pid']);
$ppageNo = (isset($_REQUEST['page'])) ? $_REQUEST['page'] : max(1, ceil($Ccount / max(1, $PerPage)));
$ppageCount = max(1, ceil($Ccount / max(1, $PerPage)));
$ppageNo = min($ppageCount, max(1, $ppageNo));
$ComList = GetCommentList(0, $_REQUEST['alid'], $_REQUEST['pid'], $ppageNo, $PerPage, 'ASC');
$smarty->assign('Ccount', $Ccount);
$smarty->assign('ppageNo', $ppageNo);
$smarty->assign('ppageCount', $ppageCount);
$smarty->assign('comment', $ComList);
if(strlen($_REQUEST['comment']) > 0 && AddComment(0, $_REQUEST['alid'], $_REQUEST['pid'], $_REQUEST['comment']) == true)
{
$info = mysql_query('SELECT userid FROM _photo WHERE albumid="'.check($_REQUEST['alid']).'" OR id="'.check($_REQUEST['pid']).'"');
$user = mysql_fetch_array($info);
$inf = mysql_query('SELECT * FROM _comment WHERE pid="'.check($_REQUEST['pid']).'" AND alid="'.check($_REQUEST['alid']).'"
AND userid="'.check($user[0]).'"');
if(mysql_num_rows($inf) == 0)
{
notify($user[0], 0, 0, $_REQUEST['pid'], $_REQUEST['alid'], 1);
}
$in = mysql_query('SELECT DISTINCT userid FROM _comment WHERE pid="'.check($_REQUEST['pid']).'" AND alid="'.check($_REQUEST['alid']).'"
AND userid!="'.check($ses['userid']).'"');
while($ft = mysql_fetch_array($in))
{
notify($user[0], 0, 0, $_REQUEST['pid'], $_REQUEST['alid'], 1);
}
if($_REQUEST['alid'] > 0)
{
$url = '&alid='.$_REQUEST['alid'];
}
if($_REQUEST['pid'] > 0)
{
$url = '&pid='.$_REQUEST['pid'];
}
header('location: '.$_prefs['selfurl'].'?ac=pho'.$url.'&sid='.chklog());
exit();
}
if($pageNo>1)
{
$page = $pageNo-1;
$smarty->assign("next", $page);
}
if($pageNo<$pageCount)
{
$npage = $pageNo+1;
$smarty->assign("prev", $npage);
}
if($ppageNo>1)
{
$ppage = $ppageNo-1;
$smarty->assign("newer", $ppage);
}
if($ppageNo<$ppageCount)
{
$npage = $ppageNo+1;
$smarty->assign("older", $npage);
}
$smarty->assign('ainf', AlbumInfo($_REQUEST['alid']));
$smarty->assign('page', 'm/photo.tpl');
}
else if($_REQUEST['ac'] == 'on')
{
$PerPage = 7;
if(!isset($_REQUEST['typ'])|| $_REQUEST['typ'] =='')
{
$_REQUEST['typ'] = 2;
}
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
$Count = GetOnlineCount($_REQUEST['q'], $_REQUEST['typ']);
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
$Online = GetOnlineList($_REQUEST['q'], $_REQUEST['typ'], $pageNo, $PerPage, 'DESC');
$smarty->assign('Count', $Count);
$smarty->assign('search', $_REQUEST['q']);
$smarty->assign('type', $_REQUEST['typ']);
if(strlen($_REQUEST['q']) > 0)
{
$smarty->assign('result', sprintf($lang['no_result'], $_REQUEST['q']));
}
if($pageNo>1)
{
$page = $pageNo-1;
$smarty->assign("newer", $page);
}
if($pageNo<$pageCount)
{
$npage = $pageNo+1;
$smarty->assign("older", $npage);
}
$smarty->assign('perPage', $PerPage);
$smarty->assign('pageNo', $pageNo);
$smarty->assign('pageCount', $pageCount);
$smarty->assign('online', $Online);
$smarty->assign('page', 'm/online.tpl');
}
else if($_REQUEST['ac'] == 'nfc')
{
if(isset($_REQUEST['id']))
{
GoNotifyID($_REQUEST['id']);
}
$PerPage = 10;
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
$Count = NotificationCount();
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
viewnotification();
$NotifyList = GetNotificationList($pageNo, $PerPage, 'DESC');
$smarty->assign('notify', $NotifyList);
$smarty->assign('page', 'm/notification.tpl');
}
else if($_REQUEST['ac'] == 'gop')
{
if(isset($_REQUEST['id']))
{
if(isset($_REQUEST['post']) && AddToWall(0, $_REQUEST['post'], $_REQUEST['stid'], $_REQUEST['id']) == true)
{
header('location: '.$_prefs['selfurl'].'?ac=gop&id='.$_REQUEST['id'].'&sid='.chklog());
exit();
}
$grou = getgroupinfo($_REQUEST['id']);
if(isset($_REQUEST['do']))
{
if($_REQUEST['do'] == 'abt')
{
if(isset($_REQUEST['group']))
{
if(strlen($_REQUEST['group']) < 3 || strlen($_REQUEST['group']) > 15)
{
$smarty->assign('err', $lang['invalid_group']);
}
else if(chkgroup($_REQUEST['group']) && $_REQUEST['group'] != $grou['grp'])
{
$smarty->assign('err', sprintf($lang['group_exist'], $_REQUEST['group']));
}
else
{
if(isset($_REQUEST['group']) && upgroup($_REQUEST['id'], $_REQUEST['group'], $_REQUEST['describe'], $_REQUEST['priv']))
{
}
}
}
}
if($_REQUEST['do'] == 'mbs')
{
$PerPage = 7;
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
$Coun = GetGroupMemberCount($_REQUEST['id']);
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
$member = GetGroupMemberList($_REQUEST['id'], $pageNo, $PerPage, 'DESC');
$smarty->assign('member', $member);
$smarty->assign('Coun', $Coun);
}
if($_REQUEST['do'] == 'add')
{
$PerPage = 7;
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
$Co = GetAddMemberCount($_REQUEST['id'], $_REQUEST['friend']);
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
$user = GetAddMemberList($_REQUEST['id'], $_REQUEST['friend'], $pageNo, $PerPage, 'DESC');
$smarty->assign('user', $user);
$smarty->assign('friend', $_REQUEST['friend']);
$smarty->assign('Co', $Co);
if(isset($_REQUEST['sel']))
{
for($i=0;$i<count($_REQUEST['sel']);$i++)
{
$in = mysql_query('INSERT INTO _members SET userid="'.check($_REQUEST['sel'][$i]).'", byid="'.check($ses['userid']).'",
grp="'.check($_REQUEST['id']).'", dtm="'.time().'", level=0');
}
if($in)
{
header('location: '.$_prefs['selfurl'].'?ac=gop&id='.$_REQUEST['id'].'&sid='.$ses['id']);
exit();
}
}
}
}
else
{
$PerPage = 7;
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
$Count = GetGroupWallCount($_REQUEST['id']);
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
$group = GetGroupWallList($_REQUEST['id'], $pageNo, $PerPage, 'DESC');
$smarty->assign('grop', $group);
$smarty->assign('Count', $Count);
}
$smarty->assign('group', $grou);
}
else
{
if(isset($_REQUEST['do']))
{
if($_REQUEST['do'] == 'cae')
{
if(isset($_REQUEST['group']))
{
if(strlen($_REQUEST['group']) < 3 || strlen($_REQUEST['group']) > 15)
{
$smarty->assign('err', $lang['invalid_group']);
}
else if(chkgroup($_REQUEST['group']))
{
$smarty->assign('err', sprintf($lang['group_exist'], $_REQUEST['group']));
}
else
{
if(isset($_REQUEST['group']) && addgroup($_REQUEST['group'], $_REQUEST['describe'], $_REQUEST['priv']))
{
}
}
}
}
}
else
{
$PerPage = 7;
$pageNo = (isset($_REQUEST['pg'])) ? $_REQUEST['pg'] : 1;
$Count = GetGroupCount();
$pageCount = max(1, ceil($Count / max(1, $PerPage)));
$pageNo = min($pageCount, max(1, $pageNo));
$group = GetGroupList($pageNo, $PerPage, 'DESC');
$rec = GetRecGroupList();
$smarty->assign('recc', count($rec));
$smarty->assign('rec', $rec);
$smarty->assign('grp', $group);
}
}
$smarty->assign('Count', $Count);
$smarty->assign('id', $_REQUEST['id']);
$smarty->assign('do', $_REQUEST['do']);
if($pageNo>1)
{
$page = $pageNo-1;
$smarty->assign("newer", $page);
}
if($pageNo<$pageCount)
{
$npage = $pageNo+1;
$smarty->assign("older", $npage);
}
$smarty->assign('perPage', $PerPage);
$smarty->assign('pageNo', $pageNo);
$smarty->assign('pageCount', $pageCount);
$smarty->assign('page', 'm/group.tpl');
}
else if($_REQUEST['ac'] == 'tub' && isset($_REQUEST['img']) && isset($_REQUEST['x']) && isset($_REQUEST['y']))
{
$file = htmlspecialchars($_GET['img']);
$y = $_REQUEST['x'];
$x = $_REQUEST['y'];
list(, , $type,) = getimagesize($file);
if($type == 1)
{
$funci= 'imagecreatefromgif';
}
if($type == 2)
{
$funci = 'imagecreatefromjpeg';
}
if($type == 3)
{
$funci = 'imagecreatefrompng';
}
if($type)
{
$im1 = $funci($file);
$im2 = imagecreatetruecolor($y,$x);
imagecopyresized($im2, $im1, 0,0,0,0,$y,$x, imagesx($im1), imagesy($im1));
if($type == 1)
{
header('Content-type: image/gif');
imagegif($im2);
}
else if($type == 2)
{
header('Content-type: image/jpeg');
imagejpeg($im2);
}
else if($type == 3)
{
header('Content-type: image/png');
imagepng($im2);
}
}
exit();
}
$smarty->display('m/index.tpl');
?>