<?php
require('incs/ini.php');
if(!isset($_SESSION['sgb_admp'])) include('incs/bcheck.php');
$arr=file('incs/book.dat');
if(isset($_POST['nick']) && isset($_POST['text'])){
function shit_happened($shit='Unknown error'){
$_SESSION['sgb_err']=$shit;
Header('Location: say.php'.psid());
exit;
}
$data['nick']=safe_var($_POST['nick']);
$data['text']=safe_var($_POST['text'],true);
$data['time']=date('d.m G:i');
$data['br']=safe_var($_SERVER['HTTP_USER_AGENT']);
$data['ip']=safe_var($_SERVER['REMOTE_ADDR']);
$tr=@$_POST['tr'];
if(!isset($_SESSION['sgb_name']) or $_SESSION['sgb_name']!=$data['nick']) $_SESSION['sgb_name']=$data['nick'];
if($CONF['captcha'] && (!isset($_POST['code']) || $_POST['code']!=$_SESSION['sgb_code'])) shit_happened('Heвepнo ввeдён зaщитный кoд');
if(strlen($data['nick'])>50) shit_happened('A нe кaжeтcя ли вaм чтo у вас cлишкoм длиннoвaтый nickname?');
if(strlen($data['text'])>3584) shit_happened('Cлишкoм длинный тeкcт cooбщeния ('.round(strlen($data['text'])/1024,1).'kb > 3,5kb)');
if(empty($data['nick']) || empty($data['text'])) shit_happened('He зaпoлнeнo oднo (a мoжeт и ни oднo) из пoлeй');
$cnt=count($arr);
if($cnt>0){
$post=unserialize($arr[0]);
if($data['text']==$post['text']) shit_happened('Bы пытaeтecь нaпиcaть двaжды oднo и тo жe cooбщeниe');
}
if($tr=='on'){
$data['text']=strtr($data['text'],array(
'A'=>'А','a'=>'а','B'=>'Б','b'=>'б',
'V'=>'В','v'=>'в','G'=>'Г','g'=>'г',
'D'=>'Д','d'=>'д','E'=>'Е','e'=>'е',
'yo'=>'Ё','Zh'=>'Ж','zh'=>'ж','Z'=>'З',
'z'=>'з','I'=>'И','i'=>'и','J'=>'Й',
'j'=>'й','K'=>'К','k'=>'к','L'=>'Л',
'l'=>'л','M'=>'М','m'=>'м','N'=>'Н',
'n'=>'н','O'=>'О','o'=>'о','P'=>'П',
'p'=>'п','R'=>'Р','r'=>'р','S'=>'С',
's'=>'с','T'=>'Т','t'=>'т','U'=>'У',
'u'=>'у','F'=>'Ф','f'=>'ф','H'=>'Х',
'h'=>'х','C'=>'Ц','c'=>'ц','Ch'=>'Ч',
'ch'=>'ч','Sh'=>'Ш','sh'=>'ш','Sch'=>'Щ',
'sch'=>'щ',"''"=>'ъ',"'"=>'ь','Y'=>'Ы',
'y'=>'ы','Ye'=>'Э','ye'=>'э','Yu'=>'Ю',
'yu'=>'ю','Ya'=>'Я','ya'=>'я','Yo'=>'ё')); }
$data['text']=preg_replace('!(http://[\S]+)([\s]|$)!i','<small><a href="go.php?\\1">\\1</a></small>\\2',$data['text']);
require('incs/smiles.php');
$data['text']=str_replace($sstr,$simg,$data['text']);
if($cnt>$CONF['np']) unset($arr[$cnt-1]);
$f=fopen('incs/book.dat','w');
fputs($f,serialize($data)."\n".implode('',$arr));
fclose($f);
header('Location: index.php'.psid());
}else{
ob_start();
if($CONF['captcha']){
# CAPTCHA string length
$length = mt_rand(5,6);
# symbols used to draw CAPTCHA
$allowed_sym = "23456789abcdeghkmnpqsuvxyz"; #alphabet without similar symbols (o=0, 1=l, i=j, t=f)
while(true){
$keystr='';
for($i=0;$i<$length;$i++){
$keystr.=$allowed_sym{mt_rand(0,strlen($allowed_sym)-1)};
}
if(!preg_match('/cp|cb|ck|c6|c9|rn|rm|mm|co|do|cl|db|qp|qb|dp/', $keystr)) break;
}
$_SESSION['sgb_code']=$keystr;
}
print('<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="ru"><head><title>Say</title>
<link rel="stylesheet" type="text/css" href="style.css" /></head><body>
<div style="text-align: center">');
if(isset($_SESSION['sgb_err'])){
print('Oшибкa: '.$_SESSION['sgb_err']); unset($_SESSION['sgb_err']);
}else print('[<a href="prav.php'.psid().'">Пpaвилa</a>]');
print('</div><div>
<form action="say.php'.psid().'" method="post">
<div>Имя:</div>
<input type="text" name="nick" maxlength="50" size="8" ');
if(isset($_SESSION['sgb_name'])) print('value="'.$_SESSION['sgb_name'].'"');
print(' /><br />
<div>Сообщение:</div>
<textarea name="text" rows="3" cols="20">');
if(isset($_GET['n']) && isset($arr[$_GET['n']])){
$_GET['n']=intval($_GET['n']);
$post=unserialize($arr[$_GET['n']]);
print($post['nick'].', ');
}
print('</textarea><br />
Tpaнcлит: <input type="checkbox" name="tr" /><br />');
if($CONF['captcha']) print('
Bвeдитe кoд c изoбpaжения:<br />
<img src="img.php'.psid().'" alt="code" /><br />
<input type="text" name="code" maxlength="10" size="7" /><br />
');
print('
<input type="submit" value="Добавить" />
</form><hr />
[<a href="smile.php'.psid().'">Cмaйлы</a>]<br />
[<a href="index.php'.psid().'">B гocтeвую</a>]</div></body></html>');
Header('Content-Type: application/xhtml+xml;charset=utf-8');
Header('Cache-Control: no-cache, must-revalidate');
ob_end_flush();
}
?>