Размер файла: 9.03Kb
<?
Error_Reporting(E_ALL & ~E_NOTICE); /////////////// игнорируем ошибки
header ("Content-type:text/vnd.wap.wml; charset=utf-8");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-relative");
list($msec,$sec)=explode(chr(32),microtime());
$HeadTime=$sec+$msec;
$ref=rand(10000,1000000);
require("conf.inc.php");
global $REMOTE_ADDR;
global $HTTP_USER_AGENT;
$id=@mysql_escape_string($id);
$pass=@mysql_escape_string($pass);
$login=@mysql_escape_string($login);
$connt=mysql_pconnect ($DB_HOST, $DB_USER, $DB_PASS);
mysql_select_db($DB_NAME);
if(empty($id)) {
$find_user=mysql_query("Select * from users where cid='".$cid."' AND login='".$login."' and pass='".$pass."'") or die("Querry error");
} else {
$find_user=mysql_query("Select * from users where cid='".$cid."' AND id='".$id."' and pass='".$pass."'") or die("Querry error");
}
if(mysql_affected_rows()==0)
{
echo <<<END
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
<wml>
<card id="search" title="РџРѕРСвЂР ЎРѓР С”">
<p align="center">
Логин или пароль неверны, проверьте ваш ввод.
</p>
</card>
</wml>
END;
return 0;
}
else
{
$row=mysql_fetch_array($find_user);
$login=$row['login'];
$id=$row['id'];
if (($row["browser"]!==$HTTP_USER_AGENT) or ($row["ip"]!==$REMOTE_ADDR))
{
mysql_query("update users set browser='$HTTP_USER_AGENT', ip='$REMOTE_ADDR' where cid='".$cid."' AND id='$id';");
}
//Проверка, не забанен ли ip+browser:
if ($row["vip"]!=1)
{
echo <<<END
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
<wml>
<card id="stop" title="Fuck off">
<p align="center">
У тебя нет сюда доступа
</p>
</card>
</wml>
END;
return 0;
}
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\" \"http://www.wapforum.org/DTD/wml12.dtd\">\n";
echo "<wml>\n";
echo "<card title=\"VIP\">\n";
echo "<p align=\"left\">\n";
if($row['fsize'] == "small") { $fsize1 = "<small>"; $fsize2 = "</small>"; }
elseif($row['fsize'] == "big") { $fsize1 = "<big>"; $fsize2 = "</big>"; }
else { $fsize1 = ""; $fsize2 = ""; }
switch($mod) {
case 'kick':
if(empty($action)) {
?>
Кого:<br/> <input type="text" name="who" value="<? print $who; ?>" emptyok="false"/><br/>
На сколько (сек.):<br/>
<select name="banf" title="TIME" value="10">
<option value="10">10</option>
<option value="30">30</option>
<option value="60">60</option>
<option value="120">120</option>
<option value="180">180</option>
<option value="250">250</option>
<option value="300">300</option>
</select><br/>
Причина:<br/><input type="text" name="banw" maxlength="255" value="" emptyok="false"/><br/>
<anchor>Пошел<go href="vip.php?id=<? print $id; ?>&pass=<? print $pass; ?>&mod=kick&cid=<? print $cid; ?>" method="post">
<postfield name="action" value="kick"/>
<postfield name="who" value="$(who)"/>
<postfield name="banf" value="$(banf)"/>
<postfield name="banw" value="$(banw)"/>
</go></anchor>
<?
}
else
{
if(mysql_query("update users set ban='1.".time()."', banf='".$banf."', banw='".$banw."', banb='".$login."' where cid='$cid' and login='".$who."';"))
print "<b><u>$who</u> выпнут из чата на $banf sec.!</b><br/>";
}
break;
case 'mmeet':
$title=trim(htmlspecialchars(stripslashes($title)));
$content=trim(htmlspecialchars(stripslashes($content)));
$organizatory=trim(htmlspecialchars(stripslashes($organizatory)));
if(empty($title)) $error=$error."<u>Название не введено!</u><br/>";
if(empty($content)) $error=$error."<u>Пустое содержание встречи!</u><br/>";
if(empty($organizatory)) $error=$error."<u>Организаторов нет!</u><br/>";
if(empty($action)) {
print "Название:<br/><input name=\"title\"/><br/>
Содержание:<br/><input name=\"content\"/><br/>
Организаторы:<br/><input name=\"organizatory\"/><br/>
<anchor>Добавить<go href=\"vip.php?id=$id&pass=$pass&mod=mmeet&cid=$cid\" method=\"post\">
<postfield name=\"action\" value=\"add\"/>
<postfield name=\"title\" value=\"$(title)\"/>
<postfield name=\"content\" value=\"$(content)\"/>
<postfield name=\"organizatory\" value=\"$(organizatory)\"/></go></anchor>";
} else { if(empty($error)) {
if($title!=$last_meet['title']) {
if(mysql_query("insert into vstrechi values(0,'$login','$title','$content','$organizatory','$cid');")) { print "<b>Ваша встреча успешно добавлена!</b>"; } else { print "<b>Проблемы с базой данных!</b>"; } } else { print "<b>Такая встреча уже добавлена!</b>"; }
} else { print $error; } }
break;
case 'dmeet':
$q = mysql_query("select * from vstrechi where cid='$cid' order by id desc;");
if(empty($action)) {
while($arr=mysql_fetch_array($q)) {
print "<a href=\"vip.php?action=del&id=$id&pass=$pass&mod=dmeet&mid=".$arr['id']."&cid=$cid\">".$arr['title']."</a><br/>"; }
} else {
if(mysql_query("delete from vstrechi where cid='$cid' AND id='$mid' limit 1;")) print "<b>Запись успешно удалена!</b><br/>";
}
break;
case 'title':
if(empty($act)) {
echo 'Заголовок<br/><input type="text" name="t"/><br/>Комната<br/><select name="name">';
$q = @mysql_query("select * from setts where cid='$cid' AND mod='room';");
while ($dbdata = @mysql_fetch_array($q)) {
echo '<option value="'.$dbdata['var'].'">'.$dbdata['val1'].'</option>'; }
echo '</select><br/><anchor>Изменить<go href="vip.php?act=update&id='.$id.'&pass='.$pass.'&cid='.$cid.'&mod=title" method="post"><postfield name="name" value="$(name)"/><postfield name="t" value="$(t)"/></go></anchor>';
} else {
$t=htmlspecialchars(stripslashes(trim(substr($t,0,25))));
if(@mysql_query("update setts set val2='$t' where cid='$cid' AND var='$name' and mod='room';")) echo 'Заголовок изменён!';
}
break;
//
default:
echo "[Комнаты]:<br/>";
echo "<a href=\"vip.php?id=$id&pass=$pass&mod=title&cid=$cid&ref=$ref\">Изменить заголовок</a><br/>";
echo "<br/>[Пользователи]:<br/>";
echo "<a href=\"vip.php?id=$id&pass=$pass&mod=kick&cid=$cid&ref=$ref\">Пнуть</a><br/>";
echo "<a href=\"vip.php?id=$id&pass=$pass&mod=mmeet&cid=$cid&ref=$ref\">Добавить встречу</a><br/>";
echo "<a href=\"vip.php?id=$id&pass=$pass&mod=dmeet&cid=$cid&ref=$ref\">Удалить встречу</a><br/><br/>";
echo "<a href=\"enter.php?id=$id&pass=$pass&cid=$cid&ref=$ref\">.:Прихожая</a><br/>";
list($msec,$sec)=explode(chr(32),microtime());
echo "[".round(($sec+$msec)-$HeadTime,4)."]";
break;
}
if($mod) {
echo "<br/><a href=\"vip.php?id=$id&pass=$pass&cid=$cid&ref=$ref\">VIP-panel</a><br/>";
echo "<a href=\"enter.php?id=$id&pass=$pass&cid=$cid&ref=$ref\">Прихожая</a><br/>";
list($msec,$sec)=explode(chr(32),microtime());
echo "[".round(($sec+$msec)-$HeadTime,4)."]";
}
}
?>
</p>
</card>
</wml>
<?
mysql_close($connt);
?>