Файл: mob-lave.ru/core/set.php
Строк: 84
<?php
@ini_set('display_errors', on);
@ini_set('html_errors', false);
@ini_set('error_reporting', E_ALL ^ E_NOTICE);
// дополнительная проверка $_GET
foreach ($_GET as $check_url) {
if (!is_string($check_url) || !preg_match('#^(?:[a-z0-9_-/]+|.+(?!/))*$#i', $check_url)) {
header ('Location: /');
exit;
}
}
unset($check_url);
// ------------ Название сайта ------------- //
$set['site'] = htmlspecialchars($_SERVER['HTTP_HOST']);
define("H", $_SERVER["DOCUMENT_ROOT"].'/');
$time = time();
// ---------- Пунктов на страницу --------- //
$set['p_str'] = 10;
$timer[] = microtime(true); // Генерация
$ftime = mktime(0, 0, 0); // Полночь
$Panel = '<a href = "/moduls/info/bbcode.php"><button type="button" class="btn"> bb Теги </button></a>';
// ------ Навигация ----- //
$home = '<div id="dark" class="icon-undo2"></div> <a href="/">mob-lave</a>';
$z = ' :: ';
// БД подключение
$connect = mysql_connect('localhost','db1401252327','147963');
mysql_query('SET NAMES `utf8`', $connect);
mysql_select_db('db1401252327', $connect);
$system = mysql_fetch_assoc(mysql_query("SELECT * FROM `system`"));
// Функции движка
require_once H.'core/function/text.php';
require_once H.'core/function/obmen.php';
require_once H.'core/function/site.php';
require_once H.'core/function/user.php';
if($ftime == $time) require_once H.'core/function/cron.php'; // Крон
if (isset($_COOKIE['userlogin']) && isset($_COOKIE['userpass'])) {
$userlogin = check($_COOKIE['userlogin']);
$userpass = check($_COOKIE['userpass']);
$query = mysql_query("SELECT * FROM `$system[perfix]_users` WHERE `login` = '$userlogin' && `pass` = '$userpass' LIMIT 1");
$user = mysql_fetch_assoc($query);
mysql_query("UPDATE `$system[perfix]_users` SET `online` = '".time()."', `user_agent` = '".check($_SERVER['HTTP_USER_AGENT'])."' WHERE `id` = '".$user['id']."'"); // Онлайн
if($user['online']){ // Провел на сайте
$timeplus = (time()-$user['online'])/3;
if($timeplus < $system['online']){
mysql_query("UPDATE `$system[perfix]_users` SET `anketa_alltime` = '".($user['anketa_alltime'] + $timeplus)."' WHERE `id` = '".$user['id']."'");
} else {
mysql_query("UPDATE `$system[perfix]_users` SET `anketa_alltime` = '".($user['anketa_alltime'] + $system['online'])."' WHERE `id` = '".$user['id']."'");
}
}
if (isset($user['id'])) {
$config['onpage'] = $user['onpage'];
if ($user['login'] != $userlogin or $user['pass'] != $userpass) {
setcookie('userlogin', '', time() - 86400*31);
setcookie('userpass', '', time() - 86400*31);
}
}
}
if(isset($user['id']) && $user['id'] == 1) error_reporting(E_ALL ^ E_NOTICE);
else error_reporting(0);
// -------- Бан ------ //
if(isset($user['id']) && $_SERVER['PHP_SELF'] != '/ban.php' && $_SERVER['PHP_SELF'] != '/moduls/info/index.php'){
$ban = mysql_fetch_assoc(mysql_query("SELECT * FROM `$system[perfix]_ban` WHERE `id_user` = '$user[id]' && (`razban_time` > '$time' or `navsegda` = '1')"));
if(($ban['razban_time'] > $time or $ban['navsegda'] == 1) && isset($user['id'])) header('Location: /ban.php?u='.$user['id'].'');
}
?>