Файл: cron/ini.php
Строк: 116
<?php
/*
- - - - -
DATABASE SERVER LINEWAP2
- - - - -
*/
$db_host = "localhost";
$db_user = "byu292_byunnamed";
$db_table = "byu292_l2mo";
$db_pass = "byunnamedl2";
function bb_code($message){
$modified = strtr($message, array(
'[b]'=>'<b>',
'[/b]'=>'</b>',
'[u]'=>'<u>',
'[/u]'=>'</u>',
'[i]'=>'<i>',
'[/i]'=>'</i>',
'[br]'=>'<br>',
'[/br]'=>'</br>',
));
return $modified;
}
function replase_smile($variables){
$modified = strtr($variables, array(
':acute:'=>'<img src="web/pic/smiles/acute.gif"/>',
':aggressive:'=>'<img src="web/pic/smiles/aggressive.gif"/>',
':agree:'=>'<img src="web/pic/smiles/agree.gif"/>',
':air_kiss:'=>'<img src="web/pic/smiles/air_kiss.gif"/>',
':angel:'=>'<img src="web/pic/smiles/angel.gif"/>',
':bad:'=>'<img src="web/pic/smiles/bad.gif"/>',
':beack:'=>'<img src="web/pic/smiles/beach.gif"/>',
':beee:'=>'<img src="web/pic/smiles/beee.gif"/>',
':beta:'=>'<img src="web/pic/smiles/beta.gif"/>',
':blush:'=>'<img src="web/pic/smiles/blush.gif"/>',
':big_boss:'=>'<img src="web/pic/smiles/big_boss.gif"/>',
':black_eye:'=>'<img src="web/pic/smiles/black_eye.gif"/>',
':blum2:'=>'<img src="web/pic/smiles/blum2.gif"/>',
':blum3:'=>'<img src="web/pic/smiles/blum3.gif"/>',
':blush2:'=>'<img src="web/pic/smiles/blush2.gif"/>',
':boast:'=>'<img src="web/pic/smiles/boast.gif"/>',
':boredom:'=>'<img src="web/pic/smiles/boredom.gif"/>',
':censored:'=>'<img src="web/pic/smiles/censored.gif"/>',
':brunette:'=>'<img src="web/pic/smiles/brunette.gif"/>',
':clapping:'=>'<img src="web/pic/smiles/clapping.gif"/>',
':comando:'=>'<img src="web/pic/smiles/comando.gif"/>',
':curtsey:'=>'<img src="web/pic/smiles/curtsey.gif"/>',
':dance:'=>'<img src="web/pic/smiles/dance.gif"/>',
':dance2:'=>'<img src="web/pic/smiles/dance2.gif"/>',
':dance3:'=>'<img src="web/pic/smiles/dance3.gif"/>',
':dance4:'=>'<img src="web/pic/smiles/dance4.gif"/>',
':diablo:'=>'<img src="web/pic/smiles/diablo.gif"/>',
':drinks:'=>'<img src="web/pic/smiles/drinks.gif"/>',
':flirt:'=>'<img src="web/pic/smiles/flirt.gif"/>',
':friends:'=>'<img src="web/pic/smiles/friends.gif"/>',
':girl_blum:'=>'<img src="web/pic/smiles/girl_blum.gif"/>',
':girl_cray:'=>'<img src="web/pic/smiles/girl_cray.gif"/>',
':girl_dance:'=>'<img src="web/pic/smiles/girl_dance.gif"/>',
':give_heart:'=>'<img src="web/pic/smiles/give_heart.gif"/>',
':good:'=>'<img src="web/pic/smiles/good.gif"/>',
':heat:'=>'<img src="web/pic/smiles/heat.gif"/>',
':help:'=>'<img src="web/pic/smiles/help.gif"/>',
':hi:'=>'<img src="web/pic/smiles/hi.gif"/>',
':hysteric:'=>'<img src="web/pic/smiles/hysteric.gif"/>',
':kiss:'=>'<img src="web/pic/smiles/kiss.gif"/>',
'lazy::'=>'<img src="web/pic/smiles/lazy.gif"/>',
':mda:'=>'<img src="web/pic/smiles/mda.gif"/>',
':meeting:'=>'<img src="web/pic/smiles/meeting.gif"/>',
':moil:'=>'<img src="web/pic/smiles/moil.gif"/>',
':music:'=>'<img src="web/pic/smiles/music.gif"/>',
':new_russian:'=>'<img src="web/pic/smiles/new_russian.gif"/>',
':ok:'=>'<img src="web/pic/smiles/ok.gif"/>',
':padonak:'=>'<img src="web/pic/smiles/padonak.gif"/>',
':pardon:'=>'<img src="web/pic/smiles/pardon.gif"/>',
':party:'=>'<img src="web/pic/smiles/party.gif"/>',
':pioneer:'=>'<img src="web/pic/smiles/pioneer.gif"/>',
':rap:'=>'<img src="web/pic/smiles/rap.gif"/>',
':read:'=>'<img src="web/pic/smiles/read.gif"/>',
':rofl:'=>'<img src="web/pic/smiles/rofl.gif"/>',
':russian:'=>'<img src="web/pic/smiles/russian.gif"/>',
':sad:'=>'<img src="web/pic/smiles/sad.gif"/>',
':scare:'=>'<img src="web/pic/smiles/scare.gif"/>',
':sclerosis:'=>'<img src="web/pic/smiles/sclerosis.gif"/>',
':search:'=>'<img src="web/pic/smiles/search.gif"/>',
':secret:'=>'<img src="web/pic/smiles/secret.gif"/>',
':smoke:'=>'<img src="web/pic/smiles/smoke.gif"/>',
':sorry:'=>'<img src="web/pic/smiles/sorry.gif"/>',
':spruce_up:'=>'<img src="web/pic/smiles/spruce_up.gif"/>',
':stink:'=>'<img src="web/pic/smiles/stink.gif"/>',
':stop:'=>'<img src="web/pic/smiles/stop.gif"/>',
':superman:'=>'<img src="web/pic/smiles/superman.gif"/>',
':thank_you:'=>'<img src="web/pic/smiles/thank_you.gif"/>',
':umnik:'=>'<img src="web/pic/smiles/umnik.gif"/>',
':victory:'=>'<img src="web/pic/smiles/victory.gif"/>',
':yahoo:'=>'<img src="web/pic/smiles/yahoo.gif"/>',
':yes3:'=>'<img src="web/pic/smiles/yes3.gif"/>',
':yu:'=>'<img src="web/pic/smiles/yu.gif"/>',
));
return $modified;
}
$connect = @ mysql_pconnect($db_host, $db_user, $db_pass) or die('Нет соединенения');
@ mysql_select_db($db_table) or die('cannot connect to db');
@ mysql_query("SET NAMES 'utf8'", $connect);
##################### Класс борьбы с SQL атаками ################
class InitVars {
# Недопустимые слова в запросахINSERT
var $deny_words = array('UNION','CHAR','INSERT','DELETE','SELECT','UPDATE','GROUP','ORDER','BENCHMARK','union','char','insert','delete','select','update','group','order','benchmark');
function InitVars() {
}
# Метод конвентирует суперглобальные массивы $_POST, $_GET в перемнные
# Например : $_GET['psw'] будет переобразовано в $psw с тем же значением
function convertArray2Vars () {
foreach($_GET as $_ind => $_val) {
global $$_ind;
if(is_array($$_ind)) $$_ind = htmlspecialchars(stripslashes($_val));
}
foreach($_POST as $_ind => $_val) {
global $$_ind;
if(is_array($$_ind)) $$_ind = htmlspecialchars(stripslashes($_val));
}
}
# Метод проверяет $_GET и $_POST переменные на наличие опасных данных и SQL инъекций
function checkVars() {
//Проверка опасных данных.
foreach($_GET as $_ind => $_val) {
$_GET[$_ind] = htmlspecialchars(stripslashes($_val));
$exp = explode(" ",$_GET[$_ind]);
foreach($exp as $ind => $val) {
if(in_array($val,$this->deny_words)) $this->antihack("Запрещено!Доступ закрыт!<br> Ваш ip адресс помечен!");
}
}
foreach($_POST as $_ind => $_val) {
$_POST[$_ind] = htmlspecialchars(stripslashes($_val));
$exp = explode(" ",$_POST[$_ind]);
foreach($exp as $ind => $val) {
if(in_array($val,$this->deny_words)) $this->antihack("Запрещено!Доступ закрыт!<br> Ваш ip адресс помечен!");
}
}
}
function antihack($msg) {
echo '<font color="red"><b>Antihack error: </b></font>'.$msg.'<br>n';
die;
}
}
$stop_injection = new InitVars();
$stop_injection->checkVars();
##################### Класс борьбы с SQL атаками ################
?>