Файл: rban/rban/fx/addmess.php
Строк: 105
<?
require "conf.php";
$conn=mysql_connect(my_host, my_user, my_password);
mysql_select_db(my_db, $conn);
$room=$HTTP_GET_VARS['room'];
if(isset($HTTP_GET_VARS['UIN']))
{
$UIN=$HTTP_GET_VARS['UIN'];
}
else
{
$UIN="Guest";
}
$UINmd5=$UIN;
$sql=("select `pass` from `index` where id='$UIN'");
$res=mysql_query($sql);
$row=mysql_fetch_object($res);
$alk=$row->id;
$banned=$row->banned;
$stringer=$row->setting_string;
if ($pass!=$row->pass)
{
$UIN="Guest";
}
if(isset($HTTP_GET_VARS['pass']))
{
$pass=$HTTP_GET_VARS['pass'];
}
else
{
$pass="Guest";
}
if ($banned==0)
{
if ($stringer==0)
{
$url="readmess.php?UIN=$UINmd5&pass=$pass&topic=$id&room=$room";
header ("Location: $url");
}
}
header("Content-Type: text/vnd.wap.wml");
header("Cache-Control: no-cache");
echo "<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">";
$sql=("select `pass` from `index` where id='$UIN'");
$res=mysql_query($sql);
$row=mysql_fetch_object($res);
$alk=$row->id;
if ($pass!=$row->pass)
{
$UIN="Guest";
}
$room=$HTTP_GET_VARS['room'];
$nick=$HTTP_GET_VARS['nick'];
echo "<wml>
<card ontimer="readmess.php?UIN=$UINmd5&pass=$pass&topic=$id&room=$room" id="writeadd" title="Написать">
<timer value="10"/>
<p align="center">";
if ($UIN=="Guest")
{
echo "Oшибкa!<br/>
<a href="../index.php">Главная</a><br/>";
}
elseif ($UIN=="Inferno")
{
echo '?';
}
else
{
function encoding2($s)
{
$len = strlen($s);
if($len<1) return '';//if emty string return
$pos = 0;
$newlen = 0;
$ret = '';
$to = array(
128,129,130,131,132,133,134,135,136,137,138,139,140,141,
142,143,144,145,146,147,148,149,150,151,153,154,155,156,
157,158,159,160,161,162,163,164,165,166,167,168,169,170,
171,172,173,174,175,176,177,178,179,180,181,182,183,184,
185,186,187,188,189,190,191,192,193,194,195,196,197,198,
199,200,201,202,203,204,205,206,207,208,209,210,211,212,
213,214,215,216,217,218,219,220,221,222,223,224,225,226,
227,228,229,230,231,232,233,234,235,236,237,238,239,240,
241,242,243,244,245,246,247,248,249,250,251,252,253,254,
255,32);
$from = array(
1026,1027,8218,1107,8222,8230,8224,8225,8364,8240,1033,8249,
1034,1036,1035,1039,1106,8216,8217,8220,8221,8226,8211,8212,
8482,1113,8250,1114,1116,1115,1119,160,1038,1118,1032,164,
1168,166,167,1025,169,1028,171,172,173,174,1031,176,177,1030,
1110,1169,181,182,183,1105,8470,1108,187,1112,1029,1109,1111,
1040,1041,1042,1043,1044,1045,1046,1047,1048,1049,1050,1051,
1052,1053,1054,1055,1056,1057,1058,1059,1060,1061,1062,1063,
1064,1065,1066,1067,1068,1069,1070,1071,1072,1073,1074,1075,
1076,1077,1078,1079,1080,1081,1082,1083,1084,1085,1086,1087,
1088,1089,1090,1091,1092,1093,1094,1095,1096,1097,1098,1099,
1100,1101,1102,1103,32);
while ($pos<$len) {
if (ord($s[$pos]) < 0x80) {
$ret .= $s[$pos];
$pos++;
} else {
if ( ((ord($s[$pos]) & 0xE0) == 0xC0) && ($pos < ($len-1)) ) {
$c = ( (ord($s[$pos]) & 0x1F) << 6 ) + ( ord($s[$pos+1]) &
0x3F)
;
$pos+=2;
} elseif ( ((ord($s[$pos]) & 0xF0) == 0xE0) && ($pos<($len-2)))
{
$c = (((ord($s[$pos])) & 0x0F) << 12) + ((ord($s[$pos+1]) &
0x3F
) << 6) + (ord($s[$pos+2]) & 0x3F);
$pos+=3;
} else {
$c = 0;
$pos+=4;
}
for ($i=0; $i<128; $i++) {
if ($c == $from[$i]) {
$c = $to[$i];
break;
}
}
$ret .= chr($c);
}
}
if ((ord($s[0]) == 0xEF)) {
$ret = substr($ret, 1, strlen($ret));
}
$ret=htmlspecialchars($ret);
return $ret;
}
If (!isset($_POST['text'])) {
echo "<p>Пoлyчaтeль нe yкaзaн!<br/><a href="mail_send.php?id=$id&pass=$pass">Пoвтop</a>
</p></card></wml>";
exit;
}
$message=$text;
$message=encoding2($message);
$post=$message;
if ((strpos ($message,"$") !== false)||(strpos ($message,'') !== false))
{
print "<card id="error" title="Стоп!" ontimer="serv.php"><timer value="100"/>";
print "<p align="center">";
print "<small>
Вы не имеете права на регистрацию чата по одной из причин:</small><br/>";
print "<small><b>1.</b> Вы пытаетесь пройти регистрацию с компа.</small><br/>";
print "<small><b>2.</b> Вы занесены в черный список.</small><br/>";
print "</p></card></wml>";
exit;
}
$sql= ("select `banned` from `index` where id = '$UIN'");
$result=mysql_query($sql);
$row=mysql_fetch_object($result);
$ban=$row->banned;
$truba=$row->truba;
if ($ban=="1")
{
echo "You has been banned...<br/>";
}
elseif ($truba=="WinWAP-PRO/3.1 (3.1.6.192)")
{
echo "You has been banned...<br/>";
}
else
{
$sql="select * from forum where name='$UIN' order by id Desc Limit 1";
$result=mysql_query($sql);
$row=mysql_fetch_object($result);
if ($message==$row->message)
{
print '<a href="readmess.php?UIN='.$UINmd5.'&pass='.$pass.'&id='.$id.'">Taкoe cooбщeниe yжe ecть</a><br/>';
}
else
{
$oper=getenv('REMOTE_ADDR');
$sql22=("select `site` from `index` where id='$UINmd5'");
$res22=mysql_query($sql22);
$row22=mysql_fetch_object($res22);
$site=$row22->site;
$site=translate($site);
$iddd=$row22->site;
$site=eregi_replace("http://","", $site);
$point=".";
$time =$site;
$time .=" ";
$time .=date(d);
$time .=$point;
$time .=date(m);
$time .=$point;
$time .=date(y);
$time .="-";
$dpoint=":";
$time .= date(H);
$time .=$dpoint;
$time .=date(i);
if (isset($nick))
{
$temp=$nick;
$message=$temp;
$message=encoding2($message);
$temp=$message;
$temp .=", ";
$temp .=$post;
$post=$temp;
}
$sql="insert into forum (id, name, message, date, topic, room) values (NULL, '$UIN', '$post', '$time', '$id', '$room')";
mysql_query($sql);
$sql="delete from rating where ident='$id'";
mysql_query($sql);
$sql="insert into rating (id, room, ident) values (NULL, '$room', '$id')";
mysql_query($sql);
print '<br/>
<a href="readmess.php?UIN='.$UINmd5.'&pass='.$pass.'&topic='.$id.'&room='.$room.'">OK</a><br/>';
}
}
}
print '
</p>
</card>
</wml>';
?>