Файл: shaxty/start.php
Строк: 116
<?php
//mb_internal_encoding('UTF-8');
@error_reporting(E_ALL ^ E_NOTICE);
@ini_set('display_errors', false);
@ini_set('html_errors', false);
@ini_set('error_reporting', E_ALL ^ E_NOTICE);
@ini_set('url_rewriter.tags', '');
@ini_set('session.use_trans_sid', 1);
session_name('SID');
session_start();
$SID =@mysql_real_escape_string(session_id());
$SID=md5(rand(09009,999999));
$starttime = microtime(1);
if (version_compare(PHP_VERSION, '5.2.1') < 0) {
die('<b>Ошибка! Версия PHP должна быть 5.2.1 или выше!</b>');
}
class Debug
{
public function startTimer()
{
global $starttime;
$mtime = microtime ();
$mtime = explode (' ', $mtime);
$mtime = $mtime[1] + $mtime[0];
$starttime = $mtime;
}
public function endTimer()
{
global $starttime;
$mtime = microtime ();
$mtime = explode (' ', $mtime);
$mtime = $mtime[1] + $mtime[0];
$endtime = $mtime;
$totaltime = round (($endtime - $starttime), 5);
return $totaltime;
}
}
$debag = new Debug;
$debag->startTimer();
if (get_magic_quotes_gpc()) {
$in = array(&$_GET, &$_POST, &$_COOKIE);
while (list($k, $v) = each($in)) {
foreach ($v as $key => $val) {
if (!is_array($val)) {
$in[$k][$key] = stripslashes($val);
continue;
}
$in[] = &$in[$k][$key];
}
}
unset ($in);
if (!empty ($_FILES)) {
foreach ($_FILES as $k => $v) {
$_FILES[$k]['name'] = stripslashes((string) $v['name']);
}
}
}
$level = 0;
$folder_level = '';
while (!file_exists($folder_level.'shaxty.php') && $level < 5) {
$folder_level .= '../';
++$level;
}
unset($level);
define('H', $folder_level);
define('F', '/forum/');
define('H2', '/');
/*foreach ($_GET as $check_url) {
if (is_string($check_url) && !preg_match('#^(?:[1-9a-zA-Zа-яА-Я-@*()?!~_=[]]+(?!/))*$#i', $check_url)) {header ('Location: /index.php?err=403'.SID);exit;
}}
unset($check_url);*/
// Подключаемся к БД
$connect = @ mysql_connect(DBHOST, DBUSER, DBPASS) or die('Невозможно подключится к серверу БД!');
@ mysql_select_db(DBNAME) or die('Проблемы с БД!');
/*@ mysql_query('set charset cp1251',$connect);
@ mysql_query('SET names cp1251',$connect);
@ mysql_query('set character_set_client="cp1251"',$connect);
@ mysql_query('set character_set_connection="cp1251"',$connect);
@ mysql_query('set character_set_result="cp1251"',$connect);*/
mysql_query("SET NAMES 'utf8'");
mysql_query("SET character_set_client='utf8'");
mysql_query("SET character_set_connection='utf8'");
mysql_query("SET character_set_results='utf8'");
###
$agn = mysql_real_escape_string(htmlentities(substr($_SERVER['HTTP_USER_AGENT'], 0, 100), ENT_QUOTES));
require_once H.'shaxty/ip.php';
$ipinit = new ipinit();
$ipl = $ipinit->ip;
$ipp = long2ip($ipl);
unset ($ipinit);
// Дата и время
date_default_timezone_set('Europe/Moscow');
$realtime = $_SERVER['REQUEST_TIME'] + $sdvigclock * 3600;
$time = $realtime;
$mon = date("m", $realtime);
if (substr($mon, 0, 1) == 0) {
$mon = str_replace("0", "", $mon);
}
$day = date("d", $realtime);
if (substr($day, 0, 1) == 0) {
$day = str_replace("0", "", $day);
}
$mesyac = array(1 => "января", "февраля", "марта", "апреля", "мая", "июня", "июля", "августа", "сентября", "октября", "ноября", "декабря");
// Проверка переменных
function check($str) {
$str = htmlentities(trim($str), ENT_QUOTES, 'UTF-8');
$str = nl2br($str);
$str = strtr($str, array (chr(0)=> '',chr(1)=> '',chr(2)=> '',chr(3)=> '',chr(4)=> '',chr(5)=> '',chr(6)=> '',chr(7)=> '',chr(8)=> '',chr(9)=> '',chr(10)=> '',chr(11)=> '',chr(12)=> '',chr(13)=> '',chr(14)=> '',chr(15)=> '',chr(16)=> '',chr(17)=> '',chr(18)=> '',chr(19)=> '',chr(20)=> '',chr(21)=> '',chr(22)=> '',chr(23)=> '',chr(24)=> '',chr(25)=> '',chr(26)=> '',chr(27)=> '',chr(28)=> '',chr(29)=> '',chr(30)=> '',chr(31)=> ''));
$str = str_replace("'", "'", $str);
$str = str_replace('\', "\", $str);
$str = str_replace("|", "I", $str);
$str = str_replace("||", "I", $str);
$str = str_replace("/\$/", "$", $str);
$str = mysql_real_escape_string($str);
$str = strtr($str, array(''=>'', ''=>'', ''=>''));
/*$str = iconv('utf-8', 'windows-1251', $str);
$str = iconv('windows-1251', 'utf-8', $str);*/
return $str;
}
function check2($str) {
// Проверка переменных
if (function_exists('iconv')) $str = iconv("UTF-8", "UTF-8", $str);
$str = preg_replace('/[^P{C}n]+/u', '', $str);
return htmlentities(trim($str), ENT_QUOTES, 'UTF-8');
}
// Получаем основные переменные
$id = isset ($_REQUEST['id']) ? check(trim($_REQUEST['id'])) : false;
$m = isset ($_REQUEST['m']) ? abs(intval($_REQUEST['m'])) : false;
$page = isset ($_REQUEST['page']) ? check($_REQUEST['page']) : false;
$start = isset ($_REQUEST['start']) ? abs(intval($_REQUEST['start'])) : 0;
$act = isset ($_REQUEST['act']) ? trim($_REQUEST['act']) : '';
$action = isset ($_REQUEST['action']) ? trim($_REQUEST['action']) : '';
$mod = isset ($_REQUEST['mod']) ? trim($_REQUEST['mod']) : '';
$do = isset ($_REQUEST['go']) ? trim($_REQUEST['go']) : '';
$_SERVER['HTTP_HOST'] = str_replace('www.', '', $_SERVER['HTTP_HOST']);
mysql_query("DELETE FROM `rekl` WHERE `time_off` < '$time'");
if((mysql_result(mysql_query("select count(*) as num from `tema` WHERE `time_off` < '$time'"),0)!=0)){
$r = mysql_query ("Select * from `tema` WHERE `time_off` < '$time' order by `time_off` DESC LIMIT 10");
while($a = @mysql_fetch_assoc($r)){
mysql_query("UPDATE `forum_t` SET `zak` = '0' WHERE `id` = '".$a['tema']."'");
mysql_query("DELETE FROM `tema` WHERE `id` = '".$a['id']."'");
}
}
?>