Файл: info.php
Строк: 234
<?php
require '../sid.php';
require '../config.php';
$link = connect_db();
list($user, $id, $ps) = check_login($link);
whorm(0, 'fo');
include '../head.php';
include '../navigator.php';
echo $div_title . 'Зона обмена / Файл' . $div_end . $div_left;
$i = my_int($_GET['i']);
$adult = ($user['adult'] == 1) ? '' : "`xxx` = '0' AND";
$file = mysql_query("SELECT * FROM `fo_files` WHERE $adult `id` = '$i' AND `moder` = '0' LIMIT 1");
if (mysql_num_rows($file) == FALSE) {
err('Такого файла не существует!');
} else {
$info = mysql_fetch_assoc($file);
if ($user['adult'] == 0 && $info['xxx'] == 1) {
echo $div_title . 'Стоп!' . $div_end;
err('Данный файл содержит эротический характер!<br/>Вы можете включить отображение этих файлов в настройках.');
include '../foot.php';
exit();
}
// положительный голос
if (isset($_GET['like']))
{
$prv = mysql_query("SELECT `id` FROM `rating_files` WHERE `uid` = '$i' AND `who` = '$user[id]' LIMIT 1");
if (mysql_num_rows($prv) != FALSE) {
err('Вы уже голосовали!');
} else {
mysql_query("INSERT INTO `rating_files` SET `uid` = '$i', `who` = '$user[id]', `like` = '1'");
msg('Ваш голос принят!');
}
}
// отрицательный голос
if (isset($_GET['dlike']))
{
$prv = mysql_query("SELECT `id` FROM `rating_files` WHERE `uid` = '$i' AND `who` = '$user[id]' LIMIT 1");
if (mysql_num_rows($prv) != FALSE) {
err('Вы уже голосовали!');
} else {
mysql_query("INSERT INTO `rating_files` SET `uid` = '$i', `who` = '$user[id]', `dlike` = '1'");
msg('Ваш голос принят!');
}
}
if (!empty($info['parol']) && my_int($_REQUEST['parol']) != $info['parol'] && !isset($_SESSION["parol$i"])) {
$_SESSION['parol$i'] = '';
if (isset($_POST['ok_pass']) && my_int($_REQUEST['parol']) != $info['parol']) {
err('Пароль неверный!');
} else {
err('Файл защищен паролем!');
}
if ($user['level'] == 1 || $user['level'] == 4 || $user['level'] == 5) {
echo '<span class="color:#FF0000;">Пароль: ' . $info['parol'] . '</span>' . $block;
}
echo '<fieldset>
<FORM method="POST" action="info.php?i='.$i.'">
<label>Введите пароль:</label><br/>
<input type="text" name="parol"/>
<br/>
<input type="submit" name="ok_pass" value="Войти"/>
</FORM>
</fieldset>
<a href="'.$_SERVER['HTTP_REFERER'].'">Назад</a>';
include '../foot.php';
exit();
} else {
$_SESSION["parol$i"] = my_int($_REQUEST['parol']);
}
echo $div_tworazdel . date('d.m.Y') . ' ' . date('H:i', $info['time']) . $div_end;
#######################
$ext = strtolower(end(explode('.', $info['url'])));
if ($ext == '3gp') $format = '<img src="img/3gp.gif" alt="*"/> ';
elseif ($ext == 'avi') $format = '<img src="img/avi.gif" alt="*"/> ';
elseif ($ext == 'gif') $format = '<img src="img/gif.gif" alt="*"/> ';
elseif ($ext == 'jpg') $format = '<img src="img/jpg.gif" alt="*"/> ';
elseif ($ext == 'mp3') $format = '<img src="img/mp3.gif" alt="*"/> ';
elseif ($ext == 'zip') $format = '<img src="img/zip.gif" alt="*"/> ';
elseif ($ext == 'jar') $format = '<img src="img/jar.gif" alt="*"/> ';
else $format = '<img src="img/unknown.gif" alt="*"/> ';
#######################
$opis = (!empty($info['info'])) ? $info['info'] : 'Без описания';
$xxx = ($info['xxx'] == 1) ? ' <b><span class="color: #FF0000;">+18</span></b>' : '';
$size = filesize($info['url']);
$size = get_size($size);
if ($ext == 'jar') {
require_once 'pclzip.lib.php';
$file = $info['url'];
$jar = new PclZip($file);
$mf = 'META-INF/MANIFEST.MF';
$jad = $jar->extract(PCLZIP_OPT_BY_NAME, $mf, PCLZIP_OPT_EXTRACT_AS_STRING);
$jad = $jad[0]['content'];
$jad .= "nMIDlet-Jar-Size: ".get_size(filesize($file))."nMIDlet-Jar-URL: $file";
$title = explode('.', $info['url']);
file_put_contents($title[0] . '.jad', 'files/game/' . $jad);
} elseif ($ext == 'jad') {
require_once 'pclzip.lib.php';
$file = $info['url'];
$jar = new PclZip($file);
$mf = 'META-INF/MANIFEST.MF';
$jad = $jar->extract(PCLZIP_OPT_BY_NAME, $mf, PCLZIP_OPT_EXTRACT_AS_STRING);
$jad = $jad[0]['content'];
$jad .= "nMIDlet-Jar-Size: ".get_size(filesize($file))."nMIDlet-Jar-URL: $file";
$title = explode('.', $info['url']);
file_put_contents($title[0] . '.jar', 'files/game/' . $jad);
}
if ($ext == 'png' || $ext == 'gif' || $ext == 'jpg' || $ext == 'jpeg' || $ext == 'bmp') {
$prev = '<br/><img src="../resize.php?img=fo/'.$info['url'].'&width='.$user['onp_prevs'].'&height=0&i=0" alt="*"/>';
}
if (($ext == 'avi' || $ext == 'flv' || $ext == 'swf' || $ext == 'mp4') && (
!$h_ua ||
strpos($h_ua, 'windows') !== false ||
strpos($h_ua, 'linux') !== false ||
strpos($h_ua, 'bsd') !== false ||
strpos($h_ua, 'x11') !== false ||
strpos($h_ua, 'unix') !== false ||
strpos($h_ua, 'macintosh') !== false ||
strpos($h_ua, 'macos') !== false))
{
$prev = '<br/><object type="application/x-shockwave-flash" data="flvplayer.swf" height="137" width="245">
<param name="bgcolor" value="#b4c8e9"/>
<param name="allowFullScreen" value="true"/>
<param name="allowScriptAccess" value="always"/>
<param name="movie" value="flvplayer.swf"/>
<param name="FlashVars" value="way='.$info['url'].'&swf=flvplayer.swf&w=300&h=400&pic=ffmpeg.php?file='.$info['url'].'&autoplay=0&tools=1&skin=black&volume=70&q=&comment=" />
</object><br/>';
}
if ($ext == '3gp' && extension_loaded('ffmpeg')) {
$prev = '<br/><img src="ffmpeg.php?fid='.$info['url'].'" alt="preview"/>';
}
if ($ext == 'nth' || $ext == 'thm') {
$prev = '<br/><img src="theme.php?i='.$i.'" alt=""/>';
}
if ($ext == 'mp3') {
echo '<script type="text/javascript" src="audio-player.js"></script>
<script type="text/javascript">
AudioPlayer.setup
(
"player.swf",
{
width:"320",
animation:"yes",
encode:"no",
initialvolume:"70",
remaining:"yes",
noinfo:"no",
buffer:"5",
checkpolicy:"no",
rtl:"no",
bg:"064a91",
text:"000000",
leftbg:"064a91",
lefticon:"fee300",
volslider:"fee300",
voltrack:"ffffff",
rightbg:"064a91",
rightbghover:"064a91",
righticon:"fee300",
righticonhover:"fee300",
track:"FFFFFF",
loader:"fee300",
border:"D2F0FF",
tracker:"fee300",
skip:"ff284b",
pagebg:"064a91",
transparentpagebg:"yes"
}
);
</script><p id="audioplayer_1">Alternative content</p>
<script type="text/javascript">
AudioPlayer.embed
(
"audioplayer_1",
{
soundFile: "' . $info['url'] . '",
titles: "",
artists: "",
autostart: "no"
}
);
</script><br/>';
include 'classAudioFile.php';
$AF = new AudioFile;
$AF->loadFile($info['url']);
$AF->printSampleInfo();
}
$_num_z = mysql_result(mysql_query("SELECT COUNT(*) FROM `fav` WHERE `sec` = '2' AND `uid` = '$info[id]' LIMIT 1"), 0);
// скачивание
if (isset($_GET['download'])) {
mysql_query("UPDATE `fo_files` SET `clicks` = `clicks` + '1' WHERE `id` = '$info[id]' LIMIT 1");
//////////////
if ($ext == 'jpg' || $ext == 'png' || $ext == 'bmp' || $ext == 'jpeg' || $ext == 'ico' || $ext == 'iso' || $ext == 'imy' || $ext == 'wbmp') {
// Скачка картинки с наложением копирайта
header('Location: ../copy.php?img='.base64_encode('fo/'.$info['url']).'&i='.base64_encode(0));
}
elseif ($ext == 'jar' || $ext == 'jad') {
$_url = end(explode('.', $info['url']));
// Скачать: JAR | JAD
$_url = strtolower(strrchr($info['url'], '/'));
$_url2 = substr($_url, 1, -4);
#exit($_url2 . '.jar');
if (isset($_GET['jar'])) header('Location: files/game/' . $_url2 . '.jar');
elseif (isset($_GET['jad'])) header('Location: files/game/' . $_url2 . '.jad');
else err('Ошибка!');
}
else
{
// остальная скачка
header('Location: ' . $info['url']);
}
//////////////
}
if ($ext == 'jar' || $ext == 'jad') {
$_down = 'Скачать:(' . $size . ') <a href="info.php?download&i='.$i.'&jar">JAR</a> | <a href="info.php?download&i='.$i.'&jad">JAD</a>';
} else {
$_down = '<a href="info.php?download&i='.$i.'">Скачать(' . $size . ')</a>';
}
echo $div_tworazdel . $format . $info['title'] . $xxx . $prev . '
' . $block . $opis . $div_razdel . '
<img src="../ico/fav.gif" alt=""/> <a href="../fav.php?do=add&cat=2&f='.$info['id'].'">Добавить в закладки</a><br/>
В закладках у: <a href="../fav.php?do=view_files&u='.$info['id'].'">(' . $_num_z . ')</a> чел
' . $div_end . $div_tworazdel . '
<img src="../ico/d.gif" alt=""/> ' . $_down . '
<br/>
Скачан: ' . $info['clicks'] . plural($info['clicks'], ' раз', ' раза', ' раз') . '
' . $div_end;
// Голосование //
$i_vote = mysql_query("SELECT `id` FROM `rating_files` WHERE `uid` = '$i' AND `who` = '$user[id]' LIMIT 1");
if (mysql_num_rows($i_vote) == FALSE) {
echo 'Голосовать: <a href="info.php?i='.$i.'&like">
<img src="../ico/plus.gif" alt="+"/></a>
<a href="info.php?i='.$i.'&dlike">
<img src="../ico/minus.gif" alt="-"/></a>';
} else {
$like = mysql_fetch_assoc(mysql_query("SELECT SUM(`like`) AS t, SUM(`dlike`) AS c FROM `rating_files` WHERE `uid` = '$i'"));
echo '<img src="../ico/plus.gif" alt="+"/> ' . $like['t'] . ' |
<img src="../ico/minus.gif" alt="-"/> ' . $like['c'];
}
// Голосование //
echo $block . $div_tworazdel . '
Добавил: ' . us($info['author']) . $div_end;
if (isset($_GET['del'])) {
$del = my_int($_GET['del']);
$empt = mysql_query("SELECT `id` FROM `fo_komm` WHERE `id` = '$del' LIMIT 1");
if (mysql_num_rows($empt) != FALSE && $user['level'] == 1 || $user['level'] == 4 || $user['level'] == 5) {
mysql_query("DELETE FROM `fo_komm` WHERE `id` = '$del' LIMIT 1");
header('Location: info.php?i=' . $i);
} else {
header('Location: info.php?i=' . $i);
}
}
$koms = mysql_result(mysql_query("SELECT COUNT(*) FROM `fo_komm` WHERE `uid` = '$i'"), 0);
if ($koms != FALSE) {
echo $div_razdel . 'Комментарии:' . $div_end;
$num_kom = (!empty($_SESSION['us'])) ? $user['onp_comments'] : 10;
$n = new navigator($koms, $num_kom, '?i='.$i.'&');
$_in = mysql_query("SELECT * FROM `fo_komm` WHERE `uid` = '$i' ORDER BY `id` DESC {$n->limit}");
$dv = 0;
while($q = mysql_fetch_assoc($_in)) {
$otv = ' <a href="info.php?i='.$i.'&k='.$q['user'].'">[*]</a>';
if ($user['level'] == 1 || $user['level'] == 4 || $user['level'] == 5) {
$dk = '<a href="info.php?i='.$i.'&del='.$q['id'].'"><img src="../ico/delete.gif" alt="x"/></a> ';
}
echo ($dv ++ % 2) ? $div_tworazdel : $div_razdel;
echo $dk . us($q['user']) . $otv . '<br/>' . $q['date'] . '<br/>' . smiles(bb_code($q['msg'])) . $div_end;
}
echo $n->navi();
} else {
echo $div_razdel . 'Комментарии отсутствуют.' . $div_end;
}
if (isset($_POST['addkom'])) {
$mes = trim(mysql_real_escape_string(check($_POST['mes'])));
if (empty($mes)) {
err('Не заполнен комментарий!');
} else {
// Антиреклама
$_ant = mysql_fetch_assoc(mysql_query("SELECT `on_rekl`, `text_rekl` FROM `setting` WHERE `ids` = '1'"));
if ($_ant['on_rekl'] == 1) {
$ex = explode(',', file_get_contents('../domains.dat'));
foreach($ex as $value) {
if ($user['level'] != 4 && $user['level'] != 5 && !preg_match('/[url=http://(.*)[/url]/si', $mes)) {
$mes = preg_replace("/(.*)(s|,|.|*|_|-|+)+$value/si", $_ant['text_rekl'], $mes);
}
}
}
// транслит
if ($user['translit'] == 1) {
$mes = trun_to_rus($mes);
}
// антимат
$ant = mysql_fetch_array(mysql_query("SELECT `antimat` FROM `setting` WHERE `ids` = '1'"));
$mes = ($ant[0] == 1) ? mat($mes) : $mes;
if (isset($_POST['komu']) && user_inf(my_int($_POST['komu']), 'comm_files') == 1 && my_int($_POST['komu']) != $user['id']) {
$message = us($user['id']) . ' ответил на Ваш комментарий к <a href="fo/info.php?i='.$i.'">файлу</a>!';
mysql_query("INSERT INTO `lenta` SET
`user` = '" . my_int($_POST['komu']) . "',
`text` = '$message',
`type` = 'comments',
`date` = '" . time() . "',
`read` = '1'");
}
elseif (user_inf($info['author'], 'comm_files') == 1 && $info['author'] != $user['id']) {
$message = us($user['id']) . ' оставил комментарий к Вашему <a href="fo/info.php?i='.$i.'">файлу</a>!';
mysql_query("INSERT INTO `lenta` SET
`user` = '$info[author]',
`text` = '$message',
`type` = 'comments',
`date` = '" . time() . "',
`read` = '1'");
}
mysql_query("INSERT INTO `fo_komm` SET
`msg` = '$mes',
`uid` = '$i',
`user` = '$user[id]',
`date` = '" . date('d.m.y H:i') . "'");
header('Location: info.php?&i=' . $i);
}
}
$Komu = (isset($_GET['k'])) ? user_inf(my_int($_GET['k']), 'user') . ', ' : '';
echo '<FORM method="POST" action="info.php?i='.$i.'">
<fieldset>
<label><b>Комментарий:</b></label><br/>
<label>Вставить <a href="../faq.php?do=smile">[смайлы]</a>
<a href="../faq.php?do=bb">[бб-коды]</a></label>
<br/>
<textarea name="mes" cols="50" rows="5" style="width: 99%;">' . $Komu . '</textarea>
<br/>
<input type="hidden" name="komu" value="' . my_int($_GET['k']) . '"/>
<input type="submit" name="addkom" value="Добавить"/>
</fieldset>
</FORM>';
}
echo $div_end;
include '../foot.php';
?>