Файл: CMS/core/inc.php
Строк: 143
<?php
if (!defined('CMS')) { die('Access Denied!'); }
require_once(dirname(__FILE__) . '/init.php');
if (!empty($config['allow_cookies'])) {
if (!isset($_SESSION[SP]['log']) && !isset($_SESSION[SP]['par'])) {
if (!empty($_COOKIE[CP]['cooklog']) && !empty($_COOKIE[CP]['cookpar']) && !empty($_COOKIE[CP]['cookip'])) {
$unlog = check(xoft_decode($_COOKIE[CP]['cooklog'], $config['key']));
$unpar = xoft_decode($_COOKIE[CP]['cookpar'], $config['key']);
$usip = substr(str_replace('.', '', $_SERVER['REMOTE_ADDR']), 0, 5);
if ($usip == $_COOKIE[CP]['cookip']) {
//session_regenerate_id(1);
$_SESSION[SP]['log'] = $unlog;
$_SESSION[SP]['par'] = $unpar;
$_SESSION[SP]['uip'] = $usip;
$_SESSION['token'] = random_string(6);
$db->query( "UPDATE ?_users SET `users_visits` = (`users_visits` + 1), `users_timelastlogin` = ?
WHERE `users_login` = ? LIMIT 1;", SITE_TIME, $unlog );
}
}
}
}
# Авторизация
if (!empty($_SESSION[SP]['log']) && !empty($_SESSION[SP]['par']) && !empty($_SESSION[SP]['uip'])) {
$log = check($_SESSION[SP]['log']);
$usip = substr(str_replace('.', '', $_SERVER['REMOTE_ADDR']), 0, 5);
$uset = $db->selectRow("SELECT `u`.*, `v`.*
FROM ?_users `u` LEFT JOIN ?_users_visit `v`
ON `u`.`users_login` = `v`.`visit_user`
WHERE `u`.`users_login` = ? LIMIT 1;", $log);
if (!empty($uset) && $usip == $_SESSION[SP]['uip']) {
if ($_SESSION[SP]['log'] == $uset['users_login'] && md5($_SESSION[SP]['par']) == $uset['users_pass']) {
$is_logged = 1;
$log = $uset['users_login'];
/* Переопределение глобальных настроек */
$uset['uid'] = num($uset['users_id']);
$config['themes'] = !empty($_SESSION[SP]['themes']) ? $_SESSION[SP]['themes'] : $uset['users_themes'];
$config['chat_num'] = num($uset['users_guest_num']); # Вывод сообщений в чате
$config['guest_num'] = num($uset['users_guest_num']); # Вывод сообщений в гостевой
$config['news_num'] = num($uset['users_guest_num']); # Новостей на страницу
$config['blog_num'] = num($uset['users_guest_num']); # Блогов на страницу
$config['post_num'] = num($uset['users_posts_num']); # Вывод сообщение в форуме
$config['themes_num'] = num($uset['users_themes_num']); # Вывод тем в форуме
$config['photos_num'] = num($uset['users_files_num']); # Фото на страницу
$config['battle_num'] = num($uset['users_files_num']); # Фото на страницу
$config['files_num'] = num($uset['users_files_num']); # Файлов на страницу
$config['privat_num'] = num($uset['users_privat_num']); # Вывод писем в привате
$config['ignor_num'] = num($uset['users_privat_num']); # Вывод юзеров в игноре
$config['contact_num'] = num($uset['users_privat_num']); # Вывод юзеров в контактах
$config['user_list'] = num($uset['users_privat_num']); # Вывод юзеров в списке юзеров :)
$config['comm_num'] = num($uset['users_comm_num']); # Комментов на страницу
$config['time_zone'] = $uset['users_timezone']; # Временной сдвиг
$_SESSION[SP]['themes'] = $config['themes'];
/* Дайджест */
//$db->query("INSERT INTO ?_users_visit (`visit_user`, `visit_self`, `visit_ip`, `visit_nowtime`) VALUES (?, ?, ?, ?) ON DUPLICATE KEY UPDATE `visit_self` = ?, `visit_ip` = ?, `visit_count` = ?, `visit_nowtime` = ?;", $log, $php_self, $ip, SITE_TIME, $php_self, $ip, $_SESSION['counton'], SITE_TIME);
$parse = parse_url($_SERVER['REQUEST_URI']);
if (!empty($uset['visit_id'])) {
$lifetime = SITE_TIME - $uset['visit_nowtime'];
if ($lifetime > 5 && $lifetime < 300 && $_SESSION['counton'] < 300) {
$db->query("UPDATE ?_users_visit SET `visit_path` = ?, `visit_ip` = ?, `visit_count` = ?, `visit_allcount` = (`visit_allcount` + 1), `visit_nowtime` = ?, `visit_alltime` = (`visit_alltime` + ?) WHERE `visit_user` = ? LIMIT 1;", $parse['path'], $ip, $_SESSION['counton'], SITE_TIME, $lifetime, $log);
}
else {
$db->query("UPDATE ?_users_visit SET `visit_path` = ?, `visit_nowtime` = ? WHERE `visit_user` = ? LIMIT 1;", $parse['path'], SITE_TIME, $log);
}
}
else {
$db->query("INSERT INTO ?_users_visit SET `visit_user` = ?, `visit_path` = ?, `visit_ip` = ?, `visit_nowtime` = ?", $log, $parse['path'], $ip, SITE_TIME);
}
}
}
}
$uid = 1;
# лидер дня
$themes['lider'] = '';
if (!empty($config['lider_allow'])) {
if (@file_exists(ROOTPATH . '/core/lider/' . date('dmy') . '.dat')) {
$lider = @file_get_contents(ROOTPATH . '/core/lider/' . date('dmy') . '.dat');
if (!empty($lider)) $themes['lider'] = $lider;
}
}
# Диз сайта
if (!empty($_REQUEST['action_skin_change'])) {
$skins = check($_REQUEST['action_skin_change']);
if (preg_match('|^[a-z0-9_-]+$|i', $skins)) {
if (file_exists(THEMES_PATH . $skins . '/index.php')) {
unset($_SESSION[SP]['themes']);
$config['themes'] = $skins;
$_SESSION[SP]['themes'] = $config['themes'];
}
}
$inSes->addMessage('Тема успешно изменена!', 'ok');
}
else if (!empty($_SESSION[SP]['themes'])) {
$config['themes'] = $_SESSION[SP]['themes'];
}
else if (!empty($uset['users_themes'])) {
if (file_exists(THEMES_PATH . $uset['users_themes'] . '/index.php')) {
$config['themes'] = $uset['users_themes'];
}
}
$_SESSION[SP]['themes'] = $config['themes'];
define('THEMES_DIR', $config['site_url'] . '/themes/' . $config['themes']);
if (!is_file(THEMES_PATH . $config['themes'] . '/form.php')) {
require_once( THEMES_PATH . 'default/form.php' );
}
else {
require_once( THEMES_PATH . $config['themes'] . '/form.php' );
}
/* Подключаем шапку и ноги */
if (!is_file(THEMES_PATH . $config['themes'] . '/index.php')) {
require_once( THEMES_PATH . 'default/index.php' );
$_SESSION[SP]['themes'] = 'x-sto';
}
else {
require_once( THEMES_PATH . $config['themes'] . '/index.php' );
}
/* Подключаем настройки тем по умолчанию */
//require_once(dirname(__FILE__) . '/themes.php');
?>