Файл: gonki.us/system/incfiles/core.php
Строк: 141
<?php
/* Быстрая вставка смайлов */
function quicksmiles(){
echo '<div class="razd4"><center>';
echo '<a href="#form" onclick="javascript:tag(' .1. ', '');"><img src="/auto/sm/1.png" alt="image" /></a> ';
echo '<a href="#form" onclick="javascript:tag(' .2. ', '');"><img src="/auto/sm/2.png" alt="image" /></a> ';
echo '<a href="#form" onclick="javascript:tag(' .3. ', '');"><img src="/auto/sm/3.png" alt="image" /></a> ';
echo '<a href="#form" onclick="javascript:tag(' .4. ', '');"><img src="/auto/sm/4.png" alt="image" /></a> ';
echo '<a href="#form" onclick="javascript:tag(' .5. ', '');"><img src="/auto/sm/5.png" alt="image" /></a> ';
echo '<a href="#form" onclick="javascript:tag(' .6. ', '');"><img src="/auto/sm/6.png" alt="image" /></a> ';
echo '<a href="#form" onclick="javascript:tag(' .7. ', '');"><img src="/auto/sm/7.png" alt="image" /></a> ';
echo '</center></div>';
}
function sm_replace ($msg)
{
$r=array('.1.','.2.','.3.','.4.','.5.','.6.','.7.');
$s=array('<img src="/auto/sm/1.png" alt="*">','<img src="/auto/sm/2.png" alt="*">','<img src="/auto/sm/3.png" alt="*">','<img src="/auto/sm/4.png" alt="*">'
,'<img src="/auto/sm/5.png" alt="*">','<img src="/auto/sm/6.png" alt="*">','<img src="/auto/sm/7.png" alt="*">');
return str_replace($r, $s, $msg);
}
/* Функция онклика для смайлов */
function quickpaste($form) {
echo '<script language="JavaScript" type="text/javascript">
function tag(text1, text2) {
if ((document.selection)) {
document.form.' . $form . '.focus();
document.form.document.selection.createRange().text = text1+document.form.document.selection.createRange().text+text2;
} else if(document.forms['form'].elements['' . $form . ''].selectionStart!=undefined) {
var element = document.forms['form'].elements['' . $form . ''];
var str = element.value;
var start = element.selectionStart;
var length = element.selectionEnd - element.selectionStart;
element.value = str.substr(0, start) + text1 + str.substr(start, length) + text2 + str.substr(start + length);
} else document.form.' . $form . '.value += text1+text2;
}
</script>';
}
function ava ($id)
{
$patch=$_SERVER['DOCUMENT_ROOT'].'/files/ava/'.$id.'.png';
if (file_exists($patch) == FALSE)
{
return '<img class="ava" src="http://'.$_SERVER['HTTP_HOST'].'/auto/noava.jpg">';
}
else
{
return '<img class="ava" src="http://'.$_SERVER['HTTP_HOST'].'/files/ava/'.$id.'.png">';
}
}
/* Вывод панели смайлов */
function panel($form){
echo '<div class="top">' . quickpaste('mes');
echo ''.quicksmiles($form). '</div>';
}
session_start();
define('GENTIME', microtime(1));
$time = time();
$copy = 'Gonki.us';
define('ROOT', $_SERVER['DOCUMENT_ROOT'].'/');
$SMSapiID = 'b64dabcb-2a8f-1514-d95c-d6d4bec83cec';
error_reporting(0);
require(ROOT.'system/incfiles/AntiHack.php');
$lq = new AntiHack;
if (isset($_GET))$_GET = $lq->filter($_GET, 'get ');
if (isset($_POST))$_POST = $lq->filter($_POST, 'post');
if (isset($_FILES))$_FILES = $lq->filter($_FILES, 'files');
if (isset($_COOKIE))$_COOKIE = $lq->filter($_COOKIE, 'cookie');
if (isset($_SERVER))$_SERVER = $lq->filter($_SERVER, 'server');
if (isset($_REQUEST))$_REQUEST = $lq->filter($_REQUEST, 'request');
unset($lq);
if (isset($_GET['_1118538408(0)']))die('Этот способ взлома больше не работает. (с) Кредитор');
require_once(ROOT.'system/incfiles/mysqli_connect.php');
require_once(ROOT.'system/incfiles/navigator.php');
if(isset($_COOKIE['uslogin']) && isset($_COOKIE['uspassword'])){
$us = $db->query("SELECT * FROM `user` WHERE `login` = '$_COOKIE[uslogin]' AND `auth` = '$_COOKIE[uspassword]' OR `number` = '$_COOKIE[uslogin]' AND `auth` = '$_COOKIE[uspassword]'");
if($us->num_rows != 0){
$user = $us->fetch_array();
$db->query("UPDATE `user` SET `online` = '$time', `on_time` = `on_time` + 1 WHERE `id` = '$user[id]'");
}else{
setcookie('uslogin', '', $time-(86400*365), '/');
setcookie('uspassword', '', $time-(86400*365), '/');
session_destroy();
}
}
function pass($var){
return md5(base64_encode('543'.$var.'0600'));
}
function user($id, $link=FALSE){
global $db;
$query=$db->query('SELECT `level`, `login`, `id` FROM `user` WHERE `id` = "'.$id.'"');
$us = $query->fetch_array();
$lvl='';
if($us['level'] == 1) $lvl = '<font color="green">[мд]</font>';
elseif($us['level'] == 2) $lvl = '<font color="green">[адм]</font>';
if ($query->num_rows > 0)
{
if ($link == FALSE)
{
return '<font color="blue"><b>'.$us['login'].'</b></font> '.$lvl;
} else {
return '<font color="blue"><a href="http://'.$_SERVER['HTTP_HOST'].'/user.php?id='.$us['id'].'"><b>'.$us['login'].'</b></font> '.$lvl;
}
} else {
return '<font color="blue"><b>Удалён!</b></font> ';
}
}
function ustime($time = NULL) {
if(!$time) $time = time();
$data = date('j.n.y', $time);
if($data == date('j.n.y')) $res = 'Сегодня в '. date('G:i', $time);
elseif($data == date('j.n.y', time() - 86400)) $res = 'Вчера в '. date('G:i', $time);
else {
$m = array('0',
'Янв', 'Фев',
'Мар', 'Апр', 'Май',
'Июн', 'Июл', 'Авг',
'Сен', 'Окт', 'Ноя',
'Дек');
$res = date('j '. $m[date('n', $time)] .' Y в G:i', $time);
}
return $res;
}
if(isset($user)){
$usauto = $db->query("SELECT * FROM `my_auto` WHERE `id` = '$user[auto]' LIMIT 1")->fetch_array();
$ustaxi = $db->query("SELECT * FROM `taxi_us` WHERE `us` = '".$user['id']."' LIMIT 1")->fetch_array();
}
require_once(ROOT.'system/incfiles/level.php');
?>