Файл: system/lite_power.php
Строк: 84
<?php
if(is_dir('install') and !file_exists('system/config.php'))header('location: /install/');
defined('GCMS') or die('ОШИБКА!');
//Устанавливаем внутреннюю кодировку
mb_internal_encoding("UTF-8");
// Стартуем сессию
session_name("sid");
session_start();
define('SID',session_id());
//Путь
defined('ROOT') or define('ROOT',$_SERVER['DOCUMENT_ROOT'].'/');
$ROOT = $_SERVER['DOCUMENT_ROOT'].'/';
//Подключение к базе
include_once ROOT.'system/config.php';
include_once ROOT.'system/class/mysql.php';
$db = new mysql(DB_HOST, DB_USER, DB_PASS,DB_NAME);
if (mysqli_connect_errno()) {
die('MySQL Base no have connecting!');
}
///кодировка
$db -> set_charset('utf8');
include_once ROOT.'system/class/func.php';
$func = new func;
//IP + Browser
//получаем реальный IP
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {$ip = $db -> real_escape_string(htmlspecialchars($_SERVER['HTTP_CLIENT_IP']));}
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){$ip = $db -> real_escape_string(htmlspecialchars($_SERVER['HTTP_X_FORWARDED_FOR']));
}else{$ip = $_SERVER['REMOTE_ADDR'];}
//получаем браузер
if (isset($_SERVER['HTTP_X_OPERAMINI_PHONE_UA'])) {
$browser = $db -> real_escape_string(htmlentities($_SERVER['HTTP_X_OPERAMINI_PHONE_UA']));}
else{$browser = $db -> real_escape_string(htmlentities($_SERVER['HTTP_USER_AGENT'],ENT_QUOTES));}
///Вытаскиваем настройки из базы
$nas = $db -> query("SELECT `name`,`parametr` FROM `settings`");
while ($assoc = $nas -> fetch_assoc()) {
$nastr[$assoc['name']]=$assoc['parametr'];
}
//////////////////////
//Проверка авторизации
$aut = false;
if (isset($_COOKIE['uid']) && isset($_COOKIE['pass']) && !isset($_SESSION['uid'])) {
$_SESSION['uid'] = $_COOKIE['uid'];
$_SESSION['pass'] = $_COOKIE['pass'];
}
if (isset($_SESSION['uid']) && isset($_SESSION['pass'])) {
$uid = abs(intval($_SESSION['uid']));
$pass = shit($_SESSION['pass']);
$sql = $db -> query("SELECT * FROM `users` WHERE `id` = '".$uid."' AND `pass` = '".$pass."' LIMIT 1");
if ($sql -> num_rows > 0) {
$aut = true;
$ya = $sql -> fetch_assoc();
/////Фильтруем выходящие параметры на всякий
$ya['id']=abs(intval($ya['id']));
$ya['lvl']=abs(intval($ya['lvl']));
$ya['login']=shit($ya['login']);
$ya['pass']=shit($ya['pass']);
//Сохраняем данные авторизации
$db -> query("UPDATE `users` SET `ip` = '".$ip."', `browser` = '".$browser."', `lasttime` = '".time()."' WHERE `id` = '".$uid."' LIMIT 1");
} else {
unset($_SESSION['uid']);
unset($_SESSION['pass']);
setcookie('uid','');
setcookie('pass','');
}
unset($sql);
}
//Устанавливаем пёрфикс для файлов
$perf=$func->perf($_SERVER['HTTP_HOST']);
//Переменные
$do = isset($_GET['do']) ? shit($_GET['do']) : NULL;
$act = isset($_GET['act']) ? shit($_GET['act']) : NULL;
$mode = isset($_GET['mode']) ? shit($_GET['mode']) : NULL;
$start = abs(intval($_GET['start']));
$cit = abs(intval($_GET['cit']));
$otv = abs(intval($_GET['otv']));
$page = abs(intval($_GET['page']));
$id = abs(intval($_GET['id']));
$sid = abs(intval($_GET['sid']));
$_SERVER['SERVER_NAME'] = isset($_SERVER['SERVER_NAME']) ? shit($_SERVER['SERVER_NAME']) : NULL;
$_SERVER['DOCUMENT_ROOT'] = isset($_SERVER['DOCUMENT_ROOT']) ? shit($_SERVER['DOCUMENT_ROOT']) : NULL;
$msg .= null;
///Версия сайта
if(!isset($_COOKIE['version'])){
$ua = str_replace('windows ce', '', strtolower($_SERVER['HTTP_USER_AGENT']));
if($nastr['web']==1 and stripos($ua, 'windows') !== false || stripos($ua, 'linux') !== false || stripos($ua, 'bsd') !== false || stripos($ua, 'x11') !== false || stripos($ua, 'unix')
!== false || stripos($ua, 'macos') !== false || stripos($ua, 'macintosh') !== false){
setcookie('version','web', time() + 86400*30);
}else{
setcookie('version','wap', time() + 86400*30);
}
header('location: /');
}
//Дизайн-оболочка
include_once ROOT.'system/class/diz.php';
$diz = new diz;
////опции топа
require_once (ROOT.'system/top.php');
///////////////////..................................
// Буфферизация вывода
if ($set['gzip'] && extension_loaded('zlib')) {
ob_start('ob_gzhandler');
}
else {
ob_start();
}
?>