Файл: 4mast/profmas.ru/includes/Headers.php
Строк: 209
<?php
define('HOME', $_SERVER['DOCUMENT_ROOT']);
define('FILES', HOME.'/files');
// autoload application components
foreach (array (
$_SERVER['DOCUMENT_ROOT'] . '/includes/configs/'
) as $dir) {
foreach (array_merge (glob ($dir . '*.php'), array (
)) as $file) {
require_once $file;
}
}
class PDO_ extends PDO
{
public function __construct ($dsn, $username, $password)
{
parent :: __construct ($dsn, $username, $password);
//$this -> setAttribute (PDO :: ATTR_ERRMODE, PDO :: ERRMODE_EXCEPTION);
$this -> setAttribute (PDO :: ATTR_DEFAULT_FETCH_MODE, PDO :: FETCH_ASSOC);
}
function prepare($sql, $options = null) {
$stmt = parent :: prepare($sql, array(
PDO :: ATTR_STATEMENT_CLASS => array('PDOStatement_')
));
return $stmt;
}
function query($sql, $params = array()) {
$stmt = $this -> prepare($sql);
$stmt -> execute($params);
return $stmt;
}
function querySingle($sql, $params = array()) {
$stmt = $this -> query($sql, $params);
$stmt -> execute($params);
return $stmt -> fetchColumn(0);
}
function queryFetch($sql, $params = array()) {
$stmt = $this -> query($sql, $params);
$stmt -> execute($params);
return $stmt -> fetch();
}
}
class PDOStatement_ extends PDOStatement {
function execute($params = array()) {
if (func_num_args() == 1) {
$params = func_get_arg(0);
} else {
$params = func_get_args();
}
if (!is_array($params)) {
$params = array($params);
}
parent :: execute($params);
return $this;
}
function fetchSingle() {
return $this -> fetchColumn(0);
}
function fetchAssoc() {
$this -> setFetchMode(PDO :: FETCH_NUM);
$data = array();
while ($row = $this -> fetch()) {
$data[$row[0]] = $row[1];
}
return $data;
}
}
class DB {
public static $dbs;
public function __construct ($config)
{
$this -> getInstance($config);
}
public static function getInstance ($config) {
//
try {
self :: $dbs = new PDO_ ($config['dsn'], $config['user'], $config['password']);
}
catch (PDOException $e) {
// add to log errors
$f = fopen($_SERVER['DOCUMENT_ROOT'] . '/system/errorlog.txt', 'a+');
fputs($f, $e -> getMessage () . "rn");
fclose ($f);
exit ('Сайт выключен из-за технических неполадок!');
}
}
}
// ------------ Определение IP и UA-----------//
function IP() {
$header_checks = array('HTTP_CLIENT_IP','HTTP_PRAGMA','HTTP_XONNECTION','HTTP_CACHE_INFO','HTTP_XPROXY','HTTP_PROXY','HTTP_PROXY_CONNECTION','HTTP_VIA','HTTP_X_COMING_FROM','HTTP_COMING_FROM','HTTP_X_FORWARDED_FOR','HTTP_X_FORWARDED','HTTP_X_CLUSTER_CLIENT_IP','HTTP_FORWARDED_FOR','HTTP_FORWARDED','ZHTTP_CACHE_CONTROL','REMOTE_ADDR');
foreach ($header_checks as $key) {
if (array_key_exists($key, $_SERVER) === true) {
foreach (explode(',', $_SERVER[$key]) as $ip) {
$ip = trim($ip);
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== false) {
return $ip;
}
}
}
}
}
function UA() {
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$ua = htmlspecialchars( addslashes( trim( $user_agent ) ) );
return $ua;
}
// ------------ END -----------//
$DB = new DB ($config['dbh']);
DB :: $dbs -> query ("SET NAMES 'utf8'");
if (isset ($_COOKIE['id'], $_COOKIE['pass'])) {
$query = DB :: $dbs -> query ("SELECT * FROM `us` WHERE (`id`=?) AND (`pass`=?)", array (intval ($_COOKIE['id']), addslashes ($_COOKIE['pass'])));
if ($query -> rowCount () != 0) {
$us = $query -> fetch ();
if ($us['ip'] != IP() OR $us['soft'] != UA()) {
DB :: $dbs -> query( "INSERT INTO `log_auth` (`us`,`ip`,`ua`,`type`,`time`) VALUES (?,?,?,?, '" . time() . "')", array($us['id'], IP(), UA(), 2) );
}
elseif (DB :: $dbs -> querySingle ("SELECT COUNT(*) FROM `log_auth` WHERE `us` =? AND `type` != ?", array($us['id'], 0)) == 0) {
DB :: $dbs -> query( "INSERT INTO `log_auth` (`us`,`ip`,`ua`,`type`,`time`) VALUES (?,?,?,?, '" . time() . "')", array($us['id'], IP(), UA(), 2) );
}
// update activity
DB :: $dbs -> query("UPDATE `us` SET `last`='" . time () . "',`ip`=?,`soft`=? WHERE (`id`='" . $us['id'] . "')", array (IP(), UA()));
// if last activity < 1 hour update all online
if ((time () - $us['last']) < 3600) {
DB :: $dbs -> query("UPDATE `us` SET `online`=`online`+'" . (time () - $us['last']) . "' WHERE (`id`='" . $us['id'] . "')", array (IP(), UA()));
}
}
}
global $us;
$time = microtime(1);
$img = '/templates/'.($us['id']?$us['style']:'wm_pasha963').'/ind.png';
function H ($title = '', $menu_title = NULL)
{
global $us;
$style = ($us['id']?$us['style']:'wm_pasha963');
header ('content-type: text/html');
ob_start ('ob_gzhandler');
echo '<!DOCTYPE html> <html lang="ru"> <head><title>'.$title.'</title>
<meta name="Reply-to" content="j-u-s-e-s@yandex.ru"/>
<meta name="viewport" content="width=device-width, initial-scale=1.0"/>
<meta name="viewport" content="width=device-width, user-scalable=yes"/>
<meta name="title" content="PROFMAS.RU - Портал Разработчиков!"/>
<meta name="keywords" content="WAP мастерам, wap мастеру, форум мастеров, скрипты, дизайны, сервисы, продвижение сайта, библиотека, движки, модули, wap мастерская, создание сайта, загрузки мастерам, новичкам как создать сайт, раздача icq, шаблоны для wap сайта, все для wap мастера, сервисы вап-мастерам, сайты в помощь wap мастеру, функция, куски кода, как закрыть дыру, sql инъекция, как создать сайт?, магазин скриптов, полезные куски кода" />
<meta name="description" content="PRFMAS- Информационный портал, в котором публикуются новости IT мира, а так же информация и советы по созданию сайтов, шаблонов, и многое другое">';
echo'<link rel="shortcut icon" href="/favicon.ico">
<link rel="stylesheet" href="/templates/'.$style.'/style.css" type="text/css"/>
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.4/jquery.min.js"></script>
<script type="text/javascript" src="/templates/jsimg/zoom-c.js"></script>
<link rel="stylesheet" href="/templates/bootstrap.css" type="text/css"/></head><body>';
if ($us == false && $_SERVER['PHP_SELF'] == '/index.php' || $us == true && $us['logo'] == 1 && $_SERVER['PHP_SELF'] == '/index.php') {
echo'<div class="verx"><a href="/"><img src="/templates/'.$style.'/logo.png" alt="Портал разработчиков"/></a></div>'; }
$m = DB ::$dbs->querySingle("SELECT count(id) from `msg` where `us` = ? and `see` = ?",array($us['id'],1));
$j = DB ::$dbs->querySingle("SELECT count(id) from `action` where `us` = ? and `see` = ?",array($us['id'],1));
if (isset($us)) {
echo '<div class="list1" style="border-bottom:none;">
<table style="width:100%" cellspacing="0" cellpadding="0"><tbody><tr>
<td style="vertical-align:top;width:10%;"><center> <a href="/kab" title="Кабинет"><b><img src="/images/vcard.png"></b></a></center></td>
<td style="vertical-align:top;width:10%;"><center><a href="/mail.php" title="Почта"><b><img src="/images/mail2.png"></b>';
if ($m != 0) { echo ' ' . $m . ')'; }
echo' </a></center></td>
<td style="vertical-align:top;width:10%;"><center><a href="/action.php" title="Оповещения"><b><img src="/images/warning.png"></b>';
if ($j != 0) { echo ' ' . $j . ')'; }
echo '</a></center></td>
<td style="vertical-align:top;width:10%;"><center><a href="/feeds.php" title="Новости"><b><img src="/images/rss2.png"></b></a></center></td>
</tr></tbody></table></div>';
}
//Модерация юзерей.
$time = microtime(1);
if($us['id'] == true) {
$query = DB :: $dbs -> query("SELECT `id`,`dop`,`us` FROM `reg` WHERE (`us` = '" . $us['id'] . "')");
if ($query -> rowCount () != 0) {
$reg = $query -> fetch ();
if ($reg['dop'] == 'mod') {
$title = 'Одобрение регистрации';
$menu_title = 'Одобрение регистрации';
echo '<div class="menu2">Одобрение регистрации</div>';
echo '<div class="access">Дождитесь одобрения вашей регистрации.</div>';
require_once('includes/Footers.php');
exit;
}
elseif ($reg['dop']=='net') {
$title = 'Нет допуска';
$menu_title = 'Нет допуска';
echo '<div class="menu2">Одобрение регистрации</div>';
echo '<div class="lst">К сожалению вы не были допущены на сайт!</div>';
require_once('includes/Footers.php');
exit;
}
}
}
if (isset($us)) {
#ban
$query = DB :: $dbs -> query ("SELECT * FROM `ban` WHERE (`us`='" . $us['id'] . "') AND (`end`>'" . time () . "')");
if ($query -> rowCount () != 0) {
$ban = $query -> fetch ();
if ($_SERVER['PHP_SELF'] != '/block.php') {
header ('location: /block.php');
exit;
}
}
if (isset ($menu_title)) { echo '<div class="menu2">' . $menu_title . '</div>'; }
}
if ($_SERVER['PHP_SELF'] == '/index.php') {
#$random = DB ::$dbs->query("SELECT * FROM billing_rekl WHERE gde = ? AND type = ? ORDER BY id DESC",array('index',1));
$random = DB ::$dbs->query("SELECT * FROM billing_rekl WHERE gde = ? AND type = ? ORDER BY RAND() DESC",array('index',1)); #Рандомный вывод
DB::$dbs->query("DELETE FROM `billing_rekl` WHERE `time_off` < ?", array(time()));
if($random->rowCount() >0){
echo '<div class="rekl">';
while($r = $random->fetch()){
echo '<img src="/images/rekl.png" class="ico" alt="*"/> <a href="http://'.$r['url'].'">'.$r['name'].'</a><br/>';
}
echo '</div>';
}
} elseif ($_SERVER['PHP_SELF'] != '/') {
$random = DB ::$dbs->query("SELECT * FROM billing_rekl WHERE gde = ? AND type = ? ORDER BY RAND() DESC",array('all',1));
DB::$dbs->query("DELETE FROM `billing_rekl` WHERE `time_off` < ?", array(time()));
if($random->rowCount() >0){
echo '<div class="rekl">';
while($r = $random->fetch()){
echo '<img src="/images/rekl.png" class="ico" alt="*"/> <a href="http://'.$r['url'].'">'.$r['name'].'</a><br/>';
}
echo '</div>';
}
}
if (isset($us)) {
if ($j != 0) { echo '<a href="/action.php" class="block"> <img src="/images/warning.png" alt="*"/> Вам новое уведомление (+' . $j . ')</a></div>'; }
if ($m != 0) { echo '<a href="/mail.php" class="block"><img src="/images/mail.png" alt="*"/> Вам новое сообщение (+' . $m . ')</a></div>'; }
}
$Uplep = DB :: $dbs -> query ("SELECT * FROM `forum_t` where `lip_them` = ? AND `lip_time` < ? ORDER BY `lip_time` DESC LIMIT 5",array(1,time()));
while ($Uplt = $Uplep -> fetch()) {
DB :: $dbs -> query ("UPDATE `forum_t` SET `lip_time` = ? WHERE `id` = ? ",array(0,$Uplt['id']));
DB :: $dbs -> query ("UPDATE `forum_t` SET `lip_them` = ? WHERE `id` = ? ",array(0,$Uplt['id']));
}
}
?>