Файл: modules/book/index.php
Строк: 253
<?php
########################################
## WAP-ENGINE ##
########################################
## ##
## Автор : CHUMA (Токарев Владимир) ##
## e-mail : crazychuma@gmail.com ##
## WAP : http://wap-engine.ru ##
## ##
########################################
## ВЫ НЕ ИМЕЕТЕ ПРАВО ##
## ИЗМЕНЯТЬ КОД СКРИПТА ##
## ДЛЯ ДАЛЬНЕЙШЕГО РАСПРОСТРАНЕНИЯ! ##
########################################
include ('../../config.php');
include ('../../templates/run.php');
include ('../../templates/func.php');
$title_page = '| Библиотека';
$m_polozhenie = 'В библиотеке';
include ("../../themes/$themes.php");
####################
$file_get = stripslashes(trim($_GET['file']));
$kat = stripslashes(trim($_GET['kat']));
if(empty($kat))
{
$kat = ".";
}
if((!isset($passw) || $_SESSION['pass'] != $passw) && $dostup_book == 0)
{
echo'<p class="err">Вы не авторизованы!!! Войдите в личный кабинет.<br /></p>';
echo'<p><a href="../kabinet/index.php?'.session_name().'='.session_id().'">В кабинет</a><br /></p>';
include ("../../templates/foot.php");
exit;
}
if(!empty($_GET['kat']) && (!preg_match("#^[^><|?*:"]+$#", $kat) || preg_match("#(..)+|^(/)+|^(.)+$|^(./)+$|^(./.)+$|(//)+#", $kat)))
{
echo"<p class="err">Ошибка!!! Неправильное название категории.</p>";
echo"<p><a href="index.php?".session_name()."=".session_id()."">В библиотеку</a><br /></p>";
include ("../../templates/foot.php");
exit;
}
if(!file_exists("../../modules/book/$kat"))
{
echo"<p class="err">Ошибка!!! Данная категория не существует.</p>";
echo"<p><a href="index.php?".session_name()."=".session_id()."">В библиотеку</a><br /></p>";
include ("../../templates/foot.php");
exit;
}
if(!empty($_GET['file']) && (!preg_match("#^[^><|?*/:"]+$#", $file_get) || preg_match("#(..)+|[^(.txt)]$#", $file_get)))
{
echo"<p class="err">Ошибка!!! Неправильное название книги.</p>";
echo"<p><a href="index.php?".session_name()."=".session_id()."">В библиотеку</a><br /></p>";
include ("../../templates/foot.php");
exit;
}
if(!file_exists("../../modules/book/$kat/$file_get"))
{
echo"<p class="err">Ошибка!!! Данная книга не существует.</p>";
echo"<p><a href="index.php?".session_name()."=".session_id()."">В библиотеку</a><br /></p>";
include ("../../templates/foot.php");
exit;
}
####################[-a-zA-Z0-9_.',;!@#$&()+=]
$file_get = filter($file_get);
$kat = filter($kat);
####################[^><|?*/:"]
function dir_list($kat, $file_get)
{
global $color_red;
include ('../../config.php');
$dir = $kat;
$dir_kat = opendir($dir);
$dir_file = opendir($dir);
if($dir != '.')
{
$dir_exp = explode('/', $dir);
$dir_exp_count = count($dir_exp);
echo'<p class="modul_name"><a href="index.php?'.session_name().'='.session_id().'">Библиотека</a>';
for($i=1; $i < $dir_exp_count; $i++)
{
$dir_plus = "$dir_plus/$dir_exp[$i]";
$kat_name = @file(".$dir_plus/op.txt");
$kat_name = trim($kat_name[0]);
if(".$dir_plus" == $dir && $_GET['view'] == 1)
{
echo" » <a href="index.php?kat=.$dir_plus&".session_name()."=".session_id()."">$kat_name</a>";
}
elseif(".$dir_plus" == $dir)
{
echo" » $kat_name";
}
else
{
echo" » <a href="index.php?kat=.$dir_plus&".session_name()."=".session_id()."">$kat_name</a>";
}
}
echo'</p>';
}
else
{
echo'<p class="modul_name">Библиотека</p>';
}
if($_GET['view'] == 1)
{
###
$book_file = @file($dir.'/'.$file_get);
$book_name = trim($book_file[0]);
echo'<p align="center">'.$book_name.'</p>';
$text = htmlspecialchars(implode('||::||', $book_file));
$text = explode('||::||', $text);
$text = implode('<br/>', $text);
$string_array = explode(' ', $text);
$count = count($string_array);
$slov = 200;
if(!empty($_POST['slov']) && preg_match("#^[0-9]+$#", $_POST['slov']))
{
$slov = filter($_POST['slov']);
}
elseif(!empty($_POST['slov']))
{
echo"<p class="err">Ошибка!!! Неправильное значение колличества слов.</p>";
echo"<p><a href="index.php?".session_name()."=".session_id()."">В библиотеку</a><br /></p>";
include ("../../templates/foot.php");
exit;
}
if(!empty($_GET['slov']) && preg_match("#^[0-9]+$#", $_GET['slov']))
{
$slov = filter($_GET['slov']);
}
elseif(!empty($_GET['slov']))
{
echo"<p class="err">Ошибка!!! Неправильное значение колличества слов.</p>";
echo"<p><a href="index.php?".session_name()."=".session_id()."">В библиотеку</a><br /></p>";
include ("../../templates/foot.php");
exit;
}
if($slov > 9999)
{
$slov = '9999';
}
$stranic = ceil($count/$slov);
if(empty($_GET['page']))
{
$page_get = 1;
}
else
{
$page_get = filter($_GET['page']);
}
if($page_get < 0)
{
$page_get = 1;
}
if($page_get > $stranic)
{
$page_get = $stranic;
}
$do = $slov * ($page_get - 1);
$end = $slov * $page_get;
$page_nazad = $page_get - 1;
$page_dalee = $page_get + 1;
echo"<p class="b">";
if(!preg_match("#^[0-9]+$#i", $page_get))
{
echo"Данной страницы несуществует!";
}
else
{
for ($i = $do; $i < $end; $i++)
{
if (!empty($string_array[$i]))
{
$text = preg_replace('#[img=(.*?)]#su', '<img src="1" alt="'.$book_name.'" />', $string_array[$i]);
$text = preg_replace('#((?:http|https|ftp)://[0-9a-zA-Z._-]+.[0-9a-zA-Z]{2,6}[0-9a-zA-Z/?.~&_=/%-:#]*)#su', '<a href="1">1</a>', $text);
$text = str_replace('<br/>', '<br />', $text);
echo"$text ";
}
}
}
echo"</p>";
if($stranic > 1)
{
echo"<p align="center" class="d">";
echo"Страницы:";
echo"<br />";
if($page_get > 4)
{
echo"<a href="index.php?page=1&file=$file_get&kat=$kat&view=1&slov=$slov&".session_name()."=".session_id()."">1</a>...";
}
$start_1 = $page_get - 3;
$end_1 = $page_get - 1;
if($start_1 < 1)
{
$start_1 = 1;
}
for($i = $start_1; $i <= $end_1; $i++)
{
echo"<a href="index.php?page=$i&file=$file_get&kat=$kat&view=1&slov=$slov&".session_name()."=".session_id()."">$i</a> ";
}
echo"$page_get";
$start_2 = $page_get + 1;
$end_2 = $page_get + 3;
if($start_2 < 1)
{
$start_2 = 1;
}
if($end_2 > $stranic)
{
$end_2 = $stranic;
}
for($i = $start_2; $i <= $end_2; $i++)
{
echo" <a href="index.php?page=$i&file=$file_get&kat=$kat&view=1&slov=$slov&".session_name()."=".session_id()."">$i</a>";
}
if($stranic > $page_get && $page_get < ($stranic-3))
{
echo"...<a href="index.php?page=$stranic&file=$file_get&kat=$kat&view=1&slov=$slov&".session_name()."=".session_id()."">$stranic</a>";
}
echo"<br />";
if($page_get > 1)
{
echo"<a href="index.php?page=$page_nazad&file=$file_get&kat=$kat&view=1&slov=$slov&".session_name()."=".session_id()."">Назад</a>";
}
echo" | ";
if($stranic > $page_get)
{
echo"<a href="index.php?page=$page_dalee&file=$file_get&kat=$kat&view=1&slov=$slov&".session_name()."=".session_id()."">Дальше</a>";
}
echo"<br />";
echo"</p>";
}
if($page_get == 1)
{
echo"<form action="index.php?file=$file_get&kat=$kat&view=1&".session_name()."=".session_id()."" method="post">";
echo"<p align="center" class="d">";
echo"Слов на страницу<br />
<input type="text" name="slov" size="4" maxlength="4" value="" />
<input type="submit" value="OK" />";
echo"</p>";
echo"</form>";
}
echo"<p><a href="$dir/$file_get">Скачать в txt</a><br /></p>";
###
}
else
{
while ($file = readdir($dir_kat))
{
if(is_dir("$dir/$file") && $file != "." && $file != "..")
{
$files[] = "$file";
}
}
$file_co = count($files);
@natsort($files);
if(!empty($files))
{
foreach($files as $val)
{
$files2[] = $val;
}
$files = $files2;
}
for ($i=0; $i < $file_co; $i++)
{
if(is_dir("$dir/$files[$i]") && $files[$i] != "." && $files[$i] != "..")
{
$kat_file_op = @file("$dir/$files[$i]/op.txt");
$kat_name = trim($kat_file_op[0]);
$kat_files = trim($kat_file_op[1]);
$kat_files_new = trim($kat_file_op[2]);
if(!empty($kat_name))
{
echo"<p class="a" style="margin: 1px;">";
echo"<img src="../../images/dir.gif" alt="i" /> <a href="index.php?kat=$dir/$files[$i]&".session_name()."=".session_id()."" class="aa">$kat_name</a> [$kat_files";
if($kat_files_new > 0)
{
echo"|<font color="$color_red">$kat_files_new</font>";
}
echo"]";
echo"</p>";
$a++;
}
}
}
if(!empty($a))
{
echo"<p><br /></p>";
}
while ($file1 = readdir($dir_file))
{
if(is_file("$dir/$file1") && $file1 != "Thumbs.db" && $file1 != ".htaccess" && $file1 != "index.php" && $file1 != "kol.php" && $file1 != "admin.php" && $file1 != "kom.php" && $file1 != "op.txt")
{
if($_GET['sort'] == "alfa")
{
$file_array[] = "||$file1";
}
elseif($_GET['sort'] == "data" || empty($_GET['sort']))
{
$file_array[] = "".filemtime($dir.'/'.$file1)."||$file1";
}
}
}
if(!empty($file_array))
{
echo"<p class="b" align="center">Сортировка книг<br />
<a href="index.php?sort=alfa&kat=$kat&".session_name()."=".session_id()."">По алфавиту</a><br />
<a href="index.php?sort=data&kat=$kat&".session_name()."=".session_id()."">По дате добавления книги</a></p>";
echo"<p align="center">Список книг:</p>";
}
if($_GET['sort'] == "alfa")
{
@natsort($file_array);
if(!empty($files))
{
foreach($file_array as $val)
{
$file_array2[] = $val;
}
$file_array = $file_array2;
}
}
if($_GET['sort'] == "data" || empty($_GET['sort']))
{
@rsort($file_array);
}
$count_files = count($file_array);
$stranic = ceil($count_files/$kolbooks);
if(empty($_GET['page']))
{
$page_get = 1;
}
else
{
$page_get = filter($_GET['page']);
}
if($page_get < 0)
{
$page_get = 1;
}
if($page_get > $stranic)
{
$page_get = $stranic;
}
$do = $kolbooks * ($page_get - 1);
$end = $kolbooks * $page_get;
$page_nazad = $page_get - 1;
$page_dalee = $page_get + 1;
for($i = $do; $i < $end; $i++)
{
if(!empty($file_array[$i]))
{
echo"<p class="b">";
$file_win_arr = explode("||", $file_array[$i]);
preg_match("#^([^><|?*/:"]+).[a-z0-9]{0,4}$#s", $file_win_arr[1], $repl);
$file_win = "$repl[1]";
$book_name = @file("$dir/$file_win_arr[1]");
$book_name = trim($book_name[0]);
echo"<img src="../../images/txt.gif" alt="" /> ";
$datanew = $file_win_arr[0] + 432000;
$datenow = time();
echo"<a href="index.php?kat=$dir&file=$file_win_arr[1]&view=1&".session_name()."=".session_id()."">$book_name</a>";
if($datanew > $datenow)
{
echo"<font color="$color_red">[new]</font>";
}
echo"<br />";
echo"</p>";
}
}
if($stranic > 1)
{
echo"<p align="center" class="d">";
echo"Страницы:";
echo"<br />";
if($page_get > 4)
{
echo"<a href="index.php?page=1&kat=$kat&sort=$_GET[sort]&".session_name()."=".session_id()."">1</a>...";
}
$start_1 = $page_get - 3;
$end_1 = $page_get - 1;
if($start_1 < 1)
{
$start_1 = 1;
}
for($i = $start_1; $i <= $end_1; $i++)
{
echo"<a href="index.php?page=$i&kat=$kat&sort=$_GET[sort]&".session_name()."=".session_id()."">$i</a> ";
}
echo"$page_get";
$start_2 = $page_get + 1;
$end_2 = $page_get + 3;
if($start_2 < 1)
{
$start_2 = 1;
}
if($end_2 > $stranic)
{
$end_2 = $stranic;
}
for($i = $start_2; $i <= $end_2; $i++)
{
echo" <a href="index.php?page=$i&kat=$kat&sort=$_GET[sort]&".session_name()."=".session_id()."">$i</a>";
}
if($stranic > $page_get && $page_get < ($stranic-3))
{
echo"...<a href="index.php?page=$stranic&kat=$kat&sort=$_GET[sort]&".session_name()."=".session_id()."">$stranic</a>";
}
echo"<br />";
if($page_get > 1)
{
echo"<a href="index.php?page=$page_nazad&kat=$kat&sort=$_GET[sort]&".session_name()."=".session_id()."">Назад</a>";
}
echo" | ";
if($stranic > $page_get)
{
echo"<a href="index.php?page=$page_dalee&kat=$kat&sort=$_GET[sort]&".session_name()."=".session_id()."">Дальше</a>";
}
echo"<br />";
echo"</p>";
}
if(!empty($a) || $count_files > 0)
{
echo"<p class="d">";
if(!empty($a))
{
echo"Категорий: $a<br />";
}
if($count_files > 0)
{
echo"Файлов: $count_files";
}
echo"</p>";
}
if(empty($a) and $count_files == 0)
{
echo"<p class="err">В данной категории нет книг и других категорий.</p>";
}
}
closedir ($dir_kat);
closedir ($dir_file);
}
####################
dir_list($kat, $file_get);
####################
include ("../../templates/foot.php");
?>