Файл: modules/zagruz/admin.php
Строк: 150
<?php
########################################
## WAP-ENGINE ##
########################################
## ##
## Автор : CHUMA (Токарев Владимир) ##
## e-mail : crazychuma@gmail.com ##
## WAP : http://wap-engine.ru ##
## ##
########################################
## ВЫ НЕ ИМЕЕТЕ ПРАВО ##
## ИЗМЕНЯТЬ КОД СКРИПТА ##
## ДЛЯ ДАЛЬНЕЙШЕГО РАСПРОСТРАНЕНИЯ! ##
########################################
include ('../../config.php');
include ('../../templates/run.php');
include ('../../templates/func.php');
####################
$str = filter($_GET['str']);
$page = filter($_GET['page']);
$file_get = stripslashes(trim($_GET['file']));
$kat = stripslashes(trim($_GET['kat']));
if(empty($kat))
{
$kat = ".";
}
if((!isset($passw) || $_SESSION['pass'] != $passw) && $dostup_files == 0)
{
include '../../themes/'.$themes.'.php';
echo'<p class="err">Вы не авторизованы!!! Войдите в личный кабинет.<br /></p>';
echo'<p><a href="../kabinet/index.php?'.session_name().'='.session_id().'">В кабинет</a><br /></p>';
include '../../templates/foot.php';
exit;
}
if(!empty($_GET['kat']) && (!preg_match("#^[^><|?*:"]+$#", $kat) || preg_match("#(..)+#", $kat)))
{
include '../../themes/'.$themes.'.php';
echo"<p class="err">Ошибка!!! Неправильное название категории.</p>";
echo"<p><a href="index.php?".session_name()."=".session_id()."">В загрузки</a><br /></p>";
include '../../templates/foot.php';
exit;
}
if(!file_exists("$kat"))
{
include '../../themes/'.$themes.'.php';
echo"<p class="err">Ошибка!!! Данная категория не существует.</p>";
echo"<p><a href="index.php?".session_name()."=".session_id()."">В загрузки</a><br /></p>";
include '../../templates/foot.php';
exit;
}
if(!empty($_GET['file']) && (!preg_match("#^[^><|?*/:"]+$#", $file_get) || preg_match("#(..)+#", $kat)))
{
include '../../themes/'.$themes.'.php';
echo"<p class="err">Ошибка!!! Неправильное название книги.</p>";
echo"<p><a href="index.php?".session_name()."=".session_id()."">В загрузки</a><br /></p>";
include '../../templates/foot.php';
exit;
}
if(!file_exists("$kat/$file_get"))
{
include '../../themes/'.$themes.'.php';
echo"<p class="err">Ошибка!!! Данный файл не существует.</p>";
echo"<p><a href="index.php?".session_name()."=".session_id()."">В загрузки</a><br /></p>";
include '../../templates/foot.php';
exit;
}
####################
$file_get = filter($file_get);
$kat = filter($kat);
####################
if($_GET['act']=='delkom')
{
if(isset($_SESSION['pass']) && isset($passw) && $_SESSION['pass'] == $passw && ($status == '1' || $status == '2' || $status == '3'))
{
$basedel = $kat.'/op/'.$file_get.'_kom.txt';
$basestr = file($basedel);
$base_mes_count = count($basestr);
$kom_exp = explode('|', $basestr[$str]);
$deleted_kom = trim($kom_exp[0]).': '.trim($kom_exp[5]);
for($i=0; $i < $base_mes_count; $i++)
{
if($i != $str)
{
$base_mes_arr[] = trim($basestr[$i]);
}
}
if(!empty($base_mes_arr))
{ $buff = trim(implode("rn", $base_mes_arr)); } else
{ $buff = ''; }
write_to_file($basedel, $buff);
if($str == 0)
{
$base_last = 'op/last_kom.txt';
$last_mes_f = file($base_last);
$last_mes_count = count($last_mes_f);
$str2 = $str + 1;
$kom_exp2 = explode('|', $basestr[$str2]);
for($l=0; $l < $last_mes_count; $l++)
{
$last_mes_arr2 = explode('|', $last_mes_f[$l]);
if(!empty($last_mes_f[$l]) && ($last_mes_arr2[6] != $kat || trim($last_mes_arr2[7]) != $file_get))
{
$last_mes_arr[] = trim($last_mes_f[$l]);
}
elseif(!empty($basestr[$str2]))
{
$last_mes_arr[] = $kom_exp2[0].'|'.$kom_exp2[1].'|'.$kom_exp2[2].'|'.$kom_exp2[3].'|'.$kom_exp2[4].'|'.trim($kom_exp2[5]).'|'.$kat.'|'.$file_get;
}
}
if(!empty($last_mes_arr))
{ $last_mes_str = trim(implode("rn", $last_mes_arr)); } else
{ $last_mes_str = ''; }
write_to_file($base_last, $last_mes_str);
}
$date = date('d.m.Y / H:i:s', time() + ($sdvigclock*3600));
$adm_log_f = @file('../../data/adm_log.php');
$adm_log_count = count($adm_log_f) - 2;
$mes_to_adm_log = "$login|$date|Удалил комментарий в загрузках "$deleted_kom"rn";
for($i=2; $i < $adm_log_count; $i++)
{
$mes_to_adm_log .= $adm_log_f[$i];
}
$mes_to_adm_log = trim($mes_to_adm_log);
write_to_file('../../data/adm_log.php', "<?phprn/*rn$mes_to_adm_logrn*/rn?>");
header ("location: kom.php?kat=$kat&file=$file_get&page=$page&".session_name()."=".session_id()."");
}
else
{
include '../../themes/'.$themes.'.php';
echo "<p class="err">Ошибка авторизации!!!<br /></p>";
echo "<p><a href="kom.php?kat=$kat&file=$file_get&page=$page&".session_name()."=".session_id()."">В коментарии</a></p>";
include '../../templates/foot.php';
}
}
####################
if($_GET['act']=='ban')
{
if (isset($_SESSION['pass']) && isset($passw) && $_SESSION['pass'] == $passw && ($status == '1' || $status == '2' || $status == '3'))
{
$ban_ip = htmlspecialchars(stripslashes(trim($_GET['ban'])));
$banlist ='../../data/ban.txt';
$file = fopen($banlist,'a+');
fputs($file,"$ban_iprn");
fclose($file);
$ban_exp = explode('||', $ban_ip);
$ban_ip = $ban_exp[0].' - '.$ban_exp[1];
$date = date("d.m.Y / H:i:s", time() + ($sdvigclock*3600));
$adm_log_f = @file('../../data/adm_log.php');
$adm_log_count = count($adm_log_f) - 2;
$mes_to_adm_log = "$login|$date|Забанил IP $ban_iprn";
for($i=2; $i < $adm_log_count; $i++)
{
$mes_to_adm_log .= $adm_log_f[$i];
}
$mes_to_adm_log = trim($mes_to_adm_log);
write_to_file('../../data/adm_log.php', "<?phprn/*rn$mes_to_adm_logrn*/rn?>");
include '../../themes/'.$themes.'.php';
echo "<p class="b">IP и браузер забанены!<br /></p>";
echo "<p><a href="kom.php?kat=$kat&file=$file_get&page=$page&".session_name()."=".session_id()."">В коментарии</a></p>";
include '../../templates/foot.php';
}
else
{
include '../../themes/'.$themes.'.php';
echo "<p class="err">Ошибка авторизации!!!<br /></p>";
echo "<p><a href="kom.php?kat=$kat&file=$file_get&page=$page&".session_name()."=".session_id()."">В коментарии</a></p>";
include '../../templates/foot.php';
}
}
####################
if($_GET['act']=='banuser')
{
if (isset($_SESSION['pass']) && isset($passw) && $_SESSION['pass'] == $passw && ($status == '1' || $status == '2' || $status == '3'))
{
include '../../themes/'.$themes.'.php';
$kogo = filter($_GET['ban']);
echo'<p class="modul_name">Забанить пользователя '.$kogo.'</p>';
echo"<form method="post" action="../admin/users.php?act=ban&nick=$kogo&".session_name()."=".session_id().""><p class="b">";
echo"До какого времени:<br />";
echo"Год: <select name="god" class="textbox">";
for($g=2010; $g <= 2020; $g++)
{
if($g == date ("Y", time() + ($sdvigclock*3600)))
{ echo"<option selected="selected">$g</option>"; } else
{ echo"<option>$g</option>"; }
}
echo "</select>";
echo "Сейчас: ".date ("Y", time() + ($sdvigclock*3600))."<br />";
echo"Месяц: <select name="mes" class="textbox">";
for($m=1; $m <= 12; $m++)
{
if($m < 10) { $m = "0".$m; }
if($m == date ("m", time() + ($sdvigclock*3600)))
{ echo"<option selected="selected">$m</option>"; } else
{ echo"<option>$m</option>"; }
}
echo "</select>";
echo "Сейчас: ".date ("m", time() + ($sdvigclock*3600))."<br />";
echo"День: <select name="den" class="textbox">";
for($d=1; $d <= 31; $d++)
{
if($d < 10) { $d = "0".$d; }
if($d == date ("d", time() + ($sdvigclock*3600)))
{ echo"<option selected="selected">$d</option>"; } else
{ echo"<option>$d</option>"; }
}
echo "</select>";
echo "Сейчас: ".date ("d", time() + ($sdvigclock*3600))."<br />";
echo"Час: <select name="chas" class="textbox">";
for($ch=0; $ch <= 23; $ch++)
{
if($ch < 10) { $ch = "0".$ch; }
if($ch == date ("H", time() + ($sdvigclock*3600)))
{ echo"<option selected="selected">$ch</option>"; } else
{ echo"<option>$ch</option>"; }
}
echo "</select>";
echo "Сейчас: ".date ("H", time() + ($sdvigclock*3600))."<br />";
echo"Минут: <select name="minut" class="textbox">";
for($mi=0; $mi <= 59; $mi++)
{
if($mi < 10) { $mi = "0".$mi; }
if($mi == date ("i", time() + ($sdvigclock*3600)))
{ echo"<option selected="selected">$mi</option>"; } else
{ echo"<option>$mi</option>"; }
}
echo "</select>";
echo "Сейчас: ".date ("i", time() + ($sdvigclock*3600))."<br />";
echo"За (что?):<br /><input name="why" value="плохое поведение" /><br />";
echo"<input value="Применить" type="submit" /></p></form>";
echo "<p><a href="kom.php?kat=$kat&file=$file_get&page=$page&".session_name()."=".session_id()."">В коментарии</a></p>";
include '../../templates/foot.php';
}
else
{
include '../../themes/'.$themes.'.php';
echo "<p class="err">Ошибка авторизации!!!<br /></p>";
echo "<p><a href="kom.php?kat=$kat&file=$file_get&page=$page&".session_name()."=".session_id()."">В коментарии</a></p>";
include '../../templates/foot.php';
}
}
####################
?>