Файл: fo/index.php
Строк: 61
<?php
define('SECURED', true);
include'ini.php';
include'includes/func_validate.php';
ini_set('url_rewriter.tags','');
session_name('SessionID');
session_start();
if((isset($_GET['wml']) || $_COOKIE['version']=='wml' || $_SESSION['s_version']=='wml') && !isset($_GET['xhtml']))
{
$ver='wml';
$_SESSION['s_version']='wml';
SetCookie('version', 'wml', time()+3600*24*14);
include'themes/wml.php';
} else
{
$ver='html';
$_SESSION['s_version']='xhtml';
SetCookie('version', 'xhtml', time()+3600*24*14);
include'themes/html.php';
}
if(!empty($_SESSION['s_sid'])) $sid=$_SESSION['s_sid'];
if(!empty($_COOKIE['c_sid'])) $sid=$_COOKIE['c_sid'];
if(!empty($_GET['sid'])) $sid=$_GET['sid'];
$_SESSION['s_sid']=$sid;
SetCookie('c_sid', $sid, time()+3600*24*14);//'sid='.$_GET['sid'].'&'.
$url=htmlspecialchars($_GET['url']);
if(empty($_COOKIE['c_sid'])) define('SID', session_name().'='.session_id().'&url='.$url);
else define('SID', 'url='.$url);
//echo "$_GET[sid]|$_SESSION[s_sid]|$_COOKIE[c_sid]|$sid";
if ($_SERVER['HTTP_X_OPERAMINI_PHONE_UA'])
{
$agent = val($_SERVER['HTTP_X_OPERAMINI_PHONE_UA']);
} else
{
$agent = val($_SERVER['HTTP_USER_AGENT']);
}
$agent=strtok($agent,'(');
$agent=strtok($agent,' ');
$agent=substr($agent,0,22);
if(empty($agent)) $agent='[not detected]';
$ip=getenv('REMOTE_ADDR');
$goback='» <a href="'.$_SERVER['PHP_SELF'].'?'.SID.'">Файлообменник</a><br/>';
if(isset($_GET['exit']))
{
mysql_query("UPDATE `users` SET `session`='' WHERE `session`='".val($sid)."';");
SetCookie('c_sid', '');
unset($_SESSION['s_sid']);
$msg='Вы успешно вышли из системы!<br/>';
}
$user = mysql_fetch_assoc(mysql_query("SELECT `id`,`login`,`level` FROM `users` WHERE `session`='".val($sid)."' AND `session`<>''"));
if(mysql_affected_rows())
{
mysql_query("UPDATE `users` SET `last`=".time().",`ip`='$ip',`soft`='$agent' WHERE `id`=".$user['id']);
$login=$user['login'];
$level=$user['level'];
$auth=true;
} else
{
$login='Гость';
$level=0;
$auth=false;
}
$mode = $_GET['mode'];
if(!in_array($mode,$modes))
{
$mode='index';
}
if($mode!='get' and $mode!='img') head();
include 'pages/'.$mode.'.php';
$q = mysql_query("SELECT COUNT(*) FROM `privat` WHERE `tonick` = '".$login."' AND `read` = '0';");
$no_read = mysql_result($q, 0);
if(!empty($no_read) and $no_read!=0){
echo'<img src="images/new.gif" alt="new"/><b><a href="'.$_SERVER['PHP_SELF'].'?mode=privat&mess=noread&'.SID.'">Приватное сообщение</a>('.$no_read.')</b><br/>';}
footer();
mysql_close();
?>