Файл: region_clean/guest.php
Строк: 309
<?
#######################################
## Mod By KoT (borispol) [76-75-072] ##
#######################################
require_once "start.php";
require_once "sid.php";
header("Cache-Control: no-cache");
if ($ver == "wml") header ("Content-type:text/vnd.wap.wml; charset=utf-8");
else header("Content-Type:text/html; charset=UTF-8");
require_once "inc.php";
$link = connect_db();
list($row, $id, $ps, $fsize1, $fsize2) = check_login($link);
require_once "version.php";
if ($ver == "wml") {
echo "<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.2//EN" "http://www.wapforum.org/DTD/wml12.dtd">
<wml>
<head><meta http-equiv="Cache-Control" content="no-cache" forua="true"/></head>
<card id="chatrules" title="Гостевая чата">
<p>";
} else {
echo "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><link rel="stylesheet" type="text/css" href="css/$css.css"/>
<title>Гостевая Чата</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/></head><body><div class="header">
<div align="left">";
}
$otkl = mysql_fetch_array(mysql_query("SELECT `guest` FROM `setting` WHERE `klu4`='1'"));
if ($otkl['guest'] == 1) {
echo 'Гостевая отключена Администратором!<br/>';
include_once 'foot.php';
break;
}
$times = getmicrotime();
mysql_query("Update users set onl='".$times."', room='guest' where id ='".(int)$id."'");
$mid = intval($mid);
$cm = mysql_query ("select count(id) as num from books WHERE 1;");
$cmc = mysql_fetch_array($cm);
$news = $cmc['num'];
echo $fsize1;
echo '<div class="c4">Гостевая книга</div><br/>';
echo $fsize2;
$num = mysql_num_rows(mysql_query ("select * from books WHERE mid='".(int)$mid."';"));
$mod = isset($_GET['mod']) ? $_GET['mod'] : NULL;
switch($mod) {
default:
if (!isset($s)) $s = 0;
$mx = round(($num/10) + 0.45);
if ($s > $mx) $s = $mx;
if ($s == 0) $s = 1;
$ot = (($s - 1) * 10) + 1;
$do = $s * 10;
if ($do > $num) $do = $num;
$o = $ot - 1;
$n = $ot;
if ($do == 0) $n = $o;
echo $fsize1;
echo 'Всего сообщений: '.$num.'<br/>';
echo $divide;
echo $fsize2;
$o = intval($o);
$do = intval($do);
$r = mysql_query ("select * from `books` WHERE mid='".(int)$mid."' order by id desc limit $o,$do");
for ($i = $ot; $i <= $do; $i++) {
$arr = mysql_fetch_array($r);
echo $fsize1;
$smena = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id`='".$arr['login']."'"));
$usnick = $smena['user'];
if ($row["level"] >= 7) {
echo "<a href="guest.php?$ses&mod=del&fid=".$arr['id']."">[<font color="red">X</font>]</a>";
}
if (empty($arr['login'])) {
echo '<b>Юзер удален</b>';
} else {
echo "<b><a href="search.php?$ses&go=view$takep2&nick=".$arr['login']."">".col_n($usnick)."</a></b>
<a href="guest.php?$ses&mod=add&nick=".$smena['id']."">[<font color="red">отв</font>]</a>(".$arr['date'].") ";
}
echo $arr['content'] . '<br/> ';
echo $divide;
echo $fsize2;
}
$next = $s + 1;
$prev = $s - 1;
if ($num > $do) {
$ot = (($next - 1) * 10) + 1;
$do = $next * 10;
if ($do > $num) $do = $num;
echo $fsize1;
echo "<a href="guest.php?$ses&s=$next">>>$ot-$do>></a><br/>n";
echo $fsize2;
}
if ($s > 1) {
$ot = (($prev - 1) * 10) + 1;
$do = $prev * 10;
echo $fsize1;
echo "<a href="guest.php?$ses&s=$prev"><<$ot-$do<<</a><br/>n";
echo $fsize2;
}
echo $fsize1;
echo $divide;
echo "<div class = 'd1'><a href="guest.php?$ses&mod=add">Сказать</a>|<a href="guest.php?$ses">Обновить</a></div>n";
echo $fsize2;
break;
case 'del':
if (!is_numeric($fid)) { header('Location: index.php?isset=403'); }
if ($row['level'] < 7) {
echo 'Доступ закрыт!<br/>';
break;
}
else
{
$fid = intval($fid);
if (mysql_query("delete from books where id='".$fid."' limit 1")) {
echo $fsize1;
echo 'Запись успешно удалена!<br/>';
echo $fsize2;
}
}
break;
case 'add':
$nick = htmlspecialchars($nick);
$content = mysql_real_escape_string(check($content));
function bb_code($message) {
$message = preg_replace('#[b](.*?)[/b]#si', '<b>1</b>', $message);
$message = preg_replace('#[i](.*?)[/i]#si', '<i>1</i>', $message);
$message = preg_replace('#[u](.*?)[/u]#si', '<u>1</u>', $message);
$message = preg_replace('#[small](.*?)[/small]#si', '<small>1</small>', $message);
$message = preg_replace('#[red](.*?)[/red]#si', '<font color="#FF0000">1</font>', $message);
$message = preg_replace('#[green](.*?)[/green]#si', '<font color="#00FF00">1</font>', $message);
$message = preg_replace('#[blue](.*?)[/blue]#si', '<font color="#0000FF">1</font>', $message);
$message = preg_replace('#[yellow](.*?)[/yellow]#si', '<font color="#FFFF00">1</font>', $message);
$message = preg_replace('#[del](.*?)[/del]#si', '<del>1</del>', $message);
return $message;
}
mysql_query("SELECT `id` FROM `users` WHERE `id`='".mysql_real_escape_string(check($nick))."'");
if (mysql_affected_rows() == 0 && !empty($nick)) {
echo 'Такого юзверя не существует!<br/>';
break;
}
$content = trim($content);
$date = date("d/m,H:i");
if (empty($content)) $error = $error."<u>Пустое содержание!</u><br/>";
if (empty($action)) {
echo $fsize1;
echo 'Сообшение:<br/>';
echo $fsize2;
$code = '';
$code .= mt_rand(0, 9);
$code .= mt_rand(0, 9);
$code .= mt_rand(0, 9);
$code .= mt_rand(0, 9);
$fo = @fopen('guestcode.reg', 'w+');
@fputs($fo, $code);
@fclose($fo);
if ($ver == "wml") {
echo $fsize1;
echo "<input name="content"/><br/>
Код *:<br/>
<img src="gimg.php" alt="code"/><br/>
<input type="text" name="code" size="4" maxlength="4" format="*N" title="code"/><br/>
<anchor>Написать<go href="guest.php?$ses&mod=add" method="post">
<postfield name="action" value="add"/>
<postfield name="content" value="$(content)"/>
<postfield name="date" value="$date"/>
<postfield name="nick" value="$nick"/>
<postfield name="code" value="$(code)"/>
</go></anchor>";
echo $fsize2;
echo '<br/>';
} else {
echo "<form method="POST" action="guest.php?$ses&mod=add" name="auth">n
<textarea name="content" maxlength="500" cols="20" rows="5"></textarea><br/>
<input type="hidden" name="action" value="add"/>
<input type="hidden" name="date" value="$date"/>
<input type="hidden" name="nick" value="$nick"/>
<input type="hidden" name="code" value="$(code)"/>
Код *:<br/>
<img src="gimg.php" alt="code"/><br/>
<input type="text" name="code" size="4" maxlength="4" format="*N" title="code"/><br/>
<input type="hidden" name="kod" value="$rand" />
<br/><input type="submit" class="ibutton" value="Написать" name="enter"><br/>n";
}
} else {
if (empty($error)) {
$last_news = mysql_fetch_assoc(mysql_query("SELECT `content` FROM `books` WHERE `content`='".$content."'"));
if ($content != $last_news['content']) {
function ad_cut($str,$to) {
$domains = array('http://','.ru','.su','4at','.mobi','.ws','.tv','.4ats','.tv','.name','.us','.biz','.info','.org','.net','.com','.wen','.in');
$replacer = array_fill(0,count($domains),$to);
$result = array_combine($domains,$replacer);
return strtr($str,$result);
}
$content = bb_code(ad_cut($content));
require_once "smile.php";
$content = smiles($content);
$minpos = 500;
$nm = 500;
for ($j = 0; $j <= count($smiles)-1; $j++) {
$tmpp = strpos($content,$smiles[$j]);
if (($tmpp < $minpos) and ($tmpp !== false)) {
$minpos = $tmpp; $nm = $j;
}
}
if ($minpos != 500) {
if ($row['translit'] != 1) {
$st1 = substr($content,0,$minpos+strlen($smiles[$nm]));
$st2 = substr($content,$minpos+strlen($smiles[$nm]),strlen($content)-strlen($st1));
$st1_wosm = $st1;
$st1 = str_replace($smiles[$nm],$replaces[$nm],$st1);
if (strpos($replaces[$nm],"smil/") !== false) $st1_woasm = $st1_wosm; else $st1_woasm = $st1;
$content_woasm = $st1.$st2;
$content_wosm = $st1_wosm.$st2;
$content = $st1_woasm.$st2;
}
else
{
$st1 = substr($content,0,$minpos);
$st2 = substr($content,$minpos, strlen($smiles[$nm]));
$st3 = substr($content,$minpos+strlen($smiles[$nm]),strlen($content)-strlen($st1)-strlen($st2));
$st1 = trun_to_rus($st1);
$st2_wosm = $st2;
$st2 = $replaces[$nm];
if (strpos($replaces[$nm],"smil/") !== false) $st2_woasm = $st2_wosm; else $st2_woasm = $st2;
$st3 = trun_to_rus($st3);
$content = $st1.$st2_woasm.$st3;
$content_wosm = $st1.$st2_wosm.$st3;
$content_woasm = $st1.$st2.$st3;
}
}
elseif ($row['translit'] == 1) $content = trun_to_rus($content);
unset($smiles);
unset($replaces);
if ($code == '') {
echo 'Не введен проверочный код!<br/>';
break;
}
if (@file_get_contents('guestcode.reg') != intval($_POST['code'])) {
$code = '';
$code .= mt_rand(0, 9);
$code .= mt_rand(0, 9);
$code .= mt_rand(0, 9);
$code .= mt_rand(0, 9);
$fo = @fopen('guestcode.reg', 'w+');
@fputs($fo, $code);
@fclose($fo);
echo 'Проверочный код введен неверно!<br/>';
break;
}
$komu = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id`='".(int)$nick."'"));
if (!empty($nick)) $content = '<b>'.$komu['user'].'</b>, ' . $content;
if (mysql_query("insert into books values(0,'".(int)$mid."','".$row['id']."','".$content."','".$date."');")) {
echo $fsize1;
echo 'Сообщение добавлено!<br/>';
echo $fsize2;
} else {
echo $fsize1;
echo 'Ошибка записи!<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo 'Такое сообщение уже добавлено!<br/>';
echo $fsize2;
}
} else {
echo $fsize1;
echo $error;
echo $fsize2;
}
}
break;
}
echo $fsize1;
echo "<br/><div class = 'd1'><a href="guest.php?$ses&mod=view">В Гостевую</a><br/>
<a href="enter.php?$ses">Прихожая</a></div>";
include_once 'foot.php';
mysql_close($link);
?>