Файл: inc/fun.php
Строк: 171
<?php
session_start();
error_reporting(0);
//$Plus1=$_SERVER['DOCUMENT_ROOT'].'/'.'Plus1BannerAsker.class.php';
//require_once($Plus1);
####Проверка чисел####
function num($str)
{
return abs(intval($str));
}
####Фильтр XSS####
function html($str)
{
return strtr(htmlspecialchars(stripcslashes($str),ENT_QUOTES,'UTF-8'), array('$'=>'$','%'=>'%','_'=>'_'));
}
####Фильтр SQLinj####
function ms($str)
{
return mysql_escape_string(trim(addslashes($str)));
}
####Переменные####
$npage = num($setup['kol']);
$home = html($setup['home']);
//$home = 'http://blog.click.ru';
$title = html($setup['title']);
$adminlogin = html($setup['login']);
$anonc_web = num($setup['anonc_web']);
$anonc = num($setup['anonc']);
$description = html($setup['description']);
$keywords = html($setup['keywords']);
$slog = html($setup['slog']);
####Переход####
function go($path)
{
header('Location: '.$path);
}
####Функция online присутствия#####
function online ()
{
$ip = ms(getenv("HTTP_X_FORWARDED_FOR"));
$ua = ms($_SERVER['HTTP_USER_AGENT']);
if (empty($ip) || $ip=='unknown') {$ip=ms(getenv("REMOTE_ADDR"));}
mysql_query ("DELETE FROM `online` WHERE UNIX_TIMESTAMP() - UNIX_TIMESTAMP(time) > 300") or die ("Can't delete old sess");
$select = mysql_query ("SELECT `ip` FROM online WHERE `ip`='$ip'") or die ("Can't select duble");
$tmp = mysql_fetch_row($select);
if ($ip == $tmp[0]){mysql_query ("UPDATE `online` SET `brauz`='$ua',`time`=NOW() WHERE `ip`='$ip'") or die ("Can't update");}
else{mysql_query ("INSERT INTO `online` (`ip`,`brauz`,`time`) VALUES ('$ip','$ua',NOW())") or die ("Can't insert");}
$select = mysql_query ("SELECT COUNT(*) FROM `online`") or die ("Can't select result");
$tmp = mysql_fetch_row($select);
$result = $tmp[0];
return $result;
}
function replace($str) {
$sql = mysql_query("select * from `replace`;");
while($row = mysql_fetch_assoc($sql)) {
$str = str_replace($row['value'], $row['value2'], $str);
}
return $str;
}
$profile = isset($_SESSION['user']) ? mysql_fetch_assoc(mysql_query("select * from `users` where `login`='".mysql_real_escape_string($_SESSION['user']['login'])."' and `pass`='".mysql_real_escape_string($_SESSION['user']['pass'])."' limit 1")) : array();
if($profile && $profile['ban']) unset($_SESSION['user']);
####WAP/WEB####
if (isset($_COOKIE['the']))
{
$the = $_COOKIE['the'];
}
if ($the=="web")
{
$version = "web";
$vers = "v_web.php";
$end_vers = "n_web.php";
$main_menu = "web_index.php";
}
else
{
$version = "wap";
$vers = "v_wap.php";
$end_vers = "n_wap.php";
$main_menu = "wap_index.php";
}
####СМАЙЛЫ####
function smiles($text)
{
$text = str_replace(':)','<img src="'.$home.'/img/smiles/1.gif" alt=""/>',$text);
$text = str_replace(':D','<img src="'.$home.'/img/smiles/2.gif" alt=""/>',$text);
$text = str_replace(':(','<img src="'.$home.'/img/smiles/3.gif" alt=""/>',$text);
$text = str_replace(':O','<img src="'.$home.'/img/smiles/23.gif" alt=""/>',$text);
$text = str_replace('<41>','<img src="'.$home.'/img/smiles/23.gif" alt=""/>',$text);
$text = str_replace(':W','[url=http://forum.wen.ru]веник[/url]',$text);
return ($text);
}
####Функция антирекламы####
function antirek($var)
{
$var = strtr($var, array(".ru" => "***", ".in" => "***", "suvus.us" => "ukdpe.ru", "ueb.su" => "говносайт", ".by" => "***", ".biz" => "***", ".com" => "***", ".net" => "***", ".org" => "***", ".info" => "***", ".mobi" => "***", ".wen" => "***", ".kmx" => "***", ".h2m" => "***"));
return $var;
}
####Функция анонса####
function anonc($string, $count)
{
$cutter = '#';
$string_cut = wordwrap($string,$count,$cutter);
$end_cut = explode($cutter,$string_cut,2);
return $end_cut[0];
}
####Удаление старых файлов####
function old($papka){
$old_time = time()-60*5;
$dir = opendir($papka);
while ($file = readdir ($dir))
{
if (( $file != ".") && ($file != "..") && ( $file != ".htaccess") && ( $file != "index.php"))
$files[]= "$papka/$file";
$time[]=filemtime("$papka/$file");
}
closedir ($dir);
$count_files = count($files);
for($i = 1; $i< $count_files; $i++){
if($time[$i] <= $old_time){
unlink($files[$i]);
}
}
}
###Подсветка синтаксиса####
function highlight($php) {
$php = strtr($php, array ('<br />' => '','\' => 'slash'));
$php = html_entity_decode(trim($php), ENT_QUOTES, 'UTF-8');
$php = substr($php, 0, 2) != "" ? $php = "<?phpn" . $php . "n?>": $php;
$php = highlight_string(stripslashes($php), true);
$php = strtr($php, array ('slash' => '\',':' => ':','[' => '['));
return '<div class="phpcode">' . $php . '</div>';
}
####BB КОДЫ####
function parsebb ($bb) {
$bb = preg_replace( "#[b](.+?)[/b]#is", "<strong>\1</strong>", $bb );
$bb = preg_replace( "#[sub](.+?)[/sub]#is", "<sub>\1</sub>", $bb );
$bb = preg_replace( "#[sup](.+?)[/sup]#is", "<sup>\1</sup>", $bb );
$bb = preg_replace( "#[small](.+?)[/small]#is", "<span class="small">\1</span>", $bb );
$bb = preg_replace( "#[cit](.+?)[/cit]#is", "<div class="cit">\1</div>", $bb );
$bb = preg_replace( "#[i](.+?)[/i]#is", "<em>\1</em>", $bb );
$bb = preg_replace( "#[u](.+?)[/u]#is", "<span style="text-decoration:underline;">\1</span>", $bb );
$bb = preg_replace( "#[color=(#[0-9A-F]{3,6}|[a-z-]+)](.*)[/color]#is", "<span style="color: \1">\2</span>", $bb );
$bb = preg_replace( "#[s](.+?)[/s]#is", "<del>\1</del>", $bb );
$bb = preg_replace( "#(^|[n ])([w]+?://[w#$%&~/.-;:=,?@[]+]*)#is", "\1<a href="\2" target="_blank">\2</a>", $bb);
$bb = preg_replace( "#(^|[n ])((www|ftp).[w#$%&~/.-;:=,?@[]+]*)#is", "\1<a href="http://\2" target="_blank">\2</a>", $bb);
return $bb;
}
####BB коды админу####
function adminbb ($bb) {
$bb = preg_replace( "#\[url=(.*?)\](.*?)\[/url\]#is", "<a href="\1" target="_blank">\2</a>", $bb );
$bb = preg_replace( "#[hr]#is", "<hr/>", $bb );
$bb = preg_replace( array ('#[code](.*?)[/code]#se'), array ("''.highlight('$1').''"), str_replace("]n", "]", $bb));
$bb = preg_replace( "#[form](.+?)[/form]#is", "<input value="\1">", $bb );
$bb = preg_replace( "~\[img](.+?)[/img]~", "<a href="\1"><img src="".$home."/inc/resize.php?image=\1" alt="Картинка" /></a>", $bb );
$bb = preg_replace( "~\[p](.+?)[/p]~", "<img src="\1" alt="Картинка" />", $bb );
$bb = preg_replace( "#[c](.+?)[/c]#is", "<center>\1</center>", $bb );
$bb = preg_replace( "#[left](.+?)[/left]#is", "<div align="left">\1</div>", $bb );
$bb = preg_replace( "#[right](.+?)[/right]#is", "<div align="right">\1</div>", $bb );
return $bb;
}
#############BAN!#############
if(isset($_POST) ) {
foreach($_POST as $key => $value) {
if(!is_array($_POST[$key])) $_POST[$key] = trim($value);
}
}
$ip2 = html(ms(getenv("HTTP_X_FORWARDED_FOR")));
$ua2 = html(ms($_SERVER['HTTP_USER_AGENT']));
if (empty($ip2) || $ip2=='unknown') { $ip2=html(ms(getenv("REMOTE_ADDR")));}
####
$row = mysql_fetch_assoc(mysql_query("SELECT * FROM `ban` WHERE `on`='2' AND `ip` LIKE '%".$ip2."%' AND `browser` LIKE '%".$ua2."%';"));
$ipban = html($row['ip']);
$browserban = html($row['browser']);
if ($ipban == $ip2 || $browserban == $ua2) {echo 'Вы забанены на этом сайте!!!'; exit;}