Файл: core/inc.php
Строк: 89
<?php
if (!defined('CMS')) { die('Access Denied!'); }
require(dirname(__FILE__) . '/init.php');
if (!empty($config['allow_cookies'])) {
if (!isset($_SESSION[SP]['log']) && !isset($_SESSION[SP]['par'])) {
if (!empty($_COOKIE[CP]['cooklog']) && !empty($_COOKIE[CP]['cookpar']) && !empty($_COOKIE[CP]['cookip'])) {
$usip = substr(str_replace('.', '', $_SERVER['REMOTE_ADDR']), 0, 5);
if ($usip == $_COOKIE[CP]['cookip']) {
$_SESSION[SP]['log'] = $_COOKIE[CP]['cooklog'];
$_SESSION[SP]['par'] = $_COOKIE[CP]['cookpar'];
$_SESSION[SP]['uip'] = $usip;
$_SESSION['token'] = random_string(6);
$db->query("UPDATE ?_users SET `users_visits` = (`users_visits` + 1), `users_timelastlogin` = ?
WHERE `users_login` = ? LIMIT 1;", SITE_TIME, $_COOKIE[CP]['cooklog']);
}
}
}
}
# Авторизация
if (!empty($_SESSION[SP]['log']) && !empty($_SESSION[SP]['par']) && !empty($_SESSION[SP]['uip'])) {
$log = check($_SESSION[SP]['log']);
$usip = substr(str_replace('.', '', $_SERVER['REMOTE_ADDR']), 0, 5);
$uset = array();
$uset = $db->selectRow("SELECT `u`.*, `v`.*
FROM ?_users `u` LEFT JOIN ?_users_visit `v`
ON `u`.`users_login` = `v`.`visit_user`
WHERE `u`.`users_login` = ? LIMIT 1;", $log);
if (!empty($uset) && $usip == $_SESSION[SP]['uip']) {
if ($_SESSION[SP]['log'] == $uset['users_login'] && md5($_SESSION[SP]['par']) == $uset['users_pass']) {
$is_logged = 1;
$log = $uset['users_login'];
/* Переопределение глобальных настроек */
$uset['uid'] = num($uset['users_id']);
$set = !empty($uset['users_setting']) ? unserialize($uset['users_setting']) : array();
$config['themes'] = !empty($set['th']) ? check($set['th']) : $config['themes'];
$config['blog_num'] = !empty($set['bn']) ? num($set['bn']) : $config['blog_num'];
$config['chat_num'] = !empty($set['cn']) ? num($set['cn']) : $config['chat_num'];
$config['mail_num'] = !empty($set['mn']) ? num($set['mn']) : $config['mail_num'];
$config['comm_num'] = !empty($set['cm']) ? num($set['cm']) : $config['comm_num'];
$_SESSION[SP]['themes'] = $config['themes'];
unset($set);
/* Дайджест */
$parse = parse_url($_SERVER['REQUEST_URI']);
if (!empty($uset['visit_id'])) {
$lifetime = SITE_TIME - $uset['visit_nowtime'];
if ($lifetime > 5 && $lifetime < 300 && $_SESSION['counton'] < 300) {
$db->query("UPDATE ?_users_visit SET `visit_path` = ?, `visit_ip` = ?, `visit_count` = ?, `visit_allcount` = (`visit_allcount` + 1), `visit_nowtime` = ?, `visit_alltime` = (`visit_alltime` + ?) WHERE `visit_user` = ? LIMIT 1;", $parse['path'], $ip, $_SESSION['counton'], SITE_TIME, $lifetime, $log);
}
else {
$db->query("UPDATE ?_users_visit SET `visit_path` = ?, `visit_nowtime` = ? WHERE `visit_user` = ? LIMIT 1;", $parse['path'], SITE_TIME, $log);
}
}
else {
$db->query("INSERT INTO ?_users_visit SET `visit_user` = ?, `visit_path` = ?, `visit_ip` = ?, `visit_nowtime` = ?", $log, $parse['path'], $ip, SITE_TIME);
}
}
}
}
# Диз сайта
if (!empty($_REQUEST['action_skin_change'])) {
$skins = check($_REQUEST['action_skin_change']);
if (preg_match('|^[a-z0-9_-]+$|i', $skins)) {
if (file_exists(THEMES_PATH . $skins . '/index.php')) {
unset($_SESSION[SP]['themes']);
$config['themes'] = $skins;
$_SESSION[SP]['themes'] = $config['themes'];
}
}
$inSes->addMessage('Тема успешно изменена!', 'ok');
}
else if (!empty($_SESSION[SP]['themes'])) {
$config['themes'] = $_SESSION[SP]['themes'];
}
else if (!empty($uset['users_themes'])) {
if (file_exists(THEMES_PATH . $uset['users_themes'] . '/index.php')) {
$config['themes'] = $uset['users_themes'];
}
}
$_SESSION[SP]['themes'] = $config['themes'];
define('THEMES_DIR', $config['site_url'] . '/themes/' . $config['themes']);
if (!is_file(THEMES_PATH . $config['themes'] . '/form.php')) {
require( THEMES_PATH . 'default/form.php' );
}
else {
require( THEMES_PATH . $config['themes'] . '/form.php' );
}
/* Подключаем шапку и ноги */
if (!is_file(THEMES_PATH . $config['themes'] . '/index.php')) {
require( THEMES_PATH . 'default/index.php' );
$_SESSION[SP]['themes'] = 'default';
}
else {
require( THEMES_PATH . $config['themes'] . '/index.php' );
}
?>