Файл: system/power.php
Строк: 152
<?php
if(is_dir('install') and !file_exists('system/config.php'))header('location: /install/');
defined('GCMS') or die('ОШИБКА!');
//Устанавливаем внутреннюю кодировку
mb_internal_encoding("UTF-8");
// Стартуем сессию
session_name("sid");
session_start();
define('SID',session_id());
//Путь
defined('ROOT') or define('ROOT','./');
$root = $_SERVER['DOCUMENT_ROOT'].'/';
//Подключение к базе
include_once ROOT.'system/config.php';
include_once ROOT.'system/class/mysql.php';
$db = new mysql(DB_HOST, DB_USER, DB_PASS,DB_NAME);
if (mysqli_connect_errno()) {
die('MySQL Base no have connecting!');
}
///кодировка
$db -> set_charset('utf8');
include_once ROOT.'system/class/func.php';
$func = new func;
//Устанавливаем пёрфикс для файлов
$perf=$func->perf($_SERVER['HTTP_HOST']);
//Переменные
$do = isset($_GET['do']) ? shit($_GET['do']) : NULL;
$act = isset($_GET['act']) ? shit($_GET['act']) : NULL;
$mode = isset($_GET['mode']) ? shit($_GET['mode']) : NULL;
$start = abs(intval(htmlentities($db -> real_escape_string($_GET['start']))));
$cit = abs(intval(htmlentities($db -> real_escape_string($_GET['cit']))));
$otv = abs(intval(htmlentities($db -> real_escape_string($_GET['otv']))));
$page = abs(intval(htmlentities($db -> real_escape_string($_GET['page']))));
$id = abs(intval(htmlentities($db -> real_escape_string($_GET['id']))));
$sid = abs(intval(htmlentities($db -> real_escape_string($_GET['sid']))));
$_SERVER['SERVER_NAME'] = isset($_SERVER['SERVER_NAME']) ? shit($_SERVER['SERVER_NAME']) : NULL;
$_SERVER['DOCUMENT_ROOT'] = isset($_SERVER['DOCUMENT_ROOT']) ? shit($_SERVER['DOCUMENT_ROOT']) : NULL;
$msg .= null;
///Узнаём месторасположение пользователя
$where_update=$func->where($_SERVER['REQUEST_URI']);
$db -> query("UPDATE `online` SET `where` = '".$where_update."' WHERE `session` = '".SID."'");
//IP + Browser
//получаем реальный IP
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {$ip = $db -> real_escape_string(htmlspecialchars($_SERVER['HTTP_CLIENT_IP']));}
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){$ip = $db -> real_escape_string(htmlspecialchars($_SERVER['HTTP_X_FORWARDED_FOR']));
}else{$ip = $_SERVER['REMOTE_ADDR'];}
//получаем браузер
if (isset($_SERVER['HTTP_X_OPERAMINI_PHONE_UA'])) {
$browser = $db -> real_escape_string(htmlentities($_SERVER['HTTP_X_OPERAMINI_PHONE_UA']));}
else{$browser = $db -> real_escape_string(htmlentities($_SERVER['HTTP_USER_AGENT'],ENT_QUOTES));}
///Вытаскиваем настройки из базы
$nas = $db -> query("SELECT * FROM `nastroiki` LIMIT 1");
$nastr = $nas -> fetch_assoc();
$nas -> free();
//Проверка авторизации
$aut = false;
if (isset($_COOKIE['uid']) && isset($_COOKIE['pass']) && !isset($_SESSION['uid'])) {
$_SESSION['uid'] = $_COOKIE['uid'];
$_SESSION['pass'] = base64_decode($_COOKIE['pass']);
}
if (isset($_SESSION['uid']) && isset($_SESSION['pass'])) {
$uid = abs(intval(htmlentities($db -> real_escape_string($_SESSION['uid']))));
$pass = shit($_SESSION['pass']);
$sql = $db -> query("SELECT * FROM `users` WHERE `id` = '".$uid."' AND `pass` = '".$pass."' LIMIT 1");
if ($sql -> num_rows > 0) {
$aut = true;
$ya = $sql -> fetch_assoc();
/////Фильтруем выходящие параметры на всякий
$ya['id']=abs(intval(htmlentities($ya['id'])));
$ya['lvl']=abs(intval(htmlentities($ya['lvl'])));
$ya['login']=shit($ya['login']);
$ya['pass']=shit($ya['pass']);
//Сохраняем данные авторизации
$db -> query("UPDATE `users` SET `ip` = '".$ip."', `browser` = '".$browser."', `lasttime` = '".time()."' WHERE `id` = '".$uid."' LIMIT 1");
} else {
unset($_SESSION['uid']);
unset($_SESSION['pass']);
setcookie('uid','');
setcookie('pass','');
}
unset($sql);
}
////Технический перерыв
if($nastr['siteopen']=='on'){
if($ya['level']<'7'){
header('location: '.ROOT.'error.php?mode=error');
}
}
///Версия сайта
if(!isset($_COOKIE['version'])){
$ua = str_replace('windows ce', '', strtolower($_SERVER['HTTP_USER_AGENT']));
if($nastr['web']==1 and stripos($ua, 'windows') !== false || stripos($ua, 'linux') !== false || stripos($ua, 'bsd') !== false || stripos($ua, 'x11') !== false || stripos($ua, 'unix')
!== false || stripos($ua, 'macos') !== false || stripos($ua, 'macintosh') !== false){
setcookie('version','web', time() + 86400*30);
}else{
setcookie('version','wap', time() + 86400*30);
}
header('location: /');
}
///Проверяем активность аккаунта
if($ya['act']=='no'){
if($_SERVER['REQUEST_URI']!='/aut.php')header('location: '.ROOT.'aut.php');
}
///Запрет просмотр гостям
if($aut==false and $nastr['guestonli']=='no'){
if($_SERVER['REQUEST_URI']!='/aut.php?do=on' and $_SERVER['REQUEST_URI']!='/reg.php' and $_SERVER['REQUEST_URI']!='/reg.php?do=true' and $_SERVER['REQUEST_URI']!='/lost.php' and $_SERVER['REQUEST_URI']!='/lost.php?do=load' and $_SERVER['REQUEST_URI']!='/lost.php?do=relost')
{header('location: '.ROOT.'aut.php?do=on');}
}
//Дизайн-оболочка
include_once ROOT.'system/class/diz.php';
$diz = new diz;
if($aut){
//Статусы-присвоение
$st = $db -> query("SELECT `name`,`ball` FROM `status` where `ball`<='".$ya['balls']."' and `dball`>='".$ya['balls']."' and `name`<>'".$ya['status']."' order by `ball` DESC");
while ($s = $st -> fetch_assoc())
{
$db -> query("UPDATE `users` SET `status` = '".$s['name']."' WHERE `id` = '".$ya['id']."'");
}
}
//опции онлайна
require_once (ROOT.'system/online.php');
//опции бана
require_once (ROOT.'system/ban.php');
///Оптимизация дизайна
$d = $db -> query("SELECT `style`,`id` FROM `users`");
while ($dir = $d -> fetch_assoc())
{
$styles = $db -> query("SELECT * FROM `styles` where `url`='$dir[style]'");
if($styles -> num_rows == 0){
$db -> query("UPDATE `users` SET `style`='$nastr[ststyle]' WHERE `id` = '".$dir['id']."'");
}
}
///Запись время сессии
$lastonline=time() - $ya['lasttime'];
if($lastonline < 120)
{
$online=$ya['online']+$lastonline;
$db->query("UPDATE `users` SET `online`=".$online." where `id`=" . $ya['id'] . " LIMIT 1");
}
///////////////////Чистка мусора.....................
/////////Удаление старых писем
$db -> query("DELETE FROM `mail` WHERE `read`<>'save' and `time` < '".(time()-604800)."'");
/////////Удаление старых событий
$db -> query("DELETE FROM `lenta` WHERE `time` < '".(time()-604800)."'");
/////////Удаление старых запросов на восстановление пароля
$db -> query("DELETE FROM `report` WHERE `type`='lost' and `time` < '".(time()-259200)."'");
//Удаление рекламы
$db -> query("DELETE FROM `reklama` WHERE `time` < '".time()."'");
///Разбан пользователей
$db -> query("DELETE FROM `ban` WHERE `bantime` < '".time()."' and `serius`<>'blok'");
//Очистка чата от постов,которым уже больше 24 часа
$db -> query("DELETE FROM `chat_post` WHERE `time` < '".(time()-86400)."'");
///////////////////..................................
// Буфферизация вывода
if ($set['gzip'] && extension_loaded('zlib')) {
ob_start('ob_gzhandler');
}
else {
ob_start();
}
?>