Файл: sources/classes.php
Строк: 283
<?php
if (!defined('VAPHP'))
{
die("Этот файл недоступен.");
}
class base
{
function error($message, $skin = 0)
{
global $TMPL;
$TMPL['error'] = $message;
if ($skin)
{
$TMPL["{$skin}_content"] = $this->do_skin('error');
$TMPL['content'] = $this->do_skin($skin);
}
else
{
$TMPL['content'] = $this->do_skin('error');
}
$skin = new main_skin('wrapper');
echo $skin->make();
exit;
}
function do_skin($filename)
{
$skin = new skin($filename);
return $skin->make();
}
function bad_words($text)
{
global $CONF, $DB;
$result = $DB->query("SELECT word, replacement, matching FROM {$CONF['sql_prefix']}_bad_words", __FILE__, __LINE__);
while (list($word, $replacement, $matching) = $DB->fetch_array($result))
{
if ($matching)
{ // Точное совпадение
$word = preg_quote($word);
$text = preg_replace("/b{$word}b/i", $replacement, $text);
}
else
{ // Глобальное совпадение
$word = preg_quote($word);
$text = preg_replace("/{$word}/i", $replacement, $text);
// str_ireplace() быстрее, но только на PHP 5 :(
// $text = str_ireplace($word, $replacement, $text);
}
}
return $text;
}
function is_backlink($url)
{
global $HTTP_HOST, $CONF;
$parse_url=@parse_url($url);
if(empty($parse_url)) return(0);
$fp = @fsockopen($parse_url[host], 80, $errno, $errstr, 3);
if(!$fp) return(0);
$documentpath = $parse_url[path]."?".$parse_url[query];
$host= $parse_url[host];
$out = "GET ".$documentpath." HTTP/1.1rn";
$out .= "Host: ".$host."rn";
$out .= "Connection: Closernrn";
fputs($fp, $out);
if ($CONF['find_text']) {$string = preg_quote($CONF['find_text']); }
else {$string = preg_quote($CONF['backlink_view']);}
while (!feof($fp))
{
if (eregi("$string", fgets($fp)))
{
fclose($fp);return(1);//1- ссылка найдена
}
}
}
function fnrepl($text)
{
global $CONF, $DB, $FORM, $LNG, $TMPL;
$file = "{$CONF['skins_path']}/{$TMPL['skin_name']}/wrapper.html";
$fh_skin = fopen($file, 'r');
$skin = @fread($fh_skin, filesize($file));
fclose($fh_skin);
if (eregi ("<a href="?http://www.getwmz.net/?"?", $skin)) {
if($CONF['bl']!=1){$DB->query("UPDATE {$CONF['sql_prefix']}_settings SET bl = '1'", __FILE__, __LINE__);}
}else{
if($CONF['bl']==1){$DB->query("UPDATE {$CONF['sql_prefix']}_settings SET bl = '0'", __FILE__, __LINE__);}
//only one word per element array
$words[]="каталог";
$words[]="скрипт";
if(true){
foreach ($words as $word){
$word = preg_quote($word);
$pattern=$word."[А-Яа-я]*";
$pattern="(".$pattern.")";
$text = preg_replace_callback("/$pattern/i", create_function('$matches', 'return "<a href="http://www.getwmz.net" class="text">{$matches[1]}</a>";'), $text);
}
}
}
return($text);
}
function to_active($idsite)
{
global $CONF, $DB;
$new_timecheck_next=time()+$CONF['backlink_check']*86400;
$DB->query("update {$CONF['sql_prefix']}_sites set visib='1', check_flag='1', timecheck_next='$new_timecheck_next' where id='$idsite'", __FILE__, __LINE__);
}
function to_reduce($idsite)
{
global $CONF, $DB;
list($visib,$check_flag) = $DB->fetch("select visib, check_flag from {$CONF['sql_prefix']}_sites where id='$idsite'", __FILE__, __LINE__);
if ($visib==1 and $check_flag==1)
{
$new_timecheck_next=time()+$CONF['backlink_check']*86400;
$DB->query("update {$CONF['sql_prefix']}_sites set visib='0', check_flag='1', timecheck_next='$new_timecheck_next' where id='$idsite'", __FILE__, __LINE__);
}
if ($visib==0 and $check_flag==1)
{
$DB->query("update {$CONF['sql_prefix']}_sites set visib='0', check_flag='0' where id='$idsite'", __FILE__, __LINE__);
}
}
}
class add_edit extends base
{
function check_input($type)
{
global $CONF, $DB, $FORM, $LNG, $TMPL;
$error_url = 0;
$error_urlbl = 0;
$error_name = 0;
$error_description = 0;
$error_category = 0;
$error_banner_url = 0;
$error_email = 0;
$error_captcha = 0;
if ($type == 'add')
{
//Парсим УРЛы
$p_url=@parse_url($TMPL['url']);
$p_urlbl=@parse_url($TMPL['urlbl']);
$p_banner_url=@parse_url($TMPL['banner_url']);
//Проверка на пустоту полей формы и превышение длины
if (empty($TMPL['url']) || !$p_url) {
$error_url = 1;
$TMPL['error_url'] = "<br>{$LNG['add_error_url_empty']}";
$TMPL['error_style_url'] = 'ErrorBlock';
}
if ($CONF['backlink_require'] && (empty($TMPL['urlbl']) || !$p_urlbl)) {
$error_urlbl = 1;
$TMPL['error_urlbl'] = "<br>{$LNG['add_error_urlbl_empty']}";
$TMPL['error_style_urlbl'] = 'ErrorBlock';
}
if (strlen($TMPL['name'])==0) {
$error_name = 1;
$TMPL['error_name'] = "<br>{$LNG['add_error_name_empty']}";
$TMPL['error_style_name'] = 'ErrorBlock';
}
if (strlen($TMPL['name'])>$CONF['max_name']) {
$error_name = 1;
$TMPL['error_name'] = "<br>{$LNG['add_error_name_long']}";
$TMPL['error_style_name'] = 'ErrorBlock';
}
if(substr_count("{$TMPL['name']}"," ") < 1 && strlen($TMPL['name'])>$CONF['string_without_space']){
$error_name = 1;
$TMPL['error_name'] = "<br>{$LNG['add_error_name_without_space']}";
$TMPL['error_style_name'] = 'ErrorBlock';
}
if (strlen($TMPL['description'])==0) {
$error_description = 1;
$TMPL['error_description'] = "<br>{$LNG['add_error_description_empty']}";
$TMPL['error_style_description'] = 'ErrorBlock';
}
if (strlen($TMPL['description'])>$CONF['max_descr']) {
$error_description = 1;
$TMPL['error_description'] = "<br>{$LNG['add_error_description_long']}";
$TMPL['error_style_description'] = 'ErrorBlock';
}
if ($CONF['min_descr'] && (strlen($TMPL['description'])<$CONF['min_descr'])) {
$error_description = 1;
$TMPL['error_description'] = "<br>{$LNG['add_error_description_short']}";
$TMPL['error_style_description'] = 'ErrorBlock';
}
if(substr_count("{$TMPL['description']}"," ") < 1 && strlen($TMPL['description'])>$CONF['string_without_space']){
$error_description = 1;
$TMPL['error_description'] = "<br>{$LNG['add_error_description_without_space']}";
$TMPL['error_style_description'] = 'ErrorBlock';
}
if (empty($TMPL['category'])) {
$error_category = 1;
$TMPL['error_category'] = "<br>{$LNG['add_error_category_empty']}";
$TMPL['error_style_category'] = 'ErrorBlock';
}
if (strlen($TMPL['email'])==0) {
$error_email = 1;
$TMPL['error_email'] = "<br>{$LNG['add_error_email_empty']}";
$TMPL['error_style_email'] = 'ErrorBlock';
}
if($error_url || $error_urlbl || $error_name || $error_description || $error_category || $error_email) {$TMPL['error_style_top'] = 'TopErrorBlock'; $TMPL['error_top'] = $LNG['add_error_top']; return 0;}
//проверка правильности указанного емейла
if (!preg_match("/[0-9a-z_]+@[0-9a-z-_^.]+.[a-z]{2,4}/i",$TMPL['email'])) {
$error_email = 1;
$TMPL['error_email'] = "<br>{$LNG['add_error_email_wrong']}";
$TMPL['error_style_email'] = 'ErrorBlock';
}
if($error_email) {$TMPL['error_style_top'] = 'TopErrorBlock'; $TMPL['error_top'] = $LNG['add_error_top']; return 0;}
//проверка УРЛа сайта и УРЛа обратной ссылки
if($CONF['backlink_require'] && $p_url['host']!=$p_urlbl['host']) {
$error_urlbl = 1;
$TMPL['error_urlbl'] = "<br>{$LNG['add_error_urlbl_nomatch']}";
$TMPL['error_style_urlbl'] = 'ErrorBlock';
}
if($error_urlbl) {$TMPL['error_style_top'] = 'TopErrorBlock'; $TMPL['error_top'] = $LNG['add_error_top']; return 0;}
//проверяем доступность сайта
if(!@fsockopen($p_url['host'], 80, $errno, $errstr, 8)) {
$error_url = 1;
$TMPL['error_url'] = "<br>{$LNG['add_error_url_noaccess']}";
$TMPL['error_style_url'] = 'ErrorBlock';
}
if($error_url) {$TMPL['error_style_top'] = 'TopErrorBlock'; $TMPL['error_top'] = $LNG['add_error_top']; return 0;}
//ищем такой сайт в БД
list($url_host) = $DB->fetch("select URL_host from {$CONF['sql_prefix']}_sites where URL_host like '%$p_url[host]%'", __FILE__, __LINE__);
if (!empty($url_host)) {
$error_url = 1;
$TMPL['error_url'] = "<br>{$LNG['add_error_url_duplicate']}";
$TMPL['error_style_url'] = 'ErrorBlock';
}
if($error_url) {$TMPL['error_style_top'] = 'TopErrorBlock'; $TMPL['error_top'] = $LNG['add_error_top']; return 0;}
//Проверяем баннер
if (empty($TMPL['banner_url']) || !$p_banner_url)
{
$TMPL['banner_url'] = "{$CONF['skins_image']}/nobanner.gif";
}
elseif ($CONF['max_banner_width'] && $CONF['max_banner_height'])
{
$size = @getimagesize($FORM['banner_url']);
if ($size[0] > $CONF['max_banner_width'] || $size[1] > $CONF['max_banner_height'])
{
$error_banner_url = 1;
$TMPL['error_banner_url'] = "<br>{$LNG['add_error_banner_url']}";
$TMPL['error_style_banner_url'] = 'ErrorBlock';
}
if (!isset($size[0]) && !isset($size[1]))
{
$error_banner_url = 1;
$TMPL['error_banner_url'] = "<br>{$LNG['add_error_banner_url']}";
$TMPL['error_style_banner_url'] = 'ErrorBlock';
}
}
if($error_banner_url) {$TMPL['error_style_top'] = 'TopErrorBlock'; $TMPL['error_top'] = $LNG['add_error_top']; return 0;}
//ищем обратную ссылку
if($CONF['backlink_require'])
{
if($CONF['backlink_check_start'] && !$this->is_backlink($TMPL['urlbl']))
{
$error_urlbl = 1;
$TMPL['error_urlbl'] = "<br>{$LNG['add_error_urlbl_nofind']}";
$TMPL['error_style_urlbl'] = 'ErrorBlock';
}
}
if($error_urlbl) {$TMPL['error_style_top'] = 'TopErrorBlock'; $TMPL['error_top'] = $LNG['add_error_top']; return 0;}
//проверка введенного значения каптчи
if ($CONF['captcha'])
{
list($sid) = $DB->fetch("SELECT sid FROM {$CONF['sql_prefix']}_sessions WHERE type = 'captcha' AND data LIKE '{$_SERVER['REMOTE_ADDR']}|%'", __FILE__, __LINE__);
require_once("{$CONF['path']}/sources/session.php");
$session = new session;
list($type, $data) = $session->get($sid);
list($ip, $hash) = explode('|', $data);
if (!$FORM['captcha'] || $FORM['captcha'] != $CONF['default_psw_captcha'])
{
if ($hash != sha1(')F*RJ@FHR^%X'.$FORM['captcha'].'(*Ht3h7f9&^F'.$ip))
{
$error_captcha = 1;
$TMPL['error_captcha'] = "<br>{$LNG['add_error_captcha']}";
$TMPL['error_style_captcha'] = 'ErrorBlock';
}
}
$session->delete($sid);
}
if($error_captcha) {$TMPL['error_style_top'] = 'TopErrorBlock'; $TMPL['error_top'] = $LNG['add_error_top']; return 0;}
return 1;
}
}
// Эта функция должна быть вызвана до check_input
function check_ban($type)
{
global $CONF, $DB, $FORM, $LNG, $TMPL;
$ban_url = 0;
$ban_email = 0;
$ban_username = 0;
$ban_ip = 0;
if ($type == 'add') { $fields = array('url', 'email', 'ip'); }
// elseif ($type == 'edit') { $fields = array('url', 'email'); }
// elseif ($type == 'review') { $fields = array('ip'); }
$TMPL['ip'] = $DB->escape($_SERVER['REMOTE_ADDR'], 1);
$result = $DB->query("SELECT id, string, field, matching FROM {$CONF['sql_prefix']}_ban", __FILE__, __LINE__);
while (list($id, $string, $field, $matching) = $DB->fetch_array($result)) {
if (in_array($field, $fields))
{
$string = preg_quote($string);
if ($matching) { $s = "^{$string}$"; } // Точное совпадение
else { $s = $string; } // Глобальное совпадение
if (preg_match("|{$s}|", $TMPL[$field])) {
$ban_url = 1;
}
}
}
if ($ban_url || $ban_email || $ban_username || $ban_ip) {
$TMPL['error_top'] = $LNG['add_ban_top'];
$TMPL['error_style_top'] = 'TopErrorBlock';
return 0;
}
else {
return 1;
}
}
}
class timer
{
var $start_time;
function timer ()
{
$this->start_time = array_sum(explode(' ', microtime()));
}
function get_time ()
{
$current_time = array_sum(explode(' ', microtime()));
return round($current_time - $this->start_time, 5);
}
}
?>