File size: 12Kb
<?php
/////////////////////////////////Функция антимата/////////////////////////////
function antimat($msg){
$mat = file_get_contents('mat.dat');
$arr_mat= explode("|",$mat);
foreach($arr_mat as $value){
if($value!=""){
$msg=preg_replace("|$value|iu","***",$msg);};};
return $msg;
}
///////////////////////////////Функция антиссылки/////////////////////////////
function antilink($msg){
$msg=preg_replace('/http:\/\/(.*)\.ru|http:\/\/(.*)\.com|http:\/\/(.*)\.net|http:\/\/(.*)\.wen|http:\/\/(.*)\.kmx|http:\/\/(.*)\.su|http:\/\/(.*)\.in|http:\/\/(.*)\.ua|http:\/\/(.*)\.h2m\.ru/isU','http://chatmir.ru',$msg);
return $msg;
};
$us=$_GET['id'];
$ps=$_GET['ps'];
$msg=$_POST['msg'];
$room=mysql_escape_string(htmlspecialchars(trim($_GET['room'])));
$but=mysql_escape_string(htmlspecialchars(trim($_GET['but'])));
$wkl=mysql_escape_string(htmlspecialchars(trim($_GET['wkl'])));
$wikl=mysql_escape_string(htmlspecialchars(trim($_GET['wikl'])));
$msg=mysql_escape_string(htmlspecialchars(trim($msg)));
$us=mysql_escape_string(htmlspecialchars(trim($us)));
$ps=mysql_escape_string(htmlspecialchars(trim($ps)));
include("ini.php");
$login = autorize();
if($login) {
if($room){
$id_mgs=intval($_GET['id_mgs']);
if($id_mgs){
$post_dell = @mysql_query("SELECT * FROM `c_msgmess` WHERE `id`='".$id_mgs."';");
$viwod_pos = @mysql_fetch_array($post_dell);
if(($liven_us>5)&&($liven_us>=$viwod_pos['liven']))
{
@mysql_query("delete from `c_msgmess` WHERE `id`='".$id_mgs."';");
}
}
$query_msg = @mysql_query("select * from `c_msgmess` where kto='".$id."' order by id desc;");
$prevmsg = @mysql_fetch_array($query_msg);
if(!empty($msg) && $msg!=$prevmsg['msg']) {
$komy=(empty($_GET['komy'])) ? bug($_POST['komy']) : bug($_GET['komy']);
$privat=(empty($_GET['privat'])) ? bug($_POST['privat']) : bug($_GET['privat']);
if(empty($komy))$komy="";
if(empty($privat))$privat="0";
$mgs = substr($msg, 0, 250);
include("temp/convert_to_smiles.php");
$ing=(empty($_GET['ing'])) ? bug($_POST['ing']) : bug($_GET['ing']);
$red=(empty($_GET['red'])) ? bug($_POST['red']) : bug($_GET['red']);
$ung=(empty($_GET['ung'])) ? bug($_POST['ung']) : bug($_GET['ung']);
$bnd=(empty($_GET['bnd'])) ? bug($_POST['bnd']) : bug($_GET['bnd']);
$shr=bug($_POST['shrift']);
if($shr==8){$mgs='<font color="green">'.$mgs.'</font>';};
if($shr==9){$mgs='<font color="red">'.$mgs.'</font>';};
if($shr==10){$mgs='<font color="brown">'.$mgs.'</font>';};
if($shr==11){$mgs='<font color="orange">'.$mgs.'</font>';};
if($shr==12){$mgs='<font color="blue">'.$mgs.'</font>';};
if($shr==13){$mgs='<font color="grey">'.$mgs.'</font>';};
if($shr==14){$mgs='<font color="gold">'.$mgs.'</font>';};
if($shr==15){$mgs='<font color="purple">'.$mgs.'</font>';};
if($shr==16){$mgs='<font color="aqua">'.$mgs.'</font>';};
if($shr==17){$mgs='<font color="lime">'.$mgs.'</font>';};
if($shr==18){$mgs='<font color="chocolate">'.$mgs.'</font>';};
if($shr==19){$mgs='<font color="purple">'.$mgs.'</font>';};
if($ing=="to")$mgs = "<u>$mgs</u>";
if($red=="to")$mgs = "<font color=\"red\">$mgs</font>";
if($ung=="to")$mgs = "<i>$mgs</i>";
if($bnd=="to")$mgs = "<b>$mgs</b>";
if($liven_us<8){$mgs=antilink(antimat($mgs));};
$lastmsg=@mysql_fetch_array(@mysql_query("SELECT `msg` FROM `c_msgmess` ORDER BY `id` DESC LIMIT 1"));
if($lastmsg['msg']==$mgs){echo 'Флуд!';exit;};
@mysql_query("insert into `c_msgmess` values(0,'$id','$komy','$liven_us','$privat','$mgs','".time()."','$room','','');");
@mysql_query("update `c_users` set post_chat='".++$post_chat_us."' WHERE `id` = '".$id."' AND `pass`='".$pss."';");
}
include("temp/bots.php");
if($but=='okr'){
@mysql_query("update `c_users` set buton1='1' WHERE `id` = '".$id."' AND `pass`='".$ps."';");}
$query_settings = @mysql_query("select * from `c_komnota` where room='$room';");
$settings = @mysql_fetch_array($query_settings);
if($settings['kategor']=='klub'){
@mysql_query("update `c_users` set `ltime`='".time()."', `room`='$room', `nev`='1' where `id`='".$id."';");
}else{
if($settings['kategor']=='poso'){
@mysql_query("update `c_users` set `ltime`='".time()."', `room`='$room', `nev`='2' where `id`='".$id."';");
}else{
@mysql_query("update `c_users` set `ltime`='".time()."', `room`='$room', `nev`='0' where `id`='".$id."';");
}
}
if($liven_us==9)
$koll_online = @mysql_query("select count(*) from `c_users` WHERE ltime>'".intval(time()-$offline)."' and room='$room' order by id;");
else
$koll_online = @mysql_query("select count(*) from `c_users` WHERE ltime>'".intval(time()-$offline)."' and anon ='0' and room='$room' order by id;");
$uss_koll = @mysql_fetch_array($koll_online);
if(empty($settings['kategor'])){header("Location:enter.php?f=$f&id=$id&ps=$ps"); }
if($settings['kategor']=='inti'){
header("Location:inti.php?f=$f&id=$id&ps=$ps&room=$room");
}else{
if(($settings['kategor']=='mode')&&($liven_us<3)){
if(empty($title))$title="Стоять";
if(empty($tyu))$tyu="center";
$body=$body."<b>Вход в комнату только для модераторов и админов! :P</b>
$div7$div1<a href=\"enter.php?f=$f&id=$id&ps=$ps\">В прихожую</a><br/>".$divK."";
}else{
if(empty($title))$title="".$settings['topik']." (".$uss_koll['count(*)'].")";
if(empty($tyu))$tyu="left";
$refresh=$avr_us;
if($f=='h'){
if($buton1_us=='1')
$body=$body."<small>[<a href=\"mail.php?f=$f&id=$id&ps=$ps\">Записки(".$itog_n_mailvhod['count(*)']."/".$itog_c_mailvhod['count(*)'].")</a>]
[<a href=\"who.php?f=$f&id=$id&ps=$ps&room=$room\">Кто где?</a>]
[<a href=\"enter.php?f=$f&id=$id&ps=$ps\">В прихожую</a>]</small>";
else
$body=$body."[<a href=\"".$_SERVER['PHP_SELF']."?f=$f&id=$id&ps=$ps&room=$room&but=okr\">МЕНЮ КНОПОК</a>]<br/>";
}else{
/*
$ref=rand(1111,9999);
$body=$body."<do type=\"options\" name=\"obb\" label=\"Обновить\"><go href=\"".$_SERVER['PHP_SELF']."?f=$f&id=$id&ps=$ps&room=$room&ref=$ref\" method=\"get\"/></do>
<do type=\"options\" name=\"say\" label=\"Сказать\"><go href=\"say.php?f=$f&id=$id&ps=$ps&room=$room\" method=\"get\"/></do>
<do type=\"options\" name=\"mail\" label=\"Записки(".$itog_n_mailvhod['count(*)']."/".$itog_c_mailvhod['count(*)'].")\"><go href=\"mail.php?f=$f&id=$id&ps=$ps\" method=\"get\"/></do>
<do type=\"options\" name=\"wo\" label=\"Кто где?\"><go href=\"who.php?f=$f&id=$id&ps=$ps\" method=\"get\"/></do>
<do type=\"options\" name=\"pri\" label=\"В прихожую\"><go href=\"enter.php?f=$f&id=$id&ps=$ps\" method=\"get\"/></do>
<br/>";
*/
}
if(($post_chat_us>=3000)or($liven_us>3))$body=$body."[<a href=\"top.php?f=$f&id=$id&ps=$ps&room=$room\">Сменить топик</a>]<br/>";
$ref=rand(1111,9999);
$body=$body."$div1<a href=\"say.php?f=$f&id=$id&ps=$ps&room=$room\">Сказать[1]</a><br/>";
$body=$body."<a href=\"".$_SERVER['PHP_SELF']."?f=$f&id=$id&ps=$ps&room=$room&ref=$ref\">Обновить[2]</a><br/>";
if($priva_us=='1')
$body=$body."<a href=\"".$_SERVER['PHP_SELF']."?f=$f&id=$id&ps=$ps&room=$room&wikl=ok\">Выкл.приват[3]</a>".$divK."$div8";
else
$body=$body."<a href=\"".$_SERVER['PHP_SELF']."?f=$f&id=$id&ps=$ps&room=$room&wkl=ok\">Вкл.приват[3]</a>".$divK."$div8";
if($settings['kategor']=='inko'){
$figo_chat = @mysql_query("SELECT * FROM `c_msgmess` WHERE ((`room`='".$room."') OR (`room`='Admin')) ORDER BY `id` DESC LIMIT $max_us;");
while($cht_coo = @mysql_fetch_array($figo_chat))
{
$kto_coo=$cht_coo['kto'];
$komu_coo=$cht_coo['komu'];
$liven_coo=$cht_coo['liven'];
$privat_coo=$cht_coo['priwat'];
$msg_coo=$cht_coo['msg'];
$time_coo=$cht_coo['time'];
$room_coo=$cht_coo['room'];
$user_kto=@mysql_query("SELECT `nik` FROM `c_users` WHERE `id` = '".$kto_coo."';");
$kto_user=@mysql_fetch_array($user_kto);
$perwiNik=$kto_user['nik'];
if(empty($perwiNik)) $perwiNik='Система';
if(empty($komu_coo))$zapit="";
else
$zapit=",";
if($smls_us !='1') $msg_coo = preg_replace("|<img[^>]+>|isU", "*sm*", $msg_coo);
$body=$body."<br/>";
if(($liven_us>5)&&($liven_coo<=$liven_us)){
$body=$body."<a href=\"".$_SERVER['PHP_SELF']."?f=$f&id=$id&ps=$ps&room=$room&id_mgs=".$cht_coo['id']."\">[<b>x</b>]</a>";
$body=$body." <a href=\"inslide.php?f=$f&id=$id&ps=$ps&room=$room&mod=sau&id_an=$kto_coo\">$perwiNik</a>";
}else{
$body=$body."<a href=\"say.php?f=$f&id=$id&ps=$ps&room=$room\"><b>Аноним</b></a>";}
$body=$body." (".date("H:i",$time_coo).") > ";
$body=$body."$zapit $msg_coo";
}
}else{
if($priva_us=='1')
$figo_chat = @mysql_query("SELECT * FROM `c_msgmess` WHERE ((`room`='".$room."') OR (`room`='Admin')) AND `priwat`='1' ORDER BY `id` DESC LIMIT $max_us;");
else
$figo_chat = @mysql_query("SELECT * FROM `c_msgmess` WHERE ((`room`='".$room."') OR (`room`='Admin')) ORDER BY `id` DESC LIMIT $max_us;");
while($cht_coo = @mysql_fetch_array($figo_chat))
{
$kto_coo=$cht_coo['kto'];
$komu_coo=$cht_coo['komu'];
$liven_coo=$cht_coo['liven'];
$privat_coo=$cht_coo['priwat'];
$msg_coo=$cht_coo['msg'];
$time_coo=$cht_coo['time'];
$room_coo=$cht_coo['room'];
if(empty($komu_coo))$zapit="";
else
$zapit=",";
$proverignor = @mysql_query("SELECT * FROM `c_ignor` WHERE `kto`='".$id."' AND ((`ukogo`='".$komu_coo."')or(`ukogo`='".$kto_coo."'));");
if(@mysql_num_rows($proverignor) != 0){}else{
$proverignor = @mysql_query("SELECT * FROM `c_ignor` WHERE `ukogo`='".$id."' AND ((`kto`='".$komu_coo."')or(`kto`='".$kto_coo."'));");
if(@mysql_num_rows($proverignor) != 0){}else{
$user_kto=@mysql_query("SELECT `nik` FROM `c_users` WHERE `id` = '".$kto_coo."';");
$kto_user=@mysql_fetch_array($user_kto);
$user_komu=@mysql_query("SELECT `nik` FROM `c_users` WHERE `id` = '".$komu_coo."';");
$kto_komu=@mysql_fetch_array($user_komu);
$perwiNik=$kto_user['nik'];
if(empty($perwiNik)) $perwiNik='Система';
$ftoroiNik=$kto_komu['nik'];
if($smls_us !='1') $msg_coo = preg_replace("|<img[^>]+>|isU", "*sm*", $msg_coo);
if($privat_coo==1){
if(($kto_coo==$id)or($komu_coo==$id)or($liven_us==9)){
$body=$body."<br/>";
if(($liven_us>5)&&($liven_coo<=$liven_us))
$body=$body."<a href=\"".$_SERVER['PHP_SELF']."?f=$f&id=$id&ps=$ps&room=$room&id_mgs=".$cht_coo['id']."\">[<b>x</b>]</a>";
$body=$body."<b><a href=\"inslide.php?f=$f&id=$id&ps=$ps&room=$room&mod=sau&id_an=$kto_coo\">$perwiNik</a></b>";
$body=$body." (".date("H:i",$time_coo).") <b>[P!]</b> > ";
if($komu_coo==$id)
$body=$body."<b>$ftoroiNik</b>";
else
$body=$body."$ftoroiNik";
$body=$body."$zapit $msg_coo";}
}else{
$body=$body."<br/>";
if(($liven_us>5)&&($liven_coo<=$liven_us))
$body=$body."<a href=\"".$_SERVER['PHP_SELF']."?f=$f&id=$id&ps=$ps&room=$room&id_mgs=".$cht_coo['id']."\">[<b>x</b>]</a>";
$body=$body."<b><a href=\"inslide.php?f=$f&id=$id&ps=$ps&room=$room&mod=sau&id_an=$kto_coo\">$perwiNik</a></b>";
$body=$body." (".date("H:i",$time_coo).") > ";
if($komu_coo==$id)
$body=$body."<b>$ftoroiNik</b>";
else
$body=$body."$ftoroiNik";
$body=$body."$zapit $msg_coo";
}}}}
}
$body=$body."$div7$div1<a href=\"history.php?f=$f&id=$id&ps=$ps&room=$room\">История [4]</a><br/>";
$body=$body."<a href=\"enter.php?f=$f&id=$id&ps=$ps\">В прихожую [6]</a><br/>".$divK."";
}}
////////////////////////////////////////////////////////////////переходы формата//////////////////////////////
/*
if($f=="h"){
$body=$body."$div2 [xHTML|<a href=\"".$_SERVER['PHP_SELF']."?f=w&id=$id&ps=$ps&room=$room\">WML</a>]".$divK.$divK."";
}else{
$body=$body."$div2 [<a href=\"".$_SERVER['PHP_SELF']."?f=h&id=$id&ps=$ps&room=$room\">xHTML</a>|WML]".$divK.$divK."";
}
*/
/////////////////////////////////////////////оболочка////////////////////////////////////////
include("temp/obolocka.php");
}else{
header("Location:enter.php?f=$f&id=$id&ps=$ps");
}
}else{ header("Location:./?f=$f");}
?>