File size: 7.66Kb
<?php
$us=$_GET['id'];
$ps=$_GET['ps'];
$msg=(empty($_GET['msg'])) ? $_POST['msg'] : $_GET['msg'];
$room=(empty($_GET['room'])) ? mysql_escape_string(htmlspecialchars(trim($_POST['room']))) : mysql_escape_string(htmlspecialchars(trim($_GET['room'])));
$key=(empty($_GET['key'])) ? $_POST['key'] : $_GET['key'];
$key=mysql_escape_string(htmlspecialchars(trim($key)));
$komy=mysql_escape_string(htmlspecialchars(trim($_POST['komy'])));
$msg=mysql_escape_string(htmlspecialchars(trim($msg)));
$us=mysql_escape_string(htmlspecialchars(trim($us)));
$ps=mysql_escape_string(htmlspecialchars(trim($ps)));
include("ini.php");
$login = autorize();
if($login) {
if($room&&$key){
if(!preg_match("/[0-9]/",$key)) $error='ERRRRRR<br />';
if(empty($error))
{
$id_mgs=intval($_GET['id_mgs']);
if($id_mgs){
$post_dell = @mysql_query("SELECT * FROM `c_msgmess` WHERE `id`='".$id_mgs."';");
$viwod_pos = @mysql_fetch_array($post_dell);
if(($liven_us>5)&&($liven_us>=$viwod_pos['liven']))
{
@mysql_query("delete from `c_msgmess` WHERE `id`='".$id_mgs."';");
}
}
@mysql_query("update `c_users` set `ltime`='".time()."', `room`='$room', `nev`='0' where `id`='".$id."';");
$query_msg = @mysql_query("select * from `c_msgmess` where kto='".$id."' order by id desc;");
$prevmsg = @mysql_fetch_array($query_msg);
if(!empty($msg) && $msg!=$prevmsg['msg']) {
if(empty($komy))$komy="";
$mgs = substr($msg, 0, 250);
include("temp/convert_to_smiles.php");
@mysql_query("insert into `c_msgmess` values(0,'$id','$komy','$liven_us','0','$mgs','".time()."','$room','$key','');");
@mysql_query("insert into `c_log_intim` values(0,'$daten [$currTime1:$currTime2:$currTime3]> <b>$nik_us</b> << <b>".$komy."</b>! Текст:($mgs) код($key)');");
@mysql_query("update `c_users` set post_chat='".++$post_chat_us."' WHERE `id` = '".$id."' AND `pass`='".$pss."';"); }
if($but=='okr'){
@mysql_query("update `c_users` set buton1='1' WHERE `id` = '".$id."' AND `pass`='".$pss."';");}
$query_settings = @mysql_query("select * from `c_komnota` where room='$room';");
$settings = @mysql_fetch_array($query_settings);
$koll_online = @mysql_query("select count(*) from `c_users` WHERE ltime>'".intval(time()-$offline)."' and anon ='0' and room='$room' order by id;");
$uss_koll = @mysql_fetch_array($koll_online);
if($settings['kategor']=='inti'){
if(empty($title))$title="".$settings['topik']." (".$uss_koll['count(*)'].")";
if(empty($tyu))$tyu="left";
$refresh=$avr_us;
if($f=='h'){
if($buton1_us=='1')
$body=$body."<small>[<a href=\"mail.php?f=$f&id=$id&ps=$ps\">Записки(".$itog_n_mailvhod['count(*)']."/".$itog_c_mailvhod['count(*)'].")</a>]
[<a href=\"who.php?f=$f&id=$id&ps=$ps&room=$room\">Кто где?</a>]
[<a href=\"enter.php?f=$f&id=$id&ps=$ps\">В прихожую</a>]</small>";
else
$body=$body."[<a href=\"".$_SERVER['PHP_SELF']."?f=$f&id=$id&ps=$ps&room=$room&but=okr&key=$key\">МЕНЮ КНОПОК</a>]<br/>";
}else{
/*
$body=$body."<do type=\"options\" name=\"obb\" label=\"Обновить\"><go href=\"".$_SERVER['PHP_SELF']."?f=$f&id=$id&ps=$ps&room=$room&key=$key\" method=\"get\"/></do>
<do type=\"options\" name=\"say\" label=\"Сказать\"><go href=\"say.php?f=$f&id=$id&ps=$ps&room=$room&key=$key
\" method=\"get\"/></do><do type=\"options\" name=\"mail\" label=\"Записки(".$itog_n_mailvhod['count(*)']."/".$itog_c_mailvhod['count(*)'].")\"><go href=\"mail.php?f=$f&id=$id&ps=$ps\" method=\"get\"/></do>
<do type=\"options\" name=\"wo\" label=\"Кто где?\"><go href=\"who.php?f=$f&id=$id&ps=$ps&room=$room\" method=\"get\"/></do>
<do type=\"options\" name=\"pri\" label=\"В прихожую\"><go href=\"enter.php?f=$f&id=$id&ps=$ps\" method=\"get\"/></do>
<br/>";
*/
}
$body=$body."$div1<a href=\"say.php?f=$f&id=$id&ps=$ps&room=$room&key=$key\">Сказать[1]</a><br/>";
$body=$body."<a href=\"".$_SERVER['PHP_SELF']."?f=$f&id=$id&ps=$ps&room=$room&key=$key\">Обновить[2]</a><br/>$divK $div8";
$figo_chat = @mysql_query("SELECT * FROM `c_msgmess` WHERE ((`room`='".$room."') AND (`key`='$key')) ORDER BY `id` DESC LIMIT $max_us;");
while($cht_coo = @mysql_fetch_array($figo_chat))
{
$kto_coo=$cht_coo['kto'];
$komu_coo=$cht_coo['komu'];
$liven_coo=$cht_coo['liven'];
$privat_coo=$cht_coo['priwat'];
$msg_coo=$cht_coo['msg'];
$time_coo=$cht_coo['time'];
$room_coo=$cht_coo['room'];
if(empty($komu_coo))$zapit="";
else
$zapit=",";
$proverignor = @mysql_query("SELECT * FROM `c_ignor` WHERE `kto`='".$id."' AND ((`ukogo`='".$komu_coo."')or(`ukogo`='".$kto_coo."'));");
if(@mysql_num_rows($proverignor) != 0){}else{
$proverignor = @mysql_query("SELECT * FROM `c_ignor` WHERE `ukogo`='".$id."' AND ((`kto`='".$komu_coo."')or(`kto`='".$kto_coo."'));");
if(@mysql_num_rows($proverignor) != 0){}else{
$user_kto=@mysql_query("SELECT `nik` FROM `c_users` WHERE `id` = '".$kto_coo."';");
$kto_user=@mysql_fetch_array($user_kto);
$user_komu=@mysql_query("SELECT `nik` FROM `c_users` WHERE `id` = '".$komu_coo."';");
$kto_komu=@mysql_fetch_array($user_komu);
$perwiNik=$kto_user['nik'];
$ftoroiNik=$kto_komu['nik'];
if($smls_us !='1') $msg_coo = preg_replace("|<img[^>]+>|isU", "*sm*", $msg_coo);
$body=$body."<br/>";
if(($liven_us>5)&&($liven_coo<=$liven_us))
$body=$body."<a href=\"".$_SERVER['PHP_SELF']."?f=$f&id=$id&ps=$ps&room=$room&key=$key&id_mgs=".$cht_coo['id']."\">[<b>x</b>]</a>";
$body=$body." <a href=\"inslide.php?f=$f&id=$id&ps=$ps&room=$room&mod=sau&id_an=$kto_coo&key=$key\">$perwiNik</a>";
$body=$body."(".date("H:i",$time_coo).") > ";
if($komu_coo==$id)
$body=$body."<b>$ftoroiNik</b>";
else
$body=$body."$ftoroiNik";
$body=$body."$zapit $msg_coo";
}}}
$body=$body."$div7$div1<a href=\"enter.php?f=$f&id=$id&ps=$ps\">В прихожую [6]</a><br/>".$divK."";
}else{
header("Location:room.php?f=$f&id=$id&ps=$ps&room=$room");
}
}else{
$body=$body."$error";
}
}else{
if(empty($title))$title="Интим";
if(empty($tyu))$tyu="center";
$body="".$divN."<b>Ключ:</b><br/>";
if($f=="h"){
$body=$body."<form action=\"".$_SERVER['PHP_SELF']."?f=$f&id=$id&ps=$ps&room=$room\" method=\"post\">
<input name=\"key\" title=\"Kluch\" format=\"*N\" maxlength=\"4\"/><br/>
<br/><input class=\"ibutton\" type=\"submit\" value=\"Пошел\"/></form>";
}else{
/*
$body=$body."<input name=\"key$ref\" title=\"Kluch\"/><br/><br/>
<anchor>Пошел<go href=\"".$_SERVER['PHP_SELF']."?f=$f&id=$id&ps=$ps&room=$room\" method=\"post\">
<postfield name=\"key\" value=\"$(key$ref)\"/>
</go></anchor><br/><br />";
*/
}
$body=$body."$div1<a href=\"enter.php?f=$f&id=$id&ps=$ps\">В прихожую</a><br/>".$divK."";
}
////////////////////////////////////////////////////////////////переходы формата//////////////////////////////
/*
if($key){
if($f=="h")
$body=$body."$div2 [xHTML|<a href=\"".$_SERVER['PHP_SELF']."?f=w&id=$id&ps=$ps&room=$room&key=$key\">WML</a>]".$divK.$divK."";
else
$body=$body."$div2 [<a href=\"".$_SERVER['PHP_SELF']."?f=h&id=$id&ps=$ps&room=$room&key=$key\">xHTML</a>|WML]".$divK.$divK."";
}else{
if($f=="h")
$body=$body."$div2 [xHTML|<a href=\"".$_SERVER['PHP_SELF']."?f=w&id=$id&ps=$ps&room=$room\">WML</a>]".$divK.$divK."";
else
$body=$body."$div2 [<a href=\"".$_SERVER['PHP_SELF']."?f=h&id=$id&ps=$ps&room=$room\">xHTML</a>|WML]".$divK.$divK."";
}
*/
/////////////////////////////////////////////оболочка////////////////////////////////////////
include("temp/obolocka.php");
}else{
header("Location:./?f=$f");
}
?>