File size: 8.53Kb
<?php
require 'connect.php';
require 'header.php';
require 'gl.php';
require 'functions.php';
$ref = rand(1,9999);
$id = check($_REQUEST['id']);
$ps = check($_REQUEST['ps']);
$agent = check($_SERVER['HTTP_USER_AGENT']);
$addr = $_SERVER['REMOTE_ADDR'];
if($_POST['t'])
{$id = trun_to_rus($id);}
if(is_numeric($id))
{$result = mysql_query('SELECT * FROM `antihack_users` WHERE `id`='.intval($id).' LIMIT 1');}
else
{$result = mysql_query('SELECT * FROM `antihack_users` WHERE `user` = "'.$id.'" LIMIT 1');}
if(!mysql_num_rows($result))
{
print $top.'
<card id="warning" title="Warning!">
<p>
Юзер не найден
</p></card></wml>';
mysql_close();
exit;
}
$row = mysql_fetch_assoc($result);
if($ps != $row['pass'])
{
print $top.'
<card id="warning" title="Warning!">
<p>
Не верное сочетание ника и пароля
</p></card></wml>';
mysql_close();
exit;
}
$id = $row['id'];
$us_ip = $row['user_ip'];
$us_soft = $row['user_soft'];
if(($us_soft != $agent||$us_ip != $addr) && $row['safe'] == 1)
{
mysql_query("UPDATE `antihack_users` SET user_soft='".$agent."', user_ip = '".$addr."' WHERE id = ".$id);
exit($top.'
<card id="warning" title="Warning!">
<p><small>
<a href="enter.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">Продолжить</a><br/>
Пpeдyпpeждeнue бeзoпacнocтu<br/>
<strong>Bнuмaнue!</strong><br/>
Baш тekyщuй coфт ('.$agent.') uлu IP aдpec нe coвпaдaют c IP+SOFT пocлeднeгo входа.
Ecлu вы нe ucпoльзoвaлu в пocлeднee вpeмя IP '.$us_ip.' uлu coфт '.$us_soft.', этo мoжeт oзнaчaть, чтo ктo-тo зaxoдuл c Baшeгo нuкa.
Pekoмeндyeм cмeнuть Вaш пapoль. Oтkлючuть cucтeмy бeзoпacнocтu мoжнo в нacтpoйkax чaтa, нo этo нe pekoмeндyeтcя.<br/>
<a href="enter.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">Продолжить</a>
</small></p></card></wml>');
}
elseif($us_soft != $agent||$us_ip != $addr)
{mysql_query("UPDATE `antihack_users` SET user_soft='".$agent."', user_ip = '".$addr."' WHERE id = ".$id);}
if(($row['posts']>=1000)&&($row['level']<1))
{
$levels = mysql_fetch_assoc(mysql_query('SELECT `name` FROM `levels` WHERE level=1 LIMIT 1'));
$levelname = $levels['name'];
$row['level'] = 1;
$row['status'] = $levelname;
mysql_query("UPDATE `antihack_users` SET status = '".$row['status']."', level = ".$row['level']." WHERE id = ".$id);
}
if(($row['posts']>=3000)&&($row['level']<2))
{
$levels = mysql_fetch_assoc(mysql_query('SELECT `name` FROM `levels` WHERE level=2 LIMIT 1'));
$levelname = $levels['name'];
$row['level'] = 2;
$row['status'] = $levelname;
mysql_query("UPDATE `antihack_users` SET status = '".$row['status']."', level = ".$row['level']." WHERE id = ".$id);
}
if(($row['posts']>=7000)&&($row['level']<3))
{
$levels = mysql_fetch_assoc(mysql_query('SELECT `name` FROM `levels` WHERE level=3 LIMIT 1'));
$levelname = $levels['name'];
$row['level'] = 3;
$row['status'] = $levelname;
mysql_query("UPDATE `antihack_users` SET status = '".$row['status']."', level = ".$row['level']." WHERE id = ".$id);
}
$tm = time()-300;
for($n=0; $n<=21; $n++)
{
$r = mysql_fetch_assoc(mysql_query('SELECT COUNT(`id`) FROM `antihack_users` WHERE `id`>11 AND `inv`=0 AND `onl`>"'.$tm.'" AND `room`='.$n));
print mysql_error();
$siz[$n] = $r['COUNT(`id`)'];
$kol += $r['COUNT(`id`)'];
}
$a = mysql_fetch_assoc(mysql_query('SELECT COUNT(`readd`) AS `num` FROM `zapiski` WHERE (idtowhom = '.$id.') AND (readd = 0) AND (ininc = 1)'));
$inb = $a['num'];
$cmac = mysql_fetch_assoc(mysql_query('SELECT COUNT(`id`) AS `num` FROM `vstrechi` WHERE 1'));
$cmtot = $cmac['num'];
////////////////////////////
ob_start();
if($row['wap'] == 0)
{
print $top.'
<card id="enter" title="ЧАТ">
<p align="center">
<small>';
}
else
{
if(substr_count($_SERVER['HTTP_USER_AGENT'], 'MSIE'))
{header('Content-type: text/html; charset=utf-8');}
else
{header('Content-type: application/xhtml+xml; charset=utf-8');}
print $top_xhtml.'
<head>
<title>Чат</title>
<link rel="stylesheet" type="text/css" href="'.$row['wap'].'.css"/>
</head><body>
<div class="telo">';
}
if($row['level']>6)
{
print '<a href="apanel.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">aPanel</a><br/>
<a href="mpanel.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">mPanel</a><br/>
---<br/>';
}
elseif($row['level']>3)
{print '<a href="mpanel.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">mPanel</a><br/>---<br/>';}
$idnews = mysql_fetch_row(mysql_query('SELECT MAX(`id`) FROM `news`'));
if($idnews[0]>0)
{$news = mysql_fetch_row(mysql_query('SELECT `date` FROM `news` where id='.$idnews[0]));}
if(isset($news[0]))
{print '<a href="news.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">Новости</a>('.$news[0].')<br/>---<br/>';}
$q = mysql_query('SELECT `id`,`title` FROM `obiav` ORDER BY `id` DESC');
while($arr = mysql_fetch_assoc($q))
{
$obiav_title = $arr['title'];
print '<u><a href="view_obiav.php?id='.$id.'&ps='.$ps.'&mid='.$arr["id"].'&ref='.$ref.'">'.$obiav_title.'</a></u><br/>';
}
$a = mysql_fetch_assoc(mysql_query('SELECT COUNT(`readd`) AS `num` FROM `zapiski` WHERE (idtowhom = '.$id.') AND (readd = 0) AND (ininc = 1)'));
$inb = $a['num'];
if($inb>0)
{print 'Новых писем: <a href="inbox.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">'.$inb.'</a><br/>---<br/>';}
$d = gmdate('j-n-', time() + $correct_time);
$birth = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `antihack_users` WHERE `birth` LIKE '$d%'"),0);
if($birth)
{print 'Именинники: <a href="statistik.php?id='.$id.'&ps='.$ps.'&mod=birthday&ref='.$ref.'">('.$birth.')</a><br/>---<br/>';}
if($cmtot)
{print '<a href="vstrechi.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">Встречи</a>('.$cmtot.')<br/>';}
print '<a href="who.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">Кто где?</a>('.$kol.')<br/>
<a href="search.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">Поиск...</a><br/>
---<br/>';
for($num=0; $num<=21; $num++)
{
$rooms = mysql_fetch_assoc(mysql_query('SELECT `name`,`hidden` FROM `rooms` WHERE rm='.$num.' LIMIT 1'));
if($rooms['hidden'] == 1)
{continue;}
if($num==9)
{print '<a href="anlim.php?id='.$id.'&ps='.$ps.'&rm='.$num.'&ref='.$ref.'">'.$rooms['name'].'</a>('.$siz[$num].')<br/>';}
elseif($num == 10)
{print '<a href="intim.php?id='.$id.'&ps='.$ps.'&rm='.$num.'&ref='.$ref.'">'.$rooms['name'].'</a>('.$siz[$num].')<br/>';}
elseif($num == 21)
{print '<a href="maf.php?id='.$id.'&ps='.$ps.'&rm='.$num.'&ref='.$ref.'">'.$rooms['name'].'</a>('.$siz[$num].')<br/>';}
else
{print '<a href="chat.php?id='.$id.'&ps='.$ps.'&rm='.$num.'&ref='.$ref.'">'.$rooms['name'].'</a>('.$siz[$num].')<br/>';}
}
$foto = mysql_fetch_assoc(mysql_query('SELECT COUNT(`id`) AS `num` FROM `antihack_users` WHERE img != \'\''));
$dir = opendir('photos/');
$photos = array();
while(false !== ($file = readdir($dir)))
{$photos[].= $file;}
if($row['wap'] == 0)
{
print '---<br/>
<a href="games.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">Игры</a><br/>
---<br/>
<a href="gallery.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">Галерея чата</a>('.(sizeof($photos)-3).')<br/>
<a href="cabinet.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">Личный кабинет</a><br/>
<a href="statistik.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">Статистика</a><br/>
<a href="faq.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">FAQ</a><br/>
<a href="rules.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">Правила</a><br/>---<br/>'.$gl.'</small></p></card></wml>';
}
else
{
print '<div class="border">---<br/></div>
<a href="games.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">Игры</a><br/>
<div class="border">---<br/></div>
<a href="gallery.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">Галерея чата</a>('.(sizeof($photos)-3).')<br/>
<a href="cabinet.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">Личный кабинет</a><br/>
<a href="statistik.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">Статистика</a><br/>
<a href="faq.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">FAQ</a><br/>
<a href="rules.php?id='.$id.'&ps='.$ps.'&ref='.$ref.'">Правила</a><hr/>'.$gl.'</div></body></html>';
}
$pagesize = round((ob_get_length())/1024,1);
mysql_query("UPDATE `antihack_users` SET alltraf='".($row['alltraf']+$pagesize)."', lasttraf='".$pagesize."' where id=".$id);
ob_end_flush();
?>