View file super2/foto.php

World Fastest and Cheapest Hosting
Buy Cheapest Web Domains
File size: 15.49Kb 
<?php
header('Cache-Control: no-cache');
header('Content-Type: text/html; charset=UTF-8');

require 'connect.php';
require 'gl.php';
require 'functions.php';

$ref = rand(1,9999);
$id = intval($_GET['id']);
$ps = check($_GET['ps']);
$us = check($_GET['us']);


if(substr_count($_SERVER['HTTP_USER_AGENT'],'Opera Mini'))
{
$opera = 1;
$upload = '<input name="file" value=""/><a href="op:fileselect">Обзор...</a>';
$type = strtolower(strrchr($_POST['name'],'.'));
$size = strlen($_POST['file']);
$array = explode('file=', $_POST['file']);
$name = $array[0];
$file = base64_decode($array[1]);
$opera = 1;
}
else
{
$upload = '<input type="file" name="file"/>';
$name = stripslashes(htmlspecialchars(rawurldecode($_FILES['file']['name'])));
$type = strtolower(strrchr($_FILES['file']['name'],'.'));
$size = $_FILES['file']['size'];
$file = $_FILES['file']['tmp_name'];
}


if(!$ps)
{
print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Cache-Control" content="no-cache,no-store,must-revalidate">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Добавление Фото</title>
<style type="text/css">
body{ text-align:left; background-color:#003355; font-size:12pt; }
div{ padding:2px 0 2px 0; margin:1px; border-style:solid; border-color:#D0F0FF; border-width:1px; }
a{ color:#000050; text-decoration:none; }
a:hover{ text-decoration:underline; color:#000070; }
a:visited{ color:#000033; }
a:active{ color:#000090; }
.red{ color:#FF0000; font-size:14pt; text-align:center; }
.str{ text-align:left; color:#000033; font-family:Arial; background-color:#005577; text-align:center; }
.telo{ text-align:left; color:#000033; font-family:"Times New Roman",Times,serif; background-color:#3399BB; }
</style>
</head>
<body>
<div class="telo">
Введите свой ник и пароль.
<form action="foto.php?" name="auth" method="get">
<div>
Ник:<br/>
<input type="text" name="us" maxlength="15"/><br/>
Пароль:<br/>
<input type="text" name="ps" maxlength="15"/><br/>
<input type="hidden" name="ref" value="'.$ref.'"/>
<input type="submit" value="Вход" name="enter"/>
</div>
</form>
</div>
<div class="str">
'.$gl.'
</div>
</body>
</html>';
mysql_close();
exit;
}

if($id)
{$result = @mysql_query('SELECT * FROM `antihack_users` where id='.$id);}
else
{
if(!$us)
{
print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Cache-Control" content="no-cache,no-store,must-revalidate">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Error</title>
<style type="text/css">
body{ text-align:left; background-color:#003355; font-size:12pt; }
div{ padding:2px 0 2px 0; margin:1px; border-style:solid; border-color:#D0F0FF; border-width:1px; }
a{ color:#000050; text-decoration:none; }
a:hover{ text-decoration:underline; color:#000070; }
a:visited{ color:#000033; }
a:active{ color:#000090; }
.red{ color:#FF0000; font-size:14pt; text-align:center; }
.str{ text-align:left; color:#000033; font-family:Arial; background-color:#005577; text-align:center; }
.telo{ text-align:left; color:#000033; font-family:"Times New Roman",Times,serif; background-color:#3399BB; }
</style>
</head>
<body>
<div class="telo">
<div class="red">
Юзер не найден!
</div><br/>
Введите свой ник и пароль.
<form action="foto.php?" name="auth" method="get">
<div>
Ник:<br/>
<input type="text" name="us" maxlength="15"/><br/>
Пароль:<br/>
<input type="text" name="ps" maxlength="15"/><br/>
<input type="hidden" name="ref" value="'.$ref.'"/><br/>
<input type="submit" value="Вход" name="enter"/>
</div>
</form>
</div>
<div class="str">
'.$gl.'
</div>
</body>
</html>';
mysql_close();
exit;
}

$result = mysql_query("SELECT * FROM `antihack_users` WHERE `user` = '".$us."'");

}

if(mysql_affected_rows() == 0)
{
print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Cache-Control" content="no-cache,no-store,must-revalidate">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Error</title>
<style type="text/css">
body{ text-align:left; background-color:#003355; font-size:12pt; }
div{ padding:2px 0 2px 0; margin:1px; border-style:solid; border-color:#D0F0FF; border-width:1px; }
a{ color:#000050; text-decoration:none; }
a:hover{ text-decoration:underline; color:#000070; }
a:visited{ color:#000033; }
a:active{ color:#000090; }
.red{ color:#FF0000; font-size:14pt; text-align:center; }
.str{ text-align:left; color:#000033; font-family:Arial; background-color:#005577; text-align:center; }
.telo{ text-align:left; color:#000033; font-family:"Times New Roman",Times,serif; background-color:#3399BB; }
</style>
</head>
<body>
<div class="telo">
<div class="red">
Юзер не найден!
</div><br/>
Введите свой ник и пароль.
<form action="foto.php?" name="auth" method="get">
<div>
Ник:<br/>
<input type="text" name="us" maxlength="15"  size="15"/><br/>
Пароль:<br/>
<input type="text" name="ps" maxlength="15"  size="15"/><br/>
<input type="hidden" name="ref" value="'.$ref.'"/><br/>
<input type="submit" value="Вход" name="enter"/>
</div>
</form>
</div>
<div class="str">
'.$gl.'
</div>
</body>
</html>';
mysql_close();
exit;
}

$row = mysql_fetch_assoc($result);
if($ps != $row['pass'])
{
print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Cache-Control" content="no-cache,no-store,must-revalidate">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Error</title>
<style type="text/css">
body{ text-align:left; background-color:#003355; font-size:12pt; }
div{ padding:2px 0 2px 0; margin:1px; border-style:solid; border-color:#D0F0FF; border-width:1px; }
a{ color:#000050; text-decoration:none; }
a:hover{ text-decoration:underline; color:#000070; }
a:visited{ color:#000033; }
a:active{ color:#000090; }
.red{ color:#FF0000; font-size:14pt; text-align:center; }
.str{ text-align:left; color:#000033; font-family:Arial; background-color:#005577; text-align:center; }
.telo{ text-align:left; color:#000033; font-family:"Times New Roman",Times,serif; background-color:#3399BB; }
</style>
</head>
<body>
<div class="telo">
<div class="red">
Не верное сочетание ника и пароля!
</div><br/>
Введите свой ник и пароль.
<form action="foto.php?" name="auth" method="get">
<div>
Ник:<br/>
<input type="text" name="us" maxlength="15"  size="15"/><br/>
Пароль:<br/>
<input type="text" name="ps" maxlength="15"  size="15"/><br/>
<input type="hidden" name="ref" value="'.$ref.'"/><br/>
<input type="submit" value="Вход" name="enter"/>
</div>
</form>
</div>
<div class="str">
'.$gl.'
</div>
</body>
</html>';
mysql_close();
exit;
}

if(!$id)
{$id = $row['id'];}
$us = $row['user'];

if($_POST['go'])
{
if(!$file)
{
print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Cache-Control" content="no-cache,no-store,must-revalidate">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Error</title>
<style type="text/css">
body{ text-align:left; background-color:#003355; font-size:12pt; }
div{ padding:2px 0 2px 0; margin:1px; border-style:solid; border-color:#D0F0FF; border-width:1px; }
a{ color:#000050; text-decoration:none; }
a:hover{ text-decoration:underline; color:#000070; }
a:visited{ color:#000033; }
a:active{ color:#000090; }
.red{ color:#FF0000; font-size:14pt; text-align:center; }
.str{ text-align:left; color:#000033; font-family:Arial; background-color:#005577; text-align:center; }
.telo{ text-align:left; color:#000033; font-family:"Times New Roman",Times,serif; background-color:#3399BB; }
</style>
</head>
<body>
<div class="telo">
<div class="red">
Вы не указали файл!
</div><br/>
<a href="foto.php?id='.$id.'&amp;ps='.$ps.'&amp;ref='.$ref.'">&#8592; Назад</a><br/>
</div>
<div class="str">
'.$gl.'
</div>
</body>
</html>';
exit;
}

if($type!='.gif' && $type!='.jpg' && $type!='.jpe' && $type!='.jpeg')
{
print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Cache-Control" content="no-cache,no-store,must-revalidate">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Error</title>
<style type="text/css">
body{ text-align:left; background-color:#003355; font-size:12pt; }
div{ padding:2px 0 2px 0; margin:1px; border-style:solid; border-color:#D0F0FF; border-width:1px; }
a{ color:#000050; text-decoration:none; }
a:hover{ text-decoration:underline; color:#000070; }
a:visited{ color:#000033; }
a:active{ color:#000090; }
.red{ color:#FF0000; font-size:14pt; text-align:center; }
.str{ text-align:left; color:#000033; font-family:Arial; background-color:#005577; text-align:center; }
.telo{ text-align:left; color:#000033; font-family:"Times New Roman",Times,serif; background-color:#3399BB; }
</style>
</head>
<body>
<div class="telo">
<div class="red">
Это не картинка!
</div><br/>
<a href="foto.php?id='.$id.'&amp;ps='.$ps.'&amp;ref='.$ref.'">&#8592; Назад</a><br/>
</div>
<div class="str">
'.$gl.'
</div>
</body>
</html>';
exit;
}


$par = getimagesize($file);
if(($par[2] != 2)&&($par[2] != 1))
{
print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Cache-Control" content="no-cache,no-store,must-revalidate">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Error</title>
<style type="text/css">
body{ text-align:left; background-color:#003355; font-size:12pt; }
div{ padding:2px 0 2px 0; margin:1px; border-style:solid; border-color:#D0F0FF; border-width:1px; }
a{ color:#000050; text-decoration:none; }
a:hover{ text-decoration:underline; color:#000070; }
a:visited{ color:#000033; }
a:active{ color:#000090; }
.red{ color:#FF0000; font-size:14pt; text-align:center; }
.str{ text-align:left; color:#000033; font-family:Arial; background-color:#005577; text-align:center; }
.telo{ text-align:left; color:#000033; font-family:"Times New Roman",Times,serif; background-color:#3399BB; }
</style>
</head>
<body>
<div class="telo">
<div class="red">
Указанный вами файл не является картинкой!
</div><br/>
<a href="foto.php?id='.$id.'&amp;ps='.$ps.'&amp;ref='.$ref.'">&#8592; Назад</a><br/>
</div>
<div class="str">
'.$gl.'
</div>
</body>
</html>';
exit;
}


if($size>64000)
{
print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Cache-Control" content="no-cache,no-store,must-revalidate">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Error</title>
<style type="text/css">
body{ text-align:left; background-color:#003355; font-size:12pt; }
div{ padding:2px 0 2px 0; margin:1px; border-style:solid; border-color:#D0F0FF; border-width:1px; }
a{ color:#000050; text-decoration:none; }
a:hover{ text-decoration:underline; color:#000070; }
a:visited{ color:#000033; }
a:active{ color:#000090; }
.red{ color:#FF0000; font-size:14pt; text-align:center; }
.str{ text-align:left; color:#000033; font-family:Arial; background-color:#005577; text-align:center; }
.telo{ text-align:left; color:#000033; font-family:"Times New Roman",Times,serif; background-color:#3399BB; }
</style>
</head>
<body>
<div class="telo">
<div class="red">
Слишком большой размер файла!
</div><br/>
<a href="foto.php?id='.$id.'&amp;ps='.$ps.'&amp;ref='.$ref.'">&#8592; Назад</a><br/>
</div>
<div class="str">
'.$gl.'
</div>
</body>
</html>';
exit;
}

if(($par[0]>480)||($par[1]>640))
{
print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Cache-Control" content="no-cache,no-store,must-revalidate">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Error</title>
<style type="text/css">
body{ text-align:left; background-color:#003355; font-size:12pt; }
div{ padding:2px 0 2px 0; margin:1px; border-style:solid; border-color:#D0F0FF; border-width:1px; }
a{ color:#000050; text-decoration:none; }
a:hover{ text-decoration:underline; color:#000070; }
a:visited{ color:#000033; }
a:active{ color:#000090; }
.red{ color:#FF0000; font-size:14pt; text-align:center; }
.str{ text-align:left; color:#000033; font-family:Arial; background-color:#005577; text-align:center; }
.telo{ text-align:left; color:#000033; font-family:"Times New Roman",Times,serif; background-color:#3399BB; }
</style>
</head>
<body>
<div class="telo">
<div class="red">
Неправильное разрешение фотографии!
</div><br/>
<a href="foto.php?id='.$id.'&amp;ps='.$ps.'&amp;ref='.$ref.'">&#8592; Назад</a><br/>
</div>
<div class="str">
'.$gl.'
</div>
</body>
</html>';
exit;
}


if($type=='.jpe' || $type=='.jpeg')
{$type = '.jpg';}

$foto = $id.$type;
unlink('photos/'.$id.'.jpg');
unlink('photos/'.$id.'.gif');

if($opera)
{
$f = fopen('photos/'.$foto,'wb');
fputs($f,$file);
fclose($f);
$copy = file_exists('photos/'.$foto);
}
else
{$copy = move_uploaded_file($_FILES['file']['tmp_name'], 'photos/'.$foto);}


if($copy)
{$result_copy = 'Фотография добавлена!<br/>';}
else
{$result_copy = 'Ошибка при добавлении фотографии<br/>';}
}

print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Cache-Control" content="no-cache,no-store,must-revalidate">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Добавление Фото</title>
<style type="text/css">
body{ text-align:left; background-color:#003355; font-size:12pt; }
div{ padding:2px 0 2px 0; margin:1px; border-style:solid; border-color:#D0F0FF; border-width:1px; }
a{ color:#000050; text-decoration:none; }
a:hover{ text-decoration:underline; color:#000070; }
a:visited{ color:#000033; }
a:active{ color:#000090; }
.foto{ background-color:#A0DDFF; text-align:center; }
.red{ color:#FF0000; font-size:14pt; text-align:center; }
.str{ text-align:left; color:#000033; font-family:Arial; background-color:#005577; text-align:center; }
.telo{ text-align:left; color:#000033; font-family:"Times New Roman",Times,serif; background-color:#3399BB; }
</style>
</head>
<body>
<div class="telo">';

print 'Загружаемая фотография обязательно должна быть в формате GIF или JPG, разрешением не более 480х640 и размером не более 64кб.<br/>
Если вы хотите заменить свое старое фото, то просто загрузите новую, а старая автоматически удалится.<br/>
</div>
<div class="red">'.$us.'</div>';
if($copy)
{print '<div class="foto"><img src="photos/'.$foto.'" alt=""/><br/>'.$result_copy.'</div>';}
print '<div class="telo">
<form enctype="multipart/form-data" action="foto.php?id='.$id.'&amp;ps='.$ps.'&amp;ref='.$ref.'" method="post">
<div>
Прикрепить фото:<br/>
'.$upload.'<br/>
<input type="submit" name="go" value="Отправить"/>
</div>
</form>
</div>
<div class="str">
'.$gl.'
</div>
<div class="str">
<a href="enter.php?id='.$id.'&amp;ps='.$ps.'&amp;ref='.$ref.'">Прихожая</a>
</div>
</body>
</html>';

mysql_close();
?>