File size: 5.74Kb
<?php
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
/////////////// ////////////////////////
/////////////////// SCRIPT BY WAP-RULER aka ARNAB /////////////////////
////////////// CONTACT ME @ fb.me/arnab2012 or EMAIL : arnab2098@gmail.com /////////////////////////
////////////////// Buy Hosting : Hosthurry.CoM //////////////////////
///////////// My Download Portal : PJFun.CoM /////////////////////////
////////////////// //////////////////////
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
error_reporting(0);
require_once"./includes/functions/gzip.php";
include('start.php');
include("config.php");
include("./includes/".$ver."/banned");
list($msec, $sec) = explode(chr(32), microtime());
$headtime = $sec + $msec;
$nocache = rand(0, 999999999);
switch ($ver) {
//////////////HTML
case 'html':
$my_title = "ShoutBox";
if (!isset($_COOKIE['theme'])) $_COOKIE['theme'] = 1;
include_once "themes/" . intval($_COOKIE['theme']) . "/index.php";
// AUTH
$id = intval($_SESSION['id']);
$password = mysql_escape_string($_SESSION['password']);
$q = mysql_query("SELECT * FROM `chat_users` WHERE `id` = '" . $id . "' AND `password` = '" . md5($password) . "';");
if (mysql_affected_rows() == 0) {
echo "Not logged in!<br/>\n";
include_once "themes/" . intval($_COOKIE['theme']) . "/foot.php";
exit();
} else {
$nickname = mysql_result($q, 0, 'nickname');
}
// END AUTH
/*
//ONLINE
$online = time() + 60;
$update = mysql_query("UPDATE `chat_users` SET `time` = '".$online."', `place` = 0, `ip` = '".getenv('REMOTE_ADDR')."', `ua` = '".htmlspecialchars(getenv('HTTP_USER_AGENT'))."' WHERE `id` = '".$id."';");
//END ONLINE
*/
//ONLINE IN CHAT
$query = mysql_query("SELECT COUNT(*) FROM `chat_users` WHERE `time` > ".time().";");
$online = mysql_result($query, 0);
//END ONLINE
if (isset($_GET['mod'])) {
$mod = $_GET['mod'];
} else {
$mod = "";
}
switch ($mod) {
case 'delete':
$nid =$_GET['nid'];
$q = mysql_query("DELETE FROM `chat_shout` WHERE `id` = '" . $nid . "';");
if (mysql_affected_rows() != 0) {
echo "Shout Removed Successfully<br/>\n";
} else {
echo "Shout Doesn't Exist!<br/>\n";
}
break;
case 'default':
echo "<b>Rules:</b><br/>";
echo "1.Dnt Flood or Spam.<br/>2.Dnt Use SMILIES here,they wont work.<br/>3.Slang words r strictly prohibited.<br/>4.Maximum 300 char. allowed<br/><hr/>";
echo "<div class=\"form\">\n";
echo "<form method=\"post\" action=\"addshout.php?" . SID . "&ver=html&mod=default\"/>\n";
echo "Title:<br/>\n";
echo "<input name=\"title\" maxlength=\"20\" value=\"\" title=\"title\" value=\"shout\"/><br/>\n";
echo "Shout Text:<br/>\n";
echo "<input name=\"text\" maxlength=\"300\" value=\"\" title=\"text\"/><br/>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"add\"/>";
echo "<input type=\"submit\" value=\"Add\"/></form></div><br/>\n";
$title = htmlspecialchars(mysql_escape_string(trim($_POST['title'])));
$title = str_replace('$', '$$', $title);
$text = htmlspecialchars(mysql_escape_string(trim($_POST['text'])));
$text = str_replace('$', '$$', $text);
if(empty($title))
{
echo "<hr/>";
$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `nickname` = '".$nickname."';");
$id = mysql_result($q, 0);
echo "<b>Last Shouts :</b><br/><br/>";
$sht = mysql_query("SELECT `id` , `text` , `author` , `date` , `time` FROM `chat_shout` ORDER BY `time` DESC LIMIT 10;");
while($news = @mysql_fetch_array($sht))
{
$nid = $news['id'];
$name = $news['name'];
$text = $news['text'];
$author = $news['author'];
$time = $news['time'];
$date = $news['date'];
$q = mysql_query("SELECT `id` FROM `chat_users` WHERE `nickname` = '".$author."';");
$uid = mysql_result($q, 0);
echo "<font color=red><b><a href=\"info.php?".SID."&ver=html&uid=$uid&nocache=$nocache\">$author :</a></b></font><font color=orange>[$date]</font>\n";
echo "$text\n";
if($level >= 2) echo "<a href=\"addshout.php?" . SID . "&ver=html&mod=delete&nid=$nid&nocache=$nocache\"> [Delete]</a><br/>\n";
echo "<br/><br/>\n";
}
echo "<br/>\n";
echo "<a href=\"menu.php?".SID."&ver=html\">Back to Hall</a><br/>\n";
include_once "themes/".intval($_COOKIE['theme'])."/foot.php";break;
}
if(empty($text))
{
echo "Empty text!<br/>\n";
break;
}
$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `name` = '".$title."' AND `text` = '".$text."';");
$nickname = mysql_result($q, 0);
if(mysql_affected_rows($q) != 0)
{
echo "Already exist.<br/>\n";
break;
}
$q = mysql_query("SELECT `nickname` FROM `chat_users` WHERE `id` = '".$id."';");
$nickname = mysql_result($q, 0);
$date = date("d-m-Y");
$title = $title." (".$date.")";
$sql = mysql_query("INSERT INTO `chat_shout` VALUES(0, '".$title."', '".$nickname."', '".$text."', '".$date."', ".time().");");
if($sql)
{
echo "successfully saved!<br/>\n";
}
else
{
echo "Error!<br/>\n";
echo mysql_error()."<br/>\n";
}
break;
}
echo "<a href=\"menu.php?".SID."&ver=html\">Hall</a><br/>\n";
include_once "themes/".intval($_COOKIE['theme'])."/foot.php";
}
?>