<?php
include("core.php");
include("config.php");
header("Content-type: text/html; charset=ISO-8859-1");
echo "<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?>";
echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\"\"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">";
echo "<html xmlns=\"http://www.w3.org/1999/xhtml\">";
$addy = "wapirate.net";
$bcon = connectdb();
if (!$bcon)
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/red_medium.css\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "<img src=\"images/error.gif\" alt=\"*\"/><br/>";
echo "ERROR! cannot connect to database<br/><br/>";
echo "This error usually happens when backing up the database, please be patient, The site will be up as soon as possible<br/><br/>";
echo "<b>THANK YOU VERY MUCH</b>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
$brws = $_SERVER['HTTP_USER_AGENT'];
$ubr = $brws;
$uip = getip();
$action = $_GET["action"];
$sid = $_GET["sid"];
$page = $_GET["page"];
$who = $_GET["who"];
$pmid = $_GET["pmid"];
$uid = getuid_sid($sid);
$rid=$_GET["rid"];
$rpw=$_GET["rpw"];
$theme = mysql_fetch_array(mysql_query("SELECT theme FROM ibwf_users WHERE id='".$uid."'"));
cleardata();
if(isipbanned($uip,$ubr))
{
if(!isshield(getuid_sid($sid)))
{
echo "<head>";
echo "<title>Ip Block!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/red_medium.css\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "This IP address is blocked<br/>";
echo "<br/>";
echo "However we grant a shield against IP-Ban for our best users, you can try to see if you are shielded by trying to login, if you keep coming to this page that means you are not shielded, so come back when the ip-ban period is over<br/><br/>";
$banto = mysql_fetch_array(mysql_query("SELECT timeto FROM ibwf_penalties WHERE penalty='2' AND ipadd='".$uip."' AND browserm='".$ubr."' LIMIT 1 "));
//echo mysql_error();
$remain = $banto[0] - time();
$rmsg = gettimemsg($remain);
echo " IP: $rmsg<br/><br/>";
echo "</p>";
// echo "<p>";
echo "<form action=\"login.php\" method=\"get\">";
echo "username:<br/> <input name=\"loguid\" format=\"*x\" size=\"8\" maxlength=\"30\"/><br/>";
echo "password:<br/> <input type=\"password\" name=\"logpwd\" size=\"8\" maxlength=\"30\"/><br/>";
echo "<input type=\"submit\" value=\"login »\"/>";
echo "</form>";
// echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
}
if(($action != "") && ($action!="terms"))
{
$uid = getuid_sid($sid);
if((islogged($sid)==false)||($uid==0))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/red_medium.css\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "You are not logged in<br/>";
echo "Or Your session has been expired<br/><br/>";
echo "<a href=\"index.php\">Login</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
}
if(isbanned($uid))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/red_medium.css\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "You are <b>Banned</b><br/>";
$banto = mysql_fetch_array(mysql_query("SELECT timeto FROM ibwf_penalties WHERE uid='".$uid."' AND penalty='1'"));
$banres = mysql_fetch_array(mysql_query("SELECT lastpnreas FROM ibwf_users WHERE id='".$uid."'"));
$remain = $banto[0]- time();
$rmsg = gettimemsg($remain);
echo "Time to finish your penalty: $rmsg<br/><br/>";
echo "Ban Reason: $banres[0]";
//echo "<a href=\"index.php\">Login</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
$res = mysql_query("UPDATE ibwf_users SET browserm='".$ubr."', ipadd='".$uip."' WHERE id='".getuid_sid($sid)."'");
/////////////////////////////////////////////////////////////////////////////////
if($action=="sendpm")
{
addonline(getuid_sid($sid),"Sending PM","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Send PM<br/></div>";
echo "<p align=\"center\">";
$whonick = getnick_uid($who);
echo "Send PM to $whonick<br/><br/>";
echo "</p>";
echo "<form action=\"inbxproc5.php?action=sendpm&who=$who&sid=$sid&rid=$rid&rpw=$rpw\" method=\"post\">";
echo "<input name=\"pmtext\" maxlength=\"500\"/><br/>";
echo "<input type=\"submit\" value=\"SEND\"/>";
echo "</form>";
echo "<p align=\"center\">";
echo "<br/><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
////////////////////////////////////
else if($action=="sendto")
{
addonline(getuid_sid($sid),"Sending PM","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Send PM<br/></div>";
$whonick = getnick_uid($who);
echo "Send PM to:<br/><br/>";
echo "<form action=\"inbxproc5.php?action=sendto&sid=$sid&rid=$rid&rpw=$rpw\" method=\"post\">";
echo "User: <input name=\"who\" format=\"*x\" maxlength=\"15\"/><br/>";
echo "Text: <input name=\"pmtext\" maxlength=\"500\"/><br/>";
echo "<input type=\"submit\" value=\"SEND\"/>";
echo "</form>";
echo "<p align=\"center\">";
echo "<br/><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
////////////////////////////////////////////////
else if($action=="main")
{
addonline(getuid_sid($sid),"User Inbox","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Inbox<br/></div>";
echo "<form action=\"inbox5.php\" method=\"get\">";
echo "View: <select name=\"view\">";
echo "<option value=\"all\">All</option>";
echo "<option value=\"snt\">Sent</option>";
echo "<option value=\"str\">Starred</option>";
echo "<option value=\"urd\">Unread</option>";
echo "</select>";
echo "<input type=\"hidden\" name=\"action\" value=\"$action\"/>";
echo "<input type=\"hidden\" name=\"sid\" value=\"$sid\"/>";
echo "<input type=\"hidden\" name=\"rid\" value=\"$rid\"/>";
echo "<input type=\"hidden\" name=\"rpw\" value=\"$rpw\"/>";
echo "<input type=\"submit\" value=\"GO\"/>";
echo "</form>";
$view = $_GET["view"];
//////ALL LISTS SCRIPT <<
if($view=="")$view="all";
if($page=="" || $page<=0)$page=1;
$myid = getuid_sid($sid);
$doit=false;
$num_items = getpmcount($myid,$view); //changable
$items_per_page= 7;
$num_pages = ceil($num_items/$items_per_page);
if($page>$num_pages)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
if($num_items>0)
{
if($doit)
{
$exp = "&rwho=$myid";
}else
{
$exp = "";
}
//changable sql
if($view=="all")
{
$sql = "SELECT
a.name, b.id, b.byuid, b.unread, b.starred FROM ibwf_users a
INNER JOIN ibwf_private b ON a.id = b.byuid
WHERE b.touid='".$myid."'
ORDER BY b.timesent DESC
LIMIT $limit_start, $items_per_page
";
}else if($view=="snt")
{
$sql = "SELECT
a.name, b.id, b.touid, b.unread, b.starred FROM ibwf_users a
INNER JOIN ibwf_private b ON a.id = b.touid
WHERE b.byuid='".$myid."'
ORDER BY b.timesent DESC
LIMIT $limit_start, $items_per_page
";
}else if($view=="str")
{
$sql = "SELECT
a.name, b.id, b.byuid, b.unread, b.starred FROM ibwf_users a
INNER JOIN ibwf_private b ON a.id = b.byuid
WHERE b.touid='".$myid."' AND b.starred='1'
ORDER BY b.timesent DESC
LIMIT $limit_start, $items_per_page
";
}else if($view=="urd")
{
$sql = "SELECT
a.name, b.id, b.byuid, b.unread, b.starred FROM ibwf_users a
INNER JOIN ibwf_private b ON a.id = b.byuid
WHERE b.touid='".$myid."' AND b.unread='1'
ORDER BY b.timesent DESC
LIMIT $limit_start, $items_per_page
";
}
echo "<p>";
$items = mysql_query($sql);
echo mysql_error();
while ($item = mysql_fetch_array($items))
{
if($item[3]=="1")
{
$iml = "<img src=\"images/npm.gif\" alt=\"+\"/>";
}else{
if($item[4]=="1")
{
$iml = "<img src=\"images/spm.gif\" alt=\"*\"/>";
}else{
$iml = "<img src=\"images/opm.gif\" alt=\"-\"/>";
}
}
$lnk = "<a href=\"inbox5.php?action=readpm&pmid=$item[1]&sid=$sid&rid=$rid&rpw=$rpw\">$iml $item[0]</a>";
echo "$lnk<br/>";
}
echo "</p>";
echo "<p align=\"center\">";
$npage = $page+1;
echo "<a href=\"inbox5.php?action=sendto&sid=$sid&rid=$rid&rpw=$rpw\">Send To</a><br/>";
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"inbox5.php?action=main&page=$ppage&sid=$sid&rid=$rid&rpw=$rpw&view=$view$exp\">«PREV</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"inbox5.php?action=main&page=$npage&sid=$sid&rid=$rid&rpw=$rpw&view=$view$exp\">Next»</a>";
}
echo "<br/>$page/$num_pages<br/>";
echo "</p>";
if($num_pages>2)
{
$rets = "<form action=\"inbox5.php\" method=\"get\">";
$rets .= "Jump To Page: <input name=\"page\" format=\"*N\" size=\"3\"/>";
$rets .= "<input type=\"submit\" value=\"GO\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\"/>";
$rets .= "<input type=\"hidden\" name=\"sid\" value=\"$sid\"/>";
$rets .= "<input type=\"hidden\" name=\"rid\" value=\"$rid\"/>";
$rets .= "<input type=\"hidden\" name=\"rpw\" value=\"$rpw\"/>";
$rets .= "<input type=\"hidden\" name=\"view\" value=\"$view\"/>";
$rets .= "</form>";
echo $rets;
echo "<br/>";
}
echo "<br/>";
echo "<form action=\"inbxproc5.php?action=proall&sid=$sid&rid=$rid&rpw=$rpw\" method=\"post\">";
echo "Delete: <select name=\"pmact\">";
echo "<option value=\"ust\">Unstarred</option>";
echo "<option value=\"red\">Read</option>";
echo "<option value=\"all\">All</option>";
echo "</select>";
echo "<input type=\"submit\" value=\"GO\"/>";
echo "</form>";
}else{
echo "<p align=\"center\">";
echo "You have no Private Messages";
echo "</p>";
}
////// UNTILL HERE >>
echo "<p align=\"center\">";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
///////////////////////////////////////
else if($action=="readpm")
{
addonline(getuid_sid($sid),"Reading PM","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Read PM<br/></div>";
echo "<p align=\"center\">";
$pminfo = mysql_fetch_array(mysql_query("SELECT text, byuid, timesent,touid, reported FROM ibwf_private WHERE id='".$pmid."'"));
if(getuid_sid($sid)==$pminfo[3])
{
$chread = mysql_query("UPDATE ibwf_private SET unread='0' WHERE id='".$pmid."'");
}
if(($pminfo[3]==getuid_sid($sid))||($pminfo[1]==getuid_sid($sid)))
{
if(getuid_sid($sid)==$pminfo[3])
{
if(isonline($pminfo[1]))
{
$iml = "<img src=\"images/onl.gif\" alt=\"+\"/>";
}else{
$iml = "<img src=\"images/ofl.gif\" alt=\"-\"/>";
}
$ptxt = "PM By: ";
$bylnk = "<a href=\"index.php?action=viewuser&who=$pminfo[1]&sid=$sid\">$iml".getnick_uid($pminfo[1])."</a>";
}else{
if(isonline($pminfo[3]))
{
$iml = "<img src=\"images/onl.gif\" alt=\"+\"/>";
}else{
$iml = "<img src=\"images/ofl.gif\" alt=\"-\"/>";
}
$ptxt = "PM To: ";
$bylnk = "<a href=\"index.php?action=viewuser&who=$pminfo[3]&sid=$sid\">$iml".getnick_uid($pminfo[3])."</a>";
}
echo "$ptxt $bylnk<br/>";
$tmstamp = $pminfo[2];
$tmdt = date("d m Y - H:i:s", $tmstamp);
echo "$tmdt<br/><br/>";
$pmtext = parsepm($pminfo[0], $sid);
$pmtext = str_replace("/llfaqs","<a href=\"lists.php?action=faqs&sid=$sid\">wapirate FAQs</a>", $pmtext);
$pmtext = str_replace("/reader",getnick_uid($pminfo[3]), $pmtext);
if(isspam($pmtext))
{
//////////////////////////////Do Not Report
if(($pminfo[4]=="0") && ($pminfo[1]!=1) && ($pminfo[1]!=3944) && ($pminfo[1]!=407) && ($pminfo[1]!=10) && ($pminfo[1]!=26) && ($pminfo[1]!=1781))
{
mysql_query("UPDATE ibwf_private SET reported='1' WHERE id='".$pmid."'");
}
}
echo $pmtext;
echo "</p>";
echo "<form action=\"inbxproc5.php?action=proc&sid=$sid&rid=$rid&rpw=$rpw\" method=\"post\">";
echo "Action: <select name=\"pmact\">";
echo "<option value=\"rep-$pmid\">Reply</option>";
echo "<option value=\"del-$pmid\">Delete</option>";
if(isstarred($pmid))
{
echo "<option value=\"ust-$pmid\">Unstar</option>";
}else{
echo "<option value=\"str-$pmid\">Star</option>";
}
echo "<option value=\"rpt-$pmid\">Report</option>";
echo "</select>";
echo "<input type=\"submit\" value=\"GO\"/>";
echo "</form>";
echo "<p align=\"center\">";
echo "<br/><br/><a href=\"inbox5.php?action=dialog&sid=$sid&rid=$rid&rpw=$rpw&who=$pminfo[1]\">Dialog</a>";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM ain't yours";
}
echo "<br/><br/><a href=\"inbox5.php?action=main&sid=$sid&rid=$rid&rpw=$rpw\">Back to Inbox</a><br/>";
echo"<b><small>Or<br/></small></b>";
echo "<a href=\"chat.php?sid=$sid&rid=$rid&rpw=$rpw\"><img src=\"images/chat.gif\" alt=\"*\"/>Back to Chat</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
///////////////////////////////////////////////////////
else if($action=="dialog")
{
addonline(getuid_sid($sid),"Viewing PM Dialog","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Dialog<br/></div>";
$uid = getuid_sid($sid);
if($page=="" || $page<=0)$page=1;
$myid = getuid_sid($sid);
$pms = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_private WHERE (byuid=$uid AND touid=$who) OR (byuid=$who AND touid=$uid) ORDER BY timesent"));
echo mysql_error();
$num_items = $pms[0]; //changable
$items_per_page= 7;
$num_pages = ceil($num_items/$items_per_page);
if($page>$num_pages)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
if($num_items>0)
{
echo "<p align=\"center\">";
$pms = mysql_query("SELECT byuid, text, timesent FROM ibwf_private WHERE (byuid=$uid AND touid=$who) OR (byuid=$who AND touid=$uid) ORDER BY timesent LIMIT $limit_start, $items_per_page");
while($pm=mysql_fetch_array($pms))
{
if(isonline($pm[0]))
{
$iml = "<img src=\"images/onl.gif\" alt=\"+\"/>";
}else{
$iml = "<img src=\"images/ofl.gif\" alt=\"-\"/>";
}
$bylnk = "<a href=\"index.php?action=viewuser&who=$pm[0]&sid=$sid\">$iml".getnick_uid($pm[0])."</a>";
echo $bylnk;
$tmopm = date("d m y - h:i:s",$pm[2]);
echo " $tmopm<br/>";
echo parsepm($pm[1], $sid);
echo "<br/>--------------<br/>";
}
echo "</p><p align=\"center\">";
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"inbox5.php?action=dialog&page=$ppage&sid=$sid&rid=$rid&rpw=$rpw&who=$who\">«PREV</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"inbox5.php?action=dialog&page=$npage&sid=$sid&rid=$rid&rpw=$rpw&who=$who\">Next»</a>";
}
echo "<br/>$page/$num_pages<br/>";
echo "</p>";
if($num_pages>2)
{
$rets = "<form action=\"inbox5.php\" method=\"get\">";
$rets .= "Jump To Page: <input name=\"page\" format=\"*N\" size=\"3\"/>";
$rets .= "<input type=\"submit\" value=\"GO\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\"/>";
$rets .= "<input type=\"hidden\" name=\"sid\" value=\"$sid\"/>";
$rets .= "<input type=\"hidden\" name=\"rid\" value=\"$rid\"/>";
$rets .= "<input type=\"hidden\" name=\"rpw\" value=\"$rpw\"/>";
$rets .= "<input type=\"hidden\" name=\"who\" value=\"$who\"/>";
$rets .= "</form>";
echo $rets;
}
echo "<p align=\"center\">";
}else{
echo "<p align=\"center\">";
echo "NO DATA";
}
echo "<br/><small>only first 50 messages</small><br/>";
echo "<a href=\"inbox5.php?action=main&sid=$sid&rid=$rid&rpw=$rpw\">Back to Inbox</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
//////////////////////////////////////////
else{
addonline(getuid_sid($sid),"Lost in inbox lol","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "I don't know how you got in here, but there's nothing to show<br/><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
echo "</html>";
?>