<?php
include("core.php");
include("config.php");
header("Content-type: text/html; charset=ISO-8859-1");
echo "<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?>";
echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\"\"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">";
echo "<html xmlns=\"http://www.w3.org/1999/xhtml\">";
$addy = "wapirate.net";
$bcon = connectdb();
if (!$bcon)
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/red_medium.css\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "<img src=\"images/error.gif\" alt=\"*\"/><br/>";
echo "ERROR! cannot connect to database<br/><br/>";
echo "This error usually happens when backing up the database, please be patient, The site will be up as soon as possible<br/><br/>";
echo "<b>THANK YOU VERY MUCH</b>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
$brws = $_SERVER['HTTP_USER_AGENT'];
$pmtext = $_POST["pmtext"];
$ubr = $brws;
$uip = getip();
$action = $_GET["action"];
$sid = $_GET["sid"];
$page = $_GET["page"];
$who = $_GET["who"];
$pmid = $_GET["pmid"];
$uid = getuid_sid($sid);
$cid = $_GET["cid"];
$theme = mysql_fetch_array(mysql_query("SELECT theme FROM ibwf_users WHERE id='".$uid."'"));
cleardata();
if(isbanned($uid))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/red_medium.css\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "You are <b>Banned</b><br/>";
$banto = mysql_fetch_array(mysql_query("SELECT timeto FROM ibwf_penalties WHERE uid='".$uid."' AND penalty='1'"));
$banres = mysql_fetch_array(mysql_query("SELECT lastpnreas FROM ibwf_users WHERE id='".$uid."'"));
$remain = $banto[0]- time();
$rmsg = gettimemsg($remain);
echo "Time to finish your penalty: $rmsg<br/><br/>";
echo "Ban Reason: $banres[0]";
//echo "<a href=\"index.php\">Login</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
$res = mysql_query("UPDATE ibwf_users SET browserm='".$ubr."', ipadd='".$uip."' WHERE id='".getuid_sid($sid)."'");
/////////////////////////////////////////////////////////////////////////////////
if($action=="sendpm")
{
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Send PM<br/></div>";
echo "<p align=\"center\">";
$whonick = getnick_uid($who);
$byuid = getuid_sid($sid);
$tm = time();
$lastpm = mysql_fetch_array(mysql_query("SELECT MAX(timesent) FROM ibwf_private WHERE byuid='".$byuid."'"));
$pmfl = $lastpm[0]+getpmaf();
if($byuid==1218)$pmfl=0;
if($pmfl<$tm)
{
if(!isblocked($pmtext,$byuid))
{
if((!isignored($byuid, $who))&&(!istrashed($byuid)))
{
$res = mysql_query("INSERT INTO ibwf_private SET text='".$pmtext."', byuid='".$byuid."', touid='".$who."', timesent='".$tm."'");
}else{
$res = true;
}
if($res)
{
echo "<img src=\"images/ok.gif\" alt=\"O\"/>";
echo "PM was sent successfully to $whonick<br/><br/>";
echo parsepm($pmtext, $sid);
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>";
echo "Can't Send PM to $whonick<br/><br/>";
}
}else{
$bantime = time() + (7*24*60*60);
echo "<img src=\"images/notok.gif\" alt=\"X\"/>";
echo "Can't Send PM to $whonick<br/><br/>";
echo "DONT SPAM!!!<br/> as a result of your action:<br/>1. You have lost your shield!<br/>2. You have lost all your plusses!<br/>3. AUTOMATIC BAN!";
mysql_query("INSERT INTO ibwf_penalties SET uid='".$byuid."', penalty='1', exid='1', timeto='".$bantime."', pnreas='Banned: Automatic Ban for spamming'");
mysql_query("UPDATE ibwf_users SET plusses='0', shield='0' WHERE id='".$byuid."'");
mysql_query("INSERT INTO ibwf_private SET text='".$pmtext."', byuid='".$byuid."', touid='2', timesent='".$tm."'");
}
}else{
$rema = $pmfl - $tm;
echo "<img src=\"images/notok.gif\" alt=\"X\"/>";
echo "Flood control: $rema Seconds<br/><br/>";
}
echo "<br/><br/><a href=\"inbox4.php?action=main&sid=$sid&cid=$cid\">Back to Inbox</a><br/>";
echo"<b><small>Or<br/></small></b>";
echo "<a href=\"index.php?action=viewcat&sid=$sid&cid=$cid\"><img src=\"images/chat.gif\" alt=\"*\"/>Back to Forums</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
//////////////////////////////////////////
else if($action=="sendto")
{
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Send PM<br/></div>";
echo "<p align=\"center\">";
$who = $_POST["who"];
$who = getuid_nick($who);
if($who==0)
{
echo "<img src=\"images/notok.gif\" alt=\"x\"/>User Doesn't exist<br/>";
}else{
$whonick = getnick_uid($who);
$byuid = getuid_sid($sid);
$tm = time();
$lastpm = mysql_fetch_array(mysql_query("SELECT MAX(timesent) FROM ibwf_private WHERE byuid='".$byuid."'"));
$pmfl = $lastpm[0]+getpmaf();
if($pmfl<$tm)
{
if(!isblocked($pmtext,$byuid))
{
if((!isignored($byuid, $who))&&(!istrashed($byuid)))
{
$res = mysql_query("INSERT INTO ibwf_private SET text='".$pmtext."', byuid='".$byuid."', touid='".$who."', timesent='".$tm."'");
}else{
$res = true;
}
if($res)
{
echo "<img src=\"images/ok.gif\" alt=\"O\"/>";
echo "PM was sent successfully to $whonick<br/><br/>";
echo parsepm($pmtext, $sid);
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>";
echo "Can't Send PM to $whonick<br/><br/>";
}
}else{
$bantime = time() + (7*24*60*60);
echo "<img src=\"images/notok.gif\" alt=\"X\"/>";
echo "Can't Send PM to $whonick<br/><br/>";
echo "DONT SPAM!!!<br/> as a result of your action:<br/>1. You have lost your shield!<br/>2. You have lost all your plusses!<br/>3. AUTOMATIC BAN!";
mysql_query("INSERT INTO ibwf_penalties SET uid='".$byuid."', penalty='1', exid='1', timeto='".$bantime."', pnreas='Banned: Automatic Ban for spamming'");
mysql_query("UPDATE ibwf_users SET plusses='0', shield='0' WHERE id='".$byuid."'");
mysql_query("INSERT INTO ibwf_private SET text='".$pmtext."', byuid='".$byuid."', touid='2', timesent='".$tm."', reported='1'");
}
}else{
$rema = $pmfl - $tm;
echo "<img src=\"images/notok.gif\" alt=\"X\"/>";
echo "Flood control: $rema Seconds<br/><br/>";
}
}
echo "<br/><br/><a href=\"inbox4.php?action=main&sid=$sid&cid=$cid\">Back to Inbox</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
////////////////////////////////
else if($action=="proc")
{
$pmact = $_POST["pmact"];
$pact = explode("-",$pmact);
$pmid = $pact[1];
$pact = $pact[0];
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Inbox<br/></div>";
echo "<p align=\"center\">";
$pminfo = mysql_fetch_array(mysql_query("SELECT text, byuid, touid, reported FROM ibwf_private WHERE id='".$pmid."'"));
if($pact=="rep")
{
addonline(getuid_sid($sid),"Sending PM","");
$whonick = getnick_uid($pminfo[1]);
echo "Send PM to $whonick<br/><br/>";
echo "</p>";
echo "<form action=\"inbxproc4.php?action=sendpm&who=$pminfo[1]&sid=$sid&cid=$cid\" method=\"post\">";
echo "<input name=\"pmtext\" maxlength=\"500\"/><br/>";
echo "<input type=\"submit\" value=\"Send\"/>";
echo "</form>";
echo "<p align=\"center\">";
}else if($pact=="del")
{
addonline(getuid_sid($sid),"Deleting PM","");
if(getuid_sid($sid)==$pminfo[2])
{
if($pminfo[3]=="1")
{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Can't Delete PM At The Moment";
}else{
$del = mysql_query("DELETE FROM ibwf_private WHERE id='".$pmid."' ");
if($del)
{
echo "<img src=\"images/ok.gif\" alt=\"O\"/>PM deleted successfully";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Can't Delete PM at the moment";
}
}
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM ain't yours";
}
}else if($pact=="str")
{
addonline(getuid_sid($sid),"Starring PM","");
if(getuid_sid($sid)==$pminfo[2])
{
$str = mysql_query("UPDATE ibwf_private SET starred='1' WHERE id='".$pmid."' ");
if($str)
{
echo "<img src=\"images/ok.gif\" alt=\"O\"/>PM starred successfully";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Can't star PM at the moment";
}
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM ain't yours";
}
}else if($pact=="ust")
{
addonline(getuid_sid($sid),"Unstarring PM","");
if(getuid_sid($sid)==$pminfo[2])
{
$str = mysql_query("UPDATE ibwf_private SET starred='0' WHERE id='".$pmid."' ");
if($str)
{
echo "<img src=\"images/ok.gif\" alt=\"O\"/>PM unstarred successfully";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Can't unstar PM at the moment";
}
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM ain't yours";
}
}else if($pact=="rpt")
{
addonline(getuid_sid($sid),"Reporting PM","");
if(getuid_sid($sid)==$pminfo[2])
{
if($pminfo[3]=="0")
{
$str = mysql_query("UPDATE ibwf_private SET reported='1' WHERE id='".$pmid."' ");
if($str)
{
echo "<img src=\"images/ok.gif\" alt=\"O\"/>PM reported to mods successfully";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Can't report PM at the moment";
}
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM is already reported";
}
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM ain't yours";
}
}
else if($pact=="frd")
{
addonline(getuid_sid($sid),"Forwarding PM","");
if(getuid_sid($sid)==$pminfo[2]||getuid_sid($sid)==$pminfo[1])
{
echo "Forward to E-Mail:<br/><br/>";
echo "</p>";
echo "<form action=\"inbxproc.php?action=frdpm&who=$pminfo[1]&sid=$sid&rid=$rid&rpw=$rpw\" method=\"post\">";
echo "<input name=\"email\" maxlength=\"500\"/><br/>";
echo "<input name=\"pmid\" value=\"$pmid\" type=\"hidden\"/><br/>";
echo "<input type=\"submit\" value=\"Forward\"/>";
echo "</form>";
echo "<p align=\"center\">";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM ain't yours";
}
}
else if($pact=="dnl")
{
addonline(getuid_sid($sid),"Downloading PM","");
if(getuid_sid($sid)==$pminfo[2]||getuid_sid($sid)==$pminfo[1])
{
echo "<img src=\"images/ok.gif\" alt=\"X\"/>request processed successfully<br/><br/>";
echo "<a href=\"rwdpm.php?action=dpm&pmid=$pmid&sid=$sid\">Download PM</a>";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM ain't yours";
}
}
echo "<br/><br/><a href=\"inbox4.php?action=main&sid=$sid&cid=$cid\">Back to Inbox</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
///////////////////////////////////////////////////////
else if($action=="proall")
{
$pact = $_POST["pmact"];
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Delete PM<br/></div>";
echo "<p align=\"center\">";
addonline(getuid_sid($sid),"Deleting PMs","");
$uid = getuid_sid($sid);
if($pact=="ust")
{
$del = mysql_query("DELETE FROM ibwf_private WHERE touid='".$uid."' AND reported !='1' AND starred='0' And unread='0'");
if($del)
{
echo "<img src=\"images/ok.gif\" alt=\"O\"/>All PMS except starred and unread are deleted successfully";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Can't Delete PM at the moment";
}
}else if($pact=="red")
{
$del = mysql_query("DELETE FROM ibwf_private WHERE touid='".$uid."' AND reported !='1' and unread='0'");
if($del)
{
echo "<img src=\"images/ok.gif\" alt=\"O\"/>All PMS except unread, including starred are deleted successfully";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Can't Delete PM at the moment";
}
}else if($pact=="all")
{
$del = mysql_query("DELETE FROM ibwf_private WHERE touid='".$uid."' AND reported !='1'");
if($del)
{
echo "<img src=\"images/ok.gif\" alt=\"O\"/>All PMS except reported, including starred and unread are deleted successfully";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Can't Delete PM at the moment";
}
}
echo "<br/><br/><a href=\"inbox4.php?action=main&sid=$sid&cid=$cid\">Back to Inbox</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
//////////////////////////////////////////////////
else if($action=="frdpm")
{
$email = $_POST["email"];
$pmid = $_POST["pmid"];
addonline(getuid_sid($sid),"Forwarding PM","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Forward PM<br/></div>";
echo "<p align=\"center\">";
$pminfo = mysql_fetch_array(mysql_query("SELECT text, byuid, timesent,touid, reported FROM ibwf_private WHERE id='".$pmid."'"));
if(($pminfo[3]==getuid_sid($sid))||($pminfo[1]==getuid_sid($sid)))
{
$from_head = "From: noreplay@wapirate.wen.ru";
$subject = "PM By ".getnick_uid($pminfo[1])." To ".getnick_uid($pminfo[3])." (wapirate.wen.ru)";
$content = "Date: ".date("l d/m/y H:i:s", $pminfo[2])."\n\n";
$content .= $pminfo[0]."\n------------------------\n";
$content .= "wapirate.wen.ru: The best wap community!";
mail($email, $subject, $content, $from_head);
echo "<img src=\"images/ok.gif\" alt=\"X\"/>PM forwarded to $email";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM ain't yours";
}
echo "<br/><br/><a href=\"inbox4.php?action=main&sid=$sid&cid=$cid\">Back to Inbox</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
/////////////////////////////////////////////
else{
addonline(getuid_sid($sid),"Lost in inbox lol","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "I don't know how you got in here, but there's nothing to show<br/><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
echo "</html>";
?>