View file wapirate/A1/inbxproc6.php

World Fastest and Cheapest Hosting
Buy Cheapest Web Domains
File size: 18.91Kb 
<?php





include("core.php");

include("config.php");





header("Content-type: text/html; charset=ISO-8859-1");

echo "<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?>";

echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\"\"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">";

echo "<html xmlns=\"http://www.w3.org/1999/xhtml\">";

$addy = "wapirate.net";

$bcon = connectdb();

if (!$bcon)

{

        echo "<head>";

    echo "<title>Error!!!</title>";

    echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/red_medium.css\">";

    echo "</head>";

    echo "<body>";

    echo "<div><br/>Doh!<br/></div>";

    echo "<p align=\"center\">";

    echo "<img src=\"images/error.gif\" alt=\"*\"/><br/>";

    echo "ERROR! cannot connect to database<br/><br/>";

    echo "This error usually happens when backing up the database, please be patient, The site will be up as soon as possible<br/><br/>";

    echo "<b>THANK YOU VERY MUCH</b>";

    echo "</p>";

    echo "<div>$addy</div>";

    echo "</body>";

    echo "</html>";

    exit();

}

$brws = $_SERVER['HTTP_USER_AGENT'];

$ubr = $brws;

$uip = getip();

$action = $_GET["action"];

$sid = $_GET["sid"];

$page = $_GET["page"];

$who = $_GET["who"];

$pmid = $_GET["pmid"];

$uid = getuid_sid($sid);

$rid=$_GET["rid"];

$rpw=$_GET["rpw"];

$pmtext = $_POST["pmtext"];

$theme = mysql_fetch_array(mysql_query("SELECT theme FROM ibwf_users WHERE id='".$uid."'"));



cleardata();

if(isipbanned($uip,$ubr))

    {

      if(!isshield(getuid_sid($sid)))

      {

  echo "<head>";

  echo "<title>Ip Block!</title>";

  echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/red_medium.css\">";

  echo "</head>";

  echo "<body>";

    echo "<div><br/>Doh!<br/></div>";

      echo "<p align=\"center\">";

      echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";

      echo "This IP address is blocked<br/>";

      echo "<br/>";

      echo "However we grant a shield against IP-Ban for our best users, you can try to see if you are shielded by trying to login, if you keep coming to this page that means you are not shielded, so come back when the ip-ban period is over<br/><br/>";

      $banto = mysql_fetch_array(mysql_query("SELECT  timeto FROM ibwf_penalties WHERE  penalty='2' AND ipadd='".$uip."' AND browserm='".$ubr."' LIMIT 1 "));

      //echo mysql_error();

      $remain =  $banto[0] - time();

      $rmsg = gettimemsg($remain);

      echo " IP: $rmsg<br/><br/>";

      

      echo "</p>";

    echo "<form action=\"login.php\" method=\"get\">";

  echo "username:<br/> <input name=\"loguid\" format=\"*x\" size=\"8\" maxlength=\"30\"/><br/>";

  echo "password:<br/> <input type=\"password\" name=\"logpwd\" size=\"8\" maxlength=\"30\"/><br/>";

echo "<input type=\"submit\" value=\"login &#187;\"/>";

echo "</form>"; 

  echo "<div>$addy</div>";

  echo "</body>";

  echo "</html>";

      exit();

      }

    }



if(isbanned($uid))

    {

      echo "<head>";

      echo "<title>Error!!!</title>";

      echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/red_medium.css\">";

      echo "</head>";

      echo "<body>";        

    echo "<div><br/>Doh!<br/></div>";

      echo "<p align=\"center\">";

      echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";

      echo "You are <b>Banned</b><br/>";

      $banto = mysql_fetch_array(mysql_query("SELECT timeto FROM ibwf_penalties WHERE uid='".$uid."' AND penalty='1'"));

	  $banres = mysql_fetch_array(mysql_query("SELECT lastpnreas FROM ibwf_users WHERE id='".$uid."'"));

	  

      $remain = $banto[0]- time();

      $rmsg = gettimemsg($remain);

      echo "Time to finish your penalty: $rmsg<br/><br/>";

	  echo "Ban Reason: $banres[0]";

      //echo "<a href=\"index.php\">Login</a>";

      echo "</p>";

    echo "<div>$addy</div>";

  echo "</body>";

  echo "</html>";

  exit();

    }

$res = mysql_query("UPDATE ibwf_users SET browserm='".$ubr."', ipadd='".$uip."' WHERE id='".getuid_sid($sid)."'");

/////////////////////////////////////////////////////////////////////////////////

if($action=="sendpm")

{

  echo "<head>";

  echo "<title>wapirate</title>";

  echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";

  echo "</head>";

  echo "<body>"; 

    echo "<div><br/>Send PM<br/></div>";

  echo "<p align=\"center\">";

  $whonick = getnick_uid($who);

  $byuid = getuid_sid($sid);

  $tm = time();

  $lastpm = mysql_fetch_array(mysql_query("SELECT MAX(timesent) FROM ibwf_private WHERE byuid='".$byuid."'"));

  $pmfl = $lastpm[0]+getpmaf();

  if($byuid==1218)$pmfl=0;

  if($pmfl<$tm)

  {

    if(!isblocked($pmtext,$byuid))

    {

    if((!isignored($byuid, $who))&&(!istrashed($byuid)))

    {

  $res = mysql_query("INSERT INTO ibwf_private SET text='".$pmtext."', byuid='".$byuid."', touid='".$who."', timesent='".$tm."'");

  }else{

    $res = true;

  }

  if($res)

  {



    echo "<img src=\"images/ok.gif\" alt=\"O\"/>";

    echo "PM was sent successfully to $whonick<br/><br/>";

    echo parsepm($pmtext, $sid);

    

  }else{

    echo "<img src=\"images/notok.gif\" alt=\"X\"/>";

    echo "Can't Send PM to $whonick<br/><br/>";

  }

  }else{

    $bantime = time() + (7*24*60*60);

    echo "<img src=\"images/notok.gif\" alt=\"X\"/>";

    echo "Can't Send PM to $whonick<br/><br/>";

    echo "DONT SPAM!!!<br/> as a result of your action:<br/>1. You have lost your shield!<br/>2. You have lost all your plusses!<br/>3. AUTOMATIC BAN!";

    mysql_query("INSERT INTO ibwf_penalties SET uid='".$byuid."', penalty='1', exid='1', timeto='".$bantime."', pnreas='Banned: Automatic Ban for spamming'");

    mysql_query("UPDATE ibwf_users SET plusses='0', shield='0' WHERE id='".$byuid."'");

    mysql_query("INSERT INTO ibwf_private SET text='".$pmtext."', byuid='".$byuid."', touid='2', timesent='".$tm."'");

  }

  }else{

    $rema = $pmfl - $tm;

    echo "<img src=\"images/notok.gif\" alt=\"X\"/>";

    echo "Flood control: $rema Seconds<br/><br/>";

  }

  echo "<br/><br/><a href=\"inbox6.php?action=main&amp;sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Back to Inbox</a><br/>";

  echo"<b><small>Or<br/></small></b>";

  echo "<a href=\"quiz.php?sid=$sid&amp;rid=$rid&amp;rpw=$rpw\"><img src=\"/images/Quiz.gif\" alt=\"*\"/>Back to Games Rooms</a><br/>";

  echo "<a href=\"index.php?action=main&amp;sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";

echo "Home</a>";

  echo "</p>";

    echo "<div>$addy</div>";

    echo "</body>";

  exit();   

}

////////////////////////////////////

else if($action=="sendto")

{

  echo "<head>";

  echo "<title>wapirate</title>";

  echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";

  echo "</head>";

  echo "<body>";   

    echo "<div><br/>Send PM<br/></div>";

  echo "<p align=\"center\">";

  $who = $_POST["who"];

  $who = getuid_nick($who);

    if($who==0)

    {

      echo "<img src=\"images/notok.gif\" alt=\"x\"/>User Doesn't exist<br/>";

    }else{

$whonick = getnick_uid($who);

  $byuid = getuid_sid($sid);

  $tm = time();

  $lastpm = mysql_fetch_array(mysql_query("SELECT MAX(timesent) FROM ibwf_private WHERE byuid='".$byuid."'"));

  $pmfl = $lastpm[0]+getpmaf();

  if($pmfl<$tm)

  {

    if(!isblocked($pmtext,$byuid))

    {

    if((!isignored($byuid, $who))&&(!istrashed($byuid)))

    {

  $res = mysql_query("INSERT INTO ibwf_private SET text='".$pmtext."', byuid='".$byuid."', touid='".$who."', timesent='".$tm."'");

  }else{

    $res = true;

  }

  if($res)

  {

    echo "<img src=\"images/ok.gif\" alt=\"O\"/>";

    echo "PM was sent successfully to $whonick<br/><br/>";

    echo parsepm($pmtext, $sid);



  }else{

    echo "<img src=\"images/notok.gif\" alt=\"X\"/>";

    echo "Can't Send PM to $whonick<br/><br/>";

  }

  }else{

   $bantime = time() + (7*24*60*60);

    echo "<img src=\"images/notok.gif\" alt=\"X\"/>";

    echo "Can't Send PM to $whonick<br/><br/>";

    echo "DONT SPAM!!!<br/> as a result of your action:<br/>1. You have lost your shield!<br/>2. You have lost all your plusses!<br/>3. AUTOMATIC BAN!";

    mysql_query("INSERT INTO ibwf_penalties SET uid='".$byuid."', penalty='1', exid='1', timeto='".$bantime."', pnreas='Banned: Automatic Ban for spamming'");

    mysql_query("UPDATE ibwf_users SET plusses='0', shield='0' WHERE id='".$byuid."'");

    mysql_query("INSERT INTO ibwf_private SET text='".$pmtext."', byuid='".$byuid."', touid='2', timesent='".$tm."', reported='1'");

  }

  }else{

    $rema = $pmfl - $tm;

    echo "<img src=\"images/notok.gif\" alt=\"X\"/>";

    echo "Flood control: $rema Seconds<br/><br/>";

  }



    }

  

  echo "<br/><br/><a href=\"inbox6.php?action=main&amp;sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Back to Inbox</a><br/>";

  echo "<a href=\"index.php?action=main&amp;sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";

echo "Home</a>";

  echo "</p>";

    echo "<div>$addy</div>";

   echo "</body>";

  exit();    

}

/////////////////////////////////////////

else if($action=="proc")

{

    $pmact = $_POST["pmact"];

    $pact = explode("-",$pmact);

    $pmid = $pact[1];

    $pact = $pact[0];

     echo "<head>";

  echo "<title>wapirate</title>";

  echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";

  echo "</head>";

  echo "<body>";  

    echo "<div><br/>Inbox<br/></div>";

    echo "<p align=\"center\">";

    $pminfo = mysql_fetch_array(mysql_query("SELECT text, byuid, touid, reported FROM ibwf_private WHERE id='".$pmid."'"));

    if($pact=="rep")

    {

      addonline(getuid_sid($sid),"Sending PM","");

       

      $whonick = getnick_uid($pminfo[1]);

  echo "Send PM to $whonick<br/><br/>";

  echo "</p>";

  echo "<form action=\"inbxproc6.php?action=sendpm&amp;who=$pminfo[1]&amp;sid=$sid&amp;rid=$rid&amp;rpw=$rpw\" method=\"post\">";

  echo "<input name=\"pmtext\" maxlength=\"500\"/><br/>";

  echo "<input type=\"submit\" value=\"Send\"/>";

echo "</form>";

    echo "<p align=\"center\">";  

    }else if($pact=="del")

    {

        addonline(getuid_sid($sid),"Deleting PM","");

        if(getuid_sid($sid)==$pminfo[2])

        {

          if($pminfo[3]=="1")

          {

            

            echo "<img src=\"images/notok.gif\" alt=\"X\"/>Can't Delete PM At The Moment";

          }else{

          $del = mysql_query("DELETE FROM ibwf_private WHERE id='".$pmid."' ");

          if($del)

          {

            echo "<img src=\"images/ok.gif\" alt=\"O\"/>PM deleted successfully";

          }else{

            echo "<img src=\"images/notok.gif\" alt=\"X\"/>Can't Delete PM at the moment";

          }

          }



        }else{

          echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM ain't yours";

        }

    }else if($pact=="str")

    {

        addonline(getuid_sid($sid),"Starring PM","");

        if(getuid_sid($sid)==$pminfo[2])

        {

          $str = mysql_query("UPDATE ibwf_private SET starred='1' WHERE id='".$pmid."' ");

          if($str)

          {

            echo "<img src=\"images/ok.gif\" alt=\"O\"/>PM starred successfully";

          }else{

            echo "<img src=\"images/notok.gif\" alt=\"X\"/>Can't star PM at the moment";

          }

        }else{

          echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM ain't yours";

        }

    }else if($pact=="ust")

    {

        addonline(getuid_sid($sid),"Unstarring PM","");

        if(getuid_sid($sid)==$pminfo[2])

        {

          $str = mysql_query("UPDATE ibwf_private SET starred='0' WHERE id='".$pmid."' ");

          if($str)

          {

            echo "<img src=\"images/ok.gif\" alt=\"O\"/>PM unstarred successfully";

          }else{

            echo "<img src=\"images/notok.gif\" alt=\"X\"/>Can't unstar PM at the moment";

          }

        }else{

          echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM ain't yours";

        }

    }else if($pact=="rpt")

    {

        addonline(getuid_sid($sid),"Reporting PM","");

        if(getuid_sid($sid)==$pminfo[2])

        {

          if($pminfo[3]=="0")

          {

          $str = mysql_query("UPDATE ibwf_private SET reported='1' WHERE id='".$pmid."' ");

          if($str)

          {

            echo "<img src=\"images/ok.gif\" alt=\"O\"/>PM reported to mods successfully";

          }else{

            echo "<img src=\"images/notok.gif\" alt=\"X\"/>Can't report PM at the moment";

          }

          }else{

            echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM is already reported";

          }

        }else{

          echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM ain't yours";

        }

    }

	else if($pact=="frd")

    {

        addonline(getuid_sid($sid),"Forwarding PM","");

        if(getuid_sid($sid)==$pminfo[2]||getuid_sid($sid)==$pminfo[1])

        {

  /*        

  echo "Forward to E-Mail:<br/><br/>";

  echo "<input name=\"email\" maxlength=\"250\"/><br/>";

  echo "<anchor>Forward<go href=\"inbxproc6.php?action=frdpm&amp;sid=$sid&amp;rid=$rid&amp;rpw=$rpw\" method=\"post\">";

  echo "<postfield name=\"email\" value=\"$(email)\"/>";

  echo "<postfield name=\"pmid\" value=\"$pmid\"/>";

  echo "</go></anchor>";

*/

  echo "</p>";

  echo "<form action=\"inbxproc.php?action=frdpm&amp;who=$pminfo[1]&amp;sid=$sid&amp;rid=$rid&amp;rpw=$rpw\" method=\"post\">";

  echo "<input name=\"email\" maxlength=\"500\"/><br/>";

  echo "<input name=\"pmid\" value=\"$pmid\" type=\"hidden\"/><br/>";

  echo "<input type=\"submit\" value=\"Forward\"/>";

echo "</form>";

    echo "<p align=\"center\">";  

        }else{

          echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM ain't yours";

        }

    }

	else if($pact=="dnl")

    {

        addonline(getuid_sid($sid),"Downloading PM","");

        if(getuid_sid($sid)==$pminfo[2]||getuid_sid($sid)==$pminfo[1])

        {

          echo "<img src=\"images/ok.gif\" alt=\"X\"/>request processed successfully<br/><br/>";

		  echo "<a href=\"rwdpm.php?action=dpm&amp;pmid=$pmid&amp;sid=$sid\">Download PM</a>";

        }else{

          echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM ain't yours";

        }

    }

    echo "<br/><br/><a href=\"inbox6.php?action=main&amp;sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Back to Inbox</a><br/>";

  echo "<a href=\"index.php?action=main&amp;sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";

echo "Home</a>";

    echo "</p>";

    echo "<div>$addy</div>";

   echo "</body>";

  exit();    

  }

//////////////////////////////////////////////////////////

else if($action=="proall")

{

    $pact = $_POST["pmact"];

     echo "<head>";

  echo "<title>wapirate</title>";

  echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";

  echo "</head>";

  echo "<body>";  

  echo "<div><br/>Delete PM<br/></div>";

    echo "<p align=\"center\">";

    addonline(getuid_sid($sid),"Deleting PMs","");

      $uid = getuid_sid($sid);

    if($pact=="ust")

    {

      

      $del = mysql_query("DELETE FROM ibwf_private WHERE touid='".$uid."' AND reported !='1' AND starred='0' And unread='0'");

      if($del)

          {

            echo "<img src=\"images/ok.gif\" alt=\"O\"/>All PMS except starred and unread are deleted successfully";

          }else{

            echo "<img src=\"images/notok.gif\" alt=\"X\"/>Can't Delete PM at the moment";

          }

    }else if($pact=="red")

    {

       

        $del = mysql_query("DELETE FROM ibwf_private WHERE touid='".$uid."' AND reported !='1' and unread='0'");

      if($del)

          {

            echo "<img src=\"images/ok.gif\" alt=\"O\"/>All PMS except unread, including starred are deleted successfully";

          }else{

            echo "<img src=\"images/notok.gif\" alt=\"X\"/>Can't Delete PM at the moment";

          }

       

    }else if($pact=="all")

    {

        $del = mysql_query("DELETE FROM ibwf_private WHERE touid='".$uid."' AND reported !='1'");

      if($del)

          {

            echo "<img src=\"images/ok.gif\" alt=\"O\"/>All PMS except reported, including starred and unread are deleted successfully";

          }else{

            echo "<img src=\"images/notok.gif\" alt=\"X\"/>Can't Delete PM at the moment";

          }

    }

    

    echo "<br/><br/><a href=\"inbox6.php?action=main&amp;sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Back to Inbox</a><br/>";

  echo "<a href=\"index.php?action=main&amp;sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";

echo "Home</a>";

    echo "</p>";

    echo "<div>$addy</div>";

   echo "</body>";

  exit();    

    

  }

//////////////////////////////////////////////

else if($action=="frdpm")

{

	$email = $_POST["email"];

	$pmid = $_POST["pmid"];

  addonline(getuid_sid($sid),"Forwarding PM","");

   echo "<head>";

  echo "<title>wapirate</title>";

  echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";

  echo "</head>";

  echo "<body>";  

  echo "<div><br/>Forward PM<br/></div>";

  echo "<p align=\"center\">";



  $pminfo = mysql_fetch_array(mysql_query("SELECT text, byuid, timesent,touid, reported FROM ibwf_private WHERE id='".$pmid."'"));

  

  

  if(($pminfo[3]==getuid_sid($sid))||($pminfo[1]==getuid_sid($sid)))

  {

  $from_head = "From: noreplay@wapirate.wen.ru";

  $subject = "PM By ".getnick_uid($pminfo[1])." To ".getnick_uid($pminfo[3])." (wapirate.wen.ru)";

  $content = "Date: ".date("l d/m/y H:i:s", $pminfo[2])."\n\n";

  $content .= $pminfo[0]."\n------------------------\n";

  $content .= "wapirate.wen.ru: The best wap community!";

  mail($email, $subject, $content, $from_head);

 echo "<img src=\"images/ok.gif\" alt=\"X\"/>PM forwarded to $email";

  }else{

    echo "<img src=\"images/notok.gif\" alt=\"X\"/>This PM ain't yours";

  }

  echo "<br/><br/><a href=\"inbox6.php?action=main&amp;sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Back to Inbox</a><br/>";

  echo "<a href=\"index.php?action=main&amp;sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";

echo "Home</a>";

  echo "</p>";

    echo "<div>$addy</div>";

     echo "</body>";

  exit();  



}

//////////////////////////////////////////

  else{

    addonline(getuid_sid($sid),"Lost in inbox lol","");

  echo "<head>";

  echo "<title>wapirate</title>";

  echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";

  echo "</head>";

  echo "<body>";     

    echo "<div><br/>Doh!<br/></div>";

  echo "<p align=\"center\">";

  echo "I don't know how you got in here, but there's nothing to show<br/><br/>";

  echo "<a href=\"index.php?action=main&amp;sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";

echo "Home</a>";

  echo "</p>";

    echo "<div>$addy</div>";

  echo "</body>";

  exit(); 

}



	echo "</html>";

?>