File size: 8.03Kb
<?
/*
-----------------------------------------------------------------
Загрузка Классов
-----------------------------------------------------------------
*/
if (!empty($_SESSION['X-AJAX-REQUEST-URL'])) {
header($_SESSION['X-AJAX-REQUEST-URL']);
}
register_shutdown_function(function () // Ajax переходы
{
$_SESSION['X-AJAX-REQUEST-URL'] = null;
foreach(headers_list() as $item)
{
if(stripos($item, 'Location:') !== false)
{
$_SESSION['X-AJAX-REQUEST-URL'] = 'X-AJAX-REQUEST-URL: ' . trim(substr($item, 9));
break;
}
}
});
require 'classes/class.user.php';
// Определение юзера
if (isset($_SESSION['id_user']) && $user = get_user((int)$_SESSION['id_user'])) {
mysql_query("UPDATE `user` SET `date_last` = '$time' WHERE `id` = '$user[id]' LIMIT 1");
$user['type_input'] = 'session';
} elseif (!isset($input_page) && isset($_COOKIE['id_user']) && isset($_COOKIE['pass']) && $_COOKIE['id_user'] && $_COOKIE['pass']) {
if (!isset($_POST['token'])) {
header("Location: /log.php?return=" . urlencode($_SERVER['REQUEST_URI']) . "&$passgen");
exit;
}
}
if (!isset($_SERVER['HTTP_REFERER'])) {
$_SERVER['HTTP_REFERER'] = '/';
}
// если аккаунт не активирован
if (isset($user['activation']) && $user['activation'] != NULL) {
$err[] = 'Вам необходимо активировать Ваш аккаунт по ссылке, высланной на Email, указанный при регистрации';
unset($user);
}
if (isset($user)) {
$tmp_us = mysql_fetch_assoc(mysql_query("SELECT `level` FROM `user_group` WHERE `id` = '$user[group_access]' LIMIT 1"));
$user['level'] = $tmp_us['level'];
$timeactiv = time() - $user['date_last'];
if($timeactiv < 120) {
$newtimeactiv = $user['time'] + $timeactiv;
mysql_query("UPDATE `user` SET `time` ='$newtimeactiv' WHERE `id` = '$user[id]' LIMIT 1");
echo mysql_error();
}
if (isset($user['type_input']) && isset($_SERVER['HTTP_REFERER']) && !preg_match('#'.preg_quote($_SERVER['HTTP_HOST']).'#', $_SERVER['HTTP_REFERER']) && preg_match('#^https?://#i', $_SERVER['HTTP_REFERER']) && $ref=@parse_url($_SERVER['HTTP_REFERER'])) {
if (isset($ref['host'])) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user_ref` WHERE `id_user` = '$user[id]' AND `url` = '".my_esc($ref['host'])."'"), 0) == 0) {
mysql_query("INSERT INTO `user_ref` (`time`, `id_user`, `type_input`, `url`) VALUES ('$time', '$user[id]', '$user[type_input]', '".my_esc($ref['host'])."')");
} else {
mysql_query("UPDATE `user_ref` SET `time` = '$time' WHERE `id_user` = '$user[id]' AND `url` = '".my_esc($ref['host'])."'");
}
}
}
// Постраничная навигация
if ($user['set_p_str'] != NULL) {
$set['p_str'] = $user['set_p_str'];
}
// Режим иконок
$set['set_show_icon'] = $user['set_show_icon'];
// бан пользователя
if (!isset($banpage)) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `ban` WHERE `razdel` = 'all' AND `id_user` = '$user[id]' AND (`time` > '$time' OR `view` = '0' OR `navsegda` = '1')"), 0)!=0) {
header('Location: /ban.php?'.SID);
exit;
}
}
/*
========================================
Создание настроек юзера
========================================
*/
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user_set` WHERE `id_user` = '$user[id]'"), 0) == 0) {
mysql_query("INSERT INTO `user_set` (`id_user`) VALUES ('$user[id]')");
}
// Записываем url
mysql_query("UPDATE `user` SET `url` = '".my_esc($_SERVER['SCRIPT_NAME'])."' WHERE `id` = '$user[id]' LIMIT 1");
// Пишем ip пользователя
if (isset($ip2['add']))mysql_query("UPDATE `user` SET `ip` = " . ip2long($ip2['add']) . " WHERE `id` = '$user[id]' LIMIT 1");
else mysql_query("UPDATE `user` SET `ip` = null WHERE `id` = '$user[id]' LIMIT 1");
if (isset($ip2['cl']))mysql_query("UPDATE `user` SET `ip_cl` = " . ip2long($ip2['cl']) . " WHERE `id` = '$user[id]' LIMIT 1");
else mysql_query("UPDATE `user` SET `ip_cl` = null WHERE `id` = '$user[id]' LIMIT 1");
if (isset($ip2['xff']))mysql_query("UPDATE `user` SET `ip_xff` = " . ip2long($ip2['xff']) . " WHERE `id` = '$user[id]' LIMIT 1");
else mysql_query("UPDATE `user` SET `ip_xff` = null WHERE `id` = '$user[id]' LIMIT 1");
if ($ua)mysql_query("UPDATE `user` SET `ua` = '" . my_esc($ua) . "' WHERE `id` = '$user[id]' LIMIT 1");
// Непонятная сессия
mysql_query("UPDATE `user` SET `sess` = '$sess' WHERE `id` = '$user[id]' LIMIT 1");
// Тип браузера
mysql_query("UPDATE `user` SET `browser` = '" . ($webbrowser == true ? "web" : "wap") . "' WHERE `id` = '$user[id]' LIMIT 1");
// Проверяем на схожие ники
$collision_q = mysql_query("SELECT * FROM `user` WHERE `ip` = '$iplong' AND `ua` = '".my_esc($ua)."' AND `date_last` > '".(time()-600)."' AND `id` <> '$user[id]'");
while ($collision = mysql_fetch_assoc($collision_q)) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user_collision` WHERE `id_user` = '$user[id]' AND `id_user2` = '$collision[id]' OR `id_user2` = '$user[id]' AND `id_user` = '$collision[id]'"), 0) == 0)
mysql_query("INSERT INTO `user_collision` (`id_user`, `id_user2`, `type`) values('$user[id]', '$collision[id]', 'ip_ua_time')");
}
} else {
// Тема для гостя
if ($webbrowser)
$set['set_them'] = $set['set_them2'];
// Гость
if ($ip && $ua) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `guests` WHERE `ip` = '$iplong' AND `ua` = '".my_esc($ua)."' LIMIT 1"), 0) == 1) {
$guests = mysql_fetch_assoc(mysql_query("SELECT * FROM `guests` WHERE `ip` = '$iplong' AND `ua` = '".my_esc($ua)."' LIMIT 1"));
mysql_query("UPDATE `guests` SET `date_last` = ".time().", `url` = '".my_esc($_SERVER['SCRIPT_NAME'])."', `pereh` = '".($guests['pereh']+1)."' WHERE `ip` = '$iplong' AND `ua` = '".my_esc($ua)."' LIMIT 1");
} else {
mysql_query("INSERT INTO `guests` (`ip`, `ua`, `date_aut`, `date_last`, `url`) VALUES ('$iplong', '".my_esc($ua)."', '".time()."', '".time()."', '".my_esc($_SERVER['SCRIPT_NAME'])."')");
}
}
unset($access);
}
if (isset($user)) {
$user_gr = mysql_fetch_assoc(mysql_query("SELECT * FROM `user_group` WHERE `id` = $user[group_access] LIMIT 1"));
$user['group_name'] = $user_gr['name'];
}
if (isset($user) && isset($_GET['sort']) && ($_GET['sort'] == '0' || $_GET['sort'] == '1')) {
mysql_query("update `user` set `sort` = '$_GET[sort]' where `id` = '$user[id]' limit 1");
header('Location: ' . htmlspecialchars($_SERVER['HTTP_REFERER']));
exit;
}
if (isset($user))$sort = ($user['sort'] == 1?' ASC ':' DESC ');
else $sort = 'DESC';
// Страницы
if (isset($user) && $user['sort'] == 1) {
$pageEnd = 'end';
} else {
$pageEnd = '1';
}
/*Причины бана*/
$pBan[0] = "Другое";
$pBan[1] = "Спам/Реклама";
$pBan[2] = "Мошенничество";
$pBan[3] = "Нецензурная брань";
$pBan[4] = "Клонирование ников";
$pBan[5] = "Подстрекательство, провокация и побуждение к агрессии";
$pBan[6] = "Флуд";
$pBan[7] = "Флейм";
/*Раздел бана*/
$rBan['all'] = "Весь сайт";
$rBan['notes'] = "Дневники";
$rBan['forum'] = "Форум";
$rBan['files'] = "Файлы";
$rBan['guest'] = "Гостевая";
$rBan['chat'] = "Чат";
$rBan['lib'] = "Библиотека";
$rBan['foto'] = "Фотографии";
/* Сообщение при бане */
$banMess = '[red]Юзер в бане![/red]';
// Загрузка остальных плагинов из папки "sys/inc/plugins"
$opdirbase = opendir(H.'sys/inc/plugins');
while ($filebase = readdir($opdirbase)) {
if (preg_match('#\.php$#i', $filebase)) {
require H.'sys/inc/plugins/' . $filebase;
}
}
// Вызываем метод с дешифрованием все поступающий POST данных
emoji::dataDecode();
?>