sibtracker/system/ajax/reputation.php

135 lines
5.3 KiB
PHP
Raw Permalink Normal View History

2019-05-18 13:46:03 +08:00
<?php
@error_reporting(7);
@ini_set('display_errors', true);
@ini_set('html_errors', false);
@session_start();
define( 'DATALIFEENGINE', true );
define( 'ROOT_DIR', substr( dirname( __FILE__ ), 0, -12 ) );
define( 'SYSTEM_DIR', ROOT_DIR . '/system' );
include SYSTEM_DIR.'/data/config.php';
include SYSTEM_DIR.'/data/repa.php';
require_once SYSTEM_DIR . '/classes/mysql.php';
require_once SYSTEM_DIR . '/data/dbconfig.php';
require_once SYSTEM_DIR . '/modules/functions.php';
$_REQUEST['skin'] = totranslit($_REQUEST['skin'], false, false);
if( ! @is_dir( ROOT_DIR . '/templates/' . $_REQUEST['skin'] ) ) {die( "Hacking attempt!" );}
$user_group = $cache->get( "usergroup" );
if( ! $user_group ) {
$user_group = array ();
$db->query( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
while ( $row = $db->get_row() ) {
$user_group[$row['id']] = array ();
foreach ( $row as $key => $value ) {
$user_group[$row['id']][$key] = $value;
}}
$cache->set( "usergroup", $user_group );
$db->free();
}
include_once ROOT_DIR . '/language/' . $config['langs'] . '/website.lng';
$config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset'];
require_once SYSTEM_DIR . '/modules/sitelogin.php';
$action = intval($_POST['action']);
$user_id = intval($_POST['user_id']);
$url = $db->safesql( $_SERVER['HTTP_REFERER'] );
$cause = $db->safesql(convert_unicode(strip_tags($_POST['cause'], "\x3c\x61\x3e\x2c\x3c\x62\x3e\x2c\x3c\x69\x3e\x2c\x3c\x62\x72\x3e"), $config['charset']));
$time = time() + ($config['date_adjust'] * 60);
$access = true;
if ($is_logged){
$row = $db->super_query("SELECT user_id, name, user_group, repa, repa_mod, reg_date, repa_off FROM " . PREFIX . "_users WHERE user_id = '$user_id'");
if ($row['user_id'] != $user_id) $access = false;
$nowis = time()+($config['date_adjust']*60);
$r_date = $member_id['reg_date'];
$period = $nowis - $r_date;
if ($row['repa_off'] == 1) $access = false;
if ($period < $repa_cf['bl_period']*43200) $access = false;
if ($member_id['r_freeze']) $access = false;
if ($user_id == $member_id['user_id']) $access = false;
if( $member_id['repa'] < $repa_cf['repa_stop_change_min']) $access = false;
if ($action == 1 OR $action == 0)
{
$author = $member_id['name'];
$get_date = date ("Y-m-d H:i:s");
$date = $get_date;
$from_page = $url;
if ($access)
{
if ($action == 1)
{
$how = $row['repa'] + 1;
$v = "1";
$repa_mod_mas = explode ("|", $row['repa_mod']);
$repa_mod_mas[0] = $repa_mod_mas[0] + 1;
$what = "<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>";
}else{
$how = $row['repa'] - 1;
$v = "-1";
$repa_mod_mas = explode ("|", $row['repa_mod']);
$repa_mod_mas[1] = $repa_mod_mas[1] - 1;
$what = "<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>";
}
$repa_mod = $repa_mod_mas[0]."|".$repa_mod_mas[1];
if($row['user_group'] == 4 AND $row['repa'] + 1 >= $repa_cf['num_repa_group']) $group = "user_group = '".$repa_cf['move_grouplevel']."',";
$db->query("UPDATE " . USERPREFIX . "_users SET $group repa ='$how', repa_mod='$repa_mod' WHERE `name` = '$row[name]'");
$db->query("INSERT INTO " . USERPREFIX . "_reputation (how, date, author, komu, text, url_page) VALUES ('$v', '$date', '$author', '$row[name]', '$cause', '$from_page')");
if ($repa_cf['repa_ban'] AND $row['banned'] != "yes")
{
if (($row['repa'] + $v) <= $repa_cf['repa_ban_num'] OR $row['repa'] == $repa_cf['repa_ban_num'])
{
$this_time = $repa_cf['repa_ban_days'] ? $_TIME + ($repa_cf['repa_ban_days'] * 60 * 60 * 24) : 0;
$db->query( "UPDATE " . USERPREFIX . "_users SET banned='yes' WHERE user_id = '{$row[user_id]}'" );
$db->query( "INSERT INTO " . USERPREFIX . "_banned (users_id, descr, date, days, ip) values ('$row[user_id]', '$repa_cf[repa_ban_desc]', '$this_time', '$repa_cf[repa_ban_days]', '')" );
$cache->delete('banned.php');
}
}
if($repa_cf['msgs_status'] == 'yes'){
$whois = "<a href=\"".$config['http_home_url']."user/".urlencode($member_id['name'])."\">".$member_id['name']."</a>";
$izvestie = $repa_cf['msgs_template'];
$izvestie = str_replace('{%kto%}', $whois, $izvestie);
$izvestie = str_replace('{%what%}', $what, $izvestie);
$izvestie = str_replace('{%text%}', $cause, $izvestie);
$db->query("INSERT INTO " . USERPREFIX . "_pm (subj, text, user, user_from, date, pm_read, folder) values ('<27><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>', '$izvestie', '$row[user_id]', '$member_id[name]', '$time', 'no', 'inbox')");
$db->query("UPDATE " . USERPREFIX . "_users set pm_all=pm_all+1, pm_unread=pm_unread+1 where user_id='$row[user_id]'");
}
$db->free();
$repa_type = "(<font color=green><b>".$repa_mod_mas[0]."</b></font><b>|</b><font color=red><b>".$repa_mod_mas[1]."</b></font>)";
$buffer = "<a href=\"".$config['http_home_url']."user/reputation/".urlencode($row['name'])."/\">".$repa_type."</a>";
$cache->clear( 'comm_' );
}
}
if (!$access){
$repa_mod_mas = explode ("|", $row['repa_mod']);
$repa_type = "(<font color=green><b>".$repa_mod_mas[0]."</b></font><b>|</b><font color=red><b>".$repa_mod_mas[1]."</b></font>)";
$buffer = "<a href=\"".$config['http_home_url']."user/reputation/".urlencode($row['name'])."/\">".$repa_type."</a>";
}
}
$db->close();
@header( "Content-type: text/html; charset=" . $config['charset'] );
echo $buffer;
?>