135 lines
5.3 KiB
PHP
135 lines
5.3 KiB
PHP
|
<?php
|
|||
|
@error_reporting(7);
|
|||
|
@ini_set('display_errors', true);
|
|||
|
@ini_set('html_errors', false);
|
|||
|
|
|||
|
@session_start();
|
|||
|
|
|||
|
define( 'DATALIFEENGINE', true );
|
|||
|
define( 'ROOT_DIR', substr( dirname( __FILE__ ), 0, -12 ) );
|
|||
|
define( 'SYSTEM_DIR', ROOT_DIR . '/system' );
|
|||
|
|
|||
|
include SYSTEM_DIR.'/data/config.php';
|
|||
|
include SYSTEM_DIR.'/data/repa.php';
|
|||
|
require_once SYSTEM_DIR . '/classes/mysql.php';
|
|||
|
require_once SYSTEM_DIR . '/data/dbconfig.php';
|
|||
|
require_once SYSTEM_DIR . '/modules/functions.php';
|
|||
|
|
|||
|
$_REQUEST['skin'] = totranslit($_REQUEST['skin'], false, false);
|
|||
|
|
|||
|
if( ! @is_dir( ROOT_DIR . '/templates/' . $_REQUEST['skin'] ) ) {die( "Hacking attempt!" );}
|
|||
|
|
|||
|
$user_group = $cache->get( "usergroup" );
|
|||
|
if( ! $user_group ) {
|
|||
|
$user_group = array ();
|
|||
|
$db->query( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
|
|||
|
while ( $row = $db->get_row() ) {
|
|||
|
$user_group[$row['id']] = array ();
|
|||
|
foreach ( $row as $key => $value ) {
|
|||
|
$user_group[$row['id']][$key] = $value;
|
|||
|
}}
|
|||
|
$cache->set( "usergroup", $user_group );
|
|||
|
$db->free();
|
|||
|
}
|
|||
|
|
|||
|
include_once ROOT_DIR . '/language/' . $config['langs'] . '/website.lng';
|
|||
|
$config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset'];
|
|||
|
|
|||
|
require_once SYSTEM_DIR . '/modules/sitelogin.php';
|
|||
|
|
|||
|
$action = intval($_POST['action']);
|
|||
|
$user_id = intval($_POST['user_id']);
|
|||
|
$url = $db->safesql( $_SERVER['HTTP_REFERER'] );
|
|||
|
$cause = $db->safesql(convert_unicode(strip_tags($_POST['cause'], "\x3c\x61\x3e\x2c\x3c\x62\x3e\x2c\x3c\x69\x3e\x2c\x3c\x62\x72\x3e"), $config['charset']));
|
|||
|
|
|||
|
$time = time() + ($config['date_adjust'] * 60);
|
|||
|
$access = true;
|
|||
|
|
|||
|
if ($is_logged){
|
|||
|
$row = $db->super_query("SELECT user_id, name, user_group, repa, repa_mod, reg_date, repa_off FROM " . PREFIX . "_users WHERE user_id = '$user_id'");
|
|||
|
|
|||
|
if ($row['user_id'] != $user_id) $access = false;
|
|||
|
|
|||
|
$nowis = time()+($config['date_adjust']*60);
|
|||
|
$r_date = $member_id['reg_date'];
|
|||
|
$period = $nowis - $r_date;
|
|||
|
|
|||
|
if ($row['repa_off'] == 1) $access = false;
|
|||
|
if ($period < $repa_cf['bl_period']*43200) $access = false;
|
|||
|
if ($member_id['r_freeze']) $access = false;
|
|||
|
if ($user_id == $member_id['user_id']) $access = false;
|
|||
|
if( $member_id['repa'] < $repa_cf['repa_stop_change_min']) $access = false;
|
|||
|
|
|||
|
if ($action == 1 OR $action == 0)
|
|||
|
{
|
|||
|
$author = $member_id['name'];
|
|||
|
$get_date = date ("Y-m-d H:i:s");
|
|||
|
$date = $get_date;
|
|||
|
$from_page = $url;
|
|||
|
|
|||
|
if ($access)
|
|||
|
{
|
|||
|
if ($action == 1)
|
|||
|
{
|
|||
|
$how = $row['repa'] + 1;
|
|||
|
$v = "1";
|
|||
|
$repa_mod_mas = explode ("|", $row['repa_mod']);
|
|||
|
$repa_mod_mas[0] = $repa_mod_mas[0] + 1;
|
|||
|
$what = "<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>";
|
|||
|
}else{
|
|||
|
$how = $row['repa'] - 1;
|
|||
|
$v = "-1";
|
|||
|
$repa_mod_mas = explode ("|", $row['repa_mod']);
|
|||
|
$repa_mod_mas[1] = $repa_mod_mas[1] - 1;
|
|||
|
$what = "<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>";
|
|||
|
}
|
|||
|
|
|||
|
$repa_mod = $repa_mod_mas[0]."|".$repa_mod_mas[1];
|
|||
|
|
|||
|
if($row['user_group'] == 4 AND $row['repa'] + 1 >= $repa_cf['num_repa_group']) $group = "user_group = '".$repa_cf['move_grouplevel']."',";
|
|||
|
|
|||
|
$db->query("UPDATE " . USERPREFIX . "_users SET $group repa ='$how', repa_mod='$repa_mod' WHERE `name` = '$row[name]'");
|
|||
|
$db->query("INSERT INTO " . USERPREFIX . "_reputation (how, date, author, komu, text, url_page) VALUES ('$v', '$date', '$author', '$row[name]', '$cause', '$from_page')");
|
|||
|
|
|||
|
if ($repa_cf['repa_ban'] AND $row['banned'] != "yes")
|
|||
|
{
|
|||
|
if (($row['repa'] + $v) <= $repa_cf['repa_ban_num'] OR $row['repa'] == $repa_cf['repa_ban_num'])
|
|||
|
{
|
|||
|
$this_time = $repa_cf['repa_ban_days'] ? $_TIME + ($repa_cf['repa_ban_days'] * 60 * 60 * 24) : 0;
|
|||
|
$db->query( "UPDATE " . USERPREFIX . "_users SET banned='yes' WHERE user_id = '{$row[user_id]}'" );
|
|||
|
$db->query( "INSERT INTO " . USERPREFIX . "_banned (users_id, descr, date, days, ip) values ('$row[user_id]', '$repa_cf[repa_ban_desc]', '$this_time', '$repa_cf[repa_ban_days]', '')" );
|
|||
|
$cache->delete('banned.php');
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
if($repa_cf['msgs_status'] == 'yes'){
|
|||
|
$whois = "<a href=\"".$config['http_home_url']."user/".urlencode($member_id['name'])."\">".$member_id['name']."</a>";
|
|||
|
|
|||
|
$izvestie = $repa_cf['msgs_template'];
|
|||
|
$izvestie = str_replace('{%kto%}', $whois, $izvestie);
|
|||
|
$izvestie = str_replace('{%what%}', $what, $izvestie);
|
|||
|
$izvestie = str_replace('{%text%}', $cause, $izvestie);
|
|||
|
$db->query("INSERT INTO " . USERPREFIX . "_pm (subj, text, user, user_from, date, pm_read, folder) values ('<27><><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>', '$izvestie', '$row[user_id]', '$member_id[name]', '$time', 'no', 'inbox')");
|
|||
|
$db->query("UPDATE " . USERPREFIX . "_users set pm_all=pm_all+1, pm_unread=pm_unread+1 where user_id='$row[user_id]'");
|
|||
|
}
|
|||
|
$db->free();
|
|||
|
|
|||
|
$repa_type = "(<font color=green><b>".$repa_mod_mas[0]."</b></font><b>|</b><font color=red><b>".$repa_mod_mas[1]."</b></font>)";
|
|||
|
$buffer = "<a href=\"".$config['http_home_url']."user/reputation/".urlencode($row['name'])."/\">".$repa_type."</a>";
|
|||
|
$cache->clear( 'comm_' );
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
if (!$access){
|
|||
|
$repa_mod_mas = explode ("|", $row['repa_mod']);
|
|||
|
$repa_type = "(<font color=green><b>".$repa_mod_mas[0]."</b></font><b>|</b><font color=red><b>".$repa_mod_mas[1]."</b></font>)";
|
|||
|
$buffer = "<a href=\"".$config['http_home_url']."user/reputation/".urlencode($row['name'])."/\">".$repa_type."</a>";
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
$db->close();
|
|||
|
|
|||
|
@header( "Content-type: text/html; charset=" . $config['charset'] );
|
|||
|
echo $buffer;
|
|||
|
|
|||
|
?>
|