This commit is contained in:
3err0
2019-05-18 13:46:03 +08:00
commit 55e0adfa17
707 changed files with 55878 additions and 0 deletions

View File

@@ -0,0 +1,620 @@
<?PHP
if( ! defined( 'DATALIFEENGINE' ) ) {die( "Hacking attempt!" );}
require_once SYSTEM_DIR . '/classes/cache.class.php';
$cache = new cache($dir= ROOT_DIR . '/cache');
function format_uptime($seconds) {
$secs = intval($seconds % 60);
$mins = intval($seconds / 60 % 60);
$hours = intval($seconds / 3600 % 24);
$days = intval($seconds / 86400);
if ($days > 0) {
$uptimeString .= $days;
$uptimeString .= (($days == 1) ? " day" : " days");
}
if ($hours > 0) {
$uptimeString .= (($days > 0) ? ", " : "") . $hours;
$uptimeString .= (($hours == 1) ? " hour" : " hours");
}
if ($mins > 0) {
$uptimeString .= (($days > 0 || $hours > 0) ? ", " : "") . $mins;
$uptimeString .= (($mins == 1) ? " minute" : " minutes");
}
if ($secs > 0) {
$uptimeString .= (($days > 0 || $hours > 0 || $mins > 0) ? ", " : "") . $secs;
$uptimeString .= (($secs == 1) ? " second" : " seconds");
}
return $uptimeString;
}
function dirsize($directory) {
if( ! is_dir( $directory ) ) return - 1;
$size = 0;
if( $DIR = opendir( $directory ) ) {
while ( ($dirfile = readdir( $DIR )) !== false ) {
if( @is_link( $directory . '/' . $dirfile ) || $dirfile == '.' || $dirfile == '..' ) continue;
if( @is_file( $directory . '/' . $dirfile ) ) $size += filesize( $directory . '/' . $dirfile );
else if( @is_dir( $directory . '/' . $dirfile ) ) {
$dirSize = dirsize( $directory . '/' . $dirfile );
if( $dirSize >= 0 ) $size += $dirSize;
else return - 1;
}
}
closedir( $DIR );
}
return $size;
}
function check_login($username, $md5_password, $post = true) {
global $member_id, $db, $user_group, $lang, $_IP, $_TIME, $config;
if( $username == "" OR $md5_password == "" ) return false;
$result = false;
if( $post ) {
$username = $db->safesql( $username );
$md5_password = md5( $md5_password );
if ( preg_match( "/[\||\'|\<|\>|\"|\!|\?|\$|\@|\/|\\\|\&\~\*\+]/", $username) ) return false; $where_name = "name='{$username}'";
$member_id = $db->super_query( "SELECT * FROM " . USERPREFIX . "_users WHERE {$where_name} AND password='{$md5_password}'" );
if( $member_id['user_id'] and $user_group[$member_id['user_group']]['allow_admin'] and $member_id['banned'] != 'yes' ) $result = TRUE;
else $member_id = array ();
} else {
$username = intval( $username );
$md5_password = md5( $md5_password );
$member_id = $db->super_query( "SELECT * FROM " . USERPREFIX . "_users WHERE user_id='$username'" );
if( $member_id['user_id'] AND $member_id['password'] AND $member_id['password'] == $md5_password AND $user_group[$member_id['user_group']]['allow_admin'] AND $member_id['banned'] != 'yes' ) $result = TRUE;
else $member_id = array ();
}
if( $result ) {
if( !allowed_ip( $row['allowed_ip'] ) ) {
$member_id = array ();
$result = false;
set_cookie( "dle_user_id", "", 0 );
set_cookie( "dle_name", "", 0 );
set_cookie( "dle_password", "", 0 );
set_cookie( "dle_hash", "", 0 );
@session_destroy();
@session_unset();
set_cookie( session_name(), "", 0 );
msg( "info", $lang['index_msge'], $lang['ip_block'] );
}
}
return $result;
}
function mksize($bytes) {
if ($bytes < 1000)
return $bytes. " b";
if ($bytes < 1000 * 1024)
return number_format($bytes / 1024, 2) . " Kb";
if ($bytes < 1000 * 1048576)
return number_format($bytes / 1048576, 2) . " Mb";
if ($bytes < 1000 * 1073741824)
return number_format($bytes / 1073741824, 2) . " Gb";
if ($bytes < 1000 * 1099511627776)
return number_format($bytes / 1099511627776, 2) . " Tb";
if ($bytes < 1000 * 1125899906842620)
return number_format($bytes / 1125899906842620, 2) . " Pb";
if ($bytes < 1000 * 1152921504606850000)
return number_format($bytes / 1152921504606850000, 2) . " Eb";
}
function CheckCanGzip() {
if( headers_sent() || connection_aborted() || ! function_exists( 'ob_gzhandler' ) || ini_get( 'zlib.output_compression' ) ) return 0;
if( strpos( $_SERVER['HTTP_ACCEPT_ENCODING'], 'x-gzip' ) !== false ) return "x-gzip";
if( strpos( $_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip' ) !== false ) return "gzip";
return 0;
}
function GzipOut() {
global $Timer, $db;
$ENCODING = CheckCanGzip();
if( $ENCODING ) {
$Contents = ob_get_contents();
ob_end_clean();
header( "Content-Encoding: $ENCODING" );
$Contents = gzencode( $Contents, 1, FORCE_GZIP );
echo $Contents;
exit();
} else {
// ob_end_flush();
exit();
}
}
class microTimer {
function start() {
global $starttime;
$mtime = microtime();
$mtime = explode( ' ', $mtime );
$mtime = $mtime[1] + $mtime[0];
$starttime = $mtime;
}
function stop() {
global $starttime;
$mtime = microtime();
$mtime = explode( ' ', $mtime );
$mtime = $mtime[1] + $mtime[0];
$endtime = $mtime;
$totaltime = round( ($endtime - $starttime), 5 );
return $totaltime;
}
}
function allowed_ip($ip_array) {
$ip_array = trim( $ip_array );
if( $ip_array == "" ) {
return true;
}
$ip_array = explode( "|", $ip_array );
$db_ip_split = explode( ".", $_SERVER['REMOTE_ADDR'] );
foreach ( $ip_array as $ip ) {
$ip_check_matches = 0;
$this_ip_split = explode( ".", trim( $ip ) );
for($i_i = 0; $i_i < 4; $i_i ++) {
if( $this_ip_split[$i_i] == $db_ip_split[$i_i] or $this_ip_split[$i_i] == '*' ) {
$ip_check_matches += 1;
}
}
if( $ip_check_matches == 4 ) return true;
}
return FALSE;
}
////////////////////////////////////////////////////////
// Function: msg
// Description: Displays message to user
function msg($type, $title, $text, $back = FALSE) {
global $lang;
if( $back ) {
$back = "<br /><br> <a class=main href=\"$back\">$lang[func_msg]</a>";
}
echoheader( $type, $title );
echo <<<HTML
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
<tr>
<td width="4"><img src="system/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="system/skins/images/tl_oo.gif"><img src="system/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="system/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="system/skins/images/tl_lb.gif"><img src="system/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$title}</div></td>
</tr>
</table>
<div class="unterline"></div>
<table width="100%">
<tr>
<td height="100" align="center">{$text} {$back}</td>
</tr>
</table>
</td>
<td background="system/skins/images/tl_rb.gif"><img src="system/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="system/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="system/skins/images/tl_ub.gif"><img src="system/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="system/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div>
HTML;
echofooter();
exit();
}
function echoheader($image, $header_text) {
global $PHP_SELF, $skin_header, $member_id, $user_group;
$skin_header = str_replace( "{header-text}", $header_text, $skin_header );
$skin_header = str_replace( "{user}", $member_id['name'], $skin_header );
$skin_header = str_replace( "{group}", $user_group[$member_id['user_group']]['group_name'], $skin_header );
echo $skin_header;
}
function echofooter() {
global $PHP_SELF, $is_loged_in, $skin_footer;
echo $skin_footer;
}
function listdir($dir) {
$current_dir = opendir( $dir );
while ( $entryname = readdir( $current_dir ) ) {
if( is_dir( "$dir/$entryname" ) and ($entryname != "." and $entryname != "..") ) {
listdir( "${dir}/${entryname}" );
} elseif( $entryname != "." and $entryname != ".." ) {
unlink( "${dir}/${entryname}" );
}
}
@closedir( $current_dir );
rmdir( ${dir} );
}
function totranslit( $var, $lower = true, $punkt = true ) {
global $langtranslit;
if ( is_array($var) ) return "";
if (!is_array ( $langtranslit ) OR !count( $langtranslit ) ) {
$langtranslit = array('à' => 'a', 'á' => 'b', 'â' => 'v', 'ã' => 'g', 'ä' => 'd', 'å' => 'e', '¸' => 'e', 'æ' => 'zh', 'ç' => 'z', 'è' => 'i', 'é' => 'y', 'ê' => 'k', 'ë' => 'l', 'ì' => 'm', 'í' => 'n', 'î' => 'o', 'ï' => 'p', 'ð' => 'r', 'ñ' => 's', 'ò' => 't', 'ó' => 'u', 'ô' => 'f', 'õ' => 'h', 'ö' => 'c', '÷' => 'ch', 'ø' => 'sh', 'ù' => 'sch', 'ü' => '', 'û' => 'y', 'ú' => '', 'ý' => 'e', 'þ' => 'yu', 'ÿ' => 'ya', "¿" => "yi", "º" => "ye",
'À' => 'A', 'Á' => 'B', 'Â' => 'V', 'Ã' => 'G', 'Ä' => 'D', 'Å' => 'E', '¨' => 'E', 'Æ' => 'Zh', 'Ç' => 'Z', 'È' => 'I', 'É' => 'Y', 'Ê' => 'K', 'Ë' => 'L', 'Ì' => 'M', 'Í' => 'N', 'Î' => 'O', 'Ï' => 'P', 'Ð' => 'R', 'Ñ' => 'S', 'Ò' => 'T', 'Ó' => 'U', 'Ô' => 'F', 'Õ' => 'H', 'Ö' => 'C', '×' => 'Ch', 'Ø' => 'Sh', 'Ù' => 'Sch', 'Ü' => '', 'Û' => 'Y', 'Ú' => '', 'Ý' => 'E', 'Þ' => 'Yu', 'ß' => 'Ya', "¯" => "yi", "ª" => "ye",);
}
$var = trim( strip_tags( $var ) );
$var = preg_replace( "/\s+/ms", "-", $var );
$var = str_replace( "/", "-", $var );
$var = strtr($var, $langtranslit);
if( $punkt ) {$var = preg_replace( "/[^a-z0-9\_\-.]+/mi", "", $var );}else{$var = preg_replace( "/[^a-z0-9\_\-]+/mi", "", $var );}
$var = preg_replace( '#[\-]+#i', '-', $var );
if( $lower ) {$var = strtolower( $var );}
$var = str_ireplace( ".php", "", $var );
$var = str_ireplace( ".php", ".ppp", $var );
if( strlen( $var ) > 50 ) {
$var = substr( $var, 0, 50 );
if( ($temp_max = strrpos( $var, '-' )) ) $var = substr( $var, 0, $temp_max );
}
return $var;
}
// ********************************************************************************
// Show Radio
// ********************************************************************************
function showRadio($title = "", $description = "", $allow_name = "", $row = false){
global $f_lg;
if ($row[$allow_name])
{
$o_value = "checked";
$t_value = "";
}
else
{
$o_value = "";
$t_value = "checked";
}
echo"<tr>
<td style=\"padding:4px\" class=\"option\">
<b>{$title}</b><br /><span class=small>{$description}</span>
<td width=394 align=middle >
<input type=\"radio\" name=\"save[{$allow_name}]\" {$o_value} value=\"1\">{$f_lg['yes']}
<input type=\"radio\" name=\"save[{$allow_name}]\" {$t_value} value=\"0\">{$f_lg['no']}
</tr><tr><td background=\"system/skins/images/mline.gif\" height=1 colspan=2></td></tr>";
}
// ********************************************************************************
// showRow
// ********************************************************************************
function showRow($title="", $description="", $field="")
{
echo"<tr>
<td style=\"padding:4px\" class=\"option\">
<b>$title</b><br /><span class=small>$description</span>
<td width=394 align=middle >$field
</tr><tr><td background=\"system/skins/images/mline.gif\" height=1 colspan=2></td></tr>";
$bg = ""; $i++;
}
// ********************************************************************************
// makeDropDown
// ********************************************************************************
function makeDropDown($options, $name, $selected)
{
$output = "<select name=\"$name\">\r\n";
foreach($options as $value => $description)
{
$output .= "<option value=\"$value\"";
if($selected == $value){ $output .= " selected "; }
$output .= ">$description</option>\n";
}
$output .= "</select>";
return $output;
}
function langdate($format, $stamp) {
global $langdate;
return strtr( @date( $format, $stamp ), $langdate );
}
function CategoryNewsSelection($categoryid = 0, $parentid = 0, $nocat = TRUE, $sublevelmarker = '', $returnstring = '') {
global $cat, $cat_parentid, $member_id, $user_group;
if ($mod == "addnews" OR $mod == "editnews")
$allow_list = explode( ',', $user_group[$member_id['user_group']]['cat_allow_addnews'] );
else
$allow_list = explode( ',', $user_group[$member_id['user_group']]['allow_cats'] );
$spec_list = explode( ',', $user_group[$member_id['user_group']]['cat_add'] );
if( $parentid == 0 ) {
if( $nocat ) $returnstring .= '<option value="0"></option>';
} else {
$sublevelmarker .= '&nbsp;&nbsp;&nbsp;&nbsp;';
}
if( isset( $cat_parentid ) ) {
$root_category = @array_keys( $cat_parentid, $parentid );
if( is_array( $root_category ) ) {
foreach ( $root_category as $id ) {
$category_name = $cat[$id];
if( $allow_list[0] == "all" or in_array( $id, $allow_list ) ) {
if( $spec_list[0] == "all" or in_array( $id, $spec_list ) ) $color = "black";
else $color = "red";
$returnstring .= "<option style=\"color: {$color}\" value=\"" . $id . '" ';
if( is_array( $categoryid ) ) {
foreach ( $categoryid as $element ) {
if( $element == $id ) $returnstring .= 'SELECTED';
}
} elseif( $categoryid == $id ) $returnstring .= 'SELECTED';
$returnstring .= '>' . $sublevelmarker . $category_name . '</option>';
}
$returnstring = CategoryNewsSelection( $categoryid, $id, $nocat, $sublevelmarker, $returnstring );
}
}
}
return $returnstring;
}
function filesize_url($url) {
return ($data = @file_get_contents( $url )) ? strlen( $data ) : false;
}
function create_metatags($story) {
global $config, $db;
$keyword_count = 20;
$newarr = array ();
$headers = array ();
$quotes = array ("\x22", "\x60", "\t", '\n', '\r', "\n", "\r", '\\', ",", ".", "/", "¬", "#", ";", ":", "@", "~", "[", "]", "{", "}", "=", "-", "+", ")", "(", "*", "^", "%", "$", "<", ">", "?", "!", '"' );
$fastquotes = array ("\x22", "\x60", "\t", "\n", "\r", '"', '\r', '\n', "/", "\\", "{", "}", "[", "]" );
$story = preg_replace( "'\[hide\](.*?)\[/hide\]'si", "", $story );
$story = preg_replace( "'\[file=(.*?)\]'si", "", $story );
$story = preg_replace( "'\[torrent=(.*?)\]'si", "", $story );
$story = str_replace( "&nbsp;", " ", $story );
$story = str_replace( '<br />', ' ', $story );
$story = trim( strip_tags( $story ) );
if( trim( $_REQUEST['meta_title'] ) != "" ) {
$headers['title'] = trim( htmlspecialchars( strip_tags( stripslashes($_REQUEST['meta_title'] ) ) ) );
$headers['title'] = $db->safesql(str_replace( $fastquotes, '', $headers['title'] ));
} else $headers['title'] = "";
if( trim( $_REQUEST['descr'] ) != "" ) {
$headers['description'] = substr( strip_tags( stripslashes( $_REQUEST['descr'] ) ), 0, 190 );
$headers['description'] = $db->safesql( str_replace( $fastquotes, '', $headers['description'] ));
} else {
$story = str_replace( $fastquotes, '', $story );
$headers['description'] = $db->safesql( substr( stripslashes($story), 0, 190 ) );
}
if( trim( $_REQUEST['keywords'] ) != "" ) {
$headers['keywords'] = $db->safesql( str_replace( $fastquotes, " ", strip_tags( stripslashes( $_REQUEST['keywords'] ) ) ) );
} else {
$story = str_replace( $quotes, '', $story );
$arr = explode( " ", $story );
foreach ( $arr as $word ) {
if( strlen( $word ) > 4 ) $newarr[] = $word;
}
$arr = array_count_values( $newarr );
arsort( $arr );
$arr = array_keys( $arr );
$total = count( $arr );
$offset = 0;
$arr = array_slice( $arr, $offset, $keyword_count );
$headers['keywords'] = $db->safesql( implode( ", ", $arr ) );
}
return $headers;
}
function get_groups($id = false) {
global $user_group;
$returnstring = "";
foreach ( $user_group as $group ) {
$returnstring .= '<option value="' . $group['id'] . '" ';
if( is_array( $id ) ) {
foreach ( $id as $element ) {
if( $element == $group['id'] ) $returnstring .= 'SELECTED';
}
} elseif( $id and $id == $group['id'] ) $returnstring .= 'SELECTED';
$returnstring .= ">" . $group['group_name'] . "</option>\n";
}
return $returnstring;
}
function permload($id) {
if( $id == "" ) return;
$data = array ();
$groups = explode( "|", $id );
foreach ( $groups as $group ) {
list ( $groupid, $groupvalue ) = explode( ":", $group );
$data[$groupid][1] = ($groupvalue == 1) ? "selected" : "";
$data[$groupid][2] = ($groupvalue == 2) ? "selected" : "";
$data[$groupid][3] = ($groupvalue == 3) ? "selected" : "";
}
return $data;
}
function check_xss() {
$url = html_entity_decode( urldecode( $_SERVER['QUERY_STRING'] ) );
$url = str_replace( "\\", "/", $url );
if( $url ) {
if( (strpos( $url, '<' ) !== false) || (strpos( $url, '>' ) !== false) || (strpos( $url, '"' ) !== false) || (strpos( $url, './' ) !== false) || (strpos( $url, '../' ) !== false) || (strpos( $url, '\'' ) !== false) || (strpos( $url, '.php' ) !== false) ) {
if( $_GET['mod'] != "editnews" or $_GET['action'] != "list" ) die( "Hacking attempt!" );
}
}
$url = html_entity_decode( urldecode( $_SERVER['REQUEST_URI'] ) );
$url = str_replace( "\\", "/", $url );
if( $url ) {
if( (strpos( $url, '<' ) !== false) || (strpos( $url, '>' ) !== false) || (strpos( $url, '"' ) !== false) || (strpos( $url, '\'' ) !== false) ) {
die( "Hacking attempt!" );
}
}
}
function clean_url($url) {
if( $url == '' ) return;
$url = str_replace( "http://", "", $url );
$url = str_replace( "https://", "", $url );
if( strtolower( substr( $url, 0, 4 ) ) == 'www.' ) $url = substr( $url, 4 );
$url = explode( '/', $url );
$url = reset( $url );
$url = explode( ':', $url );
$url = reset( $url );
return $url;
}
$domain_cookie = explode (".", clean_url( $_SERVER['HTTP_HOST'] ));
$domain_cookie_count = count($domain_cookie);
$domain_allow_count = -2;
if ( $domain_cookie_count > 2 ) {
if ( in_array($domain_cookie[$domain_cookie_count-2], array('com', 'net', 'org') )) $domain_allow_count = -3;
if ( $domain_cookie[$domain_cookie_count-1] == 'ua' ) $domain_allow_count = -3;
$domain_cookie = array_slice($domain_cookie, $domain_allow_count);
}
$domain_cookie = "." . implode (".", $domain_cookie);
if( ip2long($_SERVER['HTTP_HOST']) != -1 AND ip2long($_SERVER['HTTP_HOST']) !== FALSE ) define( 'DOMAIN', null );
else define( 'DOMAIN', $domain_cookie );
function set_cookie($name, $value, $expires) {
if( $expires ) {$expires = time() + ($expires * 86400);
} else {$expires = FALSE;}
if( PHP_VERSION < 5.2 ) {setcookie( $name, $value, $expires, "/", DOMAIN . "; HttpOnly" );
} else {setcookie( $name, $value, $expires, "/", DOMAIN, NULL, TRUE );}
}
function get_url($id) {
global $cat_info;
if( ! $id ) return;
$parent_id = $cat_info[$id]['parentid'];
$url = $cat_info[$id]['alt_name'];
while ( $parent_id ) {
$url = $cat_info[$parent_id]['alt_name'] . "/" . $url;
$parent_id = $cat_info[$parent_id]['parentid'];
if( $cat_info[$parent_id]['parentid'] == $cat_info[$parent_id]['id'] ) break;
}
return $url;
}
function convert_unicode($t, $to = 'windows-1251') {
$to = strtolower( $to );
if( $to == 'utf-8' ) {
return $t;
} else {
if( function_exists( 'iconv' ) ) $t = iconv( "UTF-8", $to . "//IGNORE", $t );
else $t = "The library iconv is not supported by your server";
}
return $t;
}
function check_netz($ip1, $ip2) {
$ip1 = explode( ".", $ip1 );
$ip2 = explode( ".", $ip2 );
if( $ip1[0] != $ip2[0] ) return false;
if( $ip1[1] != $ip2[1] ) return false;
return true;
}
function compare_filter($a, $b) {
$a = explode( "|", $a );
$b = explode( "|", $b );
if( $a[1] == $b[1] ) return 0;
return strcasecmp( $a[1], $b[1] );
}
?>

192
system/inc/include/init.php Normal file
View File

@@ -0,0 +1,192 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {die( "Hacking attempt!" );}
require_once (SYSTEM_DIR . '/data/config.php');
require_once (SYSTEM_DIR . '/classes/mysql.php');
require_once (SYSTEM_DIR . '/data/dbconfig.php');
require_once (SYSTEM_DIR . '/inc/include/functions.inc.php');
if( $config['http_home_url'] == "" ) {
$config['http_home_url'] = explode( $config['admin_path'], $_SERVER['PHP_SELF'] );
$config['http_home_url'] = reset( $config['http_home_url'] );
$config['http_home_url'] = "http://" . $_SERVER['HTTP_HOST'] . $config['http_home_url'];
$auto_detect_config = true;
}
$selected_language = $config['langs'];
if (isset( $_POST['selected_language'] )) {
$_POST['selected_language'] = totranslit( $_POST['selected_language'], false, false );
if (@is_dir ( ROOT_DIR . '/language/' .$_POST['selected_language'] )) {
$selected_language = $_POST['selected_language'];
set_cookie ("selected_language", $selected_language, 365);
}
} elseif (isset( $_COOKIE['selected_language'] )) {
$_COOKIE['selected_language'] = totranslit( $_COOKIE['selected_language'], false, false );
if (@is_dir ( ROOT_DIR . '/language/' . $_COOKIE['selected_language'] )) {
$selected_language = $_COOKIE['selected_language'];
}
}
require_once (ROOT_DIR . '/language/' . $selected_language . '/adminpanel.lng');
$config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset'];
check_xss();
$Timer = new microTimer( );
$Timer->start();
$is_loged_in = FALSE;
$member_id = array ();
$result = "";
$username = "";
$cmd5_password = "";
$allow_login = false;
$PHP_SELF = $_SERVER['PHP_SELF'];
$_IP = $db->safesql( $_SERVER['REMOTE_ADDR'] );
$_TIME = time() + ($config['date_adjust'] * 60);
require_once (SYSTEM_DIR . '/skins/default.skin.php');
if( isset( $_POST['action'] ) ) $action = $_POST['action']; else $action = $_GET['action'];
if( isset( $_POST['mod'] ) ) $mod = $_POST['mod']; else $mod = $_GET['mod'];
$mod = totranslit ( $mod, true, false ); $action = totranslit ( $action, false, false );
$user_group = $cache->get( "usergroup" );
if( ! $user_group ) {
$user_group = array ();
$db->query( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
while ( $row = $db->get_row() ) {
$user_group[$row['id']] = array ();
foreach ( $row as $key => $value ) {
$user_group[$row['id']][$key] = $value;
}
}
$cache->set( "usergroup", $user_group );
$db->free();
}
$cat_info = $cache->get( "category" );
if( ! is_array( $cat_info ) ) {
$cat_info = array ();
$db->query( "SELECT * FROM " . PREFIX . "_category ORDER BY posi ASC" );
while ( $row = $db->get_row() ) {
$cat_info[$row['id']] = array ();
foreach ( $row as $key => $value ) {
$cat_info[$row['id']][$key] = stripslashes( $value );
}
}
$cache->set( "category", $cat_info );
$db->free();
}
if( count( $cat_info ) ) {
foreach ( $cat_info as $key ) {
$cat[$key['id']] = $key['name'];
$cat_parentid[$key['id']] = $key['parentid'];
}
}
if( $_REQUEST['action'] == "logout" ) {
set_cookie( "dle_user_id", "", 0 );
set_cookie( "dle_name", "", 0 );
set_cookie( "dle_password", "", 0 );
set_cookie( "dle_skin", "", 0 );
set_cookie( "dle_newpm", "", 0 );
set_cookie( "dle_hash", "", 0 );
set_cookie( session_name(), "", 0 );
@session_unset();
@session_destroy();
msg( "info", $lang['index_msge'], $lang['index_exit'] );
}
if( $check_referer ) {
if( $_SERVER['HTTP_REFERER'] == '' and $_REQUEST['subaction'] != 'dologin' ) $allow_login = true;
elseif( clean_url( $_SERVER['HTTP_REFERER'] ) == clean_url( $_SERVER['HTTP_HOST'] ) ) $allow_login = true;
} else {
$allow_login = true;
}
if( $allow_login ) {
if( intval($_SESSION['dle_user_id']) > 0 AND $_SESSION['dle_password'] ) {
$username = $_SESSION['dle_user_id'];
$cmd5_password = $_SESSION['dle_password'];
$post = false;
} elseif(intval($_COOKIE['dle_user_id']) > 0 AND $_COOKIE['dle_password']) {
$username = $_COOKIE['dle_user_id'];
$cmd5_password = $_COOKIE['dle_password'];
$post = false;
}
if( $_REQUEST['subaction'] == 'dologin' ) {
$username = $_POST['username'];
$cmd5_password = md5( $_POST['password'] );
$post = true;
}
}
if( check_login( $username, $cmd5_password, $post ) ) {
$is_loged_in = true;
$_SESSION['dle_log'] = 0;
$dle_login_hash = md5($_SERVER['HTTP_HOST'] . $member_id['user_id'] . sha1($cmd5_password) . $config['key'] . date("Ymd"));
if( ! $_SESSION['dle_user_id'] and $_COOKIE['dle_user_id'] ) {
$_SESSION['dle_user_id'] = $_COOKIE['dle_user_id'];
$_SESSION['dle_password'] = $_COOKIE['dle_password'];
}
} else {
$dle_login_hash = "";
if( $_REQUEST['subaction'] == 'dologin' ) {
$result = "<font color=red>" . $lang['index_errpass'] . "</font>";
} else
$result = "";
$is_loged_in = false;
}
if( $is_loged_in and $_REQUEST['subaction'] == 'dologin' ) {
$_SESSION['dle_user_id'] = $member_id['user_id'];
$_SESSION['dle_password'] = $cmd5_password;
set_cookie( "dle_user_id", $member_id['user_id'], 365 );
set_cookie( "dle_password", $cmd5_password, 365 );
$time_now = time() + ($config['date_adjust'] * 60);
if( $config['log_hash'] ) {
$salt = "abchefghjkmnpqrstuvwxyz0123456789";
$hash = '';
srand( ( double ) microtime() * 1000000 );
for($i = 0; $i < 9; $i ++) {
$hash .= $salt{rand( 0, 33 )};
}
$hash = md5( $hash );
set_cookie( "dle_hash", $hash, 365 );
$_COOKIE['dle_hash'] = $hash;
$member_id['hash'] = $hash;
$db->query( "UPDATE " . USERPREFIX . "_users set hash='" . $hash . "', lastdate='{$time_now}', logged_ip='" . $_IP . "' WHERE user_id='{$member_id['user_id']}'" );
} else
$db->query( "UPDATE " . USERPREFIX . "_users set lastdate='{$time_now}', logged_ip='" . $_IP . "' WHERE user_id='{$member_id['user_id']}'" );
}
if( $is_loged_in and $config['log_hash'] and (($_COOKIE['dle_hash'] != $member_id['hash']) or ($member_id['hash'] == "")) ) {
$is_loged_in = FALSE;
}
if( $is_loged_in and $config['ip_control'] == '1' and ! check_netz( $member_id['logged_ip'], $_IP ) and $_REQUEST['subaction'] != 'dologin' ) $is_loged_in = FALSE;
if( ! $is_loged_in ) {
$member_id = array();
set_cookie( "dle_user_id","",0 );
set_cookie( "dle_name","",0 );
set_cookie( "dle_password","",0 );
set_cookie( "dle_hash","",0 );
$_SESSION['dle_user_id'] = 0;
$_SESSION['dle_password'] = "";
}
if ( $is_loged_in ) define( 'LOGGED_IN', $is_loged_in );
?>

View File

@@ -0,0 +1,445 @@
<?PHP
if(!defined('DATALIFEENGINE'))
{
die("Hacking attempt!");
}
if ($user_group[$member_id['user_group']]['allow_image_upload']){$image_upload = "<div class=\"editor_button\" onclick=image_upload()><img title=\"$lang[bb_t_up]\" src=\"system/skins/bbcodes/images/upload.gif\" width=\"23\" height=\"25\" border=\"0\"></div>";
}else $image_upload = "";
if ($mod != "editnews") {$row['autor'] = $member_id['name'];}
$p_name = urlencode($row['autor']);
$bb_code = <<<HTML
<SCRIPT type=text/javascript>
<!--
var uagent = navigator.userAgent.toLowerCase();
var is_safari = ( (uagent.indexOf('safari') != -1) || (navigator.vendor == "Apple Computer, Inc.") );
var is_opera = (uagent.indexOf('opera') != -1);
var is_ie = ( (uagent.indexOf('msie') != -1) && (!is_opera) && (!is_safari) );
var is_ie4 = ( (is_ie) && (uagent.indexOf("msie 4.") != -1) );
var is_win = ( (uagent.indexOf("win") != -1) || (uagent.indexOf("16bit") !=- 1) );
var ua_vers = parseInt(navigator.appVersion);
var text_enter_url = "$lang[bb_url]";
var text_enter_size = "$lang[bb_flash]";
var text_enter_flash = "$lang[bb_flash_url]";
var text_enter_page = "$lang[bb_page]";
var text_enter_url_name = "$lang[bb_url_name]";
var text_enter_page_name = "$lang[bb_page_name]";
var text_enter_image = "$lang[bb_image]";
var text_enter_email = "$lang[bb_email]";
var text_code = "$lang[bb_code]";
var text_quote = "$lang[bb_quote]";
var error_no_url = "$lang[bb_no_url]";
var error_no_title = "$lang[bb_no_title]";
var error_no_email = "$lang[bb_no_email]";
var prompt_start = "$lang[bb_prompt_start]";
var img_title = "$lang[bb_img_title]";
var email_title = "$lang[bb_email_title]";
var ie_range_cache = '';
var selField = "short_story";
var bbtags = new Array();
var fombj = document.forms[0];
function setFieldName(which)
{
if (which != selField)
{
selField = which;
}
}
function simpletag(thetag)
{
doInsert("[" + thetag + "]", "[/" + thetag + "]", true);
}
function tag_url()
{
var FoundErrors = '';
var thesel = get_sel(eval('fombj.'+ selField))
if (!thesel) {
thesel ='My Webpage';
}
var enterURL = prompt(text_enter_url, "http://");
var enterTITLE = prompt(text_enter_url_name, thesel);
if (!enterURL) {
FoundErrors += " " + error_no_url;
}
if (!enterTITLE) {
FoundErrors += " " + error_no_title;
}
if (FoundErrors) {
alert("Error!"+FoundErrors);
return;
}
doInsert("[url="+enterURL+"]"+enterTITLE+"[/url]", "", false);
}
function tag_video()
{
var FoundErrors = '';
var thesel = get_sel(eval('fombj.'+ selField))
if (!thesel) {
thesel ='http://';
}
var enterURL = prompt(text_enter_url, thesel);
if (!enterURL) {
FoundErrors += " " + error_no_url;
}
if (FoundErrors) {
alert("Error!"+FoundErrors);
return;
}
doInsert("[video="+enterURL+"]", "", false);
}
function tag_audio()
{
var FoundErrors = '';
var thesel = get_sel(eval('fombj.'+ selField))
if (!thesel) {
thesel ='http://';
}
var enterURL = prompt(text_enter_url, thesel);
if (!enterURL) {
FoundErrors += " " + error_no_url;
}
if (FoundErrors) {
alert("Error!"+FoundErrors);
return;
}
doInsert("[audio="+enterURL+"]", "", false);
}
function tag_media()
{
var FoundErrors = '';
var thesel = get_sel(eval('fombj.'+ selField))
if (!thesel) {
thesel ='http://';
}
var enterURL = prompt(text_enter_url, thesel);
if (!enterURL) {
FoundErrors += " " + error_no_url;
}
if (FoundErrors) {
alert("Error!"+FoundErrors);
return;
}
doInsert("[media="+enterURL+"]", "", false);
}
function tag_kp()
{
var FoundErrors = '';
var thesel = get_sel(eval('fombj.'+ selField))
if (!thesel) {
thesel ='';
}
var enterURL = prompt("ID Kinopoisk", thesel);
if (!enterURL) {
FoundErrors += " " + error_no_url;
}
if (FoundErrors) {
alert("Error!"+FoundErrors);
return;
}
doInsert("[center][kp="+enterURL+"][/center]", "", false);
}
function tag_game(){var a="",b="";(b=ua_vers>=4&&is_ie&&is_win?document.selection.createRange().text:"")||(b="");(b=prompt("Insert Game ID",b))||(a+=" "+error_no_url);a?alert("Error!"+a):doInsert("[center][game="+b+"][/center]","",false)}
function tag_flash()
{
var FoundErrors = '';
var enterURL = prompt(text_enter_flash, "http://");
var size = prompt(text_enter_size, "425,264");
if (!enterURL) {
FoundErrors += " " + error_no_url;
}
if (FoundErrors) {
alert("Error!"+FoundErrors);
return;
}
doInsert("[flash="+size+"]"+enterURL+"[/flash]", "", false);
}
function tag_image()
{
var FoundErrors = '';
var enterURL = prompt(text_enter_image, "http://");
var Title = prompt(img_title, "{$config['image_align']}");
if (!enterURL) {
FoundErrors += " " + error_no_url;
}
if (FoundErrors) {
alert("Error!"+FoundErrors);
return;
}
if (Title == "")
{
doInsert("[img]"+enterURL+"[/img]", "", false);
}
else {
if (Title == "center") {
doInsert("[center][img]"+enterURL+"[/img][/center]", "", false);
}
else {
doInsert("[img="+Title+"]"+enterURL+"[/img]", "", false);
}
}
}
function tag_email()
{
var emailAddress = prompt(text_enter_email, "");
if (!emailAddress) {
alert(error_no_email);
return;
}
var thesel = get_sel(eval('fombj.'+ selField))
if (!thesel) {
thesel ='';
}
var Title = prompt(email_title, thesel);
if (!Title) Title = emailAddress;
doInsert("[email="+emailAddress+"]"+Title+"[/email]", "", false);
}
function doInsert(ibTag, ibClsTag, isSingle)
{
var isClose = false;
var obj_ta = eval('fombj.'+ selField);
if ( (ua_vers >= 4) && is_ie && is_win)
{
if (obj_ta.isTextEdit)
{
obj_ta.focus();
var sel = document.selection;
var rng = ie_range_cache ? ie_range_cache : sel.createRange();
rng.colapse;
if((sel.type == "Text" || sel.type == "None") && rng != null)
{
if(ibClsTag != "" && rng.text.length > 0)
ibTag += rng.text + ibClsTag;
else if(isSingle)
ibTag += rng.text + ibClsTag;
rng.text = ibTag;
}
}
else
{
obj_ta.value += ibTag + ibClsTag;
}
rng.select();
ie_range_cache = null;
}
else if ( obj_ta.selectionEnd )
{
var ss = obj_ta.selectionStart;
var st = obj_ta.scrollTop;
var es = obj_ta.selectionEnd;
if (es <= 2)
{
es = obj_ta.textLength;
}
var start = (obj_ta.value).substring(0, ss);
var middle = (obj_ta.value).substring(ss, es);
var end = (obj_ta.value).substring(es, obj_ta.textLength);
if (obj_ta.selectionEnd - obj_ta.selectionStart > 0)
{
middle = ibTag + middle + ibClsTag;
}
else
{
middle = ibTag + middle + ibClsTag;
}
obj_ta.value = start + middle + end;
var cpos = ss + (middle.length);
obj_ta.selectionStart = cpos;
obj_ta.selectionEnd = cpos;
obj_ta.scrollTop = st;
}
else
{
obj_ta.value += ibTag + ibClsTag;
}
obj_ta.focus();
return isClose;
}
function ins_color( buttonElement )
{
document.getElementById(selField).focus();
if ( is_ie )
{
document.getElementById(selField).focus();
ie_range_cache = document.selection.createRange();
}
$("#cp").remove();
$("body").append("<div id='cp' title='Öâåò' style='display:none'><br /><iframe width=\"154\" height=\"104\" src=\"system/skins/bbcodes/color.html\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"></iframe></div>");
$('#cp').dialog({
autoOpen: true,
width: 180
});
}
function setColor(color)
{
doInsert("[color=" +color+ "]", "[/color]", true );
$('#cp').dialog("close");
}
function image_upload(){window.open('?mod=files&action=quick&area=' + selField + '&author={$p_name}&news_id={$id}', '_Addimage', 'toolbar=0,location=0,status=0, left=0, top=0, menubar=0,scrollbars=yes,resizable=0,width=640,height=550')}
function insert_font(value, tag)
{
if (value == 0)
{
return;
}
if ( doInsert("[" +tag+ "=" +value+ "]", "[/" +tag+ "]", true ) )
fombj.bbfont.selectedIndex = 0;
fombj.bbsize.selectedIndex = 0;
}
function spoiler() {var FoundErrors = '';var spoiler = prompt("Ââåäèòå íàçâàíèå ñïîéëåðà"); if (!spoiler){FoundErrors += " ";} if(FoundErrors){alert("îøèáêà!"+FoundErrors);return;} doInsert("[spoiler="+spoiler+"][/spoiler]", "", false); }
function get_sel(obj){
if (document.selection)
{
if ( is_ie )
{
document.getElementById(selField).focus();
ie_range_cache = document.selection.createRange();
}
var s = document.selection.createRange();
if (s.text)
{
return s.text;
}
}
else if (typeof(obj.selectionStart)=="number")
{
if (obj.selectionStart!=obj.selectionEnd)
{
var start = obj.selectionStart;
var end = obj.selectionEnd;
return (obj.value.substr(start,end-start));
}
}
return false;
};
-->
</SCRIPT>
<div style="width:98%; height:50px; border:1px solid #BBB; background-image:url('system/skins/bbcodes/images/bg.gif');">
<div id="b_b" class="editor_button" onclick="simpletag('b')"><img title="$lang[bb_t_b]" src="system/skins/bbcodes/images/b.gif" width="23" height="25" border="0"></div>
<div id="b_i" class="editor_button" onclick="simpletag('i')"><img title="$lang[bb_t_i]" src="system/skins/bbcodes/images/i.gif" width="23" height="25" border="0"></div>
<div id="b_u" class="editor_button" onclick="simpletag('u')"><img title="$lang[bb_t_u]" src="system/skins/bbcodes/images/u.gif" width="23" height="25" border="0"></div>
<div id="b_s" class="editor_button" onclick="simpletag('s')"><img title="$lang[bb_t_s]" src="system/skins/bbcodes/images/s.gif" width="23" height="25" border="0"></div>
<div class="editor_button"><img src="system/skins/bbcodes/images/brkspace.gif" width="5" height="25" border="0"></div>
<div class="editor_button" onclick=tag_image()><img title="$lang[bb_b_img]" src="system/skins/bbcodes/images/image.gif" width="23" height="25" border="0"></div>
{$image_upload}
<div class="editor_button"><img src="system/skins/bbcodes/images/brkspace.gif" width="5" height="25" border="0"></div>
<div class="editor_button" onclick="tag_url()"><img title="$lang[bb_t_url]" src="system/skins/bbcodes/images/link.gif" width="23" height="25" border="0"></div>
<div class="editor_button" onclick="tag_email()"><img title="$lang[bb_t_m]" src="system/skins/bbcodes/images/email.gif" width="23" height="25" border="0"></div>
<div class="editor_button"><img src="system/skins/bbcodes/images/brkspace.gif" width="5" height="25" border="0"></div>
<div class="editor_button" onclick="tag_video()"><img title="$lang[bb_t_video]" src="system/skins/bbcodes/images/mp.gif" width="23" height="25" border="0"></div>
<div class="editor_button" onclick="tag_audio()"><img src="system/skins/bbcodes/images/mp3.gif" width="23" height="25" border="0"></div>
<div class="editor_button"><img src="system/skins/bbcodes/images/brkspace.gif" width="5" height="25" border="0"></div>
<div id="b_color" class="editor_button" onclick="ins_color(this);"><img src="system/skins/bbcodes/images/color.gif" width="23" height="25" border="0"></div>
<div class="editor_button"><img src="system/skins/bbcodes/images/brkspace.gif" width="5" height="25" border="0"></div>
<div id="b_flash" class="editor_button" onclick="tag_flash()"><img src="system/skins/bbcodes/images/flash.gif" width="23" height="25" border="0"></div>
<div id="b_youtube" class="editor_button" onclick="tag_media()"><img src="system/skins/bbcodes/images/youtube.gif" width="23" height="25" border="0"></div>
<div><img src="system/skins/bbcodes/images/brkspace.gif" width="5" height="25" border="0"></div>
<div class="editor_button" style="padding-top:3px;width:140px;"><select name="bbfont" onchange="insert_font(this.options[this.selectedIndex].value, 'font')"><option value='0'>{$lang['bb_t_font']}</option><option value='Arial'>Arial</option><option value='Arial Black'>Arial Black</option><option value='Century Gothic'>Century Gothic</option><option value='Courier New'>Courier New</option><option value='Georgia'>Georgia</option><option value='Impact'>Impact</option><option value='System'>System</option><option value='Tahoma'>Tahoma</option><option value='Times New Roman'>Times New Roman</option><option value='Verdana'>Verdana</option></select></div>
<div class="editor_button" style="padding-top:3px;width:70px;"><select name="bbsize" onchange="insert_font(this.options[this.selectedIndex].value, 'size')"><option value='0'>{$lang['bb_t_size']}</option><option value='1'>1</option><option value='2'>2</option><option value='3'>3</option><option value='4'>4</option><option value='5'>5</option><option value='6'>6</option><option value='7'>7</option></select></div>
<div class="editor_button"><img src="system/skins/bbcodes/images/brkspace.gif" width="5" height="25" border="0"></div>
<div id="b_left" class="editor_button" onclick="simpletag('left')"><img title="$lang[bb_t_l]" src="system/skins/bbcodes/images/l.gif" width="23" height="25" border="0"></div>
<div id="b_center" class="editor_button" onclick="simpletag('center')"><img title="$lang[bb_t_c]" src="system/skins/bbcodes/images/c.gif" width="23" height="25" border="0"></div>
<div id="b_right"class="editor_button" onclick="simpletag('right')"><img title="$lang[bb_t_r]" src="system/skins/bbcodes/images/r.gif" width="23" height="25" border="0"></div>
<div class="editor_button"><img src="system/skins/bbcodes/images/brkspace.gif" width="5" height="25" border="0"></div>
<div id="b_quote" class="editor_button" onclick="simpletag('quote')"><img title="$lang[bb_t_quote]" src="system/skins/bbcodes/images/quote.gif" width="23" height="25" border="0"></div>
<div id="b_screens" class="editor_button" onclick="simpletag('screens')"><img title="Ñêðèíøîòû" src="system/skins/bbcodes/images/screens.gif" width="23" height="25" border="0"></div>
<div id="b_hide" class="editor_button" onclick="simpletag('hide')"><img title="$lang[bb_t_hide]" src="system/skins/bbcodes/images/hide.gif" width="23" height="25" border="0"></div>
<div id="b_code" class="editor_button" onclick="simpletag('code')"><img title="$lang[bb_t_code]" src="system/skins/bbcodes/images/code.gif" width="23" height="25" border="0"></div>
<div class="editor_button"><img src="system/skins/bbcodes/images/brkspace.gif" width="5" height="25" border="0"></div>
<div id="b_spoiler" class="editor_button" onclick="spoiler()"><img src="system/skins/bbcodes/images/spoiler.gif" width="23" height="25" border="0"></div>
<div class="editor_button" onclick="tag_kp()"><img title="Ðåéòèíã ÊèíîÏîèñêà" src="system/skins/bbcodes/images/rating.gif" width="23" height="25" border="0"></div>
<div class="editor_button"><img src="system/skins/bbcodes/images/brkspace.gif" width="5" height="25" border="0"></div>
</div>
HTML;
?>