This commit is contained in:
3err0
2019-05-18 13:46:03 +08:00
commit 55e0adfa17
707 changed files with 55878 additions and 0 deletions

View File

@@ -0,0 +1,189 @@
<?php
if( ! defined( 'DATALIFEENGINE' )) {die( "Hacking attempt!" );}
require_once SYSTEM_DIR . '/classes/parse.class.php';
$parse = new ParseFilter( );
$parse->safe_mode = true;
$parse->allow_url = $user_group[$member_id['user_group']]['allow_url'];
$parse->allow_image = $user_group[$member_id['user_group']]['allow_image'];
$_TIME = time() + ($config['date_adjust'] * 60);
$_IP = $db->safesql( $_SERVER['REMOTE_ADDR'] );
$post_id = intval( $_POST['post_id'] );
$stop = array ();
if( $is_logged ) {
$name = $db->safesql($member_id['name']);
$mail = $db->safesql($member_id['email']);
} else {
$name = $db->safesql( $parse->process( trim( $_POST['name'] ) ) );
$mail = $db->safesql( $parse->process( trim( $_POST['mail'] ) ) );
}
$comments = $parse->BB_Parse( $parse->process( trim($_POST['comments'] )), false );
if( $is_logged and ($member_id['restricted'] == 2 or $member_id['restricted'] == 3) ) {
$stop[] = $lang['news_info_3'];
$CN_HALT = TRUE;
}
if( ! $post_id ) {
$stop[] = $lang['news_err_id'];
$CN_HALT = TRUE;
}
//ìàêñèìàëüíîå êîëè÷åñòâî ñèìâîëîâ â êîììåíòå
if( strlen( $comments ) > $config['comments_maxlen'] ) {
$stop[] = $lang['news_err_3'];
$CN_HALT = TRUE;
}
//ìèíèìàëüíîå êîëè÷åñòâî ñèìâîëîâ
$comments1 = preg_replace("/ /i", "", $comments); // ðåæåì ïðîáåëû, ÷òîáû îíè íå ó÷èòûâàëèñü
if( strlen(trim(strip_tags($comments1))) < 3){ // ðåæåì òåãè êàðòèíîê, ñìàéëîâ, îñòàâëÿåì òîêà òåêñò è åñëè îí ìåíüøå 10 ñèìâîëîâ, òî ...
$stop[] = $lang['news_err_0']; // $lang['news_err_0'] - òèïà ðóãàíü âñÿêàÿ
$CN_HALT = TRUE;
}
//!
preg_match_all( '/<!--smile:(.*?)<!--\/smile-->/is' , $comments , $smilies_in_msg );
if( count($smilies_in_msg[0]) > 7 ){ // Ìàêñèìóì 7 ñìàéëîâ
$stop[] = "Îøèáêà! Ñîîáùåíèå ñîäåðæèò íåäîïóñòèìîå êîëè÷åñòâî ñìàéëîâ.";
$CN_HALT = TRUE;
}
if( $comments == '' ) {
$stop[] = $lang['news_err_11'];
$CN_HALT = TRUE;
}
if( $parse->not_allowed_tags ) {
$stop[] = $lang['news_err_33'];
$CN_HALT = TRUE;
}
if( $parse->not_allowed_text ) {
$stop[] = $lang['news_err_37'];
$CN_HALT = TRUE;
}
// Ïðîâåðêà íà ïðàâèëüíîñòü íîâîñòè
$row = $db->super_query( "SELECT id, date, allow_comm, approve, access from " . PREFIX . "_post WHERE id='$post_id'" );
$options = news_permission( $row['access'] );
if( (! $user_group[$member_id['user_group']]['allow_addc'] and $options[$member_id['user_group']] != 2) or $options[$member_id['user_group']] == 1 ) die( "Hacking attempt!" );
if( ! $row['id'] or ! $row['allow_comm'] or ! $row['approve'] ) {
$stop[] = $lang['news_err_29'];
$CN_HALT = TRUE;
}
//* Àâòîïåðåíîñ äëèííûõ ñëîâ
if( intval( $config['auto_wrap'] ) ) {
$comments = preg_split( '((>)|(<))', $comments, - 1, PREG_SPLIT_DELIM_CAPTURE );
$n = count( $comments );
for($i = 0; $i < $n; $i ++) {
if( $comments[$i] == "<" ) {
$i ++;
continue;
}$comments[$i] = preg_replace( "#([^\s\n\r]{" . intval( $config['auto_wrap'] ) . "})#i", "\\1<br />", $comments[$i] );
}$comments = join( "", $comments );
}
$time = date( "Y-m-d H:i:s", $_TIME );
// Äîáàâëåíèå êîììåíòàðèÿ
if( $CN_HALT ) {
msgbox( $lang['all_err_1'], implode( "<br />", $stop ) . "<br /><br /><a href=\"javascript:history.go(-1)\">" . $lang['all_prev'] . "</a>" );
} else {
$update_comments = false;
$row = $db->super_query( "SELECT id, post_id, user_id, date, text, ip, is_register FROM " . PREFIX . "_comments WHERE post_id = '$post_id' ORDER BY id DESC LIMIT 0,1" );
if( $row['id'] ) {
if( $row['user_id'] == $member_id['user_id'] and $row['is_register'] ) $update_comments = true;
elseif( $row['ip'] == $_IP and ! $row['is_register'] and ! $is_logged ) $update_comments = true;
/*$row['date'] = strtotime( $row['date'] );
if( date( "Y-m-d", $row['date'] ) != date( "Y-m-d", $_TIME ) ) $update_comments = false;*/
if( ((strlen( $row['text'] ) + strlen( $comments )) > $config['comments_maxlen']) and $update_comments ) {
$update_comments = false;
$stop[] = $lang['news_err_3'];
$CN_HALT = TRUE;
msgbox( $lang['all_err_1'], implode( "<br />", $stop ) . "<br /><br /><a href=\"javascript:history.go(-1)\">" . $lang['all_prev'] . "</a>" );
}
}
if( ! $CN_HALT ) {
if( $update_comments ) {
$comments = $db->safesql( $row['text'] ) . "<br /><br />" . $db->safesql( $comments );
$db->query( "UPDATE " . PREFIX . "_comments set date='$time', text='{$comments}' WHERE id='{$row['id']}'" );
} else {
$comments = $db->safesql( $comments );
$db->query( "INSERT INTO " . PREFIX . "_comments (post_id, user_id, date, autor, email, text, ip, is_register) values ('$post_id', '$member_id[user_id]', '$time', '$name', '$mail', '$comments', '$_IP', '1')" );
$db->query( "UPDATE " . PREFIX . "_post set comm_num=comm_num+1 where id='$post_id'" );
$db->query( "UPDATE " . USERPREFIX . "_users set comm_num=comm_num+1 where user_id ='$member_id[user_id]'" );
}
include_once SYSTEM_DIR . '/classes/mail.class.php';
$mail = new dle_mail( $config );
$row = $db->super_query( "SELECT template FROM " . PREFIX . "_email WHERE name='comments' LIMIT 0,1" );
$row['template'] = stripslashes( $row['template'] );
$row['template'] = str_replace( "{%username%}", $name, $row['template'] );
$row['template'] = str_replace( "{%date%}", langdate( "j F Y H:i", $_TIME ), $row['template'] );
$row1 = $db->super_query( "SELECT id, alt_name FROM " . PREFIX . "_post WHERE id='$post_id' LIMIT 0,1" );
$link = $config['http_home_url'] . $row1['id'] . '-' . $row1['alt_name'] . '.html#comment';
$row['template'] = str_replace( "{%link%}", $link, $row['template'] );
$body = str_replace( '\n', "", $comments );
$body = str_replace( '\r', "", $body );
$body = stripslashes( stripslashes( $body ) );
$body = str_replace( "<br />", "\n", $body );
$body = strip_tags( $body );
$row['template'] = str_replace( "{%text%}", $body, $row['template'] );
$row['template'] = str_replace( "{%ip%}", "--", $row['template'] );
$found_subscribe = false;
$db->query( "SELECT user_id, name, email, hash FROM " . PREFIX . "_subscribe WHERE news_id='{$post_id}'" );
while($rec = $db->get_row())
{
if ($rec['user_id'] != $member_id['user_id'] ) {
$body = str_replace( "{%username_to%}", $rec['name'], $row['template'] );
$body = str_replace( "{%unsubscribe%}", $config['http_home_url'] . "index.php?do=unsubscribe&post_id=" . $post_id . "&user_id=" . $rec['user_id'] . "&hash=" . $rec['hash'], $body );
$mail->send( $rec['email'], $lang['mail_comments'], $body );
} else {
$found_subscribe = true;
}}
$db->free();
if ($_POST['allow_subscribe'] AND !$found_subscribe) {
$salt = "abchefghjkmnpqrstuvwxyz0123456789";
srand( ( double ) microtime() * 1000000 );
$s_hash = "";
for($i = 0; $i < 5; $i ++) {$s_hash .= $salt{rand( 0, 33 )};}
$s_hash = md5($s_hash);
$db->query( "INSERT INTO " . PREFIX . "_subscribe (user_id, name, email, news_id, hash) values ('{$member_id['user_id']}', '{$member_id['name']}', '{$member_id['email']}', '{$post_id}', '{$s_hash}')" );
}
$cache->clear( array( 'full_'.$post_id, 'news_', 'comm_'.$post_id, 'comments-last') );
if( ! $ajax_adds AND ! $CN_HALT ) {
header( "Location: {$_SERVER['REQUEST_URI']}" );
die();
}
} else
msgbox( $lang['all_err_1'], implode( "<br />", $stop ) . "<br /><br /><a href=\"javascript:history.go(-1)\">" . $lang['all_prev'] . "</a>" );
}
?>

71
system/modules/addimg.php Normal file
View File

@@ -0,0 +1,71 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {
die( "Hacking attempt!" );
}
require_once ROOT_DIR.'/language/'.$config['langs'].'/img.lng';
#### IMG
$addim = "<script language=\"javascript\" type=\"text/javascript\">
function ShowOrHideEx(id, show) {
var item = null;
if (document.getElementById) {
item = document.getElementById(id);
} else if (document.all) {
item = document.all[id];
} else if (document.layers){
item = document.layers[id];
}
if (item && item.style) {
item.style.display = show ? \"\" : \"none\";
}
}
var total_allow_rows = {$config['max_file_count']};
function AddImages() {
var tbl = document.getElementById('tblSample');
var lastRow = tbl.rows.length;
if (total_allow_rows && lastRow == total_allow_rows ) return;
// if there's no header row in the table, then iteration = lastRow + 1
var iteration = lastRow+1;
var row = tbl.insertRow(lastRow);
var cellRight = row.insertCell(0);
var el = document.createElement('input');
el.setAttribute('type', 'file');
el.setAttribute('name', 'addimg_' + iteration);
el.setAttribute('size', '41');
el.setAttribute('value', iteration);
cellRight.appendChild(el);
document.getElementById('images_number').value = iteration;
}
function RemoveImages() {
var tbl = document.getElementById('tblSample');
var lastRow = tbl.rows.length;
if (lastRow > 1){
tbl.deleteRow(lastRow - 1);
document.getElementById('images_number').value = document.getElementById('images_number').value - 1;
}
}
</script>";
$addim .= <<<HTML
<input type="hidden" name="images_number" id="images_number" value="1">
<table id="tblSample" class="upload">
<tr id="row">
<td><input type="file" size="41" name="addimg_1">&nbsp;<input type=button class=buttons value=' - ' style="width:30px;" title='{$lang['images_rem_tl']}' onClick="RemoveImages();return false;"><input type=button class=buttons value=' + ' style="width:30px;" title='{$lang['images_add_tl']}' onClick="AddImages();return false;"> &nbsp;</td>
</tr>
</table>
HTML;
$tpl->set( '{addimg}', $addim );
#### IMG
?>

219
system/modules/addnews.php Normal file
View File

@@ -0,0 +1,219 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {die( "Hacking attempt!" );}
$allow_addnews = true;
include_once SYSTEM_DIR . '/classes/parse.class.php';
$parse = new ParseFilter( Array (), Array (), 1, 1 );
if( $member_id['restricted'] and $member_id['restricted_days'] and $member_id['restricted_date'] < $_TIME ) {
$member_id['restricted'] = 0;
$db->query( "UPDATE LOW_PRIORITY " . USERPREFIX . "_users SET restricted='0', restricted_days='0', restricted_date='' WHERE user_id='{$member_id['user_id']}'" );
}
if( $member_id['restricted'] == 1 or $member_id['restricted'] == 3 ) {
if( $member_id['restricted_days'] ) {
$lang['news_info_4'] = str_replace( '{date}', langdate( "j M Y H:i", $member_id['restricted_date'] ), $lang['news_info_4'] );
$lang['add_err_9'] = $lang['news_info_4'];
} else {$lang['add_err_9'] = $lang['news_info_5'];}
$allow_addnews = false;
}
if( ! $allow_addnews ) {msgbox( $lang['all_info'], $lang['add_err_9'] . "<br /><br /><a href=\"javascript:history.go(-1)\">$lang[all_prev]</a>" );
} else {
if( isset( $_REQUEST['mod'] ) and $_REQUEST['mod'] == "addnews" and $is_logged and $user_group[$member_id['user_group']]['allow_adds'] ) {
$stop = "";
$allow_comm = intval( $_POST['allow_comm'] );
if( $user_group[$member_id['user_group']]['allow_main'] ) $allow_main = intval( $_POST['allow_main'] ); else $allow_main = 0;
$approve = intval( $_POST['approve'] );
$allow_rating = intval( $_POST['allow_rating'] );
if( $user_group[$member_id['user_group']]['allow_fixed'] ) $news_fixed = intval( $_POST['news_fixed'] ); else $news_fixed = 0;
if( ! count( $_REQUEST['catlist'] ) ) {$catlist = array (); $catlist[] = '0';} else $catlist = $_REQUEST['catlist']; $category_list = $db->safesql( implode( ',', $catlist ) );
if( ! $config['allow_add_tags'] ) $_POST['tags'] = ""; elseif( @preg_match( "/[\||\'|\<|\>|\"|\!|\?|\$|\@|\/|\\\|\&\~\*\+]/", $_POST['tags'] ) ) $_POST['tags'] = ""; else $_POST['tags'] = $db->safesql( htmlspecialchars( strip_tags( stripslashes( trim( $_POST['tags'] ) ) ), ENT_QUOTES ) );
if ( $_POST['tags'] ) {
$temp_array = array();
$tags_array = array();
$temp_array = explode (",", $_POST['tags']);
if (count($temp_array)) {
foreach ( $temp_array as $value ) {
if( trim($value) ) $tags_array[] = trim( $value );
}}
if ( count($tags_array) ) $_POST['tags'] = implode(", ", $tags_array); else $_POST['tags'] = "";
}
if( ! $user_group[$member_id['user_group']]['moderation'] ) {$approve = 0;$allow_comm = 1;$allow_main = 0;$allow_rating = 1;$news_fixed = 0;}
if( $approve ) $msg = $lang['add_ok_1']; else $msg = $lang['add_ok_2'];
$allow_list = explode( ',', $user_group[$member_id['user_group']]['cat_add'] );
if( $user_group[$member_id['user_group']]['moderation'] ) {
foreach ( $catlist as $selected ) {
if( $allow_list[0] != "all" and ! in_array( $selected, $allow_list ) and $member_id['user_group'] != "1" ) {
$approve = 0;
$msg = $lang['add_ok_3'];
}}}
$full_story = $db->safesql( $parse->BB_Parse( $parse->process( $_POST['full_story'] ), false ) );
$short_story = $db->safesql( $parse->BB_Parse( $parse->process( $_POST['short_story'] ), false ) );
if( $parse->not_allowed_text ) {$stop .= "<li>" . $lang['news_err_39'] . "</li>";}
$parse->ParseFilter();
$title = $db->safesql( $parse->process( trim( strip_tags ($_POST['title']) ) ) );
$alt_name = trim( $parse->process( stripslashes( $_POST['alt_name'] ) ) );
if( $alt_name == "" or ! $alt_name ) $alt_name = totranslit( stripslashes( $title ), true, false ); else $alt_name = totranslit( $alt_name, true, false );
if( $title == "" or ! $title ) $stop .= $lang['add_err_1'];
if( strlen( $title ) > 200 ) $stop .= $lang['add_err_2'];
if( trim( $short_story ) == "" or ! $short_story ) $stop .= $lang['add_err_5'];
if( $stop ) {$stop = "<ul>" . $stop . "</ul><a href=\"javascript:history.go(-1)\">$lang[all_prev]</a>"; msgbox( $lang['add_err_6'], $stop );}
if( ! $stop ) {
$id = (isset( $_REQUEST['id'] )) ? intval( $_REQUEST['id'] ) : 0; $found = false;
if( $id ) {$row = $db->super_query( "SELECT * FROM " . PREFIX . "_post where id = '$id' and approve = '0'" ); if( $id == $row['id'] and ($member_id['name'] == $row['autor'] or $user_group[$member_id['user_group']]['allow_all_edit']) ) $found = true; else $found = false;}
if( $found ) {
$db->query( "UPDATE " . PREFIX . "_post set title='$title', short_story='$short_story', full_story='$full_story', category='$category_list', alt_name='$alt_name', allow_comm='$allow_comm', approve='$approve', allow_main='$allow_main', allow_rate='$allow_rating', fixed='$news_fixed', tags='" . $_POST['tags'] . "' WHERE id='$id'" );
// Îáëàêî òåãîâ
if( $_POST['tags'] != $row['tags'] or $approve ) {$db->query( "DELETE FROM " . PREFIX . "_tags WHERE news_id = '{$row['id']}'" );
if( $_POST['tags'] != "" and $approve ) {
$tags = array ();
$_POST['tags'] = explode( ",", $_POST['tags'] );
foreach ( $_POST['tags'] as $value ) {$tags[] = "('" . $row['id'] . "', '" . trim( $value ) . "')";}
$tags = implode( ", ", $tags );
$db->query( "INSERT INTO " . PREFIX . "_tags (news_id, tag) VALUES " . $tags );
}}} else {
$added_time = time() + ($config['date_adjust'] * 60);
$thistime = date( "Y-m-d H:i:s", $added_time );
$db->query( "INSERT INTO " . PREFIX . "_post (date, autor, short_story, full_story, title, keywords, category, alt_name, allow_comm, approve, allow_main, fixed, allow_rate, tags) values ('$thistime', '$member_id[name]', '$short_story', '$full_story', '$title', '', '$category_list', '$alt_name', '$allow_comm', '$approve', '$allow_main', '$news_fixed', '$allow_rating', '" . $_POST['tags'] . "')" );
$row['id'] = $db->insert_id();
$member_id['name'] = $db->safesql($member_id['name']);
//Òîððåíòû
if (isset($_FILES['tor_add']) && $_FILES['tor_add']!='') {include_once SYSTEM_DIR . '/modules/torrent/upload.php';}
//!Òîððåíòû
$db->query( "UPDATE " . PREFIX . "_images set news_id='{$row['id']}' where author = '{$member_id['name']}' AND news_id = '0'" );
$db->query( "UPDATE " . PREFIX . "_files set news_id='{$row['id']}' where author = '{$member_id['name']}' AND news_id = '0'" );
$db->query( "UPDATE " . PREFIX . "_torrents set news_id='{$row['id']}' where author = '{$member_id['name']}' AND news_id = '0'" );
$db->query( "UPDATE " . USERPREFIX . "_users set news_num=news_num+1 where user_id='$member_id[user_id]'" );
$row = $row['id'];
include_once SYSTEM_DIR . '/inc/newsimg/doaddimg.php';
if( $_POST['tags'] != "" and $approve ) {
$tags = array ();
$_POST['tags'] = explode( ",", $_POST['tags'] );
foreach ( $_POST['tags'] as $value ) {$tags[] = "('" . $row['id'] . "', '" . trim( $value ) . "')";}
$tags = implode( ", ", $tags );
$db->query( "INSERT INTO " . PREFIX . "_tags (news_id, tag) VALUES " . $tags );
}}
msgbox( $lang['add_ok'], "{$msg} <a href=\"{$config['http_home_url']}" . "addnews.html\">$lang[add_noch]</a> $lang[add_or] <a href=\"{$config['http_home_url']}\">$lang[all_prev]</a>" );
if( $approve ) $cache->clear();
}
} elseif( $is_logged and $user_group[$member_id['user_group']]['allow_adds'] ) {
$tpl->load_template( 'addnews.tpl' );
$addtype = "addnews";
include_once SYSTEM_DIR . '/modules/bbcode.php';
$tpl->set( '{shortarea}', '' );
$tpl->set( '{fullarea}', '' );
$id = (isset( $_REQUEST['id'] )) ? intval( $_REQUEST['id'] ) : 0;
$found = false;
if( $id ) {$row = $db->super_query( "SELECT * FROM " . PREFIX . "_post where id = '$id' and approve = '0'" ); if( $id == $row['id'] and ($member_id['name'] == $row['autor'] or $user_group[$member_id['user_group']]['allow_all_edit']) ) $found = true; else $found = false;}
if( $found ) {
$cat_list = explode( ',', $row['category'] );
$categories_list = CategoryNewsSelection( $cat_list, 0 );
$tpl->set( '{title}', $parse->decodeBBCodes( $row['title'], false ) );
$tpl->set( '{alt-name}', $row['alt_name'] );
$row['short_story'] = $parse->decodeBBCodes( $row['short_story'], false );
$row['full_story'] = $parse->decodeBBCodes( $row['full_story'], false );
$tpl->set( '{short-story}', $row['short_story'] );
$tpl->set( '{full-story}', $row['full_story'] );
$tpl->set( '{tags}', $row['tags'] );
} else {
// äîáàâëåíî îò 27.02.2011
$categories_list = CategoryNewsSelectioh();
// äîáàâëåíî îò 27.02.2011
// $categories_list = CategoryNewsSelection( 0, 0 );
$tpl->set( '{title}', '' );
$tpl->set( '{alt-name}', '' );
$tpl->set( '{short-story}', '' );
$tpl->set( '{full-story}', '' );
$tpl->set( '{tags}', '' );
}
// $cats = "<select name=\"catlist[]\" id=\"category\" onchange=\"onCategoryChange(this.value)\">";
// äîáàâëåíî îò 27.02.2011
$cats = <<<HTML
<script language="javascript" type="text/javascript">
<!--
function rvvvr(adon){
var adon = document.getElementById('entryform').adon.value;
ShowLoading('');
$.post(dle_root + "system/ajax/categajax.php", { adon: adon }, function(data){
HideLoading('');
$("#adonbox").html(data);
});
return false;
};
//-->
</script>
<select name="adon" id="adon" onChange="rvvvr('adon'); return false;">
<option value="0"></option>
HTML;
// äîáàâëåíî îò 27.02.2011
$cats .= $categories_list;
$cats .= "</select>";
$tpl->set( '{bbcode}', $bb_code );
$tpl->set( '{category}', $cats );
include_once SYSTEM_DIR . '/modules/addimg.php';
if( $user_group[$member_id['user_group']]['moderation'] ) {
$admintag = "<input type=\"checkbox\" name=\"allow_comm\" id=\"allow_comm\" value=\"1\" checked=\"checked\" /><label for=\"allow_comm\">" . $lang['add_al_com'] . "</label>";
if( $user_group[$member_id['user_group']]['allow_main'] ) $admintag .= "&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"checkbox\" name=\"allow_main\" id=\"allow_main\" value=\"1\" checked=\"checked\" /><label for=\"allow_main\">" . $lang['add_al_m'] . "</label>";
$admintag .= "<br /><input type=\"checkbox\" name=\"approve\" id=\"approve\" value=\"1\" checked=\"checked\" /><label for=\"approve\"> {$lang['add_al_ap']}</label><br /><input type=\"checkbox\" name=\"allow_rating\" id=\"allow_rating\" value=\"1\" checked=\"checked\" /><label for=\"allow_rating\"> {$lang['addnews_allow_rate']}</label>";
if( $user_group[$member_id['user_group']]['allow_fixed'] ) $admintag .= "<br /><input type=\"checkbox\" name=\"news_fixed\" id=\"news_fixed\" value=\"1\" /><label for=\"news_fixed\"> {$lang['add_al_fix']}</label>";
$tpl->set( '{admintag}', $admintag );} else $tpl->set( '{admintag}', '' );
$torpole = "<tr><td width=\"118.5\" height=\"25\" nowrap=\"nowrap\">Çàãðóçèòü Òîððåíò:</td><td><input type=\"file\" name=\"tor_add\" maxlength=\"250\" class=\"f_input\" /></td></tr>";
$tpl->set('{toradd}', $torpole);
if( $is_logged and $member_id['user_group'] < 3 ) {
$tpl->set( '[urltag]', '' );
$tpl->set( '[/urltag]', '' );} else $tpl->set_block( "'\\[urltag\\].*?\\[/urltag\\]'si", "" );
$script = "
<script language=\"javascript\" type=\"text/javascript\">
<!--
function preview(){";
$script .= "if(document.entryform.short_story.value == '' || document.entryform.title.value == ''){ alert('$lang[add_err_7]'); }
else{
dd=window.open('','prv','height=400,width=750,resizable=0,scrollbars=1')
document.entryform.mod.value='preview';document.entryform.action='{$config['http_home_url']}system/preview.php';document.entryform.target='prv'
document.entryform.submit();dd.focus()
setTimeout(\"document.entryform.mod.value='addnews';document.entryform.action='';document.entryform.target='_self'\",500)
}
}";
$script .= <<<HTML
//-->
</script>
HTML;
$script .= "<form method=post enctype=\"multipart/form-data\" name=\"entryform\" id=\"entryform\" onsubmit=\"if(document.entryform.title.value == '' || document.entryform.short_story.value == ''){alert('$lang[add_err_7]');return false}\" action=\"\">";
$tpl->copy_template = $categoryfilter . $script . $tpl->copy_template . "<input type=\"hidden\" name=\"mod\" value=\"addnews\" /></form>";
$tpl->compile( 'content' );
$tpl->clear();
} else
msgbox( $lang['all_info'], "$lang[add_err_8]<br /><a href=\"javascript:history.go(-1)\">$lang[all_prev]</a>" );
}
?>

235
system/modules/antibot.php Normal file
View File

@@ -0,0 +1,235 @@
<?php
@error_reporting(E_ALL ^ E_NOTICE);
@ini_set('display_errors', true);
@ini_set('html_errors', false);
@ini_set('error_reporting', E_ALL ^ E_NOTICE);
function clean_url ($url) {
if ($url == '') return;
$url = str_replace("http://", "", $url);
if (strtolower(substr($url, 0, 4)) == 'www.') $url = substr($url, 4);
$url = explode('/', $url);
$url = reset($url);
$url = explode(':', $url);
$url = reset($url);
return $url;
}
if (clean_url($_SERVER['HTTP_REFERER']) != clean_url($_SERVER['HTTP_HOST'])) die("Hacking attempt!");
class genrandomimage {
var $alphabet = "0123456789"; // ÍÅ ÈÇÌÅÍßÉÒÅ, åñëè âû íå èçìåíÿëè ôàéë øðèôòîâ!
var $fontsdir = 'fonts';
var $width = 120;
var $height = 50;
var $fluctuation_amplitude = 2;
var $no_spaces = false;
var $jpeg_quality = 70; // ìàêñèìàëüíîå, ìîæíî ïîñòàâèòü 70-80
var $keystring = ''; // êëþ÷åâàÿ ãåíåðèðóåìàÿ ñòðîêà
var $allowed_symbols = "0123456789"; // èñïîëüçóåìûå öèôðû
var $length_min = 3; // ìèíèìàëüíîå
var $length_max = 3; // ìàêñèìàëüíîå
var $length = 0; // äëèíà áóäåò ñãåíåðèðîâàíà
function genstring() {
$length = mt_rand( $this->length_min, $this->length_max );
$this->length = $length;
$this->keystring = '';
for ($i = 0; $i < $length ; $i++) {
// â öèêëå äîáàâëÿåì ê ñòðîêå ïî 1 ñëó÷àéíîìó ñèìâîëó
$this->keystring .= $this->allowed_symbols{ mt_rand( 0, strlen( $this->allowed_symbols ) -1 ) };
}}
function genimage() {
$foreground_color = array( 100, 130, 200 );
$background_color = array( 255, 255, 255 );
$fonts = array();
$fontsdir_absolute = dirname( __FILE__ ).'/'.$this->fontsdir; // ïóòü ê ïàïêå ñ øðèôòàìè
if ($handle = opendir( $fontsdir_absolute )) { // ñîçäàåì ìàññèâ ñ ïîëíûìè ïóòÿìè ê èçîáðàæåíèÿì ñ øðèôòàìè
while (false !== ($file = readdir( $handle ))) {
if (preg_match( '/\.png$/i', $file )) {
$fonts[] = $fontsdir_absolute.'/'.$file;
}}
closedir( $handle );
}
$alphabet_length = strlen( $this->alphabet );
while (true) {
$font_file = $fonts[mt_rand( 0, count( $fonts ) - 1 )];
$font = imagecreatefrompng( $font_file );
$black = imagecolorallocate( $font, 0, 0, 0 );
$fontfile_width = imagesx( $font );
$fontfile_height = imagesy( $font ) - 1;
$font_metrics = array();
$symbol = 0;
$reading_symbol = false;
// çàãðóçêà øðèôòà
for ($i = 0; $i < $fontfile_width && $symbol < $alphabet_length; $i++) {
$transparent = (imagecolorat( $font, $i, 0 ) >> 24) == 127;
if (!$reading_symbol && !$transparent) {
$font_metrics[$this->alphabet{$symbol}] = array( 'start' => $i );
$reading_symbol = true;
continue;
}
if ($reading_symbol && $transparent) {
$font_metrics[$this->alphabet{$symbol}]['end'] = $i;
$reading_symbol = false;
$symbol++;
continue;
}
}
$img = imagecreatetruecolor( $this->width, $this->height );
$white = imagecolorallocate( $img, 100, 130, 200 );
$black = imagecolorallocate( $img, 100, 130, 200 );
imagefilledrectangle( $img, 0, 0, $this->width - 1, $this->height - 1, $white );
// íàíåñåíèå òåêñòà
$x = 1;
$shift = 0;
for ($i = 0; $i < $this->length; $i++) {
$m = $font_metrics[$this->keystring{$i}];
$y = mt_rand( -$this->fluctuation_amplitude, $this->fluctuation_amplitude ) + ($this->height - $fontfile_height) / 2 + 2;
if ($this->no_spaces) {
$shift = 0;
if ($i > 0) {
$shift = 1000;
for ($sy = 1; $sy < $fontfile_height - 15; $sy += 2) {
for ($sx = $m['start'] - 1; $sx < $m['end']; $sx++) {
$rgb = imagecolorat( $font, $sx, $sy );
$opacity = $rgb >> 24;
if ($opacity < 127) {
$left = $sx - $m['start'] + $x;
$py = $sy + $y;
for ($px = min( $left, $this->width - 1 ); $px > $left - 20 && $px >= 0; $px--) {
$color = imagecolorat( $img, $px, $py ) & 0xff;
if ($color + $opacity < 190) {
if ($shift > $left-$px) {
$shift = $left - $px;
}
break;
}
}
break;
}
}
}
}
} else {$shift = 1;}
imagecopy( $img, $font, $x - $shift, $y, $m['start'], 1, $m['end'] - $m['start'], $fontfile_height );
$x += $m['end'] - $m['start'] - $shift;
}
if ($x < $this->width - 10) break; // fit in canvas
}
$center = $x/2;
$img2=imagecreatetruecolor($this->width, $this->height);
$foreground=imagecolorallocate($img2, $foreground_color[0], $foreground_color[1], $foreground_color[2]);
$background=imagecolorallocate($img2, $background_color[0], $background_color[1], $background_color[2]);
imagefilledrectangle($img2, 0, $this->height, $this->width, $this->height+12, $foreground);
// ïåðèîäû
$rand1 = 0;
$rand2 = 0;
$rand3 = 0;
$rand4 = 0;
// ôàçû
$rand5 = 0;
$rand6 = 0;
$rand7 = 0;
$rand8 = 0;
// àìïëèòóäû
$rand9 = 0;
$rand10 = 0;
//âîëíîâîå èñêàæåíèå
for ($x = 0; $x < $this->width; $x++) {
for ($y = 0; $y < $this->height; $y++) {
$sx = $x + (sin( $x * $rand1 + $rand5 ) + sin( $y * $rand3 + $rand6 )) * $rand9 - $this->width / 2 + $center + 1;
$sy = $y + (sin( $x * $rand2 + $rand7 ) + sin( $y * $rand4 + $rand8 )) * $rand10;
if ($sx < 0 || $sy < 0 || $sx >= $this->width - 1 || $sy >= $this->height - 1) {
$color = 200;
$color_x = 200;
$color_y = 200;
$color_xy = 200;
} else {
$color = imagecolorat( $img, $sx, $sy ) & 0xFF;
$color_x = imagecolorat( $img, $sx + 1, $sy ) & 0xFF;
$color_y = imagecolorat( $img, $sx, $sy + 1 ) & 0xFF;
$color_xy = imagecolorat( $img, $sx + 1, $sy + 1 ) & 0xFF;
}
if ($color == 0 && $color_x == 0 && $color_y == 0 && $color_xy == 0) {
$newred = $foreground_color[0];
$newgreen = $foreground_color[1];
$newblue = $foreground_color[2];
} else if ($color == 255 && $color_x == 255 && $color_y == 255 && $color_xy == 255) {
$newred = $background_color[0];
$newgreen = $background_color[1];
$newblue = $background_color[2];
} else {
$frsx = $sx - floor( $sx );
$frsy = $sy - floor( $sy );
$frsx1 = 1 - $frsx;
$frsy1 = 1 - $frsy;
$newcolor = (
$color * $frsx1 * $frsy1 +
$color_x * $frsx * $frsy1 +
$color_y * $frsx1 * $frsy +
$color_xy * $frsx * $frsy);
if ($newcolor > 255) $newcolor = 255;
$newcolor = $newcolor / 255;
$newcolor0 = 1 - $newcolor;
$newred = $newcolor0 * $foreground_color[0] + $newcolor * $background_color[0];
$newgreen = $newcolor0 * $foreground_color[1] + $newcolor * $background_color[1];
$newblue = $newcolor0 * $foreground_color[2] + $newcolor * $background_color[2];
}
imagesetpixel( $img2, $x, $y, imagecolorallocate( $img2, $newred, $newgreen, $newblue ) );
}}
# Ðàìêà
imageline( $img2, 0, 0, $this->width, 0, $foreground );
imageline( $img2, 0, 0, 0, $this->height, $foreground );
imageline( $img2, 0, $this->height-1, $this->width, $this->height-1, $foreground );
imageline( $img2, $this->width-1, 0, $this->width-1, $this->height, $foreground);
header( "Expires: Tue, 11 Jun 1985 05:00:00 GMT" );
header( "Last-Modified: " . gmdate( "D, d M Y H:i:s" ) . " GMT" );
header( "Cache-Control: no-store, no-cache, must-revalidate" );
header( "Cache-Control: post-check=0, pre-check=0", false );
header( "Pragma: no-cache" );
if (function_exists ('imagepng')) {
header ('Content-type: image/png');
imagepng ($img2, null);
} elseif (function_exists ('imagegif')) {
header ('Content-type: image/gif');
imagegif ($img2, null);
} elseif (function_exists('imagejpeg')) {
header( "Content-Type: image/jpeg" );
imagejpeg($img2, null, $this->jpeg_quality);
}
imagedestroy($img2);
}
}
session_start();
$im = new genrandomimage();
$im->genstring();
$_SESSION['sec_code_session'] = $im->keystring;
$im->genimage();
?>

56
system/modules/banned.php Normal file
View File

@@ -0,0 +1,56 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {die( "Hacking attempt!" );}
$this_time = time() + ($config['date_adjust'] * 60);
$sel_banned = $db->query( "SELECT users_id FROM " . USERPREFIX . "_banned WHERE days != '0' AND date < '$this_time'" );
$del = false;
$blocked = false;
while ( $row = $db->get_row( $sel_banned ) ) {
$del = true;
if( $row['users_id'] ){
if ($repa_cf['repa_ban']){
$db->query( "UPDATE " . USERPREFIX . "_users SET banned='', repa='0' WHERE user_id = '{$row['users_id']}'" );
$row2 = $db->super_query("SELECT user_id, name, repa FROM " . USERPREFIX . "_users where user_id = '{$row['users_id']}'");
$db->query( "DELETE FROM " . USERPREFIX . "_reputation WHERE komu = '$row2[name]'" );
} else
$db->query( "UPDATE " . USERPREFIX . "_users SET banned='' WHERE user_id = '{$row['users_id']}'" );
}
}
$db->free( $sel_banned );
if( $del ) {
$db->query( "DELETE FROM " . USERPREFIX . "_banned WHERE days != '0' AND date < '$this_time'" );
$cache->delete('banned.php' );
}
if( $blockip ) {
$blocked = true;
if( $banned_info['ip'][$blockip]['date'] ) {
if( $banned_info['ip'][$blockip]['date'] > $this_time ) $endban = langdate( "j M Y H:i", $banned_info['ip'][$blockip]['date'] );
else $blocked = false;
} else $endban = $lang['banned_info'];
$descr = $lang['ip_block'] . "<br /><br />" . $banned_info['ip'][$blockip]['descr'];
} elseif( $banned_info['users_id'][$member_id['user_id']]['users_id'] ) {
$blocked = true;
if( $banned_info['users_id'][$member_id['user_id']]['date'] ) {
if( $banned_info['users_id'][$member_id['user_id']]['date'] > $this_time ) $endban = langdate( "j M Y H:i", $banned_info['users_id'][$member_id['user_id']]['date'] );
else $blocked = false;
} else $endban = $lang['banned_info'];
$descr = $banned_info['users_id'][$member_id['user_id']]['descr'];
}
if( $blocked ) {
$tpl->dir = ROOT_DIR . '/templates';
$tpl->load_template( 'banned.tpl' );
$tpl->set('{title}', $config['short_title']);
$tpl->set( '{description}', $descr );
$tpl->set( '{end}', $endban );
$tpl->compile( 'content' );
echo $tpl->result['content'];
die();
}
?>

94
system/modules/bbcode.php Normal file
View File

@@ -0,0 +1,94 @@
<?PHP
if(!defined('DATALIFEENGINE')){die("Hacking attempt!");}
if (isset($addtype) AND $addtype == "addnews") {
$startform = "short_story";
$addform = "document.entryform";
if ($is_logged AND $user_group[$member_id['user_group']]['allow_image_upload'] OR ($is_logged AND $member_id['user_group'] == 1)){$image_upload = "<div class=\"editor_button\" onclick=image_upload()><img title=\"$lang[bb_t_up]\" src=\"{THEME}/bbcodes/upload.gif\" width=\"23\" height=\"25\" border=\"0\" alt=\"\" /></div>";
}else {$image_upload = "";}
$add_id = (isset($_REQUEST['id'])) ? intval($_REQUEST['id']) : '';
$code = <<<HTML
<div style="width:98%; height:50px; border:1px solid #BBB; background-image:url('{THEME}/bbcodes/bg.gif');">
<div id="b_b" class="editor_button" onclick="simpletag('b')"><img title="$lang[bb_t_b]" src="{THEME}/bbcodes/b.gif" width="23" height="25" border="0" alt="" /></div>
<div id="b_i" class="editor_button" onclick="simpletag('i')"><img title="$lang[bb_t_i]" src="{THEME}/bbcodes/i.gif" width="23" height="25" border="0" alt="" /></div>
<div id="b_u" class="editor_button" onclick="simpletag('u')"><img title="$lang[bb_t_u]" src="{THEME}/bbcodes/u.gif" width="23" height="25" border="0" alt="" /></div>
<div id="b_s" class="editor_button" onclick="simpletag('s')"><img title="$lang[bb_t_s]" src="{THEME}/bbcodes/s.gif" width="23" height="25" border="0" alt="" /></div>
<div class="editor_button"><img src="{THEME}/bbcodes/brkspace.gif" width="5" height="25" border="0" alt="" /></div>
<div class="editor_button" onclick="tag_image()"><img title="$lang[bb_b_img]" src="{THEME}/bbcodes/image.gif" width="23" height="25" border="0" alt="" /></div>
{$image_upload}
<div class="editor_button"><img src="{THEME}/bbcodes/brkspace.gif" width="5" height="25" border="0" alt="" /></div>
<div class="editor_button" onclick="tag_url()"><img title="$lang[bb_t_url]" src="{THEME}/bbcodes/link.gif" width="23" height="25" border="0" alt="" /></div>
<div class="editor_button" onclick="tag_email()"><img title="$lang[bb_t_m]" src="{THEME}/bbcodes/email.gif" width="23" height="25" border="0" alt="" /></div>
<div class="editor_button"><img src="{THEME}/bbcodes/brkspace.gif" width="5" height="25" border="0" alt="" /></div>
<div class="editor_button" onclick="tag_video()"><img title="$lang[bb_t_video]" src="{THEME}/bbcodes/mp.gif" width="23" height="25" border="0" alt="" /></div>
<div class="editor_button" onclick="tag_audio()"><img src="{THEME}/bbcodes/mp3.gif" width="23" height="25" border="0" alt="" /></div>
<div class="editor_button"><img src="{THEME}/bbcodes/brkspace.gif" width="5" height="25" border="0" alt="" /></div>
<div id="b_color" class="editor_button" onclick="ins_color(this);"><img src="{THEME}/bbcodes/color.gif" width="23" height="25" border="0" alt="" /></div>
<div class="editor_button"><img src="{THEME}/bbcodes/brkspace.gif" width="5" height="25" border="0" alt="" /></div>
<div class="editor_button" onclick="tag_flash()"><img src="{THEME}/bbcodes/flash.gif" width="23" height="25" border="0" alt="" /></div>
<div class="editor_button" onclick="tag_media()"><img src="{THEME}/bbcodes/youtube.gif" width="23" height="25" border="0" alt="" /></div>
<div class="editor_button_brk"><img src="{THEME}/bbcodes/brkspace.gif" width="5" height="25" border="0" alt="" /></div>
<div class="editor_button" style="padding-top:4px;width:120px;"><select name="bbfont" class="editor_button" onchange="insert_font(this.options[this.selectedIndex].value, 'font')"><option value='0'>{$lang['bb_t_font']}</option><option value='Arial'>Arial</option><option value='Arial Black'>Arial Black</option><option value='Century Gothic'>Century Gothic</option><option value='Courier New'>Courier New</option><option value='Georgia'>Georgia</option><option value='Impact'>Impact</option><option value='System'>System</option><option value='Tahoma'>Tahoma</option><option value='Times New Roman'>Times New Roman</option><option value='Verdana'>Verdana</option></select></div>
<div class="editor_button" style="padding-top:4px;width:65px;"><select name="bbsize" class="editor_button" onchange="insert_font(this.options[this.selectedIndex].value, 'size')"><option value='0'>{$lang['bb_t_size']}</option><option value='1'>1</option><option value='2'>2</option><option value='3'>3</option><option value='4'>4</option><option value='5'>5</option><option value='6'>6</option><option value='7'>7</option></select></div>
<div class="editor_button"><img src="{THEME}/bbcodes/brkspace.gif" width="5" height="25" border="0" alt="" /></div>
<div id="b_left" class="editor_button" onclick="simpletag('left')"><img title="$lang[bb_t_l]" src="{THEME}/bbcodes/l.gif" width="23" height="25" border="0" alt="" /></div>
<div id="b_center" class="editor_button" onclick="simpletag('center')"><img title="$lang[bb_t_c]" src="{THEME}/bbcodes/c.gif" width="23" height="25" border="0" alt="" /></div>
<div id="b_right" class="editor_button" onclick="simpletag('right')"><img title="$lang[bb_t_r]" src="{THEME}/bbcodes/r.gif" width="23" height="25" border="0" alt="" /></div>
<div class="editor_button"><img src="{THEME}/bbcodes/brkspace.gif" width="5" height="25" border="0" alt="" /></div>
<div id="b_quote" class="editor_button" onclick="simpletag('quote')"><img title="$lang[bb_t_quote]" src="{THEME}/bbcodes/quote.gif" width="23" height="25" border="0" alt="" /></div>
<div id="b_screens" class="editor_button" onclick="simpletag('screens')"><img title="Ñêðèíøîòû" src="{THEME}/bbcodes/screens.gif" width="23" height="25" border="0"></div>
<div id="b_hide" class="editor_button" onclick="simpletag('hide')"><img title="$lang[bb_t_hide]" src="{THEME}/bbcodes/hide.gif" width="23" height="25" border="0" alt="" /></div>
<div id="b_code" class="editor_button" onclick="simpletag('code')"><img title="$lang[bb_t_code]" src="{THEME}/bbcodes/code.gif" width="23" height="25" border="0" alt="" /></div>
<div class="editor_button">&nbsp;&nbsp;<img src="{THEME}/bbcodes/brkspace.gif" width="5" height="25" border="0" alt="" /></div>
<div id="b_spoiler" class="editor_button" onclick="spoiler()"><img src="{THEME}/bbcodes/spoiler.gif" width="23" height="25" border="0" alt="" /></div>
<div class="editor_button" onclick="tag_kp()"><img title="Ðåéòèíã ÊèíîÏîèñêà" src="{THEME}/bbcodes/rating.gif" width="23" height="25" border="0"></div>
</div>
<script type="text/javascript" src="{$config['http_home_url']}system/ajax/bbcodes.js"></script>
HTML;
}
else {
$startform = "comments";
$addform = "document.getElementById( 'dle-comments-form' )";
$add_id = false;
$code = <<<HTML
<textarea name="comments" id="comments" placeholder="Ñîîáùåíèå..." onclick="setNewField(this.name, document.getElementById( 'dle-comments-form' ))">{text}</textarea>
HTML;
}
$bb_code = <<<HTML
<script language="javascript" type="text/javascript">
<!--
var text_enter_url = "$lang[bb_url]";
var text_enter_size = "$lang[bb_flash]";
var text_enter_flash = "$lang[bb_flash_url]";
var text_enter_page = "$lang[bb_page]";
var text_enter_url_name = "$lang[bb_url_name]";
var text_enter_page_name = "$lang[bb_page_name]";
var text_enter_image = "$lang[bb_image]";
var text_enter_email = "$lang[bb_email]";
var text_code = "$lang[bb_code]";
var text_quote = "$lang[bb_quote]";
var error_no_url = "$lang[bb_no_url]";
var error_no_title = "$lang[bb_no_title]";
var error_no_email = "$lang[bb_no_email]";
var prompt_start = "$lang[bb_prompt_start]";
var img_title = "$lang[bb_img_title]";
var email_title = "$lang[bb_email_title]";
var text_pages = "$lang[bb_bb_page]";
var image_align = "{$config['image_align']}";
var selField = "{$startform}";
var fombj = {$addform};
function image_upload(){window.open('{$config['http_home_url']}system/images.php?area=' + selField + '&add_id={$add_id}', '_Addimage', 'toolbar=0,location=0,status=0, left=0, top=0, menubar=0,scrollbars=yes,resizable=0,width=640,height=550');}
-->
</script>
{$code}
HTML;
?>

View File

@@ -0,0 +1,45 @@
<?php
if(!defined('DATALIFEENGINE')) { die("Hacking attempt!"); }
global $banned_info;
require_once SYSTEM_DIR.'/data/chat.config.php';
require_once SYSTEM_DIR.'/modules/functions.php';
require_once SYSTEM_DIR.'/classes/parse.class.php';
$parse = new ParseFilter();
$parse->safe_mode = true;
$_TIME = time()+($config['date_adjust']*60);
if ($is_logged) {$name = $db->safesql($member_id['name']);} else {$CN_HALT = TRUE;}
$_IP = $db->safesql($_SERVER['REMOTE_ADDR']);
$time = date ("Y-m-d H:i:s", $_TIME);
$message = $db->safesql($parse->BB_Parse($parse->process($mcadd['message'])), false);
if( strlen($message) > 3000) $CN_HALT = TRUE;
if ($message =='' OR $member_id['banned'] == "yes") $CN_HALT = TRUE;
$message = preg_replace("#(^|\s|>)((http|https|ftp)://\w+[^\s\[\]\<]+)#i", '\\1<a href="\\2" target="_blank" rel="nofollow">URL</a>', $message);
//* Àâòîïåðåíîñ äëèííûõ ñëîâ
if(intval($chatconfig['auto_wrap'])){
$message = preg_split('((>)|(<))', $message, -1, PREG_SPLIT_DELIM_CAPTURE);
$n = count($message);
for ($i = 0; $i < $n; $i++) {
if ($message[$i] == "<") {
$i++; continue;
}
$message[$i] = preg_replace("#([^\s<>'\"/\.\\-\?&\n\r\%]{".intval($chatconfig['auto_wrap'])."})#i", "\\1<br />", $message[$i]);
}
$message = join("", $message);
}
$data['skin'] = strtolower($_REQUEST['skin']);
// Äîáàâëåíèå
if ($CN_HALT) {
} else {
$db->query("INSERT INTO ".PREFIX."_chat (name, message, date, ip, `mgroup`, user_id) VALUES ('$name', '$message', '$time', '$_IP', '$member_id[user_group]', '$member_id[user_id]')");
$cache->del('minichat');
}
?>

280
system/modules/chat/ajax.js Normal file
View File

@@ -0,0 +1,280 @@
var DMC_selField = "message";
var DMC_fombj = document.getElementById( 'chat-form' );
function Chat_UserMenu(a, b, c, d, e, f) {
var g = new Array();
g[0] = '<a onclick="Chat_QuoteName(\'' + e + '\'); return false;" href="javascript:quote(' + e + ');">Îòâåòèòü</a>';
g[1] = '<a ' + a + ' >' + menu_profile + '</a>';
g[2] = '<a href="' + dle_root + 'index.php?do=pm&doaction=newpm&user=' + b + '">' + menu_send + '</a>';
if (c == '1' || c == '2') {
g[3] = '<a onclick="return Chat_MessDel(' + d + ');" href="javascript:messages_delete(' + d + ');">Óäàëèòü</a>'
}
return g
}
function Chat_GastMenu(a, b, c, d, e) {
var f = new Array();
f[0] = '<a onclick="Chat_QuoteName(\'' + d + '\'); return false;" href="javascript:quote(' + d + ');">Îòâåòèòü</a>';
f[1] = '<a href="mailto:' + a + '">' + menu_send + '</a>';
if (b == '1' || b == '2') {
f[2] = '<a onclick="return Chat_MessDel(' + c + ');" href="javascript:messages_delete(' + c + ');">Óäàëèòü</a>'
}
return f
}
function Chat_MessDel(b) {
$.post(dle_root + "system/ajax/chat.php", { mdelete: b, refresh: 1, skin: dle_skin}, function(data){
$("#chat").html(data);
});
}
function Chat_Refresh() {
$.post(dle_root + "system/ajax/chat.php", { skin: dle_skin}, function(data){
$("#chat").html(data);
});
}
function Chat_QuoteName(a) {
document.getElementById('message').value += "[b]" + a + "[/b]:";
$("#message").focus()
}
function Chat_AddSmile(a, b, c) {
document.getElementById(b).value += ":" + a + ":";
$("#" + c).fadeOut("slow");
$("#" + b).focus()
}
function Chat_Display(a, b) {
if ($("#" + a).css("display") === "none") {
$("#" + a).show(b)
} else {
$("#" + a).hide(b)
}
}
function AWclear(a, b) {
var c = a.value;
if (c == b) {
a.value = ""
}
$(a).attr('onblur', "if(this.value=='')this.value='" + b + "';")
}
function SendMessage(){
if($.trim(document.chat_form.message.value) == ''){
alert('Ââåäèòå ñîîáùåíèå!');
return false;
};
var message = document.getElementById('message').value;
$.post(dle_root + "system/ajax/chat.php", { message: message, skin: dle_skin}, function(data){
$("#chat").html(data);
$('#message').attr('value', '');
});
return false;
};
//BBCOdes
var uagent = navigator.userAgent.toLowerCase();
var is_safari = ( (uagent.indexOf('safari') != -1) || (navigator.vendor == "Apple Computer, Inc.") );
var is_ie = ( (uagent.indexOf('msie') != -1) && (!is_opera) && (!is_safari) && (!is_webtv) );
var is_ie4 = ( (is_ie) && (uagent.indexOf("msie 4.") != -1) );
var is_moz = (navigator.product == 'Gecko');
var is_ns = ( (uagent.indexOf('compatible') == -1) && (uagent.indexOf('mozilla') != -1) && (!is_opera) && (!is_webtv) && (!is_safari) );
var is_ns4 = ( (is_ns) && (parseInt(navigator.appVersion) == 4) );
var is_opera = (uagent.indexOf('opera') != -1);
var is_kon = (uagent.indexOf('konqueror') != -1);
var is_webtv = (uagent.indexOf('webtv') != -1);
var is_win = ( (uagent.indexOf("win") != -1) || (uagent.indexOf("16bit") !=- 1) );
var is_mac = ( (uagent.indexOf("mac") != -1) || (navigator.vendor == "Apple Computer, Inc.") );
var ua_vers = parseInt(navigator.appVersion);
var b_open = 0;
var i_open = 0;
var u_open = 0;
var s_open = 0;
var quote_open = 0;
var code_open = 0;
var sql_open = 0;
var html_open = 0;
var left_open = 0;
var center_open = 0;
var right_open = 0;
var hide_open = 0;
var color_open = 0;
var ie_range_cache = '';
var DMC_bbtags = new Array();
function DMC_stacksize(thearray)
{
for (i = 0; i < thearray.length; i++ )
{
if ( (thearray[i] == "") || (thearray[i] == null) || (thearray == 'undefined') )
{
return i;
}
}
return thearray.length;
};
function cstat()
{
var c = DMC_stacksize(DMC_bbtags);
if ( (c < 1) || (c == null) ) {
c = 0;
}
if ( ! DMC_bbtags[0] ) {
c = 0;
}
};
function DMC_simpletag(thetag)
{
var tagOpen = eval(thetag + "_open");
if (tagOpen == 0)
{
if(DMC_doInsert("[" + thetag + "]", "[/" + thetag + "]", true))
{
eval(thetag + "_open = 1");
document.getElementById( 'b_' + thetag ).className = 'editor_buttoncl';
pushstack(DMC_bbtags, thetag);
cstat();
}
}
else
{
lastindex = 0;
for (i = 0 ; i < DMC_bbtags.length; i++ )
{
if ( DMC_bbtags[i] == thetag )
{
lastindex = i;
}
}
while (DMC_bbtags[lastindex])
{
tagRemove = popstack(DMC_bbtags);
DMC_doInsert("[/" + tagRemove + "]", "", false);
if ( (tagRemove != 'font') && (tagRemove != 'size') )
{
eval(tagRemove + "_open = 0");
document.getElementById( 'b_' + tagRemove ).className = 'editor_button';
}
}
cstat();
}
};
function DMC_doInsert(ibTag, ibClsTag, isSingle)
{
var isClose = false;
var obj_ta = eval('DMC_fombj.'+ DMC_selField);
if ( (ua_vers >= 4) && is_ie && is_win)
{
if (obj_ta.isTextEdit)
{
obj_ta.focus();
var sel = document.selection;
var rng = ie_range_cache ? ie_range_cache : sel.createRange();
rng.colapse;
if((sel.type == "Text" || sel.type == "None") && rng != null)
{
if(ibClsTag != "" && rng.text.length > 0)
ibTag += rng.text + ibClsTag;
else if(isSingle)
ibTag += rng.text + ibClsTag;
rng.text = ibTag;
}
}
else
{
obj_ta.value += ibTag + ibClsTag;
}
rng.select();
ie_range_cache = null;
}
else if ( obj_ta.selectionEnd )
{
var ss = obj_ta.selectionStart;
var st = obj_ta.scrollTop;
var es = obj_ta.selectionEnd;
if (es <= 2)
{
es = obj_ta.textLength;
}
var start = (obj_ta.value).substring(0, ss);
var middle = (obj_ta.value).substring(ss, es);
var end = (obj_ta.value).substring(es, obj_ta.textLength);
if (obj_ta.selectionEnd - obj_ta.selectionStart > 0)
{
middle = ibTag + middle + ibClsTag;
}
else
{
middle = ibTag + middle + ibClsTag;
}
obj_ta.value = start + middle + end;
var cpos = ss + (middle.length);
obj_ta.selectionStart = cpos;
obj_ta.selectionEnd = cpos;
obj_ta.scrollTop = st;
}
else
{
obj_ta.value += ibTag + ibClsTag;
}
obj_ta.focus();
return isClose;
};
function getOffsetTop(obj)
{
var top = obj.offsetTop;
while( (obj = obj.offsetParent) != null )
{
top += obj.offsetTop;
}
return top;
};
function getOffsetLeft(obj)
{
var top = obj.offsetLeft;
while( (obj = obj.offsetParent) != null )
{
top += obj.offsetLeft;
}
return top;
};

View File

@@ -0,0 +1,38 @@
<?php
if(!defined('DATALIFEENGINE')) {die("Hacking Attempt!"); }
require_once SYSTEM_DIR.'/data/config.php';
require_once SYSTEM_DIR.'/data/chat.config.php';
require_once SYSTEM_DIR.'/modules/chat/chat.class.php';
$chat= new Chat();
$tpl->load_template('chat/block.tpl');
$tpl->copy_template .= '<script type="text/javascript" src="/system/modules/chat/ajax.js"></script>
<script type="text/javascript">
var Chat_RefInterval = '.$chatconfig['refresh'].'*1000;
setInterval(Chat_Refresh, Chat_RefInterval);
</script>';
if ($is_logged){
$tpl->set('[isloged]',"");
$tpl->set('[/isloged]',"");
$tpl->set_block("'\\[notloged\\].*?\\[/notloged\\]'si","");
} else {
$tpl->set_block("'\\[isloged\\].*?\\[/isloged\\]'si","");
$tpl->set('[notloged]',"");
$tpl->set('[/notloged]',"");
}
$tpl->set('[historylink]',"<a href=\"".$config['http_home_url']."chat/history/\" >");
$tpl->set('[/historylink]',"</a>");
$tpl->set('{chatmsg}', $chat->GetContent($chatconfig, $member_id, $config));
$tpl->copy_template = "<form method=\"post\" onsubmit=\"SendMessage(); return false;\" name=\"chat_form\" id=\"chat-form\">".$tpl->copy_template."
</form> ";
$tpl->compile('minichat');
$tpl->clear();
return $tpl->result['minichat'];
?>

View File

@@ -0,0 +1,65 @@
<?php
if(!defined('DATALIFEENGINE')) {die("Hacking Attempt!"); }
class Chat extends db{
function GetContent($chatconfig, $member_id, $config){
global $cache, $user_group;
$moder = false;
if ($member_id['user_group'] == 1) {
$flag = true;
$moder = true;
$m_group = 1;
}
elseif ($member_id['user_group'] == 2) {
$flag = true;
$moder = true;
$m_group = 2;
}
if (!$html = $cache->open('minichat')) $flag = true;
elseif(!$moder) $flag = false;
if ($flag){
$html = "";
require_once SYSTEM_DIR.'/classes/parse.class.php';
$parse = new ParseFilter();
$parse->safe_mode = true;
$result = $this->query("SELECT id, name as gast_name, message, date, ip, user_id, mgroup FROM ".PREFIX."_chat m ORDER BY date DESC LIMIT 0,".$chatconfig['limit']."");
if (!$moder){$m_group = 4;}
$PHP_SELF = $config['http_home_url'];
while ($row = $this->get_row($result)){
$lang['mchat_mess'] = "Ñîîáùåíèå";
$row['date'] = strtotime($row['date']);
$row['name'] = stripslashes($row['gast_name']);
$go_page = "href=\"".$config['http_home_url']."user/".urlencode($row['name'])."/\"";
$go_page .= "onClick=\"return dropdownmenu(this, event, Chat_UserMenu('".htmlspecialchars($go_page)."', '".$row['user_id']."', ".$m_group.", '".$row['id']."', '".$row['name']."', '".$lang['mchat_mess']."'), '170px')\"";
$color = $user_group[$row['mgroup']]['colour'];
$author = "<a {$go_page} href=\"".$config['http_home_url']."user/".urlencode($row['name'])."/\"><strong style='color:$color'>".$row['name']."</strong></a>";
$date = mcdate($chatconfig['timestamp'],$row['date']);
$message = stripslashes($row['message']);
$html .= "<div class=\"cmessage\"><b>".$author."</b><div style=\"float:right; color: #BBBBBB\">".$date."</div><br><span style=\"color:#2a2a2a\">".$message."</span></div>";
}
$this->free();
if (!$moder) $cache->save('minichat', $html);
}
else $html = $cache->open('minichat');
return $html;
}
}
?>

View File

@@ -0,0 +1,77 @@
<?php
if(!defined('DATALIFEENGINE')) { die("Hacking Attempt!"); }
require_once SYSTEM_DIR.'/classes/parse.class.php';
$parse = new ParseFilter();
$parse->safe_mode = true;
include(SYSTEM_DIR.'/data/chat.config.php');
if ($action == "mess_del") {
$db->query("DELETE FROM " . PREFIX . "_chat WHERE id = '$id'");
msgbox ($lang['all_info'], "Âûáðàííîå ñîîáùåíèå áûëî óñïåøíî óäàëåíî. <a href=\"$PHP_SELF?do=chat_history\">Âåðíóòüñÿ íàçàä...</a>");
} else {
$tpl->load_template('chat/message.tpl');
$limit = intval($chatconfig['messlimit']);
$sql_count = $db->super_query("SELECT COUNT(*) as count FROM " . PREFIX . "_chat");
$count_all = $sql_count['count'];
$page = intval( $_REQUEST['cstart'] );
$total = intval( ( ( $count_all - 1 ) / $limit ) + 1 );
if( $page <= 0 ) $page = 1;
if( $page > $total ) $page = $total;
$start = $page * $limit - $limit;
$i = $start; $s = 0;
$result = $db->query("SELECT id, name as gast_name, message, date, ip, user_id, mgroup FROM " . PREFIX . "_chat ORDER BY date DESC LIMIT $start,".$limit);
while($row = $db->get_array($result)){ $i++;$s++;
$row['date'] = strtotime($row['date']);
$row['name'] = stripslashes($row['gast_name']);
$tpl->set('{author}', "<a href=\"".$config['http_home_url']."user/".urlencode($row['name'])."/\">".$row['name']."</a>");
if ($is_logged AND $member_id['user_group'] == '1')
$tpl->set('{ip}', "IP: <a onClick=\"return dropdownmenu(this, event, IPMenu('".$row['ip']."', '".$lang['ip_info']."', '".$lang['ip_tools']."', '".$lang['ip_ban']."'), '190px')\" onMouseout=\"delayhidemenu()\" href=\"http://www.nic.ru/whois/?ip={$row['ip']}\" target=\"_blank\">{$row['ip']}</a> ::");
else
$tpl->set('{ip}', '');
if ($config['comm_msort'] == "ASC")
$tpl->set('{mess-id}', $cstart+$i);
else
$tpl->set('{mess-id}', $comments_num-$cstart-$i+1);
if (($is_logged AND ($member_id['user_id'] == $row['userid'] AND ($row['is_reg'] == 1) AND $user_group[$member_id['user_group']]['allow_editc'])) OR $user_group[$member_id['user_group']]['edit_allc']){
$tpl->set('[mes-edit]',"<a href=\"".$config['http_home_url']."admin.php?mod=chat&action=messedit&id=".$row['id']."\" target=\"_blank\">");
$tpl->set('[/mes-edit]',"</a>");
} else $tpl->set_block("'\\[mes-edit\\](.*?)\\[/mes-edit\\]'si","");
if ($is_logged AND (($member_id['user_id'] == $row['userid'] AND ($row['is_reg'] == 1) AND $user_group[$member_id['user_group']]['allow_delc'] AND ($row['date'] == $date_max['MAX(date)'])) OR $member_id['user_group'] == '1' OR $user_group[$member_id['user_group']]['del_allc'])){
$tpl->set('[mes-del]',"<a href=\"javascript:confirmDelete('".$config['http_home_url']."?do=chat_history&action=mess_del&id=".$row['id']."')\">");
$tpl->set('[/mes-del]',"</a>");
} else $tpl->set_block("'\\[mes-del\\](.*?)\\[/mes-del\\]'si","");
$message = stripslashes($row['message']);
if (date(Ymd, $row['date']) == date(Ymd, $_TIME)) {
$tpl->set('{date}', $lang['time_heute'].langdate(", H:i", $row['date']));
} elseif (date(Ymd, $row['date']) == date(Ymd, ($_TIME - 86400))) {
$tpl->set('{date}', $lang['time_gestern'].langdate(", H:i", $row['date']));
} else {
$tpl->set('{date}', langdate($config['timestamp_comment'], $row['date']));
}
$tpl->set('{message}', $message);
$tpl->compile('content');
}
$nav = "/chat/history/page/{page}/";
CreateNavigation( $nav, $page, $total );
};
?>

View File

@@ -0,0 +1,37 @@
<?php
if(!defined('DATALIFEENGINE')){die("Hacking attempt!");}
$commentslast = $cache->open( "comments-last", $config['skin'] );
if( ! $commentslast ) {
$sql = $db->query( "SELECT
comments.id AS comment_id, comments.post_id, comments.autor, post.title, post.alt_name, post.comm_num, comments.date
FROM " . PREFIX . "_post AS post
RIGHT JOIN
(SELECT *
FROM " . PREFIX . "_comments AS c
WHERE 1=1
ORDER BY c.date DESC) AS comments
ON post.id = comments.post_id AND post.approve=1
GROUP BY post.id ORDER BY comments.date DESC LIMIT 0, 15");
while( $row = $db->get_row() ) {
if( strlen( $row['autor']) > 10 )
$user = substr( $row['autor'], 0, 10 );
else $user = $row['autor'];
if( strlen( $row['title']) > 15 )
$title = substr( $row['title'], 0, 15 ) . "...";
else $title = $row['title'];
$autor = "<a href=\"" . $config['http_home_url'] . "user/" . urlencode( $row['autor'] ) . "/\">" . $user . "</a>";
$full_link = $config['http_home_url'] . $row['post_id'] . "-" . $row['alt_name'] . ".html";
$post = "<a href=\"" . $full_link . "#comment\">" . stripslashes( $title ) . "</a>" ;
$lcomm .= "<li><strong title='Êîëè÷åñòâî êîììåíòàðèåâ â íîâîñòè'>{$row['comm_num']}</strong>{$autor} - {$post}</li>";
}
$commentslast= "<ul class=\"lastcomm\">".$lcomm."</ul>";
$db->free();
$cache->save( "comments-last", $commentslast, $config['skin'] );
}
?>

View File

@@ -0,0 +1,75 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {die( "Hacking attempt!" );}
$limit = $config['newslist_num'];
$word = 50;
$list = explode( ",", $member_id['favorites'] );
foreach ( $list as $daten ) {$fav_list[] = "'" . intval($daten) . "'";}
$list = implode( ",", $fav_list );
$favorites = "(" . $list . ")";
$allow_list = explode( ',', $user_group[$member_id['user_group']]['allow_cats'] );
if( $allow_list[0] != "all" ) {
if( $config['allow_multi_category'] ) {$stop_list = "category regexp '[[:<:]](" . implode( '|', $allow_list ) . ")[[:>:]]' AND ";
} else {$stop_list = "category IN ('" . implode( "','", $allow_list ) . "') AND ";}
} else
$stop_list = "";
if( $user_group[$member_id['user_group']]['allow_short'] ) $stop_list = "";
if (isset ( $_SESSION['dle_sort_favorites'] )) $news_sort_by = $_SESSION['dle_sort_favorites']; else $news_sort_by = $config['news_sort'];
if (isset ( $_SESSION['dle_direction_favorites'] )) $news_direction_by = $_SESSION['dle_direction_favorites']; else $news_direction_by = $config['news_msort'];
$sql_count = "SELECT COUNT(*) as count FROM " . PREFIX . "_post where {$stop_list}id in {$favorites}";
$temp = $db->super_query($sql_count);
$posts = $temp['count'];
if($posts){
$page = intval( $cstart );
$total = intval( ( ( $posts - 1 ) / $limit ) + 1 );
if( $page <= 0 ) $page = 1;
if( $page > $total ) $page = $total;
$start = $page * $limit - $limit;
$i = $start;
$sql_select = "SELECT id, autor, date, title, category, alt_name, comm_num, rating, news_read FROM " . PREFIX . "_post where {$stop_list}id in $favorites ORDER BY " . $news_sort_by . " " . $news_direction_by . " LIMIT " . $start . "," . $limit;
$result = $db->query($sql_select);
$tpl->load_template('fav/news.tpl');
while($row = $db->get_row($result)){
$i++;
if (strlen($row['title']) > $word) $title = stripcslashes(substr ($row['title'], 0, $word))." ..."; else $title = stripcslashes($row['title']);
$fav_arr = explode( ',', $member_id['favorites'] );
if( ! in_array( $row['id'], $fav_arr ) or $config['allow_cache'] == "yes" ) $tpl->set( '{favorites}', "<a id=\"fav-id-" . $row['id'] . "\" href=\"$PHP_SELF?do=favorites&amp;doaction=add&amp;id=" . $row['id'] . "\"><img src=\"" . $config['http_home_url'] . "templates/{$config['skin']}/images/add_fav.png\" onclick=\"doFavorites('" . $row['id'] . "', 'plus'); return false;\" title=\"" . $lang['news_addfav'] . "\" style=\"vertical-align: middle;border: none;\" alt=\"\" /></a>" );
else $tpl->set( '{favorites}', "<a id=\"fav-id-" . $row['id'] . "\" href=\"$PHP_SELF?do=favorites&amp;doaction=del&amp;id=" . $row['id'] . "\"><img src=\"" . $config['http_home_url'] . "templates/{$config['skin']}/images/del_fav.png\" onclick=\"doFavorites('" . $row['id'] . "', 'minus'); return false;\" title=\"" . $lang['news_minfav'] . "\" style=\"vertical-align: middle;border: none;\" alt=\"\" /></a>" );
$set = array(
'{category}' => "<a href=\"" . $config['http_home_url'] . get_url($row['category']) . "/\">".$cat_info[$row['category']]['name']."</a>",
'{date}' => date("d.m.Y",strtotime($row['date'])),
'{title}' => $title,
'{link}' => $config['http_home_url'].$row['id']."-".$row['alt_name'].".html",
'{id}' => $row['id'],
);
$tpl->set('', $set);
$tpl->compile('fileslist');
}
$list = $tpl->result['fileslist'];
$tpl->load_template('fav/favorites.tpl');
$tpl->set('{list}', $list);
$tpl->set ( '{sort}', news_sort ( $do ) );
$tpl->compile('content');
$tpl->clear();
$nav = "/favorites/page/{page}/";
CreateNavigation( $nav, $page, $total );
} else {
$tpl->load_template('info.tpl');
$tpl->set('{error}', "Ê ñîæàëåíèþ âàìè íå áûëî äîáàâëåíî íè îäíîãî ìàòåðèàëà â çàêëàäêè.");
$tpl->set('{title}', "Çàêëàäêè");
$tpl->compile('content');
$tpl->clear();
}
?>

124
system/modules/feedback.php Normal file
View File

@@ -0,0 +1,124 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {
die( "Hacking attempt!" );
}
if( isset( $_POST['send'] ) ) {
$stop = "";
if( $is_logged ) {
$name = $member_id['name'];
$email = $member_id['email'];
} else {
$name = $db->safesql( strip_tags( $_POST['name'] ) );
$not_allow_symbol = array ("\x22", "\x60", "\t", '\n', '\r', "\n", "\r", '\\', ",", "/", "¬", "#", ";", ":", "~", "[", "]", "{", "}", ")", "(", "*", "^", "%", "$", "<", ">", "?", "!", '"', "'" );
$email = $db->safesql(trim( str_replace( $not_allow_symbol, '', strip_tags( stripslashes( $_POST['email'] ) ) ) ) );
$db->query( "SELECT name from " . USERPREFIX . "_users where LOWER(name) = '" . strtolower( $name ) . "' OR LOWER(email) = '" . strtolower( $email ) . "'" );
if( $db->num_rows() > 0 ) {$stop = $lang['news_err_7'];}
$name = strip_tags( stripslashes( $_POST['name'] ) );
}
$subject = strip_tags( stripslashes( $_POST['subject'] ) );
$message = stripslashes( $_POST['message'] );
$recip = intval( $_POST['recip'] );
if( !$user_group[$member_id['user_group']]['allow_feed'] ) {$recipient = $db->super_query( "SELECT name, email, fullname FROM " . USERPREFIX . "_users WHERE user_id='" . $recip . "' AND user_group = '1'" );
} else {$recipient = $db->super_query( "SELECT name, email, fullname FROM " . USERPREFIX . "_users WHERE user_id='" . $recip . "' AND allow_mail = '1'" );}
if( empty( $recipient['fullname'] ) ) $recipient['fullname'] = $recipient['name'];
if (!$recipient['name']) $stop .= $lang['feed_err_8'];
if( empty( $name ) OR strlen( $name ) > 100 ) {$stop .= $lang['feed_err_1'];}
if( empty( $email ) OR strlen($email) > 50 OR @count(explode("@", $email)) != 2) {$stop .= $lang['feed_err_2'];}
if( empty( $subject ) OR strlen($subject) > 200 ) {$stop .= $lang['feed_err_4'];}
if( empty( $message ) OR strlen($message) > 20000 ) {$stop .= $lang['feed_err_5'];}
if( $_POST['sec_code'] != $_SESSION['sec_code_session'] OR ! $_SESSION['sec_code_session'] ) {$stop .= $lang['reg_err_19'];}
$_SESSION['sec_code_session'] = false;
if( $stop ) {msgbox( $lang['all_err_1'], "$stop<br /><br /><a href=\"javascript:history.go(-1)\">$lang[all_prev]</a>" );
} else {
include_once SYSTEM_DIR . '/classes/mail.class.php';
$mail = new dle_mail( $config );
$row = $db->super_query( "SELECT template FROM " . PREFIX . "_email where name='feed_mail' LIMIT 0,1" );
$row['template'] = stripslashes( $row['template'] );
$row['template'] = str_replace( "{%username_to%}", $recipient['fullname'], $row['template'] );
$row['template'] = str_replace( "{%username_from%}", $name, $row['template'] );
$row['template'] = str_replace( "{%text%}", $message, $row['template'] );
$row['template'] = str_replace( "{%ip%}", $_SERVER['REMOTE_ADDR'], $row['template'] );
$mail->from = $email;
$mail->send( $recipient['email'], $subject, $row['template'] );
if( $mail->send_error ) msgbox( $lang['all_info'], $mail->smtp_msg );
else msgbox( $lang['feed_ok_1'], "$lang[feed_ok_2] " . $recipient['name'] . " $lang[feed_ok_3] <a href=\"{$config['http_home_url']}\">$lang[feed_ok_4]</a>" );
}} else {
if( ! $user_group[$member_id['user_group']]['allow_feed'] ) {
$group = 2;
$user = false;
if ($_GET['user']) {
$lang['feed_error'] = str_replace( '{group}', $user_group[$member_id['user_group']]['group_name'], $lang['feed_error'] );
msgbox( $lang['all_info'], $lang['feed_error'] );
}} else {
$user = intval( $_GET['user'] );
$group = 3;
}
if( ! $user ) $db->query( "SELECT name, user_group, user_id FROM " . USERPREFIX . "_users WHERE user_group < '$group' AND allow_mail = '1' ORDER BY user_group" );
else $db->query( "SELECT name, user_group, user_id FROM " . USERPREFIX . "_users WHERE user_id = '$user' AND allow_mail = '1'" );
if( $db->num_rows() ) {
$empf = "<select name=\"recip\">";
$i = 1;
while ( $row = $db->get_array() ) {
$str = $row['name'] . " (" . stripslashes( $user_group[$row['user_group']]['group_name'] ) . ")";
if( $i == 1 ) {
$empf .= "<option selected=\"selected\" value=\"" . $row["user_id"] . "\">" . $str . "</option>\n";
} else {
$empf .= "<option value=\"" . $row["user_id"] . "\">" . $str . "</option>\n";
}
$i ++;
}
$empf .= "</select>";
$db->free();
$tpl->load_template( 'feedback.tpl' );
$path = parse_url( $config['http_home_url'] );
$tpl->set( '{recipient}', $empf );
$tpl->set( '{code}', "<span id=\"dle-captcha\"><a onclick=\"reload(); return false;\" href=\"#\"><img src=\"" . $path['path'] . "system/modules/antibot.php\" alt=\"{$lang['sec_image']}\" border=\"0\" /></a></span>" );
if( ! $is_logged ) {
$tpl->set( '[not-logged]', "" );
$tpl->set( '[/not-logged]', "" );
} else
$tpl->set_block( "'\\[not-logged\\](.*?)\\[/not-logged\\]'si", "" );
$tpl->copy_template = "<form method=\"post\" name=\"sendmail\" onsubmit=\"if(document.sendmail.subject.value == '' || document.sendmail.message.value == ''){alert('{$lang['comm_req_f']}');return false}\" action=\"\">\n" . $tpl->copy_template . "
<input name=\"send\" type=\"hidden\" value=\"send\" />
</form>";
$tpl->copy_template .= <<<HTML
<script language="javascript" type="text/javascript">
<!--
function reload () {
var rndval = new Date().getTime();
document.getElementById('dle-captcha').innerHTML = '<a onclick="reload(); return false;" href="#"><img src="{$path['path']}system/modules/antibot.php?rndval=' + rndval + '" border="0" width="120" height="50" alt="" /></a>';
};
//-->
</script>
HTML;
$tpl->compile( 'content' );
$tpl->clear();
} else {
msgbox( $lang['all_err_1'], $lang['feed_err_7'] );
}
}
?>

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.0 KiB

View File

@@ -0,0 +1,61 @@
<?php
if(!defined('DATALIFEENGINE')){die("Hacking attempt!");}
@include SYSTEM_DIR.'/data/forum_config.php';
$forum_config['site_inpage'] = '5';
if ($forum_config['site_inpage'] and !$do)
{
$forum_table = $cache->open('forum_show_last_' . $member_id['user_group']);
if (!$forum_table)
{
if ($forum_config['hide_forum']){$access_hide = "WHERE ". PREFIX ."_forum_forums.access_read regexp '[[:<:]](".$member_id['user_group'].")[[:>:]]'";}
else { $access_hide = ""; }
$result = $db->query("SELECT topics.tid, topics.forum_id, topics.title, topics.author_topic, topics.last_poster_name, topics.post, topics.last_date, users.foto
FROM " . PREFIX . "_forum_topics as topics
LEFT JOIN ". PREFIX ."_users as users ON users.name = topics.last_poster_name
LEFT JOIN ". PREFIX ."_forum_forums ON topics.forum_id = ". PREFIX ."_forum_forums.id {$access_hide}
GROUP BY topics.last_date DESC LIMIT ".$forum_config['site_inpage']."");
while ($row = $db->get_row ($result))
{
$author_topic = urlencode ($row['author_topic']);
$last_poster_name = urlencode ($row['last_poster_name']);
$row['last_date'] = strtotime($row['last_date']);
if (date(Ymd, $row['last_date']) == date(Ymd, $_TIME)){
$show_date = $lang['time_heute'].langdate(", H:i", $row['last_date']);
}elseif (date(Ymd, $row['last_date']) == date(Ymd, ($_TIME - 86400))){
$show_date = $lang['time_gestern'].langdate(", H:i", $row['last_date']);
}else{$show_date = langdate($forum_config['timestamp'], $row['last_date']);
}
if( $row['foto'] and (file_exists( ROOT_DIR . "/uploads/fotos/" . $row['foto'] )) ) $fotos = $config['http_home_url'] . "uploads/fotos/" . $row['foto'];
else $fotos = $config['http_home_url'] . "{THEME}/images/noavatar.png";
$tpl->set('{foto}', $fotos);
$tpl->load_template('forum_last_list.tpl');
$tpl->set('{fl_forum}', "<a href='/forum/forum_{$row['id']}'>{$row['name']}</a>");
$tpl->set('{fl_topic}', "<a href='/forum/topic_$row[tid]/last#reply'>{$row['title']}</a>");
$tpl->set('{fl_post}', $row['post']);
//$tpl->set('{fl_views}', $row['views']);
//$tpl->set('{fl_author}', "<a href='/user/{$author_topic}/'>{$row['author_topic']}</a>");
$tpl->set('{fl_last_date}', $show_date);
$tpl->set('{fl_last_poster}', "<a href='/user/{$last_poster_name}/'>{$row['last_poster_name']}</a>");
$tpl->compile('forum_last_list');
$tpl->clear();
}
$tpl->load_template('forum_last.tpl');
$tpl->set('{last_list}', $tpl->result["forum_last_list"]);
$tpl->compile('forum_table');
$tpl->clear();
$cache->save('forum_show_last_' . $member_id['user_group'], $tpl->result['forum_table']);
}else{
$tpl->result['forum_table'] = $forum_table;
}
}
?>

View File

@@ -0,0 +1,708 @@
<?PHP
if( ! defined( 'DATALIFEENGINE' ) ) {die( "Hacking attempt!" );}
require_once SYSTEM_DIR . '/classes/cache.class.php';
$cache = new cache($dir = ROOT_DIR . '/cache');
function mksize($bytes) {
if ($bytes < 1000)
return $bytes. " b";
if ($bytes < 1000 * 1024)
return number_format($bytes / 1024, 2) . " Kb";
if ($bytes < 1000 * 1048576)
return number_format($bytes / 1048576, 2) . " Mb";
if ($bytes < 1000 * 1073741824)
return number_format($bytes / 1073741824, 2) . " Gb";
if ($bytes < 1000 * 1099511627776)
return number_format($bytes / 1099511627776, 2) . " Tb";
if ($bytes < 1000 * 1125899906842620)
return number_format($bytes / 1125899906842620, 2) . " Pb";
if ($bytes < 1000 * 1152921504606850000)
return number_format($bytes / 1152921504606850000, 2) . " Eb";
}
class microTimer {
function start() {
global $starttime;
$mtime = microtime();
$mtime = explode( ' ', $mtime );
$mtime = $mtime[1] + $mtime[0];
$starttime = $mtime;
}
function stop() {
global $starttime;
$mtime = microtime();
$mtime = explode( ' ', $mtime );
$mtime = $mtime[1] + $mtime[0];
$endtime = $mtime;
$totaltime = round( ($endtime - $starttime), 5 );
return $totaltime;
}
}
function totranslit( $var, $lower = true, $punkt = true ) {
global $langtranslit;
if ( is_array($var) ) return "";
if (!is_array ( $langtranslit ) OR !count( $langtranslit ) ) {
$langtranslit = array('à' => 'a', 'á' => 'b', 'â' => 'v', 'ã' => 'g', 'ä' => 'd', 'å' => 'e', '¸' => 'e', 'æ' => 'zh', 'ç' => 'z', 'è' => 'i', 'é' => 'y', 'ê' => 'k', 'ë' => 'l', 'ì' => 'm', 'í' => 'n', 'î' => 'o', 'ï' => 'p', 'ð' => 'r', 'ñ' => 's', 'ò' => 't', 'ó' => 'u', 'ô' => 'f', 'õ' => 'h', 'ö' => 'c', '÷' => 'ch', 'ø' => 'sh', 'ù' => 'sch', 'ü' => '', 'û' => 'y', 'ú' => '', 'ý' => 'e', 'þ' => 'yu', 'ÿ' => 'ya', "¿" => "yi", "º" => "ye",
'À' => 'A', 'Á' => 'B', 'Â' => 'V', 'Ã' => 'G', 'Ä' => 'D', 'Å' => 'E', '¨' => 'E', 'Æ' => 'Zh', 'Ç' => 'Z', 'È' => 'I', 'É' => 'Y', 'Ê' => 'K', 'Ë' => 'L', 'Ì' => 'M', 'Í' => 'N', 'Î' => 'O', 'Ï' => 'P', 'Ð' => 'R', 'Ñ' => 'S', 'Ò' => 'T', 'Ó' => 'U', 'Ô' => 'F', 'Õ' => 'H', 'Ö' => 'C', '×' => 'Ch', 'Ø' => 'Sh', 'Ù' => 'Sch', 'Ü' => '', 'Û' => 'Y', 'Ú' => '', 'Ý' => 'E', 'Þ' => 'Yu', 'ß' => 'Ya', "¯" => "yi", "ª" => "ye",);
}
$var = trim( strip_tags( $var ) );
$var = preg_replace( "/\s+/ms", "-", $var );
$var = str_replace( "/", "-", $var );
$var = strtr($var, $langtranslit);
if( $punkt ) {$var = preg_replace( "/[^a-z0-9\_\-.]+/mi", "", $var );}else{$var = preg_replace( "/[^a-z0-9\_\-]+/mi", "", $var );}
$var = preg_replace( '#[\-]+#i', '-', $var );
if( $lower ) {$var = strtolower( $var );}
$var = str_ireplace( ".php", "", $var );
$var = str_ireplace( ".php", ".ppp", $var );
if( strlen( $var ) > 50 ) {
$var = substr( $var, 0, 50 );
if( ($temp_max = strrpos( $var, '-' )) ) $var = substr( $var, 0, $temp_max );
}
return $var;
}
function langdate($format, $stamp) {
global $langdate;
return strtr( @date( $format, $stamp ), $langdate );
}
function mcdate($format, $stamp) {
global $langdate, $config;
$today = strtotime(date("Y-m-d.", time()+ ($config['date_adjust']*60)));
if ($stamp > $today) return "" . date ("H:i:s", $stamp);
elseif ($stamp > ($today - 86400)) return "". date ("H:i:s", $stamp);
else return strtr(date($format, $stamp), $langdate);
}
function msgbox($title, $text) {
global $tpl;
$tpl_2 = new dle_template( );
$tpl_2->dir = TEMPLATE_DIR;
$tpl_2->load_template( 'info.tpl' );
$tpl_2->set( '{error}', $text );
$tpl_2->set( '{title}', $title );
$tpl_2->compile( 'info' );
$tpl_2->clear();
$tpl->result['info'] .= $tpl_2->result['info'];
}
function ShortRating($id, $rating, $allow = true) {
global $config, $lang;
if ($rating) $rating = round($rating, 0); else $rating = 0;
if ($rating > 0) $rating = "<font color=\"green\">".$rating."</font>"; elseif ($rating == 0) $rating="".$rating."</font>"; else $rating = "<font color=\"red\">".$rating."</font>";
if (!$allow) {
$rated = <<<HTML
<div id="ratig-layer">
<img src="/templates/default/images/down_off.png" alt="Íå íðàâèòñÿ(-)" border="0" style="cursor:hand; border:0; vertical-align:middle;" />
<a href="#" class="vote_link" onclick="voted_list({$id}); return false;">{$rating}</a>
<img src="/templates/default/images/up_off.png" alt="Íðàâèòñÿ(+)" border="0" style="cursor:hand; border:0; vertical-align:middle;" />
</div>
HTML;
return $rated;
}
$rated = "<span id=\"ratig-layer-" . $id . "\">";
$rated .= <<<HTML
<div id="ratig-layer">
<a href="#" title="Íðàâèòñÿ(+)" alt="Íå íðàâèòñÿ(-)" class="r2-unit" onclick="Rate('-1', '{$id}', '1'); return false;">
<img src="{THEME}/images/down.png" alt="Íå íðàâèòñÿ(-)" border="0" style="cursor:hand; border:0; vertical-align:middle;"/>
</a>
<a href="#" class="vote_link" onclick="voted_list({$id}); return false;">{$rating}</a>
<a href="#" title="Íðàâèòñÿ(+)" alt="Íðàâèòñÿ(+)" class="r2-unit" onclick="Rate('1', '{$id}', '1'); return false;">
<img src="{THEME}/images/up.png" alt="Íðàâèòñÿ(+)" border="0" style="cursor:hand; border:0; vertical-align:middle;"/>
</a>
</div>
HTML;
$rated .= "</span>";
return $rated;
}
function CommRating ($id, $commrating, $allow = true){
global $is_logged, $member_id, $config, $lang, $db;
if ($commrating) $commrating = round($commrating, 0); else $commrating = 0;
switch($commrating) {
case ($commrating >= 0):
$commrating = '<span style="color: #009900;">+'.$commrating.'</span>';
break;
case ($commrating <= 0):
$commrating = '<span style="color: #FF0000;">'.$commrating.'</span>';
break;
case($commrating == 0):
$commrating = '<span style="color: #000000;">'.$commrating.'</span>';
break;
}
if (!$allow) {
$commrated = <<<HTML
<span id="cratig-layer-{$id}">
<img title="Ïîääåðæèâàþ" src="/templates/default/images/comm_up_off.gif" border="0" align="middle" style="padding-bottom:5px; padding-right:5px;">
{$commrating}
<img title="Íå ïîääåðæèâàþ" src="/templates/default/images/comm_down_off.gif" border="0" align="middle" style="padding-bottom:5px; padding-left:5px; padding-right:5px;">
</span>
HTML;
return $commrated;
}
$commrated .= <<<HTML
<span id="cratig-layer-{$id}">
<a href="#" title="+" class="r2-unit" onclick="Rate('+1', '{$id}', '2'); return false;"><img title="Ïîääåðæèâàþ" src="{THEME}/images/comm_up.gif" border="0" align="middle" style="padding-bottom:5px; padding-right:5px;"></a>
{$commrating}
<a href="#" title="-" class="r1-unit" onclick="Rate('-1', '{$id}', '2'); return false;"><img title="Íå ïîääåðæèâàþ" src="{THEME}/images/comm_down.gif" border="0" align="middle" style="padding-bottom:5px; padding-left:5px; padding-right:5px;"></a>
</span>
HTML;
return $commrated;
}
function CategoryNewsSelection($categoryid = 0, $parentid = 0, $nocat = TRUE, $sublevelmarker = '', $returnstring = '') {
global $cat_info, $user_group, $member_id;
$allow_list = explode( ',', $user_group[$member_id['user_group']]['allow_cats'] );
$spec_list = explode( ',', $user_group[$member_id['user_group']]['cat_add'] );
$root_category = array ();
if( $parentid == 0 ) {if( $nocat ) $returnstring .= '<option value="0"></option>';
} else {$sublevelmarker .= '&nbsp;&nbsp;&nbsp;';}
if( count( $cat_info ) ) {
foreach ( $cat_info as $cats ) {if( $cats['parentid'] == $parentid ) $root_category[] = $cats['id'];}
if( count( $root_category ) ) {
foreach ( $root_category as $id ) {
if( $allow_list[0] == "all" or in_array( $id, $allow_list ) ) {
if( $spec_list[0] == "all" or in_array( $id, $spec_list ) ) $color = "black"; else $color = "red";
$returnstring .= "<option style=\"color: {$color}\" value=\"" . $id . '" ';
if( is_array( $categoryid ) ) {
foreach ( $categoryid as $element ) {if( $element == $id ) $returnstring .= 'SELECTED';
}} elseif( $categoryid == $id ) $returnstring .= 'SELECTED';
$returnstring .= '>' . $sublevelmarker . $cat_info[$id]['name'] . '</option>';
}$returnstring = CategoryNewsSelection( $categoryid, $id, $nocat, $sublevelmarker, $returnstring );
}}}
return $returnstring;
}
// Ajax êàòåãîðèé
function CategoryNewsSelectioh(){
global $cat_info;
foreach ($cat_info as $ccccc){
$aaaaa = $ccccc['parentid'];
if ($aaaaa == '0'){
$returnstring .= "<option value=\"" . $ccccc['id'] . '" ';
$returnstring .= '>' . $cat_info[$ccccc['id']]['name'] . '</option>';
}}
return $returnstring;
}
function CategoryNewsSelectiod($idd){
global $cat_info;
$retng = "<select name=\"catlist[]\">";
foreach ($cat_info as $ccccd){
$aaaab = $ccccd['parentid'];
if ($aaaab == $idd){$retng .= '<option value="' . $ccccd['id'] . '">' . $cat_info[$ccccd['id']]['name'] . '</option>';}
}$retng .= "</select>";
return $retng;
}
// Ajax êàòåãîðèé
function get_ID($cat_info, $category) {
foreach ( $cat_info as $cats ) {if( $cats['alt_name'] == $category ) return $cats['id'];}
return false;
}
function filesize_url($url) {
return ($data = @file_get_contents( $url )) ? strlen( $data ) : false;
}
function ChangeSkin($dir, $skin) {
$templates_list = array ();
$handle = opendir( $dir );
while ( false !== ($file = readdir( $handle )) ) {
if( @is_dir( "./templates/$file" ) and ($file != "." AND $file != ".." AND $file != "smartphone") ) {
$templates_list[] = $file;
}}
closedir( $handle );
sort($templates_list);
$skin_list = "<form method=\"post\" action=\"\"><select onchange=\"submit()\" name=\"skin_name\">";
foreach ( $templates_list as $single_template ) {
if( $single_template == $skin ) $selected = " selected=\"selected\""; else $selected = "";
$skin_list .= "<option value=\"$single_template\"" . $selected . ">$single_template</option>";
}
$skin_list .= '</select><input type="hidden" name="action_skin_change" value="yes" /></form>';
return $skin_list;
}
function check_ip($ips) {
$_IP = $_SERVER['REMOTE_ADDR'];
$blockip = FALSE;
if( is_array( $ips ) ) {
foreach ( $ips as $ip_line ) {
$ip_arr = rtrim( $ip_line['ip'] );
$ip_check_matches = 0;
$db_ip_split = explode( ".", $ip_arr );
$this_ip_split = explode( ".", $_IP );
for($i_i = 0; $i_i < 4; $i_i ++) {
if( $this_ip_split[$i_i] == $db_ip_split[$i_i] or $db_ip_split[$i_i] == '*' ) {$ip_check_matches += 1;
}}
if( $ip_check_matches == 4 ) {
$blockip = $ip_line['ip'];
break;
}}}
return $blockip;
}
function check_netz($ip1, $ip2) {
$ip1 = explode( ".", $ip1 );
$ip2 = explode( ".", $ip2 );
if( $ip1[0] != $ip2[0] ) return false;
if( $ip1[1] != $ip2[1] ) return false;
return true;
}
function show_file ($story, $id, $static = false){
global $db, $config, $lang, $user_group, $member_id;
if ($static){
if (is_array ($id) and count ($id)) $where = "static_id IN (" . implode (",", $id) . ")";
else $where = "static_id = '".intval($id)."'";
$db->query ("SELECT id, name, onserver, dcount FROM " . PREFIX . "_static_files WHERE $where");
$area = "&amp;area=static";
}else{
if (is_array ($id) and count ($id)) $where = "news_id IN (" . implode (",", $id) . ")";
else $where = "news_id = '".intval($id)."'";
$db->query ("SELECT id, name, onserver, dcount FROM " . PREFIX . "_files WHERE $where");
$area = "";
}
while ($row = $db->get_row ()){
$size = mksize (@filesize (ROOT_DIR . '/uploads/files/' . $row['onserver']));
$row['name'] = explode ("/", $row['name']);
$row['name'] = end ($row['name']);
$find_1[] = '[file=' . $row['id'] . ']';
$find_2[] = "#\[file={$row['id']}:(.+?)\]#i";
if (!$user_group[$member_id['user_group']]['allow_files']){
$replace_1[] = "<span class=\"attachment\">{$lang['att_denied']}</span>";
$replace_2[] = "<span class=\"attachment\">{$lang['att_denied']}</span>";
}else{
$replace_1[] = "<span class=\"attachment\"><a href=\"{$config['http_home_url']}system/file.php?id={$row['id']}{$area}\" >{$row['name']}</a> [{$size}] ({$lang['att_dcount']} {$row['dcount']})</span>";
$replace_2[] = "<span class=\"attachment\"><a href=\"{$config['http_home_url']}system/file.php?id={$row['id']}{$area}\" >\\1</a> [{$size}] ({$lang['att_dcount']} {$row['dcount']})</span>";
}
}
$db->free();
$story = str_replace ( $find_1, $replace_1, $story );
$story = preg_replace( $find_2, $replace_2, $story );
return $story;
}
function show_torrent ($story, $id){
global $db, $config, $user_group, $member_id, $tpl;
if (is_array($id) AND count($id))$where = "news_id IN (".implode(",", $id).")";
else $where = "news_id = '".intval($id)."'";
$db->query("SELECT * FROM " . PREFIX . "_torrents WHERE $where");
while($row = $db->get_row()){
$tpl->load_template('torrent.tpl');
$file_size = mksize(@filesize ( ROOT_DIR . '/uploads/torrents/' . $row['onserver'] ));
$size = mksize($row['size']);
$hash = bin2hex($row['info_hash']);
if ($row['seeders']=='0') $seeders = 'Ñèäû áóäóò ïîëó÷åíû ïðè çàêà÷êå'; else $seeders = $row['seeders'];
if (!$user_group[$member_id['user_group']]['allow_files']) $link=""; else $link = "{$config['http_home_url']}download.php?id={$row['id']}'";
$tpl->set('{rowid}', $row['id']);
$tpl->set('{name}', $row['name']);
$tpl->set('{downs}', $row['dcount']);
$tpl->set('{complited}', $row['completed']);
$tpl->set('{seeders}', $seeders);
$tpl->set('{leechers}', $row['leechers']);
$tpl->set('{hash}', $hash);
$tpl->set('{size}', $size);
$tpl->set('{file_size}', $file_size);
$tpl->set('{link}', $link);
//$tpl->set('{torrent_files}', $spisokfile );
$tpl->compile('torrent');
$show = $tpl->result['torrent'] ;
$tpl->clear();
$story = str_replace( '[torrent='. $row['id'] .']', $show, $story );
}
$db->free();
return $story;
}
function create_keywords($story) {
global $metatags;
$keyword_count = 20;
$newarr = array ();
$quotes = array ("\x22", "\x60", "\t", "\n", "\r", ",", ".", "/", "¬", "#", ";", ":", "@", "~", "[", "]", "{", "}", "=", "-", "+", ")", "(", "*", "^", "%", "$", "<", ">", "?", "!", '"' );
$fastquotes = array ("\x22", "\x60", "\t", "\n", "\r", '"', "\\", '\r', '\n', "/", "{", "}", "[", "]" );
$story = preg_replace( "'\[hide\](.*?)\[/hide\]'si", "", $story );
$story = preg_replace( "'\[file=(.*?)\]'si", "", $story );
$story = preg_replace( "'\[torrent=(.*?)\]'si", "", $story );
$story = str_replace( "&nbsp;", " ", $story );
$story = str_replace( $fastquotes, '', trim( strip_tags( str_replace( '<br />', ' ', stripslashes( $story ) ) ) ) );
$metatags['description'] = substr( $story, 0, 190 );
$story = str_replace( $quotes, '', $story );
$arr = explode( " ", $story );
foreach ( $arr as $word ) {if( strlen( $word ) > 4 ) $newarr[] = $word;}
$arr = array_count_values( $newarr );
arsort( $arr );
$arr = array_keys( $arr );
$total = count( $arr );
$offset = 0;
$arr = array_slice( $arr, $offset, $keyword_count );
$metatags['keywords'] = implode( ", ", $arr );
}
function allowed_ip($ip_array) {
$ip_array = trim( $ip_array );
if( $ip_array == "" ) {return true;}
$ip_array = explode( "|", $ip_array );
$db_ip_split = explode( ".", $_SERVER['REMOTE_ADDR'] );
foreach ( $ip_array as $ip ) {
$ip_check_matches = 0;
$this_ip_split = explode( ".", trim( $ip ) );
for($i_i = 0; $i_i < 4; $i_i ++) {
if( $this_ip_split[$i_i] == $db_ip_split[$i_i] or $this_ip_split[$i_i] == '*' ) {
$ip_check_matches += 1;
}}if( $ip_check_matches == 4 ) return true;
}return FALSE;
}
function news_permission($id) {
if( $id == "" ) return;
$data = array ();
$groups = explode( "|", $id );
foreach ( $groups as $group ) {
list ( $groupid, $groupvalue ) = explode( ":", $group );
$data[$groupid] = $groupvalue;
}return $data;
}
function get_sub_cats($id, $subcategory = '') {
global $cat_info;
$subfound = array ();
if( $subcategory == '' ) $subcategory = $id;
foreach ( $cat_info as $cats ) {if( $cats['parentid'] == $id ) {$subfound[] = $cats['id'];}}
foreach ( $subfound as $parentid ) {
$subcategory .= "|" . $parentid;
$subcategory = get_sub_cats( $parentid, $subcategory );
}return $subcategory;
}
function check_xss() {
$url = html_entity_decode( urldecode( $_SERVER['QUERY_STRING'] ) );
$url = str_replace( "\\", "/", $url );
if( $url ) {
if( (strpos( $url, '<' ) !== false) || (strpos( $url, '>' ) !== false) || (strpos( $url, '"' ) !== false) || (strpos( $url, './' ) !== false) || (strpos( $url, '../' ) !== false) || (strpos( $url, '\'' ) !== false) || (strpos( $url, '.php' ) !== false) ) {
if( $_GET['do'] != "search" or $_GET['subaction'] != "search" ) die( "Hacking attempt!" );
}}
$url = html_entity_decode( urldecode( $_SERVER['REQUEST_URI'] ) );
$url = str_replace( "\\", "/", $url );
if( $url ) {
if( (strpos( $url, '<' ) !== false) || (strpos( $url, '>' ) !== false) || (strpos( $url, '"' ) !== false) || (strpos( $url, '\'' ) !== false) ) {
if( $_GET['do'] != "search" or $_GET['subaction'] != "search" ) die( "Hacking attempt!" );
}}
}
function check_category($cats, $block, $category, $action = true) {
$cats = str_replace(" ", "", $cats );
$cats = explode( ',', $cats );
$category = explode( ',', $category );
$found = false;
foreach ( $category as $element ) {
if( $action ) {
if( in_array( $element, $cats ) ) {$block = str_replace( '\"', '"', $block ); return $block;}
} else {
if( in_array( $element, $cats ) ) {$found = true;}
}}
if ( !$action AND !$found ) {$block = str_replace( '\"', '"', $block ); return $block;}
return "";
}
function clean_url($url) {
if( $url == '' ) return;
$url = str_replace( "http://", "", strtolower( $url ) );
$url = str_replace( "https://", "", $url );
if( substr( $url, 0, 4 ) == 'www.' ) $url = substr( $url, 4 );
$url = explode( '/', $url );
$url = reset( $url );
$url = explode( ':', $url );
$url = reset( $url );
return $url;
}
function get_url($id) {
global $cat_info;
if( ! $id ) return;
$parent_id = $cat_info[$id]['parentid'];
$url = $cat_info[$id]['alt_name'];
while ( $parent_id ) {
$url = $cat_info[$parent_id]['alt_name'] . "/" . $url;
$parent_id = $cat_info[$parent_id]['parentid'];
if( $cat_info[$parent_id]['parentid'] == $cat_info[$parent_id]['id'] ) break;
}
return $url;
}
function get_categories($id) {
global $cat_info, $config, $PHP_SELF;
if( ! $id ) return;
$parent_id = $cat_info[$id]['parentid'];
$list = "<a href=\"" . $config['http_home_url'] . get_url( $id ) . "/\">{$cat_info[$id]['name']}</a>";
while ( $parent_id ) {
$list = "<a href=\"" . $config['http_home_url'] . get_url( $parent_id ) . "/\">{$cat_info[$parent_id]['name']}</a>" . " &raquo; " . $list;
$parent_id = $cat_info[$parent_id]['parentid'];
if( $cat_info[$parent_id]['parentid'] == $cat_info[$parent_id]['id'] ) break;
}
return $list;
}
$domain_cookie = explode (".", clean_url( $_SERVER['HTTP_HOST'] ));
$domain_cookie_count = count($domain_cookie);
$domain_allow_count = -2;
if ( $domain_cookie_count > 2 ) {
if ( in_array($domain_cookie[$domain_cookie_count-2], array('com', 'net', 'org') )) $domain_allow_count = -3;
if ( $domain_cookie[$domain_cookie_count-1] == 'ua' ) $domain_allow_count = -3;
$domain_cookie = array_slice($domain_cookie, $domain_allow_count);
}
$domain_cookie = "." . implode (".", $domain_cookie);
if( ip2long($_SERVER['HTTP_HOST']) != -1 AND ip2long($_SERVER['HTTP_HOST']) !== FALSE ) define( 'DOMAIN', null );
else define( 'DOMAIN', $domain_cookie );
function set_cookie($name, $value, $expires) {
if( $expires ) {$expires = time() + ($expires * 86400);
} else {$expires = FALSE;}
if( PHP_VERSION < 5.2 ) {setcookie( $name, $value, $expires, "/", DOMAIN . "; HttpOnly" );
} else {setcookie( $name, $value, $expires, "/", DOMAIN, NULL, TRUE );}
}
function news_sort($do) {
global $config, $lang;
if( ! $do ) $do = "main";
$find_sort = "dle_sort_" . $do;
$direction_sort = "dle_direction_" . $do;
$find_sort = str_replace( ".", "", $find_sort );
$direction_sort = str_replace( ".", "", $direction_sort );
$sort = array ();
$allowed_sort = array ('date', 'rating', 'news_read', 'comm_num', 'title' );
$soft_by_array = array (
'date' => array ('name' => $lang['sort_by_date'], 'value' => "date", 'direction' => "desc", 'image' => "" ),
'rating' => array ('name' => $lang['sort_by_rating'], 'value' => "rating", 'direction' => "desc", 'image' => "" ),
'news_read' => array ('name' => $lang['sort_by_read'], 'value' => "news_read", 'direction' => "desc", 'image' => "" ),
'comm_num' => array ('name' => $lang['sort_by_comm'], 'value' => "comm_num", 'direction' => "desc", 'image' => "" ),
'title' => array ('name' => $lang['sort_by_title'], 'value' => "title", 'direction' => "desc", 'image' => "" )
);
if( $_SESSION[$direction_sort] == "desc" or $_SESSION[$direction_sort] == "asc" ) $direction = $_SESSION[$direction_sort]; else $direction = $config['news_msort'];
if( $_SESSION[$find_sort] and in_array( $_SESSION[$find_sort], $allowed_sort ) ) $soft_by = $_SESSION[$find_sort]; else $soft_by = $config['news_sort'];
if( strtolower( $direction ) == "asc" ) {
$soft_by_array[$soft_by]['image'] = "<img src=\"{THEME}/images/asc.gif\" alt=\"\" />";
$soft_by_array[$soft_by]['direction'] = "desc";
} else {
$soft_by_array[$soft_by]['image'] = "<img src=\"{THEME}/images/desc.gif\" alt=\"\" />";
$soft_by_array[$soft_by]['direction'] = "asc";
}
foreach ( $soft_by_array as $value ) {$sort[] = $value['image'] . "<a href=\"#\" onclick=\"news_change_sort('{$value['value']}','{$value['direction']}'); return false;\">" . $value['name'] . "</a>";}
$sort = "<form name=\"news_set_sort\" id=\"news_set_sort\" method=\"post\" action=\"\" >" . implode( " | ", $sort );
$sort .= <<<HTML
<input type="hidden" name="dlenewssortby" id="dlenewssortby" value="{$config['news_sort']}" />
<input type="hidden" name="dledirection" id="dledirection" value="{$config['news_msort']}" />
<input type="hidden" name="set_new_sort" id="set_new_sort" value="{$find_sort}" />
<input type="hidden" name="set_direction_sort" id="set_direction_sort" value="{$direction_sort}" />
HTML;
return $sort;
}
function comm_sort(){
global $config;
if (isset($_SESSION['dle_comm_sort']) and ($_SESSION['dle_comm_sort'] == "DESC" or $_SESSION['dle_comm_sort'] == "ASC")){
$conf_comm_msort = $_SESSION['dle_comm_sort'];
}else{$conf_comm_msort = $config['comm_msort'];}
if ($conf_comm_msort == "ASC"){
$value_image = '<img src="{THEME}/images/asc.gif" />';
$value_sorts = "DESC";
}else{
$value_image = '<img src="{THEME}/images/desc.gif" />';
$value_sorts = "ASC";
}
$sort = <<<HTML
<form name="comm_set_sort" id="comm_set_sort" method="post" action="">
{$value_image}<a href="#" onClick="comm_change_sort('{$value_sorts}'); return false;">äàòà</a>
<input type="hidden" name="dle_comm_sort" id="dle_comm_sort" value="{$value_sorts}" />
</form>
HTML;
return $sort;
}
function compare_tags($a, $b) {
if( $a['tag'] == $b['tag'] ) return 0;
return strcasecmp( $a['tag'], $b['tag'] );
}
function convert_unicode($t, $to = 'windows-1251') {
$to = strtolower( $to );
if( $to == 'utf-8' ) {
return $t;
} else {
if( function_exists( 'mb_convert_encoding' ) ) {
$t = mb_convert_encoding( $t, $to, "UTF-8" );
}elseif( function_exists( 'iconv' ) ){
$t = iconv( "UTF-8", $to . "//IGNORE", $t );
}
else $t = "The library iconv is not supported by your server";
}
return $t;
}
function check_smartphone() {
if ( $_SESSION['mobile_enable'] ) return true;
$phone_array = array('iphone', 'android', 'pocket', 'palm', 'windows ce', 'windowsce', 'mobile windows', 'cellphone', 'opera mobi', 'operamobi', 'ipod', 'small', 'sharp', 'sonyericsson', 'symbian', 'symbos', 'opera mini', 'nokia', 'htc_', 'samsung', 'motorola', 'smartphone', 'blackberry', 'playstation portable', 'tablet browser', 'android');
$agent = strtolower( $_SERVER['HTTP_USER_AGENT'] );
foreach ($phone_array as $value) {if ( strpos($agent, $value) !== false ) return true;}
return false;
}
function comm_hide ($hide,$comm){
global $member_id,$is_logged;
if (!$is_logged)
return "<div class=\"quote\">Âíèìàíèå! Ó âàñ íåò ïðàâ äëÿ ïðîñìîòðà ñêðûòîãî òåêñòà.</div>";
else if (intval($member_id["comm_num"])>=intval($hide)) return "<div class=\"quote\">".$comm."</div>";
else return "<div class=\"quote\">Äëÿ ïðîñìîòðà ñêðûòîãî òåêñòà íåîáõîäèìî íàáðàòü <b>" . $hide . "</b> êîììåíòàðèåâ.<br />Ó âàñ <b>".$member_id["comm_num"]."</b> (îñòàëîñü <b>".(intval($hide)-intval($member_id["comm_num"]))."</b>)</div>";
}
function group_hide($group, $text){
global $member_id, $is_logged, $user_group;
if (!$is_logged)
return "<div class=\"quote\">Âíèìàíèå! Ó âàñ íåò ïðàâ äëÿ ïðîñìîòðà ñêðûòîãî òåêñòà.</div>";
else if (intval($member_id['user_group']) >= intval($group)) return "<div class=\"quote\">".$text."</div>";
else return "<div class=\"quote\">Ïðîñìîòð ñêðûòîãî òåêñòà âîçìîæåí òîëüêî ïîëüçîâàòåëÿì ãðóïïû <b>" . $user_group[$group]['group_name'] . "</b></div>";
}
function CreateNavigation( $url, $page, $total, $tpl = "navigation.tpl", $result = "content" ){
if(!$Navigation){
require SYSTEM_DIR . '/classes/navigation.class.php';
$Navigation = new Navigation;
}
$Navigation->URL = $url;
$Navigation->Page = $page;
$Navigation->Total = $total;
$Navigation->Tpl = $tpl;
$Navigation->Compile = $result;
$Navigation->BuildNavigation();
}
function stag () {
$with_us = round( ( time() - $GLOBALS['row']['reg_date']) / 86400);
if ($with_us > 0){
$count_days=1;
$y1="ãîä";$y2="ãîäà";$y3="ëåò";$m1="ìåñÿö";$m2="ìåñÿöa";$m3="ìåñÿöåâ";$d1="äåíü";$d2="äíÿ";$d3="äíåé";
$with_us_year = floor($with_us / 365);
if ($with_us_year >= 1){
if ($with_us_year == 1) $after_y = $y1;
if ($with_us_year > 1 && $with_us_year < 5) $after_y = $y2;
if ($with_us_year > 4) $after_y = $y3;
$years = $with_us_year." ".$after_y;
$with_us = $with_us - ($years * 365);
$count_days=0;
}
$with_us_month = floor($with_us / 31);
if ($with_us_month >= 1){
if ($with_us_month == 1) $after_m = $m1;
if ($with_us_month > 1 && $with_us_month < 5) $after_m = $m2;
if ($with_us_month > 4) $after_m = $m3;
$monthes = $with_us_month." ".$after_m;
$with_us = $with_us - ($monthes * 31);
if ($with_us_month > 6) $count_days=0;
if ($with_us_month == 12) {$years = ($with_us_year+1)." ".$y1;$with_us_month=$monthes=''; }
}
if ($count_days == 1){
if ($with_us > 0){
if ($with_us == 1 || $with_us == 21 || $with_us == 31) $after_d = $d1;
if ($with_us > 1 && $with_us < 5) $after_d = $d2;
if ($with_us > 4 && $with_us < 21) $after_d = $d3;
if ($with_us > 21 && $with_us < 25) $after_d = $d2;
if ($with_us > 24 && $with_us < 31) $after_d = $d3;
$days = $with_us." ".$after_d;
}}
$stag = $years." ".$monthes." ".$days;
unset($years); unset($monthes); unset($days);
return $stag;
}
$stag = 0;
return $stag;
}
function json_decode_from_class( $content, $ass = FALSE ) {
require_once SYSTEM_DIR.'/classes/JSON.php';
if ($ass) {$json = new Services_JSON( SERVICES_JSON_LOOSE_TYPE );
} else {$json = new Services_JSON;}
return $json->decode($content);
}
?>

63
system/modules/gzip.php Normal file
View File

@@ -0,0 +1,63 @@
<?php
if(!defined('DATALIFEENGINE'))
{
die("Hacking attempt!");
}
function CheckCanGzip(){
if (headers_sent() || connection_aborted() || !function_exists('ob_gzhandler') || ini_get('zlib.output_compression')) return 0;
if (strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'x-gzip') !== false) return "x-gzip";
if (strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== false) return "gzip";
return 0;
}
function GzipOut($debug=0){
global $config, $Timer, $db, $tpl, $_DOCUMENT_DATE;
$s = "
<!-- Âðåìÿ âûïîëíåíèÿ ñêðèïòà ".$Timer->stop()." ñåêóíä -->
<!-- Âðåìÿ çàòðà÷åííîå íà êîìïèëÿöèþ øàáëîíîâ ".round($tpl->template_parse_time, 5)." ñåêóíä -->
<!-- Âðåìÿ çàòðà÷åííîå íà âûïîëíåíèå MySQL çàïðîñîâ: ".round($db->MySQL_time_taken, 5)." ñåêóíä -->
<!-- Îáùåå êîëè÷åñòâî MySQL çàïðîñîâ ".$db->query_num." -->";
if($_DOCUMENT_DATE)
{
@header ("Last-Modified: " . date('r', $_DOCUMENT_DATE) ." GMT");
}
if ($config['allow_gzip'] != "yes") {if ($debug) echo $s; ob_end_flush(); return;}
$ENCODING = CheckCanGzip();
if ($ENCODING){
$s .= "\n<!-- Äëÿ âûâîäà èñïîëüçîâàëîñü ñæàòèå $ENCODING -->\n";
$Contents = ob_get_contents();
ob_end_clean();
if ($debug){
$s .= "<!-- Îáùèé ðàçìåð ôàéëà: ".strlen($Contents)." áàéò ";
$s .= "Ïîñëå ñæàòèÿ: ".
strlen(gzencode($Contents, 1, FORCE_GZIP)).
" áàéò -->";
$Contents .= $s;
}
header("Content-Encoding: $ENCODING");
$Contents = gzencode($Contents, 1, FORCE_GZIP);
echo $Contents;
exit;
}else{
ob_end_flush();
exit;
}
}
?>

View File

@@ -0,0 +1,38 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {
die( "Hacking attempt!" );
}
$userid = intval( $_REQUEST['userid'] );
$_SESSION['referrer'] = $_SERVER['REQUEST_URI'];
$allow_list = explode( ',', $user_group[$member_id['user_group']]['allow_cats'] );
$where = array ();
if( $userid ) {
$where[] = PREFIX . "_comments.user_id='$userid'";
$user_query = "do=lastcomments&amp;userid=" . $userid;
} else $user_query = "do=lastcomments";
if( $allow_list[0] != "all" ) {
$join = "LEFT JOIN " . PREFIX . "_post ON " . PREFIX . "_comments.post_id=" . PREFIX . "_post.id ";
if( $config['allow_multi_category'] ) {$where[] = PREFIX . "_post.category regexp '[[:<:]](" . implode( '|', $allow_list ) . ")[[:>:]]'";
} else {$where[] = PREFIX . "_post.category IN ('" . implode( "','", $allow_list ) . "')"; }
} else {$join = "";}
if( count( $where ) ) {
$where = implode( " AND ", $where );
$where = "WHERE " . $where;
} else $where = "";
$sql_count = "SELECT COUNT(*) as count FROM " . PREFIX . "_comments " . $join . $where;
$row_count = $db->super_query( $sql_count );
if( $row_count['count'] ) {
include_once SYSTEM_DIR . '/classes/comments.class.php';
$comments = new Comments( $db, $row_count['count'], $config['comm_nummers'] );
$comments->query = "SELECT " . PREFIX . "_comments.id, post_id, " . PREFIX . "_comments.user_id, " . PREFIX . "_comments.date, " . PREFIX . "_comments.autor as gast_name, " . PREFIX . "_comments.email as gast_email, text, ip, is_register, name, " . PREFIX . "_comments.rating, lastdate, " . USERPREFIX . "_users.email, news_num, " . USERPREFIX . "_users.comm_num, user_group, reg_date, signature, foto, fullname, land, icq, repa, repa_mod, repa_off, " . PREFIX . "_post.title, " . PREFIX . "_post.date as newsdate, " . PREFIX . "_post.alt_name, " . PREFIX . "_post.category FROM " . PREFIX . "_comments LEFT JOIN " . PREFIX . "_post ON " . PREFIX . "_comments.post_id=" . PREFIX . "_post.id LEFT JOIN " . USERPREFIX . "_users ON " . PREFIX . "_comments.user_id=" . USERPREFIX . "_users.user_id " . $where . " ORDER BY date desc";
$comments->build_comments('lastcomments' );
$comments->build_navigation('navigation.tpl', false, $user_query);
} else {msgbox( $lang['all_info'], $lang['err_last'] );}
?>

View File

@@ -0,0 +1,113 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {
die( "Hacking attempt!" );
}
if( $is_logged ) {msgbox( $lang['all_info'], $lang['user_logged'] );
} elseif( intval( $_GET['douser'] ) AND $_GET['lostid'] ) {
$douser = intval( $_GET['douser'] );
$lostid = $_GET['lostid'];
$row = $db->super_query( "SELECT lostid FROM " . USERPREFIX . "_lostdb WHERE lostname='$douser'" );
if( $row['lostid'] != "" AND $lostid != "" AND $row['lostid'] == $lostid ) {
$row = $db->super_query( "SELECT email, name FROM " . USERPREFIX . "_users WHERE user_id='$douser' LIMIT 0,1" );
$username = $row['name'];
$lostmail = $row['email'];
if ($_GET['action'] == "ip") {
$db->query( "UPDATE " . USERPREFIX . "_users SET allowed_ip = '' WHERE user_id='$douser'" );
$db->query( "DELETE FROM " . USERPREFIX . "_lostdb WHERE lostname='$douser'" );
$lang['lost_clear_ip_1'] = str_replace("{username}", $username, $lang['lost_clear_ip_1']);
msgbox( $lang['lost_clear_ip'], $lang['lost_clear_ip_1'] );
} else {
$salt = "abchefghjkmnpqrstuvwxyz0123456789";
srand( ( double ) microtime() * 1000000 );
for($i = 0; $i < 9; $i ++) {$new_pass .= $salt{rand( 0, 33 )};}
$db->query( "UPDATE " . USERPREFIX . "_users set password='" . md5( md5( $new_pass ) ) . "' WHERE user_id='$douser'" );
$db->query( "DELETE FROM " . USERPREFIX . "_lostdb WHERE lostname='$douser'" );
include_once SYSTEM_DIR . '/classes/mail.class.php';
$mail = new dle_mail( $config );
$message = $lang['lost_npass']."\n\n{$lang['lost_login']} {$username}\n{$lang['lost_pass']} {$new_pass}\n\n{$lang['lost_info']}\n\n{$lang['lost_mfg']} ".$config['http_home_url'];
$mail->send( $lostmail, $lang['lost_subj'], $message );
msgbox( $lang['lost_gen'], $lang['lost_npass']."<br /><br />{$lang['lost_login']}&nbsp;&nbsp;<b>{$username}</b><br />{$lang['lost_pass']} <b>{$new_pass}</b><br /><br />".$lang['lost_info'] );
}} else {
$db->query( "DELETE FROM " . USERPREFIX . "_lostdb WHERE lostname='$douser'" );
msgbox( $lang['all_err_1'], $lang['lost_err'] );
}} elseif( isset( $_POST['submit_lost'] ) ) {
if( preg_match( "/[\||\'|\<|\>|\[|\]|\"|\!|\?|\$|\/|\\\|\&\~\*\{\+]/", $_POST['lostname'] ) OR !trim($_POST['lostname'])) {msgbox( $lang['all_err_1'], "<ul>".$lang['reg_err_4'] . "</ul><br /><a href=\"javascript:history.go(-1)\">$lang[all_prev]</a>" );
} elseif( $_POST['sec_code'] != $_SESSION['sec_code_session'] or ! $_SESSION['sec_code_session'] ) {msgbox( $lang['all_err_1'], $lang['reg_err_19'] . "<br /><br /><a href=\"javascript:history.go(-1)\">$lang[all_prev]</a>" );
} else {
$_SESSION['sec_code_session'] = false;
$lostname = $db->safesql( $_POST['lostname'] );
if( @count(explode("@", $lostname)) == 2 ) $search = "email = '" . $lostname . "'"; else $search = "name = '" . $lostname . "'";
$db->query( "SELECT user_id, email, name FROM " . USERPREFIX . "_users where {$search} LIMIT 0,1" );
if( $db->num_rows() > 0 ) {
include_once SYSTEM_DIR . '/classes/mail.class.php';
$mail = new dle_mail( $config );
$row = $db->get_row();
$db->free();
$lostmail = $row['email'];
$userid = $row['user_id'];
$lostname = $row['name'];
$row = $db->super_query( "SELECT template FROM " . PREFIX . "_email where name='lost_mail' LIMIT 0,1" );
$row['template'] = stripslashes( $row['template'] );
$salt = "abchefghjkmnpqrstuvwxyz0123456789";
srand( ( double ) microtime() * 1000000 );
for($i = 0; $i < 15; $i ++) {
$rand_lost .= $salt{rand( 0, 33 )};
}
$lostid = sha1( md5( $lostname . $lostmail ) . time() . $rand_lost );
if ( strlen($lostid) != 40 ) die ("US Secure Hash Algorithm 1 (SHA1) disabled by Hosting");
$lostlink = $config['http_home_url'] . "index.php?do=lostpassword&action=password&douser=" . $userid . "&lostid=" . $lostid;
$iplink = $config['http_home_url'] . "index.php?do=lostpassword&action=ip&douser=" . $userid . "&lostid=" . $lostid;
$link = $lang['lost_password']."\n".$lostlink."\n\n".$lang['lost_ip']."\n".$iplink;
$db->query( "DELETE FROM " . USERPREFIX . "_lostdb WHERE lostname='$userid'" );
$db->query( "INSERT INTO " . USERPREFIX . "_lostdb (lostname, lostid) values ('$userid', '$lostid')" );
$row['template'] = str_replace( "{%username%}", $lostname, $row['template'] );
$row['template'] = str_replace( "{%lostlink%}", $link, $row['template'] );
$row['template'] = str_replace( "{%ip%}", $_SERVER['REMOTE_ADDR'], $row['template'] );
$mail->send( $lostmail, $lang['lost_subj'], $row['template'] );
if( $mail->send_error ) msgbox( $lang['all_info'], $mail->smtp_msg );
else msgbox( $lang['lost_ms'], $lang['lost_ms_1'] );
} else {
msgbox( $lang['all_err_1'], $lang['lost_err_1'] );
}
}
} else {
$tpl->load_template( 'lostpassword.tpl' );
$tpl->set( '{code}', "<span id=\"dle-captcha\"><a onclick=\"reload(); return false;\" href=\"#\"><img src=\"" . $path['path'] . "system/modules/antibot.php\" alt=\"{$lang['sec_image']}\" border=\"0\" /></a></span>" );
$tpl->copy_template = "<form method=\"post\" name=\"registration\" action=\"?do=lostpassword\">\n" . $tpl->copy_template . "
<input name=\"submit_lost\" type=\"hidden\" id=\"submit_lost\" value=\"submit_lost\" />
</form>";
$tpl->copy_template .= <<<HTML
<script language="javascript" type="text/javascript">
<!--
function reload () {
var rndval = new Date().getTime();
document.getElementById('dle-captcha').innerHTML = '<a onclick="reload(); return false;" href="#"><img src="{$path['path']}system/modules/antibot.php?rndval=' + rndval + '" border="0" width="120" height="50" alt="" /></a>';
};
//-->
</script>
HTML;
$tpl->compile( 'content' );
$tpl->clear();
}
?>

View File

@@ -0,0 +1,77 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {die( "Hacking attempt!" );}
$gallery = '';
$gallarr=array();
$freeimg=array();
$freelink=array();
$freethumb=array();
$im = 0;
$img_query = $db->query("SELECT * FROM ". PREFIX ."_covers WHERE newsid = '".$row['id']."' ORDER BY id DESC");
while ($img = $db->get_row($img_query)) {
if ($img['thumb'] != '') {
$img_thumb = "<img src='{$config['http_home_url']}uploads{$img['thumb']}' alt='{$row['title']}' />";
} else {
$img_thumb = "<img src='{$config['http_home_url']}uploads{$img['link']}' alt='{$row['title']}' />";
}
if ($im == 0) {
$gallery .= <<<HTML
<li class="slide0" id="slide_s{$im}_{$row['id']}"><a href='{$config['http_home_url']}uploads{$img['link']}' onclick="return hs.expand(this)" alt='{$row['title']}'>{$img_thumb}</a></li>
HTML;
} else {
$gallery .= <<<HTML
<li class="slide" id="slide_s{$im}_{$row['id']}"><a href='{$config['http_home_url']}uploads{$img['link']}' onclick="return hs.expand(this)" alt='{$row['title']}'>{$img_thumb}</a></li>
HTML;
}
$im = $im+1;
$gallarr[]=$im;
$freeimg[$im] = "<a href='{$config['http_home_url']}uploads{$img['link']}' onclick='return hs.expand(this)' alt='{$row['title']}'>{$img_thumb}</a>";
$freelink[$im] = $img['link'];
$freethumb[$im] = $img['thumb'];
}
if ($gallery != ''){
$tpl->set( '[img]', "" );
$tpl->set( '[/img]', "" );
if (count($gallarr) == '1') {
$radio = '';
} else {
$radio = '<div class="navigation">';
for ($jm=0;$jm<count($gallarr);$jm++) {
if ($jm==0) {
$radio .= <<<HTML
<a href="#" class="slink" id="s{$jm}_{$row['id']}">{$gallarr[$jm]}</a>
HTML;
} else {
$radio .= <<<HTML
<a href="#" class="slink" id="s{$jm}_{$row['id']}">{$gallarr[$jm]}</a>
HTML;
}
}
$radio .= '</div>';
}
$gall = '<ul class="gall">'.$gallery.'</ul>';
$gallblock = <<<HTML
<style>.slide{display:none;}</style>
<div class="newsslider" id="newsslider_{$row['id']}">
{$gall}{$radio}
</div>
HTML;
$tpl->set('{gallery}', $gallblock);
} else {
$tpl->set_block( "'\\[img\\](.*?)\\[/img\\]'si", "" );
}
?>

110
system/modules/newslist.php Normal file
View File

@@ -0,0 +1,110 @@
<?
if(!defined('DATALIFEENGINE')){die("Hacking attempt!");}
$word = 40;
$limit = $config['newslist_num'];
if (isset ( $_SESSION['dle_sort_newslist'] )) $news_sort_by = $_SESSION['dle_sort_newslist']; else $news_sort_by = $config['news_sort'];
if (isset ( $_SESSION['dle_direction_newslist'] )) $news_direction_by = $_SESSION['dle_direction_newslist']; else $news_direction_by = $config['news_msort'];
if (isset ( $_REQUEST['category'] )) {
if (substr ( $_GET['category'], - 1, 1 ) == '/') $_GET['category'] = substr ( $_GET['category'], 0, - 1 );
$category = explode ( '/', $_GET['category'] );
$category = end ( $category );
$category = $db->safesql ( strip_tags ( $category ) );
$link_cat = $category ."/";
} else $category = '';
$news_query = "WHERE approve='1' AND allow_main = '1'";
$cat_news_number = "WHERE approve='1' AND allow_main = '1'";
if($category){$cat_name = "WHERE alt_name='".$category."'";}
$result_category = $db->query("SELECT name,alt_name,id,descr,keywords FROM ".PREFIX."_category $cat_name");
$name_category = $db->get_row($result_category);
$meta_description = stripslashes($name_category['descr']);
$meta_keywords = stripslashes($name_category['keywords']);
if($category){
$cat = get_sub_cats( $name_category['id'] );
$cat_news_number = "WHERE `category` regexp '[[:<:]]({$cat})[[:>:]]' AND approve='1'";
$news_query = "WHERE `category` regexp '[[:<:]]({$cat})[[:>:]]' AND approve='1'";
}
/* Äåëàåì çàïðîñ íà ïîäñ÷¸ò êîëè÷åñòâà íîâîñòåé */
$sql_page = "SELECT COUNT(*) as count FROM " . PREFIX . "_post $cat_news_number ORDER BY $news_sort_by $news_direction_by";
$temp = $db->super_query($sql_page);
$posts = $temp['count'];
if($posts > 0){
$page = intval( $_REQUEST['page'] );
$total = intval( ( ( $posts - 1 ) / $limit ) + 1 );
if( $page <= 0 ) $page = 1;
if( $page > $total ) $page = $total;
$start = $page * $limit - $limit;
$i = $start;
$result = $db->query("SELECT id,autor,title,category,alt_name,date,comm_num,rating,news_read FROM ".PREFIX."_post $news_query ORDER BY $news_sort_by $news_direction_by LIMIT " . $start . "," . $limit);
$tpl->load_template('newslist/newslist.tpl');
while($row = $db->get_row($result)){
$i++;
if (strlen($row['title']) > $word) $title = stripcslashes(substr ($row['title'], 0, $word))." ..."; else $title = stripcslashes($row['title']);
$date_news = strtotime($row['date']);
$link = $config['http_home_url'].$row['id']."-".$row['alt_name'].".html";
$date = date("d.m.Y",strtotime($row['date']));
$tpl->set("{date}", $date);
$tpl->set('{spoiler}',"<img style=\"cursor: pointer;\" src=\"/templates/{$config['skin']}/images/newslist_plus.gif\" onclick=\"newslist('".$row['id']."', 'plus'); return false;\" align=\"absmiddle\" border=\"0\" title=\"Ïîêàçàòü êðàòêîå ñîäåðæàíèå ñòàòüè\"></div>");
$tpl->set('{story}','');
$metatags['titles'] = "Âñå íîâîñòè » ".$name_category['name'];
$tpl->copy_template = "<div id=\"news-id-".$row['id']."\">".$tpl->copy_template."</div>";
$tpl->set_block("'\\[ajax\\](.*?)\\[/ajax\\]'si","");
$tpl->set("[not-ajax]", "");
$tpl->set("[/not-ajax]", "");
$set = array(
'{link}' => $link,
'{rating}' => $row['rating'],
'{title}' => $title,
'{coments}' => $row['comm_num'],
'{prosmotr}' => $row['news_read'],
'{author}' => "<a href=\"/user/".$row['autor']."/\">".stripcslashes($row['autor'])."</a>",
'{id}' => $row['id'],
);
$tpl->set('', $set);
$tpl->compile('fileslist');
}
$list = $tpl->result['fileslist'];
$tpl->load_template('newslist/main.tpl');
$tpl->set('{list}', $list);
$tpl->set('[newslist]','');
$tpl->set('[/newslist]','');
$tpl->set ( '{sort}', news_sort ( $do ) );
$tpl->set('{description}', "Ïðîñìîòð êàòåãîðèè: ".$name_category['name']);
/* Óêàçûâàåì ÷òî âñ¸ ýòî íóæíî ãðóçèòü â òåã {content} â main.tpl */
$tpl->set_block("'\[allcat\](.*?)\[/allcat\]'si","");
$tpl->compile('content');
$tpl->clear();
$nav = "/newslist/".$link_cat."page/{page}/";
CreateNavigation( $nav, $page, $total );
$db->free();
}else{
$tpl->load_template('info.tpl');
$metatags['titles'] = "Âñå íîâîñòè » Êàòåãîðèÿ ïóñòà";
$tpl->set('{error}', "Ê ñîæàëåíèþ ýòà êàòåãîðèÿ åù¸ íå èìååò íè îäíó ñòàòüþ, ïîïðîáóéòå çàéòè ïîçæå.");
$tpl->set('{title}', "Êàòåãîðèÿ ïóñòà");
$tpl->compile('content');
$tpl->clear();
}
?>

158
system/modules/online.php Normal file
View File

@@ -0,0 +1,158 @@
<?php
if(!defined('DATALIFEENGINE')) {die("Hacking attempt!");}
$onl_options['separator']=", ";
$onl_useragent = $_SERVER['HTTP_USER_AGENT'];
$ip = $_SERVER['REMOTE_ADDR'];
$ip = str_replace(",", ".", $ip);
if (!$_TIME) $_TIME = time()+($config['date_adjust']*60);
$_TIME=intval($_TIME);
$online_time = $config['user_online']*60;
$datecut = $_TIME - $online_time;
function online_robots($useragent) {
$r_or=false;
$remap_agents = array(
"#.*(yandex|yadirectbot).*#si" => "Yandex",
"#.*(google|accoona|gsa-crawler).*#si" => "Google",
"#.*rambler.*#si" => "Rambler",
'#.*mail.ru.*#si' => "Mail.RU",
"#.*aport.*#si" => "Aport",
"#.*TurtleScanner.*#si" => "Turtle",
"#.*msnbot.*#si" => "MSN",
"#.*yahoo.*#si" => "Yahoo",
"#.*scooter.*#si" => "Altavista",
"#.*lycos.*#si" => "Lycos.com",
"#.*libwww.*#si" => "Punto",
"#.*(is_archiver|archive_org).*#si" => "Archive.org",
"#.*(W3C_Validator|W3C_CSS_Validator).*#si" => "W3C"
);
$result = preg_replace(array_keys($remap_agents), $remap_agents, $useragent);
$r_or = $result == $useragent ? $r_or : $result;
return $r_or;
}
//Ïðîâåðÿåì ïîëüçîâàòåëè è îáíîâëÿåì îíëàéí ñòàòóñ
if(!$member_id['user_id']){
$onl_botname = online_robots($onl_useragent);
}elseif( ($member_id['lastdate'] + $online_time) < $_TIME ){
$db->query("UPDATE LOW_PRIORITY " . USERPREFIX . "_users SET lastdate='{$_TIME}', logged_ip='{$ip}' WHERE user_id='{$member_id['user_id']}'");
}
//if (isset($_COOKIE['lastusername'])) $lastusername = $_COOKIE['lastusername']; else $lastusername = "";
if (isset($_COOKIE['dle_onl_session'])) $onl_session = $_COOKIE['dle_onl_session']; else $onl_session = session_id();
# Óäàëÿåì ëèøíèõ ïîëüçîâàòåëåé èç ñïèñêà â ÁÄ
$db->query("DELETE FROM " . PREFIX . "_online WHERE lastdate < $datecut");
# Îïðåäåëÿåì êîëè÷åñòâî ïîëüçîâàòåëåé ïî êðèòåðèþ è â çàâèñèìîñòè îò ðåçóëüòàòà, âûïîëíÿåì çàïðîñ îáíîâàëåíèÿ èëè ñîçäàíèÿ çàïèñè î ïîëüçîâàòåëå
$onl_query["search_us"]="SELECT COUNT(*) as count FROM " . PREFIX . "_online WHERE session='{$onl_session}'";
$onl_count_user = $db->super_query($onl_query["search_us"]);
if($onl_count_user['count']) {
$onl_query["update_us"]="UPDATE " . PREFIX . "_online SET uid=".intval($member_id['user_id']).", lastdate={$_TIME}, useragent='{$onl_useragent}', ip='{$ip}' WHERE session='{$onl_session}'";
$db->query($onl_query["update_us"]);
} else {
$onl_query["create_us"]="INSERT INTO " . PREFIX . "_online (uid, session, lastdate, useragent, ip) VALUES(".intval($member_id['user_id']).", '{$onl_session}', {$_TIME}, '{$onl_useragent}', '{$ip}')";
$db->query($onl_query["create_us"]);
setcookie("dle_onl_session",session_id(), $_TIME+3600*24*365, "/", $domain);
}
# Âûáèðàåì ïîëüçîâàòåëåé èç ÁÄ
$sql = "SELECT
user.name AS user_name, user.user_group,
online.uid, online.useragent, online.session, online.ip, online.lastdate
FROM " . PREFIX . "_online AS online
LEFT JOIN " . PREFIX . "_users AS user ON(user.user_id = online.uid)
WHERE online.lastdate > $datecut
ORDER BY name ASC";
$onl_userlist_q = $db->query($sql);
# Îáðàáîòêà ïîëó÷åííûõ äàííûõ èç ÁÄ
$onl_guests=$onl_users=$onl_robots=$onl_lusers=$onl_lrobots=0;
while($onl_userlist = $db->get_array($onl_userlist_q)) {
if($onl_userlist['uid']==false) {
$current_robot = online_robots($onl_userlist['useragent']);
if ($current_robot!="") {
if ($onl_onlinebots[$current_robot]['lastdate']<$onl_userlist['lastdate']) {
$onl_onlinebots[$current_robot]['name']=$current_robot;
$onl_onlinebots[$current_robot]['lastdate']=$onl_userlist['lastdate'];
$onl_onlinebots[$current_robot]['ip']=$onl_userlist['ip'];
}
} else $onl_guests++;
} else {
if ($onl_onlineusers[$onl_userlist['uid']]['lastdate']<$onl_userlist['lastdate']) {
$onl_onlineusers[$onl_userlist['uid']]['name']=$onl_userlist['user_name'];
$onl_onlineusers[$onl_userlist['uid']]['lastdate']=$onl_userlist['lastdate'];
$onl_onlineusers[$onl_userlist['uid']]['group']=$onl_userlist['user_group'];
$onl_onlineusers[$onl_userlist['uid']]['useragent']=$onl_userlist['useragent'];
$onl_onlineusers[$onl_userlist['uid']]['ip']=$onl_userlist['ip'];
}
}
}
if (count($onl_onlineusers)) {
foreach ($onl_onlineusers as $uid => $value) {
$onl_users++;
$profile_url = $config['http_home_url']. "user/" . urlencode( $onl_onlineusers[$uid]['name'] ) . "/";
if ($user_group[$onl_onlineusers[$uid]['group']]['colour']){
$group_span = $user_group[$onl_onlineusers[$uid]['group']]['colour'];
$onl_ulink[] = "\n<a href=\"$profile_url\"><span style=\"color:{$group_span}\">".$onl_onlineusers[$uid]['name']."</span></a>";
}else{
$onl_ulink[] = "\n<a href=\"$profile_url\">".$onl_onlineusers[$uid]['name']."</a>";
}
}
}
//unset ($onl_userlist_q, $onl_onlineusers);
$onl_userlist_q=$onl_onlineusers=array();
if (count($onl_onlinebots)) {
foreach ($onl_onlinebots as $name => $value) {
$onl_robots++;
$onl_blink[] = '<span style="cursor:hand;">'.$name.'</span>';
}
}
//unset($onl_onlinebots);
$onl_onlinebots=array();
$tpl->load_template('online.tpl');
# Ñîñòàâëåíèå ñïèñêà ïîëüçîâàòåëåé
if (count($onl_ulink)==0) {
$onl_userlist .= "Îòñóòñòâóþò";
}
for($i=0;$i<count($onl_ulink);$i++) {
$onl_userlist .= $onl_ulink[$i].$onl_options['separator'];
}
if(count($onl_ulink)) $onl_userlist=substr_replace($onl_userlist, '', strlen($onl_userlist)-strlen($onl_options['separator']), strlen($onl_options['separator']));
if (count($onl_blink)==0) {
$onl_botlist = "Îòñóòñòâóþò";
}
for($i=0;$i<count($onl_blink);$i++) {
$onl_botlist .= $onl_blink[$i].$onl_options['separator'];
}
if(count($onl_blink)) $onl_botlist=substr_replace($onl_botlist, '', strlen($onl_botlist)-strlen($onl_options['separator']), strlen($onl_options['separator']));
$onl_ulink=$onl_lulink=$onl_blink=array();
if (!$is_logged) $userlist = "Ñïèñîê âèäåí òîëüêî çàðåãèñòðèðîâàííûì.";
else $userlist = $onl_userlist;
$tpl->set('{users}',$onl_users);
$tpl->set('{guest}',$onl_guests);
$tpl->set('{robots}',$onl_robots);
$tpl->set('{all}',($onl_users+$onl_guests+$onl_robots));
$tpl->set('{userlist}',$userlist);
$tpl->set('{botlist}',$onl_botlist);
//unset($onl_userlist, $onl_botlist);
$onl_userlist=$onl_botlist="";
$tpl->compile('online');
$tpl->clear();
?>

395
system/modules/pm.php Normal file
View File

@@ -0,0 +1,395 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {die( "Hacking attempt!" );}
require_once SYSTEM_DIR . '/classes/parse.class.php';
$parse = new ParseFilter( );
$parse->safe_mode = true;
$parse->allow_url = $user_group[$member_id['user_group']]['allow_url'];
$parse->allow_image = $user_group[$member_id['user_group']]['allow_image'];
$stop_pm = FALSE;
if( isset( $_REQUEST['doaction'] ) ) $doaction = $_REQUEST['doaction'];
else $doaction = "";
if( ! $is_logged or ! $user_group[$member_id['user_group']]['allow_pm'] ) {
msgbox( $lang['all_err_1'], $lang['pm_err_1'] );
$stop_pm = TRUE;
}
$tpl->load_template( 'pm.tpl' );
$tpl->set( '[inbox]', "<a href=\"$PHP_SELF?do=pm&amp;doaction=inbox\">" );
$tpl->set( '[/inbox]', "</a>" );
$tpl->set( '[outbox]', "<a href=\"$PHP_SELF?do=pm&amp;doaction=outbox\">" );
$tpl->set( '[/outbox]', "</a>" );
$tpl->set( '[new_pm]', "<a href=\"$PHP_SELF?do=pm&amp;doaction=newpm\">" );
$tpl->set( '[/new_pm]', "</a>" );
$tpl->copy_template = "
<SCRIPT LANGUAGE=\"JavaScript\">
function confirmDelete(url){
var agree=confirm(\"" . $lang['pm_confirm'] . "\");
if (agree)
document.location=url;
}
</SCRIPT>" . $tpl->copy_template;
if( isset( $_POST['send'] ) and ! $stop_pm ) {
$name = $db->safesql( $parse->process( trim( $_POST['name'] ) ) );
$subj = $db->safesql( $parse->process( trim( $_POST['subj'] ) ) );
$stop = "";
if( $user_group[$member_id['user_group']]['allow_url'] ) $parse->ParseFilter( Array ('div', 'a', 'span', 'p', 'br', 'strong', 'em', 'ul', 'li', 'ol' ), Array (), 0, 1 );
else $parse->ParseFilter( Array ('div', 'span', 'p', 'br', 'strong', 'em', 'ul', 'li', 'ol' ), Array (), 0, 1 );
$comments = $db->safesql( $parse->BB_Parse( $parse->process( trim( $_POST['comments'] ) ), false ) );
if( empty( $name ) or $comments == "" ) $stop .= $lang['pm_err_2'];
if ($subj == ""){$subj = "Áåç òåìû";}
if( strlen( $subj ) > 250 ) {$stop .= $lang['pm_err_3'];}
if( $parse->not_allowed_tags ) {$stop .= "<li>" .$lang['news_err_33']. "</li>";}
if( $parse->not_allowed_text ) {$stop .= "<li>" . $lang['news_err_37']. "</li>";}
$db->query( "SELECT email, name, user_id, pm_all, user_group, mail_lc FROM " . USERPREFIX . "_users where name = '$name'" );
if( ! $db->num_rows() ) $stop .= $lang['pm_err_4'];
if($name == $member_id['name']){$stop .= $lang['pm_err_10'];}
$row = $db->get_row();
$db->free();
if( ! $stop ) {
$_SESSION['sec_code_session'] = 0;
$time = time() + ($config['date_adjust'] * 60);
$member_id['name'] = $db->safesql($member_id['name']);
$db->query( "INSERT INTO " . USERPREFIX . "_pm (subj, text, user, user_from, date, pm_read, folder) values ('$subj', '$comments', '{$row['user_id']}', '{$member_id['name']}', '$time', 'no', 'inbox')" );
$db->query( "UPDATE " . USERPREFIX . "_users set pm_all=pm_all+1, pm_unread=pm_unread+1 where user_id='{$row['user_id']}'" );
if( intval( $_REQUEST['outboxcopy'] ) ) {
$db->query( "INSERT INTO " . USERPREFIX . "_pm (subj, text, user, user_from, date, pm_read, folder) values ('$subj', '$comments', '{$row['user_id']}', '{$member_id['name']}', '$time', 'yes', 'outbox')" );
$db->query( "UPDATE " . USERPREFIX . "_users set pm_all=pm_all+1 where user_id='$member_id[user_id]'" );
}
$replyid = intval( $_GET['replyid'] );
if( $replyid ) {$db->query( "UPDATE " . USERPREFIX . "_pm SET reply=1 WHERE id= '$replyid'" );}
if($config['mail_pm'] AND $row['mail_lc'] != 0) {
include_once SYSTEM_DIR . '/classes/mail.class.php';
$mail = new dle_mail( $config );
$mail_template = $db->super_query( "SELECT template FROM " . PREFIX . "_email WHERE name='pm' LIMIT 0,1" );
$mail_template['template'] = stripslashes( $mail_template['template'] );
$mail_template['template'] = str_replace( "{%username%}", $row['name'], $mail_template['template'] );
$mail_template['template'] = str_replace( "{%date%}", langdate( "j F Y H:i", $_TIME ), $mail_template['template'] );
$mail_template['template'] = str_replace( "{%fromusername%}", $member_id['name'], $mail_template['template'] );
$mail_template['template'] = str_replace( "{%title%}", strip_tags( stripslashes( $subj ) ), $mail_template['template'] );
$body = str_replace( '\n', "", $comments );
$body = str_replace( '\r', "", $body );
$body = stripslashes( stripslashes( $body ) );
$body = str_replace( "<br />", "\n", $body );
$body = strip_tags( $body );
$mail_template['template'] = str_replace( "{%text%}", $body, $mail_template['template'] );
$mail->send( $row['email'], $lang['mail_pm'], $mail_template['template'] );
}
msgbox( $lang['all_info'], $lang['pm_sendok'] . " <a href=\"$PHP_SELF?do=pm&amp;doaction=newpm\">" . $lang['pm_noch'] . "</a> " . $lang['pm_or'] . " <a href=\"$PHP_SELF\">" . $lang['pm_main'] . "</a><meta http-equiv=\"Refresh\" content=\"3;url=/index.php\">" );
$stop_pm = TRUE;
} else
msgbox( $lang['all_err_1'], "<ul>".$stop."</ul>" );
}
if( $doaction == "del" and ! $stop_pm ) {
$delete_count = 0;
if( $_REQUEST['dle_allow_hash'] == "" or $_REQUEST['dle_allow_hash'] != $dle_login_hash ) {die( "Hacking attempt! User ID not valid" ); }
if( $_GET['pmid'] ) {
$pmid = intval( $_GET['pmid'] );
$row = $db->super_query( "SELECT id, user, user_from, pm_read, folder FROM " . USERPREFIX . "_pm where id= '{$pmid}'" );
if( ($row['user'] == $member_id['user_id'] and $row['folder'] == "inbox") or ($row['user_from'] == $member_id['name'] and $row['folder'] == "outbox") ) {
$db->query( "DELETE FROM " . USERPREFIX . "_pm WHERE id='{$row['id']}'" );
$delete_count ++;
if( $row['pm_read'] != "yes" ) {$db->query( "UPDATE " . USERPREFIX . "_users set pm_unread=pm_unread-1 where user_id='{$member_id['user_id']}'" );}
$db->query( "UPDATE " . USERPREFIX . "_users set pm_all=pm_all-1 where user_id='{$member_id['user_id']}'" );
}
} elseif( count( $_REQUEST['selected_pm'] ) ) {
foreach ( $_REQUEST['selected_pm'] as $pmid ) {
$pmid = intval( $pmid );
$row = $db->super_query( "SELECT id, user, user_from, pm_read, folder FROM " . USERPREFIX . "_pm where id= '{$pmid}'" );
if( ($row['user'] == $member_id['user_id'] and $row['folder'] == "inbox") or ($row['user_from'] == $member_id['name'] and $row['folder'] == "outbox") ) {
$db->query( "DELETE FROM " . USERPREFIX . "_pm WHERE id='{$row['id']}'" );
$delete_count ++;
if( $row['pm_read'] != "yes" ) {$db->query( "UPDATE " . USERPREFIX . "_users set pm_unread=pm_unread-1 where user_id='{$member_id['user_id']}'" );}
$db->query( "UPDATE " . USERPREFIX . "_users set pm_all=pm_all-1 where user_id='{$member_id['user_id']}'" );
}}}
if( $delete_count ) msgbox( $lang['all_info'], $lang['pm_delok'] . " <a href=\"$PHP_SELF?do=pm\">" . $lang['all_prev'] . "</a>." );
else msgbox( $lang['all_err_1'], $lang['pm_err_5'] );
}
elseif( $doaction == "readpm" and ! $stop_pm ) {
$pmid = intval( $_GET['pmid'] );
$tpl->set( '[readpm]', "" );
$tpl->set( '[/readpm]', "" );
$tpl->set_block( "'\\[pmlist\\].*?\\[/pmlist\\]'si", "" );
$tpl->set_block( "'\\[newpm\\].*?\\[/newpm\\]'si", "" );
$db->query( "SELECT * FROM " . USERPREFIX . "_pm where id= '$pmid'" );
$row = $db->get_row();
if( $db->num_rows() < 1 ) {
msgbox( $lang['all_err_1'], $lang['pm_err_6'] );
$stop_pm = TRUE;
} elseif( $row['user'] != $member_id['user_id'] and $row['user_from'] != $member_id['name'] ) {
msgbox( $lang['all_err_1'], $lang['pm_err_7'] );
$stop_pm = TRUE;
} else {
if( $row['user'] == $member_id['user_id'] and $row['pm_read'] != "yes" ) {
$db->query( "UPDATE " . USERPREFIX . "_users set pm_unread=pm_unread-1 where user_id='{$member_id['user_id']}'" );
$db->query( "UPDATE " . USERPREFIX . "_pm set pm_read='yes' where id='{$row['id']}'" );
}
$tpl->set( '{subj}', stripslashes( $row['subj'] ) );
$tpl->set( '{text}', stripslashes( $row['text'] ) );
$tpl->set( '{author}', "<a href=\"" . $config['http_home_url'] . "user/" . urlencode( $row['user_from'] ) . "/\">" . $row['user_from'] . "</a>" );
$tpl->set( '[reply]', "<a href=\"" . $config['http_home_url'] . "index.php?do=pm&amp;doaction=newpm&amp;replyid=" . $row['id'] . "\">" );
$tpl->set( '[/reply]', "</a>" );
$tpl->set( '[del]', "<a href=\"javascript:confirmDelete('" . $config['http_home_url'] . "index.php?do=pm&amp;doaction=del&amp;pmid=" . $row['id'] . "&amp;dle_allow_hash=" . $dle_login_hash . "')\">" );
$tpl->set( '[/del]', "</a>" );
$tpl->set( '[complaint]', "<a href=\"javascript:AddComplaint('" . $row['id'] . "', 'pm')\">" );
$tpl->set( '[/complaint]', "</a>" );
$tpl->compile( 'content' );
$tpl->clear();
}
}
elseif( $doaction == "newpm" and ! $stop_pm ) {
$tpl->set( '[newpm]', "" );
$tpl->set( '[/newpm]', "" );
$tpl->set_block( "'\\[pmlist\\].*?\\[/pmlist\\]'si", "" );
$tpl->set_block( "'\\[readpm\\].*?\\[/readpm\\]'si", "" );
$replyid = intval( $_GET['replyid'] );
$user = intval( $_GET['user'] );
if( isset( $_REQUEST['username'] ) ) $username = $db->safesql( strip_tags( urldecode( $_GET['username'] ) ) ); else $username = '';
$text = "";
if( $replyid ) {
$row = $db->super_query( "SELECT * FROM " . USERPREFIX . "_pm where id= '$replyid'" );
if( ($row['user'] != $member_id['user_id']) and ($row['user_from'] != $member_id['name']) ) {
msgbox( $lang['all_err_1'], $lang['pm_err_7'] );
$stop_pm = TRUE;
}
$text = $parse->decodeBBCodes( $row['text'], false );
$text = "[quote]" . $text . "[/quote]\n";
$tpl->set( '{author}', $row['user_from'] );
if (strpos ( $row['subj'], "RE:" ) === false)
$tpl->set( '{subj}', "RE: " . stripslashes( $row['subj'] ) );
else
$tpl->set( '{subj}', stripslashes( $row['subj'] ) );
$row = $db->super_query( "SELECT pm_all, user_group FROM " . USERPREFIX . "_users WHERE name = '" . $db->safesql( $row['user_from'] ) . "'" );
} elseif( $user or $username != "" ) {
if( $user ) $row = $db->super_query( "SELECT name, pm_all, user_group FROM " . USERPREFIX . "_users where user_id = '$user'" );
elseif( $username != "" ) $row = $db->super_query( "SELECT name, pm_all, user_group FROM " . USERPREFIX . "_users where name='$username'" );
$tpl->set( '{author}', $row['name'] );
$tpl->set( '{subj}', "" );
} else {
$tpl->set( '{author}', "" );
$tpl->set( '{subj}', "" );
}
include_once SYSTEM_DIR . '/modules/bbcode.php';
$tpl->set( '{editor}', $bb_code );
$tpl->set( '{text}', $text );
$tpl->copy_template = "<form method=\"post\" name=\"dle-comments-form\" id=\"dle-comments-form\" onsubmit=\"if(document.getElementById('dle-comments-form').name.value == '' || document.getElementById('dle-comments-form').comments.value == ''){alert('{$lang['comm_req_f']}');return false}\" action=\"\">\n" . $tpl->copy_template . "<input name=\"send\" type=\"hidden\" value=\"send\" /></form>";
if( ! $stop_pm ) {
$tpl->compile( 'content' );
$tpl->clear();
} else {
$tpl->clear();
}
} elseif( ! $stop_pm ) {
$tpl->set( '[pmlist]', "" );
$tpl->set( '[/pmlist]', "" );
$tpl->set_block( "'\\[newpm\\].*?\\[/newpm\\]'si", "" );
$tpl->set_block( "'\\[readpm\\].*?\\[/readpm\\]'si", "" );
if( $member_id['pm_unread'] < 0 ) {$db->query( "UPDATE " . USERPREFIX . "_users SET pm_unread='0' WHERE user_id='{$member_id['user_id']}'" ); }
$pmlist = <<<HTML
<form action="$PHP_SELF?do=pm&doaction=del" method="post" name="pmlist">
<input type="hidden" name="dle_allow_hash" value="{$dle_login_hash}" />
HTML;
// äîáàâëåíî
if (isset($_REQUEST['cstart'])){$cstart = intval($_GET['cstart']);}
else{$cstart = 0;}
$config['news_number'] = '25';
if ($cstart){$cstart = $cstart - 1;$cstart = $cstart * $config['news_number'];}
// äîáàâëåíî
if ($doaction == "outbox"){
$lang['pm_from'] = $lang['pm_to'];
$sql = "SELECT id, subj, name as user_from, date, pm_read FROM " . USERPREFIX . "_pm LEFT JOIN " . USERPREFIX . "_users ON " . USERPREFIX . "_pm.user=" . USERPREFIX . "_users.user_id WHERE user_from = '{$member_id['name']}' AND folder = 'outbox' order by date desc LIMIT " . $cstart . "," . $config['news_number'];;
$sql_count = "SELECT COUNT(*) as count FROM " . PREFIX . "_pm WHERE user = '{$member_id['user_id']}' AND folder = 'outbox'";
}else{
$sql = "SELECT id, subj, user_from, date, pm_read, reply FROM " . USERPREFIX . "_pm where user = '{$member_id['user_id']}' AND folder = 'inbox' ORDER BY date DESC LIMIT " . $cstart . "," . $config['news_number'];
$sql_count = "SELECT COUNT(*) as count FROM " . PREFIX . "_pm WHERE user = '{$member_id['user_id']}' AND folder = 'inbox'";
}
$pmlist .= "<table class=\"userstop\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\"><tr><td width=\"20\">&nbsp;</td><td class=\"pm_head\">" . $lang['pm_subj'] . "</td><td width=\"150\" class=\"pm_head\">" . $lang['pm_from'] . "</td><td width=\"150\" class=\"pm_head\" align=\"center\">" . $lang['pm_date'] . "</td><td width=\"50\" class=\"pm_head\" align=\"center\"><input type=\"checkbox\" name=\"master_box\" title=\"{$lang['pm_selall']}\" onclick=\"javascript:ckeck_uncheck_all()\" /></td>";
$db->query($sql);
$i = 0;
while ( $row = $db->get_row() ) {
$i ++;
if ($user_group[$user_color[$row['user_from']]['user_group']]['colour']){
$group_span = $user_group[$user_color[$row['user_from']]['user_group']]['colour'];
$user = "<font color={$group_span}>".$row['user_from']."</font>";
}else{
$user = $row['user_from'];
}
$user_from = "<a class=\"pm_list\" href=\"" . $config['http_home_url'] . "user/" . urlencode( $row['user_from'] ) . "/\">" . $user . "</a>";
if( $row['pm_read'] == "yes" ) {
$subj = "<a class=\"pm_list\" href=\"$PHP_SELF?do=pm&amp;doaction=readpm&amp;pmid=" . $row['id'] . "\">" . stripslashes( $row['subj'] ) . "</a>";
$icon = "{THEME}/images/read.gif";
} else {
$subj = "<a class=\"pm_list\" href=\"$PHP_SELF?do=pm&amp;doaction=readpm&amp;pmid=" . $row['id'] . "\"><b>" . stripslashes( $row['subj'] ) . "</b></a>";
$icon = "{THEME}/images/unread.gif";
}
if( $row['reply'] ) $icon = "{THEME}/images/send.gif";
$pmlist .= "<tr><td><img src=\"{$icon}\" border=\"0\" alt=\"\" /></td><td class=\"pm_list\">{$subj}</td><td class=\"pm_list\">{$user_from}</td><td class=\"pm_list\" align=\"center\">" . langdate( "j.m.Y H:i", $row['date'] ) . "</td><td class=\"pm_list\" align=\"center\"><input name=\"selected_pm[]\" value=\"{$row['id']}\" type=\"checkbox\" /></td></tr>";
}
$db->free();
$pmlist .= "<tr><td colspan=\"4\" align=\"right\"><input class=\"bbcodes\" type=\"submit\" value=\"{$lang['b_del']}\" /></td></tr></table></form>";
if ($i) $tpl->set( '{pmlist}', $pmlist );
else $tpl->set( '{pmlist}', $lang['no_message'] );
$tpl->compile( 'content' );
$tpl->clear();
// äîáàâëåíî
if (!isset($view_template)){
$count_all = $db->super_query($sql_count);
$count_all = $count_all['count'];
}else{$count_all = 0;}
$url_page = $PHP_SELF. "?do=pm&doaction=".$doaction;
if( ! isset( $view_template ) and $count_all ) {
$tpl->load_template('navigation.tpl');
$no_prev = false;
$no_next = false;
if (isset($cstart) and $cstart != "" and $cstart > 0) // ññûëêà "íàçàä"
{
$prev = $cstart / $config['news_number'];
$prev_page = $url_page . "&cstart=" . $prev;
$tpl->set_block( "'\[prev-link\](.*?)\[/prev-link\]'si", "<a href=\"" . $prev_page . "\" title=\"Ïåðåéòè íà ïðåäûäóùóþ ñòðàíèöó\">\\1</a>" );
}
else
{
$tpl->set_block( "'\[prev-link\](.*?)\[/prev-link\]'si", "<b>\\1</b>" );
$no_prev = TRUE;
}
if ($config['news_number'] > 0) // ññûëêà íà ñòðàíèöû
{
if ($count_all > $config['news_number'])
{
$enpages_count = @ceil($count_all / $config['news_number']);
$pages = "";
$cstart = ($cstart / $config['news_number']) + 1;
if ($enpages_count <= 8)
{
for ($j = 1; $j <= $enpages_count; $j ++)
{
if ($j != $cstart)
{
$pages .= "<a href=\"" . $url_page . "&cstart=" . $j . "\" title=\"Ïåðåéòè íà " . $j . "-þ ñòðàíèöó\">$j $pge</a> ";
}
else
{
$pages .= "<span>$j $pge</span> ";
}
}
}
else
{
$start = 1;
$end = 8;
$nav_prefix = "<b>---</b> ";
if ($cstart > 0)
{
if ($cstart > 6)
{
$start = $cstart - 2;
$end = $start + 5;
if ($end >= $enpages_count)
{
$start = $enpages_count - 7;
$end = $enpages_count - 1;
$nav_prefix = "";
}
else
{
$nav_prefix = "<b>---</b> ";
}
}
}
if ($start >= 2)
{
$pages .= "<a href=\"" . $url_page . "\" title=\"Ïåðåéòè íà 1-þ ñòðàíèöó\">1 $pge</a> <b>---</b> ";
}
for ($j = $start; $j <= $end; $j ++)
{
if ($j != $cstart)
{
$pages .= "<a href=\"" . $url_page . "&cstart=" . $j . "\" title=\"Ïåðåéòè íà " . $j . "-þ ñòðàíèöó\">$j $pge</a> ";
}
else
{
$pages .= "<span>$j $pge</span> ";
}
}
if ($cstart != $enpages_count)
{
$pages .= $nav_prefix . "<a href=\"" . $url_page . "&cstart={$enpages_count}\" title=\"Ïåðåéòè íà {$enpages_count}-þ ñòðàíèöó\">{$enpages_count} $pge</a>";
}
else
{
$pages .= "<span>{$enpages_count} $pge</span> ";
}
}
}
$tpl->set('{pages}', $pages);
}
if ($config['news_number'] < $count_all and $i < $count_all) // ññûëêà "âïåð¸ä"
{
$next_page = $i / $config['news_number'] + 1;
$next = $url_page . '&cstart=' . $next_page;
$tpl->set_block( "'\[next-link\](.*?)\[/next-link\]'si", "<a href=\"" . $next . "\" title=\"Ïåðåéòè íà ñëåäóþùóþ ñòðàíèöó\">\\1</a>" );
}
else
{
$tpl->set_block( "'\[next-link\](.*?)\[/next-link\]'si", "<b>\\1</b>" );
$no_next = TRUE;
}
if (!$no_prev or !$no_next)
{
$tpl->compile('content');
}
$tpl->clear();
}}
?>

View File

@@ -0,0 +1,29 @@
<?php
if(!defined('DATALIFEENGINE')){die("Hacking attempt!");}
$mp = 0;
$row = $db->query( "SELECT pm.subj, pm.text, pm.user_from, users.name, users.foto FROM " . PREFIX . "_pm as pm, " . PREFIX . "_users as users WHERE pm.user_from=users.name AND pm.user = '$member_id[user_id]' AND pm.folder = 'inbox' ORDER BY pm.pm_read ASC, pm.date DESC LIMIT 0,1");
while($row = $db->get_row()){
$pm++;
if ($row['foto'] !== "") $foto = "{$config['http_home_url']}uploads/fotos/{$row['foto']}";
else
$foto = "{$config['http_home_url']}templates/{$config['skin']}/images/noavatar.png";
$pm_alert = "<style>
.uContent {margin-bottom:10px; width:250px; padding:7px; background:#000; background:rgba(0,0,0,0.8); -moz-box-shadow: 0 0 6px #000; -webkit-box-shadow: 0 0 6px #000; box-shadow: 0 0 6px #000;}
div.uPm-close {width:18px;height:18px;background:url('/system/skins/images/close-pm.png') no-repeat;}
div.uPm-close:hover {background-position:0px -18px;}
</style>
<div style=\"position:relative;\" id=\"uMp-time-close\">
<div style=\"position:fixed;bottom:5px;right:5px;z-index: 99;\">
<div class=\"uContent\" style=\"display:none;\" id=\"uMp-time\">
<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\">
<tr><td valign=\"top\" style=\"color:#fff;text-shadow:0px 1px 0px rgba(0, 0, 0, 0.70);\" width=\"100%\"><b>Ïåðñîíàëüíîå ñîîáùåíèå:</b></td>
<td><a href=\"javascript://\" onclick=\"$('#uMp-time-close').delay('100').fadeOut('fast');\"><div style=\"margin-top:-3px;\"><div class=\"uPm-close\"></div></div></a></td></tr>
</table>
<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin-top:5px;\">
<tr><td width=\"50px\" valign=\"top\"><img style=\"width:50px;\" src=\"{$foto}\" border=\"0\"></td><td style=\"padding-left:7px;\" valign=\"top\"><div style=\"color:#bbb;\">{$row['user_from']}<br><a style=\"color:#fff;\" href=\"/index.php?do=pm\">{$row['subj']}</a></div></td></tr>
</table>
</div></div></div>
<script type=\"text/javascript\">$('#uMp-time').fadeIn('fast');</script>";
}
?>

163
system/modules/poll.php Normal file
View File

@@ -0,0 +1,163 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {
die( "Hacking attempt!" );
}
function get_votes($all) {
$data = array ();
if( $all != "" ) {
$all = explode( "|", $all );
foreach ( $all as $vote ) {
list ( $answerid, $answervalue ) = explode( ":", $vote );
$data[$answerid] = intval( $answervalue );
}
}
return $data;
}
$_IP = $db->safesql( $_SERVER['REMOTE_ADDR'] );
if( $is_logged ) $log_id = intval( $member_id['user_id'] ); else $log_id = $_IP;
$poll = $db->super_query( "SELECT * FROM " . PREFIX . "_poll where news_id = '{$row['id']}'" );
$log = $db->super_query( "SELECT COUNT(*) as count FROM " . PREFIX . "_poll_log WHERE news_id = '{$row['id']}' AND member ='{$log_id}'" );
$poll['title'] = stripslashes( $poll['title'] );
$poll['frage'] = stripslashes( $poll['frage'] );
$body = explode( "<br />", stripslashes( $poll['body'] ) );
$tpl->load_template( 'poll.tpl' );
$tpl->set( '{title}', $poll['title'] );
$tpl->set( '{question}', $poll['frage'] );
$tpl->set( '{votes}', $poll['votes'] );
if( $log['count']) {
$tpl->set_block( "'\\[not-voted\\](.+?)\\[/not-voted\\]'si", "" );
$tpl->set( '[voted]', '' );
$tpl->set( '[/voted]', '' );
} else {
$tpl->set_block( "'\\[voted\\](.+?)\\[/voted\\]'si", "" );
$tpl->set( '[not-voted]', '' );
$tpl->set( '[/not-voted]', '' );
}
$list = "<div id=\"dle-poll-list\">";
if( ! $log['count'] and $user_group[$member_id['user_group']]['allow_poll'] ) {
$tpl->set( '[allow_vote]', '' );
$tpl->set( '[/allow_vote]', '' );
if( ! $poll['multiple'] ) {
for($v = 0; $v < sizeof( $body ); $v ++) {
if( ! $v ) $sel = "checked=\"checked\"";
else $sel = "";
$list .= <<<HTML
<div><input name="dle_poll_votes" type="radio" $sel value="{$v}" /> {$body[$v]}</div>
HTML;
}
} else {
for($v = 0; $v < sizeof( $body ); $v ++) {
$list .= <<<HTML
<div><input name="dle_poll_votes[]" type="checkbox" value="{$v}" /> {$body[$v]}</div>
HTML;
}
}
$allcount = 0;
} else {
$tpl->set_block( "'\\[allow_vote\\](.+?)\\[/allow_vote\\]'si", "" );
$answer = get_votes( $poll['answer'] );
$allcount = $poll['votes'];
$pn = 0;
for($v = 0; $v < sizeof( $body ); $v ++) {
$num = $answer[$v];
++ $pn;
if( $pn > 5 ) $pn = 1;
if( ! $num ) $num = 0;
if( $allcount != 0 ) $proc = (100 * $num) / $allcount; else $proc = 0;
$proc = round( $proc, 2 );
$w = intval($proc);
$list .= <<<HTML
{$body[$v]} - {$num} ({$proc}%)<br />
<img src="{$config['http_home_url']}templates/{$config['skin']}/images/poll{$pn}.gif" height="10" width="{$w}%" style="border:1px solid black;" alt="" /><br />
HTML;
}
$allcount = 1;
}
$list .= "</div>";
$tpl->set( '{list}', $list );
$ajax_script = <<<HTML
<script type="text/javascript">
<!--
var dle_poll_result = 0;
var dle_poll_voted = {$allcount};
function doPoll( event ){
var frm = document.dlepollform;
var vote_check = '';
var news_id = frm.news_id.value;
if (dle_poll_voted == 1) { return; }
if (event != 'results' && dle_poll_result != 1) {
for (var i=0;i < frm.elements.length;i++) {
var elmnt = frm.elements[i];
if (elmnt.type=='radio') {
if(elmnt.checked == true){ vote_check = elmnt.value; break;}
}
if (elmnt.type=='checkbox') {
if(elmnt.checked == true){ vote_check = vote_check + elmnt.value + ' ';}
}
}
if (event == 'vote' && vote_check == '') { alert ('{$lang['poll_failed']}'); return; }
dle_poll_voted = 1;
} else { dle_poll_result = 1; }
if (dle_poll_result == 1 && event == 'vote') { dle_poll_result = 0; event = 'list'; }
ShowLoading('');
$.post(dle_root + "system/ajax/poll.php", { news_id: news_id, action: event, answer: vote_check, vote_skin: dle_skin }, function(data){
HideLoading('');
$("#dle-poll-list").fadeOut(500, function() {
$(this).html(data);
$(this).fadeIn(500);
});
});
}
//-->
</script>
HTML;
$tpl->copy_template = $ajax_script . "<form method=\"post\" name=\"dlepollform\" id=\"dlepollform\" action=\"\">" . $tpl->copy_template . "<input type=\"hidden\" name=\"news_id\" id=\"news_id\" value=\"" . $row['id'] . "\" /></form>";
$tpl->compile( 'poll' );
$tpl->clear();
?>

327
system/modules/profile.php Normal file
View File

@@ -0,0 +1,327 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {die( "Hacking attempt!" );}
include_once SYSTEM_DIR . '/classes/parse.class.php';
$parse = new ParseFilter( );
$parse->safe_mode = true;
//Âåðåôèöèðóåì E-Mail
if ( $doaction == 'validating' AND $is_logged ){
$validating = ( isset( $_REQUEST['id'] ) ) ? strval( $_REQUEST['id'] ) : '';
$validating = explode( '||', @base64_decode( @rawurldecode( $validating ) ) );
if ( sizeof( $validating ) != 4 ) die( 'ID not valid!' );
$validating[0] = intval( $validating[0] );
$validating[1] = trim( $db->safesql( $parse->process( $validating[1] ) ) );
$validating[2] = trim( $db->safesql( $parse->process( $validating[2] ) ) );
if ( md5( md5( md5( $member_id['name'] . $validating[2] . DBHOST . DBNAME . $config['key'] ) ) ) != md5( $validating[3] ) ) die( 'ID not valid!' );
if ( $member_id['user_id'] == $validating[0] AND $validating[1] == $member_id['email'] )
{
$db->query( "UPDATE " . USERPREFIX . "_users set email='{$validating[2]}' WHERE user_id='{$member_id['user_id']}'" );
$db->query(" UPDATE " .PREFIX. "_subscribe SET email='{$validating[2]}' WHERE user_id='{$member_id['user_id']}'" );
msgbox( $lang['all_info'], 'E-Mail Àêòèâèðîâàí!' );
} else die( 'data not valid!' );
}
//Îáíîâëåíèå èíôîðìàöèè î ïîëüçîâàòåëå
if( $allow_userinfo and $doaction == "adduserinfo" ) {
$stop = false;
$id = intval($_POST['id']);
if( !$is_logged OR $_POST['dle_allow_hash'] == "" OR $_POST['dle_allow_hash'] != $dle_login_hash OR !$id) {die( "Hacking attempt! User ID not valid" );}
$row = $db->super_query( "SELECT * FROM " . USERPREFIX . "_users WHERE user_id = '{$id}'" );
if( !$is_logged or !($member_id['user_id'] == $row['user_id'] or $member_id['user_group'] == 1) ) {$stop = $lang['news_err_13'];
} else {
$parse->allow_url = $user_group[$member_id['user_group']]['allow_url'];
$parse->allow_image = $user_group[$member_id['user_group']]['allow_image'];
$password1 = $_POST['password1'];
$password2 = $_POST['password2'];
if( $_POST['mail_lc'] ) {$mail_lc = 1;} else {$mail_lc = 0;}
if( $_POST['allow_mail'] ) {$allow_mail = 0;} else {$allow_mail = 1;}
if( $_POST['repa_off'] ) {$repa_off = 1;} else {$repa_off = 0;}
$altpass = md5( $_POST['altpass'] );
$info = $db->safesql( $parse->BB_Parse( $parse->process( $_POST['info'] ), false ) );
$not_allow_symbol = array ("\x22", "\x60", "\t", '\n', '\r', "\n", "\r", '\\', ",", "/", "¬", "#", ";", ":", "~", "[", "]", "{", "}", ")", "(", "*", "^", "%", "$", "<", ">", "?", "!", '"', "'", " " );
$email = $db->safesql(trim( str_replace( $not_allow_symbol, '', strip_tags( stripslashes( $_POST['email'] ) ) ) ) );
$fullname = $db->safesql( $parse->process( $_POST['fullname'] ) );
$land = $db->safesql( $parse->process( $_POST['land'] ) );
$icq = intval( str_replace("-", "", $_POST['icq'] ) ); if( ! $icq ) $icq = "";
$skype = $db->safesql( $parse->process( $_POST['skype'] ) );
if ($_POST['allowed_ip']) {$_POST['allowed_ip'] = str_replace( "\r", "", trim( $_POST['allowed_ip'] ) );
$allowed_ip = str_replace( "\n", "|", $_POST['allowed_ip'] );
$temp_array = explode ("|", $allowed_ip);
$allowed_ip = array();
if (count($temp_array)) {
foreach ( $temp_array as $value ) {
$value1 = str_replace( "*", "0", trim($value) );
$value1 = ip2long($value1);
if( $value1 != -1 AND $value1 !== FALSE ) $allowed_ip[] = trim( $value );
}}
if ( count($allowed_ip) ) $allowed_ip = $db->safesql( $parse->process( implode("|", $allowed_ip) ) ); else $allowed_ip = "";
} else $allowed_ip = "";
if( $user_group[$row['user_group']]['allow_signature'] ) {$signature = $db->safesql( $parse->BB_Parse( $parse->process( $_POST['signature'] ), false ) );
} else $signature = "";
//Çàãðóæàåì àâàòàðó
$image = $_FILES['image']['tmp_name'];
$image_name = $_FILES['image']['name'];
$image_size = $_FILES['image']['size'];
$img_name_arr = explode( ".", $image_name );
$type = totranslit( end( $img_name_arr ) );
if( $image_name != "" ) $image_name = totranslit( stripslashes( $img_name_arr[0] ) ) . "." . totranslit( $type );
if( strpos ( $image_name, "php" ) !== false ) die("Hacking attempt!");
if( is_uploaded_file( $image ) and ! $stop ) {
if( intval( $user_group[$member_id['user_group']]['max_foto'] ) > 0 ) {
if( $image_size < ($config['max_ava_size'] * 1024) ) {
$allowed_extensions = array ("jpg", "png", "jpe", "jpeg", "gif" );
if( in_array( $type, $allowed_extensions ) AND $image_name ) {
include_once SYSTEM_DIR . '/classes/thumb.class.php';
$res = @move_uploaded_file( $image, ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type );
if( $res ) {
@chmod( ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type, 0666 );
$thumb = new thumbnail( ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type );
if( $thumb->size_auto( $user_group[$member_id['user_group']]['max_foto'] ) ) {
$thumb->jpeg_quality( $config['jpeg_quality'] );
$thumb->save( ROOT_DIR . "/uploads/fotos/foto_" . $row['user_id'] . "." . $type );
} else {@rename( ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type, ROOT_DIR . "/uploads/fotos/foto_" . $row['user_id'] . "." . $type );}
@chmod( ROOT_DIR . "/uploads/fotos/foto_" . $row['user_id'] . "." . $type, 0666 );
$foto_name = "foto_" . $row['user_id'] . "." . $type;
$db->query( "UPDATE " . USERPREFIX . "_users set foto='$foto_name' where user_id = '{$id}'" );
} else $stop .= $lang['news_err_14'];
} else $stop .= $lang['news_err_15'];
} else $stop .= $lang['news_err_16'];
} else $stop .= $lang['news_err_32'];
@unlink( ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type );
}if( $_POST['del_foto'] == "yes" AND !$stop) {
@unlink( ROOT_DIR . "/uploads/fotos/" . $row['foto'] );
$db->query( "UPDATE " . USERPREFIX . "_users set foto='' WHERE user_id = '{$id}'" );
}
//Äîáàâëåíî äîïîëíèòåëüíîå ôîòî
$image = $_FILES['image1']['tmp_name'];
$image_name = $_FILES['image1']['name'];
$image_size = $_FILES['image1']['size'];
$img_name_arr = explode(".",$image_name);
$type = totranslit( end( $img_name_arr ) );
if($image_name != "") $image_name = totranslit(stripslashes($img_name_arr[0])).".".totranslit($type);
if (is_uploaded_file($image) AND !$stop) {
if ($image_size < 2000000) {
$allowed_extensions = array("jpg", "png", "jpe", "jpeg", "gif");
if( in_array( $type, $allowed_extensions ) AND $image_name ) {
include_once SYSTEM_DIR.'/classes/thumb.class.php';
$res = @move_uploaded_file($image, ROOT_DIR."/uploads/photos/".$row['user_id'].".".$type);
if ($res) {
@chmod(ROOT_DIR."/uploads/photos/".$row['user_id'].".".$type, 0666);
$thumb=new thumbnail(ROOT_DIR."/uploads/photos/".$row['user_id'].".".$type);
if ($thumb->size_auto($config['sauto'])) {$thumb->jpeg_quality($config['jpeg_quality']);
$thumb->save(ROOT_DIR."/uploads/photos/foto_".$row['user_id'].".".$type);
} else {@rename(ROOT_DIR."/uploads/photos/".$row['user_id'].".".$type, ROOT_DIR."/uploads/photos/foto_".$row['user_id'].".".$type);}
@chmod(ROOT_DIR."/uploads/photos/foto_".$row['user_id'].".".$type, 0666);
$foto_name1= "foto_".$row['user_id'].".".$type;
$db->query("UPDATE " . USERPREFIX . "_users set photo='$foto_name1' where user_id = '{$id}'" );
} else $stop .= $lang['news_err_14'];
} else $stop .= $lang['news_err_15'];
} else $stop .= $lang['news_err_16'];
@unlink (ROOT_DIR."/uploads/photos/".$row['user_id'].".".$type);
}if ($_POST['del_foto1'] == "yes" AND !$stop) {
@unlink (ROOT_DIR."/uploads/photos/".$row['photo']);
$db->query("UPDATE " . USERPREFIX . "_users set photo='' where user_id = '{$id}'" );
}
//!Äîáàâëåíî äîïîëíèòåëüíîå ôîòî
if( strlen( $password1 ) > 0 ) {
$altpass = md5( $altpass );
if( $altpass != $member_id['password'] ) {$stop .= $lang['news_err_17'];}
if( $password1 != $password2 ) {$stop .= $lang['news_err_18'];}
if( strlen( $password1 ) < 6 ) {$stop .= $lang['news_err_19'];}
if ($member_id['user_id'] == $row['user_id'] AND $user_group[$member_id['user_group']]['admin_editusers']) {$stop .= $lang['news_err_42'];}
}
if( empty( $email ) OR strlen( $email ) > 50 OR @count(explode("@", $email)) != 2) {$stop .= $lang['news_err_21'];}
if ($member_id['user_id'] == $row['user_id'] AND $email != $member_id['email'] AND $user_group[$member_id['user_group']]['admin_editusers']) {$stop .= $lang['news_err_42'];}
if( intval( $user_group[$member_id['user_group']]['max_info'] ) > 0 and strlen( $info ) > $user_group[$member_id['user_group']]['max_info'] ) {$stop .= $lang['news_err_22'];}
if (preg_match ("/href|url|http|www|\.ru|\.com|\.net|\.info|\.org/i", $_POST['info'])){$stop .= $lang['news_err_url'];}
if( intval( $user_group[$member_id['user_group']]['max_signature'] ) > 0 and strlen( $signature ) > $user_group[$member_id['user_group']]['max_signature'] ) {$stop .= $lang['not_allowed_sig'];}
if( strlen( $fullname ) > 100 ) {$stop .= $lang['news_err_23'];}
if ( preg_match( "/[\||\'|\<|\>|\"|\!|\]|\?|\$|\@|\/|\\\|\&\~\*\+]/", $fullname ) ) {$stop .= $lang['news_err_35'];}
if( strlen( $land ) > 100 ) {$stop .= $lang['news_err_24'];}
if ( preg_match( "/[\||\'|\<|\>|\"|\!|\]|\?|\$|\@|\/|\\\|\&\~\*\+]/", $land ) ) {$stop .= $lang['news_err_36'];}
if( strlen( $icq ) > 20 ) {$stop .= $lang['news_err_25'];}
if( strlen( $skype ) > 32 ) {$stop .= 'Ñëèøêîì äëèííûé ëîãèí Skype';}
if ( preg_match( "/[\||\'|\<|\>|\"|\!|\]|\?|\$|\@|\/|\\\|\&\~\*\+]/", $skype ) ) {$stop .= 'Íåäîïóñòèìûå ñèìâîëû â ëîãèíå Skype';}
if( $parse->not_allowed_tags ) {$stop .= $lang['news_err_34'];}
if( $parse->not_allowed_text ) {$stop .= $lang['news_err_38'];}
$db->query( "SELECT name FROM " . USERPREFIX . "_users WHERE email = '$email' AND user_id != '{$id}'" );
if( $db->num_rows() ) {$stop .= $lang['reg_err_8'];}
$db->free();
}
if( $stop ) {msgbox( $lang['all_err_1'], $stop );
} else {
//Ïðîâåðÿåì E-Mail, åñëè èçìåíåí, òî òðåáóåì ïîäòâåðæäåíèÿ
if ( $email != $member_id['email'] AND $config['registration_type'] ){
include_once SYSTEM_DIR . '/classes/mail.class.php';
$mail = new dle_mail( $config );
$row = $db->super_query( "SELECT template FROM " . PREFIX . "_email where name='reg_mail' LIMIT 0,1" );
$row['template'] = stripslashes( $row['template'] );
$idlink = rawurlencode( base64_encode( $member_id['user_id'] . '||' . $member_id['email'] . '||' . $email . '||' . md5( md5( $member_id['name'] . $email . DBHOST . DBNAME . $config['key'] ) ) ) );
$row['template'] = str_replace( "{%username%}", $member_id['name'], $row['template'] );
$row['template'] = str_replace( "{%validationlink%}", $config['http_home_url'] . 'index.php?subaction=userinfo&user=' . urlencode( $member_id['name'] ) . '&doaction=validating&id=' . $idlink, $row['template'] );
$row['template'] = str_replace( "{%password%}", 'Çàñåêðå÷åí', $row['template'] );
$mail->send( $email, $lang['reg_subj'], $row['template'] );
if ( $mail->send_error ) msgbox( $lang['all_info'], $mail->smtp_msg );
msgbox( $lang['all_info'], '×òî áû èçìåíèòü E-Mail, åãî íóæíî ïîäòâåðäèòü' );
$email = $member_id['email'];
}
if( strlen( $password1 ) > 0 ) {
$password1 = md5( md5( $password1 ) );
$sql_user = "UPDATE " . USERPREFIX . "_users set fullname='$fullname', mail_lc='$mail_lc', land='$land', icq='$icq', skype='$skype', email='$email', info='$info', signature='$signature', password='$password1', allow_mail='$allow_mail', repa_off='$repa_off', allowed_ip='$allowed_ip' where user_id = '{$id}'";
} else {$sql_user = "UPDATE " . USERPREFIX . "_users set fullname='$fullname', mail_lc='$mail_lc', land='$land', icq='$icq', skype='$skype', email='$email', info='$info', signature='$signature', allow_mail='$allow_mail', repa_off='$repa_off', allowed_ip='$allowed_ip' where user_id = '{$id}'";}
$db->query( $sql_user );
if ( $_POST['subscribe'] ) $db->query( "DELETE FROM " . PREFIX . "_subscribe WHERE user_id = '{$row['user_id']}'" );
}
}
//####################################################################################################################
// Ïðîñìîòð ïðîôèëÿ ïîëüçîâàòåëÿ
//####################################################################################################################
$user_found = FALSE;
if( preg_match( "/[\||\'|\<|\>|\"|\!|\?|\$|\@|\/|\\\|\&\~\*\+]/", $name ) ) die("Not allowed user name!");
$sql_result = $db->query( "SELECT * FROM " . USERPREFIX . "_users where name = '$user'" );
$tpl->load_template( 'userinfo.tpl' );
while ( $row = $db->get_row( $sql_result ) ) {
$user_found = TRUE;
if( $row['banned'] == 'yes' ) $user_group[$row['user_group']]['group_name'] = $lang['user_ban'];
if( $row['allow_mail'] ) {
if ( !$user_group[$member_id['user_group']]['allow_feed'] AND $row['user_group'] != 1 )$tpl->set( '{email}', $lang['news_mail'], $output );
else $tpl->set( '{email}', "<a href=\"$PHP_SELF?do=feedback&amp;user=$row[user_id]\">" . $lang['news_mail'] . "</a>" );
} else {$tpl->set( '{email}', $lang['news_mail'], $output );}
if ( $user_group[$member_id['user_group']]['allow_pm'] )$tpl->set( '{pm}', "<a href=\"$PHP_SELF?do=pm&amp;doaction=newpm&amp;user=" . $row['user_id'] . "\">" . $lang['news_pmnew'] . "</a>" );
else $tpl->set( '{pm}', $lang['news_pmnew'], $output );
if( ! $row['allow_mail'] ) $mailbox = "checked"; else $mailbox = "";
if( $row['repa_off'] ) $repa_off = "checked"; else $repa_off = "";
$tpl->set( '{repa_off}', "<input type=\"checkbox\" name=\"repa_off\" value=\"1\" ".$repa_off."> Îòêëþ÷èòü ðåïóòàöèþ");
if( $row['foto'] and (file_exists( ROOT_DIR . "/uploads/fotos/" . $row['foto'] )) ) $tpl->set( '{foto}', $config['http_home_url'] . "uploads/fotos/" . $row['foto'] );
else $tpl->set( '{foto}', "{THEME}/images/noavatar.png" );
if ($row['photo'] AND (file_exists(ROOT_DIR."/uploads/photos/".$row['photo']))){
include_once SYSTEM_DIR.'/classes/thumb.class.php';
$image = ROOT_DIR."/uploads/photos/".$row['photo'];
$thumb=new thumbnail($image);
$thumb->size_auto($config['sauto1']);
$thumb->save(ROOT_DIR."/uploads/photos/thumb/".$row['photo']);
@chmod (ROOT_DIR."/uploads/photos/thumb/".$row['photo'], 0666);
$tpl->set('{photo_thumb}', $config['http_home_url']."uploads/photos/thumb/".$row['photo']);
}else{$tpl->set('{photo_thumb}', "{THEME}/images/nophoto.png");
}$tpl->set('{photo}', $config['http_home_url']."uploads/photos/".$row['photo']);
$tpl->set( '{hidemail}', "<input type=\"checkbox\" name=\"allow_mail\" value=\"1\" " . $mailbox . " /> " . $lang['news_noamail'] );
$tpl->set( '{usertitle}', stripslashes( $row['name'] ) );
$tpl->set( '{fullname}', stripslashes( $row['fullname'] ) );
if( $row['icq'] ) $tpl->set( '{icq}', stripslashes( $row['icq'] ) ); else $tpl->set( '{icq}', 'íåóêàçàíî' );
if( $row['skype'] ) $tpl->set( '{skype}', stripslashes( $row['skype'] ) ); else $tpl->set( '{skype}', 'íåóêàçàíî' );
$tpl->set( '{land}', stripslashes( $row['land'] ) );
$tpl->set( '{info}', stripslashes( $row['info'] ) );
$tpl->set( '{editmail}', stripslashes( $row['email'] ) );
$tpl->set( '{comm_num}', $row['comm_num'] );
$tpl->set( '{news_num}', $row['news_num'] );
$tbx_up = mksize($row['uploaded']);
$tbx_dw = mksize($row['downloaded']);
$tbx_ratio = ($row['downloaded']>0) ? round($row['uploaded']/$row['downloaded'],2) : 0;
$tpl->set('{tbx_up}', $tbx_up);
$tpl->set('{tbx_dw}', $tbx_dw);
$tpl->set('{tbx_ratio}', $tbx_ratio);
if ( ($row['lastdate'] + $config['user_online']*60) > $_TIME ) $tpl->set('{online}', "<font color=\"green\">Online</font>"); else $tpl->set('{online}', "<font color=\"red\">Offline</font>");
$tpl->set('{code_name}', urlencode($row['name']));
if($row['mail_lc']) $mail_lc = "checked"; else $mail_lc = "";
$tpl->set( '{mail_lc}', "<input type=\"checkbox\" name=\"mail_lc\" value=\"1\" " . $mail_lc . "> Ïîëó÷àòü óâåäîìëåíèå íà ïî÷òó î íîâûõ ËÑ" );
if( $row['status'] != "" ) {$tpl->set( '{status}', $row['status'] );} else {$tpl->set( '{status}', $user_group[$row['user_group']]['group_name'] );}
$tpl->set( '{registration}', langdate( "j F Y H:i", $row['reg_date'] ) );
$tpl->set( '{lastdate}', langdate( "j F Y H:i", $row['lastdate'] ) );
$tpl->set('{stag}', stag(reg_date));
$_IP = $db->safesql( $_SERVER['REMOTE_ADDR'] );
$tpl->set( '{ip}', $_IP );
$tpl->set( '{allowed-ip}', stripslashes( str_replace( "|", "\n", $row['allowed_ip'] ) ) );
$tpl->set( '{editinfo}', $parse->decodeBBCodes( $row['info'], false ) );
if( $user_group[$row['user_group']]['allow_signature'] ) $tpl->set( '{editsignature}', $parse->decodeBBCodes( $row['signature'], false ) );
else $tpl->set( '{editsignature}', $lang['sig_not_allowed'] );
if( $row['comm_num'] ) {$tpl->set( '{comments}', "<a href=\"$PHP_SELF?do=lastcomments&amp;userid=" . $row['user_id'] . "\">" . $lang['last_comm'] . "</a>" );
} else {$tpl->set( '{comments}', $lang['last_comm'] );}
if( $row['news_num'] ) {
$tpl->set( '{news}', "<a href=\"" . $config['http_home_url'] . "user/" . urlencode( $row['name'] ) . "/news/" . "\">" . $lang['all_user_news'] . "</a>" );
} else {
$tpl->set( '{news}', $lang['all_user_news'] );
}
if( $row['signature'] and $user_group[$row['user_group']]['allow_signature'] ) {
$tpl->set_block( "'\\[signature\\](.*?)\\[/signature\\]'si", "\\1" );
$tpl->set( '{signature}', stripslashes( $row['signature'] ) );
} else {
$tpl->set_block( "'\\[signature\\](.*?)\\[/signature\\]'si", "" );
}
@include (SYSTEM_DIR.'/modules/reputation.php');
if( $is_logged and ($member_id['user_id'] == $row['user_id'] or $member_id['user_group'] == 1) ) {
$tpl->set( '{edituser}', "[ <a href=\"javascript:ShowOrHide('options')\">" . $lang['news_option'] . "</a> ]" );
} else $tpl->set( '{edituser}', "" );
if( $is_logged and ($member_id['user_id'] == $row['user_id'] or $member_id['user_group'] == 1) ) {
$tpl->set( '[not-logged]', "" );
$tpl->set( '[/not-logged]', "" );
} else $tpl->set_block( "'\\[not-logged\\](.*?)\\[/not-logged\\]'si", "<!-- profile -->" );
if( $is_logged and ($user_group[$member_id['user_group']]['admin_editusers']) ) {
$tpl->set( '{adminim}', "[ <a href=\"javascript: void(0)\" onclick=\"window.open('/".$config['admin_path']."?mod=editusers&action=edituser&id=".$row['user_id']."', 'windowname1', 'width=600, height=650')\"><font color=red>Óïðàâëåíèå</font></a> ]");
$tpl->set( '[admin]', "" );
$tpl->set( '[/admin]', "" );
} else {
$tpl->set( '{adminim}', "" );
$tpl->set_block( "'\\[admin\\](.*?)\\[/admin\\]'si", "<!-- profile -->" );
}
$link_profile = $config['http_home_url'] . "user/" . urlencode( $row['name'] ) . "/";
if( $is_logged and ($member_id['user_id'] == $row['user_id'] or $member_id['user_group'] == 1) ) {
$tpl->copy_template = "<form method=\"post\" name=\"userinfo\" id=\"userinfo\" enctype=\"multipart/form-data\" action=\"{$link_profile}\">" . $tpl->copy_template . "
<input type=\"hidden\" name=\"doaction\" value=\"adduserinfo\" />
<input type=\"hidden\" name=\"id\" value=\"{$row['user_id']}\" />
<input type=\"hidden\" name=\"dle_allow_hash\" value=\"{$dle_login_hash}\" />
</form>";
}$tpl->compile( 'content' );
}
$tpl->clear();
$db->free( $sql_result );
if( $user_found == FALSE ) {
$allow_active_news = false;
msgbox( $lang['all_err_1'], $lang['news_err_26'] );
}
?>

327
system/modules/register.php Normal file
View File

@@ -0,0 +1,327 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {
die( "Hacking attempt!" );
}
require_once SYSTEM_DIR . '/classes/parse.class.php';
$parse = new ParseFilter( );
$parse->safe_mode = true;
$parse->allow_url = false;
$parse->allow_image = false;
$stopregistration = FALSE;
if( isset( $_REQUEST['doaction'] ) ) $doaction = $_REQUEST['doaction']; else $doaction = "";
$config['reg_group'] = intval( $config['reg_group'] ) ? intval( $config['reg_group'] ) : 4;
function check_reg($name, $email, $password1, $password2, $sec_code = 1, $sec_code_session = 1) {
global $lang, $db, $banned_info;
$stop = "";
if( $sec_code != $sec_code_session or ! $sec_code_session ) $stop .= $lang['reg_err_19'];
if( $password1 != $password2 ) $stop .= $lang['reg_err_1'];
if( strlen( $password1 ) < 6 ) $stop .= $lang['reg_err_2'];
if( strlen( $name ) > 20 ) $stop .= $lang['reg_err_3'];
if( preg_match( "/[\||\'|\<|\>|\[|\]|\"|\!|\?|\$|\@|\/|\\\|\&\~\*\{\+]/", $name ) ) $stop .= $lang['reg_err_4'];
if( empty( $email ) OR strlen( $email ) > 50 OR @count(explode("@", $email)) != 2) $stop .= $lang['reg_err_6'];
if( $name == "" ) $stop .= $lang['reg_err_7'];
if (strpos( strtolower ($name) , '.php' ) !== false) $stop .= $lang['reg_err_4'];
if( count( $banned_info['name'] ) ) foreach ( $banned_info['name'] as $banned ) {
$banned['name'] = str_replace( '\*', '.*', preg_quote( $banned['name'], "#" ) );
if( $banned['name'] and preg_match( "#^{$banned['name']}$#i", $name ) ) {
if( $banned['descr'] ) {
$lang['reg_err_21'] = str_replace( "{descr}", $lang['reg_err_22'], $lang['reg_err_21'] );
$lang['reg_err_21'] = str_replace( "{descr}", $banned['descr'], $lang['reg_err_21'] );
} else
$lang['reg_err_21'] = str_replace( "{descr}", "", $lang['reg_err_21'] );
$stop .= $lang['reg_err_21'];
}
}
if( count( $banned_info['email'] ) ) foreach ( $banned_info['email'] as $banned ) {
$banned['email'] = str_replace( '\*', '.*', preg_quote( $banned['email'], "#" ) );
if( $banned['email'] and preg_match( "#^{$banned['email']}$#i", $email ) ) {
if( $banned['descr'] ) {
$lang['reg_err_23'] = str_replace( "{descr}", $lang['reg_err_22'], $lang['reg_err_23'] );
$lang['reg_err_23'] = str_replace( "{descr}", $banned['descr'], $lang['reg_err_23'] );
} else
$lang['reg_err_23'] = str_replace( "{descr}", "", $lang['reg_err_23'] );
$stop .= $lang['reg_err_23'];
}
}
if( $stop == "" ) {
$replace_word = array ('e' => '[eå¸]', 'r' => '[rã]', 't' => '[tò]', 'y' => '[yó]', 'u' => '[uè]', 'i' => '[i1l!]', 'o' => '[oî0]', 'p' => '[pð]', 'a' => '[aà]', 's' => '[s5]', 'w' => 'w', 'q' => 'q', 'd' => 'd', 'f' => 'f', 'g' => '[gä]', 'h' => '[hí]', 'j' => 'j', 'k' => '[kê]', 'l' => '[l1i!]', 'z' => 'z', 'x' => '[xõ%]', 'c' => '[cñ]', 'v' => '[vuè]', 'b' => '[bâü]', 'n' => '[nïë]', 'm' => '[mì]', 'é' => '[éèu]', 'ö' => 'ö', 'ó' => '[óy]', 'å' => '[åe¸]', 'í' => '[íh]', 'ã' => '[ãr]', 'ø' => '[øwù]', 'ù' => '[ùwø]', 'ç' => '[ç3ý]', 'õ' => '[õx%]', 'ú' => '[úü]', 'ô' => 'ô', 'û' => '(û|ü[i1l!]?)', 'â' => '[âb]', 'à' => '[àa]', 'ï' => '[ïn]', 'ð' => '[ðp]', 'î' => '[îo0]', 'ë' => '[ën]', 'ä' => 'ä', 'æ' => 'æ', 'ý' => '[ý3ç]', 'ÿ' => '[ÿ]', '÷' => '[÷4]', 'ñ' => '[ñc]', 'ì' => '[ìm]', 'è' => '[èué]', 'ò' => '[òt]', 'ü' => '[üb]', 'á' => '[á6]', 'þ' => '(þ|[!1il][oî0])', '¸' => '[¸åe]', '1' => '[1il!]', '2' => '2', '3' => '[3çý]', '4' => '[4÷]', '5' => '[5s]', '6' => '[6á]', '7' => '7', '8' => '8', '9' => '9', '0' => '[0îo]', '_' => '_', '#' => '#', '%' => '[%x]', '^' => '[^~]', '(' => '[(]', ')' => '[)]', '=' => '=', '.' => '[.]', '-' => '-' );
$name = strtolower( $name );
$search_name = strtr( $name, $replace_word );
$row = $db->super_query( "SELECT COUNT(*) as count FROM " . USERPREFIX . "_users WHERE email = '$email' OR LOWER(name) REGEXP '[[:<:]]{$search_name}[[:>:]]' OR name = '$name'" );
if( $row['count'] ) $stop .= $lang['reg_err_8'];
}
return $stop;
}
if( isset( $_POST['submit_reg'] ) ) {
if( $config['allow_sec_code'] == "yes" ) {
$sec_code = $_POST['sec_code'];
$sec_code_session = ($_SESSION['sec_code_session'] != '') ? $_SESSION['sec_code_session'] : false;
} else {
$sec_code = 1;
$sec_code_session = 1;
}
$password1 = $_POST['password1'];
$password2 = $_POST['password2'];
$name = $db->safesql( $parse->process( htmlspecialchars( trim( $_POST['name'] ) ) ) );
$name = preg_replace('#\s+#i', ' ', $name);
$not_allow_symbol = array ("\x22", "\x60", "\t", '\n', '\r', "\n", "\r", '\\', ",", "/", "¬", "#", ";", ":", "~", "[", "]", "{", "}", ")", "(", "*", "^", "%", "$", "<", ">", "?", "!", '"', "'", " " );
$email = $db->safesql(trim( str_replace( $not_allow_symbol, '', strip_tags( stripslashes( $_POST['email'] ) ) ) ) );
$reg_error = check_reg( $name, $email, $password1, $password2, $sec_code, $sec_code_session );
if( ! $reg_error ) {
if( $config['registration_type'] ) {
include_once SYSTEM_DIR . '/classes/mail.class.php';
$mail = new dle_mail( $config );
$row = $db->super_query( "SELECT template FROM " . PREFIX . "_email where name='reg_mail' LIMIT 0,1" );
$row['template'] = stripslashes( $row['template'] );
$idlink = rawurlencode( base64_encode( $name . "||" . $email . "||" . md5( $password1 ) . "||" . md5( sha1( $name . $email . DBHOST . DBNAME . $config['key'] ) ) ) );
$row['template'] = str_replace( "{%username%}", $name, $row['template'] );
$row['template'] = str_replace( "{%validationlink%}", $config['http_home_url'] . "index.php?do=register&doaction=validating&id=" . $idlink, $row['template'] );
$row['template'] = str_replace( "{%password%}", $password1, $row['template'] );
$mail->send( $email, $lang['reg_subj'], $row['template'] );
if( $mail->send_error ) msgbox( $lang['all_info'], $mail->smtp_msg );
else msgbox( $lang['reg_vhead'], $lang['reg_vtext'] );
$_SESSION['sec_code_session'] = false;
$stopregistration = TRUE;
} else {
$doaction = "validating";
$_REQUEST['id'] = rawurlencode( base64_encode( $name . "||" . $email . "||" . md5( $password1 ) . "||" . md5( sha1( $name . $email . DBHOST . DBNAME . $config['key'] ) ) ) );
}
} else {
msgbox( $lang['reg_err_11'], "<ul>" . $reg_error . "</ul>" );
}
}
if( $doaction != "validating" and ! $stopregistration ) {
$tpl->load_template( 'registration.tpl' );
$tpl->set( '[registration]', "" );
$tpl->set( '[/registration]', "" );
$tpl->set_block( "'\\[validation\\](.*?)\\[/validation\\]'si", "" );
$path = parse_url( $config['http_home_url'] );
$tpl->set( '[sec_code]', "" );
$tpl->set( '[/sec_code]', "" );
$tpl->set( '{reg_code}', "<span id=\"dle-captcha\"><a onclick=\"reload(); return false;\" href=\"#\"><img src=\"" . $path['path'] . "system/modules/antibot.php\" alt=\"{$lang['sec_image']}\" border=\"0\" /></a></span>" );
$tpl->copy_template = "<form method=\"post\" name=\"registration\" onsubmit=\"if (!check_reg_daten()) {return false;};\" id=\"registration\" action=\"" . $config['http_home_url'] . "index.php?do=register\">\n" . $tpl->copy_template . "
<input name=\"submit_reg\" type=\"hidden\" id=\"submit_reg\" value=\"submit_reg\" />
</form>";
$tpl->copy_template .= <<<HTML
<script language='javascript' type="text/javascript">
<!--
function reload () {
var rndval = new Date().getTime();
document.getElementById('dle-captcha').innerHTML = '<a onclick="reload(); return false;" href="#"><img src="{$path['path']}system/modules/antibot.php?rndval=' + rndval + '" border="0" width="120" height="50" alt="" /></a>';
};
function check_reg_daten () {
if(document.forms.registration.name.value == '') {
alert('{$lang['reg_err_30']}');return false;
}
if(document.forms.registration.password1.value.length < 6) {
alert('{$lang['reg_err_31']}');return false;
}
if(document.forms.registration.password1.value != document.forms.registration.password2.value) {
alert('{$lang['reg_err_32']}');return false;
}
if(document.forms.registration.email.value == '') {
alert('{$lang['reg_err_33']}');return false;
}
if(document.forms.registration.email.value == '') {
alert('{$lang['reg_err_33']}');return false;
}
return true;
};
//-->
</script>
HTML;
$tpl->compile( 'content' );
$tpl->clear();
}
if( isset( $_POST['submit_val'] ) ) {
$fullname = $db->safesql( $parse->process( $_POST['fullname'] ) );
$land = $db->safesql( $parse->process( $_POST['land'] ) );
$icq = intval( str_replace("-", "", $_POST['icq'] ) );
if( $icq < 1 ) $icq = "";
$skype = $db->safesql( $parse->process( $_POST['skype'] ) );
$info = $db->safesql( $parse->BB_Parse( $parse->process( $_POST['info'] ), false ) );
$image = $_FILES['image']['tmp_name'];
$image_name = $_FILES['image']['name'];
$image_size = $_FILES['image']['size'];
$image_name = str_replace( " ", "_", $image_name );
$img_name_arr = explode( ".", $image_name );
$type = totranslit( end( $img_name_arr ) );
if( stripos ( $image_name, "php" ) !== false ) die("Hacking attempt!");
$user_arr = explode( "||", base64_decode( @rawurldecode( $_POST['id'] ) ) );
if( $user_arr[0] == "" OR $user_arr[2]== "" ) die("Hacking attempt!");
$user = $db->safesql( trim( $user_arr[0] ) );
$email = $db->safesql( trim( $user_arr[1] ) );
$pass = md5( $user_arr[2] );
if( md5( sha1( $user . $email . DBHOST . DBNAME . $config['key'] ) ) != $user_arr[3] ) die( 'ID not valid!' );
if( preg_match( "/[\||\'|\<|\>|\[|\]|\"|\!|\?|\$|\@|\/|\\\|\&\~\*\{\+]/", $user ) ) die( 'USER not valid!' );
$row = $db->super_query( "SELECT * FROM " . USERPREFIX . "_users WHERE name = '$user' AND password='$pass'" );
if( !$row['user_id'] ) die("Access Denied!");
$db->free();
//Çàãðóæàåì àâàòàðêó
if( is_uploaded_file( $image ) and ! $stop ) {
if( intval( $user_group[$member_id['user_group']]['max_foto'] ) > 0 ) {
if( $image_size < ($config['max_ava_size'] * 1024) ) {
$allowed_extensions = array ("jpg", "png", "jpe", "jpeg", "gif" );
if( in_array( $type, $allowed_extensions ) AND $image_name ) {
include_once SYSTEM_DIR . '/classes/thumb.class.php';
$res = @move_uploaded_file( $image, ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type );
if( $res ) {
@chmod( ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type, 0666 );
$thumb = new thumbnail( ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type );
$thumb->size_auto( $user_group[$config['reg_group']]['max_foto'] );
$thumb->jpeg_quality( $config['jpeg_quality'] );
$thumb->save( ROOT_DIR . "/uploads/fotos/foto_" . $row['user_id'] . "." . $type );
@unlink( ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type );
$foto_name = "foto_" . $row['user_id'] . "." . $type;
$db->query( "UPDATE " . USERPREFIX . "_users set foto='$foto_name' where user_id='{$row['user_id']}'" );
} else $stop = $lang['reg_err_12'];
} else $stop = $lang['reg_err_13'];
} else $stop = $lang['news_err_16'];
} else $stop .= $lang['news_err_32'];
}
if( intval( $user_group[$member_id['user_group']]['max_info'] ) > 0 and strlen( $info ) > $user_group[$member_id['user_group']]['max_info'] ) $stop .= $lang['reg_err_14'];
if (preg_match ("/href|url|http|www|\.ru|\.com|\.net|\.info|\.org/i", $_POST['info'])) $stop .= $lang['news_err_url'];
if( strlen( $fullname ) > 100 ) $stop .= $lang['reg_err_15'];
if( strlen( $land ) > 100 ) $stop .= $lang['reg_err_16'];
if( strlen( $icq ) > 20 ) $stop .= $lang['reg_err_17'];
if( strlen( $skype ) > 32 ) $stop .= 'Ñëèøêîì äëèííûé ëîãèí Skype';
if ( preg_match( "/[\||\'|\<|\>|\"|\!|\]|\?|\$|\@|\/|\\\|\&\~\*\+]/", $skype ) ) {$stop .= 'Íåäîïóñòèìûå ñèìâîëû â ëîãèíå Skype';}
if( $parse->not_allowed_tags ) $stop .= $lang['news_err_34'];
if ( preg_match( "/[\||\'|\<|\>|\"|\!|\]|\?|\$|\@|\/|\\\|\&\~\*\+]/", $fullname ) ) {$stop .= $lang['news_err_35'];}
if ( preg_match( "/[\||\'|\<|\>|\"|\!|\]|\?|\$|\@|\/|\\\|\&\~\*\+]/", $land ) ) {$stop .= $lang['news_err_36'];}
if( $stop ) {msgbox( $lang['reg_err_18'], $stop );
} else {
$db->query( "UPDATE " . USERPREFIX . "_users set fullname='$fullname', info='$info', land='$land', icq='$icq', skype='$skype' where user_id='{$row['user_id']}'" );
msgbox( $lang['reg_ok'], $lang['reg_ok_1'] );
$stopregistration = TRUE;
}
}
if( $doaction == "validating" AND !$stopregistration AND !$_POST['submit_val'] ) {
$user_arr = explode( "||", base64_decode( @rawurldecode( $_REQUEST['id'] ) ) );
$regpassword = md5( $user_arr[2] );
$name = trim( $db->safesql( htmlspecialchars( $parse->process( $user_arr[0] ) ) ) );
$not_allow_symbol = array ("\x22", "\x60", "\t", '\n', '\r', "\n", "\r", '\\', ",", "/", "¬", "#", ";", ":", "~", "[", "]", "{", "}", ")", "(", "*", "^", "%", "$", "<", ">", "?", "!", '"', "'", " " );
$email = $db->safesql(trim( str_replace( $not_allow_symbol, '', strip_tags( stripslashes( $user_arr[1] ) ) ) ) );
if( md5( sha1( $name . $email . DBHOST . DBNAME . $config['key'] ) ) != $user_arr[3] ) die( 'ID not valid!' );
$name = preg_replace('#\s+#i', ' ', $name);
$reg_error = check_reg( $name, $email, $regpassword, $regpassword );
if( $reg_error != "" ) {
msgbox( $lang['reg_err_11'], $reg_error );
$stopregistration = TRUE;
} else {
if( ($_REQUEST['step'] != 2) and $config['registration_type'] ) {
$stopregistration = TRUE;
$lang['confirm_ok'] = str_replace( '{email}', $email, $lang['confirm_ok'] );
$lang['confirm_ok'] = str_replace( '{login}', $name, $lang['confirm_ok'] );
msgbox( $lang['all_info'], $lang['confirm_ok'] . "<br /><br /><a href=\"" . $config['http_home_url'] . "index.php?do=register&doaction=validating&step=2&id=" . rawurlencode( $_REQUEST['id'] ) . "\">" . $lang['reg_next'] . "</a>" );
} else {
$add_time = time() + ($config['date_adjust'] * 60);
$_IP = $db->safesql( $_SERVER['REMOTE_ADDR'] );
if( intval( $config['reg_group'] ) < 3 ) $config['reg_group'] = 4;
$db->query( "INSERT INTO " . USERPREFIX . "_users (name, password, email, reg_date, lastdate, user_group, info, signature, favorites, logged_ip) VALUES ('$name', '$regpassword', '$email', '$add_time', '$add_time', '" . $config['reg_group'] . "', '', '', '', '" . $_IP . "')" );
$id = $db->insert_id();
set_cookie( "dle_user_id", $id, 365 );
set_cookie( "dle_password", $user_arr[2], 365 );
@session_register( 'dle_user_id' );
@session_register( 'dle_password' );
$_SESSION['dle_user_id'] = $id;
$_SESSION['dle_password'] = $user_arr[2];
}
}
}
if( $doaction == "validating" and ! $stopregistration ) {
$tpl->load_template( 'registration.tpl' );
$tpl->set( '[validation]', "" );
$tpl->set( '[/validation]', "" );
$tpl->set_block( "'\\[registration\\].*?\\[/registration\\]'si", "" );
$_REQUEST['id'] = htmlspecialchars( $_REQUEST['id'], ENT_QUOTES );
$tpl->copy_template = "<form method=\"post\" name=\"registration\" enctype=\"multipart/form-data\" action=\"" . $PHP_SELF . "\">\n" . $tpl->copy_template . "
<input name=\"submit_val\" type=\"hidden\" id=\"submit_val\" value=\"submit_val\" />
<input name=\"do\" type=\"hidden\" id=\"do\" value=\"register\" />
<input name=\"doaction\" type=\"hidden\" id=\"doaction\" value=\"validating\" />
<input name=\"id\" type=\"hidden\" id=\"id\" value=\"{$_REQUEST['id']}\" />
</form>";
$tpl->compile( 'content' );
$tpl->clear();
}
?>

View File

@@ -0,0 +1,104 @@
<?php
if(!defined('DATALIFEENGINE')){die("Hacking attempt!");}
if (intval($row['user_id']) != 0)
{
if ($row['repa_off'] == 0)
{
$repa_mod_mas = explode ("|", $row['repa_mod']);
$repa_type = "(<font color=green><b>".$repa_mod_mas[0]."</b></font><b>|</b><font color=red><b>".$repa_mod_mas[1]."</b></font>)";
$repa_minus = "<a OnClick=\"Reputation('0', '$row[user_id]');\"><img src='{THEME}/images/repa_dn.gif' alt='-' border='0' /></a>&nbsp;";
$repa_plus = "&nbsp;<a OnClick=\"Reputation('1', '$row[user_id]');\"><img src='{THEME}/images/repa_up.gif' alt='+' border='0' /></a>";
$tpl->set('{repa}', "<span id='repa-".$row['user_id']."'>".$repa_plus." <a href=\"".$config['http_home_url']."user/reputation/".urlencode($row['name'])."/\">".$repa_type."</a> ".$repa_minus."</span>");
} else {
$tpl->set('{repa}', "Âûêë.");
}
}
else
{
$tpl->set('{repa}', " 0");
}
if( $_REQUEST['action'] == "list" ) {
$user = $db->safesql( htmlspecialchars( urldecode( $_REQUEST['user'] ) ) );
include_once SYSTEM_DIR.'/data/repa.php';
include_once ROOT_DIR . '/language/' . $config['langs'] . '/website_repa.lng';
if($repa_cf['status']=='no'){
msgbox ($lang['all_err_1'], $lang_repa['gen_status_off']);
}else{
$sql_result = $db->query("SELECT * FROM " . USERPREFIX . "_users where name = '$user'");
while($row = $db->get_row($sql_result)){
$user_found = TRUE;
$repa_off = $row['repa_off'];
}
if ($repa_off == 0){
$limit = intval($repa_cf['res_site']);
$pass = $db->super_query("SELECT COUNT(*) as count FROM `" . USERPREFIX . "_reputation` where `komu` = '$user'");
$posts = $pass['count'];
if($posts == 0)
{
if ($user_found == TRUE)
{
$tpl->load_template('reputation.tpl');
$tpl->set('{usertitle}',"<a href=\"".$config['http_home_url']."user/".urlencode($user)."/\">".$user."</a>");
$tpl->set('{history_content}', 'Èçìåíåíèé íåáûëî');
}
}else{
$page = intval( $_REQUEST['cstart'] );
$total = intval( ( ( $posts - 1 ) / $limit ) + 1 );
if( $page <= 0 ) $page = 1;
if( $page > $total ) $page = $total;
$start = $page * $limit - $limit;
$i = $start;
$result = $db->query("SELECT * FROM `" . USERPREFIX . "_reputation` WHERE `komu`='$user' ORDER BY `date` DESC LIMIT " . $start . "," . $limit);
$repa_list = "<table width=100% class=userstop><tr bgcolor=#F2F2F2><td><div align=center><strong>Àâòîð</strong></div></td><td><div align=center><strong>Êîììåíòàðèé</strong></div></td><td><div align=center><strong>Äàòà</strong></div></td><td></td></tr>";
while($row = $db->get_row($result))
{
$i ++;
if ($repa_cf['robot'] == $row['author']) $auth_link = $row['author'];
else{$auth_link = "<a href=\"".$config['http_home_url']."user/".urlencode($row['author'])."/\">".$row['author']."</a>";}
switch($row['how'])
{
case($row['how'] > 0): $how = '<img src="{THEME}/images/repa_up.gif" alt="'.$lang_repa['repa_up'].'">'; break;
case($row['how'] < 0): $how = '<img src="{THEME}/images/repa_dn.gif" alt="'.$lang_repa['repa_down'].'">'; break;
case($row['how'] == "totalminus"): $how = '<img src="{THEME}/images/repa_adm.png" alt="'.$lang_repa['repa_adm'].'" title="Ïîíèæåíèå íà '.$repa_cf[adm_minus].' ïóíêòîâ">'; break;
case($row['how'] == "totalplus"): $how = '<img src="{THEME}/images/repa_adm_p.png" alt="'.$lang_repa['repa_adm'].'" title="Ïîâûøåíèå íà '.$repa_cf[adm_plus].' ïóíêòîâ">'; break;
}
$row['date'] = strtotime($row['date']);
if( date( Ymd, $row['date'] ) == date( Ymd, $_TIME ) )$date = $lang['time_heute'] . langdate( ", H:i", $row['date'] );
elseif( date( Ymd, $row['date'] ) == date( Ymd, ($_TIME - 86400) ) )$date = $lang['time_gestern'] . langdate( ", H:i", $row['date'] );
else $date = langdate( $config['timestamp_active'], $row['date'] );
if ($repa_cf['comm_page'] == 1 AND $row['url_page']) $row['text'] .= "<br>Èçìåíåíî íà ýòîé <a href=\"".$row['url_page']."\">ñòðàíèöå</a>.";
$repa_list .= "<tr><td width=18% align=center>".$auth_link."</td><td width=40% align=center>".$row['text']."</td><td width=15% align=center>".$date."</td><td width=2% align=center>".$how."</td></tr>";
}
$repa_list .= "</table>";
$tpl->load_template('reputation.tpl');
$tpl->set('{usertitle}',"<a href=\"".$config['http_home_url']."user/".urlencode($user)."/\">".$user."</a>");
$tpl->set('{history_content}', $repa_list);
$tpl->compile('content');
$tpl->clear();
$nav = "/user/reputation/".$user."/page/{page}";
CreateNavigation( $nav, $page, $total );
}
$tpl->compile('content');
$tpl->clear();
$db->free();
}
else msgbox ($lang['all_err_1'], "Ïîëüçîâàòåëü îòêëþ÷èë ðåïóòàöèþ â ñâîèõ íàñòðîéêàõ. Âû íå ìîæåòå ïðîñìîòðåòü èñòîðèþ åãî ðåïóòàöèè.<br /><a href=\"javascript:history.go(-1)\">Âåðíóòüñÿ íàçàä.</a>");
if ($user_found == FALSE) { msgbox ($lang['all_err_1'], $lang['news_err_26']); }
}
}
?>

80
system/modules/rss.php Normal file
View File

@@ -0,0 +1,80 @@
<?php
if(!defined('DATALIFEENGINE')){die("Hacking attempt!");}
$rss_content = <<<XML
<?xml version="1.0" encoding="{$config['charset']}"?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/">
<channel>
<title>{$config['home_title']}</title>
<link>{$config['http_home_url']}</link>
<language>ru</language>
<description>{$config['description']}</description>
<generator>Files-Sib.NET</generator>
XML;
if($doaction=="comments"){
if($id = intval($_GET['news'])){
$where = "AND post_id = '".intval($id)."'";
}else{$where = "";}
$sql_comments = "SELECT c.autor, c.text, c.post_id, c.autor, p.alt_name FROM " . PREFIX . "_comments c, " . PREFIX . "_post p WHERE c.post_id=p.id $where order by c.date desc limit 0,". $config['rss_comm_number'];
$sql_result = $db->query ($sql_comments);
$i = 0;
while ($row = $db->get_row ($sql_result)){
$i++;
$author = "<a href=\"".$config['http_home_url']."user/".urlencode($row['autor'])."/\">".$row['autor']."</a>";
$row['text'] = preg_replace ( "#\[hide\](.+?)\[/hide\]#is", "ТекÑ<EFBFBD>Ñ Ñ‚Ð¾Ð»ÑŒÐºÐ¾ длÑ<C2BB> зарегиÑ<C2B8>ÑрированнÑÑ…", $row['text'] );
$full_link = $config['http_home_url'] . $row['post_id'] . "-" . $row['alt_name'] . ".html";
$rss_content .= <<<XML
<item>
<title>#{$i}</title>
<link>{$full_link}</link>
<description><![CDATA[{$row['text']}<br><br><b>Àâòîð:</b> {$author}]]></description>
<author>{$row['autor']}</author>
</item>
XML;
}
} elseif ($doaction=="news") {
if($category_id = get_ID ( $cat_info, $_GET['category'])){
$get_cats = get_sub_cats ( $category_id );
if ($config['allow_multi_category']) {
$where_category = "AND category regexp '[[:<:]](" . $get_cats . ")[[:>:]]'";
} else {
$get_cats = str_replace ( "|", "','", $get_cats );
$where_category = "AND category IN ('" . $get_cats . "')";
}
} else $where_category = "";
$sql_select = "SELECT id, autor, date, short_story, title, category, alt_name, remote_addr FROM cms_post WHERE approve {$where_category}";
if ($config['rss_mtype']) $sql_select .= " AND allow_main=1";
$sql_select .= " ORDER BY " . $config['news_sort'] . " " . $config['news_msort'] . " LIMIT 0," . $config['rss_number'];
$sql_results = $db->query($sql_select);
$i = 0;
while($row = $db->get_row($sql_results)){
$i++;
$date = date( $row['date'] );
if( $row['remote_addr'] != "" ) {$full_link = $config['http_home_url'] . "out.php?url=" . rawurlencode( base64_encode( $row['remote_addr'] ) );
} else {$full_link = $config['http_home_url'] . $row['id'] . "-" . $row['alt_name'] . ".html";}
$rss_content .= <<<XML
<item>
<title>{$row['title']}</title>
<guid isPermaLink="true">{$full_link}</guid>
<link>{$full_link}</link>
<description><![CDATA[{$row['short_story']}]]></description>
<category><![CDATA[{category}]]></category>
<dc:creator>{$row['autor']}</dc:creator>
<pubDate>{$date}</pubDate>
</item>
XML;
}
}
$rss_content .= '</channel></rss>';
header( 'Content-type: application/xml' );
die($rss_content);
?>

930
system/modules/search.php Normal file
View File

@@ -0,0 +1,930 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {
die( "Hacking attempt!" );
}
if( ! $user_group[$member_id['user_group']]['allow_search'] ) {
$lang['search_denied'] = str_replace( '{group}', $user_group[$member_id['user_group']]['group_name'], $lang['search_denied'] );
msgbox( $lang['all_info'], $lang['search_denied'] );
} else {
function strip_data($text) {
$quotes = array ("\x27", "\x22", "\x60", "\t", "\n", "\r", "'", ",", "/", "¬", ";", ":", "@", "~", "[", "]", "{", "}", "=", ")", "(", "*", "&", "^", "%", "$", "<", ">", "?", "!", '"' );
$goodquotes = array ("-", "+", "#" );
$repquotes = array ("\-", "\+", "\#" );
$text = stripslashes( $text );
$text = trim( strip_tags( $text ) );
$text = str_replace( $quotes, '', $text );
$text = str_replace( $goodquotes, $repquotes, $text );
return $text;
}
$count_result = 0;
$sql_count = "";
$sql_find = "";
$config['search_length_min'] = 3; // Ìèíèìàëüíîå êîëè÷åñòâî ñèìâîëîâ â ñëîâå ïîèñêà
$tpl->load_template( 'search.tpl' );
$config['search_number'] = intval($config['search_number']);
if ( $config['search_number'] < 1) $config['search_number'] = 10;
$this_date = date( "Y-m-d H:i:s", $_TIME );
if( intval( $config['no_date'] ) ) $this_date = " AND " . PREFIX . "_post.date < '" . $this_date . "'"; else $this_date = "";
if( isset( $_REQUEST['story'] ) ) $story = substr( strip_data( $_REQUEST['story'] ), 0, 90 ); else $story = "";
if( isset( $_REQUEST['search_start'] ) ) $search_start = intval( $_REQUEST['search_start'] ); else $search_start = 0;
if( isset( $_REQUEST['titleonly'] ) ) $titleonly = intval( $_REQUEST['titleonly'] ); else $titleonly = 0;
if( isset( $_REQUEST['searchuser'] ) ) $searchuser = substr( strip_data( $_REQUEST['searchuser'] ), 0, 40 ); else $searchuser = "";
if( isset( $_REQUEST['exactname'] ) ) $exactname = $_REQUEST['exactname']; else $exactname = "";
if( isset( $_REQUEST['all_word_seach'] ) ) $all_word_seach = intval($_REQUEST['all_word_seach']); else $all_word_seach = 0;
if( isset( $_REQUEST['replyless'] ) ) $replyless = intval( $_REQUEST['replyless'] ); else $replyless = 0;
if( isset( $_REQUEST['replylimit'] ) ) $replylimit = intval( $_REQUEST['replylimit'] ); else $replylimit = 0;
if( isset( $_REQUEST['searchdate'] ) ) $searchdate = intval( $_REQUEST['searchdate'] ); else $searchdate = 0;
if( isset( $_REQUEST['beforeafter'] ) ) $beforeafter = strip_data( $_REQUEST['beforeafter'] ); else $beforeafter = "after";
if ($config['full_search']) {if( isset( $_REQUEST['sortby'] ) ) $sortby = strip_data( $_REQUEST['sortby'] ); else $sortby = "";
} else {if( isset( $_REQUEST['sortby'] ) ) $sortby = strip_data( $_REQUEST['sortby'] ); else $sortby = "date";}
if( isset( $_REQUEST['resorder'] ) ) $resorder = strip_data( $_REQUEST['resorder'] ); else $resorder = "desc";
if( isset( $_REQUEST['showposts'] ) ) $showposts = intval( $_REQUEST['showposts'] ); else $showposts = 0;
if( isset( $_REQUEST['result_from'] ) ) $result_from = intval( $_REQUEST['result_from'] ); else $result_from = 1; // Ïîêàçàòü ñòðàíèöó ñ ðåçóëüòàòîì ¹ ÕÕÕ
$full_search = intval( $_REQUEST['full_search'] );
if( !count( $_REQUEST['catlist'] ) ) {
$catlist = array ();
$catlist[] = '0';
} else $catlist = $_REQUEST['catlist'];
$category_list = array();
foreach ( $catlist as $value ) {$category_list[] = intval($value);}
$category_list = $db->safesql( implode( ',', $category_list ) );
$findstory = stripslashes( $story ); // Äëÿ âûâîäà â ïîëå ïîèñêà
if ($titleonly == 2 AND !empty( $searchuser ) ) $searchuser = "";
if( empty( $story ) AND !empty( $searchuser ) AND $titleonly != 2) $story = "___SEARCH___ALL___";
if( $search_start < 0 ) $search_start = 0; // Íà÷àëüíàÿ ñòðàíèöà ïîèñêà
if( $titleonly < 0 or $titleonly > 3 ) $titleonly = 0; // Èñêàòü â çàãîëîâêàõ, ñòàòüÿõ, äîïîëíèòåëüíûõ ïîëÿõ, êîììåíòàðèÿõ èëè âåçäå
if( $replyless < 0 or $replyless > 1 ) $replyless = 0; // Èñêàòü áîëüøå èëè ìåíüøå îòâåòîâ
if( $replylimit < 0 ) $replylimit = 0; // Ëèìèò îòâåòîâ
if( $showposts < 0 or $showposts > 1 ) $showposts = 0; // Èñêàòü â ñòàòüÿõ èëè êîììåíòàðèÿõ þçåðà
$listdate = array (0, - 1, 1, 7, 14, 30, 90, 180, 365 ); // Èñêàòü çà ïåðèîä ÕÕÕ äíåé
if( ! (in_array( $searchdate, $listdate )) ) $searchdate = 0;
if( $beforeafter != "after" and $beforeafter != "before" ) $beforeafter = "after"; // Èñêàòü äî èëè ïîñëå ïåðèîäà äíåé
$listsortby = array ("date", "title", "comm_num", "news_read", "autor", "category", "rating" );
if ($config['full_search']) {if( ! (in_array( $sortby, $listsortby )) ) $sortby = ""; // Ñîðòèðîâàòü ïî ïîëÿì
} else {if( ! (in_array( $sortby, $listsortby )) ) $sortby = "date";} // Ñîðòèðîâàòü ïî ïîëÿì}
$listresorder = array ("desc", "asc" );
if( ! (in_array( $resorder, $listresorder )) ) $resorder = "desc"; // Ñîðòèðîâàòü ïî âîçðàñòàþùåé èëè óáûâàþùåé
// Îïðåäåëåíèå âûáðàííûõ ðàíåå îïöèé, ïåðåäàííûõ â ôîðìå
$titleonly_sel = array ('0' => '', '1' => '', '2' => '', '3' => '' );
$titleonly_sel[$titleonly] = 'selected="selected"';
$replyless_sel = array ('0' => '', '1' => '' );
$replyless_sel[$replyless] = 'selected="selected"';
$searchdate_sel = array ('0' => '', '-1' => '', '1' => '', '7' => '', '14' => '', '30' => '', '90' => '', '180' => '', '365' => '' );
$searchdate_sel[$searchdate] = 'selected="selected"';
$beforeafter_sel = array ('after' => '', 'before' => '' );
$beforeafter_sel[$beforeafter] = 'selected="selected"';
$sortby_sel = array ('date' => '', 'title' => '', 'comm_num' => '', 'news_read' => '', 'autor' => '', 'category' => '', 'rating' => '' );
$sortby_sel[$sortby] = 'selected="selected"';
$resorder_sel = array ('desc' => '', 'asc' => '' );
$resorder_sel[$resorder] = 'selected="selected"';
$showposts_sel = array ('0' => '', '1' => '' );
$showposts_sel[$showposts] = 'checked="checked"';
if( $exactname == "yes" ) $exactname_sel = 'checked="checked"'; else $exactname_sel = '';
if( $all_word_seach == 1 ) $all_word_seach_sel = 'checked="checked"'; else $all_word_seach_sel = '';
// Âûâîä ôîðìû ïîèñêà
if( $category_list == "" or $category_list == "0" ) {$catselall = "selected=\"selected\"";
} else {
$catselall = "";
$category_list = preg_replace( "/^0\,/", '', $category_list );
}
// Îïðåäåëåíèå è âûâîä äîñòóïíûõ êàòåãîðèé
$cats = "<select style=\"width:95%;height:200px;\" name=\"catlist[]\" size=\"13\" multiple=\"multiple\">";
$cats .= "<option " . $catselall . " value=\"0\">" . $lang['s_allcat'] . "</option>";
$cats .= CategoryNewsSelection( explode( ',', $category_list ), 0, false );
$cats .= "</select>";
$tpl->copy_template .= <<<HTML
<script type="text/javascript" language="javascript">
<!-- begin
function clearform(frmname){
var frm = document.getElementById(frmname);
for (var i=0;i<frm.length;i++) {
var el=frm.elements[i];
if (el.type=="checkbox" || el.type=="radio") {
if (el.name=='showposts') {document.getElementById('rb_showposts_0').checked=1; } else {el.checked=0; }
}
if ((el.type=="text") || (el.type=="textarea") || (el.type == "password")) { el.value=""; continue; }
if ((el.type=="select-one") || (el.type=="select-multiple")) { el.selectedIndex=0; }
}
document.getElementById('replylimit').value = 0;
document.getElementById('search_start').value = 0;
document.getElementById('result_from').value = 1;
}
function list_submit(prm){
var frm = document.getElementById('fullsearch');
if (prm == -1) {
prm=Math.ceil(frm.result_from.value / {$config['search_number']});
} else {
frm.result_from.value=(prm-1) * {$config['search_number']} + 1;
}
frm.search_start.value=prm;
frm.submit();
return false;
}
function full_submit(prm){
document.getElementById('fullsearch').full_search.value=prm;
list_submit(-1);
}
function reg_keys(key) {
var code;
if (!key) var key = window.event;
if (key.keyCode) code = key.keyCode;
else if (key.which) code = key.which;
if (code == 13) {
list_submit(-1);
}
};
document.onkeydown = reg_keys;
// end -->
</script>
HTML;
$searchtable = <<<HTML
<form name="fullsearch" id="fullsearch" action="{$config['http_home_url']}index.php?do=search" method="post">
<input type="hidden" name="do" id="do" value="search" />
<input type="hidden" name="subaction" id="subaction" value="search" />
<input type="hidden" name="search_start" id="search_start" value="$search_start" />
<input type="hidden" name="full_search" id="full_search" value="$full_search" />
<input type="hidden" name="result_from" id="result_from" value="$result_from" />
HTML;
if( $full_search ) {
if ($config['full_search']) {
$full_search_option = "<option value=\"\" selected=\"selected\">{$lang['s_fsrelate']}</option><option {$sortby_sel['date']} value=\"date\">{$lang['s_fsdate']}</option>";
$all_word_option = "";
} else {
$full_search_option = "<option {$sortby_sel['date']} value=\"date\" selected=\"selected\">{$lang['s_fsdate']}</option>";
$all_word_option = "<div><label for=\"all_word_seach\"><input type=\"checkbox\" name=\"all_word_seach\" value=\"1\" id=\"all_word_seach\" {$all_word_seach_sel} />Òî÷íîå ñîâïàäåíèå âñåõ ñëîâ</label></div>";
}
$searchtable .= <<<HTML
<table cellpadding="0" cellspacing="0" width="100%">
<tr>
<td class="search">
<div align="center">
<table cellpadding="0" cellspacing="2" width="100%">
<tr style="vertical-align: top;">
<td class="search">
<fieldset style="margin:0px">
<legend>{$lang['s_con']}</legend>
<table cellpadding="0" cellspacing="3" border="0">
<tr>
<td class="search">
<div>{$lang['s_word']}</div>
<div><input type="text" name="story" id="searchinput" value="$findstory" class="textin" style="width:250px" /></div>
{$all_word_option}
</td>
</tr>
<tr>
<td class="search">
<select class="textin" name="titleonly" id="titleonly">
<option {$titleonly_sel['0']} value="0">{$lang['s_ncom']}</option>
<option {$titleonly_sel['1']} value="1">{$lang['s_ncom1']}</option>
<option {$titleonly_sel['2']} value="2">{$lang['s_static']}</option>
<option {$titleonly_sel['3']} value="3">{$lang['s_tnews']}</option>
</select>
</td>
</tr>
</table>
</fieldset>
</td>
<td class="search" valign="top">
<fieldset style="margin:0px">
<legend>{$lang['s_mname']}</legend>
<table cellpadding="0" cellspacing="3" border="0">
<tr>
<td class="search">
<div>{$lang['s_fname']}</div>
<div id="userfield"><input type="text" name="searchuser" id="searchuser" value="$searchuser" class="textin" style="width:250px" /><br /><label for="exactname"><input type="checkbox" name="exactname" value="yes" id="exactname" {$exactname_sel} />{$lang['s_fgname']}</label>
</div>
</td>
</tr>
</table>
</fieldset>
</td>
</tr>
<tr style="vertical-align: top;">
<td width="50%" class="search">
<fieldset style="margin:0px">
<legend>{$lang['s_fart']}</legend>
<div style="padding:3px">
<select class="textin" name="replyless" id="replyless" style="width:200px">
<option {$replyless_sel['0']} value="0">{$lang['s_fmin']}</option>
<option {$replyless_sel['1']} value="1">{$lang['s_fmax']}</option>
</select>
<input type="text" name="replylimit" id="replylimit" size="5" value="$replylimit" class="textin" /> {$lang['s_wcomm']}
</div>
</fieldset>
<fieldset style="padding-top:10px">
<legend>{$lang['s_fdaten']}</legend>
<div style="padding:3px">
<select name="searchdate" id="searchdate" class="textin" style="width:200px">
<option {$searchdate_sel['0']} value="0">{$lang['s_tall']}</option>
<option {$searchdate_sel['-1']} value="-1">{$lang['s_tlast']}</option>
<option {$searchdate_sel['1']} value="1">{$lang['s_tday']}</option>
<option {$searchdate_sel['7']} value="7">{$lang['s_tweek']}</option>
<option {$searchdate_sel['14']} value="14">{$lang['s_ttweek']}</option>
<option {$searchdate_sel['30']} value="30">{$lang['s_tmoth']}</option>
<option {$searchdate_sel['90']} value="90">{$lang['s_tfmoth']}</option>
<option {$searchdate_sel['180']} value="180">{$lang['s_tsmoth']}</option>
<option {$searchdate_sel['365']} value="365">{$lang['s_tyear']}</option>
</select>
<select name="beforeafter" id="beforeafter" class="textin">
<option {$beforeafter_sel['after']} value="after">{$lang['s_fnew']}</option>
<option {$beforeafter_sel['before']} value="before">{$lang['s_falt']}</option>
</select>
</div>
</fieldset>
<fieldset style="padding-top:10px">
<legend>{$lang['s_fsoft']}</legend>
<div style="padding:3px">
<select name="sortby" id="sortby" class="textin" style="width:200px">
{$full_search_option}
<option {$sortby_sel['title']} value="title" >{$lang['s_fstitle']}</option>
<option {$sortby_sel['comm_num']} value="comm_num" >{$lang['s_fscnum']}</option>
<option {$sortby_sel['news_read']} value="news_read" >{$lang['s_fsnnum']}</option>
<option {$sortby_sel['autor']} value="autor" >{$lang['s_fsaut']}</option>
<option {$sortby_sel['category']} value="category" >{$lang['s_fscat']}</option>
<option {$sortby_sel['rating']} value="rating" >{$lang['s_fsrate']}</option>
</select>
<select name="resorder" id="resorder" class="textin">
<option {$resorder_sel['desc']} value="desc">{$lang['s_fsdesc']}</option>
<option {$resorder_sel['asc']} value="asc">{$lang['s_fsasc']}</option>
</select>
</div>
</fieldset>
<fieldset style="padding-top:10px">
<legend>{$lang['s_vlegend']}</legend>
<table cellpadding="0" cellspacing="3" border="0">
<tr align="left" valign="middle">
<td align="left" class="search">{$lang['s_vwie']}&nbsp;&nbsp;
<label for="rb_showposts_0"><input type="radio" name="showposts" value="0" id="rb_showposts_0" {$showposts_sel['0']} />{$lang['s_vnews']}</label>
<label for="rb_showposts_1"><input type="radio" name="showposts" value="1" id="rb_showposts_1" {$showposts_sel['1']} />{$lang['s_vtitle']}</label>
</td>
</tr>
</table>
</fieldset>
</td>
<td width="50%" class="search" valign="top">
<fieldset style="margin:0px">
<legend>{$lang['s_fcats']}</legend>
<div style="padding:3px">
<div>$cats</div>
</div>
</fieldset>
</td>
</tr>
<tr>
<td class="search" colspan="2">
<div style="margin-top:6px">
<input type="button" class="bbcodes" style="margin:0px 20px 0 0px;" name="dosearch" id="dosearch" value="{$lang['s_fstart']}" onclick="javascript:list_submit(-1); return false;" />
<input type="button" class="bbcodes" style="margin:0px 20px 0 20px;" name="doclear" id="doclear" value="{$lang['s_fstop']}" onclick="javascript:clearform('fullsearch'); return false;" />
<input type="reset" class="bbcodes" style="margin:0px 20px 0 20px;" name="doreset" id="doreset" value="{$lang['s_freset']}" />
</div>
</td>
</tr>
</table>
</div>
</td>
</tr>
</table>
HTML;
} else {
if ( $smartphone_detected ) {$link_full_search = "";
} else {$link_full_search = "<input type=\"button\" class=\"bbcodes\" name=\"dofullsearch\" id=\"dofullsearch\" value=\"{$lang['s_ffullstart']}\" onclick=\"javascript:full_submit(1); return false;\" />";}
$searchtable .= <<<HTML
<input type="hidden" name="result_from" id="result_from" value="$result_from" />
<table cellpadding="4" cellspacing="0" width="100%">
<tr>
<td class="search">
<div class="line_center" style="margin:10px;">
<input type="text" name="story" id="searchinput" value="$findstory" class="textin" style="width:250px" /><br /><br />
<input type="button" class="bbcodes" name="dosearch" id="dosearch" value="{$lang['s_fstart']}" onclick="javascript:list_submit(-1); return false;" />
{$link_full_search}
</div>
</td>
</tr>
</table>
HTML;
}
$searchtable .= <<<HTML
</form>
HTML;
$tpl->set( '{searchtable}', $searchtable );
// Ïî óìîë÷àíèþ, âûâîäèòñÿ òîëüêî ôîðìà ïîèñêà
if( $subaction != "search" ) {
$tpl->set_block( "'\[searchmsg\](.*?)\[/searchmsg\]'si", "" );
$tpl->compile( 'content' );
}
// Êîíåö âûâîäà ôîðìû ïîèñêà
if( $subaction == "search" ) {
// Âûâîä ðåçóëüòàòîâ ïîèñêà
if ($config['full_search']) {
$arr = explode( ' ', $story );
$story_maxlen = 0;
$story = array ();
foreach ( $arr as $word ) {
$wordlen = strlen( trim( $word ) );
if( $wordlen > $story_maxlen ) {$story_maxlen = $wordlen;}
}
$story = implode( " ", $story );
} else {
if ( !$all_word_seach ) $story = preg_replace( "#(\s+|__OR__)#i", '%', $story );
$story_maxlen = strlen( trim( $story ));
}
if( (empty( $story ) or ($story_maxlen < $config['search_length_min'])) and (empty( $searchuser ) or (strlen( $searchuser ) < $config['search_length_min'])) ) {
msgbox( $lang['all_info'], $lang['search_err_3'] );
$tpl->set( '{searchmsg}', '' );
$tpl->set( '[searchmsg]', "" );
$tpl->set( '[/searchmsg]', "" );
$tpl->compile( 'content' );
} else {
// Íà÷àëî ïîäãîòîâêè ïîèñêà
if( $search_start ) {
$search_start = $search_start - 1;
$search_start = $search_start * $config['search_number'];
}
// Ïðîâåðêà ðàçðåøåííûõ êàòåãîðèé èç ñïèñêà âûáðàííûõ êàòåãîðèé
$allow_cats = $user_group[$member_id['user_group']]['allow_cats'];
$allow_list = explode( ',', $allow_cats );
$stop_list = "";
if( $allow_list[0] == "all" ) {
// Âñå êàòåãîðèè äîñòóïíû äëÿ ãðóïïû
if( $category_list == "" or $category_list == "0" ) {
// Âûáðàí ïîèñê ïî âñåì êàòåãîðèÿì
;
} else {
// Âûáðàí ïîèñê ïî íåêîòîðûì êàòåãîðèÿì
$stop_list = str_replace( ',', '|', $category_list );
}
} else {
// Íå âñå êàòåãîðèè äîñòóïíû äëÿ ãðóïïû
if( $category_list == "" or $category_list == "0" ) {
// Âûáðàí ïîèñê ïî âñåì êàòåãîðèÿì
$stop_list = str_replace( ',', '|', $allow_cats );
} else {
// Âûáðàí ïîèñê ïî íåêîòîðûì êàòåãîðèÿì
$cats_list = explode( ',', $category_list );
foreach ( $cats_list as $id ) {
if( in_array( $id, $allow_list ) ) $stop_list .= $id . '|';
}
$stop_list = substr( $stop_list, 0, strlen( $stop_list ) - 1 );
}
}
// Îãðàíè÷åíèå ïî êàòåãîðèÿì
$where_category = "";
if( ! empty( $stop_list ) ) {
if( $config['allow_multi_category'] ) {$where_category = "category regexp '[[:<:]](" . $stop_list . ")[[:>:]]'";
} else {
$stop_list = str_replace( "|", "','", $stop_list );
$where_category = "category IN ('" . $stop_list . "')";
}
}
if( $story == "___SEARCH___ALL___" ) $story = '';
$thistime = date( "Y-m-d H:i:s", (time() + $config['date_adjust'] * 60) );
if( $exactname == 'yes' ) $likename = ''; else $likename = '%';
if( $searchdate != '0' ) {
if( $searchdate != '-1' ) {
$qdate = date( "Y-m-d H:i:s", (time() + $config['date_adjust'] * 60 - $searchdate * 86400) );
} else {
if( $is_logged and isset( $_SESSION['member_lasttime'] ) ) $qdate = date( "Y-m-d H:i:s", $_SESSION['member_lasttime'] );
else $qdate = $thistime;
}
}
// Ïîèñê ïî àâòîðó ñòàòüè èëè êîììåíòàðèÿ
$autor_posts = '';
$autor_comms = '';
$searchuser = $db->safesql($searchuser);
if( ! empty( $searchuser ) ) {
switch ($titleonly) {
case 0 :
// Èñêàòü òîëüêî â ñòàòüÿõ
$autor_posts = PREFIX . "_post.autor like '$searchuser$likename'";
break;
case 3 :
// Èñêàòü òîëüêî â ñòàòüÿõ
$autor_posts = PREFIX . "_post.autor like '$searchuser$likename'";
break;
case 1 :
// Èñêàòü òîëüêî â êîììåíòàðèÿõ
$autor_comms = PREFIX . "_comments.autor like '$searchuser$likename'";
break;
}
}
$where_reply = "";
if( ! empty( $replylimit ) ) {
if( $replyless == 0 ) $where_reply = PREFIX . "_post.comm_num >= '" . $replylimit . "'";
else $where_reply = PREFIX . "_post.comm_num <= '" . $replylimit . "'";
}
// Ïîèñê ïî êëþ÷åâûì ñëîâàì
if ($config['full_search']) {
$titleonly_where = array ('0' => "MATCH(title,short_story,full_story) AGAINST ('{story}')", // Èñêàòü òîëüêî â ñòàòüÿõ
'1' => "MATCH(text) AGAINST ('{story}')", // Èñêàòü òîëüêî â êîììåíòàðèÿõ
'2' => "MATCH(" . PREFIX . "_static.template) AGAINST ('{story}')", // Èñêàòü òîëüêî â ñòàòè÷åñêèõ ñòðàíèöàõ
'3' => "title LIKE '%{story}%'" ); // Èñêàòü òîëüêî â çàãîëîâêàõ ñòàòåé
} else {
$titleonly_where = array ('0' => "short_story LIKE '%{story}%' OR full_story LIKE '%{story}%' OR title LIKE '%{story}%'", // Èñêàòü òîëüêî â ñòàòüÿõ
'1' => "text LIKE '%{story}%'", // Èñêàòü òîëüêî â êîììåíòàðèÿõ
'2' => PREFIX . "_static.template LIKE '%{story}%'", // Èñêàòü òîëüêî â ñòàòè÷åñêèõ ñòðàíèöàõ
'3' => "title LIKE '%{story}%'" ); // Èñêàòü òîëüêî â çàãîëîâêàõ ñòàòåé
}
if( !empty( $story ) ) {
foreach ( $titleonly_where as $name => $value ) {
$value2 = str_replace( "{story}", $db->safesql($story), $value );
$titleonly_where[$name] = $value2;
}
}
// Ïîèñê ïî ñòàòüÿì
if( in_array( $titleonly, array (0, 3 ) ) ) {
$where_posts = "WHERE " . PREFIX . "_post.approve=1" . $this_date;
if( ! empty( $where_category ) ) $where_posts .= " AND " . $where_category;
if ($config['full_search']) {if( ! empty( $story ) ) $where_posts .= " AND " . $titleonly_where[$titleonly];
} else {if( ! empty( $story ) ) $where_posts .= " AND (" . $titleonly_where[$titleonly] . ")";}
if( ! empty( $autor_posts ) ) $where_posts .= " AND " . $autor_posts;
$sdate = PREFIX . "_post.date";
if( $searchdate != '0' ) {
if( $beforeafter == 'before' ) $where_date = $sdate . " < '" . $qdate . "'";
else $where_date = $sdate . " between '" . $qdate . "' and '" . $thistime . "'";
$where_posts .= " AND " . $where_date;
}
if( ! empty( $where_reply ) ) $where_posts .= " AND " . $where_reply;
$where = $where_posts;
if ($config['full_search']) if( $titleonly_where[$titleonly] == "" ) $titleonly_where[$titleonly] = "''";
$posts_fields = "SELECT SQL_CALC_FOUND_ROWS id, autor, " . PREFIX . "_post.date AS newsdate, " . PREFIX . "_post.date AS date, short_story AS story, title, descr, keywords, category, alt_name, comm_num AS comm_in_news, allow_comm, rating, news_read, editdate, tags, '' AS output_comms";
$posts_from = "FROM " . PREFIX . "_post";
$sql_fields = $posts_fields;
$sql_find = "$sql_fields $posts_from $where";
}
// Ïîèñê ïî êîììåíòàðèÿì
if( $titleonly == 1) {
$where_comms = "WHERE " . PREFIX . "_post.approve=1" . $this_date;
if( ! empty( $where_category ) ) $where_comms .= " AND " . $where_category;
if( ! empty( $story ) ) $where_comms .= " AND (" . $titleonly_where['1'] . ")";
if( ! empty( $autor_comms ) ) $where_comms .= " AND " . $autor_comms;
$sdate = PREFIX . "_comments.date";
if( $searchdate != '0' ) {
if( $beforeafter == 'before' ) $where_date = $sdate . " < '" . $qdate . "'";
else $where_date = $sdate . " between '" . $qdate . "' and '" . $thistime . "'";
$where_comms .= " AND " . $where_date;
}
if( ! empty( $where_reply ) ) $where_comms .= " AND " . $where_reply;
$where = $where_comms;
$comms_fields = "SELECT SQL_CALC_FOUND_ROWS " . PREFIX . "_comments.id AS coms_id, post_id AS id, " . PREFIX . "_comments.date, " . PREFIX . "_comments.autor AS autor, " . PREFIX . "_comments.email AS gast_email, " . PREFIX . "_comments.text AS story, ip, is_register, name, " . USERPREFIX . "_users.email, news_num, " . USERPREFIX . "_users.comm_num, reg_date, banned, signature, foto, fullname, land, icq, repa, repa_mod, repa_off, " . PREFIX . "_post.date AS newsdate, " . PREFIX . "_post.title, " . PREFIX . "_post.category, " . PREFIX . "_post.alt_name, " . PREFIX . "_post.comm_num AS comm_in_news, " . PREFIX . "_post.allow_comm, " . PREFIX . "_post.rating, " . PREFIX . "_post.news_read, '1' AS output_comms";
$comms_from = "FROM " . PREFIX . "_comments LEFT JOIN " . PREFIX . "_post ON " . PREFIX . "_comments.post_id=" . PREFIX . "_post.id LEFT JOIN " . USERPREFIX . "_users ON " . PREFIX . "_comments.user_id=" . USERPREFIX . "_users.user_id";
$sql_fields = $comms_fields;
$sql_find = "$sql_fields $comms_from $where";
}
$order_by = $sortby . " " . $resorder;
// Ïîèñê â ñòàòè÷åñêèõ ñòðàíèöàõ
if( $titleonly == 6 ) {
$sql_from = "FROM " . PREFIX . "_static";
$sql_fields = "SELECT SQL_NO_CACHE id, name AS static_name, descr AS title, template AS story, grouplevel, date, views";
if ( $titleonly_where[$titleonly] ) $where = "WHERE " . $titleonly_where[$titleonly]; else $where = "";
$sql_find = "$sql_fields $sql_from $where";
$order_by = "id";
}
// ------ Çàïðîñ ê áàçå
$from_num = $search_start + 1;
if ($config['full_search']) {
if( $sortby != "" ) $order_by = "ORDER BY " . $order_by; else $order_by = "";
$sql_request = "$sql_find $order_by LIMIT $search_start,{$config['search_number']}";
} else {
$sql_request = "$sql_find ORDER BY $order_by LIMIT $search_start,{$config['search_number']}";
}
$sql_result = $db->query( $sql_request );
$found_result = $db->num_rows( $sql_result );
$result_count = $db->super_query( "SELECT FOUND_ROWS() as count" );
$count_result = $result_count['count'];
if( $count_result > ($config['search_number'] * 5) ) $count_result = ($config['search_number'] * 5);
// Íå íàéäåíî
if( ! $found_result ) {
msgbox( $lang['all_info'], $lang[search_err_2] );
$tpl->set( '{searchmsg}', '' );
$tpl->set_block( "'\[searchmsg\](.*?)\[/searchmsg\]'si", "" );
$tpl->compile( 'content' );
} else {
$to_num = $search_start + $found_result;
// Âûâîä èíôîðìàöèè î êîëè÷åñòâå íàéäåííûõ ðåçóëüòàòîâ
$searchmsg = "$lang[search_ok] " . $count_result . " $lang[search_ok_1] ($lang[search_ok_2] " . $from_num . " - " . $to_num . ") :";
$tpl->set( '{searchmsg}', $searchmsg );
$tpl->set( '[searchmsg]', "" );
$tpl->set( '[/searchmsg]', "" );
$tpl->compile( 'content' );
$tpl->load_template( 'searchresult.tpl' );
function hilites($search, $txt) {
$r = preg_split( '((>)|(<))', $txt, - 1, PREG_SPLIT_DELIM_CAPTURE );
for($i = 0; $i < count( $r ); $i ++) {
if( $r[$i] == "<" ) {
$i ++;
continue;
}
$r[$i] = preg_replace( "#($search)#i", "<span style='background-color:yellow;'><font color='red'>\\1</font></span>", $r[$i] );
}
return join( "", $r );
}
// Âûâîä òåêñòà ñòàòüè èëè êîììåíòàðèÿ âî âñïëûâàþùåé ïîäñêàçêå ïðè âûâîäå òîëüêî çàãîëîâêîâ
function create_description($txt) {
$fastquotes = array ("\x27", "\x22", "\x60", "\t", "\n", "\r" );
$quotes = array ('"', "'" );
$maxchr = 80;
$txt = preg_replace( "/\[hide\](.*?)\[\/hide\]/ims", "", $txt );
$txt = stripslashes( $txt );
$txt = trim( strip_tags( $txt ) );
$txt = str_replace( $fastquotes, ' ', $txt );
$txt = str_replace( $quotes, '', $txt );
$txt = preg_replace( "#\s+#i", ' ', $txt );
$txt = substr( $txt, 0, 300 );
$txt = wordwrap( $txt, $maxchr, " " );
return $txt;
}
// Âûâîä ðåçóëüòàòîâ ïîèñêà
$search_id = $search_start;
while ( $row = $db->get_row( $sql_result ) ) {
// Ïîðÿäêîâûé íîìåð ðåçóëüòàòà ïîèñêà
$search_id ++;
$attachments[] = $row['id'];
if( $titleonly != 2 ) {
$row['newsdate'] = strtotime( $row['newsdate'] );
$row['date'] = strtotime( $row['date'] );
}
$row['story'] = stripslashes( $row['story'] );
if( $user_group[$member_id['user_group']]['allow_hide'] ) $row['story'] = str_ireplace( "[hide]", "", str_ireplace( "[/hide]", "", $row['story']) );
else $row['story'] = preg_replace ( "#\[hide\](.+?)\[/hide\]#is", "<div class=\"quote\">" . $lang['news_regus'] . "</div>", $row['story'] );
if ($config['full_search']) $arr = explode( " ", $story ); else $arr = explode( "%", $story );
foreach ( $arr as $word ) {
if( strlen( trim( $word ) ) >= $config['search_length_min'] ) {
$row['story'] = hilites( $word, $row['story'] );
}
;
}
if( $titleonly == 2 ) {
// Ðåçóëüòàòû ïîèñêà â ñòàòè÷åñêèõ ñòðàíèöàõ
$row['grouplevel'] = explode( ',', $row['grouplevel'] );
if( $row['grouplevel'][0] != "all" and ! in_array( $member_id['user_group'], $row['grouplevel'] ) ) {
$tpl->result['content'] .= $lang['static_denied'];
} else {
$row['story'] = stripslashes( $row['story'] );
$title = stripslashes( strip_tags( $row['title'] ) );
$tpl->load_template( 'static.tpl' );
$static_descr = "<a title=\"" . $title . "\" href=\"" . $config['http_home_url'] . $row['static_name'] . ".html\" >" . $title . "</a>";
$tpl->set( '{description}', $static_descr );
if (strlen( $row['story'] ) > 2000) {
$row['story'] = substr( strip_tags ($row['story']), 0, 2000)." .... ";
$row['story'] .= "( <a href=\"" . $config['http_home_url'] . $row['static_name'] . ".html\" >" . $lang['search_s_go'] . "</a> )";
}
$tpl->set( '{static}', $row['story'] );
$tpl->set( '{pages}', '' );
if( @date( "Ymd", $row['date'] ) == date( "Ymd", $_TIME ) ) {
$tpl->set( '{date}', $lang['time_heute'] . langdate( ", H:i", $row['date'] ) );
} elseif( @date( "Ymd", $row['date'] ) == date( "Ymd", ($_TIME - 86400) ) ) {
$tpl->set( '{date}', $lang['time_gestern'] . langdate( ", H:i", $row['date'] ) );
} else {
$tpl->set( '{date}', langdate( $config['timestamp_active'], $row['date'] ) );
}
$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "langdate('\\1', '{$row['date']}')", $tpl->copy_template );
$tpl->set( '{views}', $row['views'] );
$tpl->compile( 'content' );
$tpl->clear();
if( $config['files_allow'] == "yes" ) {
if( strpos( $tpl->result['content'], "[file=" ) !== false ) {$tpl->result['content'] = show_file( $tpl->result['content'], $attachments, true );}
if( strpos( $tpl->result['content'], "[torrent=" ) !== false ) {$tpl->result['content'] = show_torrent( $tpl->result['content'], $attachments, true );}
}
}
} else {
// Ðåçóëüòàòû ïîèñêà â ñòàòüÿõ è êîììåíòàðèÿõ
$tpl->set( '{result-date}', langdate( $config['timestamp_active'], $row['date'] ) );
$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "langdate('\\1', '{$row['date']}')", $tpl->copy_template );
$row_title = stripslashes( $row['title'] );
$tpl->set( '{result-title}', $row_title );
$tpl->set( '{result-author}', "<a href=\"" . $config['http_home_url'] . "user/" . urlencode( $row['autor'] ) . "/\">" . $row['autor'] . "</a>" );
$tpl->set( '{result-comments}', $row['comm_in_news'] );
$my_news_id = "<a title=\"" . $row_title . "\" href=\"$PHP_SELF?newsid=" . $row['id'] . "\"" . $row['id'] . "</a>";
$tpl->set( '{news-id}', $my_news_id );
if( ! $row['category'] ) {
$my_cat = "---";
$my_cat_link = "---";
} else {
$my_cat = array ();
$my_cat_link = array ();
$cat_list = explode( ',', $row['category'] );
if( count( $cat_list ) == 1 ) {
$my_cat[] = $cat_info[$cat_list[0]]['name'];
$my_cat_link = get_categories( $cat_list[0] );
} else {
foreach ( $cat_list as $element ) {
if( $element ) {
$my_cat[] = $cat_info[$element]['name'];
$my_cat_link[] = "<a href=\"" . $config['http_home_url'] . get_url( $element ) . "/\">{$cat_info[$element]['name']}</a>";
}}$my_cat_link = stripslashes( implode( ', ', $my_cat_link ) );
}$my_cat = stripslashes( implode( ', ', $my_cat ) );
}
$row['category'] = intval( $row['category'] );
if( $row['tags'] ) {
$tpl->set( '[tags]', "" );
$tpl->set( '[/tags]', "" );
$tags = array ();
$row['tags'] = explode( ",", $row['tags'] );
foreach ( $row['tags'] as $value ) {
$value = trim( $value );
$tags[] = "<a href=\"" . $config['http_home_url'] . "tags/" . urlencode( $value ) . "/\">" . $value . "</a>";
}
$tpl->set( '{tags}', implode( ", ", $tags ) );
} else {
$tpl->set_block( "'\\[tags\\](.*?)\\[/tags\\]'si", "" );
$tpl->set( '{tags}', "" );
}
$tpl->set( '{link-category}', $my_cat_link );
$tpl->set( '{views}', $row['news_read'] );
if( $row['output_comms'] == '1' ) {
// Îáðàáîòêà è âûâîä êîììåíòàðèåâ
if( ! $row['is_register'] ) {
if( $row['gast_email'] != "" ) {$tpl->set( '{result-author}', "<a href=\"mailto:".htmlspecialchars($row['gast_email'], ENT_QUOTES)."\">" . stripslashes( $row['autor'] ) . "</a>" );
} else {$tpl->set( '{result-author}', stripslashes( $row['autor'] ) );}
} else {$tpl->set( '{result-author}', "<a href=\"" . $config['http_home_url'] . "user/" . urlencode( $row['name'] ) . "/\">" . stripslashes( $row['autor'] ) . "</a>" ); }
if( $is_logged and $member_id['user_group'] == '1' ) $tpl->set( '{ip}', "IP: <a onclick=\"return dropdownmenu(this, event, IPMenu('" . $row['ip'] . "', '" . $lang['ip_info'] . "', '" . $lang['ip_tools'] . "', '" . $lang['ip_ban'] . "'), '190px')\" onMouseout=\"delayhidemenu()\" href=\"https://www.nic.ru/whois/?ip={$row['ip']}\" target=\"_blank\">{$row['ip']}</a>" );
else $tpl->set( '{ip}', '' );
if( $is_logged and (($member_id['name'] == $row['name'] and $row['is_register'] and $user_group[$member_id['user_group']]['allow_editc']) or $user_group[$member_id['user_group']]['edit_allc']) ) {
$tpl->set( '[com-edit]', "<a onclick=\"return ajax_comm_edit('" . $row['coms_id'] . "', 'news')\" return false; href=\"#\">" );
$tpl->set( '[/com-edit]', "</a>" );
} else $tpl->set_block( "'\\[com-edit\\](.*?)\\[/com-edit\\]'si", "" );
if( $is_logged and (($member_id['name'] == $row['name'] and $row['is_register'] and $user_group[$member_id['user_group']]['allow_delc']) or $member_id['user_group'] == '1' or $user_group[$member_id['user_group']]['del_allc']) ) {
$tpl->set( '[com-del]', "<a href=\"javascript:confirmDelete('" . $config['http_home_url'] . "index.php?do=comments&action=comm_del&id=" . $row['coms_id'] . "&amp;dle_allow_hash=" . $dle_login_hash . "')\">" );
$tpl->set( '[/com-del]', "</a>" );
} else $tpl->set_block( "'\\[com-del\\](.*?)\\[/com-del\\]'si", "" );
$tpl->set_block( "'\\[fast\\](.*?)\\[/fast\\]'si", "" );
$tpl->set( '{mail}', $row['email'] );
$tpl->set( '{comment-id}', '--' );
if( $row['banned'] == 'yes' or $row['name'] == '' or ! $row['is_register'] ) {
$grav_url = 'http://gravatar.com/avatar/' . md5( stripslashes( $row['email'] ) ) . "?s=100&r=g&d=" . $config['http_home_url'] . 'templates/' . $config['skin'] . '/images/noavatar.png';$tpl->set('{foto}', "<img src=\"" . $grav_url . "\" border=\"0\" style=\"border:1px solid #ccc; max-width:100px\" /><br />");
} else {
if( $row['foto'] ) $tpl->set( '{foto}', "<img src=\"" . $config['http_home_url'] . "uploads/fotos/" . $row['foto'] . "\" border=\"0\" style=\"border:1px solid #ccc; max-width:100px\" />" );
else $grav_url = 'http://gravatar.com/avatar/' . md5( stripslashes( $row['email'] ) ) . "?s=100&r=g&d=" . $config['http_home_url'] . 'templates/' . $config['skin'] . '/images/noavatar.png';$tpl->set('{foto}', "<img src=\"" . $grav_url . "\" border=\"0\" style=\"border:1px solid #ccc; max-width:100px\" /><br />");
}
@include (SYSTEM_DIR.'/modules/reputation.php');
if( $row['is_register'] ) $tpl->set( '{registration}', langdate( "d.m.Y", $row['reg_date'] ) );
else $tpl->set( '{registration}', '--' );
if( $row['is_register'] and $row['news_num'] ) $tpl->set( '{news_num}', $row['news_num'] );
else $tpl->set( '{news_num}', '0' );
if( $row['is_register'] and $row['comm_num'] ) $tpl->set( '{comm_num}', $row['comm_num'] );
else $tpl->set( '{comm_num}', '0' );
$tpl->set_block( "'\\[signature\\](.*?)\\[/signature\\]'si", "" );
$tpl->set( '{result-text}', "<div id='comm-id-" . $row['coms_id'] . "'>" . $row['story'] . "</div>" );
} else {
if( $is_logged and (($member_id['name'] == $row['autor'] and $user_group[$member_id['user_group']]['allow_edit']) or $user_group[$member_id['user_group']]['allow_all_edit']) ) {
$tpl->set( '[edit]', "<a href=\"/index.php?do=editnews&id=$row[id]\">" );
$tpl->set( '[/edit]', "</a>" );
} else {$tpl->set_block( "'\\[edit\\](.*?)\\[/edit\\]'si", "" );}
if ($smartphone_detected) {
if (!$config['allow_smart_format']) {$row['story'] = strip_tags( $row['story'], '<p><br><a>' );
} else {
if ( !$config['allow_smart_images'] ) {
$row['story'] = preg_replace( "#<!--TBegin-->(.+?)<!--TEnd-->#is", "", $row['story'] );
$row['story'] = preg_replace( "#<img(.+?)>#is", "", $row['story'] );
}
if ( !$config['allow_smart_video'] ) {
$row['story'] = preg_replace( "#<!--dle_video_begin(.+?)<!--dle_video_end-->#is", "", $row['story'] );
$row['story'] = preg_replace( "#<!--dle_audio_begin(.+?)<!--dle_audio_end-->#is", "", $row['story'] );
}}}
if ($is_logged){
$fav_arr = explode (',', $member_id['favorites']);
if (!in_array ($row['id'], $fav_arr))
$tpl->set('{favorites}',"<a id=\"fav-id-".$row['id']."\" href=\"$PHP_SELF?do=favorites&amp;doaction=add&amp;id=".$row['id']."\"><img src=\"".$config['http_home_url']."templates/{$config['skin']}/images/add_fav.png\" onclick=\"doFavorites('".$row['id']."', 'plus'); return false;\" alt=\"".$lang['news_addfav']."\" align=\"middle\" border=\"0\" /></a>");
else
$tpl->set('{favorites}',"<a id=\"fav-id-".$row['id']."\" href=\"$PHP_SELF?do=favorites&amp;doaction=del&amp;id=".$row['id']."\"><img src=\"".$config['http_home_url']."templates/{$config['skin']}/images/del_fav.png\" onclick=\"doFavorites('".$row['id']."', 'minus'); return false;\" alt=\"".$lang['news_minfav']."\" align=\"middle\" border=\"0\" /></a>");
} else $tpl->set('{favorites}',"");
$tpl->set( '{result-text}', "<div id='news-id-" . $row['id'] . "'>" . $row['story'] . "</div>" );
}
$tpl->set( '{search-id}', $search_id );
if( $showposts == 0 ) {
// Ïîêàçàòü êîðîòêóþ íîâîñòü
$tpl->set_block( "'\\[shortresult\\].*?\\[/shortresult\\]'si", "" );
$tpl->set( '[fullresult]', "" );
$tpl->set( '[/fullresult]', "" );
$alt_text = $row_title;
} else {
// Ïîêàçàòü òîëüêî çàãîëîâîê
$tpl->set_block( "'\\[fullresult\\].*?\\[/fullresult\\]'si", "" );
$tpl->set( '[shortresult]', "" );
$tpl->set( '[/shortresult]', "" );
$alt_text = create_description( $row['story'] );
}
$full_link = $config['http_home_url'] . $row['id'] . "-" . $row['alt_name'] . ".html";
$tpl->set( '[result-link]', "<a href=\"" . $full_link . "\" >" );
$tpl->set( '[/result-link]', "</a>" );
if( $row['output_comms'] == '1' ) {
// Äëÿ âûâîäà êîììåíòàðèåâ
$tpl->set_block( "'\\[searchposts\\].*?\\[/searchposts\\]'si", "" );
$tpl->set( '[searchcomments]', "<div id='comment-id-{$row['coms_id']}'>" );
$tpl->set( '[/searchcomments]', "</div>" );
} else {
// Äëÿ âûâîäà ñòàòåé
$tpl->set_block( "'\\[searchcomments\\].*?\\[/searchcomments\\]'si", "" );
$tpl->set( '[searchposts]', "" );
$tpl->set( '[/searchposts]', "" );
}
$tpl->compile( 'content' );
if( $user_group[$member_id['user_group']]['allow_hide'] ) $tpl->result['content'] = preg_replace( "'\[hide\](.*?)\[/hide\]'si", "\\1", $tpl->result['content']);
else $tpl->result['content'] = preg_replace ( "'\[hide\](.*?)\[/hide\]'si", "<div class=\"quote\">" . $lang['news_regus'] . "</div>", $tpl->result['content'] );
if( $config['files_allow'] == "yes" ) {
if( strpos( $tpl->result['content'], "[file=" ) !== false ) {
$tpl->result['content'] = show_file( $tpl->result['content'], $attachments );
}
if( strpos( $tpl->result['content'], "[torrent=" ) !== false ) {
$tpl->result['content'] = show_torrent( $tpl->result['content'], $attachments );
}
}
} // Ðåçóëüòàòû ïîèñêà â ñòàòüÿõ è êîììåíòàðèÿõ
} // while
$tpl->clear();
$db->free( $sql_result );
}
}
}
$tpl->clear();
//####################################################################################################################
// Íàâèãàöèÿ ïî íîâîñòÿì
//####################################################################################################################
if( $found_result > 0 ) {
$tpl->load_template( 'navigation.tpl' );
//----------------------------------
// Previous link
//----------------------------------
if( isset( $search_start ) and $search_start != "" and $search_start > 0 ) {
$prev = $search_start / $config['search_number'];
$prev_page = "<a name=\"prevlink\" id=\"prevlink\" onclick=\"javascript:list_submit($prev); return(false)\" href=#>";
$tpl->set_block( "'\[prev-link\](.*?)\[/prev-link\]'si", $prev_page . "\\1</a>" );
} else {
$tpl->set_block( "'\[prev-link\](.*?)\[/prev-link\]'si", "<span>\\1</span>" );
$no_prev = TRUE;
}
//----------------------------------
// Pages
//----------------------------------
if( $config['search_number'] ) {
$pages_count = @ceil( $count_result / $config['search_number'] );
$pages_start_from = 0;
$pages = "";
for($j = 1; $j <= $pages_count; $j ++) {
if( $pages_start_from != $search_start ) {
$pages .= "<a onclick=\"javascript:list_submit($j); return(false)\" href=#>$j</a> ";
} else {
$pages .= " <span>$j</span> ";
}
$pages_start_from += $config['search_number'];
}
$tpl->set( '{pages}', $pages );
}
//----------------------------------
// Next link
//----------------------------------
if( $config['search_number'] < $count_result and $to_num < $count_result ) {
$next_page = $to_num / $config['search_number'] + 1;
$next = "<a name=\"nextlink\" id=\"nextlink\" onclick=\"javascript:list_submit($next_page); return(false)\" href=#>";
$tpl->set_block( "'\[next-link\](.*?)\[/next-link\]'si", $next . "\\1</a>" );
} else {
$tpl->set_block( "'\[next-link\](.*?)\[/next-link\]'si", "<span>\\1</span>" );
$no_next = TRUE;
}
if( ! $no_prev or ! $no_next ) {
$tpl->compile( 'content' );
}
$tpl->clear();
}
}
?>

View File

@@ -0,0 +1,275 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {die( "Hacking attempt!" );}
$allow_list = explode( ',', $user_group[$member_id['user_group']]['allow_cats'] );
$perm = 1;
$i = 0;
$news_found = false;
$allow_full_cache = false;
$cprefix = "full_".$newsid;
$row = $cache->open( $cprefix, $sql_news );
if( $row ) {
$row = unserialize($row);
$full_cache = true;
} else {
$row = $db->super_query( $sql_news );
$full_cache = false;
}
$options = news_permission( $row['access'] );
if( $options[$member_id['user_group']] and $options[$member_id['user_group']] != 3 ) $perm = 1;
if( $options[$member_id['user_group']] == 3 ) $perm = 0;
if( $options[$member_id['user_group']] == 1 ) $user_group[$member_id['user_group']]['allow_addc'] = 0;
if( $options[$member_id['user_group']] == 2 ) $user_group[$member_id['user_group']]['allow_addc'] = 1;
if( ! $row['approve'] and $member_id['name'] != $row['autor'] and $member_id['user_group'] != '1' ) $perm = 0;
if( ! $row['approve'] ) $allow_comments = false;
if( ! $row['category'] ) {
$my_cat = "---";
$my_cat_link = "---";
} else {
$my_cat = array ();
$my_cat_link = array ();
$cat_list = explode( ',', $row['category'] );
if( count( $cat_list ) == 1 ) {
if( $allow_list[0] != "all" and ! in_array( $cat_list[0], $allow_list ) ) $perm = 0;
$my_cat[] = $cat_info[$cat_list[0]]['name'];
$my_cat_link = get_categories( $cat_list[0] );
} else {
foreach ( $cat_list as $element ) {
if( $allow_list[0] != "all" and ! in_array( $element, $allow_list ) ) $perm = 0;
if( $element ) {
$my_cat[] = $cat_info[$element]['name'];
$my_cat_link[] = "<a href=\"" . $config['http_home_url'] . get_url( $element ) . "/\">{$cat_info[$element]['name']}</a>";
}}$my_cat_link = implode( ', ', $my_cat_link );
}$my_cat = implode( ', ', $my_cat );
}
if ( $row['id'] AND $perm ){
if( strtotime($row['date']) >= ($_TIME - 2592000) ) {$allow_full_cache = true;}
if ($allow_full_cache AND !$full_cache) $cache->save( $cprefix, serialize($row), $sql_news );
if( $row['votes'] ) include_once SYSTEM_DIR . '/modules/poll.php';
$row['category'] = intval( $row['category'] );
$category_id = $row['category'];
$tpl->load_template( 'fullstory.tpl' );
if (!$_SESSION["news_read_{$row['id']}"]){
$db->query( "UPDATE " . PREFIX . "_post set news_read=news_read+1 where id='{$row['id']}'" );
$_SESSION["news_read_{$row['id']}"] = "1";
}
$news_found = TRUE;
$row['date'] = strtotime( $row['date'] );
$tpl->set('{id}', $row['id']);
$tpl->set('{date-month}',$r[(int)date("m",$row['date'])-1]);
$tpl->set('{date-day}',date("d",$row['date']));
//???????? ???????????? URL
preg_match( '/'.$row['id'].'-(.*?).html/is' , $_SERVER["REQUEST_URI"] , $parse_alt_name );
if($row['alt_name'] != trim($parse_alt_name[1]) )$news_found = FALSE;
if( !$news_found ){
@header( "HTTP/1.0 404 Not Found" );
require_once ROOT_DIR.'/404.php';
die();}
//!???????? ???????????? URL
if( (strlen( $row['full_story'] ) < 13) and (strpos( $tpl->copy_template, "{short-story}" ) === false) ) {
$row['full_story'] = $row['short_story'];
}
$full_link = $config['http_home_url'] . $row['id'] . "-" . $row['alt_name'] . ".html";
$short_link = $config['http_home_url'];
$row['alt_name'] = $row['id'] . "-" . $row['alt_name'];
$link_page = $config['http_home_url'] . 'page,' . $news_page . ',';
$news_name = $row['alt_name'];
$i ++;
$metatags['title'] = stripslashes( $row['title'] ) .' » '.$config['home_title'];
$comments_num = $row['comm_num'];
if ($is_logged and $comments_num > 0){
$tpl->set('[comm_sort]', "");
$tpl->set('{comm_sort}', comm_sort());
$tpl->set('[/comm_sort]', "");
}else{$tpl->set_block("'\\[comm_sort\\](.*?)\\[/comm_sort\\]'si", "");}
$news_find = array ('{comments-num}' => $comments_num, '{views}' => $row['news_read'], '{category}' => $my_cat, '{link-category}' => $my_cat_link, '{news-id}' => $row['id'] );
if( date( Ymd, $row['date'] ) == date( Ymd, $_TIME ) ) {$tpl->set( '{date}', $lang['time_heute'] . langdate( ", H:i", $row['date'] ) );
} elseif( date( Ymd, $row['date'] ) == date( Ymd, ($_TIME - 86400) ) ) {
$tpl->set( '{date}', $lang['time_gestern'] . langdate( ", H:i", $row['date'] ) );
} else {$tpl->set( '{date}', langdate( $config['timestamp_active'], $row['date'] ) );}
$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "langdate('\\1', '{$row['date']}')", $tpl->copy_template );
if( $row['tags'] ) {
$tpl->set( '[tags]', "" );
$tpl->set( '[/tags]', "" );
$tags = array ();
$row['tags'] = explode( ",", $row['tags'] );
foreach ( $row['tags'] as $value ) {
$value = trim( $value );
$tags[] = "<a href=\"" . $config['http_home_url'] . "tags/" . urlencode( $value ) . "/\">" . $value . "</a>";
}$tpl->set( '{tags}', implode( ", ", $tags ) );
} else {
$tpl->set_block( "'\\[tags\\](.*?)\\[/tags\\]'si", "" );
$tpl->set( '{tags}', "" );
}
$tpl->set( '', $news_find );
if( $row['allow_rate'] ) {$tpl->set( '{rating}', ShortRating( $row['id'], $row['rating'], $user_group[$member_id['user_group']]['allow_rating'] ) );
}else $tpl->set( '{rating}', "0" );
$tpl->set( '[day-news]', "<a href=\"".$config['http_home_url'] . date( 'Y/m/d/', $row['date'])."\" >" );
$tpl->set( '[/day-news]', "</a>" );
$go_page = $config['http_home_url'] . "user/" . urlencode( $row['autor'] ) . "/";
$tpl->set( '[profile]', "<a href=\"" . $go_page . "\">" );
$tpl->set( '[/profile]', "</a>" );
/* if ($user_group[$user_color[$row['autor']]['user_group']]['colour']){
$group_span = $user_group[$user_color[$row['autor']]['user_group']]['colour'];
$user = "<font color={$group_span}>".$row['autor']."</font>";
}else{*/
$user = $row['autor'];
//}
$tpl->set( '{author}', "<a href=\"" . $go_page . "\">" .$user. "</a>" );
$_SESSION['referrer'] = $_SERVER['REQUEST_URI'];
if( $row['remote_addr'] != "" ) {
$full_link = $config['http_home_url'] . "out.php?url=" . rawurlencode( base64_encode( $row['remote_addr'] ) );
$tpl->set( '[full-link]', "<a href=\"" . $full_link . "\" target=\"_blank\">" );
$tpl->set( '[/full-link]', "</a>" );
} else {
$full_link = $config['http_home_url'] . $row['id'] . "-" . $row['alt_name'] . ".html";
$tpl->set( '[full-link]', "<a href=\"" . $full_link . "\">" );
$tpl->set( '[/full-link]', "</a>" );
}
$tpl->set( '{full-link}', $full_link );
if( $row['allow_comm'] ) {
$tpl->set( '[com-link]', "<a href=\"" . $full_link . "#comment\">" );
$tpl->set( '[/com-link]', "</a>" );
} else
$tpl->set_block( "'\\[com-link\\](.*?)\\[/com-link\\]'si", "" );
if( ! $row['approve'] and ($member_id['name'] == $row['autor'] and ! $user_group[$member_id['user_group']]['allow_all_edit']) ) {
$tpl->set( '[edit]', "<a href=\"" . $config['http_home_url'] . "index.php?do=addnews&amp;id=" . $row['id'] . "\" >" );
$tpl->set( '[/edit]', "</a>" );
} elseif( $is_logged and (($member_id['name'] == $row['autor'] and $user_group[$member_id['user_group']]['allow_edit']) or $user_group[$member_id['user_group']]['allow_all_edit']) ) {
$tpl->set( '[edit]', "<a href=\"/control.php?mod=editnews&action=editnews&id=$row[id]\" target=\"_blank\">" );
$tpl->set( '[/edit]', "</a>" );
} else
$tpl->set_block( "'\\[edit\\](.*?)\\[/edit\\]'si", "" );
//??????? ?? ????
if( $config['allow_cache'] != "yes" ) {
$config['allow_cache'] = "yes";
$revert_cache = true;
} else
$revert_cache = false;
if( $revert_cache ) $config['allow_cache'] = "no";
//!??????? ?? ????
if( $is_logged ) {
$fav_arr = explode( ',', $member_id['favorites'] );
if( ! in_array( $row['id'], $fav_arr ) ) $tpl->set( '{favorites}', "<a id=\"fav-id-" . $row['id'] . "\" href=\"$PHP_SELF?do=favorites&amp;doaction=add&amp;id=" . $row['id'] . "\"><img src=\"" . $config['http_home_url'] . "templates/{$config['skin']}/images/add_fav.png\" onclick=\"doFavorites('" . $row['id'] . "', 'plus'); return false;\" title=\"" . $lang['news_addfav'] . "\" style=\"vertical-align: middle;border: none;\" alt=\"\" /></a>" );
else $tpl->set( '{favorites}', "<a id=\"fav-id-" . $row['id'] . "\" href=\"$PHP_SELF?do=favorites&amp;doaction=del&amp;id=" . $row['id'] . "\"><img src=\"" . $config['http_home_url'] . "templates/{$config['skin']}/images/del_fav.png\" onclick=\"doFavorites('" . $row['id'] . "', 'minus'); return false;\" title=\"" . $lang['news_minfav'] . "\" style=\"vertical-align: middle;border: none;\" alt=\"\" /></a>" );
} else $tpl->set( '{favorites}', "" );
if( $is_logged ){
$subscribe = $db->super_query("SELECT COUNT(*) as count FROM " . PREFIX . "_subscribe WHERE news_id=$row[id] AND user_id=$member_id[user_id]");
if($subscribe['count'] == 0 ) $tpl->set( '{sibscribe}', "<a href=\"#\" id=\"subscribe-id-" . $row['id'] . "\" onclick=\"comm_Subscribe('" . $row['id'] . "'); return false;\">Ïîäïèñàòüñÿ</a>" );
else $tpl->set( '{sibscribe}', "<a href=\"#\" id=\"subscribe-id-" . $row['id'] . "\" onclick=\"comm_Subscribe('" . $row['id'] . "'); return false;\">Îòïèñàòüñÿ</a>" );
}
if( $row['votes'] ) $tpl->set( '{poll}', $tpl->result['poll'] );
else $tpl->set( '{poll}', '' );
$tpl->set( '{title}', stripslashes( $row['title'] ));
if ($smartphone_detected) {
if (!$config['allow_smart_format']) {
$row['short_story'] = strip_tags( $row['short_story'], '<p><br><a>' );
$row['full_story'] = strip_tags( $row['full_story'], '<p><br><a>' );
} else {
if ( !$config['allow_smart_images'] ) {
$row['short_story'] = preg_replace( "#<!--TBegin-->(.+?)<!--TEnd-->#is", "", $row['short_story'] );
$row['short_story'] = preg_replace( "#<img(.+?)>#is", "", $row['short_story'] );
$row['full_story'] = preg_replace( "#<!--TBegin-->(.+?)<!--TEnd-->#is", "", $row['full_story'] );
$row['full_story'] = preg_replace( "#<img(.+?)>#is", "", $row['full_story'] );
}
if ( !$config['allow_smart_video'] ) {
$row['short_story'] = preg_replace( "#<!--dle_video_begin(.+?)<!--dle_video_end-->#is", "", $row['short_story'] );
$row['short_story'] = preg_replace( "#<!--dle_audio_begin(.+?)<!--dle_audio_end-->#is", "", $row['short_story'] );
$row['full_story'] = preg_replace( "#<!--dle_video_begin(.+?)<!--dle_video_end-->#is", "", $row['full_story'] );
$row['full_story'] = preg_replace( "#<!--dle_audio_begin(.+?)<!--dle_audio_end-->#is", "", $row['full_story'] );
}}}
$tpl->set( '{short-story}', stripslashes( $row['short_story'] ) );
$tpl->set( '{full-story}', stripslashes( "<div id='news-id-" . $row['id'] . "'>" . $row['full_story'] . "</div>" ) );
include_once SYSTEM_DIR . '/modules/newsimg.php';
if( $row['keywords'] == '' and $row['descr'] == '' ) create_keywords( $row['short_story'] . $row['full_story'] );
else {$metatags['keywords'] = $row['keywords']; $metatags['description'] = $row['descr'];}
if ($row['metatitle']) $metatags['header_title'] = $row['metatitle'];
$tpl->compile( 'content' );
if( $user_group[$member_id['user_group']]['allow_hide'] ) $tpl->result['content'] = preg_replace( "'\[hide\](.*?)\[/hide\]'si", "\\1", $tpl->result['content']);
else $tpl->result['content'] = preg_replace ( "'\[hide\](.*?)\[/hide\]'si", "<div class=\"quote\">" . $lang['news_regus'] . "</div>", $tpl->result['content'] );
$tpl->result['content'] = preg_replace ( "'\[group=(.*?)\](.*?)\[/group\]'sie",'group_hide($1,"\\2")', $tpl->result['content']);
$news_id = $row['id'];
$allow_comments = $row['allow_comm'];
$allow_add = true;
if( isset( $view_template ) ) $allow_comments = false;
}
$tpl->clear();
unset( $row );
if( $config['files_allow'] == "yes" ){
if( strpos( $tpl->result['content'], "[file=" ) !== false ) {$tpl->result['content'] = show_file( $tpl->result['content'], $news_id );}
if( strpos( $tpl->result['content'], "[torrent=" ) !== false ) {$tpl->result['content'] = show_torrent( $tpl->result['content'], $news_id );}
}
if( ! $news_found and ! $perm ) msgbox( $lang['all_err_1'], "<b>{$user_group[$member_id['user_group']]['group_name']}</b> " . $lang['news_err_28'] );
elseif( ! $news_found ) {
@header( "HTTP/1.0 404 Not Found" );
require_once ROOT_DIR.'/404.php';
die();
}
if($news_found) {
include_once SYSTEM_DIR . '/classes/comments.class.php';
$comments = new Comments( $db, $comments_num, intval($config['comm_nummers']) );
$comments->nid = $news_id;
$comments->query = "SELECT " . PREFIX . "_comments.id, post_id, " . PREFIX . "_comments.user_id, date, autor as gast_name, " . PREFIX . "_comments.email as gast_email, text, ip, is_register, name, rating, " . USERPREFIX . "_users.email, news_num, comm_num, user_group, reg_date, signature, lastdate, foto, fullname, land, icq, repa, repa_mod, repa_off FROM " . PREFIX . "_comments LEFT JOIN " . USERPREFIX . "_users ON " . PREFIX . "_comments.user_id=" . USERPREFIX . "_users.user_id WHERE " . PREFIX . "_comments.post_id = '$news_id' ORDER BY date ".$dle_comm_sort;
if ( $allow_full_cache ) $allow_full_cache = $news_id;
$comments->build_comments('news', $allow_full_cache );
$comments->build_navigation('navigation.tpl', $link_page . "{page}," . $news_name . ".html#comment", "newsid=" . $newsid);
$comments->build_comm_form();
unset ($comments);
}
?>

View File

@@ -0,0 +1,289 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {die( "Hacking attempt!" );}
if( $allow_active_news ) {
$i = $cstart;
$news_found = FALSE;
$tpl->load_template( 'shortstory.tpl' );
$sql_result = $db->query( $sql_select );
while ( $row = $db->get_row( $sql_result ) ) {
$news_found = TRUE;
$attachments[] = $row['id'];
$tpl->set('{id}', $row['id']);
$row['date'] = strtotime( $row['date'] );
$tpl->set('{date-month}',$r[(int)date("m",$row['date'])-1]);
$tpl->set('{date-day}',date("d",$row['date']));
$i ++;
if( ! $row['category'] ) { $my_cat = "---"; $my_cat_link = "---";
} else {$my_cat = array (); $my_cat_link = array (); $cat_list = explode( ',', $row['category'] );
if( count( $cat_list ) == 1 ) {
$my_cat[] = $cat_info[$cat_list[0]]['name'];
$my_cat_link = get_categories( $cat_list[0] );
} else {
foreach ( $cat_list as $element ) {
if( $element ) {
$my_cat[] = $cat_info[$element]['name'];
$my_cat_link[] = "<a href=\"" . $config['http_home_url'] . get_url( $element ) . "/\">{$cat_info[$element]['name']}</a>";
}}$my_cat_link = implode( ', ', $my_cat_link );
}$my_cat = implode( ', ', $my_cat );
}$row['category'] = intval( $row['category'] );
//Äåéñòâèå ñ íîâîñòüþ ïðè ðåéòèíãå
if ( $row['rating'] <= '-5' and $row['allow_main']){
$db->query( "UPDATE " . PREFIX . "_post SET allow_main = '0' WHERE id = '".$row['id']."'");
$cache->clear( 'news_' );
} elseif($row['rating'] >= '5' and $row['allow_main']!='1'){
$db->query( "UPDATE " . PREFIX . "_post SET allow_main = '1' WHERE id = '".$row['id']."'");
$cache->clear( 'news_' );
}
//!Äåéñòâèå ñ íîâîñòüþ ïðè ðåéòèíãå
$news_find = array ('{comments-num}' => $row['comm_num'], '{views}' => $row['news_read'], '{category}' => $my_cat, '{link-category}' => $my_cat_link, '{news-id}' => $row['id']);
$tpl->set( '', $news_find );
$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "langdate('\\1', '{$row['date']}')", $tpl->copy_template );
if( $row['tags'] ) {
$tpl->set( '[tags]', "" );
$tpl->set( '[/tags]', "" );
$tags = array ();
$row['tags'] = explode( ",", $row['tags'] );
foreach ( $row['tags'] as $value ) {
$value = trim( $value );
$tags[] = "<a href=\"" . $config['http_home_url'] . "tags/" . urlencode( $value ) . "/\">" . $value . "</a>";
}$tpl->set( '{tags}', implode( ", ", $tags ) );
} else {
$tpl->set_block( "'\\[tags\\](.*?)\\[/tags\\]'si", "" );
$tpl->set( '{tags}', "" );
}
if( $row['allow_rate'] ) {$tpl->set( '{rating}', ShortRating( $row['id'], $row['rating'], $user_group[$member_id['user_group']]['allow_rating'] ) );
}else $tpl->set( '{rating}', "0" );
$tpl->set( '[day-news]', "<a href=\"".$config['http_home_url'] . date( 'Y/m/d/', $row['date'])."\" >" );
$tpl->set( '[/day-news]', "</a>" );
/* if ($user_group[$user_color[$row['autor']]['user_group']]['colour']){
$group_span = $user_group[$user_color[$row['autor']]['user_group']]['colour'];
$user = "<font color={$group_span}>".$row['autor']."</font>";
}else{*/
$user = $row['autor'];
//}
$go_page = $config['http_home_url'] . "user/" . urlencode( $row['autor'] ) . "/";
$tpl->set( '{login}', $row['autor'] );
$tpl->set( '{author}', "<a href=\"" . $go_page . "\">" .$user. "</a>" );
$tpl->set( '[profile]', "<a href=\"" . $go_page . "\">" );
$tpl->set( '[/profile]', "</a>" );
if( $allow_userinfo and ! $row['approve'] and ($member_id['name'] == $row['autor'] and ! $user_group[$member_id['user_group']]['allow_all_edit']) ) {
$tpl->set( '[edit]', "<a href=\"" . $config['http_home_url'] . "index.php?do=addnews&id=" . $row['id'] . "\" >" );
$tpl->set( '[/edit]', "</a>" );
} elseif( $is_logged and (($member_id['name'] == $row['autor'] and $user_group[$member_id['user_group']]['allow_edit']) or $user_group[$member_id['user_group']]['allow_all_edit']) ) {
$_SESSION['referrer'] = $_SERVER['REQUEST_URI'];
$tpl->set( '[edit]', "<a href=\"/control.php?mod=editnews&action=editnews&id=$row[id]\" target=\"_blank\">" );
$tpl->set( '[/edit]', "</a>" );
} else $tpl->set_block( "'\\[edit\\](.*?)\\[/edit\\]'si", "" );
if( $row['remote_addr'] != "" ) {
$full_link = $config['http_home_url'] . "out.php?url=" . rawurlencode( base64_encode( $row['remote_addr'] ) );
$tpl->set( '[full-link]', "<a href=\"" . $full_link . "\" target=\"_blank\">" );
$tpl->set( '[/full-link]', "</a>" );
} else {
$full_link = $config['http_home_url'] . $row['id'] . "-" . $row['alt_name'] . ".html";
$tpl->set( '[full-link]', "<a href=\"" . $full_link . "\">" );
$tpl->set( '[/full-link]', "</a>" );
}
$tpl->set( '{full-link}', $full_link );
include SYSTEM_DIR . '/modules/newsimg.php';
if( $row['allow_comm'] ) {
$comm_link = $config['http_home_url'] . $row['id'] . "-" . $row['alt_name'] . ".html";
$tpl->set( '[com-link]', "Êîììåíòàðèè: <a href=\"" . $comm_link . "#comment\">" );
$tpl->set( '[/com-link]', "</a> | " );
} else $tpl->set_block( "'\\[com-link\\](.*?)\\[/com-link\\]'si", "" );
if( $is_logged ) {
$fav_arr = explode( ',', $member_id['favorites'] );
if( ! in_array( $row['id'], $fav_arr ) or $config['allow_cache'] == "yes" ) $tpl->set( '{favorites}', "<a id=\"fav-id-" . $row['id'] . "\" href=\"$PHP_SELF?do=favorites&amp;doaction=add&amp;id=" . $row['id'] . "\"><img src=\"" . $config['http_home_url'] . "templates/{$config['skin']}/images/add_fav.png\" onclick=\"doFavorites('" . $row['id'] . "', 'plus'); return false;\" title=\"" . $lang['news_addfav'] . "\" style=\"vertical-align: middle;border: none;\" alt=\"\" /></a>" );
else $tpl->set( '{favorites}', "<a id=\"fav-id-" . $row['id'] . "\" href=\"$PHP_SELF?do=favorites&amp;doaction=del&amp;id=" . $row['id'] . "\"><img src=\"" . $config['http_home_url'] . "templates/{$config['skin']}/images/del_fav.png\" onclick=\"doFavorites('" . $row['id'] . "', 'minus'); return false;\" title=\"" . $lang['news_minfav'] . "\" style=\"vertical-align: middle;border: none;\" alt=\"\" /></a>" );
} else $tpl->set( '{favorites}', "" );
if( $allow_userinfo and ! $row['approve'] ) {$tpl->set( '{approve}', $lang['approve'] );
} else $tpl->set( '{approve}', "" );
if ($smartphone_detected) {
if (!$config['allow_smart_format']) {
$row['short_story'] = strip_tags( $row['short_story'], '<p><br><a>' );
} else {
if ( !$config['allow_smart_images'] ) {
$row['short_story'] = preg_replace( "#<!--TBegin-->(.+?)<!--TEnd-->#is", "", $row['short_story'] );
$row['short_story'] = preg_replace( "#<img(.+?)>#is", "", $row['short_story'] );
}
if ( !$config['allow_smart_video'] ) {
$row['short_story'] = preg_replace( "#<!--dle_video_begin(.+?)<!--dle_video_end-->#is", "", $row['short_story'] );
$row['short_story'] = preg_replace( "#<!--dle_audio_begin(.+?)<!--dle_audio_end-->#is", "", $row['short_story'] );
}}}
if( strlen( $row['title']) > 70 ) $title = substr( stripslashes( $row['title'] ), 0, 70)."..."; else $title = stripslashes( $row['title'] ); $tpl->set( '{title}', $title );
$tpl->set( '{short-story}', stripslashes( "<div id='news-id-" . $row['id'] . "'>" . $row['short_story'] . "</div>" ) );
$tpl->compile( 'content' );
if( $user_group[$member_id['user_group']]['allow_hide'] ) $tpl->result['content'] = preg_replace( "'\[hide\](.*?)\[/hide\]'si", "\\1", $tpl->result['content']);
else $tpl->result['content'] = preg_replace ( "'\[hide\](.*?)\[/hide\]'si", "<div class=\"quote\">" . $lang['news_regus'] . "</div>", $tpl->result['content'] );
$tpl->result['content'] = preg_replace ( "'\[group=(.*?)\](.*?)\[/group\]'sie",'group_hide($1,"\\2")', $tpl->result['content']);
}
$tpl->clear();
if( $i >= $config['news_number'] AND !isset( $view_template )){
$count_all = $db->super_query( $sql_count );
$count_all = $count_all['count'];
} else $count_all = 0;
if( $do == "" ) $do = $subaction;
if( $do == "" and $year ) $do = "date";
$ban_short = array ();
unset( $ban_short );
if( ! $news_found and $allow_userinfo and $member_id['name'] == $user and $user_group[$member_id['user_group']]['allow_adds'] ) {
$tpl->load_template( 'info.tpl' );
$tpl->set( '{error}', $lang['mod_list_f'] );
$tpl->set( '{title}', $lang['all_info'] );
$tpl->compile( 'content' );
$tpl->clear();
} elseif( ! $news_found and ! $allow_userinfo and $do != '' and $do != 'favorites' and $view_template != 'rss' ) {
if ( $newsmodule ) @header( "HTTP/1.0 404 Not Found" );
msgbox( $lang['all_err_1'], $lang['news_err_27'] );
} elseif( ! $news_found and $catalog != "" ) {
if ( $newsmodule ) @header( "HTTP/1.0 404 Not Found" );
msgbox( $lang['all_err_1'], $lang['news_err_27'] );
} elseif( ! $news_found and $do == 'favorites' ) {
if ( $member_id['favorites'] AND !$count_all) $db->query( "UPDATE " . USERPREFIX . "_users SET favorites='' WHERE user_id = '{$member_id['user_id']}'" );
if (!$count_all) msgbox( $lang['all_info'], $lang['fav_notfound'] ); else msgbox( $lang['all_info'], $lang['fav_notfound_1'] );
}
//####################################################################################################################
// Íàâèãàöèÿ ïî íîâîñòÿì
//####################################################################################################################
if( ! isset( $view_template ) and $count_all ) {
$tpl->load_template( 'navigation.tpl' );
$no_prev = false;
$no_next = false;
if( isset( $cstart ) and $cstart != "" and $cstart > 0 ) {
$prev = $cstart / $config['news_number'];
$prev_page = $url_page . "/page/" . $prev . "/";
$tpl->set_block( "'\[prev-link\](.*?)\[/prev-link\]'si", "<a href=\"" . $prev_page . "\">\\1</a>" );
} else {
$tpl->set_block( "'\[prev-link\](.*?)\[/prev-link\]'si", "<span>\\1</span>" );
$no_prev = TRUE;
}
if( $config['news_number'] ) {
if( $count_all > $config['news_number'] ) {
$enpages_count = @ceil( $count_all / $config['news_number'] );
$pages = "";
$cstart = ($cstart / $config['news_number']) + 1;
if( $enpages_count <= 10 ) {
for($j = 1; $j <= $enpages_count; $j ++) {
if( $j != $cstart ) {
$pages .= "<a href=\"" . $url_page . "/page/" . $j . "/\">$j</a> ";
} else {
$pages .= "<span>$j</span> ";
}
}
} else {
$start = 1;
$end = 10;
$nav_prefix = "<span class=\"nav_ext\">{$lang['nav_trennen']}</span> ";
if( $cstart > 0 ) {
if( $cstart > 6 ) {
$start = $cstart - 4;
$end = $start + 8;
if( $end >= $enpages_count ) {
$start = $enpages_count - 9;
$end = $enpages_count - 1;
$nav_prefix = "";
} else
$nav_prefix = "<span class=\"nav_ext\">{$lang['nav_trennen']}</span> ";
}
}
if( $start >= 2 ) {
$pages .= "<a href=\"" . $url_page . "/page/1/\">1</a> <span class=\"nav_ext\">{$lang['nav_trennen']}</span> ";
}
for($j = $start; $j <= $end; $j ++) {
if( $j != $cstart ) {
$pages .= "<a href=\"" . $url_page . "/page/" . $j . "/\">$j</a> ";
} else {
$pages .= "<span>$j</span> ";
}
}
if( $cstart != $enpages_count ) {
$pages .= $nav_prefix . "<a href=\"" . $url_page . "/page/{$enpages_count}/\">{$enpages_count}</a>";
} else
$pages .= "<span>{$enpages_count}</span> ";
}
}
$tpl->set( '{pages}', $pages );
}
//----------------------------------
// Next link
//----------------------------------
if( $config['news_number'] and $config['news_number'] < $count_all and $i < $count_all ) {
$next_page = $i / $config['news_number'] + 1;
$next = $url_page . '/page/' . $next_page . '/';
$tpl->set_block( "'\[next-link\](.*?)\[/next-link\]'si", "<a href=\"" . $next . "\">\\1</a>" );
} else {
$tpl->set_block( "'\[next-link\](.*?)\[/next-link\]'si", "<span>\\1</span>" );
$no_next = TRUE;
}
if (!$no_prev or !$no_next){
//$tpl->compile('navpages');
$tpl->compile('content');
}
$tpl->clear();
}
//$tpl->result['content'] = $tpl->result['navpages'] . $tpl->result['content'] . $tpl->result['navpages'];
}
?>

View File

@@ -0,0 +1,139 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {die( "Hacking attempt!" );}
$_IP = $db->safesql( $_SERVER['REMOTE_ADDR'] );
$dle_login_hash = "";
//Завершение сеанса пользователя
if( isset( $_REQUEST['action'] ) and $_REQUEST['action'] == "logout" ) {
$dle_user_id = "";
$dle_password = "";
set_cookie( "dle_user_id", "", 0 );
set_cookie( "dle_name", "", 0 );
set_cookie( "dle_password", "", 0 );
set_cookie( "dle_skin", "", 0 );
set_cookie( "dle_newpm", "", 0 );
set_cookie( "dle_hash", "", 0 );
set_cookie( session_name(), "", 0 );
setcookie("dle_onl_session","", time() - 3600, "/", $domain);
@session_destroy();
@session_unset();
$is_logged = 0;
header( "Location: ".str_replace("index.php","",$_SERVER['PHP_SELF']) );
die();
}
$is_logged = 0;
$member_id = array ();
if( isset( $_POST['login'] ) AND $_POST['login_name'] AND $_POST['login_password'] AND $_POST['login'] == "submit" ) {
$_POST['login_name'] = $db->safesql( $_POST['login_name'] );
$_POST['login_password'] = @md5( $_POST['login_password'] );
if ( !preg_match( "/[\||\'|\<|\>|\"|\!|\?|\$|\@|\/|\\\|\&\~\*\+]/", $_POST['login_name']) ) {
$member_id = $db->super_query( "SELECT * FROM " . USERPREFIX . "_users where name='{$_POST['login_name']}' and password='" . md5( $_POST['login_password'] ) . "'" );
if( $member_id['user_id'] ) {
set_cookie( "dle_user_id", $member_id['user_id'], 365 );
set_cookie( "dle_password", $_POST['login_password'], 365 );
$_SESSION['dle_user_id'] = $member_id['user_id'];
$_SESSION['dle_password'] = $_POST['login_password'];
$dle_login_hash = md5( $_SERVER['HTTP_HOST'] . $member_id['user_id'] . sha1($_POST['login_password']) . $config['key'] . date( "Ymd" ) );
if( $config['log_hash'] ) {
$salt = "abchefghjkmnpqrstuvwxyz0123456789";
$hash = '';
srand( ( double ) microtime() * 1000000 );
for($i = 0; $i < 9; $i ++) {
$hash .= $salt{rand( 0, 33 )};
}
$hash = md5( $hash );
$db->query( "UPDATE " . USERPREFIX . "_users set hash='" . $hash . "', lastdate='{$_TIME}', logged_ip='" . $_IP . "' WHERE user_id='{$member_id['user_id']}'" );
set_cookie( "dle_hash", $hash, 365 );
$_COOKIE['dle_hash'] = $hash;
$member_id['hash'] = $hash;
} else
$db->query( "UPDATE LOW_PRIORITY " . USERPREFIX . "_users set lastdate='{$_TIME}', logged_ip='" . $_IP . "' WHERE user_id='{$member_id['user_id']}'" );
$is_logged = TRUE;
}
}
} elseif( isset( $_SESSION['dle_user_id'] ) AND intval( $_SESSION['dle_user_id'] ) > 0 AND $_SESSION['dle_password'] ) {
$member_id = $db->super_query( "SELECT * FROM " . USERPREFIX . "_users WHERE user_id='" . intval( $_SESSION['dle_user_id'] ) . "'" );
if( $member_id['user_id'] AND $member_id['password'] AND $member_id['password'] == md5( $_SESSION['dle_password'] ) ) {
$is_logged = TRUE;
$dle_login_hash = md5( $_SERVER['HTTP_HOST'] . $member_id['user_id'] . sha1($_SESSION['dle_password']) . $config['key'] . date( "Ymd" ) );
} else {
$member_id = array ();
$is_logged = false;
}
} elseif( isset( $_COOKIE['dle_user_id'] ) AND intval( $_COOKIE['dle_user_id'] ) > 0 AND $_COOKIE['dle_password']) {
$member_id = $db->super_query( "SELECT * FROM " . USERPREFIX . "_users WHERE user_id='" . intval( $_COOKIE['dle_user_id'] ) . "'" );
if( $member_id['user_id'] AND $member_id['password'] AND $member_id['password'] == md5( $_COOKIE['dle_password'] ) ) {
$is_logged = TRUE;
$dle_login_hash = md5( $_SERVER['HTTP_HOST'] . $member_id['user_id'] . sha1($_COOKIE['dle_password']) . $config['key'] . date( "Ymd" ) );
$_SESSION['dle_user_id'] = $member_id['user_id'];
$_SESSION['dle_password'] = $_COOKIE['dle_password'];
} else {
$member_id = array ();
$is_logged = false;
}
if( $config['log_hash'] and (($_COOKIE['dle_hash'] != $member_id['hash']) or ($member_id['hash'] == "")) ) {
$member_id = array ();
$is_logged = false;
}
}
if( isset( $_POST['login'] ) and ! $is_logged ) {msgbox( $lang['login_err'], $lang['login_err_1'] );}
//Пользователь авторизировался
if( $is_logged ) {
if(!$_TIME) $_TIME = time() + ($config['date_adjust'] * 60);
//Проверка на привязанность к IP
if( ! allowed_ip( $member_id['allowed_ip'] ) ) {
$is_logged = 0;
msgbox( $lang['login_err'], $lang['ip_block_login'] );
}
if( $config['ip_control'] == '2' and ! check_netz( $member_id['logged_ip'], $_IP ) and ! isset( $_POST['login'] ) ) $is_logged = 0;
elseif( $config['ip_control'] == '1' and $user_group[$member_id['user_group']]['allow_admin'] and ! check_netz( $member_id['logged_ip'], $_IP ) and ! isset( $_POST['login'] ) ) $is_logged = 0;
}
//Не авторизированный пользователь
if( ! $is_logged ) {
$member_id = array ();
set_cookie( "dle_user_id", "", 0 );
set_cookie( "dle_password", "", 0 );
set_cookie( "dle_hash", "", 0 );
$_SESSION['dle_user_id'] = 0;
$_SESSION['dle_password'] = "";
//Если не авторизирован, то группа пользователей 5(Гость)
$member_id['user_group'] = 5;
}
?>

56
system/modules/static.php Normal file
View File

@@ -0,0 +1,56 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {die( "Hacking attempt!" );}
$name = @$db->safesql( trim( totranslit( $_GET['page'], true, false ) ) );
if( ! $static_result['id'] ) $static_result = $db->super_query( "SELECT * FROM " . PREFIX . "_static WHERE name='$name'" );
if( $static_result['id'] ) {
$db->query( "UPDATE " . PREFIX . "_static set views=views+1 where id='{$static_result['id']}'" );
$static_result['grouplevel'] = explode( ',', $static_result['grouplevel'] );
if( $static_result['date'] ) $_DOCUMENT_DATE = $static_result['date'];
if( $static_result['grouplevel'][0] != "all" and ! in_array( $member_id['user_group'], $static_result['grouplevel'] ) ) {msgbox( $lang['all_err_1'], $lang['static_denied'] );
} else {
$template = stripslashes( $static_result['template'] );
$static_descr = stripslashes( strip_tags( $static_result['descr'] ) );
if( $static_result['metakeys'] == '' AND $static_result['metadescr'] == '' ) create_keywords( $template );
else {
$metatags['keywords'] = $static_result['metakeys'];
$metatags['description'] = $static_result['metadescr'];
}
if ($static_result['metatitle']) $metatags['header_title'] = $static_result['metatitle'];
$tpl->load_template( 'static.tpl' );
if( @date( "Ymd", $static_result['date'] ) == date( "Ymd", $_TIME ) ) {
$tpl->set( '{date}', $lang['time_heute'] . langdate( ", H:i", $static_result['date'] ) );
} elseif( @date( "Ymd", $static_result['date'] ) == date( "Ymd", ($_TIME - 86400) ) ) {
$tpl->set( '{date}', $lang['time_gestern'] . langdate( ", H:i", $static_result['date'] ) );
} else {
$tpl->set( '{date}', langdate( $config['timestamp_active'], $static_result['date'] ) );
}
$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "langdate('\\1', '{$static_result['date']}')", $tpl->copy_template );
$tpl->set( '{description}', $static_descr );
$tpl->set( '{static}', $template );
$tpl->set( '{views}', $static_result['views'] );
$tpl->compile( 'content' );
if( $user_group[$member_id['user_group']]['allow_hide'] ) $tpl->result['content'] = preg_replace( "'\[hide\](.*?)\[/hide\]'si", "\\1", $tpl->result['content']);
else $tpl->result['content'] = preg_replace ( "'\[hide\](.*?)\[/hide\]'si", "<div class=\"quote\">" . $lang['news_regus'] . "</div>", $tpl->result['content'] );
$tpl->clear();
}
if( $config['files_allow'] == "yes" ){
if( strpos( $tpl->result['content'], "[file=" ) !== false ) {$tpl->result['content'] = show_file( $tpl->result['content'], $static_result['id'], true );}
if( strpos( $tpl->result['content'], "[torrent=" ) !== false ) {$tpl->result['content'] = show_torrent( $tpl->result['content'], $static_result['id'], true );}
}
} else {
@header( "HTTP/1.0 404 Not Found" );
require_once ROOT_DIR.'/404.php';
die();
}
?>

111
system/modules/stats.php Normal file
View File

@@ -0,0 +1,111 @@
<?php
if( ! defined( 'DATALIFEENGINE' ) ) {
die( "Hacking attempt!" );
}
$tpl->result['content'] = $cache->open( "stats", $config['skin'] );
if( ! $tpl->result['content'] ) {
$db->query( "SHOW TABLE STATUS FROM `" . DBNAME . "`" );
$mysql_size = 0;
while ( $r = $db->get_row() ) {if( strpos( $r['Name'], PREFIX . "_" ) !== false ) $mysql_size += $r['Data_length'] + $r['Index_length'];}
$db->free();
$mysql_size = mksize( $mysql_size );
$size_info = $db->super_query("SELECT sum(size) size FROM ".PREFIX."_torrents");
$row = $db->super_query( "SELECT COUNT(*) as count FROM " . PREFIX . "_post" );
$stats_news = $row['count'];
$row = $db->super_query( "SELECT COUNT(*) as count FROM " . PREFIX . "_post WHERE approve ='1'" );
$stats_approve = $row['count'];
$row = $db->super_query( "SELECT COUNT(*) as count FROM " . PREFIX . "_comments" );
$count_comments = $row['count'];
$row = $db->super_query( "SELECT COUNT(*) as count FROM " . USERPREFIX . "_users" );
$stats_users = $row['count'];
$row = $db->super_query( "SELECT COUNT(*) as count FROM " . USERPREFIX . "_users WHERE banned='yes'" );
$stats_banned = $row['count'];
$row = $db->super_query( "SELECT COUNT(*) as count FROM " . PREFIX . "_post WHERE allow_main ='1' AND approve ='1'" );
$stats_main = $row['count'];
$tpl->load_template( 'stats.tpl' );
$tpl->set( '{datenbank}', $mysql_size );
$tpl->set( '{size_info}', mksize($size_info['size']) );
$tpl->set( '{news_num}', $stats_news );
$tpl->set( '{news_allow}', $stats_approve );
$tpl->set( '{comm_num}', $count_comments );
$tpl->set( '{user_num}', $stats_users );
$tpl->set( '{user_banned}', $stats_banned );
$tpl->set( '{news_main}', $stats_main );
$tpl->set( '{news_moder}', $stats_news - $stats_approve );
//Ñòàòèñòèêà òîððåíòà
$result = $db->super_query("SELECT sum(leechers) leechers, sum(seeders) seeders, sum(leechers or seeders) torrents FROM ".PREFIX."_torrents");
$result['peers'] = $result['leechers'] + $result['seeders'];
if($result['peers']) {
$leechers = $result['leechers']." (".round($result['leechers']*100/$result['peers'])."%)";
$seeders = $result['seeders']." (".round($result['seeders']*100/$result['peers'])."%)";
} else {$leechers = $seeders = 0;}
$tr_a = $db->super_query("SELECT count(id) as c FROM ".PREFIX."_torrents");
$rt_dz = $tr_a['c'] - $result['torrents'];
if($tr_a['c']) {
$tr_d = $rt_dz." (".round($rt_dz*100/$tr_a['c'])."%)";
$result['torrents'] = $result['torrents']." (".round($result['torrents']*100/$tr_a['c'])."%)";
} else {$tr_d = $tr_dz;}
$res_info = $db->super_query("SELECT sum(downloaded) downloaded, sum(uploaded) uploaded FROM ".PREFIX."_users");
$res_info['all'] = $res_info['downloaded'] + $res_info['uploaded'];
$tpl->set( '{all_tor}', $tr_a['c'] );
$tpl->set( '{active_tor}', $result['torrents'] );
$tpl->set( '{dead_tor}', $tr_d );
$tpl->set( '{activeconn_tor}', $result['peers'] );
$tpl->set( '{seeders_tor}', $seeders );
$tpl->set( '{leechers_tor}', $leechers );
$tpl->set( '{sumupl_tor}', mksize($res_info['uploaded']) );
$tpl->set( '{sumdown_tor}', mksize($res_info['downloaded']) );
$tpl->set( '{sumall_tor}', mksize($res_info['all']) );
/*$res = $db->super_query("SELECT sum(down_speed) down_speed, sum(up_speed) up_speed FROM xbt_files_users");
$tpl->set( '{speed_up}', mksize($res['up_speed']) );
$tpl->set( '{speed_down}', mksize($result['down_speed']));*/
//!ñòàòèñòèêà òîððåíòà
//Òîï þçåðîâ ïî íîâîñòÿì
$db->query( "SELECT user_id, name, user_group, reg_date, lastdate, news_num, comm_num FROM " . USERPREFIX . "_users WHERE news_num > '0' ORDER BY news_num DESC LIMIT 0,10" );
$top_table = "<thead><td>{$lang['top_name']}</td><td align=\"center\">{$lang['top_status']}</td><td align=\"center\">{$lang['top_reg']}</td><td align=\"center\">{$lang['top_last']}</td><td align=\"center\">{$lang['top_nnum']}</td><td align=\"center\">{$lang['top_cnum']}</td></thead>";
while ( $row = $db->get_row() ) {
$registration = langdate( $config['timestamp_active'], $row['reg_date'] );
$last = langdate( $config['timestamp_active'], $row['lastdate'] );
$user_name = "<a href=\"" . $config['http_home_url'] . "user/" . urlencode( $row['name'] ) . "/\">" . $row['name']. "</a>";
$user_pm = "<a href=\"$PHP_SELF?do=pm&doaction=newpm&user=" . $row['user_id'] . "\">{$lang['top_pm']}</a>";
if ($user_group[$row['user_group']]['colour']){
$group_span = $user_group[$row['user_group']]['colour'];
$group_name = "<span style=\"color:{$group_span}\">".$user_group[$row['user_group']]['group_name']."</span>";
}else{
$group_name = $user_group[$row['user_group']]['group_name'];
}
$top_table .= "<tr><td>{$user_name}</td><td align=\"center\">{$group_name}</td><td align=\"center\">{$registration}</td><td align=\"center\">{$last}</td><td align=\"center\">{$row['news_num']}</td><td align=\"center\">{$row['comm_num']}</td></tr>";
}
$db->free();
$tpl->set( '{topusers}', $top_table );
//!Òîï þçåðîâ ïî íîâîñòÿì
//Òîï ïî ðàçäàííîìó
$i=0;
$sql_upload = $db->query("SELECT name,uploaded FROM ".USERPREFIX."_users ORDER BY uploaded DESC LIMIT 10;");
$upload = "<thead><td>¹</td><td align=\"center\">Ïîëüçîâàòåëü</td><td align=\"center\">Ðàçäàë</td></thead>";
while ($u = $db->get_row($sql_upload)) {
$i++;
$dw = mksize($u['uploaded']);
$user = "<a href=\"/user/".urlencode($u['name'])."/\">".$u['name']."</a>";
$upload .= "<tr><td>{$i}</td><td>{$user}</td><td>{$dw}</td></tr>";
}
$u=$user="";
$tpl->set( '{topuploaded}', $upload );
//!Òîï ïî ðàçäàííîìó
$tpl->compile( 'content' );
$tpl->clear();
$cache->save( "stats", $tpl->result['content'], $config['skin'] );
}
?>

310
system/modules/table.php Normal file
View File

@@ -0,0 +1,310 @@
<?php
if ( ! defined( 'DATALIFEENGINE' ) ) {
die( "Hacking attempt!" );
}
include_once ROOT_DIR . '/language/' . $config['langs'] . '/table.lng';
@include_once SYSTEM_DIR . '/data/tableconfig.php';
// ********************************************************************************
// Do add orders
// ********************************************************************************
if( $_REQUEST['action'] == "view" ) {
$id = intval( $_GET['id'] );
$db->query( "SELECT * FROM " . PREFIX . "_table where id= '$id'" );
$row = $db->get_row();
if( $db->num_rows() < 1 ) {
msgbox( $lang['all_err_1'], "Çàêàçà ïîä òàêèì íîìåðîì íå íàéäåíî" );
} else {
if ( $row['runame'] ){ $title = stripslashes($row['runame']); }
elseif ( $row['enname'] ){ $title = stripslashes($row['enname']); }
$metatags['title'] = 'Ñòîë çàêàçîâ' . ' &raquo; ' . $title . ' &raquo; ' . $config['home_title'];
$inetlink = explode("\n", stripslashes($row['answer']));
$inetlink_1 = '<a href="';
$inetlink_2 = '" target="_blank"><b>Ïåðåéòè â íîâîñòü</b></a>';
$inetlink_s = $inetlink_1 . join("$inetlink_2 | $inetlink_1", $inetlink) . $inetlink_2;
$status = intval($row['status']);
switch ($status) {
case "0":
$status = '<font color=\'#FF8000\'>' . $lang_table['edit_status_0'] . '</font>';
$answer = '';
break;
case "1":
$status = '<font color=\'#0000FF\'>' . $lang_table['edit_status_1'] . '</font>';
$answer = '';
break;
case "2":
$status = '<font color=\'#FF0000\'>' . $lang_table['edit_status_2'] . '</font>';
if (empty($row['answer'])) {$answer = $lang_table['cause1'];
} else {$answer = $lang_table['cause0'] . stripslashes($row['answer']); }
break;
case "3":
$status = '<font color=\'#008000\'>' . $lang_table['edit_status_3'] . '</font>';
$answer = "<br /><b>Íîâîñòü ñ âûïîëíåííûì çàêàçîì: </b>" . $inetlink_s;
break;
}
if ( $member_id['user_group'] == '1' OR $user_group[$member_id['user_group']]['admin_table'] OR $member_id['user_group'] == $table_config['grouplevel'] ) {
$admin_url = '<a href="/' . $config['admin_path'] . '?mod=table&user_hash=' . $dle_login_hash . '&action=edit&id=' . intval($row['id']) . '" target="_blank">' . $lang_table['edit'] . '</a>';
}
$tpl->load_template('tableview.tpl');
$tpl->set( '{adminlink}', $admin_url );
$row['date'] = /*strtotime*/($row['date']);
if (date(Ymd, $row['date']) == date(Ymd, $_TIME)) {
$tpl->set('{date}', $lang['time_heute'].langdate(" â H:i", $row['date']));
} elseif (date(Ymd, $row['date']) == date(Ymd, ($_TIME - 86400))) {
$tpl->set('{date}', $lang['time_gestern'].langdate(" â H:i", $row['date']));
} else {
$tpl->set('{date}', langdate($table_config['timestamp_active'], $row['date']));
}
$tpl->set( '{id-orders}', $id );
$tpl->set( '{autor}', "<a href=\"" . $config['http_home_url'] . "user/" . urlencode( stripslashes($row['autor']) ) . "/\">" .$row['autor']. "</a>" );
$tpl->set( '{runame}', stripslashes($row['runame']));
$tpl->set( '{enname}', stripslashes($row['enname']));
$tpl->set( '{category}', stripslashes($row['category']));
$tpl->set( '{fileyear}', stripslashes($row['fileyear']));
$tpl->set( '{status}', $status);
$tpl->set( '{answer}', $answer);
$tpl->set( '{editor}', "<a href=\"" . $config['http_home_url'] . "user/" . urlencode( stripslashes($row['editor']) ) . "/\">" .$row['editor']. "</a>" );
if( $row['editor'] ) {
$tpl->set( '[editor]', "" );
$tpl->set( '[/editor]', "" );
} else {
$tpl->set( '{editor}', "" );
$tpl->set_block( "'\\[editor\\](.*?)\\[/editor\\]'si", "" );
}
$tpl->compile( 'content' );
$tpl->clear();
}
}
elseif ( $_REQUEST['action'] == "doadd" ) {
$metatags['title'] = $lang_table['description2'] . ' &raquo; ' . $config['home_title'];
$timeweek = $_TIME - (intval($table_config['timeweek']) * 86400);
$row_doadd = $db->super_query("SELECT COUNT(*) as count FROM " . PREFIX . "_table WHERE autor = '" . $member_id['name'] . "' AND date >'$timeweek' AND status != '2' AND status != '3'");
if ($row_doadd['count'] >= 1) { $is_doadd = false; }
else { $is_doadd = true; }
if (isset($_POST['send'])) {
$stop = "";
$user_n = $db->safesql(trim($member_id['name']));
$runame = $db->safesql(strip_tags(trim($_POST['runame'])));
$enname = $db->safesql(strip_tags(trim($_POST['enname'])));
$category = $db->safesql(strip_tags(trim($_POST['category'])));
$fileyear = $db->safesql(strip_tags(trim($_POST['fileyear'])));
$link = $db->safesql(strip_tags(trim($_POST['link'])));
if ( trim( $runame ) != "" or $runame ){ $name = $runame; }
if ( trim( $enname ) != "" or $enname ){ $name = $enname; }
if( !$name ){$stop .= $lang_table['err_name'];}
if ( trim( $category ) == "" or ! $category ) {$stop .= $lang_table['orders_err_category'];}
if ( trim( $fileyear ) == "" or ! $fileyear ) {$stop .= $lang_table['err_year'];}
if (!is_numeric($fileyear)) {$stop .= $lang_table['err_year_type'];}
if( strlen( $runame ) > 40 ) {$stop .= '<li>' . $lang_table['orders_err_name'] . '</li>';}
if( strlen( $fileyear ) > 4 ) {$stop .= '<li>' . $lang_table['orders_err_year'] . '</li>';}
if( strlen( $category ) > 20 ) {$stop .= '<li>' . $lang_table['orders_err_category'] . '</li>';}
if (intval($table_config['auto_wrap'])) {
$link = preg_split('((>)|(<))', $link, -1, PREG_SPLIT_DELIM_CAPTURE);
$n = count($link);
for ($i = 0; $i < $n; $i++) {
if ($link[$i] == "<") {
$i++;
continue;
}
$link[$i] = preg_replace("#([^\s\n\r]{" . intval($table_config['auto_wrap']) . "})#i", "\\1<br />", $link[$i]);
}
$link = join("", $link);
}
if ( $stop ) {
msgbox($lang['all_err_1'], "<ul>" . $stop . "</ul><a href=\"javascript:history.go(-1)\">$lang[all_prev]</a>");
} else {
$db->query("INSERT INTO " . PREFIX . "_table SET date='$_TIME', autor='$user_n', runame='$runame', enname='$enname', fileyear='$fileyear', category='$category'");
$cache->clear("toporders", $config['skin']);
if ( $table_config['msgs_adm'] == "yes" ) {
$step = 0;
$result = $db->query("SELECT user_id, name, email FROM " . USERPREFIX . "_users WHERE user_group = '$table_config[grouplevel]'");
$path = $config['http_home_url'];
$subject = $lang_table['msgs_subject'];
$user_from = $lang_table['msg_user_from'];
$message .= $runame . " / " . $enname . " ({$fileyear})";
$user_n = "<a href=\"{$path}user/" . urlencode($user_n) . "/\"><strong>" . $user_n . "</strong></a>";
$table_config['msgs_type0'] = stripslashes( html_entity_decode( $table_config['msgs_type0'] ) );
$table_config['msgs_type0'] = str_replace( "{%username_from%}", $user_n, $table_config['msgs_type0'] );
$table_config['msgs_type0'] = str_replace( "{%category%}", $category, $table_config['msgs_type0'] );
$table_config['msgs_type0'] = str_replace( "{%text%}", $message, $table_config['msgs_type0'] );
$table_config['msgs_type0'] = str_replace( "{%date%}", date("d.m.Y H:i:s", $_TIME), $table_config['msgs_type0'] );
$table_config['msgs_type0'] = str_replace( "{%ip%}", $_SERVER['REMOTE_ADDR'], $table_config['msgs_type0'] );
if ( $table_config['msgs_type'] == "0" ) {
while ($row = $db->get_row($result)) {
$db->query("INSERT INTO " . USERPREFIX . "_pm (subj, text, user, user_from, date, pm_read, folder) values ('$subject', '$table_config[msgs_type0]', '$row[user_id]', '$user_from', '$_TIME', 'no', 'inbox')");
$db->query("UPDATE " . USERPREFIX . "_users set pm_all=pm_all+1, pm_unread=pm_unread+1 WHERE user_id='$row[user_id]'");
$step++;
}
} else {
//$recipient = $db->super_query( "SELECT email FROM " . USERPREFIX . "_users WHERE user_group = '$table_config[grouplevel]'" );
include_once SYSTEM_DIR . '/classes/mail.class.php';
$mail = new dle_mail( $config, true );
$mail->from = $config['admin_mail'];
while ($recipient = $db->get_row($result)) {
$mail->send( $recipient['email'], $subject, $table_config['msgs_type0'] );
$step++;
}
if( $mail->send_error ) msgbox( $lang['all_info'], $mail->smtp_msg );
else die(header("Location: " . $_SERVER['PHP_SELF'] . '?do=table'));
}
$db->free($result);
}
$db->free();
die(header("Location: " . $_SERVER['PHP_SELF'] . '?do=table')); // commment line to Test $mail->send_error
}
} else {
if (!$is_logged) {
msgbox($lang['all_err_1'], "$lang_table[not_logged]");
} elseif ($is_doadd != true) {
msgbox($lang['all_err_1'], "$lang_table[one_orders]");
} else {
$tpl->load_template('table.tpl');
$tpl->set( '{description}', $lang_table['description2'] );
$tpl->set_block( "'\\[doadd\\](.*?)\\[/doadd\\]'si", "" );
$tpl->set( '[newadd]', "" );
$tpl->set( '[/newadd]', "" );
$category_s = explode(",", stripslashes($table_config['category']));
$category = "<select size=7 name=\"category\">\r\n";
foreach ( $category_s as $value => $description ) {
$category .= "<option value=\"$description\"";
if( $selected == $description ) {
$category .= " selected ";
}
$category .= ">$description</option>\n";
}
$category .= "</select>";
$tpl->set('{category}', $category);
$tpl->copy_template = "<form method=\"post\" name=\"frmMain\" action=\"\">\n" . $tpl->copy_template . "<input name=\"send\" type=\"hidden\" value=\"send\" /></form>";
$tpl->compile('content');
$tpl->clear();
}
}
} else {
$status = @$db->safesql( trim($_GET['status']));
$ordstat = 0;
$ordpage = '';
$ordtitle = 'Îæèäàþùèå';
if($status=='accepted'){
$ordstat = 1;
$ordtitle = 'Ïðèíÿòûå';
$ordpage = 'accepted/';
}elseif($status=='finished'){
$ordstat = 3;
$ordtitle = 'Âûïîëíåíî';
$ordpage = 'finished/';
}elseif($status=='aborted'){
$ordstat = 2;
$ordtitle = 'Îòêëîíåíî';
$ordpage = 'aborted/';
}
$metatags['title'] = $lang_table['description'] . ' &raquo; ' . $ordtitle . ' &raquo; ' . $config['home_title'];
$tpl->load_template( 'table.tpl' );
$tpl->set( '{description}', $lang_table['description'] );
$tpl->set( '[doadd]', "<a href=\"$PHP_SELF?do=table&amp;action=doadd\">" );
$tpl->set( '[/doadd]', "</a>" );
$tpl->set_block( "'\\[newadd\\](.*?)\\[/newadd\\]'si", "" );
$tpl->compile('content');
$tpl->clear();
$limit = intval ( $table_config['orders_number'] );
$sql_count = $db->super_query("SELECT COUNT(*) as count FROM " . PREFIX . "_table where status=$ordstat");
$count_all = $sql_count['count'];
$page = intval( $_REQUEST['cstart'] );
$total = intval( ( ( $count_all - 1 ) / $limit ) + 1 );
if( $page <= 0 ) $page = 1;
if( $page > $total ) $page = $total;
$start = $page * $limit - $limit;
$i = $start;
$order_direction_by = ($table_config['orders_msort']) ? $table_config['orders_msort'] : "ASC";
$sql_select = "SELECT * FROM " . PREFIX . "_table where status=$ordstat ORDER BY date $order_direction_by LIMIT " . $start . "," . $limit;
$sql_result = $db->query($sql_select);
while ($row = $db->get_row()) {
$i++;
$status = intval($row['status']);
switch ($status) {
case "0":
$status = '<font color=\'#FF8000\'>' . $lang_table['edit_status_0'] . '</font>';
break;
case "1":
$status = '<font color=\'#0000FF\'>' . $lang_table['edit_status_1'] . '</font>';
break;
case "2":
$status = '<font color=\'#FF0000\'>' . $lang_table['edit_status_2'] . '</font>';
break;
case "3":
$status = '<font color=\'#008000\'>' . $lang_table['edit_status_3'] . '</font>';
break;
}
if ( $member_id['user_group'] == '1' OR $user_group[$member_id['user_group']]['admin_table'] OR $member_id['user_group'] == $table_config['grouplevel'] ) {
$admin_url = '<a href="/' . $config['admin_path'] . '?mod=table&user_hash=' . $dle_login_hash . '&action=edit&id=' . intval($row['id']) . '" target="_blank">' . $lang_table['edit'] . '</a>';
}
$tpl->load_template('tableshow.tpl');
$tpl->set( '{id-orders}', $i );
$tpl->set( '{id-link}', intval($row['id']) );
$tpl->set( '{adminlink}', $admin_url );
$row['date'] = /*strtotime*/($row['date']);
if (date(Ymd, $row['date']) == date(Ymd, $_TIME)) {$tpl->set('{date}', $lang['time_heute'].langdate(" â H:i", $row['date']));
} elseif (date(Ymd, $row['date']) == date(Ymd, ($_TIME - 86400))) {$tpl->set('{date}', $lang['time_gestern'].langdate(" â H:i", $row['date']));
} else {$tpl->set('{date}', langdate($table_config['timestamp_active'], $row['date']));}
$tpl->set( '{autor}', stripslashes($row['autor']));
$tpl->set( '{category}', stripslashes($row['category']));
$tpl->set( '{status}', $status);
$tpl->set('{navigation}', "$navigation");
$tpl->compile('content');
$tpl->clear();
}
$db->free();
$nav = "/orders/" . $ordpage . "page/{page}";
CreateNavigation( $nav, $page, $total );
}
?>

View File

@@ -0,0 +1,51 @@
<?php
if ( ! defined( 'DATALIFEENGINE' ) ) {
die( "Hacking attempt!" );
}
function showStatus( $statusId ) {
$statusId = intval( $statusId );
switch ( $statusId ) {
case "0":
$status = "<font color=\"#FF8000\">Îæèäàåòñÿ</font>";
break;
case "1":
$status = "<font color=\"#0000FF\">Ïðèíÿòî</font>";
break;
case "2":
$status = "<font color=\"#FF0000\">Îòêëîíåíî</font>";
break;
case "3":
$status = "<font color=\"#008000\">Âûïîëíåíî</font>";
break;
}
return $status;
}
$toporders = $cache->open( "toporders", $config['skin'] );
if( ! $toporders ) {
$db->query( "SELECT id, runame, enname, status FROM " . PREFIX . "_table ORDER BY date DESC LIMIT 0,10");
while ( $row = $db->get_row() ) {
if ( $row['runame'] ){ $name = $row['runame']; }
elseif ( $row['enname'] ){ $name = $row['enname']; }
if( strlen( $name ) > 15 ) $name = stripslashes( substr( $name, 0, 15 ) ) . "...";
else $name = stripslashes( $name );
$tblid = intval($row['id']);
$status = showStatus( $row['status'] );
$id = ++$i-3;
$toporders .= "<a href=\"/orders/".$tblid."/\">" . $name . "</a><div style=\"float:right\">" . $status . "</div><br />";
}
$toporders .= "<hr><center><a href=\"/orders\">Ñòîë çàêàçîâ</a></center>";
$db->free();
$cache->save( "toporders", $toporders, $config['skin'] );
}
?>

View File

@@ -0,0 +1,36 @@
<?
if(!defined('DATALIFEENGINE')){die("Hacking attempt!");}
$limit = intval( $config['torrent_number'] );
$count_all = $db->super_query("SELECT COUNT(*) as count FROM ".PREFIX."_torrents as torrents, ".PREFIX."_post as post WHERE torrents.news_id=post.id AND post.approve=1");
$posts = $count_all['count'];
if($posts){
$page = intval( $_REQUEST['cstart'] );
$total = intval( ( ( $posts - 1 ) / $limit ) + 1 );
if( $page <= 0 ) $page = 1;
if( $page > $total ) $page = $total;
$start = $page * $limit - $limit;
$i = $start;
$result = $db->query("SELECT torrents.news_id, torrents.ctime, torrents.leechers, torrents.seeders, torrents.completed, torrents.size, post.category, post.alt_name, post.title FROM ".PREFIX."_torrents as torrents, ".PREFIX."_post as post WHERE torrents.news_id=post.id AND post.approve=1 ORDER BY post.date DESC LIMIT " . $start . "," . $limit);
while($row = $db->get_row($result)){
$i ++;
$cat = "<a href=\"" . $config['http_home_url'] . get_url($row['category']) . "/\">".$cat_info[$row['category']]['name']."</a>";
$news_link = "<a href='/".$row['news_id']."-".$row['alt_name'].".html'>".$row['title']."</a>";
$top_table .= "<tr><td>$cat</td><td align=\"center\">$news_link</td><td style=\"color:#F55;\" align=\"center\">".$row['seeders']."</td><td style=\"color:#1FA800;\" align=\"center\">".$row['leechers']."</td><td style=\"color:#5579FF;\" align=\"center\">".$row['completed']."</td><td align=\"center\">".mksize($row['size'])."</td><td align=\"center\">".date("j.m.Y", $row['ctime'])."</td></tr>";
}
$tpl->load_template('tracker.tpl');
$tpl->set('{list}', $top_table);
$tpl->compile( 'content' );
$tpl->clear();
$nav = "/tracker/page/{page}";
CreateNavigation( $nav, $page, $total );
$db->free($result);
} else {
msgbox("Îøèáêà", "Çàãðóæåííûå òîððåíòû îòñóòâóþò");
}
?>

View File

@@ -0,0 +1,64 @@
<?
if( ! defined( 'DATALIFEENGINE' ) ) {die( "Hacking attempt!" );}
if (@ini_get( 'safe_mode' ) == 1)define( 'FOLDER_PREFIX', "" ); else define( 'FOLDER_PREFIX', date( "Y-m" ) );
$idpost = $row['id'];
$file_prefix = time() + rand( 1, 100 );
$file_prefix .= "_";
$file_prefix = FOLDER_PREFIX.'/'.$file_prefix;
$current_image = 'tor_add';
$image = $_FILES[$current_image]['tmp_name'];
$image_name = $_FILES[$current_image]['name'];
$image_size = $_FILES[$current_image]['size'];
$error_code = $_FILES[$current_image]['error'];
$img_name_arr = explode( ".", $image_name );
$type = totranslit( end( $img_name_arr ) );
if( $image_name != "" ) {
$curr_key = key( $img_name_arr );
unset( $img_name_arr[$curr_key] );
$image_name = totranslit( implode( ".", $img_name_arr ) ) . "." . $type;
}
if(substr($image_name, -8) == ".torrent") {
if( ! is_dir( ROOT_DIR . "/uploads/torrents/" . FOLDER_PREFIX ) ){
mkdir( ROOT_DIR . "/uploads/torrents/" . FOLDER_PREFIX, 0777 );
chmod( ROOT_DIR . "/uploads/torrents/" . FOLDER_PREFIX, 0777 );
}
@move_uploaded_file( $image, ROOT_DIR . "/uploads/torrents/" . $file_prefix . $image_name );
if( @file_exists( ROOT_DIR . "/uploads/torrents/" . $file_prefix . $image_name ) ) {
if( intval( $config['max_file_size'] ) and @filesize( ROOT_DIR . "/uploads/torrents/" . $file_prefix . $image_name ) > ($config['max_file_size'] * 1024) ) {
@unlink( ROOT_DIR . "/uploads/torrents/" . $file_prefix . $image_name );
} else {
@chmod( ROOT_DIR . "/uploads/torrents/" . $file_prefix . $image_name, 0666 );
//********* Tracker by MSW *** start *********//
require_once( ROOT_DIR."/system/classes/torrent.class.php" );
$tr_file = ROOT_DIR."/uploads/torrents/".$file_prefix.$image_name;
$torrent = new Torrent($tr_file);
if($error = $torrent->errors()){
}else{
$files_size = $torrent->size();
$hash = $torrent->hash_info();
$e_hash = addslashes(pack("H*", $hash));
$tr_fild = ", info_hash, size, ctime";
$tr_info = ", '{$e_hash}', '{$files_size}', '".time()."'";
//********* Tracker by MSW *** stop *********//
$db->query( "INSERT INTO " . PREFIX . "_torrents (news_id, name, onserver, author {$tr_fild}) values ('{$row['id']}', '$image_name', '{$file_prefix}{$image_name}', '{$member_id[name]}' {$tr_info})" );
$id_upfile = $db->insert_id();
$full_story .= "<br />[torrent=$id_upfile]";
$db->query( "UPDATE " . PREFIX . "_post SET full_story='$full_story' where id = '$idpost'" );
}
}
}
}
?>

141
system/modules/users.php Normal file
View File

@@ -0,0 +1,141 @@
<?php
if(!defined('DATALIFEENGINE')){die("Hacking attempt!");}
$limit = 50; // ñêîëüêî âûâîäèòü íà ñòðàíèöó
$order_by = 1;
if( isset( $_REQUEST['action'] ) ) $action = $_REQUEST['action']; else $action = "";
$tpl->load_template('users.tpl');
$tpl->set( '[all]', "<a href=\"/users\">" );
$tpl->set( '[/all]', "</a>" );
$tpl->set( '[last]', "<a href=\"/users/last\">" );
$tpl->set( '[/last]', "</a>" );
$tpl->set( '[banned]', "<a href=\"/users/banned\">" );
$tpl->set( '[/banned]', "</a>" );
switch($action){
case 'last':
$tpl->set_block( "'\\[list_all\\].*?\\[/list_all\\]'si", "" );
$tpl->set_block( "'\\[list_banned\\].*?\\[/list_banned\\]'si", "" );
$tpl->set( '[list_last]', "" );
$tpl->set( '[/list_last]', "" );
$today = mktime(0,0,0,date('m'),date('d'),date('Y'));
$last_num = $db->super_query( "SELECT COUNT(*) as count FROM " . USERPREFIX . "_users WHERE `lastdate` > '$today'" );
$last = $db->query("SELECT * FROM `". PREFIX ."_users` WHERE `lastdate` > '$today' ORDER BY `lastdate`");
$last_list = "<thead><td>Íèê</td><td align=\"center\">Ãðóïïà</td><td align=\"center\">Âðåìÿ</td></thead>";
while($row = $db->get_row($last)){
if ($user_group[$row['user_group']]['colour']){
$group_span = $user_group[$row['user_group']]['colour'];
$group_name = "<span style=\"color:{$group_span}\">".$user_group[$row['user_group']]['group_name']."</span>";
}else $group_name = $user_group[$row['user_group']]['group_name'];
$last_list .= "<tr><td><a href=".$config['http_home_url']."user/".urlencode($row['name']).">".$row['name']."</a></td><td align=\"center\">".$group_name."</td><td align=\"center\">". langdate( "H:i:s", $row['lastdate'] )."</td></tr>";
} $db->free();
$tpl->set( '{last_users}', $last_num['count']);
$tpl->set( '{lastusers}', $last_list );
break;
case 'banned':
$tpl->set_block( "'\\[list_all\\].*?\\[/list_all\\]'si", "" );
$tpl->set_block( "'\\[list_last\\].*?\\[/list_last\\]'si", "" );
$tpl->set( '[list_banned]', "" );
$tpl->set( '[/list_banned]', "" );
$banned_num = $db->super_query( "SELECT COUNT(*) as count FROM " . USERPREFIX . "_users WHERE banned='yes'" );
if(!$banned_num['count'] == 0){
$banned = $db->query("SELECT " . USERPREFIX . "_users.*, " . USERPREFIX . "_banned.days, " . USERPREFIX . "_banned.descr, " . USERPREFIX . "_banned.date as banned_date FROM " . USERPREFIX . "_users LEFT JOIN " . USERPREFIX . "_banned ON " . USERPREFIX . "_users.user_id=" . USERPREFIX . "_banned.users_id WHERE banned='yes'");
$banned_list = "<thead><td>Íèê</td><td align=\"center\">Ñðîê</td><td align=\"center\">Îêîí÷àíèå áàíà</td><td align=\"center\">Ïðè÷èíà</td></thead>";
while($row = $db->get_row($banned)){
$days = $row['days']; if ($days == 0)$ava = "Ïîæèçíåííî";else$ava = "".$row['days']." äíåé";
$banned_date = $row['banned_date']; if ($banned_date == 0) $dated = "Íèêîãäà"; else $dated = $lang['ban_edate']." ".langdate("j M Y H:i", $row['banned_date']);
$descr = $row['descr']; if ($descr == "") $descru = "Íåò ïðè÷èíû"; else $descru = "".$row['descr']."";
$banned_list .= "<tr><td><a href=\"" . $config['http_home_url'] . "user/" . urlencode( $row['name'] ) . "/\">" . $row['name']."</a></td><td align=\"center\">".$ava."</td><td align=\"center\">".$dated."</td><td align=\"center\">".$descru."</td></tr>";
}
} else $banned_list = "Çàáàíåííûå ïîëüçîâàòåëè îòñóòñòâóþò";
$tpl->set( '{banneds}', $banned_list );
$db->free();
break;
default:
if (isset($_POST['uname'])){$sql_count = "SELECT COUNT(*) as count FROM " . PREFIX . "_users WHERE name LIKE '%{$_POST['uname']}%'";
}else $sql_count = "SELECT COUNT(*) as count FROM " . PREFIX . "_users";
$count_all = $db->super_query($sql_count);
$count_all = $count_all['count'];
$page = intval( $_REQUEST['cstart'] );
$total = intval( ( ( $count_all - 1 ) / $limit ) + 1 );
if( $page <= 0 ) $page = 1;
if( $page > $total ) $page = $total;
$start = $page * $limit - $limit;
$i = $start;
switch($order_by) {case 1: $orderby = 'user_id ASC'; break;case 2: $orderby = 'user_id DESC'; break;case 3: $orderby = 'news_num DESC'; break;case 4: $orderby = 'comm_num DESC'; break;case 5: $orderby = 'name ASC'; break;}
$i = $start;
$result = $db->Query("SELECT * FROM ". USERPREFIX ."_users ORDER BY ".$orderby." LIMIT $start,$limit");
if ($_REQUEST['act'] == 'dosearch') {$result = $db->Query("SELECT * FROM ". USERPREFIX ."_users WHERE name LIKE '".$_POST['uname']."%' ORDER BY user_id ASC LIMIT $start,$limit"); }
if ($_REQUEST['order'] == 'asc'){ $result = $db->Query("SELECT * FROM ". USERPREFIX ."_users ORDER BY user_id ASC LIMIT $start,$limit");}
elseif($_REQUEST['order'] == 'desc') {$result = $db->Query("SELECT * FROM ". USERPREFIX ."_users ORDER BY user_id DESC LIMIT $start,$limit");}
elseif($_REQUEST['order'] == 'newsnum'){$result = $db->Query("SELECT * FROM ". USERPREFIX ."_users ORDER BY news_num DESC LIMIT $start,$limit");}
elseif($_REQUEST['order'] == 'commnum'){$result = $db->Query("SELECT * FROM ". USERPREFIX ."_users ORDER BY comm_num DESC LIMIT $start,$limit");}
elseif($_REQUEST['order'] == 'az'){$result = $db->Query("SELECT * FROM ". USERPREFIX ."_users ORDER BY name ASC LIMIT $start,$limit");}
elseif($_REQUEST['order'] == 'rand'){$result = $db->Query("SELECT * FROM ". USERPREFIX ."_users ORDER BY rand() DESC LIMIT $start,$limit");}
$tpl->set_block( "'\\[list_last\\].*?\\[/list_last\\]'si", "" );
$tpl->set_block( "'\\[list_banned\\].*?\\[/list_banned\\]'si", "" );
$tpl->set( '[list_all]', "" );
$tpl->set( '[/list_all]', "" );
$all_users = '
<div class="shadow2"><div class="block2">
<center><table><TR>
<TD class="copy"><form name="desc" method="POST"><input type="hidden" name="order" value="desc"><a href="#" onclick="javascript:document.desc.submit();">Íîâûå ââåðõó</a></form></TD>
<Td>&nbsp;&nbsp;|&nbsp;&nbsp;</tD>
<TD class="copy"><form name="asc" method="POST"><input type="hidden" name="order" value="asc"><a href="#" onclick="javascript:document.asc.submit();">Íîâûå âíèçó</a></form></TD>
<Td>&nbsp;&nbsp;|&nbsp;&nbsp;</tD>
<TD class="copy"><form name="newsnum" method="POST"><input type="hidden" name="order" value="newsnum"><a href="#" onclick="javascript:document.newsnum.submit();">Ïî íîâîñòÿì</a></form></TD>
<Td>&nbsp;&nbsp;|&nbsp;&nbsp;</tD>
<TD class="copy"><form name="commnum" method="POST"><input type="hidden" name="order" value="commnum"><a href="#" onclick="javascript:document.commnum.submit();">Ïî êîììåíòàðèÿì</a></form></TD>
<Td>&nbsp;&nbsp;|&nbsp;&nbsp;</tD>
<TD class="copy"><form name="az" method="POST"><input type="hidden" name="order" value="az"><a href="#" onclick="javascript:document.az.submit();">Ïî àëôàâèòó</a></form></TD>
<Td>&nbsp;&nbsp;|&nbsp;&nbsp;</tD>
<TD class="copy"><form name="rand" method="POST"><input type="hidden" name="order" value="rand"><a href="#" onclick="javascript:document.rand.submit();">Ñëó÷àéíî</a></form></TD>
</TR></table></center>
</div></div>
<div class="shadow2"><div class="block2"><div class="line line_center">Ñïèñîê ïîëüçîâàòåëåé</div>
<table class="userstop"><tr>
<td width="50"><b>¹</b></td><td width="100"><b>Èìÿ</b></td><td width="100"><b>Ãðóïïà</b></td><td width="70"><b>Email</b></td><td width="100"><b>ICQ</b></td><td width="150"><b>Äàòà ðåãèñòðàöèè</b></td><td width="80"><b>Íîâîñòåé</b></td><td width="120"><b>Êîììåíòàðèåâ</b></td>
</tr>';
while ($row = $db->get_row($result)){
$i ++;
$prifile_link = '<a href="'.$config['http_home_url'].'user/'.urlencode($row['name']).'/ ">'.$row['name'].'</a>';
if ($row['icq'] != '') {$icq = $row['icq'];
}else {
$icq = '--';$icq_status = '--';
}
$all_users .= '<tr>
<td width="50"><b>'. $row['user_id'] .'</b></td><td width="100" class="copy">' . $prifile_link .'</td><td width="100">'.stripslashes($user_group[$row['user_group']]['group_name']).'</td><td width="70"><a href="/?do=feedback&user='.$row['user_id'].'"><img src="{THEME}/images/unread.gif" border="0"></a></td><td width="50">'.$icq.'</td><td width="150">'.langdate("j F Y H:i", $row['reg_date']).'</td><td width="80">'.$row['news_num'].'</td><td width="120">'.$row['comm_num'].'</td>
</tr> ';
};
$all_users .= '</table></div></div>';
$tpl->set('{all_users}',$all_users);
break;
}
$tpl->compile('content');
$tpl->clear();
$nav = "/users/page/{page}";
CreateNavigation( $nav, $page, $total );
?>