<?php
@error_reporting(7);
@ini_set('display_errors', true);
@ini_set('html_errors', false);

@session_start();

define( 'DATALIFEENGINE', true );
define( 'ROOT_DIR', substr( dirname(  __FILE__ ), 0, -12 ) );
define( 'SYSTEM_DIR', ROOT_DIR . '/system' );

include SYSTEM_DIR.'/data/config.php';
include SYSTEM_DIR.'/data/repa.php';
require_once SYSTEM_DIR . '/classes/mysql.php';
require_once SYSTEM_DIR . '/data/dbconfig.php';
require_once SYSTEM_DIR . '/modules/functions.php';

$_REQUEST['skin'] = totranslit($_REQUEST['skin'], false, false);

if( ! @is_dir( ROOT_DIR . '/templates/' . $_REQUEST['skin'] ) ) {die( "Hacking attempt!" );}

$user_group = $cache->get( "usergroup" );
if( ! $user_group ) {
	$user_group = array ();
	$db->query( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
    while ( $row = $db->get_row() ) {
		$user_group[$row['id']] = array ();
		foreach ( $row as $key => $value ) {
			$user_group[$row['id']][$key] = $value;
		}}
	$cache->set( "usergroup", $user_group );
	$db->free();
}

include_once ROOT_DIR . '/language/' . $config['langs'] . '/website.lng';
$config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset'];

require_once SYSTEM_DIR . '/modules/sitelogin.php';

$action   =  intval($_POST['action']);
$user_id  = intval($_POST['user_id']);
$url =  $db->safesql( $_SERVER['HTTP_REFERER'] );
$cause = $db->safesql(convert_unicode(strip_tags($_POST['cause'], "\x3c\x61\x3e\x2c\x3c\x62\x3e\x2c\x3c\x69\x3e\x2c\x3c\x62\x72\x3e"), $config['charset']));

$time = time() + ($config['date_adjust'] * 60);
$access = true;

if ($is_logged){
	$row = $db->super_query("SELECT user_id, name, user_group, repa, repa_mod, reg_date, repa_off FROM " . PREFIX . "_users WHERE user_id = '$user_id'");

	if ($row['user_id'] != $user_id) $access = false;

	$nowis = time()+($config['date_adjust']*60);
    $r_date = $member_id['reg_date'];
    $period = $nowis - $r_date;

	if ($row['repa_off'] == 1) $access = false;
	if ($period < $repa_cf['bl_period']*43200) $access = false;
	if ($member_id['r_freeze']) $access = false;
	if ($user_id == $member_id['user_id']) $access = false;
    if( $member_id['repa'] < $repa_cf['repa_stop_change_min']) $access = false;

    if ($action == 1 OR $action == 0)
	{
		$author = $member_id['name'];
  		$get_date = date ("Y-m-d H:i:s");
  		$date = $get_date;
		$from_page = $url;

		if ($access)
		{
			if ($action == 1)
			{
				$how = $row['repa'] + 1;
				$v = "1";
				$repa_mod_mas = explode ("|", $row['repa_mod']);
				$repa_mod_mas[0] = $repa_mod_mas[0] + 1;
				$what = "�������";
			}else{
				$how = $row['repa'] - 1;
				$v = "-1";
				$repa_mod_mas = explode ("|", $row['repa_mod']);
				$repa_mod_mas[1] = $repa_mod_mas[1] - 1;
				$what = "�������";
			}
						
			$repa_mod = $repa_mod_mas[0]."|".$repa_mod_mas[1];

            if($row['user_group'] == 4 AND $row['repa'] + 1 >= $repa_cf['num_repa_group']) $group = "user_group = '".$repa_cf['move_grouplevel']."',";

			$db->query("UPDATE " . USERPREFIX . "_users SET $group repa ='$how', repa_mod='$repa_mod' WHERE `name` = '$row[name]'");
			$db->query("INSERT INTO " . USERPREFIX . "_reputation (how, date, author, komu, text, url_page) VALUES ('$v', '$date', '$author', '$row[name]', '$cause', '$from_page')");

			if ($repa_cf['repa_ban'] AND $row['banned'] != "yes")
			{
				if (($row['repa'] + $v) <= $repa_cf['repa_ban_num'] OR $row['repa'] == $repa_cf['repa_ban_num'])	
				{
					$this_time = $repa_cf['repa_ban_days'] ? $_TIME + ($repa_cf['repa_ban_days'] * 60 * 60 * 24) : 0;
					$db->query( "UPDATE " . USERPREFIX . "_users SET banned='yes' WHERE user_id = '{$row[user_id]}'" );
					$db->query( "INSERT INTO " . USERPREFIX . "_banned (users_id, descr, date, days, ip) values ('$row[user_id]', '$repa_cf[repa_ban_desc]', '$this_time', '$repa_cf[repa_ban_days]', '')" );
					$cache->delete('banned.php');
				}
			}

        	if($repa_cf['msgs_status'] == 'yes'){
				$whois = "<a href=\"".$config['http_home_url']."user/".urlencode($member_id['name'])."\">".$member_id['name']."</a>";

				$izvestie = $repa_cf['msgs_template'];
				$izvestie = str_replace('{%kto%}', $whois, $izvestie);
				$izvestie = str_replace('{%what%}', $what, $izvestie);
				$izvestie = str_replace('{%text%}', $cause, $izvestie);
				$db->query("INSERT INTO " . USERPREFIX . "_pm (subj, text, user, user_from, date, pm_read, folder) values ('��� �������� ���������', '$izvestie', '$row[user_id]', '$member_id[name]', '$time', 'no', 'inbox')");
				$db->query("UPDATE " . USERPREFIX . "_users set pm_all=pm_all+1, pm_unread=pm_unread+1  where user_id='$row[user_id]'");
			}
  			$db->free();
	
			$repa_type = "(<font color=green><b>".$repa_mod_mas[0]."</b></font><b>|</b><font color=red><b>".$repa_mod_mas[1]."</b></font>)";
			$buffer = "<a href=\"".$config['http_home_url']."user/reputation/".urlencode($row['name'])."/\">".$repa_type."</a>";
            $cache->clear( 'comm_' );
		}
	}
    
    if (!$access){
	    $repa_mod_mas = explode ("|", $row['repa_mod']);
	    $repa_type = "(<font color=green><b>".$repa_mod_mas[0]."</b></font><b>|</b><font color=red><b>".$repa_mod_mas[1]."</b></font>)";
	    $buffer = "<a href=\"".$config['http_home_url']."user/reputation/".urlencode($row['name'])."/\">".$repa_type."</a>";
    }
}

$db->close();

@header( "Content-type: text/html; charset=" . $config['charset'] );
echo $buffer;

?>