} if (!$error) { // Записываем в базу mysql_query("UPDATE `users` SET `password` = '" . mysql_real_escape_string(md5(md5($newpass))) . "' WHERE `id` = '" . $user['id'] . "'"); // Проверяем и записываем COOKIES if (isset($_COOKIE['cuid']) && isset($_COOKIE['cups'])) { setcookie('cups', md5($newpass), time() + 3600 * 24 * 365); } echo '<div class="gmenu"><p><b>' . $lng_pass['password_changed'] . '</b><br />' . '<a href="' . ($user_id == $user['id'] ? '../login.php' : 'profile.php?user='******'id']) . '">' . $lng['continue'] . '</a></p>'; if ($autologin) { // Показываем ссылку на Автологин echo '<p>' . $lng_pass['autologin_link'] . ':<br />' . '<input type="text" value="' . $set['homeurl'] . '/login.php?id=' . $user['id'] . '&p=' . $newpass . '" /></p>' . '<p>' . $lng_pass['autologin_warning'] . '</p>'; } echo '</div>'; } else { echo functions::display_error($error, '<a href="profile.php?act=password&user='******'id'] . '">' . $lng['repeat'] . '</a>'); } break; default: /* ----------------------------------------------------------------- Форма смены пароля ----------------------------------------------------------------- */ echo '<div class="phdr"><b>' . $lng_pass['change_password'] . ':</b> ' . $user['name'] . '</div>'; echo '<form action="profile.php?act=password&mod=change&user='******'id'] . '" method="post">'; if ($user['id'] == $user_id) { echo '<div class="menu"><p>' . $lng_pass['input_old_password'] . ':<br /><input type="password" name="oldpass" /></p></div>'; } echo '<div class="gmenu"><p>' . $lng_pass['input_new_password'] . ':<br />' . '<input type="password" name="newpass" /><br />' . $lng_pass['repeat_password'] . ':<br />' . '<input type="password" name="newconf" /></p>' . '<p><input type="checkbox" value="1" name="autologin" /> ' . $lng_pass['show_autologin'] . '</p><p><input type="submit" value="' . $lng['save'] . '" name="submit" />' . '</p></div></form>' . '<div class="phdr"><small>' . $lng_pass['password_change_help'] . '</small></div>' . '<p><a href="profile.php?user='******'id'] . '">' . $lng['profile'] . '</a></p>'; }
echo '<div class="phdr"><a href="index.php?act=ipban"><b>' . $lng['ip_ban'] . '</b></a> | ' . $lng['ban_details'] . '</div>'; if ($id) { // Поиск адреса по ссылке (ID) $req = mysql_query("SELECT * FROM `cms_ban_ip` WHERE `id` = '{$id}'"); $get_ip = ''; } elseif (isset($_POST['ip'])) { // Поиск адреса по запросу из формы $get_ip = ip2long($_POST['ip']); if (!$get_ip) { echo functions::display_error($lng['error_address'], '<a href="index.php?act=ipban&mod=new">' . $lng['back'] . '</a>'); require_once '../incfiles/end.php'; exit; } $req = mysql_query("SELECT * FROM `cms_ban_ip` WHERE '{$get_ip}' BETWEEN `ip1` AND `ip2` LIMIT 1"); } else { echo functions::display_error($lng['error_address'], '<a href="index.php?act=ipban&mod=new">' . $lng['back'] . '</a>'); require_once '../incfiles/end.php'; exit; } if (!mysql_num_rows($req)) { echo '<div class="menu"><p>' . $lng['ip_search_notfound'] . '</p></div>'; echo '<div class="phdr"><a href="index.php?act=ipban">' . $lng['back'] . '</a></div>'; require_once '../incfiles/end.php'; exit; } else { $res = mysql_fetch_array($req); $get_ip = $res['ip1'] == $res['ip2'] ? '<b>' . long2ip($res['ip1']) . '</b>' : '[<b>' . long2ip($res['ip1']) . '</b>] - [<b>' . long2ip($res['ip2']) . '</b>]'; echo '<div class="rmenu"><p>' . $get_ip . '</p></div>'; echo '<div class="menu"><p><h3>' . $lng['ban_type'] . '</h3> '; switch ($res['ban_type']) { case 2:
----------------------------------------------------------------- Параметры комментариев ----------------------------------------------------------------- */ $arg = array('comments_table' => 'cms_album_comments', 'object_table' => 'cms_album_files', 'script' => 'album.php?act=comments', 'sub_id_name' => 'img', 'sub_id' => $img, 'owner' => $owner['id'], 'owner_delete' => true, 'owner_reply' => true, 'owner_edit' => false, 'title' => $lng['comments'], 'context_top' => $context_top, 'context_bottom' => ''); /* ----------------------------------------------------------------- Ставим метку прочтения ----------------------------------------------------------------- */ if (core::$user_id == $user['id'] && $res_obj['unread_comments']) { mysql_query("UPDATE `cms_album_files` SET `unread_comments` = '0' WHERE `id` = '{$img}' LIMIT 1"); } /* ----------------------------------------------------------------- Показываем комментарии ----------------------------------------------------------------- */ require '../incfiles/head.php'; $comm = new comments($arg); /* ----------------------------------------------------------------- Обрабатываем метки непрочитанных комментариев ----------------------------------------------------------------- */ if ($comm->added && core::$user_id != $owner['id']) { mysql_query("UPDATE `cms_album_files` SET `unread_comments` = '1' WHERE `id` = '{$img}' LIMIT 1"); } } else { echo functions::display_error($lng['error_wrong_data']); }
$topic = mysql_fetch_assoc($req); $req = mysql_query("SELECT `forum`.*, `users`.`id`\n FROM `forum` LEFT JOIN `users` ON `forum`.`user_id` = `users`.`id`\n WHERE `forum`.`refid`='{$id}' AND `users`.`rights` < 6 AND `users`.`rights` != 3 GROUP BY `forum`.`from` ORDER BY `forum`.`from`"); $total = mysql_num_rows($req); echo '<div class="phdr"><a href="index.php?id=' . $id . '&start=' . $start . '"><b>' . $lng['forum'] . '</b></a> | ' . $lng_forum['curators'] . '</div>' . '<div class="bmenu">' . $res['text'] . '</div>'; $curators = array(); $users = !empty($topic['curators']) ? unserialize($topic['curators']) : array(); if (isset($_POST['submit'])) { $users = isset($_POST['users']) ? $_POST['users'] : array(); if (!is_array($users)) { $users = array(); } } if ($total > 0) { echo '<form action="index.php?act=curators&id=' . $id . '&start=' . $start . '" method="post">'; $i = 0; while ($res = mysql_fetch_array($req)) { $checked = array_key_exists($res['user_id'], $users) ? true : false; if ($checked) { $curators[$res['user_id']] = $res['from']; } echo ($i++ % 2 ? '<div class="list2">' : '<div class="list1">') . '<input type="checkbox" name="users[' . $res['user_id'] . ']" value="' . $res['from'] . '"' . ($checked ? ' checked="checked"' : '') . '/> ' . '<a href="../users/profile.php?user='******'user_id'] . '">' . $res['from'] . '</a></div>'; } echo '<div class="gmenu"><input type="submit" value="' . $lng_forum['assign'] . '" name="submit" /></div></form>'; if (isset($_POST['submit'])) { mysql_query("UPDATE `forum` SET `curators`='" . mysql_real_escape_string(serialize($curators)) . "' WHERE `id` = '{$id}'"); } } else { echo functions::display_error($lng['list_empty']); } echo '<div class="phdr">' . $lng['total'] . ': ' . $total . '</div>' . '<p><a href="index.php?id=' . $id . '&start=' . $start . '">' . $lng['back'] . '</a></p>'; }
// Доступ через пароль if (isset($_POST['password'])) { if ($album['password'] == trim($_POST['password'])) { $_SESSION['ap'] = $album['password']; } else { echo functions::display_error($lng['error_wrong_password']); } } if (!isset($_SESSION['ap']) || $_SESSION['ap'] != $album['password']) { echo '<form action="album.php?act=show&al=' . $al . '&user='******'id'] . '" method="post"><div class="menu"><p>' . $lng_profile['album_password'] . '<br />' . '<input type="text" name="password"/></p>' . '<p><input type="submit" name="submit" value="' . $lng['login'] . '"/></p>' . '</div></form>' . '<div class="phdr"><a href="album.php?act=list&user='******'id'] . '">' . $lng_profile['album_list'] . '</a></div>'; require '../incfiles/end.php'; exit; } } elseif ($album['access'] == 3 && $user['id'] != $user_id && $rights < 6 && !functions::is_friend($user['id'])) { // Доступ только для друзей echo functions::display_error($lng_profile['friends_only'], '<a href="album.php?act=list&user='******'id'] . '">' . $lng_profile['album_list'] . '</a>'); require '../incfiles/end.php'; exit; } /* ----------------------------------------------------------------- Просмотр альбома и фотографий ----------------------------------------------------------------- */ if ($view) { $kmess = 1; $start = isset($_REQUEST['page']) ? $page - 1 : mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_album_files` WHERE `album_id` = '{$al}' AND `id` > '{$img}'"), 0); // Обрабатываем ссылку для возврата if (empty($_SESSION['ref'])) { $_SESSION['ref'] = htmlspecialchars($_SERVER['HTTP_REFERER']); }
$input = '<input type="hidden" name="t" value="' . $t . '"/>'; } else { $id = false; $sql = ''; $lnk = ''; $caption = '<b>' . $lng_forum['files_forum'] . '</b>'; $input = ''; } if ($c || $s || $t) { // Получаем имя нужной категории форума $req = mysql_query("SELECT `text` FROM `forum` WHERE `id` = '{$id}'"); if (mysql_num_rows($req) > 0) { $res = mysql_fetch_array($req); $caption .= $res['text']; } else { echo functions::display_error($lng['error_wrong_data'], '<a href="index.php">' . $lng['to_forum'] . '</a>'); require '../incfiles/end.php'; exit; } } if ($do || isset($_GET['new'])) { /* ----------------------------------------------------------------- Выводим список файлов нужного раздела ----------------------------------------------------------------- */ $total = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_forum_files` WHERE " . (isset($_GET['new']) ? " `time` > '{$new}'" : " `filetype` = '{$do}'") . $sql), 0); if ($total > 0) { // Заголовок раздела echo '<div class="phdr">' . $caption . (isset($_GET['new']) ? '<br />' . $lng['new_files'] : '') . '</div>' . ($do ? '<div class="bmenu">' . $types[$do] . '</div>' : ''); $req = mysql_query("SELECT `cms_forum_files`.*, `forum`.`user_id`, `forum`.`text`, `topicname`.`text` AS `topicname`\n FROM `cms_forum_files`\n LEFT JOIN `forum` ON `cms_forum_files`.`post` = `forum`.`id`\n LEFT JOIN `forum` AS `topicname` ON `cms_forum_files`.`topic` = `topicname`.`id`\n WHERE " . (isset($_GET['new']) ? " `cms_forum_files`.`time` > '{$new}'" : " `filetype` = '{$do}'") . ($rights >= 7 ? '' : " AND `del` != '1'") . $sql . "ORDER BY `time` DESC LIMIT {$start},{$kmess}");
} return $size; } // Массив подключаемых функций $mods = array('ignor', 'write', 'systems', 'deluser', 'load', 'files', 'input', 'output', 'delete', 'new'); //Проверка выбора функции if ($act && ($key = array_search($act, $mods)) !== FALSE && file_exists('includes/' . $mods[$key] . '.php')) { require 'includes/' . $mods[$key] . '.php'; } else { $textl = $lng['mail']; require_once '../incfiles/head.php'; echo '<div class="phdr"><b>' . $lng_mail['contacts'] . '</b></div>'; if ($id) { $req = mysql_query("SELECT * FROM `users` WHERE `id` = '{$id}' LIMIT 1;"); if (mysql_num_rows($req) == 0) { echo functions::display_error($lng['error_user_not_exist']); require_once "../incfiles/end.php"; exit; } $res = mysql_fetch_assoc($req); if ($id == $user_id) { echo '<div class="rmenu">' . $lng_mail['impossible_add_contact'] . '</div>'; } else { //Добавляем в заблокированные if (isset($_POST['submit'])) { $q = mysql_query("SELECT * FROM `cms_contact`\n\t\t\t\tWHERE `user_id`='" . $user_id . "' AND `from_id`='" . $id . "';"); if (mysql_num_rows($q) == 0) { mysql_query("INSERT INTO `cms_contact` SET\n\t\t\t\t\t`user_id` = '" . $user_id . "',\n\t\t\t\t\t`from_id` = '" . $id . "',\n\t\t\t\t\t`time` = '" . time() . "';"); } echo '<div class="rmenu">' . $lng_mail['add_contact'] . '</div>'; } else {
echo ""; require_once '../incfiles/end.php'; exit; } $req = mysql_query("SELECT `name` FROM `lib` WHERE `type` = 'bk' AND `id` = '" . $id . "' LIMIT 1"); if (mysql_num_rows($req) != 1) { // если статья не существует, останавливаем скрипт echo '<p>ERROR<br/><a href="../index.php">Back</a></p>'; require_once '../incfiles/end.php'; exit; } // Проверка на флуд $flood = functions::antiflood(); if ($flood) { require_once '../incfiles/head.php'; echo functions::display_error($lng['error_flood'] . ' ' . $flood . ' ' . $lng['sec'], '<a href="?act=komm&id=' . $id . '">' . $lng['back'] . '</a>'); require_once '../incfiles/end.php'; exit; } if (isset($_POST['submit'])) { if ($_POST['msg'] == "") { echo $lng['error_empty_message'] . "<br/><a href='index.php?act=komm&id=" . $id . "'>" . $lng['back'] . "</a><br/>"; require_once '../incfiles/end.php'; exit; } $msg = functions::check($_POST['msg']); if ($_POST['msgtrans'] == 1) { $msg = functions::trans($msg); } $msg = mb_substr($msg, 0, 500); $agn = strtok($agn, ' ');
*/ defined('_IN_JOHNCMS') or die('Error: restricted access'); $error = false; if ($id) { /* ----------------------------------------------------------------- Скачивание прикрепленного файла Форума ----------------------------------------------------------------- */ $req = mysql_query("SELECT * FROM `cms_forum_files` WHERE `id` = '{$id}'"); if (mysql_num_rows($req)) { $res = mysql_fetch_array($req); if (file_exists('../files/forum/attach/' . $res['filename'])) { $dlcount = $res['dlcount'] + 1; mysql_query("UPDATE `cms_forum_files` SET `dlcount` = '{$dlcount}' WHERE `id` = '{$id}'"); header('location: ../files/forum/attach/' . $res['filename']); } else { $error = true; } } else { $error = true; } if ($error) { require '../incfiles/head.php'; echo functions::display_error($lng['error_file_not_exist'], '<a href="index.php">' . $lng['to_forum'] . '</a>'); require '../incfiles/end.php'; exit; } } else { header('location: index.php'); }
} $req = mysql_query("SELECT * FROM `lib` WHERE `id` = '" . $id . "'"); $ms = mysql_fetch_array($req); if (isset($_POST['submit'])) { switch ($ms['type']) { case "bk": //////////////////////////////////////////////////////////// // Сохраняем отредактированную статью // //////////////////////////////////////////////////////////// if (empty($_POST['name'])) { echo functions::display_error($lng['error_empty_title'], '<a href="index.php?act=edit&id=' . $id . '">' . $lng['repeat'] . '</a>'); require_once '../incfiles/end.php'; exit; } if (empty($_POST['text'])) { echo functions::display_error($lng['error_empty_text'], '<a href="index.php?act=edit&id=' . $id . '">' . $lng['repeat'] . '</a>'); require_once '../incfiles/end.php'; exit; } $text = trim($_POST['text']); $autor = isset($_POST['autor']) ? functions::check($_POST['autor']) : ''; $count = isset($_POST['count']) ? abs(intval($_POST['count'])) : '0'; if (!empty($_POST['anons'])) { $anons = mb_substr(trim($_POST['anons']), 0, 100); } else { $anons = mb_substr($text, 0, 100); } mysql_query("UPDATE `lib` SET\n `name` = '" . mysql_real_escape_string(mb_substr(trim($_POST['name']), 0, 100)) . "',\n `announce` = '" . mysql_real_escape_string($anons) . "',\n `text` = '" . mysql_real_escape_string($text) . "',\n `avtor` = '{$autor}',\n `count` = '{$count}'\n WHERE `id` = '{$id}'\n "); header('location: index.php?id=' . $id); break; case "cat":
*/ if (!$user_id) { require '../incfiles/head.php'; echo functions::display_error($lng['access_guest_forbidden']); require '../incfiles/end.php'; exit; } /* ----------------------------------------------------------------- Получаем данные пользователя ----------------------------------------------------------------- */ $user = functions::get_user($user); if (!$user) { require '../incfiles/head.php'; echo functions::display_error($lng['user_does_not_exist']); require '../incfiles/end.php'; exit; } /* ----------------------------------------------------------------- Функция голосований за фотографии ----------------------------------------------------------------- */ function vote_photo($arg = null) { global $lng, $datauser, $user_id, $ban; if ($arg) { $rating = $arg['vote_plus'] - $arg['vote_minus']; if ($rating > 0) { $color = 'C0FFC0';
//////////////////////////////////////////////////////////////////////////////// // JohnCMS core team: // // Евгений Рябинин aka john77 john77@gazenwagen.com // // Олег Касьянов aka AlkatraZ alkatraz@gazenwagen.com // // // // Информацию о версиях смотрите в прилагаемом файле version.txt // //////////////////////////////////////////////////////////////////////////////// */ defined('_IN_JOHNCMS') or die('Error: restricted access'); require_once '../incfiles/head.php'; echo '<div class="phdr"><a href="index.php"><b>' . $lng['downloads'] . '</b></a> | ' . $lng['search'] . '</div>'; if (!empty($_GET['srh'])) { $srh = functions::check($_GET['srh']); } else { if ($_POST['srh'] == "") { echo functions::display_error($lng_dl['search_string_empty'], '<a href="index.php">' . $lng['back'] . '</a>'); require_once '../incfiles/end.php'; exit; } $srh = functions::check($_POST['srh']); } if (!empty($_GET['srh'])) { $srh = functions::check($_GET['srh']); } $psk = mysql_query("select * from `download` where type='file' ;"); if (empty($_GET['start'])) { $start = 0; } else { $start = $_GET['start']; } while ($array = mysql_fetch_array($psk)) {
$us = mysql_query("SELECT `id`, `name` FROM `users` WHERE `id` = '{$res1['user_id']}'"); if (mysql_num_rows($us)) { $rowuse = mysql_fetch_assoc($us); $name_use = $user_id ? '<a href="../users/profile.php?id=' . $rowuse['id'] . '">' . $rowuse['name'] . '</a>' : $rowuse['name']; } else { $name_use = $lng['guest']; } // mysql_query("UPDATE `animes` SET `count` = (`count`+1) WHERE `id` = '{$id}'"); echo '<div class="gmenu"> Ditulis oleh: ' . $name_use . '<br /> Dilihat: ' . $res1['count'] . ' kali <br /> Pada: ' . date('d.m.o / H:i', $res1['time'] + $sdvigclock * 3600) . '<br /> ' . ($res1['time'] > time() ? '<div class="func">Waktu tersisa untuk diperlihatkan: ' . timer($res1['time'] - time()) . '</div>' : '') . ' <a href="index.php?act=comments&id=' . $id . '">' . $lng['comments'] . '</a> (' . mysql_result(mysql_query("SELECT COUNT(*) FROM `animes_comments` WHERE `refid`='{$id}'"), 0) . ') </div> ' . ($rights >= 7 ? '<div class="menu"><div class="func"> <a href="manage.php?act=newsedit&id=' . $id . '">' . $lng['edit'] . '</a><br /> <a href="manage.php?act=delnews&id=' . $id . '">' . $lng['delete'] . '</a><br /> </div></div>' : '') . ' <div class="bmenu">Kategori: <a href="index.php?id=' . $res1['catid'] . '">' . htmlentities($res1['catname'], ENT_QUOTES, 'UTF-8') . '</a></div>'; } else { $textl = 'Blogs'; require_once '../incfiles/head.php'; echo functions::display_error('Blogs tidak ada'); } } else { $textl = 'Blogs'; require_once '../incfiles/head.php'; echo functions::display_error('Blogs tidak dipilih'); }
if (!$mesto) { $total = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_ads` WHERE `mesto` = '" . $mesto . "' AND `type` = '" . $type . "'"), 0); if ($total != 0) { $error[] = $lng['links_place_occupied']; } } if ($color) { if (preg_match("/[^\\da-fA-F_]+/", $color)) { $error[] = $lng['error_wrong_symbols']; } if (strlen($color) < 6) { $error[] = $lng['error_color']; } } if ($error) { echo functions::display_error($error, '<a href="index.php?act=ads&from=addlink">' . $lng['back'] . '</a>'); require '../incfiles/end.php'; exit; } if ($id) { // Обновляем ссылку после редактирования mysql_query("UPDATE `cms_ads` SET\n `type` = '{$type}',\n `view` = '{$view}',\n `link` = '{$link}',\n `name` = '{$name}',\n `color` = '{$color}',\n `count_link` = '{$count}',\n `day` = '{$day}',\n `layout` = '{$layout}',\n `bold` = '{$bold}',\n `show` = '{$show}',\n `italic` = '{$italic}',\n `underline` = '{$underline}'\n WHERE `id` = '{$id}'\n "); } else { // Добавляем новую ссылку $req = mysql_query("SELECT `mesto` FROM `cms_ads` ORDER BY `mesto` DESC LIMIT 1"); if (mysql_num_rows($req) > 0) { $res = mysql_fetch_array($req); $mesto = $res['mesto'] + 1; } else { $mesto = 1; }
* @author http://johncms.com/about */ defined('_IN_JOHNCMS') or die('Error: restricted access'); if ($user_id && !$ban['1'] && !$ban['10'] && ($set['mod_down_comm'] || $rights < 7)) { if ($_GET['id'] == "") { require_once "../incfiles/head.php"; echo "Не выбран файл<br/><a href='?'>К категориям</a><br/>"; require_once '../incfiles/end.php'; exit; } if (isset($_POST['submit'])) { // Проверка на флуд $flood = functions::antiflood(); if ($flood) { require_once '../incfiles/head.php'; echo functions::display_error('Вы не можете так часто добавлять сообщения<br />Пожалуйста, подождите ' . $flood . ' сек.', '<a href="index.php?act=komm&id=' . $id . '">Назад</a>'); require_once '../incfiles/end.php'; exit; } if ($_POST['msg'] == "") { require_once "../incfiles/head.php"; echo "Вы не ввели сообщение!<br/><a href='?act=komm&id=" . $id . "'>К комментариям</a><br/>"; require_once '../incfiles/end.php'; exit; } $msg = functions::check($_POST['msg']); if ($_POST[msgtrans] == 1) { $msg = functions::trans($msg); } $msg = mb_substr($msg, 0, 500); $agn = strtok($agn, ' ');
$subtext = ''; } $text = ' <span class="gray">(' . functions::display_date($row['mtime']) . ')</span>'; $arg = array('header' => $text, 'body' => $post, 'sub' => $subtext); echo functions::display_user($row, $arg); echo '</div>'; ++$i; } echo '<div class="phdr">' . $lng['total'] . ': ' . $total . '</div>'; if ($total > $kmess) { echo '<div class="topmenu">' . functions::display_pagination('index.php?act=comments&id=' . $id . '&', $start, $total, $kmess) . '</div>'; echo '<p><form action="index.php" method="get"> <input type="hidden" name="act" value="comments"/> <input type="hidden" name="id" value="' . $id . '"/> <input type="text" name="page" size="2"/> <input type="submit" value="' . $lng['to_page'] . ' >>"/></form></p>'; } } else { echo '<div class="rmenu">Belum ada komentar,jadilah yg pertamax !</div>'; } } echo '<div class="bmenu"><a href="index.php?act=view&id=' . $id . '">Kembali</a></div>'; } else { $textl = 'Blogs'; require_once '../incfiles/head.php'; echo functions::display_error('Blogs tidak ada'); } } else { $textl = 'Blogs'; require_once '../incfiles/head.php'; }
if ($user['dayb'] || $user['monthb'] || $user['yearofbirth']) { if ($user['dayb'] < 1 || $user['dayb'] > 31 || $user['monthb'] < 1 || $user['monthb'] > 12) { $error[] = $lng_profile['error_birth']; } } if ($user['icq'] && ($user['icq'] < 10000 || $user['icq'] > 999999999)) { $error[] = $lng_profile['error_icq']; } if (!$error) { mysql_query("UPDATE `users` SET\n `imname` = '" . $user['imname'] . "',\n `live` = '" . $user['live'] . "',\n `dayb` = '" . $user['dayb'] . "',\n `monthb` = '" . $user['monthb'] . "',\n `yearofbirth` = '" . $user['yearofbirth'] . "',\n `about` = '" . $user['about'] . "',\n `mibile` = '" . $user['mibile'] . "',\n `mail` = '" . $user['mail'] . "',\n `mailvis` = '" . $user['mailvis'] . "',\n `icq` = '" . $user['icq'] . "',\n `skype` = '" . $user['skype'] . "',\n `jabber` = '" . $user['jabber'] . "',\n `www` = '" . $user['www'] . "'\n WHERE `id` = '" . $user['id'] . "'\n "); if ($rights >= 7) { mysql_query("UPDATE `users` SET\n `name` = '" . $user['name'] . "',\n `status` = '" . $user['status'] . "',\n `karma_off` = '" . $user['karma_off'] . "',\n `sex` = '" . $user['sex'] . "',\n `rights` = '" . $user['rights'] . "'\n WHERE `id` = '" . $user['id'] . "'\n "); } echo '<div class="gmenu">' . $lng_profile['data_saved'] . '</div>'; } else { echo functions::display_error($error); } header('Location: profile.php?act=edit&user='******'id']); exit; } /* ----------------------------------------------------------------- Форма редактирования анкеты пользователя ----------------------------------------------------------------- */ echo '<form action="profile.php?act=edit&user='******'id'] . '" method="post">' . '<div class="gmenu"><p>' . $lng['login_name'] . ': <b>' . $user['name_lat'] . '</b><br />'; if ($rights >= 7) { echo $lng['nick'] . ': (' . $lng_profile['nick_lenght'] . ')<br /><input type="text" value="' . $user['name'] . '" name="name" /><br />' . $lng['status'] . ': (' . $lng_profile['status_lenght'] . ')<br /><input type="text" value="' . $user['status'] . '" name="status" /><br />'; } else { echo '<span class="gray">' . $lng['nick'] . ':</span> <b>' . $user['name'] . '</b><br />' . '<span class="gray">' . $lng['status'] . ':</span> ' . $user['status'] . '<br />'; }
$qt = functions::checkout($qt, 0, 2); if (!empty($_POST['msg']) && !isset($_POST['submit'])) { echo '<div class="list1">' . functions::display_user($datauser, array('iphide' => 1, 'header' => '<span class="gray">(' . functions::display_date(time()) . ')</span>', 'body' => $msg_pre)) . '</div>'; } echo '<form name="form" action="index.php?act=say&id=' . $id . '&start=' . $start . (isset($_GET['cyt']) ? '&cyt' : '') . '" method="post"><div class="gmenu">'; if (isset($_GET['cyt'])) { // Форма с цитатой echo '<p><b>' . $type1['from'] . '</b> <span class="gray">(' . $vr . ')</span></p>' . '<p><h3>' . $lng_forum['cytate'] . '</h3>' . '<textarea rows="' . $set_user['field_h'] . '" name="citata">' . (empty($_POST['citata']) ? $qt : functions::checkout($_POST['citata'])) . '</textarea>' . '<br /><small>' . $lng_forum['cytate_help'] . '</small></p>'; } else { // Форма с репликой echo '<p><h3>' . $lng_forum['reference'] . '</h3>' . '<input type="radio" value="0" ' . (!$txt ? 'checked="checked"' : '') . ' name="txt" /> <b>' . $type1['from'] . '</b>,<br />' . '<input type="radio" value="2" ' . ($txt == 2 ? 'checked="checked"' : '') . ' name="txt" /> <b>' . $type1['from'] . '</b>, ' . $lng_forum['reply_1'] . ',<br />' . '<input type="radio" value="3" ' . ($txt == 3 ? 'checked="checked"' : '') . ' name="txt" /> <b>' . $type1['from'] . '</b>, ' . $lng_forum['reply_2'] . ' (<a href="index.php?act=post&id=' . $type1['id'] . '">' . $vr . '</a>) ' . $lng_forum['reply_3'] . ',<br />' . '<input type="radio" value="4" ' . ($txt == 4 ? 'checked="checked"' : '') . ' name="txt" /> <b>' . $type1['from'] . '</b>, ' . $lng_forum['reply_4'] . '</p>'; } echo '<p><h3>' . $lng_forum['post'] . '</h3>'; if (!$is_mobile) { echo '</p><p>' . bbcode::auto_bb('form', 'msg'); } echo '<textarea rows="' . $set_user['field_h'] . '" name="msg">' . (empty($_POST['msg']) ? '' : functions::checkout($_POST['msg'])) . '</textarea></p>' . '<p><input type="checkbox" name="addfiles" value="1" ' . (isset($_POST['addfiles']) ? 'checked="checked" ' : '') . '/> ' . $lng_forum['add_file']; if ($set_user['translit']) { echo '<br /><input type="checkbox" name="msgtrans" value="1" ' . (isset($_POST['msgtrans']) ? 'checked="checked" ' : '') . '/> ' . $lng['translit']; } $token = mt_rand(1000, 100000); $_SESSION['token'] = $token; echo '</p><p><input type="submit" name="submit" value="' . $lng['sent'] . '" style="width: 107px; cursor: pointer;"/> ' . ($set_forum['preview'] ? '<input type="submit" value="' . $lng['preview'] . '" style="width: 107px; cursor: pointer;"/>' : '') . '<input type="hidden" name="token" value="' . $token . '"/>' . '</p></div></form>'; } echo '<div class="phdr"><a href="../pages/faq.php?act=trans">' . $lng['translit'] . '</a> | ' . '<a href="../pages/faq.php?act=smileys">' . $lng['smileys'] . '</a></div>' . '<p><a href="index.php?id=' . $type1['refid'] . '&start=' . $start . '">' . $lng['back'] . '</a></p>'; break; default: require '../incfiles/head.php'; echo functions::display_error($lng_forum['error_topic_deleted'], '<a href="index.php">' . $lng['to_forum'] . '</a>'); require '../incfiles/end.php'; }
----------------------------------------------------------------- Очищаем историю нарушений юзера ----------------------------------------------------------------- */ if ($rights == 9) { echo '<div class="phdr"><b>' . $lng_ban['infringements_history'] . '</b></div>' . '<div class="gmenu"><p>' . functions::display_user($user) . '</p></div>'; if (isset($_POST['submit'])) { mysql_query("DELETE FROM `cms_ban_users` WHERE `user_id` = '" . $user['id'] . "'"); echo '<div class="gmenu"><h3>' . $lng_ban['history_cleared'] . '</h3></div>'; } else { echo '<form action="profile.php?act=ban&mod=delhist&user='******'id'] . '" method="post">' . '<div class="menu"><p>' . $lng_ban['clear_confirmation'] . '</p>' . '<p><input type="submit" value="' . $lng['clear'] . '" name="submit" />' . '</p></div></form>'; } $total = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_ban_users` WHERE `user_id` = '" . $user['id'] . "'"), 0); echo '<div class="phdr">' . $lng['total'] . ': ' . $total . '</div>' . '<p>' . ($total ? '<a href="profile.php?act=ban&user='******'id'] . '">' . $lng_ban['infringements_history'] . '</a><br />' : '') . '<a href="../' . $set['admp'] . '/index.php?act=ban_panel">' . $lng_ban['ban_panel'] . '</a></p>'; } else { echo functions::display_error($lng_ban['error_rights_clear']); } break; default: /* ----------------------------------------------------------------- История нарушений ----------------------------------------------------------------- */ echo '<div class="phdr"><a href="profile.php?user='******'id'] . '"><b>' . $lng['profile'] . '</b></a> | ' . $lng_ban['infringements_history'] . '</div>'; // Меню $menu = array(); if ($rights >= 6) { $menu[] = '<a href="../' . $set['admp'] . '/index.php?act=ban_panel">' . $lng_ban['ban_panel'] . '</a>'; } if ($rights == 9) {
$handle->image_y = 120; } } $handle->image_convert = 'jpg'; $handle->process('../files/images/'); if ($handle->processed) { echo '<div class="phdr"><a href="upload_img.php">Kembali</a> | <b>Upload Gambar</b></div>' . '<div class="gmenu">Gambar diupload! Sekarang Anda dapat menyisipkannya ke pesan apapun di situs</div>' . '<div class="menu">BBcode: <input type="text" value="[img=' . $name_file . ']" /></div>' . '<div class="phdr"><a href="upload_img.php">Kembali</a></div>'; } else { echo functions::display_error($handle->error, '<a href="upload_img.php">Kembali</a>'); } } else { echo functions::display_error($handle->error, '<a href="upload_img.php">Kembali</a>'); } $handle->clean(); } else { echo functions::display_error('Tidak ada file yang dipilih', '<a href="upload_img.php">Kembali</a>'); } } else { echo '<div class="phdr"> <a href="faq.php?act=tags">ВВcode</a> | <b>Upload Gambar</b></div>' . '<form enctype="multipart/form-data" method="post" action="upload_img.php?img"><div class="list1">' . 'Pilih gambar:<br /><input type="file" name="imagefile" value="" />' . '<input type="hidden" name="MAX_FILE_SIZE" value="' . 1024 * $upload_file_size . '" />' . '<br />' . '<p><input type="submit" name="submit" value="Upload" /></p></div></form>' . '<div class="list2"><small>Type file yang diperbolehkan adalah JPG, JPEG, PNG, dan GIF<br />' . 'Ukuran file tidak boleh melebihi ' . $upload_file_size . 'kb.</small></div>' . '<div class="phdr"><b>Gambar</b></div>'; $array = glob($rootpath . 'files/images/*preview.jpg'); $total = count($array); $end = $start + $kmess; if ($end > $total) { $end = $total; } if ($start >= $total) { $start = 0; $end = $total > $kmess ? $kmess : $total; } if ($total > 0) { for ($i = $start; $i < $end; $i++) {
if ($res['text'] == $msg) { header("location: index.php"); exit; } } if (!$error) { // Вставляем сообщение в базу mysql_query("INSERT INTO `guest` SET\n `adm` = '{$admset}',\n `time` = '" . time() . "',\n `user_id` = '" . ($user_id ? $user_id : 0) . "',\n `name` = '{$from}',\n `text` = '" . mysql_real_escape_string($msg) . "',\n `ip` = '" . core::$ip . "',\n `browser` = '" . mysql_real_escape_string($agn) . "',\n `otvet` = ''\n "); // Фиксируем время последнего поста (антиспам) if ($user_id) { $postguest = $datauser['postguest'] + 1; mysql_query("UPDATE `users` SET `postguest` = '{$postguest}', `lastpost` = '" . time() . "' WHERE `id` = '{$user_id}'"); } header('location: index.php'); } else { echo functions::display_error($error, '<a href="index.php">' . $lng['back'] . '</a>'); } break; case 'otvet': /* ----------------------------------------------------------------- Добавление "ответа Админа" ----------------------------------------------------------------- */ if ($rights >= 6 && $id) { if (isset($_POST['submit']) && isset($_POST['token']) && isset($_SESSION['token']) && $_POST['token'] == $_SESSION['token']) { $reply = isset($_POST['otv']) ? functions::checkin(mb_substr(trim($_POST['otv']), 0, 5000)) : ''; mysql_query("UPDATE `guest` SET\n `admin` = '{$login}',\n `otvet` = '" . mysql_real_escape_string($reply) . "',\n `otime` = '" . time() . "'\n WHERE `id` = '{$id}'\n "); header("location: index.php"); } else { echo '<div class="phdr"><a href="index.php"><b>' . $lng['guestbook'] . '</b></a> | ' . $lng['reply'] . '</div>';
break; case 'avatars': /* ----------------------------------------------------------------- Каталог пользовательских Аватаров ----------------------------------------------------------------- */ if ($id && is_dir($rootpath . 'images/avatars/' . $id)) { $avatar = isset($_GET['avatar']) ? intval($_GET['avatar']) : false; if ($user_id && $avatar && is_file('../images/avatars/' . $id . '/' . $avatar . '.png')) { if (isset($_POST['submit'])) { // Устанавливаем пользовательский Аватар if (@copy('../images/avatars/' . $id . '/' . $avatar . '.png', '../files/users/avatar/' . $user_id . '.png')) { echo '<div class="gmenu"><p>' . $lng['avatar_applied'] . '<br />' . '<a href="../users/profile.php?act=edit">' . $lng['continue'] . '</a></p></div>'; } else { echo functions::display_error($lng['error_avatar_select'], '<a href="' . $_SESSION['ref'] . '">' . $lng['back'] . '</a>'); } } else { echo '<div class="phdr"><a href="faq.php?act=avatars"><b>' . $lng['avatars'] . '</b></a> | ' . $lng_faq['set_to_profile'] . '</div>' . '<div class="rmenu"><p>' . $lng_faq['avatar_change_warning'] . '</p>' . '<p><img src="../images/avatars/' . $id . '/' . $avatar . '.png" alt="" /></p>' . '<p><form action="faq.php?act=avatars&id=' . $id . '&avatar=' . $avatar . '" method="post"><input type="submit" name="submit" value="' . $lng['save'] . '"/></form></p>' . '</div>' . '<div class="phdr"><a href="faq.php?act=avatars&id=' . $id . '">' . $lng['cancel'] . '</a></div>'; } } else { // Показываем список Аватаров echo '<div class="phdr"><a href="faq.php?act=avatars"><b>' . $lng['avatars'] . '</b></a> | ' . htmlentities(file_get_contents($rootpath . 'images/avatars/' . $id . '/name.dat'), ENT_QUOTES, 'utf-8') . '</div>'; $array = glob($rootpath . 'images/avatars/' . $id . '/*.png'); $total = count($array); $end = $start + $kmess; if ($end > $total) { $end = $total; } if ($total > 0) { for ($i = $start; $i < $end; $i++) {
$fpst = $datauser['postforum'] + 1; mysql_query("UPDATE `users` SET\n `postforum` = '{$fpst}',\n `lastpost` = '" . time() . "'\n WHERE `id` = '{$user_id}'\n "); // Ставим метку о прочтении mysql_query("INSERT INTO `cms_forum_rdm` SET\n `topic_id`='{$rid}',\n `user_id`='{$user_id}',\n `time`='" . time() . "'\n "); if ($buzz_prefix > 0) { mysql_query("UPDATE `forum` SET\n\t\t`tiento` = '{$buzz_prefix}'\n\t\tWHERE `id` = '{$rid}'"); } if ($_POST['addfiles'] == 1) { header("Location: index.php?id={$postid}&act=addfile"); } else { header("Location: index.php?id={$rid}"); } } else { // Выводим сообщение об ошибке require '../incfiles/head.php'; echo functions::display_error($error, '<a href="index.php?act=nt&id=' . $id . '">' . $lng['repeat'] . '</a>'); require '../incfiles/end.php'; exit; } } else { $res_r = mysql_fetch_assoc($req_r); $req_c = mysql_query("SELECT * FROM `forum` WHERE `id` = '" . $res_r['refid'] . "'"); $res_c = mysql_fetch_assoc($req_c); require '../incfiles/head.php'; if ($datauser['postforum'] == 0) { if (!isset($_GET['yes'])) { $lng_faq = core::load_lng('faq'); echo '<p>' . $lng_faq['forum_rules_text'] . '</p>'; echo '<p><a href="index.php?act=nt&id=' . $id . '&yes">' . $lng_forum['agree'] . '</a> | <a href="index.php?id=' . $id . '">' . $lng_forum['not_agree'] . '</a></p>'; require '../incfiles/end.php'; exit;
mysql_query("INSERT INTO `cms_contact` SET\n\t\t\t\t\t`user_id` = '" . $user_id . "',\n\t\t\t\t\t`from_id` = '" . $id . "',\n\t\t\t\t\t`time` = '" . time() . "',\n\t\t\t\t\t`ban`='1';"); } else { mysql_query("UPDATE `cms_contact` SET `ban`='1', `friends`='0' WHERE `user_id`='{$user_id}' AND `from_id`='{$id}';"); mysql_query("UPDATE `cms_contact` SET `friends`='0' WHERE `user_id`='{$id}' AND `from_id`='{$user_id}';"); } echo '<div class="rmenu">' . $lng_mail['user_block'] . '</div>'; } } else { echo '<div class="rmenu"><form action="index.php?act=ignor&id=' . $id . '&add" method="post"> <p>' . $lng_mail['really_block_contact'] . '</p> <p><input type="submit" name="submit" value="' . $lng_mail['block'] . '"/></p> </form></div>'; echo '<div class="phdr"><a href="' . (isset($_SERVER['HTTP_REFERER']) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : 'index.php') . '">' . $lng['back'] . '</a></div>'; } } else { echo functions::display_error($lng_mail['no_contact_is_chose']); } } else { echo '<div class="topmenu"><a href="index.php">' . $lng_mail['my_contacts'] . '</a> | <b>' . $lng_mail['blocklist'] . '</b></div>'; //Отображаем список заблокированных контактов $total = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_contact` WHERE `user_id` = '" . $user_id . "' AND `ban`='1'"), 0); if ($total) { if ($total > $kmess) { echo '<div class="topmenu">' . functions::display_pagination('index.php?act=ignor&', $start, $total, $kmess) . '</div>'; } $req = mysql_query("SELECT `users`.* FROM `cms_contact`\n\t\t LEFT JOIN `users` ON `cms_contact`.`from_id`=`users`.`id`\n\t\t WHERE `cms_contact`.`user_id`='" . $user_id . "'\n\t\t AND `ban`='1'\n\t\t ORDER BY `cms_contact`.`time` DESC\n\t\t LIMIT {$start}, {$kmess}"); for ($i = 0; ($row = mysql_fetch_assoc($req)) !== FALSE; ++$i) { echo $i % 2 ? '<div class="list1">' : '<div class="list2">'; $subtext = '<a href="index.php?act=write&id=' . $row['id'] . '">' . $lng_mail['correspondence'] . '</a> | <a href="index.php?act=deluser&id=' . $row['id'] . '">' . $lng['delete'] . '</a> | <a href="index.php?act=ignor&id=' . $row['id'] . '&del">' . $lng_mail['enabled'] . '</a>'; $count_message = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_mail` WHERE ((`user_id`='{$row['id']}' AND `from_id`='{$user_id}') OR (`user_id`='{$user_id}' AND `from_id`='{$row['id']}')) AND `delete`!='{$user_id}' AND `sys`!='1' AND `spam`!='1';"), 0); $new_count_message = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_mail` WHERE `cms_mail`.`user_id`='{$user_id}' AND `cms_mail`.`from_id`='{$row['id']}' AND `read`='0' AND `delete`!='{$user_id}' AND `sys`!='1' AND `spam`!='1';"), 0);
$handle->allowed = array('image/jpeg', 'image/jpg', 'image/gif', 'image/png'); $handle->file_max_size = 1024 * $set['flsz']; $handle->file_overwrite = true; $handle->image_resize = true; $handle->image_x = 32; $handle->image_y = 32; $handle->image_convert = 'jpg'; $handle->process('../files/blogs/'); if ($handle->processed) { @chmod('../files/blogs/anime_icon_' . $id . '.jpg', 0666); } } $handle->clean(); Header('Location: ../blogs/index.php?act=view&id=' . $id); } else { echo functions::display_error($error, '<a href="manage.php?act=news">Ulangi</a>'); } } else { echo '<form action="manage.php?act=newsedit&id=' . $id . '" method="post" enctype="multipart/form-data"> <div class="gmenu"><p> <b>Judul Blogs:</b><br /> <input type="text" name="name" value="' . htmlentities($row['name'], ENT_QUOTES, 'UTF-8') . '" /><br /> <small>Min. 2, max. 150 karakter</small><br /> <b>Blogs text:</b><br /> <textarea name="text" cols="24" rows="4">' . htmlentities($row['text'], ENT_QUOTES, 'UTF-8') . '</textarea><br /> <small>Min. 2, max. 5000 character</small><br /> <b>Pilih Kategori:</b><br /> <select name="cat">'; $req = mysql_query("SELECT * FROM `animes_cat` ORDER BY `realid` ASC"); while (($rows = mysql_fetch_assoc($req)) !== false) { echo '<option value="' . $rows['id'] . '"' . ($rows['id'] == $row['refid'] ? ' selected="selected"' : '') . '>' . htmlentities($rows['name'], ENT_QUOTES, 'UTF-8') . '</option>';
//$handle->image_text_background_percent = 50; //$handle->image_text_padding = 1; $handle->process('../files/users/album/' . $user['id'] . '/'); $img_name = $handle->file_dst_name; if ($handle->processed) { // Обрабатываем превьюшку $handle->file_new_name_body = 'tmb_' . time(); $handle->image_resize = true; $handle->image_x = 80; $handle->image_y = 80; $handle->image_ratio_no_zoom_in = true; $handle->image_convert = 'jpg'; $handle->process('../files/users/album/' . $user['id'] . '/'); $tmb_name = $handle->file_dst_name; if ($handle->processed) { $description = isset($_POST['description']) ? trim($_POST['description']) : ''; $description = mb_substr($description, 0, 500); mysql_query("INSERT INTO `cms_album_files` SET\n `album_id` = '{$al}',\n `user_id` = '" . $user['id'] . "',\n `img_name` = '" . mysql_real_escape_string($img_name) . "',\n `tmb_name` = '" . mysql_real_escape_string($tmb_name) . "',\n `description` = '" . mysql_real_escape_string($description) . "',\n `time` = '" . time() . "',\n `access` = '" . $res_a['access'] . "'\n "); echo '<div class="gmenu"><p>' . $lng_profile['photo_uploaded'] . '<br />' . '<a href="album.php?act=show&al=' . $al . '&user='******'id'] . '">' . $lng['continue'] . '</a></p></div>' . '<div class="phdr"><a href="profile.php?user='******'id'] . '">' . $lng['profile'] . '</a></div>'; } else { echo functions::display_error($handle->error); } } else { echo functions::display_error($handle->error); } $handle->clean(); } } else { echo '<form enctype="multipart/form-data" method="post" action="album.php?act=image_upload&al=' . $al . '&user='******'id'] . '">' . '<div class="menu"><p><h3>' . $lng_profile['select_image'] . '</h3>' . '<input type="file" name="imagefile" value="" /></p>' . '<p><h3>' . $lng['description'] . '</h3>' . '<textarea name="description" rows="' . $set_user['field_h'] . '"></textarea><br />' . '<small>' . $lng['not_mandatory_field'] . ', max. 500</small></p>' . '<input type="hidden" name="MAX_FILE_SIZE" value="' . 1024 * $set['flsz'] . '" />' . '<p><input type="submit" name="submit" value="' . $lng_profile['upload'] . '" /></p>' . '</div></form>' . '<div class="phdr"><small>' . $lng_profile['select_image_help'] . ' ' . $set['flsz'] . 'kb.<br />' . $lng_profile['select_image_help_5'] . '</small></div>' . '<p><a href="album.php?act=show&al=' . $al . '&user='******'id'] . '">' . $lng['back'] . '</a></p>'; } }
* @copyright Copyright (C) 2008-2011 JohnCMS Community * @license LICENSE.txt (see attached file) * @version VERSION.txt (see attached file) * @author http://johncms.com/about */ define('_IN_JOHNCMS', 1); $headmod = 'users'; require '../incfiles/core.php'; /* ----------------------------------------------------------------- Закрываем от неавторизованных юзеров ----------------------------------------------------------------- */ if (!$user_id && !$set['active']) { require '../incfiles/head.php'; echo functions::display_error($lng['access_guest_forbidden']); require '../incfiles/end.php'; exit; } /* ----------------------------------------------------------------- Переключаем режимы работы ----------------------------------------------------------------- */ $array = array('admlist' => 'includes', 'birth' => 'includes', 'online' => 'includes', 'search' => 'includes', 'top' => 'includes', 'userlist' => 'includes'); $path = !empty($array[$act]) ? $array[$act] . '/' : ''; if (array_key_exists($act, $array) && file_exists($path . $act . '.php')) { require_once $path . $act . '.php'; } else { /* -----------------------------------------------------------------
/** * @package JohnCMS * @link http://johncms.com * @copyright Copyright (C) 2008-2011 JohnCMS Community * @license LICENSE.txt (see attached file) * @version VERSION.txt (see attached file) * @author http://johncms.com/about */ defined('_IN_JOHNCMS') or die('Error: restricted access'); $textl = $lng['mail']; require_once '../incfiles/head.php'; if ($id) { $req = mysql_query("SELECT * FROM `cms_mail` WHERE (`user_id`='{$user_id}' OR `from_id`='{$user_id}') AND `id` = '{$id}' AND `file_name` != '' AND `delete`!='{$user_id}' LIMIT 1"); if (mysql_num_rows($req) == 0) { //Выводим ошибку echo functions::display_error($lng_mail['file_does_not_exist']); require_once "../incfiles/end.php"; exit; } $res = mysql_fetch_assoc($req); if (file_exists('../files/mail/' . $res['file_name'])) { mysql_query("UPDATE `cms_mail` SET `count` = `count`+1 WHERE `id` = '{$id}' LIMIT 1"); Header('Location: ../files/mail/' . $res['file_name']); exit; } else { echo functions::display_error($lng_mail['file_does_not_exist']); } } else { echo functions::display_error($lng_mail['file_is_not_chose']); }
//////////////////////////////////////////////////////////////////////////////// */ defined('_IN_JOHNCMS') or die('Error: restricted access'); require_once '../incfiles/head.php'; if ($rights == 4 || $rights >= 6) { if ($_GET['file'] == "") { echo functions::display_error($lng_dl['file_not_selected'], '<a href="index.php">' . $lng['back'] . '</a>'); require_once '../incfiles/end.php'; exit; } $file = intval(trim($_GET['file'])); $file1 = mysql_query("select * from `download` where type = 'file' and id = '" . $file . "';"); $file2 = mysql_num_rows($file1); $adrfile = mysql_fetch_array($file1); if ($file1 == 0 || !is_file("{$adrfile['adres']}/{$adrfile['name']}")) { echo functions::display_error($lng_dl['file_select_error'], '<a href="index.php">' . $lng['back'] . '</a>'); require_once '../incfiles/end.php'; exit; } if (isset($_POST['submit'])) { $scrname = $_FILES['screens']['name']; $scrsize = $_FILES['screens']['size']; $scsize = GetImageSize($_FILES['screens']['tmp_name']); $scwidth = $scsize[0]; $scheight = $scsize[1]; $ffot = strtolower($scrname); $dopras = array("gif", "jpg", "png"); if ($scrname != "") { $formfot = functions::format($ffot); if (!in_array($formfot, $dopras)) { echo $lng_dl['screenshot_upload_error'] . '<br/><a href="index.php?act=screen&file=' . $file . '">' . $lng['repeat'] . '</a><br/>';
echo '</div><div class="phdr">' . $lng['total'] . ': ' . count($scaner->bad_files) . '</div>'; } else { echo '<div class="gmenu">' . $lng['antispy_dist_scan_good'] . '</div>'; } echo '<p><a href="index.php?act=antispy&mod=scan">' . $lng['antispy_rescan'] . '</a></p>'; break; case 'snapscan': /* ----------------------------------------------------------------- Сканируем на соответствие ранее созданному снимку ----------------------------------------------------------------- */ $scaner->snapscan(); echo '<div class="phdr"><a href="index.php?act=antispy"><b>' . $lng['antispy'] . '</b></a> | ' . $lng['antispy_snapshot_scan'] . '</div>'; if (count($scaner->track_files) == 0) { echo functions::display_error($lng['antispy_no_snapshot'], '<a href="index.php?act=antispy&mod=snap">' . $lng['antispy_snapshot_create'] . '</a>'); } else { if (count($scaner->bad_files)) { echo '<div class="rmenu">' . $lng['antispy_snapshot_scan_bad'] . '</div>'; echo '<div class="menu">'; foreach ($scaner->bad_files as $idx => $data) { echo $data['file_path'] . '<br />'; } echo '</div>'; } else { echo '<div class="gmenu">' . $lng['antispy_snapshot_scan_ok'] . '</div>'; } echo '<div class="phdr">' . $lng['total'] . ': ' . count($scaner->bad_files) . '</div>'; } break; case 'snap':