}
if (!$error) {
// Записываем в базу
mysql_query("UPDATE `users` SET `password` = '" . mysql_real_escape_string(md5(md5($newpass))) . "' WHERE `id` = '" . $user['id'] . "'");
// Проверяем и записываем COOKIES
if (isset($_COOKIE['cuid']) && isset($_COOKIE['cups'])) {
setcookie('cups', md5($newpass), time() + 3600 * 24 * 365);
}
echo '<div class="gmenu"><p><b>' . $lng_pass['password_changed'] . '</b><br />' . '<a href="' . ($user_id == $user['id'] ? '../login.php' : 'profile.php?user='******'id']) . '">' . $lng['continue'] . '</a></p>';
if ($autologin) {
// Показываем ссылку на Автологин
echo '<p>' . $lng_pass['autologin_link'] . ':<br />' . '<input type="text" value="' . $set['homeurl'] . '/login.php?id=' . $user['id'] . '&p=' . $newpass . '" /></p>' . '<p>' . $lng_pass['autologin_warning'] . '</p>';
}
echo '</div>';
} else {
echo functions::display_error($error, '<a href="profile.php?act=password&user='******'id'] . '">' . $lng['repeat'] . '</a>');
}
break;
default:
/*
-----------------------------------------------------------------
Форма смены пароля
-----------------------------------------------------------------
*/
echo '<div class="phdr"><b>' . $lng_pass['change_password'] . ':</b> ' . $user['name'] . '</div>';
echo '<form action="profile.php?act=password&mod=change&user='******'id'] . '" method="post">';
if ($user['id'] == $user_id) {
echo '<div class="menu"><p>' . $lng_pass['input_old_password'] . ':<br /><input type="password" name="oldpass" /></p></div>';
}
echo '<div class="gmenu"><p>' . $lng_pass['input_new_password'] . ':<br />' . '<input type="password" name="newpass" /><br />' . $lng_pass['repeat_password'] . ':<br />' . '<input type="password" name="newconf" /></p>' . '<p><input type="checkbox" value="1" name="autologin" /> ' . $lng_pass['show_autologin'] . '</p><p><input type="submit" value="' . $lng['save'] . '" name="submit" />' . '</p></div></form>' . '<div class="phdr"><small>' . $lng_pass['password_change_help'] . '</small></div>' . '<p><a href="profile.php?user='******'id'] . '">' . $lng['profile'] . '</a></p>';
}
echo '<div class="phdr"><a href="index.php?act=ipban"><b>' . $lng['ip_ban'] . '</b></a> | ' . $lng['ban_details'] . '</div>';
if ($id) {
// Поиск адреса по ссылке (ID)
$req = mysql_query("SELECT * FROM `cms_ban_ip` WHERE `id` = '{$id}'");
$get_ip = '';
} elseif (isset($_POST['ip'])) {
// Поиск адреса по запросу из формы
$get_ip = ip2long($_POST['ip']);
if (!$get_ip) {
echo functions::display_error($lng['error_address'], '<a href="index.php?act=ipban&mod=new">' . $lng['back'] . '</a>');
require_once '../incfiles/end.php';
exit;
}
$req = mysql_query("SELECT * FROM `cms_ban_ip` WHERE '{$get_ip}' BETWEEN `ip1` AND `ip2` LIMIT 1");
} else {
echo functions::display_error($lng['error_address'], '<a href="index.php?act=ipban&mod=new">' . $lng['back'] . '</a>');
require_once '../incfiles/end.php';
exit;
}
if (!mysql_num_rows($req)) {
echo '<div class="menu"><p>' . $lng['ip_search_notfound'] . '</p></div>';
echo '<div class="phdr"><a href="index.php?act=ipban">' . $lng['back'] . '</a></div>';
require_once '../incfiles/end.php';
exit;
} else {
$res = mysql_fetch_array($req);
$get_ip = $res['ip1'] == $res['ip2'] ? '<b>' . long2ip($res['ip1']) . '</b>' : '[<b>' . long2ip($res['ip1']) . '</b>] - [<b>' . long2ip($res['ip2']) . '</b>]';
echo '<div class="rmenu"><p>' . $get_ip . '</p></div>';
echo '<div class="menu"><p><h3>' . $lng['ban_type'] . '</h3> ';
switch ($res['ban_type']) {
case 2:
-----------------------------------------------------------------
Параметры комментариев
-----------------------------------------------------------------
*/
$arg = array('comments_table' => 'cms_album_comments', 'object_table' => 'cms_album_files', 'script' => 'album.php?act=comments', 'sub_id_name' => 'img', 'sub_id' => $img, 'owner' => $owner['id'], 'owner_delete' => true, 'owner_reply' => true, 'owner_edit' => false, 'title' => $lng['comments'], 'context_top' => $context_top, 'context_bottom' => '');
/*
-----------------------------------------------------------------
Ставим метку прочтения
-----------------------------------------------------------------
*/
if (core::$user_id == $user['id'] && $res_obj['unread_comments']) {
mysql_query("UPDATE `cms_album_files` SET `unread_comments` = '0' WHERE `id` = '{$img}' LIMIT 1");
}
/*
-----------------------------------------------------------------
Показываем комментарии
-----------------------------------------------------------------
*/
require '../incfiles/head.php';
$comm = new comments($arg);
/*
-----------------------------------------------------------------
Обрабатываем метки непрочитанных комментариев
-----------------------------------------------------------------
*/
if ($comm->added && core::$user_id != $owner['id']) {
mysql_query("UPDATE `cms_album_files` SET `unread_comments` = '1' WHERE `id` = '{$img}' LIMIT 1");
}
} else {
echo functions::display_error($lng['error_wrong_data']);
}
$topic = mysql_fetch_assoc($req);
$req = mysql_query("SELECT `forum`.*, `users`.`id`\n FROM `forum` LEFT JOIN `users` ON `forum`.`user_id` = `users`.`id`\n WHERE `forum`.`refid`='{$id}' AND `users`.`rights` < 6 AND `users`.`rights` != 3 GROUP BY `forum`.`from` ORDER BY `forum`.`from`");
$total = mysql_num_rows($req);
echo '<div class="phdr"><a href="index.php?id=' . $id . '&start=' . $start . '"><b>' . $lng['forum'] . '</b></a> | ' . $lng_forum['curators'] . '</div>' . '<div class="bmenu">' . $res['text'] . '</div>';
$curators = array();
$users = !empty($topic['curators']) ? unserialize($topic['curators']) : array();
if (isset($_POST['submit'])) {
$users = isset($_POST['users']) ? $_POST['users'] : array();
if (!is_array($users)) {
$users = array();
}
}
if ($total > 0) {
echo '<form action="index.php?act=curators&id=' . $id . '&start=' . $start . '" method="post">';
$i = 0;
while ($res = mysql_fetch_array($req)) {
$checked = array_key_exists($res['user_id'], $users) ? true : false;
if ($checked) {
$curators[$res['user_id']] = $res['from'];
}
echo ($i++ % 2 ? '<div class="list2">' : '<div class="list1">') . '<input type="checkbox" name="users[' . $res['user_id'] . ']" value="' . $res['from'] . '"' . ($checked ? ' checked="checked"' : '') . '/> ' . '<a href="../users/profile.php?user='******'user_id'] . '">' . $res['from'] . '</a></div>';
}
echo '<div class="gmenu"><input type="submit" value="' . $lng_forum['assign'] . '" name="submit" /></div></form>';
if (isset($_POST['submit'])) {
mysql_query("UPDATE `forum` SET `curators`='" . mysql_real_escape_string(serialize($curators)) . "' WHERE `id` = '{$id}'");
}
} else {
echo functions::display_error($lng['list_empty']);
}
echo '<div class="phdr">' . $lng['total'] . ': ' . $total . '</div>' . '<p><a href="index.php?id=' . $id . '&start=' . $start . '">' . $lng['back'] . '</a></p>';
}
// Доступ через пароль
if (isset($_POST['password'])) {
if ($album['password'] == trim($_POST['password'])) {
$_SESSION['ap'] = $album['password'];
} else {
echo functions::display_error($lng['error_wrong_password']);
}
}
if (!isset($_SESSION['ap']) || $_SESSION['ap'] != $album['password']) {
echo '<form action="album.php?act=show&al=' . $al . '&user='******'id'] . '" method="post"><div class="menu"><p>' . $lng_profile['album_password'] . '<br />' . '<input type="text" name="password"/></p>' . '<p><input type="submit" name="submit" value="' . $lng['login'] . '"/></p>' . '</div></form>' . '<div class="phdr"><a href="album.php?act=list&user='******'id'] . '">' . $lng_profile['album_list'] . '</a></div>';
require '../incfiles/end.php';
exit;
}
} elseif ($album['access'] == 3 && $user['id'] != $user_id && $rights < 6 && !functions::is_friend($user['id'])) {
// Доступ только для друзей
echo functions::display_error($lng_profile['friends_only'], '<a href="album.php?act=list&user='******'id'] . '">' . $lng_profile['album_list'] . '</a>');
require '../incfiles/end.php';
exit;
}
/*
-----------------------------------------------------------------
Просмотр альбома и фотографий
-----------------------------------------------------------------
*/
if ($view) {
$kmess = 1;
$start = isset($_REQUEST['page']) ? $page - 1 : mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_album_files` WHERE `album_id` = '{$al}' AND `id` > '{$img}'"), 0);
// Обрабатываем ссылку для возврата
if (empty($_SESSION['ref'])) {
$_SESSION['ref'] = htmlspecialchars($_SERVER['HTTP_REFERER']);
}
$input = '<input type="hidden" name="t" value="' . $t . '"/>';
} else {
$id = false;
$sql = '';
$lnk = '';
$caption = '<b>' . $lng_forum['files_forum'] . '</b>';
$input = '';
}
if ($c || $s || $t) {
// Получаем имя нужной категории форума
$req = mysql_query("SELECT `text` FROM `forum` WHERE `id` = '{$id}'");
if (mysql_num_rows($req) > 0) {
$res = mysql_fetch_array($req);
$caption .= $res['text'];
} else {
echo functions::display_error($lng['error_wrong_data'], '<a href="index.php">' . $lng['to_forum'] . '</a>');
require '../incfiles/end.php';
exit;
}
}
if ($do || isset($_GET['new'])) {
/*
-----------------------------------------------------------------
Выводим список файлов нужного раздела
-----------------------------------------------------------------
*/
$total = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_forum_files` WHERE " . (isset($_GET['new']) ? " `time` > '{$new}'" : " `filetype` = '{$do}'") . $sql), 0);
if ($total > 0) {
// Заголовок раздела
echo '<div class="phdr">' . $caption . (isset($_GET['new']) ? '<br />' . $lng['new_files'] : '') . '</div>' . ($do ? '<div class="bmenu">' . $types[$do] . '</div>' : '');
$req = mysql_query("SELECT `cms_forum_files`.*, `forum`.`user_id`, `forum`.`text`, `topicname`.`text` AS `topicname`\n FROM `cms_forum_files`\n LEFT JOIN `forum` ON `cms_forum_files`.`post` = `forum`.`id`\n LEFT JOIN `forum` AS `topicname` ON `cms_forum_files`.`topic` = `topicname`.`id`\n WHERE " . (isset($_GET['new']) ? " `cms_forum_files`.`time` > '{$new}'" : " `filetype` = '{$do}'") . ($rights >= 7 ? '' : " AND `del` != '1'") . $sql . "ORDER BY `time` DESC LIMIT {$start},{$kmess}");
}
return $size;
}
// Массив подключаемых функций
$mods = array('ignor', 'write', 'systems', 'deluser', 'load', 'files', 'input', 'output', 'delete', 'new');
//Проверка выбора функции
if ($act && ($key = array_search($act, $mods)) !== FALSE && file_exists('includes/' . $mods[$key] . '.php')) {
require 'includes/' . $mods[$key] . '.php';
} else {
$textl = $lng['mail'];
require_once '../incfiles/head.php';
echo '<div class="phdr"><b>' . $lng_mail['contacts'] . '</b></div>';
if ($id) {
$req = mysql_query("SELECT * FROM `users` WHERE `id` = '{$id}' LIMIT 1;");
if (mysql_num_rows($req) == 0) {
echo functions::display_error($lng['error_user_not_exist']);
require_once "../incfiles/end.php";
exit;
}
$res = mysql_fetch_assoc($req);
if ($id == $user_id) {
echo '<div class="rmenu">' . $lng_mail['impossible_add_contact'] . '</div>';
} else {
//Добавляем в заблокированные
if (isset($_POST['submit'])) {
$q = mysql_query("SELECT * FROM `cms_contact`\n\t\t\t\tWHERE `user_id`='" . $user_id . "' AND `from_id`='" . $id . "';");
if (mysql_num_rows($q) == 0) {
mysql_query("INSERT INTO `cms_contact` SET\n\t\t\t\t\t`user_id` = '" . $user_id . "',\n\t\t\t\t\t`from_id` = '" . $id . "',\n\t\t\t\t\t`time` = '" . time() . "';");
}
echo '<div class="rmenu">' . $lng_mail['add_contact'] . '</div>';
} else {
echo "";
require_once '../incfiles/end.php';
exit;
}
$req = mysql_query("SELECT `name` FROM `lib` WHERE `type` = 'bk' AND `id` = '" . $id . "' LIMIT 1");
if (mysql_num_rows($req) != 1) {
// если статья не существует, останавливаем скрипт
echo '<p>ERROR<br/><a href="../index.php">Back</a></p>';
require_once '../incfiles/end.php';
exit;
}
// Проверка на флуд
$flood = functions::antiflood();
if ($flood) {
require_once '../incfiles/head.php';
echo functions::display_error($lng['error_flood'] . ' ' . $flood . ' ' . $lng['sec'], '<a href="?act=komm&id=' . $id . '">' . $lng['back'] . '</a>');
require_once '../incfiles/end.php';
exit;
}
if (isset($_POST['submit'])) {
if ($_POST['msg'] == "") {
echo $lng['error_empty_message'] . "<br/><a href='index.php?act=komm&id=" . $id . "'>" . $lng['back'] . "</a><br/>";
require_once '../incfiles/end.php';
exit;
}
$msg = functions::check($_POST['msg']);
if ($_POST['msgtrans'] == 1) {
$msg = functions::trans($msg);
}
$msg = mb_substr($msg, 0, 500);
$agn = strtok($agn, ' ');
*/
defined('_IN_JOHNCMS') or die('Error: restricted access');
$error = false;
if ($id) {
/*
-----------------------------------------------------------------
Скачивание прикрепленного файла Форума
-----------------------------------------------------------------
*/
$req = mysql_query("SELECT * FROM `cms_forum_files` WHERE `id` = '{$id}'");
if (mysql_num_rows($req)) {
$res = mysql_fetch_array($req);
if (file_exists('../files/forum/attach/' . $res['filename'])) {
$dlcount = $res['dlcount'] + 1;
mysql_query("UPDATE `cms_forum_files` SET `dlcount` = '{$dlcount}' WHERE `id` = '{$id}'");
header('location: ../files/forum/attach/' . $res['filename']);
} else {
$error = true;
}
} else {
$error = true;
}
if ($error) {
require '../incfiles/head.php';
echo functions::display_error($lng['error_file_not_exist'], '<a href="index.php">' . $lng['to_forum'] . '</a>');
require '../incfiles/end.php';
exit;
}
} else {
header('location: index.php');
}
}
$req = mysql_query("SELECT * FROM `lib` WHERE `id` = '" . $id . "'");
$ms = mysql_fetch_array($req);
if (isset($_POST['submit'])) {
switch ($ms['type']) {
case "bk":
////////////////////////////////////////////////////////////
// Сохраняем отредактированную статью //
////////////////////////////////////////////////////////////
if (empty($_POST['name'])) {
echo functions::display_error($lng['error_empty_title'], '<a href="index.php?act=edit&id=' . $id . '">' . $lng['repeat'] . '</a>');
require_once '../incfiles/end.php';
exit;
}
if (empty($_POST['text'])) {
echo functions::display_error($lng['error_empty_text'], '<a href="index.php?act=edit&id=' . $id . '">' . $lng['repeat'] . '</a>');
require_once '../incfiles/end.php';
exit;
}
$text = trim($_POST['text']);
$autor = isset($_POST['autor']) ? functions::check($_POST['autor']) : '';
$count = isset($_POST['count']) ? abs(intval($_POST['count'])) : '0';
if (!empty($_POST['anons'])) {
$anons = mb_substr(trim($_POST['anons']), 0, 100);
} else {
$anons = mb_substr($text, 0, 100);
}
mysql_query("UPDATE `lib` SET\n `name` = '" . mysql_real_escape_string(mb_substr(trim($_POST['name']), 0, 100)) . "',\n `announce` = '" . mysql_real_escape_string($anons) . "',\n `text` = '" . mysql_real_escape_string($text) . "',\n `avtor` = '{$autor}',\n `count` = '{$count}'\n WHERE `id` = '{$id}'\n ");
header('location: index.php?id=' . $id);
break;
case "cat":
*/
if (!$user_id) {
require '../incfiles/head.php';
echo functions::display_error($lng['access_guest_forbidden']);
require '../incfiles/end.php';
exit;
}
/*
-----------------------------------------------------------------
Получаем данные пользователя
-----------------------------------------------------------------
*/
$user = functions::get_user($user);
if (!$user) {
require '../incfiles/head.php';
echo functions::display_error($lng['user_does_not_exist']);
require '../incfiles/end.php';
exit;
}
/*
-----------------------------------------------------------------
Функция голосований за фотографии
-----------------------------------------------------------------
*/
function vote_photo($arg = null)
{
global $lng, $datauser, $user_id, $ban;
if ($arg) {
$rating = $arg['vote_plus'] - $arg['vote_minus'];
if ($rating > 0) {
$color = 'C0FFC0';
////////////////////////////////////////////////////////////////////////////////
// JohnCMS core team: //
// Евгений Рябинин aka john77 john77@gazenwagen.com //
// Олег Касьянов aka AlkatraZ alkatraz@gazenwagen.com //
// //
// Информацию о версиях смотрите в прилагаемом файле version.txt //
////////////////////////////////////////////////////////////////////////////////
*/
defined('_IN_JOHNCMS') or die('Error: restricted access');
require_once '../incfiles/head.php';
echo '<div class="phdr"><a href="index.php"><b>' . $lng['downloads'] . '</b></a> | ' . $lng['search'] . '</div>';
if (!empty($_GET['srh'])) {
$srh = functions::check($_GET['srh']);
} else {
if ($_POST['srh'] == "") {
echo functions::display_error($lng_dl['search_string_empty'], '<a href="index.php">' . $lng['back'] . '</a>');
require_once '../incfiles/end.php';
exit;
}
$srh = functions::check($_POST['srh']);
}
if (!empty($_GET['srh'])) {
$srh = functions::check($_GET['srh']);
}
$psk = mysql_query("select * from `download` where type='file' ;");
if (empty($_GET['start'])) {
$start = 0;
} else {
$start = $_GET['start'];
}
while ($array = mysql_fetch_array($psk)) {
$us = mysql_query("SELECT `id`, `name` FROM `users` WHERE `id` = '{$res1['user_id']}'");
if (mysql_num_rows($us)) {
$rowuse = mysql_fetch_assoc($us);
$name_use = $user_id ? '<a href="../users/profile.php?id=' . $rowuse['id'] . '">' . $rowuse['name'] . '</a>' : $rowuse['name'];
} else {
$name_use = $lng['guest'];
}
//
mysql_query("UPDATE `animes` SET `count` = (`count`+1) WHERE `id` = '{$id}'");
echo '<div class="gmenu">
Ditulis oleh: ' . $name_use . '<br />
Dilihat: ' . $res1['count'] . ' kali <br />
Pada: ' . date('d.m.o / H:i', $res1['time'] + $sdvigclock * 3600) . '<br />
' . ($res1['time'] > time() ? '<div class="func">Waktu tersisa untuk diperlihatkan: ' . timer($res1['time'] - time()) . '</div>' : '') . '
<a href="index.php?act=comments&id=' . $id . '">' . $lng['comments'] . '</a> (' . mysql_result(mysql_query("SELECT COUNT(*) FROM `animes_comments` WHERE `refid`='{$id}'"), 0) . ')
</div>
' . ($rights >= 7 ? '<div class="menu"><div class="func">
<a href="manage.php?act=newsedit&id=' . $id . '">' . $lng['edit'] . '</a><br />
<a href="manage.php?act=delnews&id=' . $id . '">' . $lng['delete'] . '</a><br />
</div></div>' : '') . '
<div class="bmenu">Kategori: <a href="index.php?id=' . $res1['catid'] . '">' . htmlentities($res1['catname'], ENT_QUOTES, 'UTF-8') . '</a></div>';
} else {
$textl = 'Blogs';
require_once '../incfiles/head.php';
echo functions::display_error('Blogs tidak ada');
}
} else {
$textl = 'Blogs';
require_once '../incfiles/head.php';
echo functions::display_error('Blogs tidak dipilih');
}
if (!$mesto) {
$total = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_ads` WHERE `mesto` = '" . $mesto . "' AND `type` = '" . $type . "'"), 0);
if ($total != 0) {
$error[] = $lng['links_place_occupied'];
}
}
if ($color) {
if (preg_match("/[^\\da-fA-F_]+/", $color)) {
$error[] = $lng['error_wrong_symbols'];
}
if (strlen($color) < 6) {
$error[] = $lng['error_color'];
}
}
if ($error) {
echo functions::display_error($error, '<a href="index.php?act=ads&from=addlink">' . $lng['back'] . '</a>');
require '../incfiles/end.php';
exit;
}
if ($id) {
// Обновляем ссылку после редактирования
mysql_query("UPDATE `cms_ads` SET\n `type` = '{$type}',\n `view` = '{$view}',\n `link` = '{$link}',\n `name` = '{$name}',\n `color` = '{$color}',\n `count_link` = '{$count}',\n `day` = '{$day}',\n `layout` = '{$layout}',\n `bold` = '{$bold}',\n `show` = '{$show}',\n `italic` = '{$italic}',\n `underline` = '{$underline}'\n WHERE `id` = '{$id}'\n ");
} else {
// Добавляем новую ссылку
$req = mysql_query("SELECT `mesto` FROM `cms_ads` ORDER BY `mesto` DESC LIMIT 1");
if (mysql_num_rows($req) > 0) {
$res = mysql_fetch_array($req);
$mesto = $res['mesto'] + 1;
} else {
$mesto = 1;
}
* @author http://johncms.com/about
*/
defined('_IN_JOHNCMS') or die('Error: restricted access');
if ($user_id && !$ban['1'] && !$ban['10'] && ($set['mod_down_comm'] || $rights < 7)) {
if ($_GET['id'] == "") {
require_once "../incfiles/head.php";
echo "Не выбран файл<br/><a href='?'>К категориям</a><br/>";
require_once '../incfiles/end.php';
exit;
}
if (isset($_POST['submit'])) {
// Проверка на флуд
$flood = functions::antiflood();
if ($flood) {
require_once '../incfiles/head.php';
echo functions::display_error('Вы не можете так часто добавлять сообщения<br />Пожалуйста, подождите ' . $flood . ' сек.', '<a href="index.php?act=komm&id=' . $id . '">Назад</a>');
require_once '../incfiles/end.php';
exit;
}
if ($_POST['msg'] == "") {
require_once "../incfiles/head.php";
echo "Вы не ввели сообщение!<br/><a href='?act=komm&id=" . $id . "'>К комментариям</a><br/>";
require_once '../incfiles/end.php';
exit;
}
$msg = functions::check($_POST['msg']);
if ($_POST[msgtrans] == 1) {
$msg = functions::trans($msg);
}
$msg = mb_substr($msg, 0, 500);
$agn = strtok($agn, ' ');
$subtext = '';
}
$text = ' <span class="gray">(' . functions::display_date($row['mtime']) . ')</span>';
$arg = array('header' => $text, 'body' => $post, 'sub' => $subtext);
echo functions::display_user($row, $arg);
echo '</div>';
++$i;
}
echo '<div class="phdr">' . $lng['total'] . ': ' . $total . '</div>';
if ($total > $kmess) {
echo '<div class="topmenu">' . functions::display_pagination('index.php?act=comments&id=' . $id . '&', $start, $total, $kmess) . '</div>';
echo '<p><form action="index.php" method="get">
<input type="hidden" name="act" value="comments"/>
<input type="hidden" name="id" value="' . $id . '"/>
<input type="text" name="page" size="2"/>
<input type="submit" value="' . $lng['to_page'] . ' >>"/></form></p>';
}
} else {
echo '<div class="rmenu">Belum ada komentar,jadilah yg pertamax !</div>';
}
}
echo '<div class="bmenu"><a href="index.php?act=view&id=' . $id . '">Kembali</a></div>';
} else {
$textl = 'Blogs';
require_once '../incfiles/head.php';
echo functions::display_error('Blogs tidak ada');
}
} else {
$textl = 'Blogs';
require_once '../incfiles/head.php';
}
if ($user['dayb'] || $user['monthb'] || $user['yearofbirth']) {
if ($user['dayb'] < 1 || $user['dayb'] > 31 || $user['monthb'] < 1 || $user['monthb'] > 12) {
$error[] = $lng_profile['error_birth'];
}
}
if ($user['icq'] && ($user['icq'] < 10000 || $user['icq'] > 999999999)) {
$error[] = $lng_profile['error_icq'];
}
if (!$error) {
mysql_query("UPDATE `users` SET\n `imname` = '" . $user['imname'] . "',\n `live` = '" . $user['live'] . "',\n `dayb` = '" . $user['dayb'] . "',\n `monthb` = '" . $user['monthb'] . "',\n `yearofbirth` = '" . $user['yearofbirth'] . "',\n `about` = '" . $user['about'] . "',\n `mibile` = '" . $user['mibile'] . "',\n `mail` = '" . $user['mail'] . "',\n `mailvis` = '" . $user['mailvis'] . "',\n `icq` = '" . $user['icq'] . "',\n `skype` = '" . $user['skype'] . "',\n `jabber` = '" . $user['jabber'] . "',\n `www` = '" . $user['www'] . "'\n WHERE `id` = '" . $user['id'] . "'\n ");
if ($rights >= 7) {
mysql_query("UPDATE `users` SET\n `name` = '" . $user['name'] . "',\n `status` = '" . $user['status'] . "',\n `karma_off` = '" . $user['karma_off'] . "',\n `sex` = '" . $user['sex'] . "',\n `rights` = '" . $user['rights'] . "'\n WHERE `id` = '" . $user['id'] . "'\n ");
}
echo '<div class="gmenu">' . $lng_profile['data_saved'] . '</div>';
} else {
echo functions::display_error($error);
}
header('Location: profile.php?act=edit&user='******'id']);
exit;
}
/*
-----------------------------------------------------------------
Форма редактирования анкеты пользователя
-----------------------------------------------------------------
*/
echo '<form action="profile.php?act=edit&user='******'id'] . '" method="post">' . '<div class="gmenu"><p>' . $lng['login_name'] . ': <b>' . $user['name_lat'] . '</b><br />';
if ($rights >= 7) {
echo $lng['nick'] . ': (' . $lng_profile['nick_lenght'] . ')<br /><input type="text" value="' . $user['name'] . '" name="name" /><br />' . $lng['status'] . ': (' . $lng_profile['status_lenght'] . ')<br /><input type="text" value="' . $user['status'] . '" name="status" /><br />';
} else {
echo '<span class="gray">' . $lng['nick'] . ':</span> <b>' . $user['name'] . '</b><br />' . '<span class="gray">' . $lng['status'] . ':</span> ' . $user['status'] . '<br />';
}
$qt = functions::checkout($qt, 0, 2);
if (!empty($_POST['msg']) && !isset($_POST['submit'])) {
echo '<div class="list1">' . functions::display_user($datauser, array('iphide' => 1, 'header' => '<span class="gray">(' . functions::display_date(time()) . ')</span>', 'body' => $msg_pre)) . '</div>';
}
echo '<form name="form" action="index.php?act=say&id=' . $id . '&start=' . $start . (isset($_GET['cyt']) ? '&cyt' : '') . '" method="post"><div class="gmenu">';
if (isset($_GET['cyt'])) {
// Форма с цитатой
echo '<p><b>' . $type1['from'] . '</b> <span class="gray">(' . $vr . ')</span></p>' . '<p><h3>' . $lng_forum['cytate'] . '</h3>' . '<textarea rows="' . $set_user['field_h'] . '" name="citata">' . (empty($_POST['citata']) ? $qt : functions::checkout($_POST['citata'])) . '</textarea>' . '<br /><small>' . $lng_forum['cytate_help'] . '</small></p>';
} else {
// Форма с репликой
echo '<p><h3>' . $lng_forum['reference'] . '</h3>' . '<input type="radio" value="0" ' . (!$txt ? 'checked="checked"' : '') . ' name="txt" /> <b>' . $type1['from'] . '</b>,<br />' . '<input type="radio" value="2" ' . ($txt == 2 ? 'checked="checked"' : '') . ' name="txt" /> <b>' . $type1['from'] . '</b>, ' . $lng_forum['reply_1'] . ',<br />' . '<input type="radio" value="3" ' . ($txt == 3 ? 'checked="checked"' : '') . ' name="txt" /> <b>' . $type1['from'] . '</b>, ' . $lng_forum['reply_2'] . ' (<a href="index.php?act=post&id=' . $type1['id'] . '">' . $vr . '</a>) ' . $lng_forum['reply_3'] . ',<br />' . '<input type="radio" value="4" ' . ($txt == 4 ? 'checked="checked"' : '') . ' name="txt" /> <b>' . $type1['from'] . '</b>, ' . $lng_forum['reply_4'] . '</p>';
}
echo '<p><h3>' . $lng_forum['post'] . '</h3>';
if (!$is_mobile) {
echo '</p><p>' . bbcode::auto_bb('form', 'msg');
}
echo '<textarea rows="' . $set_user['field_h'] . '" name="msg">' . (empty($_POST['msg']) ? '' : functions::checkout($_POST['msg'])) . '</textarea></p>' . '<p><input type="checkbox" name="addfiles" value="1" ' . (isset($_POST['addfiles']) ? 'checked="checked" ' : '') . '/> ' . $lng_forum['add_file'];
if ($set_user['translit']) {
echo '<br /><input type="checkbox" name="msgtrans" value="1" ' . (isset($_POST['msgtrans']) ? 'checked="checked" ' : '') . '/> ' . $lng['translit'];
}
$token = mt_rand(1000, 100000);
$_SESSION['token'] = $token;
echo '</p><p><input type="submit" name="submit" value="' . $lng['sent'] . '" style="width: 107px; cursor: pointer;"/> ' . ($set_forum['preview'] ? '<input type="submit" value="' . $lng['preview'] . '" style="width: 107px; cursor: pointer;"/>' : '') . '<input type="hidden" name="token" value="' . $token . '"/>' . '</p></div></form>';
}
echo '<div class="phdr"><a href="../pages/faq.php?act=trans">' . $lng['translit'] . '</a> | ' . '<a href="../pages/faq.php?act=smileys">' . $lng['smileys'] . '</a></div>' . '<p><a href="index.php?id=' . $type1['refid'] . '&start=' . $start . '">' . $lng['back'] . '</a></p>';
break;
default:
require '../incfiles/head.php';
echo functions::display_error($lng_forum['error_topic_deleted'], '<a href="index.php">' . $lng['to_forum'] . '</a>');
require '../incfiles/end.php';
}
-----------------------------------------------------------------
Очищаем историю нарушений юзера
-----------------------------------------------------------------
*/
if ($rights == 9) {
echo '<div class="phdr"><b>' . $lng_ban['infringements_history'] . '</b></div>' . '<div class="gmenu"><p>' . functions::display_user($user) . '</p></div>';
if (isset($_POST['submit'])) {
mysql_query("DELETE FROM `cms_ban_users` WHERE `user_id` = '" . $user['id'] . "'");
echo '<div class="gmenu"><h3>' . $lng_ban['history_cleared'] . '</h3></div>';
} else {
echo '<form action="profile.php?act=ban&mod=delhist&user='******'id'] . '" method="post">' . '<div class="menu"><p>' . $lng_ban['clear_confirmation'] . '</p>' . '<p><input type="submit" value="' . $lng['clear'] . '" name="submit" />' . '</p></div></form>';
}
$total = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_ban_users` WHERE `user_id` = '" . $user['id'] . "'"), 0);
echo '<div class="phdr">' . $lng['total'] . ': ' . $total . '</div>' . '<p>' . ($total ? '<a href="profile.php?act=ban&user='******'id'] . '">' . $lng_ban['infringements_history'] . '</a><br />' : '') . '<a href="../' . $set['admp'] . '/index.php?act=ban_panel">' . $lng_ban['ban_panel'] . '</a></p>';
} else {
echo functions::display_error($lng_ban['error_rights_clear']);
}
break;
default:
/*
-----------------------------------------------------------------
История нарушений
-----------------------------------------------------------------
*/
echo '<div class="phdr"><a href="profile.php?user='******'id'] . '"><b>' . $lng['profile'] . '</b></a> | ' . $lng_ban['infringements_history'] . '</div>';
// Меню
$menu = array();
if ($rights >= 6) {
$menu[] = '<a href="../' . $set['admp'] . '/index.php?act=ban_panel">' . $lng_ban['ban_panel'] . '</a>';
}
if ($rights == 9) {
$handle->image_y = 120;
}
}
$handle->image_convert = 'jpg';
$handle->process('../files/images/');
if ($handle->processed) {
echo '<div class="phdr"><a href="upload_img.php">Kembali</a> | <b>Upload Gambar</b></div>' . '<div class="gmenu">Gambar diupload! Sekarang Anda dapat menyisipkannya ke pesan apapun di situs</div>' . '<div class="menu">BBcode: <input type="text" value="[img=' . $name_file . ']" /></div>' . '<div class="phdr"><a href="upload_img.php">Kembali</a></div>';
} else {
echo functions::display_error($handle->error, '<a href="upload_img.php">Kembali</a>');
}
} else {
echo functions::display_error($handle->error, '<a href="upload_img.php">Kembali</a>');
}
$handle->clean();
} else {
echo functions::display_error('Tidak ada file yang dipilih', '<a href="upload_img.php">Kembali</a>');
}
} else {
echo '<div class="phdr"> <a href="faq.php?act=tags">ВВcode</a> | <b>Upload Gambar</b></div>' . '<form enctype="multipart/form-data" method="post" action="upload_img.php?img"><div class="list1">' . 'Pilih gambar:<br /><input type="file" name="imagefile" value="" />' . '<input type="hidden" name="MAX_FILE_SIZE" value="' . 1024 * $upload_file_size . '" />' . '<br />' . '<p><input type="submit" name="submit" value="Upload" /></p></div></form>' . '<div class="list2"><small>Type file yang diperbolehkan adalah JPG, JPEG, PNG, dan GIF<br />' . 'Ukuran file tidak boleh melebihi ' . $upload_file_size . 'kb.</small></div>' . '<div class="phdr"><b>Gambar</b></div>';
$array = glob($rootpath . 'files/images/*preview.jpg');
$total = count($array);
$end = $start + $kmess;
if ($end > $total) {
$end = $total;
}
if ($start >= $total) {
$start = 0;
$end = $total > $kmess ? $kmess : $total;
}
if ($total > 0) {
for ($i = $start; $i < $end; $i++) {
if ($res['text'] == $msg) {
header("location: index.php");
exit;
}
}
if (!$error) {
// Вставляем сообщение в базу
mysql_query("INSERT INTO `guest` SET\n `adm` = '{$admset}',\n `time` = '" . time() . "',\n `user_id` = '" . ($user_id ? $user_id : 0) . "',\n `name` = '{$from}',\n `text` = '" . mysql_real_escape_string($msg) . "',\n `ip` = '" . core::$ip . "',\n `browser` = '" . mysql_real_escape_string($agn) . "',\n `otvet` = ''\n ");
// Фиксируем время последнего поста (антиспам)
if ($user_id) {
$postguest = $datauser['postguest'] + 1;
mysql_query("UPDATE `users` SET `postguest` = '{$postguest}', `lastpost` = '" . time() . "' WHERE `id` = '{$user_id}'");
}
header('location: index.php');
} else {
echo functions::display_error($error, '<a href="index.php">' . $lng['back'] . '</a>');
}
break;
case 'otvet':
/*
-----------------------------------------------------------------
Добавление "ответа Админа"
-----------------------------------------------------------------
*/
if ($rights >= 6 && $id) {
if (isset($_POST['submit']) && isset($_POST['token']) && isset($_SESSION['token']) && $_POST['token'] == $_SESSION['token']) {
$reply = isset($_POST['otv']) ? functions::checkin(mb_substr(trim($_POST['otv']), 0, 5000)) : '';
mysql_query("UPDATE `guest` SET\n `admin` = '{$login}',\n `otvet` = '" . mysql_real_escape_string($reply) . "',\n `otime` = '" . time() . "'\n WHERE `id` = '{$id}'\n ");
header("location: index.php");
} else {
echo '<div class="phdr"><a href="index.php"><b>' . $lng['guestbook'] . '</b></a> | ' . $lng['reply'] . '</div>';
break;
case 'avatars':
/*
-----------------------------------------------------------------
Каталог пользовательских Аватаров
-----------------------------------------------------------------
*/
if ($id && is_dir($rootpath . 'images/avatars/' . $id)) {
$avatar = isset($_GET['avatar']) ? intval($_GET['avatar']) : false;
if ($user_id && $avatar && is_file('../images/avatars/' . $id . '/' . $avatar . '.png')) {
if (isset($_POST['submit'])) {
// Устанавливаем пользовательский Аватар
if (@copy('../images/avatars/' . $id . '/' . $avatar . '.png', '../files/users/avatar/' . $user_id . '.png')) {
echo '<div class="gmenu"><p>' . $lng['avatar_applied'] . '<br />' . '<a href="../users/profile.php?act=edit">' . $lng['continue'] . '</a></p></div>';
} else {
echo functions::display_error($lng['error_avatar_select'], '<a href="' . $_SESSION['ref'] . '">' . $lng['back'] . '</a>');
}
} else {
echo '<div class="phdr"><a href="faq.php?act=avatars"><b>' . $lng['avatars'] . '</b></a> | ' . $lng_faq['set_to_profile'] . '</div>' . '<div class="rmenu"><p>' . $lng_faq['avatar_change_warning'] . '</p>' . '<p><img src="../images/avatars/' . $id . '/' . $avatar . '.png" alt="" /></p>' . '<p><form action="faq.php?act=avatars&id=' . $id . '&avatar=' . $avatar . '" method="post"><input type="submit" name="submit" value="' . $lng['save'] . '"/></form></p>' . '</div>' . '<div class="phdr"><a href="faq.php?act=avatars&id=' . $id . '">' . $lng['cancel'] . '</a></div>';
}
} else {
// Показываем список Аватаров
echo '<div class="phdr"><a href="faq.php?act=avatars"><b>' . $lng['avatars'] . '</b></a> | ' . htmlentities(file_get_contents($rootpath . 'images/avatars/' . $id . '/name.dat'), ENT_QUOTES, 'utf-8') . '</div>';
$array = glob($rootpath . 'images/avatars/' . $id . '/*.png');
$total = count($array);
$end = $start + $kmess;
if ($end > $total) {
$end = $total;
}
if ($total > 0) {
for ($i = $start; $i < $end; $i++) {
$fpst = $datauser['postforum'] + 1;
mysql_query("UPDATE `users` SET\n `postforum` = '{$fpst}',\n `lastpost` = '" . time() . "'\n WHERE `id` = '{$user_id}'\n ");
// Ставим метку о прочтении
mysql_query("INSERT INTO `cms_forum_rdm` SET\n `topic_id`='{$rid}',\n `user_id`='{$user_id}',\n `time`='" . time() . "'\n ");
if ($buzz_prefix > 0) {
mysql_query("UPDATE `forum` SET\n\t\t`tiento` = '{$buzz_prefix}'\n\t\tWHERE `id` = '{$rid}'");
}
if ($_POST['addfiles'] == 1) {
header("Location: index.php?id={$postid}&act=addfile");
} else {
header("Location: index.php?id={$rid}");
}
} else {
// Выводим сообщение об ошибке
require '../incfiles/head.php';
echo functions::display_error($error, '<a href="index.php?act=nt&id=' . $id . '">' . $lng['repeat'] . '</a>');
require '../incfiles/end.php';
exit;
}
} else {
$res_r = mysql_fetch_assoc($req_r);
$req_c = mysql_query("SELECT * FROM `forum` WHERE `id` = '" . $res_r['refid'] . "'");
$res_c = mysql_fetch_assoc($req_c);
require '../incfiles/head.php';
if ($datauser['postforum'] == 0) {
if (!isset($_GET['yes'])) {
$lng_faq = core::load_lng('faq');
echo '<p>' . $lng_faq['forum_rules_text'] . '</p>';
echo '<p><a href="index.php?act=nt&id=' . $id . '&yes">' . $lng_forum['agree'] . '</a> | <a href="index.php?id=' . $id . '">' . $lng_forum['not_agree'] . '</a></p>';
require '../incfiles/end.php';
exit;
mysql_query("INSERT INTO `cms_contact` SET\n\t\t\t\t\t`user_id` = '" . $user_id . "',\n\t\t\t\t\t`from_id` = '" . $id . "',\n\t\t\t\t\t`time` = '" . time() . "',\n\t\t\t\t\t`ban`='1';");
} else {
mysql_query("UPDATE `cms_contact` SET `ban`='1', `friends`='0' WHERE `user_id`='{$user_id}' AND `from_id`='{$id}';");
mysql_query("UPDATE `cms_contact` SET `friends`='0' WHERE `user_id`='{$id}' AND `from_id`='{$user_id}';");
}
echo '<div class="rmenu">' . $lng_mail['user_block'] . '</div>';
}
} else {
echo '<div class="rmenu"><form action="index.php?act=ignor&id=' . $id . '&add" method="post">
<p>' . $lng_mail['really_block_contact'] . '</p>
<p><input type="submit" name="submit" value="' . $lng_mail['block'] . '"/></p>
</form></div>';
echo '<div class="phdr"><a href="' . (isset($_SERVER['HTTP_REFERER']) ? htmlspecialchars($_SERVER['HTTP_REFERER']) : 'index.php') . '">' . $lng['back'] . '</a></div>';
}
} else {
echo functions::display_error($lng_mail['no_contact_is_chose']);
}
} else {
echo '<div class="topmenu"><a href="index.php">' . $lng_mail['my_contacts'] . '</a> | <b>' . $lng_mail['blocklist'] . '</b></div>';
//Отображаем список заблокированных контактов
$total = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_contact` WHERE `user_id` = '" . $user_id . "' AND `ban`='1'"), 0);
if ($total) {
if ($total > $kmess) {
echo '<div class="topmenu">' . functions::display_pagination('index.php?act=ignor&', $start, $total, $kmess) . '</div>';
}
$req = mysql_query("SELECT `users`.* FROM `cms_contact`\n\t\t LEFT JOIN `users` ON `cms_contact`.`from_id`=`users`.`id`\n\t\t WHERE `cms_contact`.`user_id`='" . $user_id . "'\n\t\t AND `ban`='1'\n\t\t ORDER BY `cms_contact`.`time` DESC\n\t\t LIMIT {$start}, {$kmess}");
for ($i = 0; ($row = mysql_fetch_assoc($req)) !== FALSE; ++$i) {
echo $i % 2 ? '<div class="list1">' : '<div class="list2">';
$subtext = '<a href="index.php?act=write&id=' . $row['id'] . '">' . $lng_mail['correspondence'] . '</a> | <a href="index.php?act=deluser&id=' . $row['id'] . '">' . $lng['delete'] . '</a> | <a href="index.php?act=ignor&id=' . $row['id'] . '&del">' . $lng_mail['enabled'] . '</a>';
$count_message = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_mail` WHERE ((`user_id`='{$row['id']}' AND `from_id`='{$user_id}') OR (`user_id`='{$user_id}' AND `from_id`='{$row['id']}')) AND `delete`!='{$user_id}' AND `sys`!='1' AND `spam`!='1';"), 0);
$new_count_message = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_mail` WHERE `cms_mail`.`user_id`='{$user_id}' AND `cms_mail`.`from_id`='{$row['id']}' AND `read`='0' AND `delete`!='{$user_id}' AND `sys`!='1' AND `spam`!='1';"), 0);
$handle->allowed = array('image/jpeg', 'image/jpg', 'image/gif', 'image/png');
$handle->file_max_size = 1024 * $set['flsz'];
$handle->file_overwrite = true;
$handle->image_resize = true;
$handle->image_x = 32;
$handle->image_y = 32;
$handle->image_convert = 'jpg';
$handle->process('../files/blogs/');
if ($handle->processed) {
@chmod('../files/blogs/anime_icon_' . $id . '.jpg', 0666);
}
}
$handle->clean();
Header('Location: ../blogs/index.php?act=view&id=' . $id);
} else {
echo functions::display_error($error, '<a href="manage.php?act=news">Ulangi</a>');
}
} else {
echo '<form action="manage.php?act=newsedit&id=' . $id . '" method="post" enctype="multipart/form-data">
<div class="gmenu"><p>
<b>Judul Blogs:</b><br />
<input type="text" name="name" value="' . htmlentities($row['name'], ENT_QUOTES, 'UTF-8') . '" /><br />
<small>Min. 2, max. 150 karakter</small><br />
<b>Blogs text:</b><br />
<textarea name="text" cols="24" rows="4">' . htmlentities($row['text'], ENT_QUOTES, 'UTF-8') . '</textarea><br />
<small>Min. 2, max. 5000 character</small><br />
<b>Pilih Kategori:</b><br />
<select name="cat">';
$req = mysql_query("SELECT * FROM `animes_cat` ORDER BY `realid` ASC");
while (($rows = mysql_fetch_assoc($req)) !== false) {
echo '<option value="' . $rows['id'] . '"' . ($rows['id'] == $row['refid'] ? ' selected="selected"' : '') . '>' . htmlentities($rows['name'], ENT_QUOTES, 'UTF-8') . '</option>';
//$handle->image_text_background_percent = 50;
//$handle->image_text_padding = 1;
$handle->process('../files/users/album/' . $user['id'] . '/');
$img_name = $handle->file_dst_name;
if ($handle->processed) {
// Обрабатываем превьюшку
$handle->file_new_name_body = 'tmb_' . time();
$handle->image_resize = true;
$handle->image_x = 80;
$handle->image_y = 80;
$handle->image_ratio_no_zoom_in = true;
$handle->image_convert = 'jpg';
$handle->process('../files/users/album/' . $user['id'] . '/');
$tmb_name = $handle->file_dst_name;
if ($handle->processed) {
$description = isset($_POST['description']) ? trim($_POST['description']) : '';
$description = mb_substr($description, 0, 500);
mysql_query("INSERT INTO `cms_album_files` SET\n `album_id` = '{$al}',\n `user_id` = '" . $user['id'] . "',\n `img_name` = '" . mysql_real_escape_string($img_name) . "',\n `tmb_name` = '" . mysql_real_escape_string($tmb_name) . "',\n `description` = '" . mysql_real_escape_string($description) . "',\n `time` = '" . time() . "',\n `access` = '" . $res_a['access'] . "'\n ");
echo '<div class="gmenu"><p>' . $lng_profile['photo_uploaded'] . '<br />' . '<a href="album.php?act=show&al=' . $al . '&user='******'id'] . '">' . $lng['continue'] . '</a></p></div>' . '<div class="phdr"><a href="profile.php?user='******'id'] . '">' . $lng['profile'] . '</a></div>';
} else {
echo functions::display_error($handle->error);
}
} else {
echo functions::display_error($handle->error);
}
$handle->clean();
}
} else {
echo '<form enctype="multipart/form-data" method="post" action="album.php?act=image_upload&al=' . $al . '&user='******'id'] . '">' . '<div class="menu"><p><h3>' . $lng_profile['select_image'] . '</h3>' . '<input type="file" name="imagefile" value="" /></p>' . '<p><h3>' . $lng['description'] . '</h3>' . '<textarea name="description" rows="' . $set_user['field_h'] . '"></textarea><br />' . '<small>' . $lng['not_mandatory_field'] . ', max. 500</small></p>' . '<input type="hidden" name="MAX_FILE_SIZE" value="' . 1024 * $set['flsz'] . '" />' . '<p><input type="submit" name="submit" value="' . $lng_profile['upload'] . '" /></p>' . '</div></form>' . '<div class="phdr"><small>' . $lng_profile['select_image_help'] . ' ' . $set['flsz'] . 'kb.<br />' . $lng_profile['select_image_help_5'] . '</small></div>' . '<p><a href="album.php?act=show&al=' . $al . '&user='******'id'] . '">' . $lng['back'] . '</a></p>';
}
}
* @copyright Copyright (C) 2008-2011 JohnCMS Community
* @license LICENSE.txt (see attached file)
* @version VERSION.txt (see attached file)
* @author http://johncms.com/about
*/
define('_IN_JOHNCMS', 1);
$headmod = 'users';
require '../incfiles/core.php';
/*
-----------------------------------------------------------------
Закрываем от неавторизованных юзеров
-----------------------------------------------------------------
*/
if (!$user_id && !$set['active']) {
require '../incfiles/head.php';
echo functions::display_error($lng['access_guest_forbidden']);
require '../incfiles/end.php';
exit;
}
/*
-----------------------------------------------------------------
Переключаем режимы работы
-----------------------------------------------------------------
*/
$array = array('admlist' => 'includes', 'birth' => 'includes', 'online' => 'includes', 'search' => 'includes', 'top' => 'includes', 'userlist' => 'includes');
$path = !empty($array[$act]) ? $array[$act] . '/' : '';
if (array_key_exists($act, $array) && file_exists($path . $act . '.php')) {
require_once $path . $act . '.php';
} else {
/*
-----------------------------------------------------------------
/**
* @package JohnCMS
* @link http://johncms.com
* @copyright Copyright (C) 2008-2011 JohnCMS Community
* @license LICENSE.txt (see attached file)
* @version VERSION.txt (see attached file)
* @author http://johncms.com/about
*/
defined('_IN_JOHNCMS') or die('Error: restricted access');
$textl = $lng['mail'];
require_once '../incfiles/head.php';
if ($id) {
$req = mysql_query("SELECT * FROM `cms_mail` WHERE (`user_id`='{$user_id}' OR `from_id`='{$user_id}') AND `id` = '{$id}' AND `file_name` != '' AND `delete`!='{$user_id}' LIMIT 1");
if (mysql_num_rows($req) == 0) {
//Выводим ошибку
echo functions::display_error($lng_mail['file_does_not_exist']);
require_once "../incfiles/end.php";
exit;
}
$res = mysql_fetch_assoc($req);
if (file_exists('../files/mail/' . $res['file_name'])) {
mysql_query("UPDATE `cms_mail` SET `count` = `count`+1 WHERE `id` = '{$id}' LIMIT 1");
Header('Location: ../files/mail/' . $res['file_name']);
exit;
} else {
echo functions::display_error($lng_mail['file_does_not_exist']);
}
} else {
echo functions::display_error($lng_mail['file_is_not_chose']);
}
////////////////////////////////////////////////////////////////////////////////
*/
defined('_IN_JOHNCMS') or die('Error: restricted access');
require_once '../incfiles/head.php';
if ($rights == 4 || $rights >= 6) {
if ($_GET['file'] == "") {
echo functions::display_error($lng_dl['file_not_selected'], '<a href="index.php">' . $lng['back'] . '</a>');
require_once '../incfiles/end.php';
exit;
}
$file = intval(trim($_GET['file']));
$file1 = mysql_query("select * from `download` where type = 'file' and id = '" . $file . "';");
$file2 = mysql_num_rows($file1);
$adrfile = mysql_fetch_array($file1);
if ($file1 == 0 || !is_file("{$adrfile['adres']}/{$adrfile['name']}")) {
echo functions::display_error($lng_dl['file_select_error'], '<a href="index.php">' . $lng['back'] . '</a>');
require_once '../incfiles/end.php';
exit;
}
if (isset($_POST['submit'])) {
$scrname = $_FILES['screens']['name'];
$scrsize = $_FILES['screens']['size'];
$scsize = GetImageSize($_FILES['screens']['tmp_name']);
$scwidth = $scsize[0];
$scheight = $scsize[1];
$ffot = strtolower($scrname);
$dopras = array("gif", "jpg", "png");
if ($scrname != "") {
$formfot = functions::format($ffot);
if (!in_array($formfot, $dopras)) {
echo $lng_dl['screenshot_upload_error'] . '<br/><a href="index.php?act=screen&file=' . $file . '">' . $lng['repeat'] . '</a><br/>';
echo '</div><div class="phdr">' . $lng['total'] . ': ' . count($scaner->bad_files) . '</div>';
} else {
echo '<div class="gmenu">' . $lng['antispy_dist_scan_good'] . '</div>';
}
echo '<p><a href="index.php?act=antispy&mod=scan">' . $lng['antispy_rescan'] . '</a></p>';
break;
case 'snapscan':
/*
-----------------------------------------------------------------
Сканируем на соответствие ранее созданному снимку
-----------------------------------------------------------------
*/
$scaner->snapscan();
echo '<div class="phdr"><a href="index.php?act=antispy"><b>' . $lng['antispy'] . '</b></a> | ' . $lng['antispy_snapshot_scan'] . '</div>';
if (count($scaner->track_files) == 0) {
echo functions::display_error($lng['antispy_no_snapshot'], '<a href="index.php?act=antispy&mod=snap">' . $lng['antispy_snapshot_create'] . '</a>');
} else {
if (count($scaner->bad_files)) {
echo '<div class="rmenu">' . $lng['antispy_snapshot_scan_bad'] . '</div>';
echo '<div class="menu">';
foreach ($scaner->bad_files as $idx => $data) {
echo $data['file_path'] . '<br />';
}
echo '</div>';
} else {
echo '<div class="gmenu">' . $lng['antispy_snapshot_scan_ok'] . '</div>';
}
echo '<div class="phdr">' . $lng['total'] . ': ' . count($scaner->bad_files) . '</div>';
}
break;
case 'snap':
