http://fallout.ex6.ru/forum/register.php
а еще не кажет вставляемые картинки
обращался к техподдержке хостинга, они сказали смотри на форуме. форум конечно был в дауне, короче ничего не нашел.
потом искал на форумах - никто не юзает этот движок и не знает что делать
автор движка пропал, не пишет
этот файл вроде отвечат за вывод картинок:
что там надо поправить?
Скрытая информация: Код
Код
<?php
session_start();
define("IN_FORUM",true);
require_once("headers.php");
$act=isset($_POST['act']) ? $_POST['act'] : 0;
if(!$act)
{
$act=isset($_GET['act']) ? $_GET['act'] : 0;
}
switch($act)
{
case '1':
header("Content-type: text/html; charset=windows-1251");
$unick=isset($_POST['nick']) ? $_POST['nick'] : '';
if(strlen(trim($unick))<2 || !$unick)
{
print $lang['txt113'];
exit();
}
if(strlen(trim($unick))>50)
{
print $lang['txt662'];
exit();
}
if(!preg_match($lang['nickletters2'],$unick))
{
print $lang['txt117'];
exit();
}
$res=@dbquery("select 1 from ".$pref."dxusers where nick='".$unick."'");
if(!$res)
{
errlog();
print $lang['txt75'];
exit();
}
if(@dbnumrows($res)>0)
{
@dbfreeresult($res);
print "{$lang['txt656']} <b>$unick</b> {$lang['txt658']}";
exit();
}
@dbfreeresult($res);
die("<img src='$param_ok' />");
break;
case '2':
$addr=isset($_GET['addr']) ? $_GET['addr'] : '';
if(strlen($addr)<5)
{
readfile($imgnotcorrect);
exit();
}
if(get_param('imgouter')=='0')
{
if(substr($addr,0,9)!='dxgallery')
{
readfile($imgnotcorrect);
exit();
}
}
$sz=@getimagesize($addr);
if(!$sz || !@count($sz))
{
readfile($imgnotcorrect);
exit();
}
switch($sz[2])
{
case IMAGETYPE_GIF:
$im2=@imagecreatefromgif($addr);
if(!$im2)
{
readfile($imgnotcorrect);
exit();
}
break;
case IMAGETYPE_JPEG:
$im2=@imagecreatefromjpeg($addr);
if(!$im2)
{
readfile($imgnotcorrect);
exit();
}
break;
case IMAGETYPE_PNG:
$im2=@imagecreatefrompng($addr);
if(!$im2)
{
readfile($imgnotcorrect);
exit();
}
break;
default:
@readfile($imgnotcorrect);
}
if(get_param('imgresize')=='0')
@readfile($addr);
$neww=$oldw=@imagesx($im2);
$newh=$oldh=@imagesy($im2);
if($oldw>250)
{
if($oldh>$oldw)
{
$newh=250;
$neww=floor(250*$oldw/$oldh);
}
else
{
$neww=250;
$newh=floor(250*$oldh/$oldw);
}
}
if($oldh>250)
{
if($oldw>$oldh)
{
$neww=250;
$newh=floor(250*$oldh/$oldw);
}
else
{
$newh=250;
$neww=floor(250*$oldw/$oldh);
}
}
if($neww==$oldw && $newh==$oldh)
@readfile($addr);
$enl=@imagecreatefromgif($img_enlarge);
if($newh<250) $imh=$newh+23; else $imh=273;
if(!function_exists('imagecreatetruecolor'))
{
$im=@imagecreate(251,$imh) or exit();
$tr=0;
}
else
{
$im=@imagecreatetruecolor(251,$imh) or exit();
$tr=1;
}
if(!$tr)
$background_color=@imagecolorallocate($im,0xad,0xd6,0xe6);
else
@imagefill($im,0,0,0xadd6e6);
$text_color=@imagecolorallocate($im,0,0xaa,0);
$line_color=@imagecolorallocate($im,0,0,0xff);
$siz=@filesize($addr);
if($siz)
{
if($siz<1024){$preff='Bytes';}
if($siz>=1024 && $siz<=1048576){$siz=ceil($siz/1024);$preff='KB';}
if($siz>=1048576){$siz=ceil($siz/1048576);$preff='MB';}
$siz='('.$siz.' '.$preff.')';
}
else
{
$siz='';
}
@imagestring($im,2,25,1,'Image, click to enlarge '.$siz,$text_color);
@imageline($im,0,17,250,17,$line_color);
@imageline($im,0,0,250,0,$line_color);
@imageline($im,0,0,0,$imh,$line_color);
@imageline($im,250,0,250,$imh,$line_color);
@imageline($im,0,$imh-1,250,$imh-1,$line_color);
if(!@imagecopyresized($im,$im2,1,20,0,0,$neww-1,$newh-1,$sz[0],$sz[1]))
exit();
if($enl)
@imagecopy($im,$enl,1,1,0,0,163,16);
header("Content-type: image/png");
if(!@imagepng($im))
exit();
@imagedestroy($im);
@imagedestroy($im2);
break;
case '3':
if(get_param('xcode')!='1' && !isset($_GET['f']))
exit();
if(!function_exists('imagecreatetruecolor'))
{
$im=@imagecreate(200,55) or exit();
$tr=0;
}
else
{
$im=@imagecreatetruecolor(200,55) or exit();
$tr=1;
}
if(!$tr)
$background_color=@imagecolorallocate($im,0,0xff,0xff);
else
@imagefill($im,0,0,0x00ffff);
$text_color=@imagecolorallocate($im,0,0x99,0);
$line_color=@imagecolorallocate($im,0,0,0xff);
$smbs=strtoupper(md5(mt_rand()));
$lettrs = array('1','2','3','4','5','6','7','8','9','0');
$repl=array('G','M','K','L','S','Q','N','X','Z','R');
$smbs=str_replace($lettrs,$repl,$smbs);
$mr=substr(mt_rand(),0,1);
if($mr<2)
{
$r=255;
$g=255;
$b=0;
}
elseif($mr>=2 && $mr<6)
{
$r=0;
$g=255;
$b=255;
}
else
{
$r=255;
$g=0;
$b=255;
}
for($i=0;$i<11;$i++)
{
$line_color2=@imagecolorallocate($im,abs($r-$i*10),abs($g-$i*10),abs($b-$i*10));
@imageline($im,0,$i*5,200,$i*5,$line_color2);
}
$font = 'dxthemes/font.ttf';
$font2 = 'dxthemes/arial.ttf';
if(get_param('difxcode')!='1')
{
for($i=0;$i<5;$i++)
{
$text_color=@imagecolorallocate($im,mt_rand()%155,mt_rand()%155,mt_rand()%155);
$smb=substr($smbs,$i,1);
$ang=mt_rand()%30-mt_rand()%30;
@imagettftext($im, 20, $ang, $i*40, 35, $text_color, $font, $smb);
}
$_SESSION['tempcode']=strrev(substr($smbs,0,5));
}
else
{
for($k=0;$k<3;$k++)
{
for($i=0;$i<5;$i++)
{
$text_color=@imagecolorallocate($im,mt_rand()%155,mt_rand()%155,mt_rand()%155);
$smb=substr($smbs,$i,1);
$ang=mt_rand()%30-mt_rand()%30;
@imagettftext($im, 12, $ang, $i*40+15+mt_rand()%12-mt_rand()%12, $k*16+17+mt_rand()%3-mt_rand()%3, $text_color, $font2, $smb);
}
if($k==1)
$_SESSION['tempcode']=strrev(substr($smbs,0,5));
$smbs=strtoupper(md5(mt_rand()));
$lettrs = array('1','2','3','4','5','6','7','8','9','0');
$repl=array('G','M','K','L','S','Q','N','X','Z','R');
$smbs=str_replace($lettrs,$repl,$smbs);
}
}
@imagefilter($im,IMG_FILTER_SMOOTH,3);
@imageline($im,0,0,200,0,$line_color);
@imageline($im,0,0,0,55,$line_color);
@imageline($im,199,0,199,55,$line_color);
@imageline($im,0,54,200,54,$line_color);
header("Content-type: image/png");
if(!@imagepng($im))
exit();
break;
case '10':
header("Content-type: text/html; charset=windows-1251");
$mid=isset($_POST['id']) ? $_POST['id'] : 0;
if(!preg_match("/^(\d)+$/",$mid) || !$mid)
die("alert('{$lang['txt424']}');");
$res=@dbquery("select t1.ownerid,t1.themeid,t1.forumid,t1.mlocktype,t2.allowedfor from ".$pref."dxmessages as t1, ".$pref."dxforums as t2 where t1.id=$mid and t1.forumid=t2.id");
if(!$res)
{
errlog();
print "<span class='err'>{$lang['txt75']}!</span></body></html>";
exit();
}
if(@dbnumrows($res)<1)
{
@dbfreeresult($res);
redir("<span class='err'>{$lang['txt425']} id=$mid {$lang['txt158']}!</span>");
}
$oid=dbresult($res,0,'ownerid');
$tid=dbresult($res,0,'themeid');
$fid=dbresult($res,0,'forumid');
$ml=@dbresult($res,0,'mlocktype');
$allowedfor=@dbresult($res,0,'allowedfor');
@dbfreeresult($res);
$accessgroup=isset($_SESSION['usergroup']) ? $_SESSION['usergroup'] : 'x';
$acc=0;
if(strlen($allowedfor)>0)
{
$grps=explode(' ',$allowedfor);
foreach($grps as $grp)
{
if($grp==$accessgroup)
$acc=1;
}
}
if(!$allowedfor || $allowedfor==="0" || $_SESSION['usertype']>0 || $acc==1)
{
if($oid===$_SESSION['username'] || $_SESSION['usertype']==1 || check_moder($fid,$_SESSION['id']))
{
if(($ml>0 && $_SESSION['usertype']==0) || ($ml==2 && $_SESSION['usertype']==2))
die("alert('{$lang['txt1579']}');restorm();");
$dat=isset($_POST['dat']) ? $_POST['dat'] : 0;
if(!$dat)
{
die("document.getElementById('pp'+$mid).innerHTML=\"<textarea id='txtar' style='width:100%' rows=10>\"+incl2('',$mid,1)+\"</textarea><br><input type='button' value='{$lang['txt1539']}' onclick='savred()'> <input type='button' value='{$lang['txt1540']}' onclick='restorm()'>\"");
}
else
{
$msg=isset($_POST['msg']) ? $_POST['msg'] : '';
if(strlen($msg)<1)
die("alert('{$lang['txt1541']}');restorm();");
$maxlen=get_param('maxmlength');
if(isset($msg{$maxlen+1}))
die("alert('{$lang['txt1711']} $maxlen {$lang['txt1705']}');restorm();");
$msg=formstr(trim($msg));
$uname=$_SESSION['username'];
$tm=date("d.m.Y H:i:s");
$redact="{$lang['txt433']} <b>$uname</b> $tm.";
if(!@dbquery("update ".$pref."dxmessages set redactedmessage='$redact', message='$msg' where id=$mid"))
{
errlog($lang['txt434']);
die("alert('{$lang['txt434']}!');restorm();");
}
$res=@dbquery("select insbb, inssm from ".$pref."dxmessages where id=$mid");
if(!$res || @dbnumrows($res)<1)
{
if($res) @dbfreeresult($res);
errlog($lang['txt75']);
die("alert('{$lang['txt75']}!');restorm();");
}
$insbb=@dbresult($res,0,'insbb');
$inssm=@dbresult($res,0,'inssm');
@dbfreeresult($res);
$resmsg=$msg;
if(get_param('smileson')=='1' && $inssm)
$msg=replace_smiles($msg);
if(get_param('censon')=='1') $msg=cens($msg);
if(get_param('bbon')=='1' && $insbb)
$msg=replace_bbtags($msg);
$msg=nl2br($msg);
$msg=str_replace("\n",'',$msg);
$msg=str_replace("\r",'',$msg);
$msg=str_replace('"','\\"',$msg);
$resmsg=str_replace("\n",'<br>\n',$resmsg);
$resmsg=str_replace("\r",'',$resmsg);
$resmsg=str_replace('"','\\"',$resmsg);
print <<<HERE
document.getElementById('pp'+$mid).innerHTML="$msg";
document.getElementById('d'+$mid).innerHTML="$resmsg";
if(document.getElementById('redacting'+$mid))
document.getElementById('redacting'+$mid).innerHTML="$redact";
else
document.getElementById('pp'+$mid).innerHTML+="<br><br><br><span class='redacting' id='redacting{$mid}'>$redact</span>";
curedit=0;
cmsg="";
HERE;
exit();
}
}
die("alert('{$lang['txt1542']}');restorm();");
}
die("alert('{$lang['txt1542']}');");
break;
case '7':
$txt=isset($_POST['txt']) ? trim($_POST['txt']) : '';
$tp=isset($_POST['t']) ? $_POST['t'] : 0;
header("Content-type: text/html; charset=windows-1251");
if(!$txt)
die("<img src='$param_ok' />");
if(!preg_match($lang['namesletters2'],$txt))
{
if($tp)
die($lang['txt119']);
else
die($lang['txt118']);
}
else
{
die("<img src='$param_ok' />");
}
break;
case '8':
$uday=isset($_POST['uday']) ? $_POST['uday'] : 0;
$umonth=isset($_POST['umonth']) ? $_POST['umonth'] : 0;
$uyear=isset($_POST['uyear']) ? $_POST['uyear'] : 0;
header("Content-type: text/html; charset=windows-1251");
if(!@checkdate($umonth,$uday,$uyear) || $uyear>date('Y')-5 || $uyear<1850 || !preg_match("/^(\d)+$/",$umonth) || !preg_match("/^(\d)+$/",$uday) || !preg_match("/^(\d)+$/",$uyear))
die($lang['txt123']);
die("<img src='$param_ok' />");
break;
case '9':
$txt=isset($_POST['ulive']) ? trim($_POST['ulive']) : '';
header("Content-type: text/html; charset=windows-1251");
if(!$txt)
die("<img src='$param_ok' />");
if(!preg_match($lang['addressletters2'],$txt))
die($lang['txt120']);
else
die("<img src='$param_ok' />");
break;
case '11':
$uemail=isset($_POST['uemail']) ? trim($_POST['uemail']) : '';
header("Content-type: text/html; charset=windows-1251");
if(!preg_match($lang['emailformat'],$uemail))
die($lang['txt116']);
else
die("<img src='$param_ok' />");
break;
case '99':
require_once("adminlogin.php");
if(isset($_POST['dat']) && !islogged() && $_SESSION['usertype']==1)
{
$pass=isset($_POST['pass']) ? $_POST['pass'] : '';
$pass=genpass($_SESSION['username'],$pass);
$result=@dbquery("select 1 from ".$pref."dxusers where nick='".$_SESSION['username']."' and pass='".$pass."'");
if(!$result)
errlog();
if($result && @dbnumrows($result)>0)
{
@dbfreeresult($result);
adminlogin();
}
if($result) @dbfreeresult($result);
$ref=str_replace("\n",'',str_replace("\r",'',formstr($_SERVER["HTTP_REFERER"])));
header("Location: $ref");
exit();
}
break;
case '88':
if($_SESSION['usertype']!=1)
die();
require_once("adminlogin.php");
if(!islogged())
die();
$res=@dbquery("select file,fsum from ".$pref."dxfilesums");
if(!$res)
{
errlog();
print "<span class='err'>{$lang['txt75']}!</span>";
exit();
}
$dbnr=@dbnumrows($res);
if($dbnr<1)
{
print <<<HERE
<html><head><meta http-equiv="Content-Type" content="text/html;charset=windows-1251"><title>{$lang['txt1636']}</title></head><body>
{$l['txt1637']}
</body></html>
HERE;
}
else
{
print <<<HERE
<html><head><meta http-equiv="Content-Type" content="text/html;charset=windows-1251"><title>{$lang['txt1636']}</title></head><body><table width=100%><tr><td>{$lang['txt1616']}</td><td>{$lang['txt1617']}</td></tr>
HERE;
while($row=@dbfetchrow($res))
{
print <<<HERE
<tr><td>{$row[0]}</td><td>{$row[1]}</td></tr>
HERE;
}
print '</table></body></html>';
}
@dbfreeresult($res);
break;
case '77':
if($_SESSION['usertype']!=1)
die();
require_once("adminlogin.php");
if(!islogged())
die();
phpinfo();
break;
default:
header("Content-type: text/html; charset=windows-1251");
print $lang['txt660'];
}
?>
session_start();
define("IN_FORUM",true);
require_once("headers.php");
$act=isset($_POST['act']) ? $_POST['act'] : 0;
if(!$act)
{
$act=isset($_GET['act']) ? $_GET['act'] : 0;
}
switch($act)
{
case '1':
header("Content-type: text/html; charset=windows-1251");
$unick=isset($_POST['nick']) ? $_POST['nick'] : '';
if(strlen(trim($unick))<2 || !$unick)
{
print $lang['txt113'];
exit();
}
if(strlen(trim($unick))>50)
{
print $lang['txt662'];
exit();
}
if(!preg_match($lang['nickletters2'],$unick))
{
print $lang['txt117'];
exit();
}
$res=@dbquery("select 1 from ".$pref."dxusers where nick='".$unick."'");
if(!$res)
{
errlog();
print $lang['txt75'];
exit();
}
if(@dbnumrows($res)>0)
{
@dbfreeresult($res);
print "{$lang['txt656']} <b>$unick</b> {$lang['txt658']}";
exit();
}
@dbfreeresult($res);
die("<img src='$param_ok' />");
break;
case '2':
$addr=isset($_GET['addr']) ? $_GET['addr'] : '';
if(strlen($addr)<5)
{
readfile($imgnotcorrect);
exit();
}
if(get_param('imgouter')=='0')
{
if(substr($addr,0,9)!='dxgallery')
{
readfile($imgnotcorrect);
exit();
}
}
$sz=@getimagesize($addr);
if(!$sz || !@count($sz))
{
readfile($imgnotcorrect);
exit();
}
switch($sz[2])
{
case IMAGETYPE_GIF:
$im2=@imagecreatefromgif($addr);
if(!$im2)
{
readfile($imgnotcorrect);
exit();
}
break;
case IMAGETYPE_JPEG:
$im2=@imagecreatefromjpeg($addr);
if(!$im2)
{
readfile($imgnotcorrect);
exit();
}
break;
case IMAGETYPE_PNG:
$im2=@imagecreatefrompng($addr);
if(!$im2)
{
readfile($imgnotcorrect);
exit();
}
break;
default:
@readfile($imgnotcorrect);
}
if(get_param('imgresize')=='0')
@readfile($addr);
$neww=$oldw=@imagesx($im2);
$newh=$oldh=@imagesy($im2);
if($oldw>250)
{
if($oldh>$oldw)
{
$newh=250;
$neww=floor(250*$oldw/$oldh);
}
else
{
$neww=250;
$newh=floor(250*$oldh/$oldw);
}
}
if($oldh>250)
{
if($oldw>$oldh)
{
$neww=250;
$newh=floor(250*$oldh/$oldw);
}
else
{
$newh=250;
$neww=floor(250*$oldw/$oldh);
}
}
if($neww==$oldw && $newh==$oldh)
@readfile($addr);
$enl=@imagecreatefromgif($img_enlarge);
if($newh<250) $imh=$newh+23; else $imh=273;
if(!function_exists('imagecreatetruecolor'))
{
$im=@imagecreate(251,$imh) or exit();
$tr=0;
}
else
{
$im=@imagecreatetruecolor(251,$imh) or exit();
$tr=1;
}
if(!$tr)
$background_color=@imagecolorallocate($im,0xad,0xd6,0xe6);
else
@imagefill($im,0,0,0xadd6e6);
$text_color=@imagecolorallocate($im,0,0xaa,0);
$line_color=@imagecolorallocate($im,0,0,0xff);
$siz=@filesize($addr);
if($siz)
{
if($siz<1024){$preff='Bytes';}
if($siz>=1024 && $siz<=1048576){$siz=ceil($siz/1024);$preff='KB';}
if($siz>=1048576){$siz=ceil($siz/1048576);$preff='MB';}
$siz='('.$siz.' '.$preff.')';
}
else
{
$siz='';
}
@imagestring($im,2,25,1,'Image, click to enlarge '.$siz,$text_color);
@imageline($im,0,17,250,17,$line_color);
@imageline($im,0,0,250,0,$line_color);
@imageline($im,0,0,0,$imh,$line_color);
@imageline($im,250,0,250,$imh,$line_color);
@imageline($im,0,$imh-1,250,$imh-1,$line_color);
if(!@imagecopyresized($im,$im2,1,20,0,0,$neww-1,$newh-1,$sz[0],$sz[1]))
exit();
if($enl)
@imagecopy($im,$enl,1,1,0,0,163,16);
header("Content-type: image/png");
if(!@imagepng($im))
exit();
@imagedestroy($im);
@imagedestroy($im2);
break;
case '3':
if(get_param('xcode')!='1' && !isset($_GET['f']))
exit();
if(!function_exists('imagecreatetruecolor'))
{
$im=@imagecreate(200,55) or exit();
$tr=0;
}
else
{
$im=@imagecreatetruecolor(200,55) or exit();
$tr=1;
}
if(!$tr)
$background_color=@imagecolorallocate($im,0,0xff,0xff);
else
@imagefill($im,0,0,0x00ffff);
$text_color=@imagecolorallocate($im,0,0x99,0);
$line_color=@imagecolorallocate($im,0,0,0xff);
$smbs=strtoupper(md5(mt_rand()));
$lettrs = array('1','2','3','4','5','6','7','8','9','0');
$repl=array('G','M','K','L','S','Q','N','X','Z','R');
$smbs=str_replace($lettrs,$repl,$smbs);
$mr=substr(mt_rand(),0,1);
if($mr<2)
{
$r=255;
$g=255;
$b=0;
}
elseif($mr>=2 && $mr<6)
{
$r=0;
$g=255;
$b=255;
}
else
{
$r=255;
$g=0;
$b=255;
}
for($i=0;$i<11;$i++)
{
$line_color2=@imagecolorallocate($im,abs($r-$i*10),abs($g-$i*10),abs($b-$i*10));
@imageline($im,0,$i*5,200,$i*5,$line_color2);
}
$font = 'dxthemes/font.ttf';
$font2 = 'dxthemes/arial.ttf';
if(get_param('difxcode')!='1')
{
for($i=0;$i<5;$i++)
{
$text_color=@imagecolorallocate($im,mt_rand()%155,mt_rand()%155,mt_rand()%155);
$smb=substr($smbs,$i,1);
$ang=mt_rand()%30-mt_rand()%30;
@imagettftext($im, 20, $ang, $i*40, 35, $text_color, $font, $smb);
}
$_SESSION['tempcode']=strrev(substr($smbs,0,5));
}
else
{
for($k=0;$k<3;$k++)
{
for($i=0;$i<5;$i++)
{
$text_color=@imagecolorallocate($im,mt_rand()%155,mt_rand()%155,mt_rand()%155);
$smb=substr($smbs,$i,1);
$ang=mt_rand()%30-mt_rand()%30;
@imagettftext($im, 12, $ang, $i*40+15+mt_rand()%12-mt_rand()%12, $k*16+17+mt_rand()%3-mt_rand()%3, $text_color, $font2, $smb);
}
if($k==1)
$_SESSION['tempcode']=strrev(substr($smbs,0,5));
$smbs=strtoupper(md5(mt_rand()));
$lettrs = array('1','2','3','4','5','6','7','8','9','0');
$repl=array('G','M','K','L','S','Q','N','X','Z','R');
$smbs=str_replace($lettrs,$repl,$smbs);
}
}
@imagefilter($im,IMG_FILTER_SMOOTH,3);
@imageline($im,0,0,200,0,$line_color);
@imageline($im,0,0,0,55,$line_color);
@imageline($im,199,0,199,55,$line_color);
@imageline($im,0,54,200,54,$line_color);
header("Content-type: image/png");
if(!@imagepng($im))
exit();
break;
case '10':
header("Content-type: text/html; charset=windows-1251");
$mid=isset($_POST['id']) ? $_POST['id'] : 0;
if(!preg_match("/^(\d)+$/",$mid) || !$mid)
die("alert('{$lang['txt424']}');");
$res=@dbquery("select t1.ownerid,t1.themeid,t1.forumid,t1.mlocktype,t2.allowedfor from ".$pref."dxmessages as t1, ".$pref."dxforums as t2 where t1.id=$mid and t1.forumid=t2.id");
if(!$res)
{
errlog();
print "<span class='err'>{$lang['txt75']}!</span></body></html>";
exit();
}
if(@dbnumrows($res)<1)
{
@dbfreeresult($res);
redir("<span class='err'>{$lang['txt425']} id=$mid {$lang['txt158']}!</span>");
}
$oid=dbresult($res,0,'ownerid');
$tid=dbresult($res,0,'themeid');
$fid=dbresult($res,0,'forumid');
$ml=@dbresult($res,0,'mlocktype');
$allowedfor=@dbresult($res,0,'allowedfor');
@dbfreeresult($res);
$accessgroup=isset($_SESSION['usergroup']) ? $_SESSION['usergroup'] : 'x';
$acc=0;
if(strlen($allowedfor)>0)
{
$grps=explode(' ',$allowedfor);
foreach($grps as $grp)
{
if($grp==$accessgroup)
$acc=1;
}
}
if(!$allowedfor || $allowedfor==="0" || $_SESSION['usertype']>0 || $acc==1)
{
if($oid===$_SESSION['username'] || $_SESSION['usertype']==1 || check_moder($fid,$_SESSION['id']))
{
if(($ml>0 && $_SESSION['usertype']==0) || ($ml==2 && $_SESSION['usertype']==2))
die("alert('{$lang['txt1579']}');restorm();");
$dat=isset($_POST['dat']) ? $_POST['dat'] : 0;
if(!$dat)
{
die("document.getElementById('pp'+$mid).innerHTML=\"<textarea id='txtar' style='width:100%' rows=10>\"+incl2('',$mid,1)+\"</textarea><br><input type='button' value='{$lang['txt1539']}' onclick='savred()'> <input type='button' value='{$lang['txt1540']}' onclick='restorm()'>\"");
}
else
{
$msg=isset($_POST['msg']) ? $_POST['msg'] : '';
if(strlen($msg)<1)
die("alert('{$lang['txt1541']}');restorm();");
$maxlen=get_param('maxmlength');
if(isset($msg{$maxlen+1}))
die("alert('{$lang['txt1711']} $maxlen {$lang['txt1705']}');restorm();");
$msg=formstr(trim($msg));
$uname=$_SESSION['username'];
$tm=date("d.m.Y H:i:s");
$redact="{$lang['txt433']} <b>$uname</b> $tm.";
if(!@dbquery("update ".$pref."dxmessages set redactedmessage='$redact', message='$msg' where id=$mid"))
{
errlog($lang['txt434']);
die("alert('{$lang['txt434']}!');restorm();");
}
$res=@dbquery("select insbb, inssm from ".$pref."dxmessages where id=$mid");
if(!$res || @dbnumrows($res)<1)
{
if($res) @dbfreeresult($res);
errlog($lang['txt75']);
die("alert('{$lang['txt75']}!');restorm();");
}
$insbb=@dbresult($res,0,'insbb');
$inssm=@dbresult($res,0,'inssm');
@dbfreeresult($res);
$resmsg=$msg;
if(get_param('smileson')=='1' && $inssm)
$msg=replace_smiles($msg);
if(get_param('censon')=='1') $msg=cens($msg);
if(get_param('bbon')=='1' && $insbb)
$msg=replace_bbtags($msg);
$msg=nl2br($msg);
$msg=str_replace("\n",'',$msg);
$msg=str_replace("\r",'',$msg);
$msg=str_replace('"','\\"',$msg);
$resmsg=str_replace("\n",'<br>\n',$resmsg);
$resmsg=str_replace("\r",'',$resmsg);
$resmsg=str_replace('"','\\"',$resmsg);
print <<<HERE
document.getElementById('pp'+$mid).innerHTML="$msg";
document.getElementById('d'+$mid).innerHTML="$resmsg";
if(document.getElementById('redacting'+$mid))
document.getElementById('redacting'+$mid).innerHTML="$redact";
else
document.getElementById('pp'+$mid).innerHTML+="<br><br><br><span class='redacting' id='redacting{$mid}'>$redact</span>";
curedit=0;
cmsg="";
HERE;
exit();
}
}
die("alert('{$lang['txt1542']}');restorm();");
}
die("alert('{$lang['txt1542']}');");
break;
case '7':
$txt=isset($_POST['txt']) ? trim($_POST['txt']) : '';
$tp=isset($_POST['t']) ? $_POST['t'] : 0;
header("Content-type: text/html; charset=windows-1251");
if(!$txt)
die("<img src='$param_ok' />");
if(!preg_match($lang['namesletters2'],$txt))
{
if($tp)
die($lang['txt119']);
else
die($lang['txt118']);
}
else
{
die("<img src='$param_ok' />");
}
break;
case '8':
$uday=isset($_POST['uday']) ? $_POST['uday'] : 0;
$umonth=isset($_POST['umonth']) ? $_POST['umonth'] : 0;
$uyear=isset($_POST['uyear']) ? $_POST['uyear'] : 0;
header("Content-type: text/html; charset=windows-1251");
if(!@checkdate($umonth,$uday,$uyear) || $uyear>date('Y')-5 || $uyear<1850 || !preg_match("/^(\d)+$/",$umonth) || !preg_match("/^(\d)+$/",$uday) || !preg_match("/^(\d)+$/",$uyear))
die($lang['txt123']);
die("<img src='$param_ok' />");
break;
case '9':
$txt=isset($_POST['ulive']) ? trim($_POST['ulive']) : '';
header("Content-type: text/html; charset=windows-1251");
if(!$txt)
die("<img src='$param_ok' />");
if(!preg_match($lang['addressletters2'],$txt))
die($lang['txt120']);
else
die("<img src='$param_ok' />");
break;
case '11':
$uemail=isset($_POST['uemail']) ? trim($_POST['uemail']) : '';
header("Content-type: text/html; charset=windows-1251");
if(!preg_match($lang['emailformat'],$uemail))
die($lang['txt116']);
else
die("<img src='$param_ok' />");
break;
case '99':
require_once("adminlogin.php");
if(isset($_POST['dat']) && !islogged() && $_SESSION['usertype']==1)
{
$pass=isset($_POST['pass']) ? $_POST['pass'] : '';
$pass=genpass($_SESSION['username'],$pass);
$result=@dbquery("select 1 from ".$pref."dxusers where nick='".$_SESSION['username']."' and pass='".$pass."'");
if(!$result)
errlog();
if($result && @dbnumrows($result)>0)
{
@dbfreeresult($result);
adminlogin();
}
if($result) @dbfreeresult($result);
$ref=str_replace("\n",'',str_replace("\r",'',formstr($_SERVER["HTTP_REFERER"])));
header("Location: $ref");
exit();
}
break;
case '88':
if($_SESSION['usertype']!=1)
die();
require_once("adminlogin.php");
if(!islogged())
die();
$res=@dbquery("select file,fsum from ".$pref."dxfilesums");
if(!$res)
{
errlog();
print "<span class='err'>{$lang['txt75']}!</span>";
exit();
}
$dbnr=@dbnumrows($res);
if($dbnr<1)
{
print <<<HERE
<html><head><meta http-equiv="Content-Type" content="text/html;charset=windows-1251"><title>{$lang['txt1636']}</title></head><body>
{$l['txt1637']}
</body></html>
HERE;
}
else
{
print <<<HERE
<html><head><meta http-equiv="Content-Type" content="text/html;charset=windows-1251"><title>{$lang['txt1636']}</title></head><body><table width=100%><tr><td>{$lang['txt1616']}</td><td>{$lang['txt1617']}</td></tr>
HERE;
while($row=@dbfetchrow($res))
{
print <<<HERE
<tr><td>{$row[0]}</td><td>{$row[1]}</td></tr>
HERE;
}
print '</table></body></html>';
}
@dbfreeresult($res);
break;
case '77':
if($_SESSION['usertype']!=1)
die();
require_once("adminlogin.php");
if(!islogged())
die();
phpinfo();
break;
default:
header("Content-type: text/html; charset=windows-1251");
print $lang['txt660'];
}
?>