$value) { $_POST[$key] = htmlentities($value, ENT_QUOTES, "UTF-8"); $_GET[$key] = htmlentities($value, ENT_QUOTES, "UTF-8"); } if (!empty($_GET)) { foreach($_GET as &$var) { $var = mysql_escape_string($var); }} if (!empty($_POST)) { foreach($_POST as &$var) { $var = mysql_escape_string($var); }} session_start(); $_SESSION['Operation'] = filesize( 'Operations.txt' ); /* ini_set('error_reporting', E_ALL); ini_set('display_errors', 1); ini_set('display_startup_errors', 1); */ error_reporting(0); function __autoload($class){ include_once("Core/".$class.".php");} include_once("Modules/tabgeo_country_v4.php"); $Country = tabgeo_country_v4($_SERVER['REMOTE_ADDR']); if(!isset($_SESSION['Lang'])){ if(strtolower($Country) == 'ru' OR strtolower($Country) == 'en'){ $_SESSION['Lang'] = 'ru'; } else { $_SESSION['Lang'] = 'en'; } } if(isset($_POST['Lang'])) { if($_POST['Lang']!="en" AND $_POST['Lang']!="ru"){exit("FUCK OFF!");} $_SESSION['Lang'] = $_POST['Lang']; } include_once("Languages/".$_SESSION['Lang'].".php"); function LNG($Text){ global $Lang; return str_replace(array_keys($Lang), array_values($Lang), $Text); } $Main = new Main; $Logger = new Logger(); $Logger->_log($_REQUEST); $db = Krugozor_Database_Mysql::create($Main->MySQL_Data()['Host'], $Main->MySQL_Data()['User'], $Main->MySQL_Data()['Pass'])->setDatabaseName($Main->MySQL_Data()['DataBase'])->setCharset('utf8'); function CFG($Parameter){ global $db; $Data = $db->query('SELECT `Value` FROM `Configs` WHERE `Parameter` = "?s"', $Parameter); $Result = $Data->fetch_row(); return $Result[0]; } function smile($var) { $pattern = '~:smile((?(?=\d{3,})1[0-1](?(?<=1)[0-1]|\d)|(?!0)\d+)):~'; $replacement = ''; return '
'.preg_replace($pattern, $replacement, trim($var)).'
'; } function month($Month){ $Replace = array( '01' => 'Января', '02' => 'Февраля', '03' => 'Марта', '04' => 'Апреля', '05' => 'Майя', '06' => 'Июня', '07' => 'Июля', '08' => 'Августа', '09' => 'Сентября', '10' => 'Октября', '11' => 'Ноября', '12' => 'Декабря' ); return @str_replace(array_keys($Replace), array_values($Replace), $Month); } function Stats() { global $db; $Stats = array(); $users = $db->query("SELECT `ID` FROM `Accounts`"); $Stats['Users'] = $users->getNumRows() + CFG("users"); $Deposits = $db->query("SELECT SUM(`Amount`) AS `Sum` FROM `Deposits` WHERE `Status` = '1' OR `Status` = '2'"); $Depo = $Deposits->fetch_assoc(); $Stats['Deposits'] = $Depo['Sum'] + CFG("Deposits"); $Withdrawal = $db->query("SELECT SUM(`Amount`) AS `Sum` FROM `Withdrawals` WHERE `Status` = '1' OR `Status` = '2'"); $Withdrawals = $Withdrawal->fetch_assoc(); $Stats['Withdrawals'] = $Withdrawals['Sum'] + CFG("Withdraw"); return $Stats; } $Timezone = CFG("Timezone"); ini_set('date.timezone', $Timezone); $Acc_Work = new Accounts_Work($db); $Page = new Page_Generate($db); $Main->CheckMessage(); //error_reporting(0); //error_reporting(E_ALL | E_STRICT); if ( isset($_SERVER['HTTP_CF_CONNECTING_IP']) ) { $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP']; } $_TIME = $_SERVER['REQUEST_TIME']; $_PROTOCOL = ( isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] != 'off' ) ? 'https://' : 'http://'; $_SITE = (dirname($_SERVER['SCRIPT_NAME']) == '/') ? $_PROTOCOL . $_SERVER['SERVER_NAME'] : dirname($_SERVER['SCRIPT_NAME']); $_SITE_FULL = (dirname($_SERVER['SCRIPT_NAME']) == '/') ? $_PROTOCOL . $_SERVER['SERVER_NAME'] : $_PROTOCOL . $_SERVER['SERVER_NAME'] . dirname($_SERVER['SCRIPT_NAME']); $_REQUEST_URI = parse_url( preg_replace('/(\/+)/','/', $_SERVER['REQUEST_URI']) ); $SERVER = $_PROTOCOL . $_SERVER['SERVER_NAME']; define('PROTOCOL', $_PROTOCOL); define('SITE', $_SITE); define('SITE_FULL', $_SITE_FULL); define('ROOT', dirname(__DIR__) ); define('REQUEST_URI', trim( str_replace(SITE, null, $_REQUEST_URI['path']), '/') ); if( REQUEST_URI == 'exit' AND isset( $_SESSION['Login'] ) ){ session_destroy(); $_SESSION['Operation'] = filesize( 'Operations.txt' ); Header("Location: /"); } ///////////////////////////////// if( isset ( $_GET[CFG("RefLink")] ) ){ $Query = $db->query('SELECT `Login`, `ID` FROM `Accounts` WHERE `'.CFG("RefLinkType").'` = "?s"', $_GET[CFG("RefLink")]); if( $Query->getNumRows() == 1 ){ $Row = $Query->fetch_assoc(); $_SESSION['Ref'] = $Row['ID']; $db->query('UPDATE `Accounts` SET `RefViews` = `RefViews` + "1" WHERE `ID` = "?i"', $Row['ID']); } } ///////////////////////////////// if( REQUEST_URI == 'news' AND isset($_POST['Textcomment'])){ $MyLogin = $_SESSION['Login']; $Now = time(); if(isset($_SESSION['Login'])){ if(!empty($_POST["Textcomment"])){ if($Now > ($_SESSION['coment']+10)){ $Data = array( 'Login' => $MyLogin, 'Text' => $_POST["Textcomment"], 'Date' => $Now, 'Post' => $_GET['id'] ); $SQL = $db->query('INSERT INTO `Newscom` SET ?A["?s", "?s", "?i", "?i"]', $Data); $_SESSION['coment'] = $Now; Main::Message(array('success', 'Комментарий успешно добавлен!')); }else Main::Message(array('error', 'Комментарий можно отправлять раз в 10 секунд!')); }else Main::Message(array('error', 'Заполните поле комментария!')); }else Main::Message(array('error', 'Для добавления комментария необходимо авторизоваться!')); } ///ОТЗЫВЫ//// if( REQUEST_URI == 'reviews' AND isset($_POST['Text'])){ $MyLogin = $_SESSION['Login']; $Now = time(); if(isset($_SESSION['Login'])){ if(!empty($_POST["Text"])){ if($db->query('SELECT * FROM `Reviews` WHERE `Login` = "?s" AND `Status` = 0', $MyLogin)->getNumRows() == 0){ /* if( isset( $_FILES["Screen"] ) ){ if($_FILES["Screen"]["size"] < 3145728){ if(is_uploaded_file($_FILES["Screen"]["tmp_name"])){ $Screen = rand(1, 999999999999999999999999999999999); move_uploaded_file($_FILES["Screen"]["tmp_name"], 'Assets/screens/'.$Screen.'.png'); } } } else $Screen = 0; */ $Data = array( 'Login' => $MyLogin, 'Text' => $_POST["Text"], 'Date' => $Now, 'Status' => 0, 'Screen' => $Screen ); $SQL = $db->query('INSERT INTO `Reviews` SET ?A["?s", "?s", "?i", "?i", "?i"]', $Data); Main::Message(array('success', '[reviewssuccess]')); }else Main::Message(array('error', '[reviewserror]')); }else Main::Message(array('error', '[reviewstext]')); }else Main::Message(array('error', '[reviewslogin]')); } ///ОТЗЫВЫ//// ///НОВОСТЬ КОМЕНТЫ//// if( REQUEST_URI == 'news' AND isset($_POST['Textcoment'])){ $MyLogin = $_SESSION['Login']; $Now = time(); if(isset($_SESSION['Login'])){ if(!empty($_POST["Textcoment"])){ if($Now>($_SESSION['coment']+10)){ $Data = array( 'Login' => $MyLogin, 'Text' => $_POST["Textcoment"], 'Date' => $Now, 'Post' => $_GET['id'] ); $SQL = $db->query('INSERT INTO `Newscom` SET ?A["?s", "?s", "?i", "?i"]', $Data); $_SESSION['coment'] = $Now; Main::Message(array('success', '[comentsuccess]')); }else Main::Message(array('error', '[coment10sec]')); }else Main::Message(array('error', '[reviewstext]')); }else Main::Message(array('error', '[reviewslogin]')); } ///НОВОСТЬ КОМЕНТЫ//// if( isset( $_POST['Login'] ) AND REQUEST_URI == '' ){ $Acc_Work->SignUP($_POST['Login'], $_POST['Pass'], $_POST['Email'], $_POST['Captcha'], 1); } /* if( isset( $_POST['DeleteAvatar'], $_SESSION['Login'] ) AND REQUEST_URI == 'settings' ){$db->query('UPDATE `Accounts` SET `Avatar` = "0" WHERE `Login` = "?s"', $_SESSION['Login']); unlink('Assets/users/'.$_SESSION['Login'].'.png'); Main::Message(array('success', '[picture delete]')); }if( isset( $_POST['SaveAvatar'], $_SESSION['Login'] ) AND REQUEST_URI == 'settings' ){ if($_FILES["filename"]["size"] < 3145728){ if(is_uploaded_file($_FILES["filename"]["tmp_name"])){ unlink('Assets/users/'.$_SESSION['Login'].'.png'); move_uploaded_file($_FILES["filename"]["tmp_name"], 'Assets/users/'.$_SESSION['Login'].'.png'); $db->query('UPDATE `Accounts` SET `Avatar` = "1" WHERE `Login` = "?s"', $_SESSION['Login']); } else Main::Message(array('error', '[error]')); } else Main::Message(array('error', '[big picture]'));} */ if(isset($_POST['LogIN'])){ $Acc_Work->LogIN($_POST['Login'], $_POST['Pass']); } if( isset($_SESSION['Login']) ){ $Data = $Acc_Work->GetInfo($_SESSION['Login']); } if(isset($_POST['Restore']) AND REQUEST_URI == 'restore' ){ $Acc_Work->Restore($_POST['Login']); } if( REQUEST_URI == 'contacts' AND isset($_POST['Send'])){ $TimeSend = time() - $_SESSION['TimeSend']; if( !isset( $_SESSION['TimeSend'] ) OR $TimeSend >= 3600 ){ if( !empty( $_POST['name'] ) AND !empty( $_POST['email'] ) AND !empty( $_POST['message'] ) ){ $to = 'support@companyname.com'; $headers = "MIME-Version: 1.0\r\n"; $headers .= "Content-type: text/html; charset=utf-8\r\n"; $headers .= "To: ".$to."\r\n"; $headers .= "From: companyname.com "; $subject = 'Кто-то воспользовался контактной формой'; $message = 'Здравствуйте! Кто-то воспользовался контактной формой:
Имя: '.htmlentities($_POST['name'], ENT_HTML5).'
E-mail: '.htmlentities($_POST['email'], ENT_HTML5).'
Сообщение: '.htmlentities($_POST['message'], ENT_HTML5).'
'; mail($to, $subject, $message, $headers); $_SESSION['TimeSend'] = time(); Main::Message(array('success', 'Сообщение отправлено!')); } else Main::Message(array('error', 'Необходимо заполнить все поля!')); } else Main::Message(array('error', 'Сообщения можно отправлять раз в час!')); } ob_start(); if(in_array(REQUEST_URI, array('cabinet', 'deposits', 'deposit', 'affilate', 'history', 'withdrawal', 'tickets', 'settings', 'mail')) AND isset( $_SESSION['Login'] )){ include("Include/Navbar.php"); } else { include("Include/Head.php"); } $_PAGE = ob_get_contents(); ob_end_clean(); echo LNG($_PAGE); ?>