Файл: obmen/index.php
Строк: 163
<?
include_once '../sys/includes/start.php';
if (isset($_GET['showinfo']) || !isset($_GET['f']) || isset($_GET['komm']))
{
include_once '../sys/includes/compress.php';
}
include_once '../sys/includes/sess.php';
include_once '../sys/includes/home.php';
include_once '../sys/includes/settings.php';
include_once '../sys/includes/db_connect.php';
include_once '../sys/includes/ipua.php';
include_once '../sys/includes/fnc.php';
include_once '../sys/includes/obmen.php';
include_once '../sys/includes/user.php';
if (isset($_GET['d']) && esc($_GET['d'])!=NULL)
{
$l=preg_replace("#.{2,}#",NULL,esc($_GET['d']));
$l=preg_replace("#./|/.#",NULL,$l);
$l=preg_replace("#(/){1,}#","/",$l);
$l='/'.preg_replace("#(^(/){1,})|((/){1,}$)#","",$l);
}else{
$l='/';
}
if ($l=='/')
{
$dir_id['upload']=0;
$id_dir=0;
$l='/';
}
else if (mysql_result(mysql_query("SELECT COUNT(*) FROM `obmennik_dir` WHERE `dir` = '/$l' OR `dir` = '$l/' OR `dir` = '$l' LIMIT 1"),0)!=0)
{
$dir_id=mysql_fetch_assoc(mysql_query("SELECT * FROM `obmennik_dir` WHERE `dir` = '/$l' OR `dir` = '$l/' OR `dir` = '$l' LIMIT 1"));
$id_dir=$dir_id['id'];
}else{
$dir_id['upload']=0;
$id_dir=0;
$l='/';
}
if (isset($_GET['f']))
{
$f=esc(urldecode($_GET['f']));
$name=preg_replace('#.[^.]*$#', NULL, $f);
$ras=strtolower(preg_replace('#^.*.#', NULL, $f));
$ras=str_replace('jad', 'jar', $ras);
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `obmennik_files` WHERE `id_dir` = '$id_dir' AND `name`='$name' AND `ras` = '$ras' LIMIT 1"),0)!=0)
{
$file_id=mysql_fetch_assoc(mysql_query("SELECT * FROM `obmennik_files` WHERE `id_dir` = '$id_dir' AND `name`='$name' AND `ras` = '$ras' LIMIT 1"));
$ras=$file_id['ras'];
$file=H."sys/obmen/files/$file_id[id].dat";
$name=$file_id['name'];
$size=$file_id['size'];
if (!isset($_GET['showinfo']) && !isset($_GET['komm']) && is_file(H.'sys/obmen/files/'.$file_id['id'].'.dat'))
{
if ($ras=='jar' && strtolower(preg_replace('#^.*.#', NULL, $f))=='jad')
{
include_once H.'sys/includes/zip.php';
$zip=new PclZip(H.'sys/obmen/files/'.$file_id['id'].'.dat');
$content=$zip->extract(PCLZIP_OPT_BY_NAME, "META-INF/MANIFEST.MF" ,PCLZIP_OPT_EXTRACT_AS_STRING);
$jad=preg_replace("#(MIDlet-Jar-URL:( )*[^(n|r)]*)#i", NULL, $content[0]['content']);
$jad=preg_replace("#(MIDlet-Jar-Size:( )*[^(n|r)]*)(n|r)#i", NULL, $jad);
$jad=trim($jad);
$jad.="rnMIDlet-Jar-Size: ".filesize(H.'sys/obmen/files/'.$file_id['id'].'.dat')."";
$jad.="rnMIDlet-Jar-URL: /obmen$dir_id[dir]$file_id[name].$file_id[ras]";
$jad=br($jad,"rn");
header('Content-Type: text/vnd.sun.j2me.app-descriptor');
header('Content-Disposition: attachment; filename="'.$file_id['name'].'.jad";');
echo $jad;
exit;
}
@mysql_query("UPDATE `obmennik_files` SET `k_loads` = '".($file_id['k_loads']+1)."' WHERE `id` = '$file_id[id]' LIMIT 1");
include_once '../sys/includes/downloadfile.php';
DownloadFile(H.'sys/obmen/files/'.$file_id['id'].'.dat', $name.'.'.$ras, ras_to_mime($ras));
exit;
}
$set['title']='Обменник - '.$file_id['name'];
include_once '../sys/includes/header.php';
title();
auter();
if (isset($_POST['msg']) && isset($user))
{
$msg=$_POST['msg'];
if (isset($_POST['translit']) && $_POST['translit']==1)
{
$msg=translit($msg);
}
$mat=antimat($msg);
if ($mat)
{
$err='В тексте сообщения обнаружен мат: '.$mat;
}
if (strlen2($msg)>1024)
{
$err='Сообщение слишком длинное!';
}
if (strlen2($msg)<2)
{
$err='Короткое сообщение!';
}
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `obmennik_komm` WHERE `id_file` = '".$file_id['id']."' AND `id_user` = '".$user['id']."' AND `msg` = '".mysql_escape_string($msg)."' LIMIT 1"),0)!=0)
{
$err='Ваше сообщение повторяет предыдущее!';
}
if (!isset($err))
{
$ank=get_user($file_id['id_user']);
if ($ank['id']!=$user['id'])
{
if ($user['pol']==0)
{
$ppol='а';
}else{
$ppol='';
}
mysql_query("INSERT INTO `mail` (`id_user`, `id_kont`, `msg`, `time`) VALUES ('0', '".$ank['id']."', '".$user['nick']." оставил".$ppol." комментарий к [url=/obmen".$dir_id['dir']."".urlencode($file_id['name']).".".$file_id['ras']."?showinfo&page=end]Вашему файлу[/url]', '".$time."')");
}
mysql_query("INSERT INTO `obmennik_komm` (`id_file`, `id_user`, `time`, `msg`) values ('".$file_id['id']."', '".$user['id']."', '".$time."', '".my_esc($msg)."')");
mysql_query("UPDATE `user` SET `balls` = '".($user['balls']+1)."' WHERE `id` = '".$user['id']."' LIMIT 1");
msg('Сообщение успешно добавлено!');
}
}
include 'inc/file_act.php';
err();
include_once 'inc/komm_act.php';
include_once 'inc/file.php';
echo "<div class='forum_tema'>";
if ($file_id['ras']=='jar')
{
echo "<img src='/s-klub/img/download.png'> <a href='/obmen$dir_id[dir]".urlencode($file_id['name']).".jad'><b>Скачать</></a> <a href='/obmen$dir_id[dir]".urlencode($file_id['name']).".$file_id[ras]'><b>JAR</b></a> <b>(".$file_id['k_loads'].")</b><br />";
}else{
echo "<img src='/s-klub/img/download.png'> <a href='/obmen$dir_id[dir]".urlencode($file_id['name']).".$file_id[ras]'><b>Скачать</b></a> <b>(".$file_id['k_loads'].")</b><br />";
}
echo "<input type='text' value='http://$_SERVER[SERVER_NAME]/obmen$dir_id[dir]".urlencode($file_id['name']).".$file_id[ras]' /><br />";
echo "</div>";
include 'inc/file_form.php';
$_SESSION['page']=1;
include_once '../sys/includes/header.php';
include_once 'inc/komm.php';
echo "<a href='/obmen$dir_id[dir]'><div class='foot'>";
echo "<img src='/s-klub/img/left.png'> В папку";
echo "</div></a>";
include_once '../sys/includes/footer.php';
}
}
include_once 'inc/dir.php';
include_once '../sys/includes/footer.php';
?>