'._PM_INBOX.' ('.$res2.' '._PM_UNREADED.')
'; echo ''._PM_COMPOSE.''; CloseTable(); OpenTable(); echo ""; if (sql_num_rows($result)>0) { while(list($id,$from,$to,$subject,$message,$readed) = sql_fetch_row($result)) { if (!$readed) { $bold1=""; $bold2=""; } else { $bold1=""; $bold2=""; } echo ""; } } else echo ""; echo "

"._PM_FROM."	"._PM_SUBJECT."
".$bold1.$from.$bold2."	".$bold1.$subject.$bold2."	"._PM_DELETE."
"._PM_NOMESSAGES."

"; CloseTable(); $resstor = sql_fetch_row(sql_query("select count(*) from ".$prefix."_pms where pms_to='".adsl($uname)."'", $dbi)); $numpages = ceil($resstor['0'] / 20); if ($numpages > 1) { OpenTable(); echo ''; if ($pagenum > 1) { $prevpage = $pagenum - 1 ; echo '<<<'; } echo "[ " ; for ($i = 1; $i < $numpages + 1; $i++) { if ($i == $pagenum) { echo "$i"; } if ($i < $numpages) { echo ""; } else { echo " ]"; } } if ($pagenum < $numpages) { $nextpage = $pagenum + 1 ; echo '>>>'; } echo ''; CloseTable(); } include_once("footer.php"); } else { Header("Location: /index.php"); } } function ViewMessage() { global $prefix, $dbi; if (is_user()) { $user = base64_decode($_COOKIE['user']); $user = explode(":", $user); $uname = $user['0']; if (isset($_GET['id'])) { $result=sql_query("select * from ".$prefix."_pms where pms_id='".intval($_GET['id'])."' AND pms_to='".adsl($uname)."'",$dbi); if(sql_num_rows($result)==1) { $message=sql_fetch_array($result); sql_query("update ".$prefix."_pms set pms_readed='1' where pms_id='".intval($_GET['id'])."' AND pms_to='".adsl($uname)."'",$dbi); include_once("header.php"); OpenTable(); echo ''; echo ''; echo ''; echo ''; echo '

'._PM_FROM.'	'.$message['pms_from'].'
'._PM_SUBJECT.'	'.$message['pms_subject'].'
'.nl2br($message['pms_message']).'

'; CloseTable(); OpenTable(); echo ''._PM_QUICKREPLY.''; echo '

'; echo ''; echo ''; echo ''; echo ''; echo '

'._PM_SUBJECT.'
'._PM_MESSAGE.'

'; CloseTable(); include_once("footer.php"); } else { include_once("header.php"); OpenTable(); echo ""._PM_NOTEXIST.""; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ""._PM_NOID.""; CloseTable(); include_once("footer.php"); } } else { Header("Location: /index.php"); } } function SendMessage() { global $prefix, $dbi,$config; if (is_user()) { $user = base64_decode($_COOKIE['user']); $user = explode(":", $user); $uname = $user['0']; if(isset($_POST['to']) and isset($_POST['subject']) and isset($_POST['message']) and $_POST['message']!="" and $_POST['to']!="" and $_POST['subject']!="") { $to=htmlspecialchars($_POST['to'],ENT_QUOTES); $subject=htmlentities($_POST['subject'],ENT_QUOTES,'cp1251'); $message=htmlentities($_POST['message'],ENT_QUOTES,'cp1251'); $result=sql_query("select user_email, user_mail_notify from ".$prefix."_users where username='".adsl($to)."'",$dbi); $result2=sql_query("select admins_email, admins_mail_notify from ".$prefix."_admins where admins_login='".adsl($to)."'",$dbi); if (sql_num_rows($result)==1 OR sql_num_rows($result2)==1) { $result3 = sql_query("INSERT INTO ".$prefix."_pms (pms_id, pms_from, pms_to, pms_subject, pms_message, pms_readed) VALUES (NULL, '$uname', '$to', '$subject', '$message', '0')",$dbi); if(!$result3) { include_once("header.php"); OpenTable(); echo ""._PM_ERROR."
"; CloseTable(); include_once("footer.php"); } else { if (sql_num_rows($result)==1) { list($mail, $notify)=sql_fetch_row($result); if ($notify) { $subject = _NEWPM.' - '.$config['site_name']; $from = $config['admin_mail']; $link = $config['site_url']."modules.php?name=Users&op=Inbox"; $message = _NEWPM2.$uname."\n"._NEWPM3."\n".$link; $mailheaders = "Content-Type: text/html; charset="._CHARSET."\n"; $mailheaders .= "From: ".$from."\n"; $mailheaders .= "X-Mailer: D2c-Nuke\n"; $mailheaders .= "Reply-To: $from\n\n"; mail($mail, $subject, $message, $mailheaders); } } if (sql_num_rows($result2)==1) { list($mail, $notify)=sql_fetch_row($result2); if ($notify) { $subject = _NEWPM.' - '.$config['site_name']; $from = $config['admin_mail']; $link = $config['site_url']."admin.php?mod=Pms&op=Inbox"; $message = _NEWPM2.$uname."\n"._NEWPM3."\n".$link; $mailheaders = "Content-Type: text/html; charset="._CHARSET."\n"; $mailheaders .= "From: ".$from."\n"; $mailheaders .= "X-Mailer: D2c-Nuke\n"; $mailheaders .= "Reply-To: $from\n\n"; mail($mail, $subject, $message, $mailheaders); } } include_once("header.php"); OpenTable(); echo ""._PM_SENDED."
"; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ""._PM_NOUSER.""; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ""._PM_NOINFO.""; CloseTable(); include_once("footer.php"); } } else { Header("Location: /index.php"); } } function ComposeMessage() { if (is_user()) { $user = base64_decode($_COOKIE['user']); $user = explode(":", $user); $uname = $user['0']; if (isset($_GET['to'])) { $to=$_GET['to']; } else { $to=""; } include_once("header.php"); OpenTable(); echo ''._PM_NEWMESSAGE.''; echo '

'; echo ''; echo ''; echo ''; echo ''; echo ''; echo '

'._PM_TO.'
'._PM_SUBJECT.'
'._PM_MESSAGE.'

'; CloseTable(); include_once("footer.php"); } else { Header("Location: /index.php"); } } function DeleteMessage() { global $prefix, $dbi; if (is_user()) { $user = base64_decode($_COOKIE['user']); $user = explode(":", $user); $uname = $user['0']; if (isset($_GET['id'])) { $result=sql_query("delete from ".$prefix."_pms where pms_id='".intval($_GET['id'])."' and pms_to='".adsl($uname)."'",$dbi); if(!$result) { include_once("header.php"); OpenTable(); echo ""._PM_ERROR.""; CloseTable(); include_once("footer.php"); } else { include_once("header.php"); OpenTable(); echo ""._PM_DELETED."
"._PM_INBOX.""; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo "_NOID"; CloseTable(); include_once("footer.php"); } } else { Header("Location: /index.php"); } } /// //PM's end /// function Forgot() { include_once("header.php"); OpenTable(); ?> $urow['user_email']) { include_once("header.php"); OpenTable(); echo ""._WRONGEMAIL.""; CloseTable(); include_once("footer.php"); die(); } else { $subject = _PASSRESTORE2.$config['site_name']; $from = $config['admin_mail']; $link = $config['site_url']."modules.php?name=Users&op=Restore&username=$username&check_num=".$urow['user_password']; $message = _TOCHANGE."\n".$link; $mailheaders = "Content-Type: text/html; charset="._CHARSET."\n"; $mailheaders .= "From: ".$from."\n"; $mailheaders .= "X-Mailer: D2c-Nuke\n"; $mailheaders .= "Reply-To: $from\n\n"; mail($user_email, $subject, $message, $mailheaders); include_once("header.php"); OpenTable(); echo ""._SENDED.""; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ""._WRONGUSER.""; CloseTable(); include_once("footer.php"); } } else { Header("Location: /index.php"); } } function Restore($username,$check_num) { global $dbi,$prefix; if (isset($username) && isset($check_num)) { $result=sql_query("select * from ".$prefix."_users where username='".adsl($username)."'", $dbi); $userexist = sql_num_rows($result); if ($userexist == 1) { $urow = sql_fetch_array($result); if($check_num<>$urow['user_password']) { include_once("header.php"); OpenTable(); echo ""._WRONGCODE.""; CloseTable(); include_once("footer.php"); die(); } else { include_once("header.php"); OpenTable(); ?>

"._WRONGUSER.""; CloseTable(); include_once("footer.php"); } } else { Header("Location: /index.php"); } } function SavePass() { global $dbi,$prefix; $id=$_POST['id']; $oldpass=$_POST['oldpass']; $newpass=$_POST['newpass']; if (isset($id) && isset($oldpass) && isset($newpass)) { $result=sql_query("select * from ".$prefix."_users where username='".adsl($id)."'", $dbi); $userexist = sql_num_rows($result); if ($userexist == 1) { $urow = sql_fetch_array($result); if($oldpass<>$urow['user_password']) { include_once("header.php"); OpenTable(); echo ""._WRONGCODE.""; CloseTable(); include_once("footer.php"); die(); } else { $newpass=md5($newpass); sql_query("UPDATE ".$prefix."_users SET user_password='$newpass' WHERE username='$id'",$dbi); $user = base64_encode("$id:$newpass"); setcookie("user","$user",time()+2592000); include_once("header.php"); OpenTable(); echo ""._CHANGED.""; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ""._WRONGUSER.""; CloseTable(); include_once("footer.php"); } } else { Header("Location: /index.php"); } } function SaveProfile($id) { global $dbi,$prefix; $avatarname = $_FILES['newavatar']['name']; $avatartemp = $_FILES['newavatar']['tmp_name']; $avatarsize = $_FILES['newavatar']['size']; $fotoname = $_FILES['newfoto']['name']; $fototemp = $_FILES['newfoto']['tmp_name']; $fotosize = $_FILES['newfoto']['size']; $uemail = $_POST['uemail']; $uweb = $_POST['uweb']; $uicq = $_POST['uicq']; $delavatar = $_POST['delavatar']; $delfoto = $_POST['delfoto']; $ufrom=$_POST['ufrom']; $uabout=$_POST['uabout']; $showemail = $_POST['showemail']; $oldpass = $_POST['oldpass']; $newpass = $_POST['newpass']; $notify = intval($_POST['notify']); if ((!$uemail) || ($uemail=="") || (!is_email($uemail))) { return ""._ERRORINVEMAIL."
"._NOTSAVED.""; break; } if (sql_num_rows(sql_query("SELECT user_email FROM ".$prefix."_users WHERE user_email='".adsl($uemail)."' and username!='".adsl($id)."'",$dbi)) > 0) { return ""._EMAILREGISTERED."
"._NOTSAVED.""; break; } if (sql_num_rows(sql_query("SELECT admins_email FROM ".$prefix."_admins WHERE admins_email='".adsl($uemail)."'", $dbi))> 0) { return ""._EMAILREGISTERED."
"._NOTSAVED.""; break; } if (ereg("[^0-9]",$uicq) OR ((strlen($uicq)<5) and ($uicq!=""))) { return ""._INVALIDICQ."
"._NOTSAVED.""; break; } if (!eregi("^(http:\/\/)?([a-z0-9-]+)(\.[a-z0-9-]+)*(\.[a-z]{2,4})$",$uweb) and ($uweb!="")) { return ""._INVALIDWEB."
"._NOTSAVED.""; break; } $uweb=htmlspecialchars($uweb,ENT_QUOTES); if (!eregi("http://", $uweb) AND $uweb!="") { $uweb = "http://$uweb"; } $ufrom=htmlentities($ufrom,ENT_QUOTES,'cp1251'); $uabout=htmlentities($uabout,ENT_QUOTES,'cp1251'); if (isset($newpass) && $newpass!="") { $oldpass=md5($oldpass); $result=sql_query("select user_password from ".$prefix."_users where username='".adsl($id)."'", $dbi); $userexist = sql_num_rows($result); if ($userexist > 0) { $urow = sql_fetch_array($result); if ($urow['user_password'] == $oldpass) { $newpass=md5($newpass); sql_query("UPDATE ".$prefix."_users SET user_password='$newpass' WHERE username='$id'",$dbi); $user = base64_encode("$id:$newpass"); setcookie("user","$user",time()+2592000); } else { return ""._INVALIDOLDPASS."
"._NOTSAVED.""; break; } } } if (isset($avatarname) && $avatarname!="") { $allowed_extensions = array("gif", "jpg", "png", "jpeg"); $type = end(explode(".",$avatarname)); // Проверяем картинку или фигню какую-то пытается закачать юзер if(!in_array($type,$allowed_extensions) or !in_array(strtolower($type),$allowed_extensions)) { return ""._INVALIDAVATARTYPE."
"._NOTSAVED.""; break; } if($avatarsize > 220000) { return ""._INVALIDAVATARSIZE."
"._NOTSAVED.""; break; } if (file_exists("avatars/".$id."_avatar.jpg")) { $oldavatar="avatars/".$id."_avatar.jpg"; } else if (file_exists("avatars/".$id."_avatar.gif")) { $oldavatar="avatars/".$id."_avatar.gif"; } else if (file_exists("avatars/".$id."_avatar.png")) { $oldavatar="avatars/".$id."_avatar.png"; } @unlink("./$oldavatar"); if (!copy ("$avatartemp","./avatars/".$id."_avatar.".$type)) { return "Couldn't copy image!
"._NOTSAVED.""; break; } if ($type!="gif") @img_resize("./avatars/".$id."_avatar.".$type,"./avatars/".$id."_avatar.".$type); } else if($delavatar=="1") { if (file_exists("avatars/".$id."_avatar.jpg")) { $oldavatar="avatars/".$id."_avatar.jpg"; } else if (file_exists("avatars/".$id."_avatar.gif")) { $oldavatar="avatars/".$id."_avatar.gif"; } else if (file_exists("avatars/".$id."_avatar.png")) { $oldavatar="avatars/".$id."_avatar.png"; } @unlink("./$oldavatar"); } if (isset($fotoname) && $fotoname!="") { $allowed_extensions = array("jpg", "png", "jpeg"); $type = end(explode(".",$fotoname)); // Проверяем картинку или фигню какую-то пытается закачать юзер if(!in_array($type,$allowed_extensions) or !in_array(strtolower($type),$allowed_extensions)) { return ""._INVALIDFOTOTYPE."
"._NOTSAVED.""; break; } if($fotosize > 220000) { return ""._INVALIDFOTOSIZE."
"._NOTSAVED.""; break; } $result = sql_query("select user_avatar from ".$prefix."_users where username='".adsl($id)."'", $dbi); $urow = sql_fetch_array($result); $oldavatar=$urow['user_avatar']; if ($oldavatar!="") { @unlink("./avatars/$id.$oldavatar"); } if (!copy ("$fototemp","./avatars/$id.$type")) { return "Couldn't copy image!
"._NOTSAVED.""; break; } @img_resize("./avatars/$id.$type","./avatars/$id.$type",200,300); sql_query("UPDATE ".$prefix."_users SET user_email='".adsl($uemail)."', user_website='".adsl($uweb)."', user_icq='".adsl($uicq)."', user_from='".adsl($ufrom)."', user_interests='".adsl($uabout)."', user_avatar='$type', user_viewemail='$showemail', user_mail_notify='$notify' WHERE username='$id'",$dbi); } else if($delfoto=="1") { $result = sql_query("select * from ".$prefix."_users where username='".adsl($id)."'", $dbi); $urow = sql_fetch_array($result); $oldavatar=$urow['user_avatar']; @unlink("./avatars/$id.$oldavatar"); $type=""; sql_query("UPDATE ".$prefix."_users SET user_email='".adsl($uemail)."', user_website='".adsl($uweb)."', user_icq='".adsl($uicq)."', user_from='".adsl($ufrom)."', user_interests='".adsl($uabout)."', user_avatar='$type', user_viewemail='$showemail', user_mail_notify='$notify' WHERE username='$id'",$dbi); } else { sql_query("UPDATE ".$prefix."_users SET user_email='".adsl($uemail)."', user_website='".adsl($uweb)."', user_icq='".adsl($uicq)."', user_from='".adsl($ufrom)."', user_interests='".adsl($uabout)."', user_viewemail='$showemail', user_mail_notify='$notify' WHERE username='$id'",$dbi); } return ""._SAVED.""; } function userCheck($username, $user_email) { global $stop, $prefix, $dbi; if ((!$user_email) || ($user_email=="") || (!is_email($user_email))) $stop = ""._ERRORINVEMAIL."
"; if (strrpos($user_email,' ') > 0) $stop = ""._ERROREMAILSPACES.""; if ((!$username) || ($username=="") || (ereg("[^a-zA-Z0-9_-]",$username))) $stop = ""._ERRORINVNICK."
"; if (strlen($username) > 25) $stop = ""._NICK2LONG.""; if (eregi("^((root)|(adm)|(linux)|(webmaster)|(admin)|(god)|(administrator)|(administrador)|(nobody)|(anonymous)|(anonimo)|(anуnimo)|(operator)|(guest))$",$username)) $stop = ""._NAMERESERVED.""; if (strrpos($username,' ') > 0) $stop = ""._NICKNOSPACES.""; if (sql_num_rows(sql_query("SELECT username FROM ".$prefix."_users WHERE username='$username'",$dbi)) > 0) $stop = ""._NICKTAKEN."
"; if (sql_num_rows(sql_query("SELECT username FROM ".$prefix."_users_temp WHERE username='$username'",$dbi)) > 0) $stop = ""._NICKTAKEN."
"; if (sql_num_rows(sql_query("SELECT user_email FROM ".$prefix."_users WHERE user_email='$user_email'",$dbi)) > 0) $stop = ""._EMAILREGISTERED."
"; if (sql_num_rows(sql_query("SELECT user_email FROM ".$prefix."_users_temp WHERE user_email='$user_email'",$dbi)) > 0) $stop = ""._EMAILREGISTERED."
"; if (sql_num_rows(sql_query("SELECT admins_login FROM ".$prefix."_admins WHERE admins_login='".adsl($username)."' OR admins_login='".adsl(totranslit($username))."'", $dbi))> 0) $stop = ""._NICKTAKEN."
"; if (sql_num_rows(sql_query("SELECT admins_email FROM ".$prefix."_admins WHERE admins_email='".adsl($user_email)."'", $dbi))> 0) $stop = ""._EMAILREGISTERED."
"; if (sql_num_rows(sql_query("SELECT * FROM ".$prefix."_users WHERE (user_email='".adsl($user_email)."' OR username='".adsl($username)."') AND banned='1'", $dbi))> 0) $stop = ""._USERBANNED."
"; // if (sql_num_rows(sql_query("SELECT username FROM ".$prefix."_users_banned WHERE username='".adsl($username)."'", $dbi))> 0) $stop = ""._USERBANNED."
"; return($stop); } function Register(){ global $config; session_start(); include_once("header.php"); OpenTable(); /* Форма для регистрации */ ?>

<?php echo $config['disclaimer']; ?> Я согласен с правилами Ищу работу Ищу сотрудника Кадровое агентсво Обновить

1) { include_once("header.php"); OpenTable(); echo "Вы должны подтвердить прочтение правил сайта!
"; CloseTable(); include_once("footer.php"); die(); } session_start(); if(isset($_SESSION['captcha_keystring']) && $_SESSION['captcha_keystring'] == $_POST['keystring']){ unset($_SESSION['captcha_keystring']); }else{ include_once("header.php"); OpenTable(); echo "Неверный код с картинки!"; CloseTable(); include_once("footer.php"); unset($_SESSION['captcha_keystring']); die(); } if (isset($username) && isset($user_email) && isset($user_password)) { //include_once("config.php"); userCheck($username, $user_email); $user_regdate = date("M d, Y"); if (!isset($stop)) { mt_srand ((double)microtime()*1000000); $maxran = 1000000; $check_num = mt_rand(0, $maxran); $check_num = md5($check_num); $time = time(); $finishlink = $config['site_url']."modules.php?name=Users&op=ConfirmReg&username=".$username."&check_num=$check_num"; $new_password = md5($user_password); $username = htmlspecialchars($username); $user_email = htmlspecialchars($user_email); $result = sql_query("INSERT INTO ".$prefix."_users_temp (user_id, username, user_email, user_password, user_regdate, check_num, time) VALUES (NULL, '$username', '$user_email', '$new_password', '$user_regdate', '$check_num', '$time')",$dbi); if(!$result) { include_once("header.php"); OpenTable(); echo ""._ERROR."
"; CloseTable(); include_once("footer.php"); } else { $message = ""._WELCOMETO.$config['site_name']."!\n\n"._YOUUSEDEMAIL." ($user_email) "._TOREGISTER.$config['site_name']."\n\n "._TOFINISHUSER."\n\n $finishlink\n\n "._FOLLOWINGMEM."\n\n"._UNICKNAME." $username\n"._UPASSWORD." $user_password"; $subject = ""._ACTIVATIONSUB.""; $from = $config['admin_mail']; $mailheaders = "Content-Type: text/html; charset="._CHARSET."\n"; $mailheaders .= "From: ".$from."\n"; $mailheaders .= "X-Mailer: D2c-Nuke\n"; $mailheaders .= "Reply-To: $from\n\n"; if ($config['check_reg_mail']==1) { mail($user_email, $subject, $message, $mailheaders); } else { Header("Location: ".$finishlink.""); die(); } include_once("header.php"); OpenTable(); //echo "Debug: $finishlink
"; echo ""._ACCOUNTCREATED."

"; echo ""._YOUAREREGISTERED."" ."

" .""._FINISHUSERCONF."

" .""._THANKSUSER.$config['site_name']."!"; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo "$stop"; CloseTable(); include_once("footer.php"); } } else { Header("Location: /index.php"); } } function Confirm() { global $dbi, $prefix; $past = time()-86400; sql_query("DELETE FROM ".$prefix."_users_temp WHERE time < $past",$dbi); if (isset($_GET['username'])) { $username=adsl($_GET['username']); } else $username=""; if (isset($_GET['check_num'])) { $check_num=adsl($_GET['check_num']); } else $check_num=""; $sql = "SELECT * FROM ".$prefix."_users_temp WHERE username='$username' AND check_num='$check_num'"; $result = sql_query($sql,$dbi); if (sql_num_rows($result) == 1) { $row = sql_fetch_array($result); if ($check_num == $row['check_num']) { sql_query("INSERT INTO ".$prefix."_users (user_id, username, user_email, user_password, user_avatar, user_regdate,banned,user_mail_notify) VALUES (NULL, '$row[username]', '$row[user_email]', '$row[user_password]', '', '$row[user_regdate]','0','0')",$dbi); sql_query("DELETE FROM ".$prefix."_users_temp WHERE username='$username' AND check_num='$check_num'",$dbi); include_once("header.php"); OpenTable(); echo "$row[username]: "._ACTMSG.""; CloseTable(); include_once("footer.php"); die(); } else { include_once("header.php"); OpenTable(); echo ""._ACTERROR1.""; CloseTable(); include_once("footer.php"); die(); } } else { include_once("header.php"); OpenTable(); echo ""._ACTERROR2.""; CloseTable(); include_once("footer.php"); die(); } } function Profile($id) { global $dbi, $prefix; $id=$_GET['id']; $result=sql_query("select * from ".$prefix."_admins where admins_login='".adsl($id)."' or admins_login='".adsl(utf2win($id))."'", $dbi); if (sql_num_rows($result)==1) { $urow = sql_fetch_array($result); if ($urow['admins_avatar']!="") { $avatar="/avatars/".totranslit($urow['admins_login']).".".$urow['admins_avatar']; } else { $avatar="/images/nofoto.jpg"; } $about=nl2br($urow['admins_about']); $email=""; include_once("header.php"); OpenTable(); echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo "

"._ADMIN."
	"._NICK; echo "	".$urow['admins_login']."
	"._COMMENTS; echo "	".$urow['admins_comments_count']."
	"._SELFDATA."
	"._EMAIL; echo "	"._SENDMESSAGE."
	"._ICQ; $icq=""; if ($urow['admins_icq']) {$icq="".$urow['admins_icq'];} echo "	".$icq."
	"._FROM; echo "	".$urow['admins_from']."
	"._ABOUT; echo "	".$about."

"; CloseTable(); include_once("footer.php"); die(); } $result=sql_query("select * from ".$prefix."_users where username='".adsl($id)."'", $dbi); $userexist = sql_num_rows($result); if ($userexist == 1) { $urow = sql_fetch_array($result); if ($urow['user_avatar']!="") { $avatar="/avatars/".$urow['username'].".".$urow['user_avatar']; } else { $avatar="/images/nofoto.jpg"; } if ($urow['user_viewemail']){ $email=$urow['user_email'];} else{$email="HIDDEN";} $about=nl2br($urow['user_interests']); include_once("header.php"); OpenTable(); echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo "

"._USER."
	"._NICK; echo "	".$urow['username']."
	"._REGDATE; echo "	".$urow['user_regdate']."
	"._COMMENTS; echo "	".$urow['comments']."
	"._SELFDATA."
	"._EMAIL; echo "	".$email."
	"._SITE; echo "	".$urow['user_website']."
	"._ICQ; $icq=""; if ($urow['user_icq']) {$icq="".$urow['user_icq'];} echo "	".$icq."
	"._FROM; echo "	".$urow['user_from']."
	"._ABOUT; echo "	".$about."

"; CloseTable(); include_once("footer.php"); } else { include_once("header.php"); OpenTable(); echo ""._USERNOTEXIST.""; CloseTable(); include_once("footer.php"); } } function MyProfile() { global $prefix, $dbi,$do; if (isset($_COOKIE['user']) AND trim($_COOKIE['user']) != "") { $user = base64_decode($_COOKIE['user']); $user = explode(":", $user); if ($user['0'] != "" AND isset($user ['1']) AND $user ['1'] != "") { $result = sql_query("select * from ".$prefix."_users where username='".adsl($user['0'])."'", $dbi); if (sql_num_rows($result) > 0 ) { $urow = sql_fetch_array($result); $pass = $urow['user_password']; if($pass == $user['1'] && $pass != "") { include_once("header.php"); if (isset($_POST['do']) && $_POST['do']=="save" && isset($_POST['uemail']) && isset($_POST['uweb']) && isset($_POST['uicq']) && isset($_POST['ufrom']) && isset($_POST['uabout']) ) { OpenTable(); echo SaveProfile($user['0']); CloseTable(); $result = sql_query("select * from ".$prefix."_users where username='".adsl($user['0'])."'", $dbi); $urow = sql_fetch_array($result); } if ($urow['user_avatar']!="") { $foto="/avatars/".$urow['username'].".".$urow['user_avatar']; } else { $foto="/images/nofoto.jpg"; } if (file_exists("avatars/".$urow['username']."_avatar.jpg")) { $avatar="/avatars/".$urow['username']."_avatar.jpg"; } else if (file_exists("avatars/".$urow['username']."_avatar.gif")) { $avatar="/avatars/".$urow['username']."_avatar.gif"; } else if (file_exists("avatars/".$urow['username']."_avatar.png")) { $avatar="/avatars/".$urow['username']."_avatar.png"; } else { $avatar="/images/noavatar.jpg"; } if($urow['user_viewemail']==1) { $show="checked"; $show2=""; } else { $show2="checked"; $show=""; } if($urow['user_mail_notify']==1) { $show3="checked"; $show4=""; } else { $show4="checked"; $show3=""; } OpenTable(); echo "

"; echo "Мое резюме"; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo "

Аватар:"; echo "	Фото:
"._SELFDATA."
"._NICK; echo "	".$urow['username']."
"._REGDATE; echo "	".$urow['user_regdate']."
"._COMMENTS; echo "	".$urow['comments']."
"._EMAIL; echo "
"._SHOWEMAIL; echo "	"._YES.""._NO."
"._NOTIFY; echo "	"._YES.""._NO."
"._SITE; echo "
"._ICQ; echo "
"._FROM; echo "
"._ABOUT; echo "	".$urow['user_interests']."
"._FOTO; echo "
"._DELETEFOTO; echo "	"._YES.""._NO."
"._AVATAR; echo "
"._DELETEAVATAR; echo "	"._YES.""._NO."
"._NEWPASS; echo "
"._OLDPASS; echo "	"._ONLYIFWANTCHANGE."

"; CloseTable(); include_once("footer.php"); } else { Header("Location: /index.php"); } } else { Header("Location: /index.php"); } } else { Header("Location: /index.php"); } } else { //Header("Location: /index.php"); } } function LogIn($uid,$upwd) { global $dbi, $prefix; $uid = trim($uid); $upwd = trim($upwd); if ($uid != "" AND $upwd != "") { $upwd = md5($upwd); $result=sql_query("select user_password,banned from ".$prefix."_users where username='".adsl($uid)."'", $dbi); $userexist = sql_num_rows($result); if ($userexist > 0) { $urow = sql_fetch_array($result); if ($urow['user_password'] == $upwd) { if ($urow['banned']=='1') { include("header.php"); OpenTable(); echo ''._YOUAREBANNED.''; CloseTable(); include("footer.php"); } else { $user = base64_encode("$uid:$upwd"); setcookie("user","$user",time()+2592000); @unlink("cache/home.php"); Header("Location: /modules.php?name=HR&file=pp"); } } else { include("header.php"); OpenTable(); echo ''._WRONGLOP.''; CloseTable(); include("footer.php"); } } else { include("header.php"); OpenTable(); echo ''._WRONGLOP.''; CloseTable(); include("footer.php"); } } else { Header("Location: /index.php"); } } function Logout() { setcookie("user"); @unlink("cache/home.php"); Header("Location: /index.php"); } if (!isset($_REQUEST['op'])) { $op = ""; } else { $op = $_REQUEST['op']; } switch($op) { case "ConfirmReg": Confirm(); break; case "Login": LogIn($uid,$upwd); break; case "ViewProfile": if(!isset($id)) { $id=""; } Profile($id); break; case "MyProfile": MyProfile(); break; case "finish": finishNewUser($username, $user_email, $user_password); break; case "sendpass": sendpass(); break; case "Register": Register(); break; case "Forgot": Forgot(); break; case "Logout": Logout(); break; case "Restore": Restore($username,$check_num); break; case "SavePass": SavePass(); break; case "RemoveNewsComments": if (is_user()) { if (!isset($_GET['comments_id']) OR !isset($_GET['news_id'])) { include_once("header.php"); OpenTable(); echo ''._NOID.''; CloseTable(); include_once("footer.php"); } else { $usr = base64_decode($_COOKIE['user']); $usr = explode(":", $usr); $uname = $usr['0']; # Ник $result = sql_query("select news_comments_author from ".$prefix."_news_comments where news_comments_id='".intval($_GET['comments_id'])."' AND news_comments_news_id='".intval($_GET['news_id'])."'", $dbi); if (sql_num_rows($result) == 1) { $result=sql_fetch_row($result); foreach ($result as $res) $uid=$res; if ($uid==$uname) { if (isset($_GET['ok'])) { sql_query("delete from ".$prefix."_news_comments where news_comments_id='".intval($_GET['comments_id'])."'", $dbi); sql_query("UPDATE ".$prefix."_news SET news_comments_counter=news_comments_counter-1 WHERE news_id='".intval($_GET['news_id'])."'", $dbi); sql_query("UPDATE ".$prefix."_users SET comments=comments-1 WHERE username='".adsl($uname)."'", $dbi); Header("Location: /modules.php?name=News&file=view&news_id=".$_GET['news_id'].""); } else { include_once("header.php"); OpenTable(); echo ''._NEWS43.'

[ '._NO.' | '._YES.' ]'; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ''._NOTYOUR.''; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ''._NOTEXIST.''; CloseTable(); include_once("footer.php"); } } } else Header("Location: /index.php"); break; case "RemoveFilesComments": if (is_user()) { if (!isset($_GET['comments_id']) OR !isset($_GET['files_id'])) { include_once("header.php"); OpenTable(); echo ''._NOID.''; CloseTable(); include_once("footer.php"); } else { $usr = base64_decode($_COOKIE['user']); $usr = explode(":", $usr); $uname = $usr['0']; # Ник $result = sql_query("select files_comments_author from ".$prefix."_files_comments where files_comments_id='".intval($_GET['comments_id'])."' AND files_comments_files_id='".intval($_GET['files_id'])."'", $dbi); if (sql_num_rows($result) == 1) { $result=sql_fetch_row($result); foreach ($result as $res) $uid=$res; if ($uid==$uname) { if (isset($_GET['ok'])) { sql_query("delete from ".$prefix."_files_comments where files_comments_id='".intval($_GET['comments_id'])."'", $dbi); sql_query("UPDATE ".$prefix."_files SET files_comments_counter=files_comments_counter-1 WHERE files_id='".intval($_GET['files_id'])."'", $dbi); sql_query("UPDATE ".$prefix."_users SET comments=comments-1 WHERE username='".adsl($uname)."'", $dbi); Header("Location: /modules.php?name=Files&d_op=get_file_details&files_id=".$files_id.""); } else { include_once("header.php"); OpenTable(); echo ''._NEWS43.'

[ '._NO.' | '._YES.' ]'; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ''._NOTYOUR.''; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ''._NOTEXIST.''; CloseTable(); include_once("footer.php"); } } } else Header("Location: /index.php"); break; case "RemoveArticlesComments": if (is_user()) { if (!isset($_GET['comments_id']) OR !isset($_GET['articles_id'])) { include_once("header.php"); OpenTable(); echo ''._NOID.''; CloseTable(); include_once("footer.php"); } else { $usr = base64_decode($_COOKIE['user']); $usr = explode(":", $usr); $uname = $usr['0']; # Ник $result = sql_query("select articles_comments_author from ".$prefix."_articles_comments where articles_comments_id='".intval($_GET['comments_id'])."' AND articles_comments_articles_id='".intval($_GET['articles_id'])."'", $dbi); if (sql_num_rows($result) == 1) { $result=sql_fetch_row($result); foreach ($result as $res) $uid=$res; if ($uid==$uname) { if (isset($_GET['ok'])) { sql_query("delete from ".$prefix."_articles_comments where articles_comments_id='".intval($_GET['comments_id'])."'", $dbi); sql_query("UPDATE ".$prefix."_articles SET articles_comments_counter=articles_comments_counter-1 WHERE articles_id='".intval($_GET['articles_id'])."'", $dbi); sql_query("UPDATE ".$prefix."_users SET comments=comments-1 WHERE username='".adsl($uname)."'", $dbi); Header("Location: /modules.php?name=Articles&pa=showarticle&articles_id=".$articles_id.""); } else { include_once("header.php"); OpenTable(); echo ''._NEWS43.'

[ '._NO.' | '._YES.' ]'; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ''._NOTYOUR.''; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ''._NOTEXIST.''; CloseTable(); include_once("footer.php"); } } } else Header("Location: /index.php"); break; case "RemovePollsComments": if (is_user()) { if (!isset($_GET['comments_id']) OR !isset($_GET['polls_id'])) { include_once("header.php"); OpenTable(); echo ''._NOID.''; CloseTable(); include_once("footer.php"); } else { $usr = base64_decode($_COOKIE['user']); $usr = explode(":", $usr); $uname = $usr['0']; # Ник $result = sql_query("select polls_comments_author from ".$prefix."_polls_comments where polls_comments_id='".intval($_GET['polls_id'])."' AND polls_comments_poll_id='".intval($_GET['polls_id'])."'", $dbi); if (sql_num_rows($result) == 1) { $result=sql_fetch_row($result); foreach ($result as $res) $uid=$res; if ($uid==$uname) { if (isset($_GET['ok'])) { sql_query("delete from ".$prefix."_polls_comments where polls_comments_id='".intval($_GET['comments_id'])."'", $dbi); sql_query("UPDATE ".$prefix."_polls SET polls_comments_counter=polls_comments_counter-1 WHERE polls_id='".intval($_GET['polls_id'])."'", $dbi); sql_query("UPDATE ".$prefix."_users SET comments=comments-1 WHERE username='".adsl($uname)."'", $dbi); Header("Location: /modules.php?name=Polls&op=results&polls_id=".$polls_id.""); } else { include_once("header.php"); OpenTable(); echo ''._NEWS43.'

[ '._NO.' | '._YES.' ]'; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ''._NOTYOUR.''; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ''._NOTEXIST.''; CloseTable(); include_once("footer.php"); } } } else Header("Location: /index.php"); break; case "EditNewsComment": if (is_user()) { if (!isset($_GET['comments_id']) OR !isset($_GET['news_id'])) { include_once("header.php"); OpenTable(); echo ''._NOID.''; CloseTable(); include_once("footer.php"); } else { $usr = base64_decode($_COOKIE['user']); $usr = explode(":", $usr); $uname = $usr['0']; # Ник $result = sql_query("select news_comments_author, news_comments_text from ".$prefix."_news_comments where news_comments_id='".intval($_GET['comments_id'])."' AND news_comments_news_id='".intval($_GET['news_id'])."' limit 1", $dbi); if (sql_num_rows($result) == 1) { list($comments_author, $comments_text) = sql_fetch_row($result); if($uname==$comments_author) { include_once("header.php"); OpenTable(); include_once("includes/js/addsmile.js"); include_once("includes/js/quote.js"); echo ''; echo "

"; themecommentsform(0,htmlspecialchars($comments_text)); echo '

'; CloseTable(); include_once("footer.php"); } else { include_once("header.php"); OpenTable(); echo ''._NOTYOUR.''; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ''._NOTEXIST.''; CloseTable(); include_once("footer.php"); } } } else Header("Location: /index.php"); break; case "EditFilesComment": if (is_user()) { if (!isset($_GET['comments_id']) OR !isset($_GET['files_id'])) { include_once("header.php"); OpenTable(); echo ''._NOID.''; CloseTable(); include_once("footer.php"); } else { $usr = base64_decode($_COOKIE['user']); $usr = explode(":", $usr); $uname = $usr['0']; # Ник $result = sql_query("select files_comments_author, files_comments_text from ".$prefix."_files_comments where files_comments_id='".intval($_GET['comments_id'])."' AND files_comments_files_id='".intval($_GET['files_id'])."' limit 1", $dbi); if (sql_num_rows($result) == 1) { list($comments_author, $comments_text) = sql_fetch_row($result); if($uname==$comments_author) { include_once("header.php"); OpenTable(); include_once("includes/js/addsmile.js"); include_once("includes/js/quote.js"); echo ''; echo "

"; themecommentsform(0,htmlspecialchars($comments_text)); echo '

'; CloseTable(); include_once("footer.php"); } else { include_once("header.php"); OpenTable(); echo ''._NOTYOUR.''; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ''._NOTEXIST.''; CloseTable(); include_once("footer.php"); } } } else Header("Location: /index.php"); break; case "EditArticlesComment": if (is_user()) { if (!isset($_GET['comments_id']) OR !isset($_GET['articles_id'])) { include_once("header.php"); OpenTable(); echo ''._NOID.''; CloseTable(); include_once("footer.php"); } else { $usr = base64_decode($_COOKIE['user']); $usr = explode(":", $usr); $uname = $usr['0']; # Ник $result = sql_query("select articles_comments_author, articles_comments_text from ".$prefix."_articles_comments where articles_comments_id='".intval($_GET['comments_id'])."' AND articles_comments_articles_id='".intval($_GET['articles_id'])."' limit 1", $dbi); if (sql_num_rows($result) == 1) { list($comments_author, $comments_text) = sql_fetch_row($result); if($uname==$comments_author) { include_once("header.php"); OpenTable(); include_once("includes/js/addsmile.js"); include_once("includes/js/quote.js"); echo ''; echo "

"; themecommentsform(0,htmlspecialchars($comments_text)); echo '

'; CloseTable(); include_once("footer.php"); } else { include_once("header.php"); OpenTable(); echo ''._NOTYOUR.''; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ''._NOTEXIST.''; CloseTable(); include_once("footer.php"); } } } else Header("Location: /index.php"); break; case "EditPollsComment": if (is_user()) { if (!isset($_GET['comments_id']) OR !isset($_GET['polls_id'])) { include_once("header.php"); OpenTable(); echo ''._NOID.''; CloseTable(); include_once("footer.php"); } else { $usr = base64_decode($_COOKIE['user']); $usr = explode(":", $usr); $uname = $usr['0']; # Ник $result = sql_query("select polls_comments_author, polls_comments_text from ".$prefix."_polls_comments where polls_comments_id='".intval($_GET['comments_id'])."' AND polls_comments_poll_id='".intval($_GET['polls_id'])."' limit 1", $dbi); if (sql_num_rows($result) == 1) { list($comments_author, $comments_text) = sql_fetch_row($result); if($uname==$comments_author) { include_once("header.php"); OpenTable(); include_once("includes/js/addsmile.js"); include_once("includes/js/quote.js"); echo ''; echo "

"; themecommentsform(0,htmlspecialchars($comments_text)); echo '

'; CloseTable(); include_once("footer.php"); } else { include_once("header.php"); OpenTable(); echo ''._NOTYOUR.''; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ''._NOTEXIST.''; CloseTable(); include_once("footer.php"); } } } else Header("Location: /index.php"); break; case "EditNewsCommentOk": if (is_user()) { if (!isset($_POST['comments_id']) OR !isset($_POST['news_id'])) { include_once("header.php"); OpenTable(); echo ''._NOID.''; CloseTable(); include_once("footer.php"); } else { $usr = base64_decode($_COOKIE['user']); $usr = explode(":", $usr); $uname = $usr['0']; # Ник $result = sql_query("select news_comments_author from ".$prefix."_news_comments where news_comments_id='".intval($_POST['comments_id'])."' AND news_comments_news_id='".intval($_POST['news_id'])."'", $dbi); if (sql_num_rows($result) == 1) { $result=sql_fetch_row($result); foreach ($result as $res) $uid=$res; if ($uid==$uname) { sql_query("update ".$prefix."_news_comments set news_comments_text='".adsl($_POST['comments_text'])."' where news_comments_id='".intval($_POST['comments_id'])."'", $dbi); Header("Location: /modules.php?name=News&file=view&news_id=".intval($_POST['news_id'])); } else { include_once("header.php"); OpenTable(); echo ''._NOTYOUR.''; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ''._NOTEXIST.''; CloseTable(); include_once("footer.php"); } } } else Header("Location: /index.php"); break; case "EditFilesCommentOk": if (is_user()) { if (!isset($_POST['comments_id']) OR !isset($_POST['files_id'])) { include_once("header.php"); OpenTable(); echo ''._NOID.''; CloseTable(); include_once("footer.php"); } else { $usr = base64_decode($_COOKIE['user']); $usr = explode(":", $usr); $uname = $usr['0']; # Ник $result = sql_query("select files_comments_author from ".$prefix."_files_comments where files_comments_id='".intval($_POST['comments_id'])."' AND files_comments_files_id='".intval($_POST['files_id'])."'", $dbi); if (sql_num_rows($result) == 1) { $result=sql_fetch_row($result); foreach ($result as $res) $uid=$res; if ($uid==$uname) { sql_query("update ".$prefix."_files_comments set files_comments_text='".adsl($_POST['comments_text'])."' where files_comments_id='".intval($_POST['comments_id'])."'", $dbi); Header("Location: /modules.php?name=Files&d_op=get_file_details&files_id=".intval($_POST['files_id'])); } else { include_once("header.php"); OpenTable(); echo ''._NOTYOUR.''; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ''._NOTEXIST.''; CloseTable(); include_once("footer.php"); } } } else Header("Location: /index.php"); break; case "EditArticlesCommentOk": if (is_user()) { if (!isset($_POST['comments_id']) OR !isset($_POST['articles_id'])) { include_once("header.php"); OpenTable(); echo ''._NOID.''; CloseTable(); include_once("footer.php"); } else { $usr = base64_decode($_COOKIE['user']); $usr = explode(":", $usr); $uname = $usr['0']; # Ник $result = sql_query("select articles_comments_author from ".$prefix."_articles_comments where articles_comments_id='".intval($_POST['comments_id'])."' AND articles_comments_articles_id='".intval($_POST['articles_id'])."'", $dbi); if (sql_num_rows($result) == 1) { $result=sql_fetch_row($result); foreach ($result as $res) $uid=$res; if ($uid==$uname) { sql_query("update ".$prefix."_articles_comments set articles_comments_text='".adsl($_POST['comments_text'])."' where articles_comments_id='".intval($_POST['comments_id'])."'", $dbi); Header("Location: /modules.php?name=Articles&pa=showarticle&articles_id=".intval($_POST['articles_id'])); } else { include_once("header.php"); OpenTable(); echo ''._NOTYOUR.''; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ''._NOTEXIST.''; CloseTable(); include_once("footer.php"); } } } else Header("Location: /index.php"); break; case "EditPollsCommentOk": if (is_user()) { if (!isset($_POST['comments_id']) OR !isset($_POST['polls_id'])) { include_once("header.php"); OpenTable(); echo ''._NOID.''; CloseTable(); include_once("footer.php"); } else { $usr = base64_decode($_COOKIE['user']); $usr = explode(":", $usr); $uname = $usr['0']; # Ник $result = sql_query("select polls_comments_author from ".$prefix."_polls_comments where polls_comments_id='".intval($_POST['comments_id'])."' AND polls_comments_poll_id='".intval($_POST['polls_id'])."'", $dbi); if (sql_num_rows($result) == 1) { $result=sql_fetch_row($result); foreach ($result as $res) $uid=$res; if ($uid==$uname) { sql_query("update ".$prefix."_polls_comments set polls_comments_text='".adsl($_POST['comments_text'])."' where polls_comments_id='".intval($_POST['comments_id'])."'", $dbi); Header("Location: /modules.php?name=Polls&op=results&polls_id=".intval($_POST['polls_id'])); } else { include_once("header.php"); OpenTable(); echo ''._NOTYOUR.''; CloseTable(); include_once("footer.php"); } } else { include_once("header.php"); OpenTable(); echo ''._NOTEXIST.''; CloseTable(); include_once("footer.php"); } } } else Header("Location: /index.php"); break; case "Inbox": Inbox(); break; case "ViewMessage": ViewMessage(); break; case "SendMessage": SendMessage(); break; case "ComposeMessage": ComposeMessage(); break; case "DeleteMessage": DeleteMessage(); break; default: if (!is_user()) Register(); else MyProfile(); break; } ?>