index.php
Code: Select all
else if ($action=="chat") {
$mmsg = htmlspecialchars(getsetmood(getuid_sid($sid)));
addonline(getuid_sid($sid),"è nella lista delle Chatroom ($mmsg)","index.php?action=chat");
echo "<head>";
echo "<title>Lista Chatroom</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
echo "<img src=\"../images/chat3.gif\" alt=\"\"/>";
echo popup($sid);
echo "<p align=\"center\">";
$rooms = mysql_query("SELECT id, name, perms, mage, pic, chposts FROM ibwf_rooms WHERE static='1' AND clubid='0'");
while ($room= mysql_fetch_array($rooms))
{
/*if(canenter($room[0], $sid))
{*/
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_chonline WHERE rid='".$room[0]."'"));
echo "<a href=\"chat.php?sid=$sid&rid=$room[0]\">$room[1]($noi[0])</a><br/>";
/*}*/
}
echo "<br/>";
echo "<b>5 </b><a accesskey=\"5\" href=\"index.php?action=uchat&sid=$sid\">Stanze Private</a><br/>";
echo "<b>6 </b><a accesskey=\"6\" href=\"inbox.php?action=main&sid=$sid\">Inbox</a><br/>";
echo "<b>7 </b><a accesskey=\"7\" href=\"lists.php?action=buds&sid=$sid\">Lista Amici</a><br/>";
echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=chat&sid=$sid\">Chatrooms</a><br/>";
echo forumlink($sid,9);
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p>";
echo "</body>";
}
else if ($action=="uchat") {
$mmsg = htmlspecialchars(getsetmood(getuid_sid($sid)));
addonline(getuid_sid($sid),"è nel Menu della Chat ($mmsg)","");
echo "<head>";
echo "<title>Chat Menu</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
echo "<img src=\"../images/chat2.gif\" alt=\"*\"/><br/>";
echo "</p>";
echo "<p align=\"center\">";
echo "<br/>";
echo "<b>1 </b><a accesskey=\"1\" href=\"index.php?action=chat&sid=$sid\">Stanze di Sistema</a><br/>";
echo "<b>2 </b><a accesskey=\"2\" href=\"index.php?action=mkroom&sid=$sid\">Crea Stanza</a><br/><br/>";
$rooms = mysql_query("SELECT id, name, pass, pic FROM ibwf_rooms WHERE static='0'");
$co=0;
while ($room= mysql_fetch_array($rooms))
{
$co++;
if(canenter($room[0], $sid))
{
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_chonline WHERE rid='".$room[0]."'"));
if($room[2]=="")
{
echo "<a href=\"chat.php?sid=$sid&rid=$room[0]\">".htmlspecialchars($room[1])."($noi[0])</a><br/>";
}else{
echo htmlspecialchars($room[1]);
//echo "($noi[0])";
echo "<form action=\"chat.php\" method=\"get\">";
echo "<br/><input format=\"*x\" name=\"rpw\" maxlength=\"10\"/><br/>";
echo "<input type=\"submit\" value=\"GO\"/>";
echo "<input type=\"hidden\" name=\"rid\" value=\"$room[0]\"/>";
echo "<input type=\"hidden\" name=\"sid\" value=\"$sid\"/>";
echo "</form>";
}
}
}
echo "<br/><br/><b>6 </b><a accesskey=\"6\" href=\"inbox.php?action=main&sid=$sid\">Inbox</a><br/>";
echo "<b>7 </b><a accesskey=\"7\" href=\"lists.php?action=buds&sid=$sid\">Lista Amici</a><br/>";
echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=chat&sid=$sid\">Chatrooms</a><br/>";
echo forumlink($sid,9);
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p>";
echo "</body>";
}
else if($action=="mkroom")
{
$mmsg = htmlspecialchars(getsetmood(getuid_sid($sid)));
addonline(getuid_sid($sid),"sta Creando una Stanza Privata ($mmsg)","");
echo "<head>";
echo "<title>Crea Stanza</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p>";
echo "<small><img src=\"../images/point.gif\" alt=\"!\"/>Metti Password e avvisa all'utente che desideri , che password e, per accedere</small><br/>";
echo "<small><img src=\"../images/point.gif\" alt=\"!\"/>Non Mettere Password e può entrare chiunque</small><br/><br/>";
$pic = mysql_escape_string($_POST["pic"]);
$pic = htmlspecialchars($pic);
$res = mysql_query("INSERT INTO ibwf_rooms SET name='".$rname."', pass='".$rpass."', censord='".$cns."', static='0', lastmsg='".time()."', pic='".$pic."'");
echo "<form action=\"genproc.php?action=mkroom&sid=$sid\" method=\"post\">";
echo "Aggiungi Foto: <input name=\"pic\" maxlength=\"255\" value=\"http://\"/><br/>";
echo "Nome Stanza: <input name=\"rname\" maxlength=\"30\"><br/>";
echo "Password: <input name=\"rpass\" style=\"-wap-input-format: '*x'\" maxlength=\"10\"><br/>";
echo "<input type=\"Submit\" name=\"Create\" Value=\"Crea\"></form>";
echo "</p>";
echo "<p align=\"center\">";
echo "<b>6 </b><a accesskey=\"6\" href=\"inbox.php?action=main&sid=$sid\">Inbox</a><br/>";
echo "<b>7 </b><a accesskey=\"7\" href=\"lists.php?action=buds&sid=$sid\">Lista Amici</a><br/>";
echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=chat&sid=$sid\">Chatrooms</a><br/>";
echo forumlink($sid,9);
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p>";
echo "</body>";
}Code: Select all
else if($action=="mkroom")
{
$rname = mysql_escape_string($_POST["rname"]);
$rpass = trim($_POST["rpass"]);
$pic = mysql_escape_string($_POST["pic"]);
addonline(getuid_sid($sid),"Sta creando una Chatroom","");
echo "<head>";
echo "<title>$sitename</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
if ($rpass=="")
{
$cns = 1;
}else{
$cns = 0;
}
$prooms = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_rooms WHERE static='0'"));
if($prooms[0]<10)
{
$pic = mysql_escape_string($_POST["pic"]);
$pic = htmlspecialchars($pic);
$res = mysql_query("INSERT INTO ibwf_rooms SET name='".$rname."', pass='".$rpass."', censord='".$cns."', static='0', lastmsg='".time()."', pic='".$pic."'");
$rooms = mysql_query("SELECT id, name, pass, pic FROM ibwf_rooms WHERE static='0'");
if($res)
{
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>Room creata con successo<br/><br/>";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error!<br/><br/>";
}
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Ci sono già 10 utenti nelle stanze<br/><br/>";
}
echo "<b>9 </b><a accesskey=\"9\" href=\"index.php?action=uchat&sid=$sid\">Chat</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p>";
echo "</body>";
}Code: Select all
include("config.php");
include("core.php");
connectdb();
$color=$_POST['color'];
$action=$_GET["action"];
$id=$_GET["id"];
$sid = $_GET["sid"];
$rid=$_GET["rid"];
$rpw=$_GET["rpw"];
$uid = getuid_sid($sid);
$uexist = isuser($uid);
$theme = mysql_fetch_array(mysql_query("SELECT theme FROM ibwf_users WHERE id='".$uid."'"));
$data = date("H:i");
$sound = mysql_fetch_array(mysql_query("SELECT `chsound` FROM ibwf_users WHERE id='".$uid."'"));
if((islogged($sid)==false)||!$uexist)
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/white_medium.css\">";
echo "</head>";
echo "<body>";
echo "<center>";
echo "Non sei loggato<br/>";
echo "O la tua sessione è scaduta<br/><br/>";
echo "<a href=\"index.php\">Login</a>";
echo "</center>";
echo "</html>";
echo "</body>";
exit();
}
if(isbanned($uid))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
echo "<img src=\"../images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>Sei stato Bannato</b><br/><br/>";
$banto = mysql_fetch_array(mysql_query("SELECT timeto, pnreas, exid FROM ibwf_penalties WHERE uid='".$uid."' AND penalty='1' OR uid='".$uid."' AND penalty='2'"));
$banres = mysql_fetch_array(mysql_query("SELECT lastpnreas FROM ibwf_users WHERE id='".$uid."'"));
$remain = $banto[0]- time();
$rmsg = gettimemsg($remain);
echo "<b>Tempo rimasto: </b>$rmsg<br/>";
$nick = getnick_uid($banto[2]);
echo "<b>By: </b>$nick<br/>";
echo "<b>Motivo: </b>$banto[1]";
//echo "<a href=\"index.php\">Login</a>";
echo "</p>";
echo "</body>";
echo "</html>";
exit();
}
$isroom = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_rooms WHERE id='".$rid."'"));
if($isroom[0]==0)
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<center>";
echo "<b>La Room non esiste</b><br/><br/>";
echo "<a href=\"index.php?action=chat&sid=$sid\">Chatrooms</a>";
echo "</center>";
echo "</body>";
echo "</html>";
exit();
}
$passworded = mysql_fetch_array(mysql_query("SELECT pass FROM ibwf_rooms WHERE id='".$rid."'"));
if($passworded[0]!="")
{
if($rpw!=$passworded[0])
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<center>";
echo "<b>Password Errata!</b><br/>";
echo "Non è possibile entrare in questa stanza<br/><br/>";
echo "<a href=\"index.php?action=chat&sid=$sid\">Chatrooms</a>";
echo "</center>";
echo "</body>";
echo "</html>";
exit();
}
}
if(!canenter($rid,$sid))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<center>";
echo "<b>Autorizzazione negata!</b><br/><br/>";
echo "<a href=\"index.php?action=chat&sid=$sid\">Chatrooms</a>";
echo "</center>";
echo "</body>";
echo "</html>";
exit();
}
addtochat($uid, $rid);
$timeto = 3110400;
$timenw = time();
$timeout = $timenw-$timeto;
$rooms = mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_rooms WHERE id='".$rid."'"));
$rname = $rooms[1];
$nick = getnick_sid($sid);
if ($action=="")
{
echo "<head>";
echo "<title>$rname</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
$unreadpopup=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_popups WHERE unread='1' AND touid='".$uid."'"));
if ($unreadpopup[0]<1)
{
echo "<meta http-equiv=\"refresh\" content=\"30; url=chat.php?time=";
echo "".date("dmHis")."";
echo "&sid=$sid&rid=$rid&rpw=$rpw\">";
}
echo "</head>";
echo "<body>";
echo "<bgsound src=\"$sound\" loop=\"infinite\"/>";
$mmsg = htmlspecialchars(getsetmood(getuid_sid($sid)));
addonline($uid,"Chatta in $rname ($mmsg)","chat.php?rid=$rid&rpw=$rpw");
//echo "<p>";
echo popup($sid);
$str = mysql_fetch_array(mysql_query("SELECT value FROM ibwf_settingss WHERE name='4ummsg'"));
$fmsg = getbbcode($str[0], $sid, 0);
echo "<p align=\"left\">$fmsg</p>";
echo "<b>1 </b><a name=\"top\" id=\"top\" accesskey=\"1\" href=\"chat.php?action=say&sid=$sid&rid=$rid&rpw=$rpw\">Scrivi</a><br/>";