Help php, violazione database

redevilduil

Nuovo Utente
14 Ott 2009
17
0
0
chattapeople.altervista.org
Salve, avrei un piccolo problema .
Alcuni amici mi segnalano un bug che consente la lettura dei "pvt" o semplicemente dei messaggi di chat, anche se si viene bannato e senza effettuare login.
Io personalmente ho provato in tutti i modi a trovare tale bug senza esito positivo .
Priorità alla lettura di messaggi privati vi posto qui il file : chat.php spero di aver postato tutto in modo giusto
Il seguente codice usa una protezione di reindirizzamento se si prova ad apire il file txt

Posto qui link del sito per eventuale test http://chattapeople.altervista.org/index.php
nick = user
passw = user

Codice:
<?php
 session_start();
 header ("cache-control: no-cache, must-revalidate");
 header ("cache-control: no-cache, must-revalidate");
 header("Cache-control: private");
 header ("pragma: no-cache");
 error_reporting(0);
 if(!isset($_SESSION["login"]))
 {header("location: index.php"); exit;}
 if(!isset($_COOKIE['PHPSESSID']))
 if(!isset($_COOKIE['PHPSESSID']))
 {header("location: avviso.php?page=nocookie"); exit;}
 $tm_start = array_sum(explode(' ', microtime()));
 @require_once("setting.inc.php");
 @require_once("detect.inc.php");
 @require_once("bann.inc.php");
 $login=$_SESSION["login"];

 if(@file_exists("database/".$suff."_shout.txt") AND isset($_GET['shout'])){
 [email protected]("database/".$suff."_shout.txt");
 $riga=trim($var[0]);
 $dati=explode("||",$riga);
 $id=trim($dati[2]);
 [email protected]($suff."_shout".$id."/$login.txt","w+");
 @fwrite($var,"");
 @fclose($var);
 }

 if(@file_exists($suff."_deletenick/$login.txt"))
 {
 unset($_SESSION['login']);
 @unlink($suff."_deletenick/$login.txt");
 setcookie("nick","", time()-20000000);
 setcookie("pwd","", time()-20000000);
 if(@file_exists($suff."_online1/$login.txt"))
 {@unlink($suff."_online1/$login.txt");}
 if(@file_exists($suff."_online2/$login.txt"))
 {@unlink($suff."_online2/$login.txt");}
 if(@file_exists($suff."_room/$login.txt"))
 {@unlink($suff."_room/$login.txt");}
 header("location: avviso.php?page=delnick"); exit;
 }

 if([email protected]_exists($suff."_hid/$login.txt"))
 {//memorizzo azione=chat
 [email protected]($suff."_azione/$login.txt","w+");
 @fwrite($var34,"CHAT");
 @fclose($var34);
 }
 //aggiorno statistiche
 if(isset($_GET['a']))
 {
 //aggiorno txt entrate
 $oggi=time();
 $g=date("d",$oggi);
 $m=date("m",$oggi);
 $a=date("y",$oggi);
 $settimana=date("D",$oggi);

 $ieri=mktime(0,0,0,$m,$g-2,$a);
 $ggieri=date("d",$ieri);
 $mmieri=date("m",$ieri);
 $aaieri=date("y",$ieri);

 [email protected]();
 $modcell="";
 if(isset($_SERVER["HTTP_X_DEVICE_USER_AGENT"]))
 {$modcell=htmlentities($_SERVER["HTTP_X_DEVICE_USER_AGENT"]);
 $modcell = str_replace(array("\r\n", "\r", "\n"), "", $modcell);
 $modcell = str_replace("|","", $modcell);}

 $cell="nondefinito";
 if(!empty($subno))
 {$cell=$subno;}
 if(!empty($h3g))
 {$cell=md5($h3g);}

 if($cell=="nondefinito" AND !empty($opera))
 {$cell=$opera;}
 $isp=gethostbyaddr($_SERVER['REMOTE_ADDR']);

 function ipCheck2() {

 if (getenv('HTTP_CLIENT_IP')) {
 $ip = getenv('HTTP_CLIENT_IP');
 }
 elseif (getenv('HTTP_X_FORWARDED_FOR')) {
 $ip = getenv('HTTP_X_FORWARDED_FOR');
 }
 elseif (getenv('HTTP_X_FORWARDED')) {
 $ip = getenv('HTTP_X_FORWARDED');
 }
 elseif (getenv('HTTP_FORWARDED_FOR')) {
 $ip = getenv('HTTP_FORWARDED_FOR');
 }
 elseif (getenv('HTTP_FORWARDED')) {
 $ip = getenv('HTTP_FORWARDED');
 }
 else {
 $ip = $_SERVER['REMOTE_ADDR'];
 }
 return $ip;
 }
 $ip= htmlspecialchars(ipCheck2());
 $ipproxy = $_SERVER["REMOTE_ADDR"];

 if($ip==$ipproxy)
 {$ipproxy="no proxy";}
 $variabile4=$login."||pwd||".$ipproxy."||".$ip."||".$modcell."||".$browser."||".$isp."||".$cell."||".$data;

 if (@!is_dir($suff."_controlentrate")) mkdir($suff."_controlentrate");
 $indirizzo = $suff."_controlentrate/$g"."$m"."$a.txt";
 [email protected]("$indirizzo","a+");
 @fwrite($var888,$variabile4."\n");
 @fclose($var888);

 //elimino il file control entrate del giorno precedente se esiste
 if(@file_exists($suff."_controlentrate/"."$ggieri"."$mmieri"."$aaieri.txt"))
 {@unlink($suff."_controlentrate/"."$ggieri"."$mmieri"."$aaieri.txt");}

 //aggiorno txt statistiche di oggi
 if (@!is_dir($suff."_statistic")) mkdir($suff."_statistic");
 if (@!is_dir($suff."_statistic/week")) mkdir($suff."_statistic/week");
 if (@!file_exists($suff."_statistic/week/weekend.txt"))
 {$tempoend=$oggi;
 $diff=0;
 switch($settimana)
 {
 case'Mon':
 $diff=6;
 break;

 case'Tue':
 $diff=5;
 break;

 case'Wed':
 $diff=4;
 break;

 case'Thu':
 $diff=3;
 break;

 case'Fri':
 $diff=2;
 break;

 case'Sat':
 $diff=1;
 break;

 case'Sun':
 $diff=0;
 break;
 }

 $tempoend=mktime(23,59,59,$m,$g+$diff,$a);

 [email protected]($suff."_statistic/week/weekend.txt","w+");
 @fwrite($var868,$tempoend);
 @fclose($var868);

 }
 else
 {[email protected]($suff."_statistic/week/weekend.txt");
 $tempoend=trim($var6667[0]);}


 if(($oggi-$tempoend)>0)
 {
 @unlink($suff."_statistic/week/Mon.txt");
 @unlink($suff."_statistic/week/Tue.txt");
 @unlink($suff."_statistic/week/Wed.txt");
 @unlink($suff."_statistic/week/Thu.txt");
 @unlink($suff."_statistic/week/Fri.txt");
 @unlink($suff."_statistic/week/Sat.txt");
 @unlink($suff."_statistic/week/Sun.txt");
 @unlink($suff."_statistic/week/weekend.txt");
 }
 $rigat=0;
 if(@file_exists($suff."_statistic/week/$settimana.txt")){
 [email protected]($suff."_statistic/week/$settimana.txt");
 $rigat=trim($var278[0]);}
 $rigatnew=($rigat+1);
 [email protected]($suff."_statistic/week/$settimana.txt","w+");
 @fwrite($var868,$rigatnew);
 @fclose($var868);

 //memorizzo time entrata dell utente nel suo txt
 if (@!is_dir($suff."_time")) mkdir($suff."_time");
 if([email protected]_exists($suff."_hid/$login.txt"))
 {
 $timestampatt = time();
 $percorso=$suff."_time/$login.txt";
 [email protected]("$percorso","w+");
 @fwrite($var34,"$timestampatt");
 @fclose($var34);}

 //aggiorno statistiche accesso
 $oggi=time();
 $g=date("d",$oggi);
 $m=date("m",$oggi);
 $a=date("y",$oggi);

 $ieri=mktime(0,0,0,$m,$g-1,$a);

 $ggieri=date("d",$ieri);
 $mmieri=date("m",$ieri);
 $aaieri=date("y",$ieri);

 //elimino il file accessi del giorno precedente (se esiste)
 if(@file_exists($suff."_statoggi/"."$ggieri"."$mmieri"."$aaieri.txt"))
 {@unlink($suff."_statoggi/"."$ggieri"."$mmieri"."$aaieri.txt");}

 //elimino il file conta msg1 del giorno precedente
 if(@file_exists($suff."_statoggi/"."msg1_"."$ggieri"."$mmieri"."$aaieri.txt"))
 {@unlink($suff."_statoggi/"."msg1_"."$ggieri"."$mmieri"."$aaieri.txt");}

 //elimino il file conta msg2 del giorno precedente
 if(@file_exists($suff."_statoggi/"."msg2_"."$ggieri"."$mmieri"."$aaieri.txt"))
 {@unlink($suff."_statoggi/"."msg2_"."$ggieri"."$mmieri"."$aaieri.txt");}

 //elimino il file smile inseriti del giorno precedente (se esiste)
 if(@file_exists($suff."_statoggi/smile_"."$ggieri"."$mmieri"."$aaieri.txt"))
 {@unlink($suff."_statoggi/smile_"."$ggieri"."$mmieri"."$aaieri.txt");}

 //elimino il file COMMENTI USER inseriti del giorno precedente (se esiste)
 if(@file_exists($suff."_statoggi/comm_"."$ggieri"."$mmieri"."$aaieri.txt"))
 {@unlink($suff."_statoggi/comm_"."$ggieri"."$mmieri"."$aaieri.txt");}

 //elimino il file sondaggi inseriti del giorno precedente (se esiste)
 if(@file_exists($suff."_statoggi/sondaggi_"."$ggieri"."$mmieri"."$aaieri.txt"))
 {@unlink($suff."_statoggi/sondaggi_"."$ggieri"."$mmieri"."$aaieri.txt");}

 //elimino il file POST BLOG inseriti del giorno precedente (se esiste)
 if(@file_exists($suff."_statoggi/post_"."$ggieri"."$mmieri"."$aaieri.txt"))
 {@unlink($suff."_statoggi/post_"."$ggieri"."$mmieri"."$aaieri.txt");}

 //elimino il file LASTFOTO inserite nel giorno precedente (se esiste)
 if(@file_exists($suff."_statoggi/lastfoto_"."$ggieri"."$mmieri"."$aaieri.txt"))
 {@unlink($suff."_statoggi/lastfoto_"."$ggieri"."$mmieri"."$aaieri.txt");}

 //elimino il file COMMFOTO inserite nel giorno precedente (se esiste)
 if(@file_exists($suff."_statoggi/commfoto_"."$ggieri"."$mmieri"."$aaieri.txt"))
 {@unlink($suff."_statoggi/commfoto_"."$ggieri"."$mmieri"."$aaieri.txt");}

 //elimino il file ULTIMO REGISTRATO del giorno precedente
 if(@file_exists($suff."_statoggi/"."reg_"."$ggieri"."$mmieri"."$aaieri.txt"))
 {@unlink($suff."_statoggi/"."reg_"."$ggieri"."$mmieri"."$aaieri.txt");}

 //elimino il file COMMENT BLOG del giorno precedente
 if(@file_exists($suff."_statoggi/"."commpost_"."$ggieri"."$mmieri"."$aaieri.txt"))
 {@unlink($suff."_statoggi/"."commpost_"."$ggieri"."$mmieri"."$aaieri.txt");}

 //elimino il file BANN NICK del giorno precedente
 if(@file_exists($suff."_statoggi/"."bannick_"."$ggieri"."$mmieri"."$aaieri.txt"))
 {@unlink($suff."_statoggi/"."bannick_"."$ggieri"."$mmieri"."$aaieri.txt");}

 //elimino il file NICK ELIMINATI del giorno precedente
 if(@file_exists($suff."_statoggi/"."nickdel_"."$ggieri"."$mmieri"."$aaieri.txt"))
 {@unlink($suff."_statoggi/"."nickdel_"."$ggieri"."$mmieri"."$aaieri.txt");}

 //elimino il file POST FORUM del giorno precedente
 if(@file_exists($suff."_statoggi/forumpost_"."$ggieri"."$mmieri"."$aaieri.txt"))
 {@unlink($suff."_statoggi/forumpost_"."$ggieri"."$mmieri"."$aaieri.txt");}

 $entrata=1;
 if(@file_exists($suff."_statoggi/"."$g"."$m"."$a.txt"))
 {
 [email protected]($suff."_statoggi/"."$g"."$m"."$a.txt");
 $entrata=trim($var[0]);
 $entrata++;
 }

 $open = @fopen($suff."_statoggi/"."$g"."$m"."$a.txt","w+");
 @fwrite($open, $entrata);
 @fclose($open);
 /* */
 }

 if(isset($_GET['stato']) AND @file_exists($suff."_room/$login.txt"))
 {@unlink($suff."_room/$login.txt");}
 if (@file_exists($suff."_room/$login.txt"))
 {header("location: chat2.php"); exit;}

 if (@file_exists($suff."_online2/$login.txt"))
 {@unlink($suff."_online2/$login.txt");}

 function ipCheck() {

 if (getenv('HTTP_CLIENT_IP')) {
 $ip = getenv('HTTP_CLIENT_IP');
 }
 elseif (getenv('HTTP_X_FORWARDED_FOR')) {
 $ip = getenv('HTTP_X_FORWARDED_FOR');
 }
 elseif (getenv('HTTP_X_FORWARDED')) {
 $ip = getenv('HTTP_X_FORWARDED');
 }
 elseif (getenv('HTTP_FORWARDED_FOR')) {
 $ip = getenv('HTTP_FORWARDED_FOR');
 }
 elseif (getenv('HTTP_FORWARDED')) {
 $ip = getenv('HTTP_FORWARDED');
 }
 else {
 $ip = $_SERVER['REMOTE_ADDR'];
 }
 return $ip;
 }
 $ip= htmlspecialchars(ipCheck());
 $ipproxy = $_SERVER["REMOTE_ADDR"];
 $isp=gethostbyaddr($_SERVER['REMOTE_ADDR']);

 $cell="nondefinito";
 if(!empty($subno))
 {$cell=$subno;}
 if(!empty($h3g))
 {$cell=md5($h3g);}

 //controlli BANN
 if(bannbrowser($browser,$suff) OR bannnick($login,$ip,$ipproxy,$suff) OR banncell($cell,$suff) OR bannisp($isp,$suff))
 {
 unset($_SESSION);
 session_destroy();
 if(@file_exists($suff."_online1/$login.txt"))
 {@unlink($suff."_online1/$login.txt");}
 if(@file_exists($suff."_online2/$login.txt"))
 {@unlink($suff."_online2/$login.txt");}
 if(@file_exists($suff."_room/$login.txt"))
 {@unlink($suff."_room/$login.txt");}
 setcookie("bann","1", time()+20000000);
 header("location: avviso.php?page=bann");exit;}

 if(isset($_COOKIE["bann"]))
 {setcookie("bann","", time()-20000000);}

 $level=0;
 //controllo se membro STAFF
 if(@file_exists($suff."_staff/$login.txt"))
 {
 [email protected]($suff."_staff/$login.txt");
 $level=trim($level[0]);
 }

 //NEWMP
 $nonletto=0;
 if(@file_exists($suff."_mp/$login.txt"))
 {
 [email protected]($suff."_mp/$login.txt");
 $totmp=count($mp);
 for($a=($totmp-1); $a>=0; $a--){
 $esplodo=explode("||",$mp[$a]);
 if($esplodo[2]==0)
 {$nonletto=1; break;}
 }//end for
 }
 if($nonletto==1){$newmp="newmail";}else{$newmp="mail";}
 ?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<link href=?favicon.ico? rel=?shortcut icon? type=?image/x-icon? />
<link rel="shortcut icon" href="favicon.ico" >
<link rel="icon" href="favicon.ico" >
<META http-equiv="Content-Type" content="text/html; charset=utf-8" >
<META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">
<META HTTP-EQUIV="Expires" CONTENT="0">
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<META NAME="KEYWORDS" CONTENT="chat,cellulari,mobile,telefonia,wap,chat gratuita,incontri,amicizia">
<META NAME="DESCRIPTION" CONTENT="Chat gratuita accessibile anche da cellulare">
<META NAME="ROBOTS" CONTENT="INDEX, FOLLOW">
<META NAME="REVISIT-AFTER" CONTENT="1 DAYS">
<META NAME="RATING" CONTENT="GENERAL">
<div align="center"style="background-color:  #66ffcc" "><font color="0000cc">Benvenuti in Amorexte</font></div>
<title><?php $titolo= utf8_encode ($title); echo $titolo; ?></title>
<link rel="stylesheet" type="text/css" href="stylechatcell.css">
<?php if($dispositivo=="PC"){
 echo "<script type='text/javascript' src='refresh.js'></script>"; ?>
<style type="text/css">
 body{

 background-image: url(sfondocell/stelle.gif);
 background-repeat: no repeat-y;
 }

 div.pic{float:left;margin: 0px;padding:0 0 12px 0;
 background: url(background.gif) no-repeat bottom center}

 div.pic img{display: block;border: 1px solid;
 border-color: #CCC #CCC #AAA #CCC;
 padding: 4px;background: #000000}
 .purple #slatenav{position:relative;display:block;height:42px;font-size:11px;font-weight:bold;background:transparent url(purpleslate_background.gif) repeat-x top left;font-family:Arial,Verdana,Helvitica,sans-serif;text-transform:uppercase;}
 .purple #slatenav ul{margin:0px;padding:0;list-style-type:none;width:auto;}
 .purple #slatenav ul li{display:block;float:left;margin:0 1px 0 0;}
 .purple #slatenav ul li a{display:block;float:left;color:#FBDAFA;text-decoration:none;padding:14px 22px 0 22px;height:28px;}
 .purple #slatenav ul li a:hover,.purple #slatenav ul li a.current{color:#fff;background:transparent url(purpleslate_backgroundOVER.gif) no-repeat top center;}
 .redslate #slatenav{position:relative;display:block;height:42px;font-size:11px;font-weight:bold;background:transparent url(redslate_background.gif) repeat-x top left;font-family:Arial,Verdana,Helvitica,sans-serif;text-transform:uppercase;}
 .redslate #slatenav ul{margin:0px;padding:0;list-style-type:none;width:auto;}
 .redslate #slatenav ul li{display:block;float:left;margin:0 1px 0 0;}
 .redslate #slatenav ul li a{display:block;float:left;color:#FBDAFA;text-decoration:none;padding:14px 22px 0 22px;height:28px;}
 .redslate #slatenav ul li a:hover,.redslate #slatenav ul li a.current{color:#fff;background:transparent url(redslate_backgroundOVER.gif) no-repeat top center;}
 .greenslate #slatenav{position:relative;display:block;height:42px;font-size:11px;font-weight:bold;background:transparent url(greenslate_background.gif) repeat-x top left;font-family:Arial,Verdana,Helvitica,sans-serif;text-transform:uppercase;}
 .greenslate #slatenav ul{margin:0px;padding:0;list-style-type:none;width:auto;}
 .greenslate #slatenav ul li{display:block;float:left;margin:0 1px 0 0;}
 .greenslate #slatenav ul li a{display:block;float:left;color:#000000;text-decoration:none;padding:14px 22px 0 22px;height:28px;}
 .greenslate #slatenav ul li a:hover,.greenslate #slatenav ul li a.current{color:#fff;background:transparent url(greenslate_backgroundOVER.gif) no-repeat top center;}
</style></head>
<?php } if($dispositivo=="PC" AND @file_exists($suff."_refresh/$login.txt")){echo "<body bgcolor='black' onLoad='self.document.form1.msg.focus(); startTimer();'>";}
 elseif($dispositivo=="PC"){echo "<body bgcolor='black' onLoad='self.document.form1.msg.focus();'>";}
 else{echo "<body bgcolor='black'>";} ?>
<?php if(!isset($_SERVER["HTTP_X_H3G_MSISDN"]) AND !isset($_SERVER["HTTP_X_OPERAMINI_PHONE"]) AND !isset($_SERVER["HTTP_X_MOBILE_GATEWAY"])){ ?>
<script type="text/javascript" src="wz_tooltip.js"></script><?php } ?>
<?php
if($dispositivo=="PC")
 {
?>

<?php echo "<strong>$titolo</strong>"; ?>
<div class="purple">
<div id="slatenav"><center>
<ul><li><div class="pic"><img src='size.php?x=80&y=80&src=logochat.jpg' border="0"></div></li>

<li><a href="opzioni.php">opzioni</a></li>

<li><a href='mp.php'><img src='<?php echo $newmp;?>.gif' border='0' alt='MP'></a></li>

<li><a href="admin.php" title="admin">Admin</a></li>

<li><a href="infoiconechat.php" title="Info delle icone della chat">INFO ICONE CHAT</a></li>

<?php if(@file_exists("database/cbrs87_validanick.txt"))
{[email protected]("database/cbrs87_validanick.txt");
$i=count($var2);} if($level>1) echo "<li><a href='validanick.php' title='ValidaNick'><i>Valida Nick</i>[$i]</a></li>"; ?>

<li><a href="listasmile.php" title="Lista Smile">Smile</a></li>

<li><a href="gallery.php" title="Gallery CHAT">Gallery</a></li>

<li><a href="esci.php" title="Abbandona la chat">Esci</a></li>
</ul>
</div>
</div>

</center>

<? }
 else{
?>

<?php echo "<strong>$titolo</strong>"; ?><center>
<div class="testatablue"><a href='infoiconechat.php'>INFO ICONE</a> | <a href='opzioni.php'>OPZIONI</a> | <a

 href="mp.php"><img src='<?php echo $newmp;?>.png' border='0' alt="MP"></a> | <?php if($level>0){echo "<a

 href='admin.php'>AMMINISTRAZIONE</a>";}else{echo " | <a href='listasmile.php'>SMILE</a>";} ?>
</div></center>
<?php }

 function elimina($dirname){

 if(@is_dir($dirname)){
 $handle = opendir($dirname);
 while (false !== ($file = readdir($handle))) {
 if(is_file($dirname.$file)){
 unlink($dirname.$file);
 }
 }
 $handle = closedir($handle);
 rmdir($dirname);
 }
 }

 /// CONTROLLO SHOUT //////
 if(@file_exists("database/".$suff."_shout.txt")){
 //vedo se scaduto
 [email protected]("database/".$suff."_shout.txt");
 $riga=trim($var[0]);
 $dati=explode("||",$riga);
 $mitt=trim($dati[0]);
 $msg=trim(stripslashes($dati[1]));
 $id=trim($dati[2]);
 $data=trim($dati[3]);
 $attuale=time();
 if(($data-$attuale)>0){
 //prelevo impostazioni login
 [email protected]($suff."_impostaz/$login.txt");
 $da=explode("||",$var[0]);
 $smile=$da[1];

 if($smile==1) {
 @require_once("smile.inc.php");
 $msgorig=$msg;
 $percorso=$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF'];
 $percorso=str_replace("chat.php","smile/",$percorso);
 $percorso="http://".$percorso;
 for ($k=0; $k < count($arrsmile); $k+=2) {
 if(empty($arrsmile[$k])) continue;
 $contat += substr_count($msg, $arrsmile[$k]);
 $msg = str_replace($arrsmile[$k], "<img src=\"" . $percorso . $arrsmile[$k+1] . "\">", $msg);
 }
 if ($contat > 5) $msg = $msgorig;}
 if([email protected]_exists($suff."_shout$id/$login.txt")) {
 echo "<marquee><font color='#FFCC00'>[$mitt]";
 if(@file_exists($suff."_staff/$mitt.txt"))
 {echo "[STAFF]";}
 echo "</font> $msg </marquee><a rel='nofollow' href='chat.php?shout=0'><img border='0' alt='[X]' src='delete.png'></a><font>
<hr size='1'color='#853CFF'></font>";}
 }else{@unlink("database/".$suff."_shout.txt"); if(@is_dir($suff."_shout$id")) {[email protected]($suff."_shout$id"."/");}}
 }

 /// CONTROLLO PVT //////
 if(@file_exists("richiesta/$login.txt"))
 {
 $open = @file("richiesta/$login.txt");
 $i=count($open);
 echo "<a href='listapvt.php'>Hai $i Richiesta/e di PVT</a><font><hr color='#853CFF' size='1'></font>";
 }
 if(@file_exists("accettato/$login.txt"))
 {
 $open = @file("accettato/$login.txt");
 $j=count($open);
 echo "<a href='listapvt.php'>Hai $j PVT in corso</a><font><hr color='#853CFF' size='1'></font>";
 }
 /////////////////////////
 //CONTROLLO RICHIESTE AMICIZIA
 if(@file_exists($suff."_richiestamicizia/$login.txt"))
 {
 $open = @file($suff."_richiestamicizia/$login.txt");
 $i=count($open);
 echo "<a href='listamici.php'>Hai $i richiesta/e di amicizia</a><font><hr color='#853CFF' size='1'></font>";
 }
 ////////////////////////
 echo "</div><div class=''><center><img border='0' src='mappa.gif' alt='Online'></img> ";
 $inv=0;
 if(@file_exists($suff."_hid/$login.txt")){$inv=1;}
 if($inv==0)
 {$filename = $suff."_online1/$login.txt";
 $string = @time();
 $a = @fopen("$filename", "w+");
 @fputs($a, $string);
 @fclose($a);}

 $path = $suff."_online1/";
 $dir_handle = @opendir($path);
 while ($file = readdir($dir_handle))
 {
 if($file != "." && $file != ".."){
 $f=file($path.$file);
 $data=intVal(str_replace("\n","",$f[0]));
 if($data<(time()-120)){
@unlink($path.$file);
 }
 }
 }
 $cartella = @opendir($suff.'_online1');
 while ($fi = readdir($cartella)) {
 $array_file[] = $fi;
 }
 foreach ($array_file as $fi) {
 if ( $fi == ".." || $fi == ".") {
 continue;
 }
 $rep= str_replace(".txt","",$fi);
 //color nick user online
 [email protected]($suff."_impostaz/$rep.txt");
 $dati=explode("||",$var[0]);
 $coloronline=$dati[0];

 $leveluser=0;
 if(@file_exists($suff."_staff/$rep.txt"))
 {
 [email protected]($suff."_staff/$rep.txt");
 $leveluser=trim($leveluser[0]);}

 $livelloutente="UTENTE";
 if($leveluser==1) $livelloutente="[MODERATORE]";

 if($leveluser==2) $livelloutente="[SUPER MODERATORE]";

 if($leveluser==3) $livelloutente="[ADMIN]";

 if($leveluser==4) $livelloutente="[SUPER ADMIN]";

 if($leveluser==5) $livelloutente="[WEBMASTER]";


 //prelevo DATI DAL PROFILO user
 if(@file_exists($suff."_profili/$rep.txt"))
 {
 [email protected]($suff."_profili/$rep.txt");
 $testo=explode("||",$var2[0]);
 $nome=stripslashes($testo[0]);
 $sesso=$testo[1];
 $anni=stripslashes($testo[2]);
 $regione=stripslashes($testo[3]);
 $regione=ucwords($regione);
 }else{
 $nome="";
 $sesso="";
 $anni="";
 $regione="";
 }
 if($sesso=="f") {$iconasesso="<img border=0 src=female.png>"; }
 elseif($sesso=="m") {$iconasesso="<img border=0 src=male.png>";}else{$iconasesso="";}

 $avataruser="default.gif>";
 if(@file_exists($suff."_avatar/$rep.txt")){
 [email protected]($suff."_avatar/$rep.txt");
 $avataruser=trim($var[0]);
 $rilpng=stristr($avataruser,".png");
 if(!empty($rilpng)) {$avataruser="png/".$avataruser.">";}

 if(empty($rilpng) AND [email protected]_exists("gallery/$rep/$avataruser.jpg")) $avataruser="default.gif>";
 }

 if(empty($rilpng) AND $avataruser!="default.gif>")
 {
 if($dispositivo=="PC") {$avataruser="gallery/$rep/$avataruser.jpg width=100>";}
 else{$avataruser="gallery/$rep/$avataruser.jpg width=50>";}
 }
 ?>
<A class=nodeco onmouseover="Tip('<font color=#000000><b><?php echo $livelloutente;?></b></font><br><font

 color=#000000>Sesso: <?php echo $iconasesso; ?></font><br><font color=#000000>Anni: <?php echo $anni; ?></font><br><font

 color=#000000>Regione: <?php echo $regione; ?></font><br><img border=0 src=<?php echo $avataruser; ?><br><a href=mp.php?

 page=send&user=<?php echo $rep; ?>><font color=#000000>MP</font></a>- <a href=listapvt.php?user=<?php echo $rep; ?>><font

 color=#000000>PRIVATO</font></a>', OPACITY, 90, TEXTALIGN, 'center', TITLEALIGN, 'center', TITLE, '<?php echo $nome; ?>',

 CENTERMOUSE, true, BORDERCOLOR,'#dd00aa', STICKY, 1, SHADOW, true, CLICKCLOSE, true, BGCOLOR, '#ffffff',

 BORDERWIDTH, 2);" href="profilo.php?user=<?php echo $rep; ?>&page=chat"><font color=<?php echo $coloronline; ?>><?php echo

 $rep."</font></A>";
 $Ptra=file_get_contents($suff."_azione/".$rep.".txt");
 switch($Ptra)
 {
 case"LISTA MP": echo'<img src="ikone/traccia_LISTA_MP.png" alt="LISTA MP"/>'; break;
case"OPZIONI": echo'<img src="traccia_settaggi.gif"alt="OPZIONI"/>'; break;
 case"LISTA SMILE": echo'<img src="ikone/smile.gif" alt="LISTA SMILE"/>'; break;
 case"GALLERY": echo'<img src="ikone/gallery.gif" alt="GALLERY"/>'; break;
 case"CERCA UTENTE": echo'<img src="ikone/cercautente.gif" alt="CERCA UTENTE"/>'; break;
 case"CHAT INFO": echo'<img src="ikone/infochat.gif" alt="CHAT INFO"/>'; break;
 case"SHOUT CHAT": echo'<img src="ikone/shout.gif" alt="SHOUT CHAT"/>'; break;
 case"NICK ZITTITI": echo'<img src="ikone/shhhh.gif" alt="NICK ZITTITI"/>'; break;
 case"BANNATI": echo'<img src="mazzate.gif" alt=""/>'; break;
 case"GAMES": echo'<img src="traccia_games.png" alt="GAMES"/>'; break;
 case"ADMIN": echo'<img src="ikone/admin.gif" alt="ADMIN"/>'; break;
 case"AVVISI CHAT": echo'<img src="ikone/avvisi.gif" alt="AVVISI CHAT"/>'; break;
 case"GADGET": echo'<img src="niko.gif" alt="DEDICHE"/>'; break;
 case"EDITA PROFILO": echo'<img src="ikone/blog.gif" alt="EDITA PROFILO"/>'; break;
 case"CAMBIA COLORE": echo'<img src="ikone/coloritesto.gif" alt="CAMBIA COLORE"/>'; break;
 case"CAMBIA PWD": echo'<img src="ikone/cambiopsw.gif" alt="CAMBIA PWD"/>'; break;
 case"PORTALI AMICI": echo'<img src="ikone/affiliazioni.gif" alt="PORTALI AMICI"/>'; break;
 case"SCRIVE COMMENTO SU UN PROFILO": echo'<img src="ikone/forum.gif" alt="COMMENTA PROFILO"/>'; break;
 case"VEDE COMMENTO SU FOTO": echo'<img src="ikone/regolamento.gif.gif" alt="VEDE COMMENTO SU FOTO"/>'; break;
 case"INVIA MP": echo'<img src="mail.png" alt="INVIA MP"/>'; break;
 case"CAM": echo'<img src="ikone/videochat.gif" alt="videochat"/>'; break;
 case"TV": echo'<img src="traccia_tv.png" alt="TV"/>'; break;
 case"RADIO": echo'<img src="" alt=""/>'; break;
 case"VEDE SONDAGGIO": echo'<img src="ikone/sondaggi.gif" alt="VEDE SONDAGGIO"/>'; break;
 case"CLASSIFICA CHATTERS": echo'<img src="ikone/migliorichatters.gif" alt="CLASSIFICA CHATTERS"/>'; break;
 case"VEDE PROFILO": echo'<img src="ikone/profilo.gif" alt="VEDE PROFILO"/>'; break;
 case"LISTA AMICI": echo'<img src="ikone/amici.gif" alt="LISTA AMICI"/>'; break;
 case"LISTA NERA": echo'<img src="ikone/listanera.gif" alt="LISTA NERA"/>'; break;
 case"LISTA PVT": echo'<img src="ikone/listaprivati.gif" alt="LISTA PVT"/>'; break;
 case"FACEBOOK": echo'<img src="traccia_face.png" alt="FACEBOOK"/>'; break;
 case"YOUTUBE": echo'<img src="traccia_you.jpg" alt="YOUTUBE"/>'; break;
 case"PHOTO GALLERY CHATTERS": echo'<img src="ikone/gallery.gif" alt="PHOTO GALLERY CHATTERS"/>'; break;

 default:
 switch($leveluser)
 {

 case 5: echo'<img src="ikone/traccia_oro.gif">'; break;

 case 4: echo'<img src="ikone/star.gif" />'; break;

 case 2: echo'<img src="ikone/traccia_bronzo.gif" />'; break;

 case 0: echo'<img src="user2.gif" />'; break;

 }
 ;
 }
 echo"*";}//end foreach
 $num1=rand(1,12);
 $algoritmo=(($num1*$number)+(4*$num1)+(2*$number));
 $algoritmo.="9fjke76tr4";
 $algoritmo=md5($algoritmo);
 ?>
</div></center>
<hr>

<?php if(@file_exists($suff."_zittiti/$login.txt")){echo "<center><font color='red'>$login SEI STATO ZITTITO DALLO STAFF, NON

 PUOI SCRIVERE NELLE STANZE PUBBLICHE <img src='ikone/shhhh.gif'></font><font><hr color='#853CFF'

 size='1'></font></center>";}
if($totmp>=30){echo "<center><font color='red'>$login hai la casella PIENA(30 MP), svuotala per ricevere ulteriori

 MP</font><font><hr color='#853CFF' size='1'></font></center>";} ?>
<form name="form1" method="POST" action="insertmess.php" acceptcharset="utf-8">
<input name="msg" type="text" class="input" >
<input type="Submit" class="button" name="Submit" value="Invia/Aggiorna">
<input type="reset" class="button" value="c">
<input type="hidden" name="codice" value="<?php echo $algoritmo; ?>" >
<input type="hidden" name="key" value="<?php echo $num1; ?>" >
</form>
<div style="background-image: url(sfondocell/stelle.gif);">
<?php
//prelevo impostazioni login
 [email protected]($suff."_impostaz/$login.txt");
 $dati=explode("||",$var[0]);
 $coloronline=$dati[0];
 $smile=$dati[1];
 $numpage=$dati[2];
 $viewavt=trim($dati[4]);


 //stampo last 10 msg pubblici
 if(@file_exists("database/".$suff."_msg1.txt"))
 {
 [email protected]("database/".$suff."_msg1.txt");
 $totale=count($apri);

 $diff=($totale-20);
 if($diff<0){$diff=0;}

 $prendi = $numpage; // intervallo
 $npage=ceil(20/$prendi);

 if($totale<20){$npage=1;}

 if(is_int($totale/$prendi))
 $pagina=$npage;
 else
 $pagina=floor($totale/$prendi);


 if(isset($_GET['page'])){
 $page=trim($_GET['page']); // pagina corrente
 if(!is_numeric($page)){$page=1;}
 if($page==0 OR $page<0 OR $page>4 ){$page=1;}
 if($page>$npage)
 $page=1;}
 else
 $page=1;

 $start = ($page*$prendi)-$prendi; /* record da cui iniziare ad estrarre */
 $estremo=($totale-$start-$prendi);

 if ($estremo<$diff)
$estremo=$diff;

 if ($estremo<0)
 $estremo=0;

 for($a=($totale-$start-1);$a>=$estremo;$a--)
 {
 if($estremo<0){continue;}
$dati=explode("||",$apri[$a]);
 //prelevo avatar nick
 if($viewavt==1)
 {$avatar="default.gif";
 $rilpng=stristr($dati[2],".png");
 if(!empty($rilpng)) {$avatar="png/".$dati[2];}
 if($dati[2]!="default" AND empty($rilpng) AND @file_exists("gallery/$dati[1]/$dati[2].jpg")){$avatar="gallery/$dati[1]/$dati[2].jpg";}
 }
 $msg=stripslashes($dati[4]);
 if($smile==1) {
 @require_once("smile.inc.php");
 $percorso=$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF'];
 $percorso=str_replace("chat.php","smile/",$percorso);
 $percorso="http://".$percorso;
 $msg_orig = $msg;
 $contat = 0;
 for ($k=0; $k < count($arrsmile); $k+=2) {
 if(empty($arrsmile[$k])) continue;
 $contat += substr_count($msg, $arrsmile[$k]);
 $msg = str_replace($arrsmile[$k], "<img src=\"" . $percorso . $arrsmile[$k+1] . "\">", $msg);
 }
 if ($contat > 70) $msg = $msg_orig;
 }

 if($dati[0]==0)
 {//msg pubblico
 $leveluser=0;
 if(@file_exists($suff."_staff/$dati[1].txt"))
 {
 [email protected]($suff."_staff/$dati[1].txt");
 $leveluser=trim($leveluser[0]);}
 if($leveluser==0) $usrmsg="<strong><a rel='nofollow' href='profilo.php?user=$dati[1]'><font color='#FFFF00'>$dati[1]</a><img border='0' src='user2.gif'
alt='Online'><font color='#FFFF00'>User Chat<b><img border='0' src='user2.gif' alt='Online'></strong></font>";

 if($leveluser==1) $usrmsg="<strong><a rel='nofollow' href='profilo.php?user=$dati[1]'><font color='#66ff33'>$dati[1]</a><img border='0' src='user2.gif'
alt='Online'><font color='#66ff00'>Moderatore <b><img border='0' src='ikone/traccia_bronzo.gif' alt='Online'><img border='0'
src='user2.gif' alt='Online'></strong></font>";

 if($leveluser==2) $usrmsg="<strong><a rel='nofollow' href='profilo.php?user=$dati[1]'><font color='#66ff00'>$dati[1]</a><img border='0' src='user2.gif'
alt='Online'><font color='#66ff00'> Super Mod <b><img border='0' src='ikone/traccia_bronzo.gif ' alt='Online'><img border='0'
src='user2.gif' alt='Online'> </strong></font>";


 if($leveluser==3) $usrmsg="<strong><a rel='nofollow' href='profilo.php?user=$dati[1]'><font color='#4B0082'>$dati[1]</a><img border='0' src='user2.gif'
alt='Online'><font color='#4B0082'> Admin <b><img border='0' src='ikone/traccia_oro.gif ' alt='Online'><img border='0' src='user2.gif'
alt='Online'> </strong></font>";

 if($leveluser==4) $usrmsg="<strong><a rel='nofollow' href='profilo.php?user=$dati[1]'><font color='#ff00ff'>$dati[1]</a><img border='0' src='user2.gif'

 alt='Online'><font color='#ff00ff'> Super Admin <b><img border='0' src='ikone/star.gif ' alt='Online'><img border='0' src='user2.gif'

 alt='Online'> </strong></font>";

if($leveluser==5) $usrmsg=" <strong><a rel='nofollow' href='profilo.php?user=$dati[1]'><font color='#FF0000'>$dati[1]</a><img border='0' src='user2.gif'
alt='Online'><font color='#FF0000'> Webmaster <b><img border='0' src='ikone/traccia_oro.gif ' alt='Online'><img border='0'
src='user2.gif' alt='Online'> </strong></font>";
if($leveluser==6) $usrmsg=" <strong><a rel='nofollow' href='profilo.php?user=$dati[1]'><font color='#228B22'>$dati[1]</a><img border='0' src='user2.gif'
alt='Online'><font color='#228B22'> BOSS <b><img border='0' src='ikone/traccia_oro.gif ' alt='Online'><img border='0' src='user2.gif'
alt='Online'> </strong></font>";
if($viewavt==1)
echo"<table border='0' width='100%' cellspacing='0' cellpadding='0'><tr><td rowspan='2' width='55'><p align='left'><img
src='size.php?x=100&y=100&src=$avatar' style='border: none;'></td><td><strong>$usrmsg <font color='#808080'>[".date('d/m H:i',$dati
[12])."]</strong></font></td></tr><tr><td><strong><font color='$dati[5]'>".$msg."</strong></font></td></tr></table><div style='clear: both;'></div><hr>\n";
else
echo"<table border='0' width='30%' cellspacing='0' cellpadding='0'><tr><td rowspan='2' width='100' valign='top'><p align='left'><font
color='#808080'>".date('d/m H:i',$dati[12])."</font></td><td>$usrmsg</td></tr><tr><td><font color='$dati[5]'>".
$msg."</font></td></tr></table><div style='clear: both;'></div><br>\n";
}elseif($dati[1]==$login OR $dati[3]==$login)
 {//e un mio pvt ricevuto o inviato
echo"<table border='0' width='100%' cellspacing='0' cellpadding='0'><tr><td rowspan='2' width='20'><p align='left'>";
if($dati[1]==$login) echo "<img src='right_green.png' style='border: none;'></td><td><font color='#ff0000'>
<div  style=\"background-color:  #99ff00\">PVT a <a
href='profilo.php?user=$dati[3]'><font color='#ff0000'>$dati[3]</font></a></font></td></tr><tr><td><font color='#CC0000'><div class='testata'>".
 $msg."</font></td></tr></table><div style='clear: both;'></div></div><hr>\n";
else echo "<img src='left_red.png' style='border: none;'></td><td><font color='red'><div  style=\"background-color:  #5CA2C7\">PVT da <a rel='nofollow' href='profilo.php?user=$dati[1]'><font
color='red'>$dati[1]</font></a></font></td></tr><tr><td><font color='#3366FF'><div class='testata'>".$msg."</font></td></tr></table><div style='clear:
both;'></div><hr>\n";
 }
else{$estremo--;}
}//end for
 // ora stampiamo il numero di pagine
 if($page>1)
 {echo "<a href='?page=".($page-1)."'>«</a>";}
if($npage>1){
 for($i=$page; $i<=$npage; $i++){
if($i==$page)
 echo " [$i] "; /* la pagina corrente non la linko */
 else
 echo " <a href=\"?page=$i\">$i</a> ";
 }}
if($page<$npage)
{echo "<a href='?page=".($page+1)."'>»</a>";}
//end stamp
}else{echo "Nessun messaggio presente...";}
?>
<center>
<?php
if ([email protected]_exists($suff."_roomname2.txt"))
 {$name="[Amici]";}
 else
 {
 [email protected]($suff."_roomname2.txt");
 $name=trim($var2[0]);
 }

 $path2 = $suff."_online2/";
 $dir_handle2 = @opendir($path2);
 while ($file2 = readdir($dir_handle2))
 {
 if($file2 != "." && $file2 != ".."){
 $fi=file($path2.$file2);
 $data=intVal(str_replace("\n","",$fi[0]));
 if($data<(time()-120)){
 @unlink($path2.$file2);
 }
 }
 }
 $dir2 = @glob($suff."_online2/*.*");
 $utentionline2 = count($dir2);
 if($dispositivo=="PC")
 { ?>
<table border="0" width="100%" id="foot" background="purple.gif" height="24" cellspacing="1" cellpadding="0">
<tr>
<td><center>
<A class=nodeco onMouseOver="Tip('<table border=0 width=300><tr><td align=center><?php $cartellaroom2 = opendir
($suff.'_online2'); while ($fi44 = readdir($cartellaroom2)) {$array_file_on222[] = $fi44;} foreach ($array_file_on222 as $gi66) {if ( $gi66
== ".." || $gi66 == ".") {continue;} $reproom2= str_replace(".txt","",$gi66); echo "<font size=1 color=#000000><b>
$reproom2</b></font> ";} ?></td></tr></table>', OPACITY, 90, TITLEALIGN, 'center', TITLE, '<?php echo stripslashes($name); ?>',
CENTERMOUSE, true, BORDERCOLOR,'#ff11cc', STICKY, 1, CLICKCLOSE, true);" href="chat2.php"><font face='verdana'
color='#000000' size='1'><?php echo stripslashes($name)."($utentionline2)"; ?></font></A>
</center></td></tr></table>
<?php }else{
 echo "</div><div class='testata'><center><a href='chat2.php'>".stripslashes($name)."[$utentionline2]</a></center></div>";
 }
 $secs_total = array_sum(explode(' ', microtime())) - $tm_start;
 $secs_total=number_format($secs_total,4);
 echo "<center>".$secs_total . " sec</center>";?>
</center>
</body>
</html>
 
Discussioni simili
Autore Titolo Forum Risposte Data
L difficoltà con Xampp. printing php mancante...help Web Server 6
K [PHP] Help me a problem... Pleases PHP 1
M HELP FORM CREATO IN PHP PHP 14
S [PHP] help me!! PHP 2
S [WordPress] Footer php - il background riempie tutta la pagina - help WordPress 1
F Help array da javascript a php Javascript 2
M [PHP] Help: controllo valori inseriti in un campo PHP 1
P Help con js/php PHP 6
T [PHP] Calcolo anzianità soggetti [era: Help me :( Esercizio per me impossibile] PHP 9
trattorino Creare codice php help PHP 26
CoyotesSon [PHP] Help! Creazione di una finestra PHP 5
E [Javascript] help me !!! array da php a java Javascript 9
P help variabile js concatenata a echo php Javascript 0
M php help ! PHP 3
S Php HELP! PHP 2
S php help phpBB 5
G help!! prime prove di php PHP 2
S Help me (codice PhP) PHP 2
S jQuery + PHP: non mi funziona..... HELP!!! PHP 14
T Problema recupero dati da file [era: help script php] PHP 9
glm2006ITALY PHP: evidenziare la pagina corrente in modo dinamico - help PHP 4
O [help] estrarre e visualizzare dati da mysql con php a oggetti PHP 6
Z Help Problema con file config.php PHP 3
Y Cercasi scripter per Browser Game (era: help con php) Offerte e Richieste di Lavoro e/o Collaborazione 1
R Help! numerazione di pagine , di dati presi da un database PHP PHP 2
P Help per form php PHP 4
D Help... Login php PHP 2
D Help... Login php PHP 2
J help - form php PHP 9
W cms made simple è in php help cartine PHP 1
A funzione ricerca in php??? help me... PHP 1
N Problema login.php help PHP 0
S Help sintassi php PHP 1
vorticeblu [Help] Html dentro PHP come fare? PHP 5
nicocade [help] upload file con php!!! PHP 1
F [help] produrre file output php-mysql PHP 1
J Help con le pagine in php-nuke PHP 3
I php nuke help!! istallazione PHP 3
D Help Php-Nuke 7.5 PHP 2
F counter php: trasferirlo in un swf... help!!! Flash 15
A HELP su PHP PHP 4
P Passare i risultati di un foreach in un modal. Help! PHP 2
J help me C/C++ 1
Q HELP ME PLEASE!‼️‼️ E-Commerce 1
M Help - consultare (ed esportare) dati da un DB pubblico mySql PHP 2
F Cerco contatto tipo help-desk Offerte e Richieste di Lavoro e/o Collaborazione 2
F Help-PDO copiare Database MySQL PHP 3
Andrea1981 [WordPress] [HTML] Help modifica credits nel footer.Tema Customizr. WordPress 5
simgia [Javascript] Google maps help! Javascript 1
A funzioni asincrone e callback...help! Ajax 10

Discussioni simili