Codice PHP:
<?php header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache"); //header('Content-type: application/vnd.wap.xhtml+xml'); echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>"; echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\" \"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">"; ?> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta forua="true" http-equiv="Cache-Control" content="max-age=0"/> <meta forua="true" http-equiv="Cache-Control" content="must-revalidate"/> </head> <?php include("config.php"); include("core.php"); connectdb(); $action=$_GET["action"]; $id=$_GET["id"]; $sid = $_GET["sid"]; $rid=$_GET["rid"]; $rpw=$_GET["rpw"]; $uid = getuid_sid($sid); $uexist = isuser($uid); $theme = mysql_fetch_array(mysql_query("SELECT theme FROM ibwf_users WHERE id='".$uid."'")); $data = date("H:i"); if((islogged($sid)==false)||!$uexist) { echo "<head>"; echo "<title>Error!!!</title>"; echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/white_medium.css\">"; echo "</head>"; echo "<body>"; echo "<center>"; echo "Non sei loggato
"; echo "La tua sessione e' scaduta
"; echo "<a href=\"index.php\">Login</a>"; echo "</center>"; echo "</html>"; echo "</body>"; exit(); } if(isbanned($uid)) { echo "<head>"; echo "<title>Error!!!</title>"; echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">"; echo "</head>"; echo "<body>"; echo "<p align=\"center\">"; echo "<img src=\"../images/notok.gif\" alt=\"x\"/>
"; echo "[b]Sei stato bannato[/b]
"; $banto = mysql_fetch_array(mysql_query("SELECT timeto, pnreas, exid FROM ibwf_penalties WHERE uid='".$uid."' AND penalty='1' OR uid='".$uid."' AND penalty='2'")); $banres = mysql_fetch_array(mysql_query("SELECT lastpnreas FROM ibwf_users WHERE id='".$uid."'")); $remain = $banto[0]- time(); $rmsg = gettimemsg($remain); echo "[b]Tempo rimasto: [/b]$rmsg
"; $nick = getnick_uid($banto[2]); echo "[b]Da: [/b]$nick
"; echo "[b]Motivazione: [/b]$banto[1]"; //echo "<a href=\"index.php\">Login</a>"; echo "</p>"; echo "</body>"; echo "</html>"; exit(); } $isroom = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_rooms WHERE id='".$rid."'")); if($isroom[0]==0) { echo "<head>"; echo "<title>Error!!!</title>"; echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">"; echo "</head>"; echo "<body>"; echo "<center>"; echo "[b]Room Doesn't Exist[/b]
"; echo "<a href=\"index.php?action=chat&sid=$sid\">Chatrooms</a>"; echo "</center>"; echo "</body>"; echo "</html>"; exit(); } $passworded = mysql_fetch_array(mysql_query("SELECT pass FROM ibwf_rooms WHERE id='".$rid."'")); if($passworded[0]!="") { if($rpw!=$passworded[0]) { echo "<head>"; echo "<title>Error!!!</title>"; echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">"; echo "</head>"; echo "<body>"; echo "<center>"; echo "[b]Wrong Password![/b]
"; echo "You can't enter this room
"; echo "<a href=\"index.php?action=chat&sid=$sid\">Chatrooms</a>"; echo "</center>"; echo "</body>"; echo "</html>"; exit(); } } if(!canenter($rid,$sid)) { echo "<head>"; echo "<title>Error!!!</title>"; echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">"; echo "</head>"; echo "<body>"; echo "<center>"; echo "[b]Permission denied![/b]
"; echo "<a href=\"index.php?action=chat&sid=$sid\">Chatrooms</a>"; echo "</center>"; echo "</body>"; echo "</html>"; exit(); } addtochat($uid, $rid); $timeto = 3110400; $timenw = time(); $timeout = $timenw-$timeto; $deleted = mysql_query("DELETE FROM ibwf_chat WHERE timesent<".$timeout.""); $rooms = mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_rooms WHERE id='".$rid."'")); $rname = $rooms[1]; $nick = getnick_sid($sid); if ($action=="") { echo "<head>"; echo "<title>$nick@$rname</title>"; echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">"; $unreadpopup=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_popups WHERE unread='1' AND touid='".$uid."'")); if ($unreadpopup[0]<1) { echo "<meta http-equiv=\"refresh\" content=\"20; url=chat.php?time="; echo "".date("dmHis").""; echo "&sid=$sid&rid=$rid&rpw=$rpw\">"; } echo "</head>"; echo "<body>"; addonline($uid,"Chating in $rname","chat.php?rid=$rid&rpw=$rpw"); //echo "
"; echo popup($sid); echo "[b]1 [/b]<a name=\"top\" id=\"top\" accesskey=\"1\" href=\"chat.php?action=say&sid=$sid&rid=$rid&rpw=$rpw\">Scrivi</a>
"; echo "[b]2 [/b]<a accesskey=\"2\" href=\"#opt\">Opzioni</a>
"; echo "[b]* [/b]<a accesskey=\"*\" href=\"chat.php?time="; echo "".date("dmHis").""; echo "&sid=$sid&rid=$rid&rpw=$rpw\">Aggiorna</a>
"; $unreadinbox=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_private WHERE unread='1' AND touid='".$uid."'")); $unrd="".$unreadinbox[0].""; if ($unreadinbox[0]>0) { echo "[b]5 [/b]<a href=\"inbox.php?action=main&sid=$sid&lstloc=cht&rid=$rid\">$unrd nuova posta!</a>
"; } //echo "</p>"; //echo "
"; $message=$_POST["message"]; $who = $_POST["who"]; $rinfo = mysql_fetch_array(mysql_query("SELECT censord, freaky FROM ibwf_rooms WHERE id='".$rid."'")); if (trim($message) != "") { if(!isblocked($message,$uid)) { $chatok = mysql_query("INSERT INTO ibwf_chat SET chatter='".$uid."', who='".$who."', timesent='".time()."', msgtext='".$message."', rid='".$rid."';"); $lstmsg = mysql_query("UPDATE ibwf_rooms SET lastmsg='".time()."' WHERE id='".$rid."'"); $hehe=mysql_fetch_array(mysql_query("SELECT chmsgs FROM ibwf_users WHERE id='".$uid."'")); $totl = $hehe[0]+1; $msgst= mysql_query("UPDATE ibwf_users SET chmsgs='".$totl."' WHERE id='".$uid."'"); }else{ $bantime = time() + (30*24*60*60); echo "<img src=\"../images/notok.gif\" alt=\"X\"/>"; echo "Can't Post Msg
"; echo "You just tried sending a msg with a link to one of the crapiest sites on earth
The members of these sites spam here a lot, so go to that site and stay there if you don't like it here
as a result of your stupid action:
1. you have lost your sheild
2. you have lost all your plusses
3. You are BANNED!"; $user = getnick_sid($sid); mysql_query("INSERT INTO ibwf_mlog SET action='autoban', details='[b]".getnick_uid(1)."[/b] auto banned $user for spamming chat', actdt='".time()."'"); mysql_query("INSERT INTO ibwf_penalties SET uid='".$uid."', penalty='1', exid='1', timeto='".$bantime."', pnreas='Banned: Automatic Ban for spamming for a crap site'"); mysql_query("UPDATE ibwf_users SET plusses='0', shield='0' WHERE id='".$uid."'"); echo "</body>"; echo "</html>"; exit(); } if($rinfo[1]==2) { //oh damn i gotta post this message to ravebabe :( //will it succeed? $botid = "eeb070e74e366473"; $hostname = "www.pandorabots.com"; $hostpath = "/pandora/talk-xml"; $sendData = "botid=".$botid."&input=".urlencode($message)."&custid=".$custid; $result = PostToHost($hostname, $hostpath, $sendData); $pos = strpos($result, "custid=\""); $pos = strpos($result, "<that>"); if ($pos === false) { $reply = ""; } else { $pos += 6; $endpos = strpos($result, "</that>", $pos); $reply = unhtmlspecialchars2(substr($result, $pos, $endpos - $pos)); $reply = mysql_escape_string($reply); } $chatok = mysql_query("INSERT INTO ibwf_chat SET chatter='1', who='', timesent='".time()."', msgtext='".$reply." @".getnick_uid($uid)."', rid='".$rid."';"); } $message = ""; } echo "
"; $chats = mysql_query("SELECT chatter, who, timesent, msgtext, exposed FROM ibwf_chat WHERE rid='".$rid."' ORDER BY timesent DESC, id DESC"); $counter=0; while($chat = mysql_fetch_array($chats)) { $canc = true; if($counter<40) { if(istrashed($chat[0])){ if($uid!=$chat[0]) { $canc = false; } } //////good /*if(isignored($chat[0],$uid)){ $canc = false; }*/ //////////good if($chat[0]!=$uid) { if($chat[1]!=0) { if($chat[1]!=$uid) { $canc = false; } } } if($chat[4]=='1' && ismod($uid)) { $canc = true; } if($canc) { $cmid = mysql_fetch_array(mysql_query("SELECT chmood FROM ibwf_users WHERE id='".$chat[0]."'")); $iml = ""; if(($cmid[0]!=0)) { $mlnk = mysql_fetch_array(mysql_query("SELECT img, text FROM ibwf_moods WHERE id='".$cmid[0]."'")); $iml = "<img src=\"$mlnk[0]\" alt=\"$mlnk[1]\"/>"; } $chnick = getnick_uid($chat[0]); $optlink = $iml.$chnick; if(($chat[1]!=0)&&($chat[0]==$uid)) { ///out $iml = "<img src=\"../moods/out.gif\" alt=\"!\"/>"; $chnick = getnick_uid($chat[1]); $optlink = $iml."Privato a ".$chnick; } if($chat[1]==$uid) { ///out $iml = "<img src=\"../moods/in.gif\" alt=\"!\"/>"; $chnick = getnick_uid($chat[0]); $optlink = $iml."Privato da ".$chnick; } if($chat[4]=='1') { ///out $iml = "<img src=\"../moods/point.gif\" alt=\"!\"/>"; $chnick = getnick_uid($chat[0]); $tonick = getnick_uid($chat[1]); $optlink = "$iml Da ".$chnick." A ".$tonick; } $ds= date("H.i.s", $chat[2]); $text = parsepm($chat[3], $sid); $nos = substr_count($text,"[img]); if(isspam($text)) { $chnick = getnick_uid($chat[0]); echo addchatmsg($chat[0],$text,1,[/img]10){ $chnick = getnick_uid($chat[0]); echo addchatmsg($chat[0],$text,1,"*Hey!! $chnick, non puoi usare piu' di 10 Smilies Per Msg!*"); }else{ $sres = substr($chat[3],0,3); if($sres == "/me") { $chco = strlen($chat[3]); $goto = $chco - 3; $rest = substr($chat[3],3,$goto); $tosay = parsepm($rest, $sid); echo addchatmsg($chat[0],$tosay,1,""); } else{ if($rinfo[0]==0){$tosay = getbbcode($chat[3], $sid, 0);} else
speriamo ke ti sia di aiuto per capire 
Rispondi quotando