ЗаWAP | Просмотр архива

Файл system/core.php
Вес запакованого файла 1.8Kb (1818 b)
Вес распакованого файла: 5.6Kb (5692 b)
Метод сжатия: 8
<?php

###########################
#Скрипт: Keo v1#
#Автор: GulievMMA#
#Версия: v1#
#Страна: Азербайджан#
#Город: Сумгайыт#
#Спорт: ММА#
#Сайт: KeoTop.Ru#
#Сайт: H9M.Ru#
#Телеграм: @AnarQuliyevMMA#
#E-mail: guliev.mma@gmail.com  #
#WhatsApp: +994 (77) 768-39-39#
#WhatsApp: +994 (55) 968-78-69#
############################
#Скрипт Принадлежит Мне , Продавать и Распростронять Нельзя (!)#
############################



$url = 'http://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];

$xeta = 'OOPS!!';
if(strstr($url, ' DELETE ')) {
	echo $xeta;
}
if(strstr($url, 'DELETE ')) {
	echo $xeta;
}
if(strstr($url, 'DELETE')) {
	echo $xeta;
}

if(strstr($url, 'delete')) {
	echo $xeta;
}
if(strstr($url, 'INSERT INTO')) {
	echo $xeta;
}

if(strstr($url, 'insert into')) {
	echo $xeta;
}

if(strstr($url, 'Truncate')) {
	echo $xeta;
}

if(strstr($url, 'truncate')) {
	echo $xeta;
}

if(strstr($url, 'TRUNCATE')) {
	echo $xeta;
}






header("Expires: on, 01 Jan 1970 00:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
defined('NTOP') or die('Error: restricted access');


$systema = mysqli_query($mysqli,"SELECT * FROM `".$prefix."settings`");

$set = array();
while ($query = mysqli_fetch_array($systema))
	{
		$set[$query[0]] = $query[1];
	}
$set['home'] = $_SERVER['HTTP_HOST'];
//Проверка юзера
if(isset($_COOKIE['login']) AND isset($_COOKIE['password']))
	{
		$user = mysqli_query($mysqli,"SELECT * FROM `".$prefix."users` WHERE `login`='".htmlspecialchars(mysqli_real_escape_string($mysqli,trim($_COOKIE['login'])))."' AND `password`='".htmlspecialchars(mysqli_real_escape_string($mysqli,trim($_COOKIE['password'])))."'");
		$ser = mysqli_query($mysqli,"SELECT * FROM `".$prefix."users` WHERE `login`='".htmlspecialchars(mysqli_real_escape_string($mysqli,trim($_COOKIE['login'])))."' AND `password`='".htmlspecialchars(mysqli_real_escape_string($mysqli,trim($_COOKIE['password'])))."'");
		if(mysqli_num_rows($user) > 0)
			{
				$user_data = mysqli_fetch_array($user);
                        	$u = mysqli_fetch_array($ser);
			}
	}
// getting main variables
//$id = isset($_GET['id']) ? abs(intval($_GET['id'])) : 0;
//$act = isset($_GET['act']) ? $_GET['act'] : FALSE;
$title = isset($title) ? $title : FALSE;
$m_title = empty($title) ? HOME : $title.' - '.HOME;
$page = isset($_GET['p']) ? abs(intval($_GET['p'])) : 1;
$pages = isset($pages) ? abs(intval($pages)) : 0;
$ok = isset($_GET['ok']) ? 1 : FALSE;
$spam = isset($_SESSION['spam']) ? $_SESSION['spam'] : FALSE; // is going to be deprecated
$antispam = isset($_SESSION['antispam']) ? $_SESSION['antispam'] : FALSE;

$ip = $_SERVER['REMOTE_ADDR'];
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$antispam = '0,5';
$pages = ($user_data) ? $user_data['pages'] : $set['pages'];
$page_platforms = ($user_data) ? $user_data['page_platforms'] : $set['page_platforms'];
$page_sait = ($user_data) ? $user_data['page_sait'] : $set['page_sait'];
$page_top = ($user_data) ? $user_data['page_top'] : $set['page_top'];
$page_sait_comments = ($user_data) ? $user_data['page_sait_comments'] : $set['page_sait_comments'];
$page_news = ($user_data) ? $user_data['page_news'] : $set['page_news'];
$page_nc = ($user_data) ? $user_data['page_newsc'] : $set['page_newsc'];
$page_users = $set['page_users'];

$level = 0;
$flevel = '';
//while ($level < 5) {
    $flevel .= '../';
    //++$level;
/*} */
unset($level);
define ('FLEVEL', $flevel);
define('TIME', time());

if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) and preg_match('|^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$|',$_SERVER['HTTP_X_FORWARDED_FOR'])){
$ip = trim(htmlspecialchars(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_X_FORWARDED_FOR'])));
}elseif(isset($_SERVER['HTTP_CLIENT_IP']) and preg_match('|^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$|',$_SERVER['HTTP_CLIENT_IP'])){
$ip = trim(htmlspecialchars(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_CLIENT_IP'])));
}elseif(isset($_SERVER['REMOTE_ADDR']) and preg_match('|^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$|',$_SERVER['REMOTE_ADDR'])){
$ip = trim(htmlspecialchars(mysqli_real_escape_string($mysqli,$_SERVER['REMOTE_ADDR'])));
}else{
$ip = 'Скрыт';
}

if (isset($_SERVER['HTTP_X_OPERAMINI_PHONE_UA'])){
$ua = trim(htmlspecialchars(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_X_OPERAMINI_PHONE_UA'])));
}elseif (isset($_SERVER['HTTP_USER_AGENT'])){
$ua = trim(htmlspecialchars(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT'])));
}else{
$ua = 'Скрыт';
}

$ua = strtok($ua, '/');
$ua = strtok($ua, ' ');
//Определение Online
if (mysqli_num_rows(mysqli_query($mysqli,"SELECT * FROM `".$prefix."online` WHERE `ip` = '".$ip."' AND `ua` = '".$ua."' AND `time` > '".(time()-180)."'")) == 1)
	{
		mysqli_query($mysqli,"UPDATE `".$prefix."online` SET `time` = '".time()."' WHERE `ip` = '".$ip."' AND `ua` = '".$ua."' LIMIT 1");
	}
else
	{
		mysqli_query($mysqli,"DELETE FROM `".$prefix."online` WHERE `time` < '".(time()-180)."'");
		mysqli_query($mysqli,"INSERT INTO `".$prefix."online` (`ip`, `ua`, `time`) values('".$ip."', '".$ua."', ".time().")");
	}
$online = mysqli_num_rows(mysqli_query($mysqli,"SELECT * FROM `".$prefix."online` WHERE `time` > '".(time()-180)."'"));
$id = isset($_GET['id']) ? abs(intval($_GET['id'])) : '';
$sait = isset($_GET['sait']) ? abs(intval($_GET['sait'])) : '';
$act = isset($_GET['act']) ? htmlspecialchars(mysqli_real_escape_string($mysqli,$_GET['act'])) : '';
?>