-
-
Save Orange-Men/d0dab7e34116def6febe to your computer and use it in GitHub Desktop.
sitedota
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
if ($Module == 'logout' and $_SESSION['USER_LOGIN_IN'] == 1){ | |
if ($_COOKIE['user']){ | |
setcookie('user', '', strtotime('-30 days'), '/'); | |
unset($_COOKIE['user']); | |
} | |
session_unset(); | |
exit(header('Location: /login')); | |
} | |
if ($Module == 'edit' and $_POST['enter']) { | |
ULogin(1); | |
$_POST['old_password'] = FormChars($_POST['old_password']); | |
$_POST['new_password'] = FormChars($_POST['new_password']); | |
$_POST['name'] = FormChars($_POST['name']); | |
$_POST['country'] = FormChars($_POST['country']); | |
if ($_POST['old_password'] or $_POST['new_password']) { | |
if (!$_POST['old_password']) | |
MessageSend(1, 'Не указазан старый пароль.'); | |
if (!$_POST['new_password']) | |
MessageSend(1, 'Не указазан новый пароль.'); | |
$Password = GenPass($_POST['new_password'], $_SESSION['USER_LOGIN']); | |
if ($_SESSION['USER_PASSWORD'] != GenPass($_POST['old_password'], $_SESSION['USER_LOGIN'])) | |
MessageSend(1, 'Старый пароль указан неверно.'); | |
$Password = GenPass($_POST['new_password'], $_SESSION['USER_LOGIN']); | |
mysqli_query($CONNECT, "UPDATE users SET password = '$Password' WHERE id = '$_SESSION[USER_ID]'"); | |
$_SESSION['USER_PASSWORD'] = $Password; | |
} | |
if ($_POST['name'] != $_SESSION['USER_NAME']) { | |
mysqli_query($CONNECT, "UPDATE users SET name = '$_POST[name]' WHERE id = '$_SESSION[USER_ID]'"); | |
$_SESSION['USER_NAME'] = $_POST['name']; | |
} | |
if (UserCountry($_POST['country']) != $_SESSION['USER_COUNTRY']) { | |
mysqli_query($CONNECT, "UPDATE users SET country = '$_POST[country]' WHERE id = '$_SESSION[USER_ID]'"); | |
$_SESSION['USER_COUNTRY'] = UserCountry($_POST['country']); | |
} | |
if ($_FILES['avatar']['tmp_name']) { | |
if ($_FILES['avatar']['type'] != 'image/png') | |
MessageSend(1, 'Неверный тип изображения.'); | |
if ($_FILES['avatar']['size'] > 60000) | |
MessageSend(1, 'Размер изображения слишком большой.'); | |
$Image = imagecreatefrompng($_FILES['avatar']['tmp_name']); | |
$Size = getimagesize($_FILES['avatar']['tmp_name']); | |
$Tmp = imagecreatetruecolor(120, 120); | |
imagecopyresampled($Tmp, $Image, 0, 0, 0, 0, 120, 120, $Size[0], $Size[1]); | |
if ($_SESSION['USER_AVATAR'] == 0) { | |
$Files = glob ('resource/avatar/*', GLOB_ONLYDIR); | |
foreach($Files as $num => $Dir) { | |
$Num ++; | |
$Count = sizeof(glob($Dir.'/*.*')); | |
if ($Count < 250) { | |
$Download = $Dir.'/'.$_SESSION['USER_ID']; | |
$_SESSION['USER_AVATAR'] = $Num; | |
mysqli_query($CONNECT, "UPDATE users SET avatar = $Num WHERE id = '$_SESSION[USER_ID]'"); | |
break; | |
} | |
} | |
} | |
else $Download = 'resource/avatar/'.$_SESSION['USER_AVATAR'].'/'.$_SESSION['USER_ID']; | |
imagepng($Tmp, $Download.'.png'); | |
imagedestroy($Image); | |
imagedestroy($Tmp); | |
} | |
MessageSend(3, 'Данные изменены.'); | |
} | |
ULogin(0); | |
if ($Module == 'restore' and !$Param['code'] and substr($_SESSION['RESTORE'], 0, 4) == 'wait'){ | |
MessageSend(2, 'Вы уже отправили заявку на восстановление пароля. Проверьте ваш E-mail <b>'.HideEmail(substr($_SESSION['RESTORE'], 5)).'</b>.'); | |
} | |
if ($Module == 'restore' and $_SESSION['RESTORE'] and substr($_SESSION['RESTORE'], 0, 4) != 'wait'){ | |
MessageSend(2, 'Ваш пароль был изменён. Для входа используйте новый пароль <b>'.$_SESSION['RESTORE'].'</b>', '/login'); | |
} | |
if ($Module == 'restore' and $Param['code']){ | |
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, 'SELECT login FROM users WHERE id = '.str_replace(md5(substr($_SESSION['RESTORE'], 5)), '', $Param['code']))); | |
if (!$Row['login']) | |
MessageSend(1, 'Невозможно восстановить пароль.', '/login'); | |
$Random = RandomString(15); | |
$_SESSION['RESTORE'] = $Random; | |
mysqli_query($CONNECT, 'UPDATE users SET password = '.GenPass($Random, $Row['login']).'WHERE login = '.$Row['login']); | |
MessageSend(1, 'Пароль успешно изменён, для входа используйте новый пароль <b>'.$Random.'</b>', '/login'); | |
} | |
if ($Module == 'restore' and $_POST['enter']) { | |
$_POST['login'] = FormChars($_POST['login']); | |
$_POST['captcha'] = FormChars($_POST['captcha']); | |
if (!$_POST['login'] or !$_POST['captcha']) | |
MessageSend(1, 'Что-то пошло не так ...'); | |
if ($_SESSION['captcha'] != md5($_POST['captcha'])) | |
MessageSend(1, 'Неверный код ! Попробуйте ещё раз.'); | |
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, "SELECT id, email FROM users WHERE login = '$_POST[login]'")); | |
if (!$Row['email']) | |
MessageSend(1, 'Пользователь не найден.'); | |
mail($Row['email'], 'Orange_Men', 'Ссылка для восстановления: http://site-dota.ua/account/restore/code/'.md5($Row['email']).$Row['id'], 'From: Orange_Men'); | |
$_SESSION['RESTORE'] = 'wait/'.$Row['email']; | |
MessageSend(2, 'На ваш E-mail <b>'.HideEmail($Row['email']).'</b> отправлено подтверждение смены пароля'); | |
} | |
if ($Module == 'register' and $_POST['enter']){ | |
$_POST['login'] = FormChars($_POST['login']); | |
$_POST['email'] = FormChars($_POST['email']); | |
$_POST['password'] = GenPass(FormChars($_POST['password']), $_POST['login']); | |
$_POST['name'] = FormChars($_POST['name']); | |
$_POST['country'] = FormChars($_POST['country']); | |
$_POST['captcha'] = FormChars($_POST['captcha']); | |
if (!$_POST['login'] or !$_POST['email'] or !$_POST['password'] or !$_POST['name'] or $_POST['country'] > 4 or !$_POST['captcha']) | |
MessageSend(1, 'Что-то пошло не так ...'); | |
if ($_SESSION['captcha'] != md5($_POST['captcha'])) | |
MessageSend(1, 'Неверный код ! Попробуйте ещё раз.'); | |
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, "SELECT login FROM users WHERE login = '$_POST[login]'")); | |
if ($Row['login']) | |
MessageSend(1, 'Логин <b>'.$_POST['login'].'</b> уже использован.', '/register'); | |
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, "SELECT email FROM users WHERE email = '$_POST[email]'")); | |
if ($Row['email']) | |
MessageSend(1, 'E-mail <b>'.$_POST['email'].'</b> уже использован.', '/register'); | |
mysqli_query($CONNECT, "INSERT INTO users VALUES ('', | |
'$_POST[login]', | |
'$_POST[password]', | |
'$_POST[name]', | |
now(), | |
'$_POST[email]', | |
'$_POST[country]', | |
0, | |
0, | |
0)"); | |
$Сode = str_replace('=', '', base64_encode($_POST['email'])); | |
mail($_POST['email'], 'Регистрация на сайте. Orange_Men', 'Ссылка для активации: http://site-dota.ua/account/active/code/'.substr($Code, 5).substr($Code, 0, -5), 'From: Orange_Men'); | |
MessageSend(3, 'Регистрация аккаунта успешно заверщена. На указаный e-mail адрес <b>'.$_POST['email'].'</b> отправлено письмо с подтверждением регистрации.'); | |
} | |
else if ($Module == 'active' and $Param['code']) { | |
if (!$_SESSION['USER_ACTIVE_EMAIL']) { | |
$Email = base64_decode(substr($Param['code'], 5).substr($Param['code'], 0, 5)); | |
if (strpos($Email, '@') !== false) { | |
mysqli_query($CONNECT, "UPDATE users SET active = 1 WHERE email = '$Email'"); | |
$_SESSION['USER_ACTIVE_EMAIL'] = $Email; | |
MessageSend(3, 'E-mail <b>'.$Email.' подтвержден.</b>', '/login'); | |
} | |
else MessageSend(1, 'E-mail адрес не подтвержден.', '/login'); | |
} | |
else MessageSend(1, 'E-mail адрес <b>'.$_SESSION['USER_ACTIVE_EMAIL'].'</b> уже подтвержден', '/login'); | |
} | |
else if ($Module == 'login' and $_POST['enter']) { | |
$_POST['login'] = FormChars($_POST['login']); | |
$_POST['password'] = GenPass(FormChars($_POST['password']), $_POST['login']); | |
$_POST['captcha'] = FormChars($_POST['captcha']); | |
if (!$_POST['login'] or !$_POST['password'] or !$_POST['captcha']) | |
MessageSend(1, 'Что-то пошло не так ...'); | |
if ($_SESSION['captcha'] != md5($_POST['captcha'])) | |
MessageSend(1, 'Неверный код ! Попробуйте ещё раз.'); | |
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, "SELECT password, active FROM users WHERE login = '$_POST[login]'")); | |
if ($Row['password'] != $_POST['password']) | |
MessageSend(1, 'Неверный логин или пароль ! Попробуйте ещё раз.'); | |
/*if ($Row['active'] == 0) | |
MessageSend(1, 'Аккаунт пользователя <b>'.$_POST['login'].'</b> не подтвержден.');*/ | |
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, "SELECT id, name, regdate, email, country, avatar, password, login, groups FROM users WHERE login = '$_POST[login]'")); | |
$_SESSION['USER_LOGIN'] = $Row['login']; | |
$_SESSION['USER_PASSWORD'] = $Row['password']; | |
$_SESSION['USER_ID'] = $Row['id']; | |
$_SESSION['USER_NAME'] = $Row['name']; | |
$_SESSION['USER_REGDATE'] = $Row['regdate']; | |
$_SESSION['USER_EMAIL'] = $Row['email']; | |
$_SESSION['USER_COUNTRY'] = UserCountry($Row['country']); | |
$_SESSION['USER_AVATAR'] = $Row['avatar']; | |
$_SESSION['USER_GROUP'] = $Row['groups']; | |
$_SESSION['USER_LOGIN_IN'] = 1; | |
if ($_REQUEST['remember']) | |
setcookie('user', $_POST['password'], strtotime('+30 days'), '/'); | |
exit(header('Location: /profile')); | |
} | |
/*else if ($Module == 'profile' and $_POST['exit'] and $_SESSION['USER_LOGIN_IN'] == 1){ | |
if ($_COOKIE['user']){ | |
setcookie('user', '', strtotime('-30 days'), '/'); | |
unset($_COOKIE['user']); | |
} | |
session_unset(); | |
exit(header('Location: /login')); | |
}*/ | |
?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
include_once 'setting.php'; | |
session_start(); | |
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); | |
$CONNECT = mysqli_connect(HOST, USER, PASS, DB); | |
if ($_SESSION['USER_LOGIN_IN'] != 1 and $_COOKIE['user']) { | |
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, "SELECT id, name, regdate, email, country, avatar, login, groups FROM users WHERE password = '$_COOKIE[user]'")); | |
$_SESSION['USER_LOGIN'] = $Row['login']; | |
$_SESSION['USER_ID'] = $Row['id']; | |
$_SESSION['USER_NAME'] = $Row['name']; | |
$_SESSION['USER_REGDATE'] = $Row['regdate']; | |
$_SESSION['USER_EMAIL'] = $Row['email']; | |
$_SESSION['USER_COUNTRY'] = UserCountry($Row['country']); | |
$_SESSION['USER_AVATAR'] = $Row['avatar']; | |
$_SESSION['USER_GROUP'] = $Row['groups']; | |
$_SESSION['USER_LOGIN_IN'] = 1; | |
} | |
// Единая точка входа | |
if ($_SERVER['REQUEST_URI'] == '/'){ | |
$Page = 'index'; | |
$Module = 'index'; | |
}else{ | |
$URL_Path = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH); | |
$URL_Parts = explode('/', trim($URL_Path, ' /')); | |
$Page = array_shift($URL_Parts); | |
$Module = array_shift($URL_Parts); | |
if (!empty($Module)){ | |
$Param = array(); | |
for ($i = 0; $i < count($URL_Parts); $i++){ | |
$Param[$URL_Parts[$i]] = $URL_Parts[++$i]; | |
} | |
} | |
} | |
//Наши страницы | |
if ($Page == 'index' and $Module == 'index') include('page/index.php'); | |
else if ($Page == 'login') include('page/login.php'); | |
else if ($Page == 'register') include('page/register.php'); | |
else if ($Page == 'account') include('form/account.php'); | |
else if ($Page == 'profile') include('page/profile.php'); | |
else if ($Page == 'restore') include('page/restore.php'); | |
else if ($Page == 'guestbook') include('page/guestbook.php'); | |
else if ($Page == 'news'){ | |
if (!$Module or $Page == 'news' and $Module == 'category' or $Page == 'news' and $Module == 'main') | |
include('module/news/main.php'); | |
else if ($Module == 'material') | |
include('module/news/material.php'); | |
else if ($Module == 'add') | |
include('module/news/add.php'); | |
else if ($Module == 'edit') | |
include('module/news/edit.php'); | |
else if ($Module == 'control') | |
include('module/news/control.php'); | |
} | |
//Проверка на авторизацию | |
function ULogin($p1) { | |
if ($p1 <= 0 and $_SESSION[USER_LOGIN_IN] != $p1) | |
MessageSend(1, 'Данная страница доступна только для гостей.', '/'); | |
else if ($_SESSION[USER_LOGIN_IN] != $p1) | |
MessageSend(1, 'Данная страница доступна только для пользователей сайта.', '/'); | |
} | |
//Страны | |
function UserCountry($p1) { | |
if ($p1 == 0) | |
return 'Украина'; | |
if ($p1 == 1) | |
return 'Россия'; | |
if ($p1 == 2) | |
return 'Беларусь'; | |
if ($p1 == 3) | |
return 'Казахстан'; | |
} | |
//Группы пользователей | |
function UserGroup($p1) { | |
if ($p1 == 0) | |
return 'Пользователь'; | |
if ($p1 == 1) | |
return 'Модератор'; | |
if ($p1 == 2) | |
return 'Администратор'; | |
if ($p1 == -1) | |
return 'Заблокирован'; | |
} | |
function UserAccess($p1) { | |
if ($_SESSION['USER_GROUP'] < $p1) | |
MessageSend(1, 'У вас нет прав доступа для просмотра данной страницы сайта.', '/'); | |
} | |
//Рандомная строка | |
function RandomString($p1) { | |
$Char = '0123456789abcdefghijklmnopqrstuvwxyz'; | |
$String = ''; | |
for ($i = 0; $i < $p1; $i ++) | |
$String .= $Char[rand(0, strlen($Char) - 1)]; | |
return $String; | |
} | |
//Скрыте символов в email после @ | |
function HideEmail($p1) { | |
$Explode = explode('@', $p1); | |
return $Explode[0].'@*****'; | |
} | |
//Выплывающее сообщение об ошибке, подсказке или информации. | |
function MessageSend($p1, $p2, $p3 = '') { | |
if ($p1 == 1) | |
$p1 = 'Ошибка'; | |
else if ($p1 == 2) | |
$p1 = 'Подсказка'; | |
else if ($p1 == 3) | |
$p1 = 'Информация'; | |
$_SESSION['message'] = '<div class = MessageBlock><b>'.$p1.'</b>: '.$p2.'</div>'; | |
if ($p3) | |
$_SERVER['HTTP_REFERER'] = $p3; | |
exit(header('Location: '.$_SERVER['HTTP_REFERER'])); | |
} | |
//Вывод этой ошибки, подсказки или информации. | |
function MessageShow(){ | |
if ($_SESSION['message']) | |
$Message = $_SESSION['message']; | |
echo $Message; | |
$_SESSION['message'] = array(); | |
} | |
//Проверка | |
//nl2br — Вставляет HTML-код разрыва строки перед каждым переводом строки | |
//htmlspecialchars — Преобразует специальные символы в HTML-сущности | |
//trim — Удаляет пробелы (или другие символы) из начала и конца строки | |
function FormChars ($p1) { | |
return nl2br(htmlspecialchars(trim($p1), ENT_QUOTES), false); | |
} | |
//Шифровка md5 | |
function GenPass ($p1, $p2){ | |
return md5('Orange_Men'.md5('123'.$p1.'321').md5('456'.$p2.'654')); | |
} | |
//<head> | |
function Head($p1) { | |
echo " | |
<head> | |
<meta charset='utf-8'/> | |
<title>$p1</title> | |
<meta name='keywords' content='' /> | |
<meta name='description' content='' /> | |
<link href='/resource/style.css' rel='stylesheet'> | |
<link href='/resource/img/dota.ico' rel='icon' type = 'image/x-icon'> | |
</head>"; | |
} | |
//Функция переключателя страниц | |
//$p1 - URL (Example: /news/main/page) | |
//$p2 - Текущая страница ($Param['page']) | |
//$p3 - Кол-во новостей | |
//$p4 - Кол-во новостей на странице | |
function PageSelector($p1, $p2, $p3, $p4 = 5) { | |
$Page = ceil($p3[0] / $p4); // делим кол-во новостей на кол-во записей на странице | |
if ($Page > 1) { //А нужен ли переключатель ? | |
echo '<div class = "PageSelector">'; | |
for ($i = ($p2 - 3); $i < ($Page + 1); $i++) { | |
if ($i > 0 and $i <= ($p2 + 3)) { | |
if ($p2 == $i) | |
$Swch = 'SwchItemCur'; | |
else $Swch = 'SwchItem'; | |
echo '<a class = "page_selector_a '.$Swch.'" href = "'.$p1.$i.'">'.$i.'</a>'; | |
} | |
} | |
echo '</div>'; | |
} | |
} | |
//MenuHead | |
function Menu() { | |
if ($_SESSION['USER_LOGIN_IN'] != 1) | |
$Menu = "<a href = '/register'><div class = 'Menu'>Регистрация</div></a> | |
<a href = '/login'><div class = 'Menu'>Вход</div></a>"; | |
else $Menu = "<a href = '/profile'><div class = 'Menu'>Профиль</div></a> | |
<a href = '/guestbook'><div class = 'Menu'>Гостевая книга</div></a>"; | |
echo "<div class = 'MenuHead'> | |
<a href = '/'><div class = 'Menu'>Главная</div></a> | |
<a href = '/news'><div class = 'Menu'>Новости</div></a> | |
$Menu | |
</div>"; | |
} | |
//<footer> | |
function Footer() { | |
echo "<footer class='footer'> | |
Orange_Men<br> Все права защищены | |
</footer>"; | |
} | |
?> | |
<head> | |
<meta charset = "utf-8"> | |
</head> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
ULogin(1); | |
if ($_SESSION['USER_GROUP'] == 2) | |
$Active = 1; | |
else | |
$Active = 0; | |
if ($_POST['enter'] and $_POST['text'] and $_POST['name'] and $_POST['cat']) { | |
$_POST['name'] = FormChars($_POST['name']); | |
$_POST['text'] = FormChars($_POST['text']); | |
$_POST['cat'] += 0; | |
mysqli_query($CONNECT, "INSERT INTO news VALUES ('', | |
'$_POST[name]', | |
'$_POST[cat]', | |
0, | |
'$_SESSION[USER_LOGIN]', | |
'$_POST[text]', | |
NOW(), | |
$Active)"); | |
MessageSend(3, 'Новость добавлена.', '/news'); | |
} | |
?> | |
<!DOCTYPE html> | |
<html> | |
<?php Head('Добавить новость')?> | |
<body> | |
<div class="wrapper"> | |
<div class="header"></div> | |
<div class="content"> | |
<?php Menu(); | |
MessageShow(); | |
?> | |
<form method = "POST" action = "/news/add"> | |
<input type = "text" name = "name" placeholder="Название новости" required><br> | |
<select size = '1' name = 'cat' required> | |
<option selected value = '1'>Категория 1</option> | |
<option value = '2'>Категория 2</option> | |
<option value = '3'>Категория 3</option> | |
</select><br> | |
<textarea class = "Add" name = "text" required></textarea><br> | |
<input type = "submit" name = "enter" value = "Добавить"> | |
<input type = "reset" value = "Очистить"> | |
</form> | |
</div> | |
<?php Footer() ?> | |
</div> | |
</body> | |
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
UserAccess(2); | |
if ($Param['id'] and $Param['command']) { | |
if ($Param['command'] == 'delete') { | |
mysqli_query($CONNECT, "DELETE FROM news WHERE id = $Param[id]"); | |
MessageSend(3, 'Новость удалена.', '/news'); | |
} else if ($Param['command'] == 'active') { | |
mysqli_query($CONNECT, "UPDATE news SET active = 1 WHERE id = $Param[id]"); | |
MessageSend(3, 'Новость активирована.', '/news/material/id/'.$Param['id']); | |
} | |
} | |
?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
UserAccess(2); | |
$Param['id'] += 0; | |
if (!$Param['id']) | |
MessageSend(1, 'Произошла ошибка, обратитесь к администратору.', '/news'); | |
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, "SELECT cat, name, text FROM news WHERE id = $Param[id]")); | |
if (!$Row['name']) | |
MessageSend(1, 'Новость не найдена, обратитесь к администратору.', '/news'); | |
if ($_POST['enter'] and $_POST['text'] and $_POST['name'] and $_POST['cat']) { | |
$_POST['name'] = FormChars($_POST['name']); | |
$_POST['text'] = FormChars($_POST['text']); | |
$_POST['cat'] += 0; | |
mysqli_query($CONNECT, "UPDATE news SET name = '$_POST[name]', | |
cat = $_POST[cat], | |
text = '$_POST[text]' | |
WHERE id = $Param[id]"); | |
MessageSend(3, 'Новость отредактирована.', '/news/material/id/'.$Param['id']); | |
} | |
?> | |
<!DOCTYPE html> | |
<html> | |
<?php Head('Редактировать новость')?> | |
<body> | |
<div class="wrapper"> | |
<div class="header"></div> | |
<div class="content"> | |
<?php Menu(); | |
MessageShow(); | |
echo ' | |
<form method = "POST" action = "/news/edit/id/'.$Param['id'].'"> | |
<input type = "text" name = "name" placeholder="Название новости" value = "'.$Row['name'].'" required><br> | |
<select size = "1" name = "cat" required> | |
'.str_replace('value = "'.$Row['cat'], 'selected value = "'.$Row['cat'], | |
'<option selected value = "1">Категория 1</option> | |
<option value = "2">Категория 2</option> | |
<option value = "3">Категория 3</option>').' | |
</select><br> | |
<textarea class = "Add" name = "text" required>'.str_replace('<br>', '', $Row['text']).'</textarea><br> | |
<input type = "submit" name = "enter" value = "Сохранить"> | |
<input type = "reset" value = "Очистить"> | |
</form>'; | |
?> | |
</div> | |
<?php Footer() ?> | |
</div> | |
</body> | |
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
ULogin(1); | |
if ($_POST['enter'] and $_POST['text']) { | |
$_POST['text'] = FormChars($_POST['text']); | |
mysqli_query($CONNECT, "INSERT INTO guestbook VALUES ('', | |
'$_POST[text]', | |
'$_SESSION[USER_LOGIN]', | |
now())"); | |
exit(header('location: /guestbook')); | |
} | |
?> | |
<!DOCTYPE html> | |
<html> | |
<?php Head('Гостевая книга')?> | |
<body> | |
<div class="wrapper"> | |
<div class="header"></div> | |
<div class="content"> | |
<?php Menu(); | |
MessageShow(); | |
?> | |
<div class = "guestbook_box"> | |
<?php | |
$Query = mysqli_query($CONNECT, "SELECT id, message, user, time FROM guestbook ORDER BY time DESC LIMIT 50"); | |
while ($Row = mysqli_fetch_assoc($Query)){ | |
echo '<div class = "guestbook_block"> | |
<span>'.$Row['user'].' | '.$Row['time'].'</span>'.$Row['message'].' | |
</div>'; | |
} | |
?> | |
</div> | |
<form method = "POST" action = "/guestbook"> | |
<textarea class = "questbook" name = "text" placeholder="Текст сообщения" required></textarea><br> | |
<input type = "submit" name = "enter" value = "Отправить"> | |
<input type = "reset" value = "Очистить"> | |
</form> | |
</div> | |
<?php Footer() ?> | |
</div> | |
</body> | |
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<html> | |
<?php Head('Главная страница')?> | |
<body> | |
<div class="wrapper"> | |
<div class="header"></div> | |
<div class="content"> | |
<?php Menu(); | |
MessageShow(); | |
?> | |
</div> | |
<?php Footer() ?> | |
</div> | |
</body> | |
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
ULogin(0); | |
?> | |
<!DOCTYPE html> | |
<html> | |
<?php Head('Вход')?> | |
<body> | |
<div class="wrapper"> | |
<div class="header"></div> | |
<div class="content"> | |
<?php Menu(); | |
MessageShow(); | |
?> | |
<form method = "POST" action = "/account/login"> | |
<input type = "text" name = "login" placeholder="Логин" maxlength = "10" pattern = "[A-Za-z-0-9]{3,10}" title = "Не менее 3 и не более 10 латинских символов и цифр." required><br> | |
<input type = "password" name = "password" placeholder="Пароль" maxlength = "15" pattern = "[A-Za-z-0-9]{5,15}" title = "Не менее 5 и не более 15 латинских символов и цифр." required><br> | |
<div class = "capdiv"> | |
<input class = "capinp" type = "text" name = "captcha" placeholder="Каптча" maxlength = "5" pattern = "[0-9]{1,5}" title = "Не менее 5 и не более 5 цифр." required> | |
<img class = "capimg" src = "/resource/captcha.php" alt = "Каптча"> | |
</div> | |
<input type = "checkbox" name = "remember"> Запомнить меня<br> | |
<input type = "submit" name = "enter" value = "Вход"> | |
<input type = "reset" value = "Очистить"><br><br> | |
<a class = "button pass" href = "/restore">Забыли пароль ?</a> | |
</form> | |
</div> | |
<?php Footer() ?> | |
</div> | |
</body> | |
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
if ($Module == 'category' and $Param['id'] != 1 and $Param['id'] != 2 and $Param['id'] != 3) | |
MessageSend(1, 'Такой категории не существует.', '/news'); | |
$Param['page'] += 0; | |
?> | |
<!DOCTYPE html> | |
<html> | |
<?php Head('Новости')?> | |
<body> | |
<div class="wrapper"> | |
<div class="header"></div> | |
<div class="content"> | |
<?php Menu(); | |
MessageShow(); | |
?> | |
<div class = "CatHead"> | |
<?php | |
if($_SESSION['USER_LOGIN_IN']) | |
echo ' | |
<a href = "/news/add"><div class = "Cat">Добавить новость</div></a> | |
'; | |
?> | |
<a href = "/news"><div class = "Cat">Все категории</div></a> | |
<a href = "/news/category/id/1"><div class = "Cat">Категория 1</div></a> | |
<a href = "/news/category/id/2"><div class = "Cat">Категория 2</div></a> | |
<a href = "/news/category/id/3"><div class = "Cat">Категория 3</div></a> | |
</div> | |
<br><div class = "text"> | |
<?php | |
if (!$Module or $Module == 'main') { | |
if ($_SESSION['USER_GROUP'] != 2) | |
$Active = 'WHERE active = 1'; | |
$Param1 = 'SELECT id, name, added, date, active FROM news '.$Active.' ORDER BY id DESC LIMIT 0, 5'; | |
$Param2 = 'SELECT id, name, added, date, active FROM news '.$Active.' ORDER BY id DESC LIMIT START, 5'; | |
$Param3 = 'SELECT COUNT(id) FROM news'; | |
$Param4 = '/news/main/page/'; | |
}else if ($Module == 'category') { | |
if ($_SESSION['USER_GROUP'] != 2) | |
$Active = 'AND active = 1'; | |
$Param1 = 'SELECT id, name, added, date, active FROM news WHERE cat = '.$Param['id'].' '.$Active.' ORDER BY id DESC LIMIT 0, 5'; | |
$Param2 = 'SELECT id, name, added, date, active FROM news WHERE cat = '.$Param['id'].' '.$Active.' ORDER BY id DESC LIMIT START, 5'; | |
$Param3 = 'SELECT COUNT(id) FROM news WHERE cat = '.$Param['id']; | |
$Param4 = '/news/category/id/'.$Param['id'].'/page/'; | |
} | |
$Count = mysqli_fetch_row(mysqli_query($CONNECT, $Param3)); | |
if (!$Param['page']) { | |
$Param['page'] = 1; | |
$Result = mysqli_query($CONNECT, $Param1); | |
} else { | |
$Start = ($Param['page'] - 1) * 5; | |
$Result = mysqli_query($CONNECT, str_replace('START', $Start, $Param2)); | |
} | |
while ($Row = mysqli_fetch_assoc($Result)) { | |
if (!$Row['active']) | |
$Row['name'] .= ' <b>(Ожидает подтверждения от администрации.)</b>'; | |
echo '<a class = "main_a" href = "/news/material/id/'.$Row['id'].'"> | |
<div class = "news_block"> | |
<span>Добавил: '.$Row['added'].' | '.$Row['date'].'</span>'.$Row['name'].' | |
</div> | |
</a>'; | |
} | |
PageSelector($Param4, $Param['page'], $Count); | |
?> | |
</div> | |
</div> | |
<?php Footer() ?> | |
</div> | |
</body> | |
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
$Param['id'] += 0; | |
if ($Param['id'] == 0) | |
MessageSend(1, 'Произошла ошибка, обратитесь к администратору.', '/news'); | |
$Row = mysqli_fetch_assoc(mysqli_query($CONNECT, 'SELECT name, cat, readed, added, text, date, active FROM news WHERE id = '.$Param['id'])); | |
if (!$Row['name']) | |
MessageSend(1, 'Произошла ошибка, обратитесь к администратору.', '/news'); | |
if (!$Row['active'] and $_SESSION['USER_GROUP'] != 2) | |
MessageSend(1, 'Неактивированная новость. Обратитесь к администрации.', '/news'); | |
mysqli_query($CONNECT, 'UPDATE news SET readed = readed + 1 WHERE id = '.$Param['id']); | |
?> | |
<!DOCTYPE html> | |
<html> | |
<?php Head($Row['name']);?> | |
<body> | |
<div class="wrapper"> | |
<div class="header"></div> | |
<div class="content"> | |
<?php Menu(); | |
MessageShow(); | |
?> | |
<div class = "text"> | |
<?php | |
if (!$Row['active']) | |
$Active = '| <a class = "edit_a" href = "/news/control/id/'.$Param['id'].'/command/active"><div class = "button edit">Активировать новость</div></a>'; | |
if($_SESSION['USER_GROUP'] == 2){ | |
$Edit = '| <a class = "edit_a" href = "/news/edit/id/'.$Param['id'].'"><div class = "button edit">Редактировать новость</div></a>'; | |
$Delete = '| <a class = "edit_a" href = "/news/control/id/'.$Param['id'].'/command/delete"><div class = "button edit">Удалить новость</div></a>'; | |
} | |
echo 'Просмотров: '.($Row['readed'] + 1).' | Добавил: '.$Row['added'].' | Дата: '.$Row['date'].' '.$Edit.' '.$Active.' '.$Delete.'<br><br><b>'.$Row['name'].'</b><br>'.$Row['text']; | |
?> | |
</div> | |
</div> | |
<?php Footer() ?> | |
</div> | |
</body> | |
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
ULogin(1); | |
?> | |
<!DOCTYPE html> | |
<html> | |
<?php Head('Профиль пользователя')?> | |
<body> | |
<div class="wrapper"> | |
<div class="header"></div> | |
<div class="content"> | |
<?php Menu(); | |
MessageShow(); | |
?> | |
<div class = "text"> | |
<?php | |
if ($_SESSION['USER_AVATAR'] == 0) | |
$Avatar = 0; | |
else $Avatar = $_SESSION['USER_AVATAR'].'/'.$_SESSION['USER_ID']; | |
echo ' | |
<img src = "/resource/avatar/'.$Avatar.'.png" width = "120" height = "120" alt = "Аватар" align = "left"> | |
<div class = "block"> | |
ID: '.$_SESSION['USER_ID'].' ('.UserGroup($_SESSION['USER_GROUP']).') | |
<br>Name: '.$_SESSION['USER_NAME'].' | |
<br>E-mail: '.$_SESSION['USER_EMAIL'].' | |
<br>Country: '.$_SESSION['USER_COUNTRY'].' | |
<br>Rgdate: '.$_SESSION['USER_REGDATE'].' | |
<br> | |
</div> | |
<a class = "button profileb" href = "/account/logout">Выход</a> | |
<form method = "POST" action = "/account/edit" enctype = "multipart/form-data"> | |
<input type = "password" name = "old_password" placeholder="Старый Пароль" maxlength = "15" pattern = "[A-Za-z-0-9]{5,15}" title = "Не менее 5 и не более 15 латинских символов и цифр."><br> | |
<input type = "password" name = "new_password" placeholder="Новый Пароль" maxlength = "15" pattern = "[A-Za-z-0-9]{5,15}" title = "Не менее 5 и не более 15 латинских символов и цифр."><br> | |
<input type = "text" name = "name" placeholder="Имя" maxlength = "10" pattern = "[А-Яа-яЁё]{4,10}" title = "Не менее 4 и не более 10 русских букаф." value = "'.$_SESSION['USER_NAME'].'" required><br> | |
<select size = "1" name = "country" required> | |
'.str_replace('>'.$_SESSION['USER_COUNTRY'], 'selected>'.$_SESSION['USER_COUNTRY'], | |
'<option value = "1">Украина</option> | |
<option value = "2">Россия</option> | |
<option value = "3">Беларусь</option> | |
<option value = "4">Казахстан</option>').' | |
</select><br> | |
<div class = "attention"> | |
<input type = "file" name = "avatar" accept = "image/png"> | |
<p>*Аватарка должна быть в формате png и размером 120х120 рх</p><br> | |
</div> | |
<input type = "submit" name = "enter" value = "Редактировать"> | |
<input type = "reset" value = "Очистить"> | |
</form> | |
'; | |
?> | |
<!--<form method = "POST" action = "/account/profile"> | |
<input type = "button" name = "exit" value = "Выход"> | |
</form>--> | |
</div> | |
</div> | |
<?php Footer() ?> | |
</div> | |
</body> | |
</html> | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
ULogin(0); | |
?> | |
<!DOCTYPE html> | |
<html> | |
<?php Head('Регистрация')?> | |
<body> | |
<div class="wrapper"> | |
<div class="header"></div> | |
<div class="content"> | |
<?php Menu(); | |
MessageShow(); | |
?> | |
<form method = "POST" action = "/account/register"> | |
<input type = "text" name = "login" placeholder="Логин" maxlength = "10" pattern = "[A-Za-z-0-9]{3,10}" title = "Не менее 3 и не более 10 латинских символов и цифр." required><br> | |
<input type = "email" name = "email" placeholder="E-Mail" required><br> | |
<input type = "password" name = "password" placeholder="Пароль" maxlength = "15" pattern = "[A-Za-z-0-9]{5,15}" title = "Не менее 5 и не более 15 латинских символов и цифр." required><br> | |
<input type = "text" name = "name" placeholder="Имя" maxlength = "10" pattern = "[А-Яа-яЁё]{4,10}" title = "Не менее 4 и не более 10 русских букаф." required><br> | |
<select size = '1' name = 'country' required> | |
<option selected value = '0'>Украина</option> | |
<option value = '1'>Россия</option> | |
<option value = '2'>Беларусь</option> | |
<option value = '3'>Казахстан</option> | |
</select><br> | |
<input type = "file" name = "avatar"><br> | |
<div class = "capdiv"> | |
<input class = "capinp" type = "text" name = "captcha" placeholder="Каптча" maxlength = "5" pattern = "[0-9]{1,5}" title = "Не менее 5 и не более 5 цифр." required> | |
<img class = "capimg" src = "/resource/captcha.php" alt = "Каптча"> | |
</div> | |
<input type = "submit" name = "enter" value = "Регистрация"> | |
<input type = "reset" value = "Очистить"> | |
</form> | |
</div> | |
<?php Footer() ?> | |
</div> | |
</body> | |
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
ULogin(0); | |
?> | |
<!DOCTYPE html> | |
<html> | |
<?php Head('Восстановление пароля')?> | |
<body> | |
<div class="wrapper"> | |
<div class="header"></div> | |
<div class="content"> | |
<?php Menu(); | |
MessageShow(); | |
?> | |
<form method = "POST" action = "/account/restore"> | |
<input type = "email" name = "email" placeholder="E-mail" maxlength = "10" required><br> | |
<input type = "text" name = "login" placeholder="Логин" maxlength = "10" pattern = "[A-Za-z-0-9]{3,10}" title = "Не менее 3 и не более 10 латинских символов и цифр." required><br> | |
<div class = "capdiv"> | |
<input class = "capinp" type = "text" name = "captcha" placeholder="Каптча" maxlength = "5" pattern = "[0-9]{1,5}" title = "Не менее 5 и не более 5 цифр." required> | |
<img class = "capimg" src = "/resource/captcha.php" alt = "Каптча"> | |
</div> | |
<input type = "submit" name = "enter" value = "Восстановить"> | |
<input type = "reset" value = "Очистить"> | |
</form> | |
</div> | |
<?php Footer() ?> | |
</div> | |
</body> | |
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
session_start(); | |
$Random = rand(10001, 99999); | |
$_SESSION['captcha'] = md5($Random); | |
$im = imagecreatetruecolor(90, 30); | |
imagefilledrectangle($im, 0, 0, 110, 30, imagecolorallocate($im, 212, 75, 56)); | |
imagettftext($im, 40, 0, 15, 23, imagecolorallocate($im, 255, 255, 255), 'font.ttf', $Random); | |
header ('Expires: Wed, 1 Jan 1997 00:00:00 GMT'); | |
header ('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT'); | |
header ('Cache-Control: no-store, no-cache, must-revalidate'); | |
header ('Cache-Control: post-check=0, pre-check', false); | |
header ('Pragma: no-cache'); | |
header ('Content-type: image.gif'); | |
imagegif($im); | |
imagedestroy($im); | |
?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
*{margin: 0; padding: 0;} | |
body { | |
font: 12px/18px Arial, sens-serif; | |
width: 100%; | |
background: url(/resource/img/pw_maze_black.png); | |
} | |
.wrapper { | |
width: 1000px; | |
margin: 0 auto; | |
} | |
.text { | |
padding: 10px; | |
} | |
/* Header*/ | |
.header { | |
width: 900px; | |
height: 150px; | |
background: url(/resource/img/dota_logo.png) center no-repeat; | |
background-size: 70%, cover; | |
} | |
/* Middle*/ | |
.content { | |
width: 1000px; | |
height: 700px; | |
background: #d7d4d4; | |
} | |
.MenuHead { | |
display: block; | |
height: 60px; | |
} | |
.Menu { | |
float: left; | |
display: inline-block; | |
height: 20px; | |
background: #D44B38; | |
color: #fff; | |
padding: 20px; | |
font-size: 20px; | |
font-weight: bold; | |
} | |
.Menu:hover, .Cat:hover{ | |
opacity: 0.5; | |
cursor: pointer; | |
} | |
.CatHead { | |
display: block; | |
height: 40px; | |
margin: 10px 0 0 0; | |
} | |
.Cat { | |
float: left; | |
display: inline-block; | |
background: #D44B38; | |
color: #fff; | |
padding: 20px; | |
font-size: 15px; | |
font-weight: bold; | |
} | |
input[type=text], | |
input[type=password], | |
input[type=email] { | |
height: 15px; | |
width: 200px; | |
padding: 5px; | |
margin: 0 0 5px 0; | |
} | |
.button, | |
input[type=submit], | |
input[type=file], | |
input[type=reset] { | |
color: #fff; | |
text-decoration: none; | |
background: #D44B38; | |
padding: 8px; | |
border: 1px solid #A83B2D | |
} | |
.edit { | |
width: 140px; | |
display: inline; | |
} | |
.button:hover, | |
input[type=submit]:hover, | |
input[type=reset]:hover { | |
background: #E85F4C | |
} | |
.button.pass { | |
display: block; | |
margin: -10px 0 0 0; | |
width: 100px; | |
} | |
select { | |
height: 30px; | |
width: 100px; | |
padding: 5px; | |
margin: 0 0 5px 0; | |
} | |
input[type=file]{ | |
margin: 0 0 5px 0; | |
} | |
form { | |
margin: 10px 0 0 10px; | |
} | |
.attention p{ | |
position: absolute; | |
display: none; | |
opacity: 0; | |
} | |
.attention:hover p{ | |
display: inline; | |
opacity: 0.8; | |
} | |
.MessageBlock { | |
border: 1px solid #A83B2D; | |
background: #D44B38; | |
padding: 10px; | |
color: #fff; | |
} | |
.capinp { | |
max-width: 80px; | |
} | |
.capimg { | |
width: 90px; | |
height: 26px; | |
border: 1px solid #A83B2D; | |
margin: 0 0 -10px 0; | |
} | |
.capdiv { | |
width: 215px; | |
height: 30px; | |
margin: 0 0 5px 0; | |
} | |
.block { | |
border: 1px solid #e5e5e5; | |
background: #D7D4D4; | |
padding: 10px; | |
width: 815px; | |
height: 135px; | |
display: table; | |
line-height: 25px; | |
} | |
.profileb { | |
float: left; | |
width: 102px; | |
margin: -37px 0 0 0; | |
} | |
.guestbook_box { | |
height: 300px; | |
overflow: auto; | |
border: 1px solid #ddd; | |
} | |
.guestbook_block, | |
.news_block { | |
border: 1px solid #ddd; | |
background: #f2f2f2; | |
padding: 10px; | |
color: #000; | |
margin: 10px; | |
} | |
.guestbook_block span, | |
.news_block span{ | |
color: #828282; | |
font-size: 10px; | |
display: block; | |
} | |
.edit_a, | |
.main_a, | |
.page_selector_a{ | |
text-decoration: none; | |
} | |
.guestbook { | |
width: 300px; | |
height: 40px; | |
resize: none; | |
padding: 5px; | |
} | |
.PageSelector { | |
margin: 10px; | |
} | |
.SwchItem, .SwchItemCur { | |
padding: 2px 15px; | |
background: #D44B38; | |
color: #fff; | |
} | |
.SwchItemCur { | |
background: #A83B2D; | |
} | |
.Add { | |
width: 800px; | |
height: 300px; | |
} | |
/* Footer*/ | |
.footer { | |
height: 30px; | |
background: #2c2c2c; | |
color: #fff; | |
padding: 20px; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
define ('HOST', 'sitedota'); | |
define ('USER', 'root'); | |
define ('PASS', ''); | |
define ('DB', 'users'); | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment