alert('$anti_link');"; require_once("form.php"); die(); } } if ($c['captcha'] == "yes") { if($_POST['securityCode'] && $_SESSION['securityCode']) { if (strtolower($_POST['securityCode']) == $_SESSION['securityCode']) $errors = 0; else { $notice = ""; require_once("form.php"); die(); } } } if($_POST['autor'] == "") { $notice = ""; require_once("form.php"); die(); } if($_POST['title'] == "") { $notice = ""; require_once("form.php"); die(); } if($_POST['text'] == "") { $notice = ""; require_once("form.php"); die(); } if ($_POST['type'] == "p" || $_POST['type'] == "s") $type = $_POST['type']; else { $notice = ""; require_once("form.php"); die(); } if($_POST['email'] != "") { $email = substr($_POST['email'], 0, $c['count_symb_email']); if (!preg_match('/^[-0-9\.a-z_]+@([-0-9\.a-z]+\.)+[a-z]{2,6}$/i',$email)) { $notice = ""; require_once("form.php"); die(); } } if (is_numeric($_POST['id_category'])) $id_category = $_POST['id_category']; else { $notice = ""; require_once("form.php"); die(); } if ($_POST['city'] && $_POST['city'] != "0") $ins_city = htmlspecialchars($_POST['city']); else $ins_city = $lang[164]; function J_ucwords($str) { $repl = array('А' => 'а', 'Б' => 'б', 'В' => 'в', 'Г' => 'г', 'Ґ' => 'г', 'Д' => 'д', 'Е' => 'е', 'Ё' => 'е', 'Є' => 'е', 'Ж' => 'ж', 'З' => 'з', 'И' => 'и', 'І' => 'i', 'Й' => 'й', 'Ї' => 'i', 'К' => 'к', 'Л' => 'л', 'М' => 'м', 'Н' => 'н', 'О' => 'о', 'П' => 'п', 'Р' => 'р', 'С' => 'с', 'Т' => 'т', 'У' => 'у', 'Ў' => 'у', 'Ф' => 'ф', 'Х' => 'х', 'Ц' => 'ц', 'Ч' => 'ч', 'Ш' => 'ш', 'Щ' => 'щ', 'Ъ' => 'ъ', 'Ы' => 'ы', 'Ь' => 'ь', 'Э' => 'э', 'Ю' => 'ю', 'Я' => 'я', 'A' => 'а', 'B' => 'b', 'C' => 'c', 'D' => 'd', 'E' => 'e', 'F' => 'f', 'G' => 'g', 'H' => 'h', 'I' => 'i', 'J' => 'j', 'K' => 'k', 'L' => 'l', 'M' => 'm', 'N' => 'n', 'O' => 'o', 'P' => 'p', 'Q' => 'q', 'R' => 'r', 'S' => 's', 'T' => 't', 'U' => 'u', 'V' => 'v', 'W' => 'w', 'X' => 'x', 'Y' => 'y', 'Z' => 'z'); $str = strtr($str, $repl); $str = explode(" ", $str); $exceptions = array($lang[408]); $out = ""; foreach ($str as $word) { if (!in_array($word, $exceptions)) $out .= strtoupper($word[0]).substr($word, 1)." "; else $out .= $word." "; } return rtrim($out); } $autor = strip_tags($_POST['autor']); $autor = substr($autor, 0, $c['count_symb_autor']); $title = strip_tags($_POST['title']); $title = substr($title, 0, $c['count_symb_title']); $title = J_ucwords($title); $text = strip_tags($_POST['text']); $text = substr($text, 0, $c['count_symb_text']); $contacts = strip_tags($_POST['contacts']); $contacts = substr($contacts, 0, $c['count_symb_contacts']); $pass = strip_tags($_POST['pass']); $pass = substr($pass, 0, 8); if($_POST['url'] && $_POST['url'] != "http://") { $url = substr($_POST['url'], 0, $c['count_symb_url']); if (preg_match('|[^-a-z0-9_\.\:\/]|i', $url)) { $notice = ""; require_once("form.php"); die(); } $massiv = parse_url($url); $url = (@$massiv[host]) ? @$massiv[host] : @$massiv[path]; $url = preg_replace("/(http:\/\/|www\.)/", "", $url); } else $url = ""; $arr = J_ucwords($title." ".$text); $arr = preg_replace("/[^\w\x7F-\xFF\s]/", " ", $arr); $arr = explode (" ", $arr); $arr = array_unique($arr); $keywords = ""; foreach($arr as $key => $value) if (strlen($value) > 3) $keywords[] = trim($value); $key_words = implode(', ',$keywords); if (!get_magic_quotes_gpc()) { $autor = mysql_escape_string($autor); $title = mysql_escape_string($title); $contacts = mysql_escape_string($contacts); $text = mysql_escape_string($text); $pass = mysql_escape_string($pass); } else { $autor = str_replace("'","`",$autor); $title = str_replace("'","`",$title); $contacts = str_replace("'","`", $contacts); $text = str_replace("'","`",$text); $pass = str_replace("'","`",$pass); } if ($c['edit_message'] == "yes") $moder = "new"; else $moder = "old"; $query_dubl = mysql_query ("SELECT * FROM jb_board WHERE autor = '".$autor."' AND title = '".$title."' AND text = '".$text."'"); if ($query_dubl) { if (mysql_num_rows ($query_dubl)) { $notice = ""; require_once("form.php"); die(); } } #################################################### // Включаем функцию отправки рекламы пользователю. on или off $function_send_adver = "off"; // Включаем отправку общей рекламы, если не найден нужный файл. on или off $function_send_other_adver = "off"; // Если есть валидный e-mail if ($email) { // Если включена отправка рекламы if ($function_send_adver == "on") { // Кому отсылаем $to = $email; // Тема письма $subject = "=?windows-1251?b?".base64_encode($lang[640])."?=\r\n"; // Указываем путь и узнаем имя файла с рекламой $filename = "./mail_files/".$id_category.".txt"; // если нужный файл найден - Считываем содержимое if(file_exists($filename)) $message = file_get_contents($filename); // Если нужный файл не найден else { // Если включена отправка общей рекламы, когда не найдена целевая if ($function_send_other_adver == "on") { // Указываем путь к файлу с общей рекламой $all_mail = "./mail_files/all_mail.txt"; //если он найден - Считываем содержимое if(file_exists($all_mail)) $message = file_get_contents($all_mail); } } // Если хоть что-то нарыли - Шлём if ($message) { $return = "<".$c['admin_mail'].">"; $headers = 'MIME-Version: 1.0'."\r\n". 'Content-type: text/plain; charset=windows-1251'."\r\n". 'From: '.$frommail."\r\n". 'Reply-To: '.$frommail."\r\n". 'Return-Path: '.$frommail."\r\n". 'X-Mailer: PHP/'.phpversion()."\r\n"; $headers .="Content-type: text/plain; charset=windows-1251"."\r\n"; mail($to, $subject, $message, $headers); } } } #################################################### $ip=get_client_ip(); $reffer= $_SERVER['HTTP_REFERER']; $insert = mysql_query ("INSERT jb_board SET id_category = '".$id_category."', reffer = '".$reffer."', ip = '".$ip."', type = '".$type."', autor = '".$autor."', title = '".$title."', email = '".$email."', city = '".$ins_city."', url = '".$url."', contacts = '".$contacts."', text = '".$text."', old_mess = '".$moder."', keywords = '".$key_words."', time_delete = '".$_POST['time_delete']."', pass = '".$pass."', time_add = NOW(), date_add = NOW()"); $last_id = mysql_insert_id(); if ($insert) { $die_del_mess = "DELETE FROM jb_board WHERE id = '".$last_id."' LIMIT 1"; $die_del_img = "DELETE FROM jb_photo WHERE id_message = '".$last_id."'"; if ($_FILES['logo']) { if ($c['upload_images'] == "yes") { set_time_limit(0); $count_img_in_array = count($_FILES['logo']['name']); if ($c['count_images_for_users'] >= 1 && $c['count_images_for_users'] <= 5) { if ($count_img_in_array > $c['count_images_for_users']) { $notice = ""; $clear_mess = mysql_query ($die_del_mess); $clear_img = mysql_query ($die_del_img); require_once("form.php"); die(); } } for ($i = 0; $i < $count_img_in_array; $i++) { if($_FILES['logo']['error'][$i] == 0 && $_FILES['logo']['size'][$i] > 0) { $size = GetImageSize($_FILES["logo"]["tmp_name"][$i]); $cool_ext = array("image/gif","image/jpeg","image/png"); if (in_array($size['mime'], $cool_ext)) { if ($_FILES['logo']['size'][$i] < $c['upl_image_size']) { $insert_img = mysql_query ("INSERT jb_photo SET id_message = '".$last_id."'"); if ($insert_img)$file_id = mysql_insert_id(); else { $notice = ""; require_once("form.php"); die(); } $path = $PATH_TRANSLATED; $path = str_replace('saddboardform.php','', $path); $result = explode(".", $_FILES['logo']['name'][$i]); $result = array_reverse($result); $cool_ext2 = array("Gif","Jpeg","Jpg","Png"); if (!in_array(J_ucwords($result[0]), $cool_ext2)) { $notice = ""; $clear_mess = mysql_query ($die_del_mess); $clear_img = mysql_query ($die_del_img); require_once("form.php"); die(); } $ras = $result[0]; $w = $size[0]; $height = $size[1]; $filename = $file_id.".".$ras; $small_height = $height * $c['width_small_images'] / $w; if(!@img_resize($_FILES['logo']['tmp_name'][$i], $path.$us.$filename, $c['width_small_images'], $small_height)) { $notice = ""; $clear_mess = mysql_query ($die_del_mess); $clear_img = mysql_query ($die_del_img); require_once("form.php"); die(); } $normal_height = $height * $c['width_normal_images'] / $w; if(!@img_resize($_FILES['logo']['tmp_name'][$i], $path.$un.$filename, $c['width_normal_images'], $normal_height)) { $notice = ""; $clear_mess = mysql_query ($die_del_mess); $clear_img = mysql_query ($die_del_img); require_once("form.php"); die(); } $update = mysql_query ("UPDATE jb_photo SET photo_name = '".$filename."' WHERE id_photo = '".$file_id."' AND id_message = '".$last_id."' LIMIT 1"); if (!$update) { $notice = ""; $clear_mess = mysql_query ($die_del_mess); $clear_img = mysql_query ($die_del_img); require_once("form.php"); die(); } } else { $notice = ""; $clear_mess = mysql_query ($die_del_mess); $clear_img = mysql_query ($die_del_img); require_once("form.php"); die(); } } else { $notice = ""; $clear_mess = mysql_query ($die_del_mess); $clear_img = mysql_query ($die_del_img); require_once("form.php"); die(); } } } } else { $notice = ""; $clear_mess = mysql_query ($die_del_mess); $clear_img = mysql_query ($die_del_img); require_once("form.php"); die(); } } echo ""; echo ""; echo ""; echo ""; if ($c['admin_mail'] && $c['mail_about_new_mess'] == "yes") { $to = $c['admin_mail']; $subject = "=?windows-1251?b?".base64_encode($lang[215]." http://".$_SERVER['HTTP_HOST'].$GLOBALS['p']."/ ".$lang[216])."?=\r\n"; $return = "<".$c['admin_mail'].">"; $headers = 'MIME-Version: 1.0'."\r\n". 'Content-type: text/plain; charset=windows-1251'."\r\n". 'From: '.$frommail."\r\n". 'Reply-To: '.$frommail."\r\n". 'Return-Path: '.$frommail."\r\n". 'X-Mailer: PHP/'.phpversion()."\r\n"; $headers .="Content-type: text/plain; charset=windows-1251"."\r\n"; $msg = $lang[217]." ".PHP_EOL.PHP_EOL. 'autor email '.$email.PHP_EOL. // 'autor reffer '.$reffer.PHP_EOL. "http://".$_SERVER['HTTP_HOST'].$GLOBALS['p']."/advertisement/nesting/".$_POST['id_category']."/kind/".$last_id."/".PHP_EOL. $text.PHP_EOL.PHP_EOL.'ip https://apps.db.ripe.net/search/query.html?searchtext='.get_client_ip().PHP_EOL.'time '. date("dS of F Y h:i:s A").PHP_EOL. 'разрешить http://'.$_SERVER['HTTP_HOST'].$GLOBALS['p'].'/actions.php?act=enable&id='.$last_id.'&key=453535453535'.PHP_EOL. 'удалить http://'.$_SERVER['HTTP_HOST'].$GLOBALS['p'].'/actions.php?act=del&id='.$last_id.'&key=453535453535'; mail($to, $subject, $msg, $headers); // var_dump($frommail); die(); } echo "

".$lang[229]."

"; if ($c['edit_message'] == "yes") echo "
".$lang[205]; else echo "
".$lang[645].":
http://".$_SERVER['HTTP_HOST'].$GLOBALS['p']."/advertisement/nesting/".$_POST['id_category']."/kind/".$last_id."/

"; if ($c['money_service'] == "yes") echo "

".$lang[632]."
".$lang[633]." ".$lang[634]." ".$lang[635].".


"; echo "
 
"; echo "


".$lang[597]."...
"; echo "
"; echo "

".$lang[636]." →

← ".$lang[155]."



"; } else { $notice = ""; require_once("form.php"); die(); } } else require_once("form.php"); ?>