<?PHP
ini_set('error_reporting', E_ALL);
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
header("Content-type: text/html; charset=utf-8");
function check_text($text) {
$arraysql = array('UNION','SELECT','OUTFILE','LOAD_FILE','GROUP BY','ORDER BY','INFORMATION_SCHEMA.TABLES','BENCHMARK','FLOOR','SLEEP','CHAR','select','sleep','union','floor','char','group by','order by','load_file');
$replacesql ='';
$text2=$text;
$text2=mb_strtoupper($text2);
$text2=str_replace($arraysql, $replacesql, $text2,$count);
if($count!=0){ echo "Ошибка, сработала защита.<br>Подозрение на SQL inj или XXS "; exit;}
$array_find = array("'",'"','/**/','0x','/*','--','\x27', '\x22', '\x60', '\t', '\n', '\r', '%', '<', '>', '?', '!', '+', '#');
$array_replace ='';
$text=str_replace($array_find, $array_replace, $text);
return $text;
}
foreach($_GET as $i => $value){ $_GET[$i]=check_text($_GET[$i]);}
foreach($_POST as $i => $value){ $_POST[$i]=check_text($_POST[$i]);}
foreach($_COOKIE as $i => $value){ $_COOKIE[$i]=check_text($_COOKIE[$i]);}
# Счетчик
function TimerSet(){
list($seconds, $microSeconds) = explode(' ', microtime());
return $seconds + (float) $microSeconds;
}
$_timer_a = TimerSet();
# Старт сессии
@session_start();
# Старт буфера
@ob_start();
# Default
$_OPTIMIZATION = array();
$_OPTIMIZATION["title"] = "";
$_OPTIMIZATION["description"] = "";
$_OPTIMIZATION["keywords"] = "";
# Константа для Include
define("AlexMoon", true);
define('BASE_DIR',$_SERVER['DOCUMENT_ROOT']);
# Автоподгрузка классов
function __autoload($name){ include("classes/_class.".$name.".php");}
# Класс конфига
$config = new config;
# Функции
$func = new func;
# Установка REFERER
include("inc/_set_referer.php");
# База данных
include(BASE_DIR.'/inc/_connect.php');
$result = $pdo->query("SELECT * FROM `db_config` WHERE `id` = '1' LIMIT 1");
$db_config = $result->fetch();
$db = new db($config->HostDB, $config->UserDB, $config->PassDB, $config->BaseDB);
$life_time = new life_time($db);
$life_time->CheckTime();
$db->Query("SELECT * FROM `db_config` WHERE `id` = '1' LIMIT 1");
$db_config = $db->FetchArray();
# Конкурсы
$invcomp = new invcomp($db,$db_config['ser_per_wmr']);
$invcomp->CheckComp();
$comp = new comp($db,$db_config['ser_per_wmr']);
$comp->CheckComp();
# Шапка
@include("inc/_header.php");
if(isset($_GET["menu"])){
$menu = strval($_GET["menu"]);
switch($menu){
case "404": include("pages/_404.php"); break; // Страница ошибки
case "rules": include("pages/_rules.php"); break; // Правила проекта
case "about": include("pages/_about.php"); break; // О проекте
case "contacts": include("pages/_contacts.php"); break; // Контакты
case "news": include("pages/_news.php"); break; // Новости
case "signup": include("pages/_signup.php"); break; // Регистрация
case "login": include("pages/_login.php"); break; // Вход
case "recovery": include("pages/_recovery.php"); break; // Восстановление пароля
case "account": include("pages/_account.php"); break; // Аккаунт
case "stats": include("pages/_stats.php"); break; // Статистика
case "competitions": include("pages/_competitions.php"); break; // Конкурсы
case "feedback": include("pages/_feedback.php"); break; // Отзывы
case "comp": include("pages/_competitionsr.php"); break; // Конкурс рефералов
case "faq": include("pages/_faq.php"); break; // Конкурс рефералов
case "admin": include("pages/_admin.php"); break; // Админка
# Страница ошибки
default: @include("pages/_404.php"); break;
}
}else @include("pages/_index.php");
# Заносим контент в переменную
$content = ob_get_contents();
# Очищаем буфер
ob_end_clean();
# Заменяем данные
$content = str_replace("{!TITLE!}",$_OPTIMIZATION["title"],$content);
$content = str_replace('{!DESCRIPTION!}',$_OPTIMIZATION["description"],$content);
$content = str_replace('{!KEYWORDS!}',$_OPTIMIZATION["keywords"],$content);
$content = str_replace('{!GEN_PAGE!}', sprintf("%.5f", (TimerSet() - $_timer_a)) ,$content);
# Вывод баланса
if(isset($_SESSION["user_id"])){
$user_id = $_SESSION["user_id"];
$db->Query("SELECT money_b, money_p, money_s FROM db_users_b WHERE id = '$user_id'");
$balance = $db->FetchArray();
$content = str_replace('{!BALANCE_B!}', sprintf("%.2f", $balance["money_b"]) ,$content);
$content = str_replace('{!BALANCE_P!}', sprintf("%.2f", $balance["money_p"]) ,$content);
$content = str_replace('{!BALANCE_C!}', sprintf("%.2f", $balance["money_s"]) ,$content);
}
// Выводим контент
echo $content;
?>