pdglobal
4/10/2018 - 11:31 AM

cms.php

<?PHP
function _getPage($pid) {
	if ($_GET['session'] == "" || $_GET['session'] == "undefined" || $_GET['session'] == "Undefined") {
		$_GET['session'] = $_COOKIE['sid'];
	}
	if ($_GET['session'] == "" || $_GET['session'] == "undefined" || $_GET['session'] == "Undefined") {
		$_GET['session'] = $_POST['session'];
	}
	$pid = mysql_escape_string($pid);
$praw = mysql_query("SELECT * FROM content WHERE pid = '".$pid."';");
if (mysql_num_rows($praw) > 0) {
$pdata = mysql_fetch_array($praw);
if ($pdata['auth'] > 0) {
$usrraw = mysql_query("SELECT * FROM auth_session WHERE sid = '".$_GET['session']."';");
if (mysql_num_rows($usrraw) > 0) {
$usrdatapre = mysql_fetch_array($usrraw);
$usrraw = mysql_query("SELECT * FROM account WHERE id = '".$usrdatapre['id']."';");
}
if (mysql_num_rows($usrraw) > 0) {
$usrdata = mysql_fetch_array($usrraw);
if ($usrdata['auth'] > $pdata['auth'] || $usrdata['auth'] == $pdata['auth']) {
if (_getip() == $usrdatapre['ip']) {
eval('?> '.$pdata['content']);	
}	else {
eval('?> '.$pdata['content']);	
}
} else {
if (strlen($_GET['session']) > 10) {
	if ($pid == "usercompose") {
$praw = mysql_query("SELECT * FROM content WHERE pid = 'userlogin';");
$pdata = mysql_fetch_array($praw);
eval('?> '.$pdata['content']);
die();	
} else {
$praw = mysql_query("SELECT * FROM content WHERE pid = '777';");
$pdata = mysql_fetch_array($praw);
eval('?> '.$pdata['content']);
die();
}
} else {
$praw = mysql_query("SELECT * FROM content WHERE pid = 'signin';");
$pdata = mysql_fetch_array($praw);
eval('?> '.$pdata['content']);
die();	
}
}
} else {
	if ($pid == "usercompose") {
$praw = mysql_query("SELECT * FROM content WHERE pid = 'userlogin';");
$pdata = mysql_fetch_array($praw);
eval('?> '.$pdata['content']);
die();	
} else {
	if (strlen($_GET['session']) > 10 && $usrdata['auth'] > $pdata['auth'] || $usrdata['auth'] > $pdata['auth']) {
		$praw = mysql_query("SELECT * FROM content WHERE pid = '777';");
$pdata = mysql_fetch_array($praw);
eval('?> '.$pdata['content']);
die();
	} else {
$praw = mysql_query("SELECT * FROM content WHERE pid = '401';");
$pdata = mysql_fetch_array($praw);
eval('?> '.$pdata['content']);
die();
		}
}
}
} else {
$usrraw = mysql_query("SELECT * FROM auth_session WHERE sid = '".$_GET['session']."';");
if (mysql_num_rows($usrraw) > 0) {
$usrdatapre = mysql_fetch_array($usrraw);
$usrraw = mysql_query("SELECT * FROM account WHERE id = '".$usrdatapre['id']."';");
}
if (mysql_num_rows($usrraw) > 0) {
$usrdata = mysql_fetch_array($usrraw);
}
eval('?> '.$pdata['content']);
}
} else {
$prawx = mysql_query("SELECT * FROM content WHERE pid = '404';");
$pdatax = mysql_fetch_array($prawx);
eval('?> '.$pdatax['content']);
}
if ($pid != "cron" && $pid != "chatcron" && $pid != "getonlinestatusx" && $pid != "access_logs" && $pid != "ping" && $pid != "commands" && $pid != "access_logs_back" && $pid != "chat-src" && $pid != "access_logs_fwd" && $pid != "footer" && $pid != "head" && $pid != "navbar" && $pid != "victor_out" && $pid != "victor_in" && $pid != "getmsgs" && $pid != "contactslist" && $pid != "chatgo" && $pid != "freeloggerbackend") {
	$nav_check = explode("-", $pid);
	if ($nav_check[1] != "nav") {
mysql_query("INSERT INTO access_logs (pid, ip, uid) VALUES ('".mysql_escape_string($pid)."','".mysql_escape_string(getUserIP())."','".mysql_escape_string($usrdata['username'])."');") or die(mysql_error());
	}
}
$timestamp = date_timestamp_get(date_create())*1000;
mysql_query("UPDATE account SET last_login='".$timestamp."' WHERE id = '".$usrdata['id']."';") or die(mysql_error());
?>