?php //require 'dp_maintenance_mode.php'; //ini_set('display_errors','On'); ini_set('display_errors', 'Off'); //error_reporting(E_ALL); $begintime = microtime(true); @$whatpage = preg_replace("/[^a-z0-9-_]/i", "", $_REQUEST['whatpage']); @$catpage = preg_replace("/[^a-z0-9-_]/i", "", $_REQUEST['catpage']); @$subcatpage = preg_replace("/[^a-z0-9-_]/i", "", $_REQUEST['subcatpage']); foreach ($_GET as $var => $secvalue) { if ((preg_match("/<[^>]*script*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]*object*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]*iframe*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]*applet*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]*meta*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]*style*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]*form*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]*img*\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]*onmouseover*\"?[^>]*>/i", $secvalue)) || (preg_match("/\([^>]*\"?[^)]*\)/i", $secvalue)) || (preg_match("/\"/i", $secvalue))) { die("BAD YOUR CODE"); exit; } } foreach ($_POST as $secvalue) { if ((preg_match("/<[^>]*script *\"?[^>]*>/i", $secvalue)) || (preg_match("/<[^>]*style*\"?[^>]*>/i", $secvalue))) { die("BAD YOUR CODE"); exit; } } define('BOOTSTR', __FILE__); define('ROOT_PATH', str_replace("\\", "/", realpath(dirname(BOOTSTR))) . '/'); define('ENGINE', ROOT_PATH . 'engine/'); include ENGINE . 'functions.php'; if (empty($whatpage)) { if (empty($catpage)) { $myFile = ARTICLES . 'main.dat'; $id_body = 'home'; } else { if (empty($subcatpage)) { $myFile = ARTICLES . $catpage . '/main.dat'; $id_body = $catpage; } else { $myFile = ARTICLES . $catpage . '/' . $subcatpage . '/main.dat'; $id_body = $catpage; } } } else { if (empty($catpage)) { $myFile = ARTICLES . $whatpage . '.dat'; $id_body = $whatpage; } else { if (empty($subcatpage)) { $myFile = ARTICLES . $catpage . '/' . $whatpage . '.dat'; $id_body = $catpage; } else { $myFile = ARTICLES . $catpage . '/' . $subcatpage . '/' . $whatpage . '.dat'; $id_body = $catpage; } } } $fh = @fopen($myFile, 'r'); if (!$fh) { $myFile = ARTICLES . '404.dat'; header('Status: 404'); header('HTTP/1.1 404 Not Found'); $fh = @fopen($myFile, 'r'); } $data = fread($fh, filesize($myFile)); fclose($fh); $text = explode('', $data); @$sitetitle = trim($text[1]); $text = explode('', $data); @$contentcenter .= $text[1]; $text = explode('', $data); @$myinclude .= trim($text[1]); $text = explode('', $data); @$pagetitle .= trim($text[1]); $text = explode('', $data); @$slogan .= trim($text[1]); $text = explode('', $data); @$smallphoto .= trim($text[1]); $text = explode('', $data); @$date .= trim($text[1]); $text = explode('', $data); @$metadescription .= trim($text[1]); $text = explode('', $data); @$metakeywords .= trim($text[1]); $text = explode('', $data); @$skin .= trim($text[1]); @$lnav = linkator($whatpage, $catpage, $subcatpage, $sitetitle); if (@$whatpage === @news) { $vn = (isset($_GET['view'])) ? stripslashes(trim($_GET['view'])) : ""; $newspage = (isset($_GET['newspage'])) ? intval($_GET['newspage']) : "1"; $catn = (isset($_GET['catnews'])) ? trim($_GET['catnews']) : ""; $h_brcr ='
'; $f_brcr ='
'; if ($catn == "") { if ($vn == "") { $sitetitle = "Новости"; $lnav = ''.$h_brcr.''.$sitetitle .' '.$f_brcr.''; $metadescription = 'Новости сайта - ' . $sitename . ''; } } else { if ($vn == "") { @$cat_title = file_get_contents(NEWS . $catn . "/info.txt"); $sitetitle = trim(@$cat_title); $lnav = ''.$h_brcr.' Новости '.$sitetitle .' '.$f_brcr.''; } else { $scan_vn = glob(NEWS . $catn . "/*-" . $vn . ".dat"); if ($scan_vn) { $news_vn = $scan_vn[0]; } else { header('Location: /404.htm', true, 303); exit(); } $newscontents = unserialize(file_get_contents("$news_vn")); @$cat_title = file_get_contents(NEWS . $catn . "/info.txt"); $sitetitle = trim(@$newscontents[head]); $lnav = ''.$h_brcr.' Новости '.@$newscontents[catnews].' '.$sitetitle.' '.$f_brcr.''; $metadescription = 'Новости сайта ' . $sitename . ' - ' . @$newscontents[description] . ''; @$metakeywords = @$newscontents[keywords]; } } } if ($skin !== "") { $template = $skin; } include SKINS . $template . '/template.php'; ?>