funciones

1. <?php
2.  
3. session_start();
4. error_reporting(E_ALL ^ E_NOTICE);
5. date_default_timezone_set("america/Sao_Paulo");
6. require_once 'ajustes.php';
7. $db = new Conexion();
8. $datos = new datos();
9.  
10. define('www', $datos->sitio('www'));
11. define('name', $datos->sitio('name'));
12. define('mision', $datos->sitio('mision'));
13. define('avatar', $datos->sitio('avatar'));
14. define('logo', $datos->sitio('logo'));
15. define('fb', $datos->sitio('fb'));
16. define('badges', $datos->sitio('badges'));
17. define('portada', $datos->sitio('portada'));
18. define('minrank', $datos->sitio('minrank'));
19. define('hkmin', $datos->sitio('hkmin'));
20. define('hkmax', $datos->sitio('hkmax'));
21. define('panel', $datos->sitio('panel'));
22. define('pinhk', $datos->sitio('pinhk'));
23.  
24. class totixcms {
25.  
26. public function copyright() {
27. // Hash copyright
28. $hash = "VG90aXhDTVM=";
29.  
30. return $hash;
31. }
32.  
33. public function hasht($password) {
34.  
35. $password = md5($password);
36.  
37. return $password;
38. }
39.  
40. public function fecha($a) {
41. $H = date('H');
42. $i = date('i');
43. $s = date('s');
44. $m = date('m');
45. $d = date('d');
46. $Y = date('Y');
47. $j = date('j');
48. $n = date('n');
49. $today = $d;
50. $month = $m;
51. $year = $Y;
52. $getmoney_date = date('d/m/Y',mktime($m,$d,$Y));
53. $birthday_date = date('d/m', mktime($m,$d));
54. $date_normal = date('d/m/Y',mktime($m,$d,$Y));
55. $date_full = date('d/m/Y - H:i:s',mktime($H,$i,$s,$m,$d,$Y));
56.  
57. $fecha = array('normal' => $date_normal, 'completa' => $date_full);
58.  
59. return $fecha[$a];
60. }
61.  
62. public function fecha_dat($a) {
63. $day = date("d", $a);
64. $dname = date("m", $a);
65. $year = date("Y", $a);
66. $ampm = date("a", $a);
67. $hour = date("g", $a);
68. $minuts = date("i", $a);
69.  
70. switch($dname)
71. {
72. case 1: $dname = "enero"; break;
73. case 2: $dname = "febrero"; break;
74. case 3: $dname = "marzo"; break;
75. case 4: $dname = "abril"; break;
76. case 5: $dname = "mayo"; break;
77. case 6: $dname = "jun"; break;
78. case 7: $dname = "julio"; break;
79. case 8: $dname = "agosto"; break;
80. case 9: $dname = "septiembre"; break;
81. case 10: $dname = "octubre"; break;
82. case 11: $dname = "noviembre"; break;
83. case 12: $dname = "diciembre"; break;
84. }
85. return $day." de ".$dname." del ".$year." a la(s) ".$hour.":".$minuts." ".$ampm;
86. }
87.  
88. public function getlast($a){
89. $day = date("d", $a);
90. $dname = date("m", $a);
91. $year = date("Y", $a);
92. $ampm = date("a", $a);
93. $hour = date("g", $a);
94. $minuts = date("i", $a);
95.  
96. $datenow = time();
97. $difference = $datenow - $a;
98.  
99. switch($dname)
100. {
101. case 1: $dname = "enero"; break;
102. case 2: $dname = "febrero"; break;
103. case 3: $dname = "marzo"; break;
104. case 4: $dname = "abril"; break;
105. case 5: $dname = "mayo"; break;
106. case 6: $dname = "jun"; break;
107. case 7: $dname = "julio"; break;
108. case 8: $dname = "agosto"; break;
109. case 9: $dname = "septiembre"; break;
110. case 10: $dname = "octubre"; break;
111. case 11: $dname = "noviembre"; break;
112. case 12: $dname = "diciembre"; break;
113. }
114.  
115. $minutos = date('i', $difference);
116.  
117. if($difference <= 59)
118. {
119. return 'Hace ' . $difference . ' segundo(s)';
120. }
121. elseif($difference <= '3599' && $difference >= '60')
122. {
123. if($minutos[0] == 0) {
124. $minutos = $minutos[1];
125. }
126. if($minutos == 1) {
127. $minutos_str = 'minuto';
128. }
129. else {
130. $minutos_str = 'minutos';
131. }
132. return 'Hace '.$minutos.' '.$minutos_str;
133. }
134. elseif($difference >= '3600' && $difference <= '86399')
135. {
136. return 'Hoy a la(s) '.$hour.':'.$minuts. ' '.$ampm;
137. }
138. elseif($difference >= '86400' && $difference <= '172799')
139. {
140. return 'Ayer a la(s) '.$hour.':'.$minuts. ' '.$ampm;
141. }
142. else
143. {
144. return $day." de ".$dname." del ".$year." a la(s) ".$hour.":".$minuts." ".$ampm;
145. }
146. }
147.  
148. public function voucher() {
149.  
150. $caracteres = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890";
151. $numerodeletras = 10;
152. $voucher_rand = "";
153. for($i=0;$i<$numerodeletras;$i++)
154. {
155. $voucher_rand .= substr($caracteres,rand(0,strlen($caracteres)),1);
156. }
157.  
158. return $voucher_rand;
159. }
160.  
161. public function ip() {
162. if($_SERVER) {
163. if($_SERVER["HTTP_X_FORWARDED_FOR"]) {
164. $realip = $_SERVER["HTTP_X_FORWARDED_FOR"];
165. } elseif ($_SERVER["HTTP_CLIENT_IP"]) {
166. $realip = $_SERVER["HTTP_CLIENT_IP"];
167. } else {
168. $realip = $_SERVER["REMOTE_ADDR"];
169. }
170. } else {
171. if(getenv("HTTP_X_FORWARDED_FOR")) {
172. $realip = getenv("HTTP_X_FORWARDED_FOR");
173. } elseif(getenv("HTTP_CLIENT_IP")) {
174. $realip = getenv("HTTP_CLIENT_IP");
175. } else {
176. $realip = getenv("REMOTE_ADDR");
177. }
178. }
179. return $realip;
180. }
181.  
182. public function filtro($str) {
183. global $db;
184. $str = $db->real_escape_string(htmlspecialchars(trim($str)));
185. $texto = $str;
186. $texto = str_replace("INSERT","IN-SER-T",$texto);
187. $texto = str_replace("DELETE","DE-LE-TE",$texto);
188. $texto = str_replace("TRUNCATE","TRUN-CA-TE",$texto);
189. $texto = str_replace("SELECT","SE-LEC-T",$texto);
190. $texto = str_replace("ALTER","AL-TER",$texto);
191. $texto = str_replace("UPDATE","UP-DA-TE",$texto);
192. $texto = str_replace("inert","IN-SER-T",$texto);
193. $texto = str_replace("delete","DE-LE-TE",$texto);
194. $texto = str_replace("truncate","TRUN-CA-TE",$texto);
195. $texto = str_replace("select","SE-LEC-T",$texto);
196. $texto = str_replace("alter","AL-TER",$texto);
197. $texto = str_replace("update","UP-DA-TE",$texto);
198. $texto = str_replace("script","S-C-R-I-P-T",$texto);
199. $texto = str_replace("Script","S-C-R-I-P-T",$texto);
200. $texto = str_replace("SCRIPT","S-C-R-I-P-T",$texto);
201. $texto = str_replace('"','&#34;',$texto);
202. $texto = str_replace("'","&#39;",$texto);
203. $texto = str_replace("<","&#60;",$texto);
204. $texto = str_replace(">","&#62;",$texto);
205. $texto = str_replace("(","&lpar;",$texto);
206. $str = str_replace(")","&rpar;",$texto);
207. return $str;
208. }
209.  
210. public function bbcode($bbcode) {
211. global $datos;
212. $text = $this->filtro($bbcode);
213. $txt = $text;
214.  
215. $txt = str_replace("*sonrisa*", '<img src="/app/images/emojis/Emoji%20Smiley-01.png" width="30" height="30" />', $txt);
216. $txt = str_replace("*feliz*", '<img src="/app/images/emojis/Emoji%20Smiley-04.png" width="30" height="30" />', $txt);
217. $txt = str_replace("*enamorado*", '<img src="/app/images/emojis/Emoji%20Smiley-07.png" width="30" height="30" />', $txt);
218. $txt = str_replace("*besar*", '<img src="/app/images/emojis/Emoji%20Smiley-08.png" width="30" height="30" />', $txt);
219. $txt = str_replace("*loco*", '<img src="/app/images/emojis/Emoji%20Smiley-12.png" width="30" height="30" />', $txt);
220. $txt = str_replace("*triste*", '<img src="/app/images/emojis/Emoji%20Smiley-17.png" width="30" height="30" />', $txt);
221. $txt = str_replace("*tranqui*", '<img src="/app/images/emojis/Emoji%20Smiley-18.png" width="30" height="30" />', $txt);
222. $txt = str_replace("*ayno*", '<img src="/app/images/emojis/Emoji%20Smiley-19.png" width="30" height="30" />', $txt);
223. $txt = str_replace("*lol*", '<img src="/app/images/emojis/Emoji%20Smiley-23.png" width="30" height="30" />', $txt);
224. $txt = str_replace("*llora*", '<img src="/app/images/emojis/Emoji%20Smiley-24.png" width="30" height="30" />', $txt);
225. $txt = str_replace("*preocupado*", '<img src="/app/images/emojis/Emoji%20Smiley-27.png" width="30" height="30" />', $txt);
226. $txt = str_replace("*wow*", '<img src="/app/images/emojis/Emoji%20Smiley-33.png" width="30" height="30" />', $txt);
227. $txt = str_replace("*enojado*", '<img src="/app/images/emojis/Emoji%20Smiley-35.png" width="30" height="30" />', $txt);
228. $txt = str_replace("*thuglife*", '<img src="/app/images/emojis/Emoji%20Smiley-41.png" width="30" height="30" />', $txt);
229. $txt = str_replace("*zzz*", '<img src="/app/images/emojis/Emoji%20Smiley-42.png" width="30" height="30" />', $txt);
230. $txt = str_replace("*muerto*", '<img src="/app/images/emojis/Emoji%20Smiley-44.png" width="30" height="30" />', $txt);
231. $txt = str_replace("*dfeliz*", '<img src="/app/images/emojis/Emoji%20Smiley-48.png" width="30" height="30" />', $txt);
232. $txt = str_replace("*denojado*", '<img src="/app/images/emojis/Emoji%20Smiley-49.png" width="30" height="30" />', $txt);
233. $txt = str_replace("*pockerface*", '<img src="/app/images/emojis/Emoji%20Smiley-52.png" width="30" height="30" />', $txt);
234. $txt = str_replace("*angel*", '<img src="/app/images/emojis/Emoji%20Smiley-56.png" width="30" height="30" />', $txt);
235. $txt = str_replace("*sexy*", '<img src="/app/images/emojis/Emoji%20Smiley-57.png" width="30" height="30" />', $txt);
236. $txt = str_replace("*gotas*", '<img src="/app/images/emojis/Emoji%20Smiley-97.png" width="30" height="30" />', $txt);
237. $txt = str_replace("*fuego*", '<img src="/app/images/emojis/Emoji%20Smiley-91.png" width="30" height="30" />', $txt);
238. $txt = str_replace("*estrellas*", '<img src="/app/images/emojis/Emoji%20Smiley-92.png" width="30" height="30" />', $txt);
239. $txt = str_replace("*corazon*", '<img src="/app/images/emojis/Emoji%20Smiley-173.png" width="30" height="30" />', $txt);
240. $txt = preg_replace("/((youtubevideo-)[^\s]+)/", '<iframe width="720" height="315" src="https://www.youtube.com/embed/'. substr($txt, -11) .'" frameborder="0" allowfullscreen></iframe>', $txt);
241. $a = array(
242. "/\[i\](.*?)\[\/i\]/is",
243. "/\[b\](.*?)\[\/b\]/is",
244. "/\[u\](.*?)\[\/u\]/is",
245. "/\[img\](.*?)\[\/img\]/is",
246. "/\[url=(.*?)\](.*?)\[\/url\]/is",
247. "/\[br\]/is"
248. );
249. $b = array(
250. "<i>$1</i>",
251. "<b>$1</b>",
252. "<u>$1</u>",
253. "<center><img src=\"$1\" class=\"img-actividad\" /></center>",
254. "<a href=\"$1\" target=\"_blank\">$2</a>" ,
255. "<br />"
256. );
257. $txt = preg_replace($a, $b, $txt);
258. $txt = nl2br($txt);
259.  
260. return $txt;
261. }
262.  
263. public function onlines() {
264.  
265. global $db;
266. $sql_onlines = $db->query("SELECT * FROM users WHERE online = '1'");
267. $ons = $sql_onlines->num_rows;
268.  
269. $onlines = '<img src="'.www.'/app/images/online.gif" /> Hay <b>'.$ons.'</b> usuarios en línea';
270.  
271. return $onlines;
272. }
273.  
274. public function adduser() {
275.  
276. global $db;
277. if(isset($_POST['reg_usuario']) && isset($_POST['reg_mail']) && isset($_POST['reg_contrasena']) && isset($_POST['reg_rcontrasena']))
278. {
279.  
280. $Getnombre = $db->query("SELECT * FROM users WHERE username = '". $_POST['reg_usuario'] ."'");
281. $Getmail = $db->query("SELECT * FROM users WHERE mail = '". $_POST['reg_mail'] ."'");
282.  
283. if(isset($_POST['g-recaptcha-response'])){
284. $captcha = $_POST['g-recaptcha-response'];
285. }
286.  
287. $look = substr($_POST['habbo-avatar'], 0, -9);
288. $gender = substr($_POST['habbo-avatar'], -1);
289. $filter = preg_replace("/[^a-z\d\-=\?!@:\.]/i", "", $_POST['reg_usuario']);
290.  
291. if(empty($_POST['reg_usuario']) || empty($_POST['reg_mail']) || empty($_POST['reg_contrasena']) || empty($_POST['reg_rcontrasena']))
292. {
293. $_SESSION['reg_error'] = 'No dejes los campos vacios';
294. return false;
295. }
296. elseif($_POST['reg_usuario'] !== $filter)
297. {
298. $_SESSION['reg_error'] = 'Inserta un nombre con caracteres válidos';
299. return false;
300. }
301. elseif($Getnombre->num_rows > 0)
302. {
303. $_SESSION['reg_error'] = 'El nombre de usuario ya esta en uso, pon otro';
304. return false;
305. }
306. elseif($Getmail->num_rows > 0)
307. {
308. $_SESSION['reg_error'] = 'El email ya esta en uso, pon otro';
309. return false;
310. }
311. elseif($_POST['reg_contrasena'] !== $_POST['reg_rcontrasena'])
312. {
313. $_SESSION['reg_error'] = 'Las contraseñas no coinciden';
314. return false;
315. }
316. elseif(strlen($_POST['reg_usuario']) > 12 || strlen($_POST['reg_usuario']) < 3)
317. {
318. $_SESSION['reg_error'] = 'El nombre de usuario debe de tener entre 3 y 12 caracteres';
319. return false;
320. }
321. elseif(strrpos($_POST['reg_usuario'], "MOD-") !== false)
322. {
323. $_SESSION['reg_error'] = 'No puedes registrarte con el prefijo <i>MOD-</i>';
324. return false;
325. }
326. elseif(strrpos($_POST['reg_usuario'], " ") || strrpos($_POST['reg_usuario'], " ") !== false)
327. {
328. $_SESSION['reg_error'] = 'Tu nombre no puede contener espacios';
329. return false;
330. }
331. elseif(strrpos($_POST['reg_usuario'], ".") || strrpos($_POST['reg_usuario'], ".") !== false)
332. {
333. $_SESSION['reg_error'] = 'Tu nombre no puede contener puntos';
334. return false;
335. }
336. else
337. {
338. $db->query("INSERT INTO users (username, password, mail, look, gender, motto, ip_reg, portada, date_created) VALUES ('". $this->filtro($_POST['reg_usuario']) ."', '".$this->hasht($_POST['reg_contrasena'])."', '". $this->filtro($_POST['reg_mail']) ."', '". $look ."', '". $gender ."', '". mision ."', '". $this->ip() ."', '". portada ."', '" . time() ."')");
339. $_SESSION['username'] = $_POST['reg_usuario'];
340. $_SESSION['password'] = $_POST['reg_contrasena'];
341. return true;
342. }
343. }
344. }
345.  
346. public function checkinfo() {
347.  
348. global $db;
349. $sql_user = $db->query("SELECT * FROM users WHERE username = '". $this->filtro($_POST['username']) ."' AND password = '". $this->hasht($_POST['password']) ."' LIMIT 1");
350.  
351. if(isset($_POST['username']) && isset($_POST['password']))
352. {
353. if(empty($_POST['username']) || empty($_POST['password']))
354. {
355. $loginerror = 'Por favor rellena todos los campos';
356. $_SESSION['login_error'] = $loginerror;
357. return false;
358. }
359. elseif($sql_user->num_rows < 1)
360. {
361. $loginerror = 'Los datos son incorrectos o el nombre de usuario no existe';
362. $_SESSION['login_error'] = $loginerror;
363. return false;
364. }
365. elseif($sql_user->num_rows > 0)
366. {
367. $_SESSION['username'] = $_POST['username'];
368. $_SESSION['password'] = $_POST['password'];
369. return true;
370. }
371. }
372. }
373.  
374. public function checklogged($a) {
375. if($a == 'yes')
376. {
377. if(isset($_SESSION['username']) && isset($_SESSION['password']))
378. {
379. header("Location: /me");
380. exit;
381. }
382. }
383. elseif($a == 'no')
384. {
385. if(empty($_SESSION['username']) && empty($_SESSION['password']))
386. {
387. header("Location: /");
388. exit;
389. }
390. }
391. }
392.  
393. public function user($a) {
394. global $db;
395. $user = $db->query("SELECT * FROM users WHERE username = '". $_SESSION['username'] ."' AND password = '". $this->hasht($_SESSION['password']) ."' LIMIT 1");
396. if($user->num_rows > 0)
397. {
398. $usr = $user->fetch_array();
399. return $usr[$a];
400. }
401. else
402. {
403. switch($a)
404. {
405. case 'id':
406. return 0;
407. break;
408. case 'username':
409. return 'Invitado';
410. break;
411. case 'motto':
412. return 'Tengo que registrarme!';
413. break;
414. case 'look':
415. return 'sh-290-1408.ch-215-1301.lg…70-1223.hd-180-1.hr-100-40';
416. break;
417. }
418. }
419. }
420.  
421. public function checkrank($a) {
422.  
423. if($a == 'sin-acceso' && $this->user('rank') < hkmin)
424. {
425. header("Location: /");
426. exit;
427. }
428. elseif($a == 'maxrank' && $this->user('rank') < hkmax)
429. {
430. header("Location: ".www.panel."");
431. exit;
432. }
433. }
434.  
435. public function contar($cosa, $nombre) {
436.  
437. global $db;
438. switch($cosa)
439. {
440. case 'amigos':
441. $contador = $db->query("SELECT * FROM messenger_friendships WHERE user_one_id = '" . $nombre . "' OR user_two_id = '" . $nombre . "'");
442. $result = $contador->num_rows;
443.  
444. return $result;
445. break;
446. case 'fotos':
447. $contador = $db->query("SELECT * FROM server_pictures WHERE user_id = '". $nombre ."'");
448. $result = $contador->num_rows;
449.  
450. return $result;
451. break;
452. case 'salas':
453. $contador = $db->query("SELECT * FROM rooms WHERE owner = '". $nombre ."'");
454. $result = $contador->num_rows;
455.  
456. return $result;
457. break;
458. }
459.  
460. }
461.  
462. public function verificado($rango) {
463.  
464. if($rango > minrank)
465. {
466. return ' <i class="icono azul glyphicon glyphicon-ok" title="Verificado"></i>';
467. }
468. }
469.  
470. public function banned() {
471.  
472. global $db;
473. $checkban = $db->query("SELECT * FROM bans WHERE value = '". $this->user('username') ."' OR value = '". $this->ip() ."' LIMIT 1");
474.  
475. if($checkban->num_rows > 0)
476. {
477. header("Location: /banned");
478. exit;
479. }
480. }
481.  
482. public function hk_login() {
483.  
484. global $db;
485. if(isset($_POST['hk_submit']))
486. {
487. if(empty($_POST['hk_username']) || empty($_POST['hk_password']) || empty($_POST['hk_pin']))
488. {
489. $_SESSION['hk_error'] = 'No dejes espacios en blanco';
490. return false;
491. }
492. elseif($_POST['hk_username'] != $_SESSION['username'])
493. {
494. $_SESSION['hk_error'] = 'El nombre de usuario que intentas poner, no pertenece a tu cuenta activa actualmente';
495. return false;
496. }
497. elseif($_POST['hk_password'] != $_SESSION['password'])
498. {
499. $_SESSION['hk_error'] = 'La contraseña no es la correcta';
500. return false;
501. }
502. elseif($_POST['hk_pin'] != pinhk)
503. {
504. $_SESSION['hk_error'] = 'El pin de seguridad no es el correcto';
505. return false;
506. }
507. elseif($this->user('rank') < hkmin)
508. {
509. $_SESSION['hk_error'] = 'No tienes el rango suficiente para entrar al panel de administración';
510. return false;
511. }
512. else
513. {
514. $db->query("INSERT INTO stafflogs (action, message, note, userid, timestamp) VALUES ('Logeo', '". $this->user('username') ." ingreso al panel', '". $this->user('rank') ."', '". $this->user('id') ."', '". time() ."')");
515. $_SESSION['hk_loged'] = 'loged';
516. return true;
517. }
518. }
519. }
520. }
521.  
522. $totix = new totixcms();
523.  
524. ?>