<?php
session_start();
session_name('sess');


$_POST = $HTTP_POST_VARS;
$_GET = $HTTP_GET_VARS;
$_REQUEST = array_merge($_POST, $_GET);
$_COOKIE = $HTTP_COOKIE_VARS;
$_SESSION = $HTTP_SESSION_VARS;

function Add_Array($array) {
	reset($array);
	while (list($feld, $wert) = each($array)) {
		if (is_string($wert)) {
			$array[$feld] = addslashes($wert);
		} else {
			if (is_array($wert)) {
				$array[$feld] = Add_Array($wert);
			}
		}
	}
	return $array;
}

if (!get_magic_quotes_gpc()) {
	$_REQUEST = Add_Array($_REQUEST);
	$_POST = Add_Array($_POST);
	$_GET = Add_Array($_GET);
	$_COOKIE = Add_Array($_COOKIE);
}


if (isset($_REQUEST['sess']) and !($_REQUEST['sess']=="")){
	session_id($_REQUEST[sess]);
} 
$sessid = session_id();



if (file_exists("setup.php")){
	header("location:setup.php");
}
$basedir = substr(dirname(__FILE__),0,-8);
include("".$basedir."/includes/config.php");
include("".$basedir."/includes/functions.php");
include("".$basedir."/admin/inc/admin_sets.php");
include("".$basedir."/includes/template.class.php");
include("".$basedir."/includes/db.class.php");
include("".$basedir."/includes/lang/$language.php");
include("".$basedir."/theme/$theme/mainlayout/farben.ini.php");


$checkdb = @mysql_connect("$db[host]","$db[user]","$db[pass]");
if( ! $checkdb )
die("Leider gibt es im Moment technische Probleme");
mysql_select_db("$db[name]" , $checkdb)
or die("Leider gibt es im Moment technische Probleme");



$erg = @mysql_num_rows(mysql_query("SELECT * FROM " . $sql_prefix . "_benutzer where user_name='".mysql_escape_string($_COOKIE['c_user_name'])."' and user_passwort='".mysql_escape_string($_COOKIE['c_user_passwort'])."' and user_gesperrt='0'"));
if($erg){
	$logged = 1 ;
	} else {
$logged = "" ;}


$row = @mysql_fetch_array(mysql_query("select * from " . $sql_prefix . "_benutzer where user_name='".mysql_escape_string($_COOKIE['c_user_name'])."' and user_passwort='".mysql_escape_string($_COOKIE['c_user_passwort'])."'"));
if($row['fgroup']=="4"){
	$admin="1"; $admin_access="1";
	} else {
$admin = ""; $admin_access = "";}



if($logged==1){
	$rowx = @mysql_fetch_array(mysql_query("SELECT * from " . $sql_prefix . "_benutzer where user_name='".mysql_escape_string($_COOKIE['c_user_name'])."' and user_passwort='".mysql_escape_string($_COOKIE['c_user_passwort'])."'"));
	$row = @mysql_fetch_array(mysql_query("SELECT * FROM " . $sql_prefix . "_forengruppe WHERE id='".$group_id."'"));
	$group_name = $row['name_descr'];
	$group_id = $rowx['fgroup'];
	
	if($rowx['fgroup'] == "3"){
		$moderator_access = "1";
	} else {$moderator_access = "";}
}


$row=@mysql_fetch_array(mysql_query("select * from " . $sql_prefix . "_foren where id='".mysql_escape_string($_REQUEST['fid'])."'"));
$kommstring_start = $row['start_perms'];
$kommstring_read = $row['read_perms'];
$kommstring_reply = $row['reply_perms'];
$kommstring_edit = $row['edit_perms'];
$kommstring_dl = $row['dl_perms'];


$array = explode(",", $kommstring_start);
reset ($array);
while (list($key,$val) = each($array)) {
	if($group_id==$val){
	$start_permission = 1;} 
}


$array = explode(",", $kommstring_read);
reset ($array);
while (list($key,$val) = each($array)) {
	if($group_id==$val){
	$read_permission = 1;} 
}


$array = explode(",", $kommstring_reply);
reset ($array);
while (list($key,$val) = each($array)) {
	if($group_id==$val){
	$reply_permission = 1;} 
}


$array = explode(",", $kommstring_edit);
reset ($array);
while (list($key,$val) = each($array)) {
	if($group_id==$val){
	$edit_permission = 1;} 
}


$array = explode(",", $kommstring_dl);
reset ($array);
while (list($key,$val) = each($array)) {
	if($group_id==$val){
	$upload_permission = 1;} 
}

$cdatum=date("d.m.Y");
if( eregi("(opera) ([0-9]{1,2}.[0-9]{1,3}){0,1}",$_SERVER['HTTP_USER_AGENT'],$sysarg) || eregi("(opera/)([0-9]{1,2}.[0-9]{1,3}){0,1}",$_SERVER['HTTP_USER_AGENT'],$sysarg)){$browser_user = "Opera";}
else if( eregi("(konqueror)/([0-9]{1,2}.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$sysarg) ){$browser_user = "Konqueror";}
else if( eregi("(lynx)/([0-9]{1,2}.[0-9]{1,2}.[0-9]{1,2})",$_SERVER['HTTP_USER_AGENT'],$sysarg) ){$browser_user = "Lynx";}
else if( eregi("(msie) ([0-9]{1,2}.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$sysarg) ){$browser_user = "MSIE";}
else if( eregi("(netscape6)/(6.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$sysarg) ){$browser_user = "Netscape";}
else if( eregi("mozilla/5",$_SERVER['HTTP_USER_AGENT']) ){$browser_user = "Mozilla";}
else if( eregi("(mozilla)/([0-9]{1,2}.[0-9]{1,3})",$_SERVER['HTTP_USER_AGENT'],$sysarg) ){$browser_user = "Mozilla";}
else{$browser_user = "?";}

if(eregi("linux",$_SERVER['HTTP_USER_AGENT'])){$os_user = "Linux";}
else if(eregi("unix",$_SERVER['HTTP_USER_AGENT']) || eregi("hp-ux",$_SERVER['HTTP_USER_AGENT']) || eregi("X11",$_SERVER['HTTP_USER_AGENT']) ){$os_user = "Linux";}
else if(eregi("win32",$_SERVER['HTTP_USER_AGENT'])){$os_user = "Windows";}
else if((eregi("(win)([0-9]{2})",$_SERVER['HTTP_USER_AGENT'],$sysarg)) || (eregi("(windows) ([0-9]{2})",$_SERVER['HTTP_USER_AGENT'],$sysarg)) ){$os_user = "Windows";}
else if(eregi("Win 9x 4.90",$_SERVER['HTTP_USER_AGENT'])){$os_user = "Me";}
else if(eregi("windows 2000",$_SERVER['HTTP_USER_AGENT']) || eregi("(windows nt)( ){0,1}(5.0)",$_SERVER['HTTP_USER_AGENT']) ){$os_user = "2000";}
else if(eregi("(windows nt)( ){0,1}(5.1)",$_SERVER['HTTP_USER_AGENT']) ){$os_user = "XP";}
else if(eregi("(winnt)([0-9]{1,2}.[0-9]{1,2}){0,1}",$_SERVER['HTTP_USER_AGENT'],$sysarg) ){$os_user = "NT";}
else if(eregi("(windows nt)( ){0,1}([0-9]{1,2}.[0-9]{1,2}){0,1}",$_SERVER['HTTP_USER_AGENT'],$sysarg) ){$os_user = "NT";}
else if(eregi("mac",$_SERVER['HTTP_USER_AGENT'])){$os_user = "Mac";}
else if(eregi("(sunos) ([0-9]{1,2}.[0-9]{1,2}){0,1}",$_SERVER['HTTP_USER_AGENT'],$sysarg)){$os_user = "SunOS";}
else if(eregi("(beos) r([0-9]{1,2}.[0-9]{1,2}){0,1}",$_SERVER['HTTP_USER_AGENT'],$sysarg)){$os_user = "BeOS";}
else if(eregi("freebsd",$_SERVER['HTTP_USER_AGENT'])){$os_user = "FreeBSD";}
else if(eregi("openbsd",$_SERVER['HTTP_USER_AGENT'])){$os_user = "OpenBSD";}
else if(eregi("irix",$_SERVER['HTTP_USER_AGENT'])){$os_user = "IRIX";}
else if(eregi("os/2",$_SERVER['HTTP_USER_AGENT'])){$os_user = "OS2";}
else{$os_user = "?";}

$refer = $_SERVER['HTTP_REFERER'];
if($refer)
{
	$referer = explode ("/", $refer);
	if($referer[0] == "http:")
	{
		if(strpos ($referer[2], ".") == false || $referer[2]=="127.0.0.1")
		{
			$eintrag = 0;
		}	else {
			$dom1 = strstr ($referer[2], "www.");
			if($dom1==false) $domainname = $referer[2];
			else $domainname = substr ($dom1, 4);
			$eintrag = 1;
		}
	} else if($referer[0] == "file:" || $referer[0] == "news:")
	{
		$eintrag = 0;
	} else {
		$refer1 = "http://$refer";
		$refer = $refer1;
		if(strpos ($referer[0], ".") == false || $referer[0]=="127.0.0.1")
		{
			$eintrag = 0;
		}else
		{
			$dom1 = strstr ($referer[0], 'www.');
			if($dom1==false) $domainname = $referer[0];
			else $domainname = substr ($dom1, 4);
			$eintrag = 1;
		}
	}
	if($eintrag=="1")
	{
		$domainname1 = explode (".", $domainname);
		$anzahl1 = count($domainname1) - 1;
		$domainname = $domainname1[$anzahl1-1].".".$domainname1[$anzahl1];
	}
} else $refer = "-";


$sql =& new dbc("select * from " . $sql_prefix . "_statistiken  where datum='$cdatum'");
$anzahl = $sql->numrows();


if($besuch==1 || $anzahl==0){
	$sql =& new dbc("select * from " . $sql_prefix . "_referer where name='".$domainname."' AND jahr='".date("Y")."'");
	$anzahl = $sql->numrows();
	
	
	if($anzahl == "0") {
		$sql =& new dbc("INSERT into " . $sql_prefix . "_referer (id,jahr,name,visits) values ('','".date("Y")."','".$domainname."','1')");
	}
	
	if($anzahl != "0") {
		$sql =& new dbc("UPDATE " . $sql_prefix . "_referer SET visits=visits+1 where name='".$domainname."' AND jahr='".date("Y")."'");
	}
}


$sql =& new dbc("SELECT DISTINCT ip,stamp FROM " . $sql_prefix . "_statistiken WHERE ip = '".$_SERVER['REMOTE_ADDR']."' order by stamp DESC limit 1");
$row = $sql->fetcharray();

$loeschzeit = 60*$min_loesch;

if($row['stamp']+($loeschzeit) < time()){
	$sql =& new dbc("INSERT INTO " . $sql_prefix . "_statistiken (refdomain,stamp,id,datum,ip,os,browser,ref,tag,monat,jahr) VALUES ('".$domainname."','".time()."','','$cdatum','".$_SERVER['REMOTE_ADDR']."','$os_user','$browser_user','".$_SERVER['HTTP_REFERER']."','".$cdatum=date("d")."','".$cdatum=date("m")."','".$cdatum=date("Y")."')");
	
}


?>