//http://musicianspage.com/
###Per maintenance, attivare queste righe...
#if ($_COOKIE['PHPSESSID'] != '1ki5uopv9kladvg2btk9g141f1' and $_SERVER['REMOTE_ADDR'] != "68.96.93.113") {
# include "/home/webadmin/musicianspage.com/EXTRA_SECURE/siteoff.inc";
# exit;
#}
#print "top";
#exit;
/*
if ($PHPSESSID == '23bakqr980pv64s27qs1ppmo14') {
print "here";
exit;
}
*/
##################FINE MAINTENANCE
#if ($_SERVER['REMOTE_ADDR'] == "68.96.93.113") {
# print "stop here";
# exit;
#}
//Activate this one below when live! Turn it off just for debugging...
error_reporting(0);
//This below useful during dewbugging or site migrations...
//error_reporting(E_ERROR | E_PARSE);
//Loads chunk for PHP 5 compatibility...
include_once '/home/webadmin/musicianspage.com/EXTRA_SECURE/compatibilityPHP5.php';
//If we are NOT calling phpmyadmin...
if (strpos($REQUEST_URI, 'phpmyadmin') === false) {
#print "ecco: $REQUEST_URI";
# Rev. 13/2/07 per attivazione sessioni
# Rev. 5-5-007 per cookie "visibilita"
# Rev. 9-28-07 per controllo site status
#Definisce variabili globali...
#Variabili utili
include_once "/home/webadmin/musicianspage.com/EXTRA_SECURE/global_variables.inc";
$bots = array(
// Major Search Engines
"Googlebot",
"bingbot",
"DuckDuckBot",
"DuckDuckGo",
"YandexBot",
"YandexMobileBot",
"Baiduspider",
"Sogou",
"Applebot",
"Exabot",
"Google",
// Social Media
"Twitterbot",
"facebot",
"LinkedInBot",
"PinterestBot",
// Regional/Specialized Search
"Yeti", // Naver
"Qwantify", // Qwant
"DotBot", // Moz
// Other Important Crawlers
"CCBot", // Common Crawl
"uptimebot", // Uptime monitoring
"Crawler", // Generic crawler detection
// Still Active Specialized Bots
"psbot", // Picsearch
"Raven", // SEO tools
"SpiderBot",
"SiteTech-Rover",
"WebCopy",
"WebFetcher",
"SemrushBot",
"SiteAuditBot",
"SplitSignalBot",
"Screaming Frog SEO Spider",
//AI spiders and bots, info: https://momenticmarketing.com/blog/ai-search-crawlers-bots
"OAI-SearchBot",
"ChatGPT-User",
"ClaudeBot",
"claude-web",
"PerplexityBot",
"Perplexity-User",
"Google-Extended",
"Amazonbot",
"Applebot",
"FacebookBot",
"LinkedInBot",
"DuckAssistBot",
"MistralAI-User"
);//Current list of active bots as of 2025
$current_agent = $HTTP_USER_AGENT;
#$current_agent = "BackRub/*.*";
#print "eco: $current_agent";
foreach ($bots as $singlebot) {
//if (eregiFF ($singlebot,$current_agent) and !(eregFF("Alexa Toolbar",$current_agent))) {
if (stripos($current_agent, $singlebot) !== false and stripos($current_agent, "Alexa Toolbar") === false) {
#print "eccolo: $singlebot
";
$is_robot = 1;
}
}
//Here we include the anti-spam system to fight AI-bots since Sep 5, 2025 14:31... it is the same system we have on VSM...
if (!$is_robot and !$is_human) {
include_once $basedir.'/anti-spam/search_spam_check.php';
}
#Connessione MySQL secure
include_once $basedir_extrasecure.'/MySQL.inc';
#Moved here and loaded _once on 12/4/20, 12:18 PM...
include_once $basedir.'/includes/database_tabs/shared_lists.inc';
include_once $basedir.'/includes/database_tabs/shared_functions.inc';
//This below fixed on 6/22/21, 9:50 AM!
if (strpos($HTTP_HOST, $basesite) === false) { #fa il redirect 301 al dominio corretto
$destinowww = $SSLprot."://".$basesite.$REQUEST_URI;
header("HTTP/1.1 301 Moved Permanently");
header("Location: $destinowww");
exit;
}
/*
if ($_SERVER['REMOTE_ADDR'] == '70.181.126.8') {
print "destinowww5: $destinowww";
exit;
}
*/
#print "/* ecco: $pirloso - $cleanSCRIPT */";
#Controlla se la pagina richiesta deve essere caricata sicura oppure non sicura...
if ($sslwork) {
if ($_SERVER['SERVER_PORT'] != 443) {
$destino = "https://$basesite".$REQUEST_URI;
#print "eccolo: $destino";
header("HTTP/1.1 301 Moved Permanently");
header("Location: $destino");
exit;
}
}
else {
if (!eregFF("/pj/",$cleanSCRIPT) and !eregFF("/scripts/",$cleanSCRIPT) and !eregFF("/testhttps/",$cleanSCRIPT) and !eregFF("/extras/",$cleanSCRIPT) and !eregFF("/uploads/",$cleanSCRIPT) and !eregFF("/includes/",$cleanSCRIPT) and strpos($cleanSCRIPT, "/login/news_jobs.rss") === false) { #Mettere qui le sezioni che sono indifferentemente caricate in https or http
if ((eregFF("/login/",$cleanSCRIPT) or eregFF("/signup",$cleanSCRIPT) or eregFF("/confirmemail.php",$cleanSCRIPT) or eregFF("/cf.php",$cleanSCRIPT) or eregFF("/confirm.php",$cleanSCRIPT) or eregFF("/admin",$cleanSCRIPT) or eregFF("/cart/checkout.php",$cleanSCRIPT)) and $_SERVER['SERVER_PORT'] != 443) {
$destino = "https://$basesite".$REQUEST_URI;
#print "eccolo: $destino";
header("HTTP/1.1 301 Moved Permanently");
header("Location: $destino");
exit;
}
else
if ($_SERVER['SERVER_PORT'] == 443 and !eregFF("/login/",$cleanSCRIPT) and !eregFF("/confirmemail.php",$cleanSCRIPT) and !eregFF("/signup",$cleanSCRIPT) and !eregFF("/cf.php",$cleanSCRIPT) and !eregFF("/confirm.php",$cleanSCRIPT) and !eregFF("/admin",$cleanSCRIPT) and !eregFF("/cart/checkout.php",$cleanSCRIPT) and !eregFF("js$",$cleanSCRIPT) and !eregFF("js$",$cleanSCRIPT) and !eregFF("css$",$cleanSCRIPT) and !eregFF("show_it.php",$cleanSCRIPT) and !eregFF("/extra_scripts/hoteditor/",$cleanSCRIPT)) {
$destino = "http://$basesite".$REQUEST_URI;
header("HTTP/1.1 301 Moved Permanently");
header("Location: $destino");
exit;
}
}
}
#Legge site status from control_panel table
$queryRT = "SELECT status, nowrite FROM control_panel";
$resultRT = mysql_queryFF($queryRT);
$SITESTATUS = mysql_resultFF($resultRT,0, 'status');
$SITENOWRITE = mysql_resultFF($resultRT,0, 'nowrite');
if ($SITESTATUS == 2) { #Se site status e' OFF...
#Controlla che non sia io (devo avere controlpassword cookie...)
if (!$controlpassword and !eregFF("/admin/",$cleanSCRIPT)) {
#include "/home/webadmin/".$basesite."/EXTRA_SECURE/siteoff.inc";
include $basedir_extrasecure."/siteoff.inc";
exit;
}
}
/*
######################################################################
#Controlla subito se c'e'' cookie visibilita', altrimenti visualizza pagina "Under Construction" -- da togliere quando si mette in production!
$paginedisplayed = array('/curriculum', '/home', '/free-sheet-music', '/musicians-list', '/music-links', '/fabriphpadmin');
foreach ($paginedisplayed as $single) {
if (eregFF($single, $cleanSCRIPT)) {
$displaypage = 1;
break;
}
}
#Controlal subito se c'e'' cookie visibilita', altrimenti visualizza pagina "Under Construction" -- da togliere quando si mette in production!
if (!$visibilita and !eregFF("set_flag.php",$REQUEST_URI) and !$displaypage) {
include $basedir_extrasecure."/underconstruction.inc";
exit;
}
######################################################################
*/
#Memorizza session ID
$s_id = $PHPSESSID;
include $basedir_extrasecure.'/de-crypt_functions.inc';
#Attiva sessioni
$bots = array(
// Major Search Engines
"Googlebot",
"bingbot",
"DuckDuckBot",
"DuckDuckGo",
"YandexBot",
"YandexMobileBot",
"Baiduspider",
"Sogou",
"Applebot",
"Exabot",
// Social Media
"Twitterbot",
"facebot",
"LinkedInBot",
"PinterestBot",
// Regional/Specialized Search
"Yeti", // Naver
"Qwantify", // Qwant
"DotBot", // Moz
// Other Important Crawlers
"CCBot", // Common Crawl
"uptimebot", // Uptime monitoring
"Crawler", // Generic crawler detection
// Still Active Specialized Bots
"psbot", // Picsearch
"Raven", // SEO tools
"SpiderBot",
"SiteTech-Rover",
"WebCopy",
"WebFetcher",
"SemrushBot",
"SiteAuditBot",
"SplitSignalBot"
);//Current list of active bots as of 2024
$current_agent = $HTTP_USER_AGENT;
#$current_agent = "BackRub/*.*";
foreach ($bots as $singlebot) {
if (eregiFF($singlebot,$current_agent) and !(eregFF("Alexa Toolbar",$current_agent))) {
#print "eccolo: $singlebot
";
$is_robot = 1;
}
}
if (!$is_robot) {
#Controlla che la pagina richiesta non sia un RSS oppure un contenuto dinamico per gli affiliati...
if (!(eregFF("images/banners/dyn",$REQUEST_URI)) and !(eregFF("news.rdf",$REQUEST_URI)) and !(eregFF("news.rss",$REQUEST_URI))) {
$expireTime = 60*60*24*100; // 100 days
#Blocco di controllo per evitare errore del tipo:
# "The session id contains invalid characters, valid characters are only a-z..."
# Trovato su PHP site on 19-10-07
#Questo serve per permettere $sid passing senza cookies!
ini_set('session.use_trans_sid', '1');
$sn=session_name();
if(isset($_GET[$sn])) if(strlen($_GET[$sn])!=32) unset($_GET[$sn]);
if(isset($_POST[$sn])) if(strlen($_POST[$sn])!=32) unset($_POST[$sn]);
if(isset($_COOKIE[$sn])) if(strlen($_COOKIE[$sn])!=32) unset($_COOKIE[$sn]);
if(isset($PHPSESSID)) if(strlen($PHPSESSID)!=32) unset($PHPSESSID);
##### Fine Blocco COntrollo session_id
if(!$s_id) {
session_set_cookie_params($expireTime);
session_start();
$s_id = session_id();
setcookie("s_id",$s_id,time()+95040000,'/');
}
}
}
if ($fov) {#If it is coming from GoogleAd (2-21-2013)...
#Scrive s_id dentro pre_overture table per verifiche (quando necessario)...
$queryTdeleted = "INSERT INTO pre_overture (fov,session_id,tempo) VALUES ('$fov', '$s_id',$globaltempo)";
$result_Tdeleted = mysql_queryFF($queryTdeleted);
if (!$fromov) {
$fov = $fov."AAAAA".time();
setcookie("fromov",$fov,time()+31536000,'/'); #Scadenza un anno dopo
}
$destino_rfsh = $REQUEST_URI;
$destino_rfsh = ereg_replaceFF("\?fov\=.+\&","?",$destino_rfsh);
$destino_rfsh = ereg_replaceFF("\?fov\=.+$","",$destino_rfsh);
$destino_rfsh = ereg_replaceFF("\&fov\=.+\&","\&",$destino_rfsh);
$destino_rfsh = ereg_replaceFF("\&fov\=.+$","",$destino_rfsh);
//header("HTTP/1.1 301 Moved Permanently");
header("Location: $destino_rfsh");
exit;
}
/*
###Prende shared libraries...
if (!$sharedfunctionsflag) {
include $basedir.'/includes/database_tabs/shared_lists.inc';
include $basedir.'/includes/database_tabs/shared_functions.inc';
}
elseif (!$sharedlistsflag) {
include $basedir.'/includes/database_tabs/shared_lists.inc';
}
*/
//Here we check for possible spam bots to stop Apr 7, 2025 13:29...
if (!$is_robot) {
//We look into the spam_bots_list table and we find the IP address or addresses that have the clumn "tempo" less than 15 minutes ago...
$querySPAMBOTS = "SELECT partial_ip FROM spam_bots_list WHERE 1";
$resultSPAMBOTS = mysql_queryFF($querySPAMBOTS);
$nitemsSPAMBOTS = mysql_num_rowsFF($resultSPAMBOTS);
#print "querySPAMBOTS: $querySPAMBOTS - $nitemsSPAMBOTS";
#exit;
if ($nitemsSPAMBOTS) {
while ($rowSPAMBOTS = mysql_fetch_arrayFF($resultSPAMBOTS)) {
$partialIP = $rowSPAMBOTS["partial_ip"];
#print "check this partialIP: $partialIP
";
if (strpos($useripaddress, $partialIP) !== false) {
#print "stop this: $partialIP
";
include $basedir_extrasecure."/siteoff.inc";
exit;
}
}
}
}
#exit;
###Controllo login...
include 'setup_login.inc';
#Verifica se c'e' superuser on
if ($HTTP_GET_VARS["superpassword"]) {
$superpassword = $HTTP_GET_VARS["superpassword"];
}
#Questo e' per evitare che chiunguque possa accedere come superuser senza conoscere la password
if ($superuser and $superpassword != $superuserpw) {
$superuser = 0;
}
#E questo invece attiva super user se presente password
elseif ($superpassword == $superuserpw) { #Se c'e' password (cookie o in GET)
$superuser = 1;
}
#Se e' logged, allora memorizza variabili utili condivise...
if ($logged) {
include $basedir.'/includes/login/takeloginvariables.inc'; #Prende Member variables...
}
####Questo e' per banner redirect vecchie pagine e controllo hidden pages prima del lancio...
#Include temporary include...
//include "/home/webadmin/musicianspage.com/html/temporaryfirstinclude.inc";
#Enable gzip compression if browser accept it (SEO 10-14-2010)...
if (!eregFF("/scripts/", $_SERVER['SCRIPT_FILENAME']) and !eregFF("/mc/flash/", $_SERVER['SCRIPT_FILENAME']) and !eregFF("/uploads/", $_SERVER['SCRIPT_FILENAME'])) {
enablehtmlgzip();
}
}
?>
#print "eccolo: $message - $submit - $id - ".strlen($message);
#print "inputs: $id = $fromjava - $namesender";
#exit;
##Controlla se e' un spam forum report...
if ($namesender == "Spam Forum Report Script") {
list($memb_id, $spamtype, $spamother) = explode("|",$message);
$message = "Spam report for the following message:\n";
$message .= $SSLprot."://".$basesite."/forums/singlepost/".$id."/";
$message .= "\n\nReport:\n\n";
$message .= "Spam Type: ".$spamtype."\n";
$message .= "Spam Type Other: ".$spamother."\n";
#Preleva dati membro...
list ($emailhere, $categoryhere, $employercompanyhere) = get_this_user_data($memb_id, 'email,category,employercompany');
$message .= "Report submitted by:\n";
if ($categoryhere == 3 and $employercompanyhere) { #se employer...
$message .= $SSLprot."://".$basesite."/employers/".$memb_id."\n\n";
}
else {
$message .= $SSLprot."://".$basesite."/musicians/".$memb_id."\n\n";
}
$message .= "Reply to: mailto:".$emailhere."\n";
$message .= "\n\nMessage Sent from sendmessage.php";
$headers = "From: $namesender <$email>\r\n";
mail($notificheemail, $subject, $message, $headers);
#Invia risposta OK...
print "OK";
exit;
}
elseif ($namesender == "Spam Email Report Script") { #spam email report...
list($spamtype, $spamother) = explode("|",$message);
$message = "Spam report for the following message:\n";
$message .= $SSLprot."://".$basesite."/login/panel.php?readmail=1&supertopouser=1&messid=".$id;
$message .= "\n\nReport:\n\n";
$message .= "Spam Type: ".$spamtype."\n";
$message .= "Spam Type Other: ".$spamother."\n";
###Preleva dati messaggio incriminato (3-19-09)...
$query = "SELECT * FROM mailboxes WHERE mess_id = $id";
$result = mysql_queryFF($query);
$nitems = mysql_num_rowsFF($result);
if ($nitems) {
$senderid = mysql_resultFF($result,0, 'senderid');
$sendername = mysql_resultFF($result,0, 'sendername');
$senderemail = mysql_resultFF($result,0, 'email');
$subject = mysql_resultFF($result,0, 'subject');
$sendermessage = mysql_resultFF($result,0, 'message');
$senderIP = mysql_resultFF($result,0, 'IP');
$sendertempo = mysql_resultFF($result,0, 'tempo');
$message .= "-----------------------------------------------------------------\n";
$message .= "Sender ID: $senderid\n";
$message .= "Sender name: $sendername\n";
$message .= "Sender email: $senderemail\n\n";
$message .= "Subject: $subject\n\n";
$message .= "Message: $sendermessage\n";
$message .= "-----------------------------------------------------------------\n";
}
else {
$message .= "NOTE: Message has been deleted already!\n";
}
$message .= "\n\nMessage Sent from sendmessage.php";
$headers = "From: $namesender <$email>\r\n";
mail($notificheemail, $subject, $message, $headers);
#Invia risposta OK...
print "OK";
exit;
}
elseif ($namesender == "Spam Job Proposal Report Script") {
list($memb_id, $spamtype, $spamother) = explode("|",$message);
#preleva job id di questa bid...
$queryjobshere = "SELECT a.id as id, b.memb_id as membid FROM jobs a, jobapplications b WHERE a.createsession = b.createsession AND b.id = $id";
$resultjobshere = mysql_queryFF($queryjobshere);
$nitemsjobshere = mysql_num_rowsFF($resultjobshere);
if ($nitemsjobshere) {
$jobid = mysql_resultFF($resultjobshere,0, 'id');
$membid = mysql_resultFF($resultjobshere,0, 'membid');
list ($spammername, $spammerurl, $null, $null) = get_user_data($membid);
}
$message = "Spam report for the following proposal:\n";
$message .= $SSLprot."://".$basesite."/jobs/".$jobid."#bidid".$id."/";
if ($spammername) {
$message .= "\n\nPossible spam by: $spammername";
$message .= "\n".$SSLprot."://".$basesite."$spammerurl\n";
}
$message .= "\n\nReport:\n\n";
$message .= "Spam Type: ".$spamtype."\n";
$message .= "Spam Type Other: ".$spamother."\n";
#Preleva dati membro...
list ($emailhere, $categoryhere, $employercompanyhere) = get_this_user_data($memb_id, 'email,category,employercompany');
$message .= "Report submitted by:";
if ($memb_id) {
if ($categoryhere == 3 and $employercompanyhere) { #se employer...
$message .= "\n".$SSLprot."://".$basesite."/employers/".$memb_id."\n\n";
}
else {
$message .= "\n".$SSLprot."://".$basesite."/musicians/".$memb_id."\n\n";
}
$message .= "Reply to: mailto:".$emailhere."\n";
}
else {
$message .= " User not logged.";
}
$message .= "\n\nMessage Sent from sendmessage.php";
$headers = "From: $namesender <$email>\r\n";
mail($notificheemail, $subject, $message, $headers);
#Invia risposta OK...
print "OK";
exit;
}
elseif ($namesender == "Spam External Job Report Script") {
list($extjobid, $memb_id, $spamtype, $spamother) = explode("|",$message);
#Gets info for this job (title and url)...
$queryjobshere = "SELECT jobtitle, joburl FROM jobs_external_live WHERE id = $extjobid";
$resultjobshere = mysql_queryFF($queryjobshere);
$nitemsjobshere = mysql_num_rowsFF($resultjobshere);
if ($nitemsjobshere) {
$jobtitle = mysql_resultFF($resultjobshere,0, 'jobtitle');
$joburl = mysql_resultFF($resultjobshere,0, 'joburl');
}
$message = "Spam report for the following external job:\n\n";
$message .= "--------------------------------------------------------------------------------\n";
$message .= $jobtitle."\n";
$message .= $joburl;
$message .= "\n--------------------------------------------------------------------------------\n";
$message .= "\n\nNOTE: Usually, bad external jobs include: bad words, words or a job not related to music, etc.";
$message .= "\n\nReport:\n\n";
$message .= "Spam Type: ".$spamtype."\n";
$message .= "Spam Type Other: ".$spamother."\n";
#Preleva dati membro...
list ($emailhere, $categoryhere, $employercompanyhere) = get_this_user_data($memb_id, 'email,category,employercompany');
$message .= "Report submitted by:";
if ($memb_id) {
if ($categoryhere == 3 and $employercompanyhere) { #se employer...
$message .= "\n".$SSLprot."://".$basesite."/employers/".$memb_id."\n\n";
}
else {
$message .= "\n".$SSLprot."://".$basesite."/musicians/".$memb_id."\n\n";
}
$message .= "Reply to: mailto:".$emailhere."\n";
}
else {
$message .= " User not logged.";
}
$message .= "\n--------------------------------------------------------------------------------\n\n";
$message .= "If you wish to delete this job from our database, just click the link below:\n\n";
$message .= $SSLprot."://www.musicianspage.com/scripts/jobs/deljob.php?id=".$extjobid;
$message .= "\n\n--------------------------------------------------------------------------------\n";
$message .= "\n\nMessage Sent from sendmessage.php";
//$message = "ecco: $extjobid - $memb_id - $spamtype - $spamother";
//$notificheemail = "fabriziovsm@gmail.com";
$headers = "From: $namesender <$email>\r\n";
mail($notificheemail, $subject, $message, $headers);
#Invia risposta OK...
print "OK";
exit;
}
elseif ($namesender == "Spam Video File Report Script" or $namesender == "Spam Audio File Report Script" or $namesender == "Spam Sheet Music File Report Script") {
list($memb_id, $spamtype, $spamother) = explode("|",$message);
if ($namesender == "Spam Video File Report Script") {
#preleva author id di questo video...
$queryjobshere = "SELECT memb_id FROM videofiles WHERE id = $id";
$spamfilecat = "video";
$spamfilecatb = "videofile";
}
elseif ($namesender == "Spam Audio File Report Script") {
#preleva author id di questo audio...
$queryjobshere = "SELECT memb_id FROM audiofiles WHERE id = $id";
$spamfilecat = "audio";
$spamfilecatb = "audiofile";
}
elseif ($namesender == "Spam Sheet Music File Report Script") {
#preleva author id di questo sheet music...
$queryjobshere = "SELECT memb_id FROM sheetmusic WHERE id = $id";
$spamfilecat = "sheet music";
$spamfilecatb = "sheetmusic";
}
$resultjobshere = mysql_queryFF($queryjobshere);
$nitemsjobshere = mysql_num_rowsFF($resultjobshere);
if ($nitemsjobshere) {
$membid = mysql_resultFF($resultjobshere,0, 'memb_id');
list ($spammername, $spammerurl, $null, $null) = get_user_data($membid);
}
$message = "Spam report for the following $spamfilecat file:\n";
$message .= $SSLprot."://".$basesite.$spammerurl.$spamfilecatb."/".$id."/";
if ($spammername) {
$message .= "\n\nPossible spam by: $spammername";
$message .= "\n".$SSLprot."://".$basesite."$spammerurl\n";
}
$message .= "\n\nReport:\n\n";
$message .= "Spam Type: ".$spamtype."\n";
$message .= "Spam Type Other: ".$spamother."\n";
#Preleva dati membro...
list ($emailhere, $categoryhere, $employercompanyhere) = get_this_user_data($memb_id, 'email,category,employercompany');
$message .= "Report submitted by:";
if ($memb_id) {
if ($categoryhere == 3 and $employercompanyhere) { #se employer...
$message .= "\n".$SSLprot."://".$basesite."/employers/".$memb_id."\n\n";
}
else {
$message .= "\n".$SSLprot."://".$basesite."/musicians/".$memb_id."\n\n";
}
$message .= "Reply to: mailto:".$emailhere."\n";
}
else {
$message .= " User not logged.";
}
$message .= "\n\nMessage Sent from sendmessage.php";
$headers = "From: $namesender <$email>\r\n";
mail($notificheemail, $subject, $message, $headers);
#Invia risposta OK...
print "OK";
exit;
}
elseif ($namesender == "Spam Comments Report Script") {
list($memb_id, $spamtype, $spamother) = explode("|",$message);
#Preleva dati commment...
$queryjobshere = "SELECT * FROM comments WHERE id = $id";
$resultjobshere = mysql_queryFF($queryjobshere);
$nitemsjobshere = mysql_num_rowsFF($resultjobshere);
if ($nitemsjobshere) {
$commentid = mysql_resultFF($resultjobshere,0, 'comment_id');
$authorid = mysql_resultFF($resultjobshere,0, 'memb_id');
$comment = mysql_resultFF($resultjobshere,0, 'comment');
if (eregFF("audio", $commentid)) {
$subdir = "audiofile";
$fileid = str_replace("audio", "", $commentid);
#Ora preleva autore del file...
$queryjobshere1 = "SELECT memb_id FROM audiofiles WHERE id = $fileid";
$resultjobshere1 = mysql_queryFF($queryjobshere1);
$nitemsjobshere1 = mysql_num_rowsFF($resultjobshere1);
if ($nitemsjobshere1) {
$fileauthor = mysql_resultFF($resultjobshere1,0, 'memb_id');
}
}
elseif (eregFF("video", $commentid)) {
$subdir = "videofile";
$fileid = str_replace("video", "", $commentid);
#Ora preleva autore del file...
$queryjobshere1 = "SELECT memb_id FROM videofiles WHERE id = $fileid";
$resultjobshere1 = mysql_queryFF($queryjobshere1);
$nitemsjobshere1 = mysql_num_rowsFF($resultjobshere1);
if ($nitemsjobshere1) {
$fileauthor = mysql_resultFF($resultjobshere1,0, 'memb_id');
}
}
elseif (eregFF("sheetmusic", $commentid)) {
$subdir = "sheetmusic";
$fileid = str_replace("sheetmusic", "", $commentid);
#Ora preleva autore del file...
$queryjobshere1 = "SELECT memb_id FROM sheetmusic WHERE id = $fileid";
$resultjobshere1 = mysql_queryFF($queryjobshere1);
$nitemsjobshere1 = mysql_num_rowsFF($resultjobshere1);
if ($nitemsjobshere1) {
$fileauthor = mysql_resultFF($resultjobshere1,0, 'memb_id');
}
}
}
list ($spammername, $spammerurl, $null, $null) = get_user_data($authorid);
$message = "Spam report for the following comment:\n";
if (eregFF("mkpl", $commentid)) {
$hashere = str_replace("mkpl", "", $commentid);
$fullo = hex2bin($hashere);
list ($split1, $split2) = explode("|", $fullo);
$split1 = str_replace(" ", "@@@", $split1);
$split1 = str_replace("/", "!!!", $split1);
$split1 = str_replace("&", "***", $split1);
$split2 = str_replace(" ", "@@@", $split2);
$split2 = str_replace("/", "!!!", $split2);
$split2 = str_replace("&", "***", $split2);
$message .= $SSLprot."://".$basesite."/marketplace/view/".$split1."/".$split2."/#reviews".$id;
}
else { #Musicians contents related reports...
$message .= $SSLprot."://".$basesite."/musicians/".$fileauthor."/".$subdir."/".$fileid."/#comments".$id;
}
$message .= "\n\nComment:\n".$comment;
if ($spammername) {
$message .= "\n\nPossible spam by: $spammername";
$message .= "\n".$SSLprot."://".$basesite."$spammerurl\n";
}
$message .= "\n\nReport:\n\n";
$message .= "Spam Type: ".$spamtype."\n";
$message .= "Spam Type Other: ".$spamother."\n";
#Preleva dati membro...
list ($emailhere, $categoryhere, $employercompanyhere) = get_this_user_data($memb_id, 'email,category,employercompany');
$message .= "Report submitted by:\n";
if ($categoryhere == 3 and $employercompanyhere) { #se employer...
$message .= $SSLprot."://".$basesite."/employers/".$memb_id."\n\n";
}
else {
$message .= $SSLprot."://".$basesite."/musicians/".$memb_id."\n\n";
}
$message .= "Reply to: mailto:".$emailhere."\n";
$message .= "\n\nMessage Sent from sendmessage.php";
$headers = "From: $namesender <$email>\r\n";
mail($notificheemail, $subject, $message, $headers);
#Invia risposta OK...
print "OK";
exit;
}
elseif ($namesender == "Spam User Profile Report Script") {
#$premess = $message;
list($memb_id, $spamtype, $spamother) = explode("|",$message);
list ($spammername, $spammerurl, $null, $null) = get_user_data($id);
$message = "Spam report for the following user profile:\n";
if ($spammername) {
$message .= "\n".$SSLprot."://".$basesite."$spammerurl\n";
}
else {
$message .= $SSLprot."://".$basesite."/musicians/".$id;
}
$message .= "\n\nReport:\n\n";
$message .= "Spam Type: ".$spamtype."\n";
$message .= "Spam Type Other: ".$spamother."\n";
#Preleva dati membro...
list ($emailhere, $categoryhere, $employercompanyhere) = get_this_user_data($memb_id, 'email,category,employercompany');
$message .= "Report submitted by:\n";
if ($categoryhere == 3 and $employercompanyhere) { #se employer...
$message .= $SSLprot."://".$basesite."/employers/".$memb_id."\n\n";
}
else {
$message .= $SSLprot."://".$basesite."/musicians/".$memb_id."\n\n";
}
$message .= "Reply to: mailto:".$emailhere."\n";
$message .= "\n\nMessage Sent from sendmessage.php";
$headers = "From: $namesender <$email>\r\n";
mail($notificheemail, $subject, $message, $headers);
#Invia risposta OK...
print "OK";
exit;
}
#SE E' UN MEMBRO LOGGED che tenta di spedirsi un messaggio, da' errore...
if ($MEMBERid != $id) {
$submit = 1;
if ($fromjava) {
#$query = "INSERT INTO testings (message) VALUES ('$subject')";
#$result = mysql_queryFF($query);
#print "OK";
#exit;
if ($memberid and !$senderid) {
$senderid = $memberid;
}
}
if ($id) {
$query = "SELECT * FROM $mainmusicianslist WHERE id = $id";
$result = mysql_queryFF($query);
$nitems = mysql_num_rowsFF($result);
if ($nitems) {
$name = mysql_resultFF($result,0, 'name');
$midname = mysql_resultFF($result,0, 'midname');
$lastname = mysql_resultFF($result,0, 'lastname');
$fullname = $name." ";
if ($midname) {
$fullname .= $midname." ";
}
$fullname .= $lastname;
}
else {
errormessage("");
exit;
}
#Definisce namesender...
if (!$namesender) {
if ($MEMBERfullname) {
$namesender = $MEMBERfullname;
}
else {
$namesender = "Type your name here...";
}
}
#Definisce email...
if (!$email) {
if ($MEMBERemail) {
$email = $MEMBERemail;
}
else {
$email = "Type your e-mail here...";
}
}
#Definisce subject...
if (!$subject) {
$subject = "Type your subject here...";
}
#Definisce message...
if (!$message) {
$message = 'Type your message here...';
}
}
else {
errormessage("");
exit;
}
if ($submit and $id) {
#Controlla inputs...
if (!$message or !$namesender or !$subject or $message == "Type your message here..." or $namesender == "Type your name here..." or $subject == "Type your subject here...") {
if (!$namesender or $namesender == "Type your name here...") {
$error = 1;
$emptynameerror = 1;
}
if (!$email or $email == "Type your e-mail here...") {
$error = 1;
$emptyemailerror = 1;
}
if (!$subject or $subject == "Type your subject here...") {
$error = 1;
$emptysubjecterror = 1;
}
if (!$message or $message == "Type your message here...") {
$error = 1;
$emptymessageerror = 1;
}
}
elseif (strlen($message) < 20 and !$fromjava) { #se troppo pochi caratteri...
$error = 1;
$shortmessageerror = 1;
}
##Procede altri controlli...
#controlla e-mail...
if (is_email_valid($email)) {
$error = 1;
$wrongemailerror = 1;
}
#Controllo parloacce (5-4-08)...
if (checkbadwords($subject)) {
$error = 1;
$badwordserrorsubject = 1;
}
if (checkbadwords($message)) {
$error = 1;
$badwordserrormessage = 1;
}
#Controllo security code 5-20-08...
if ($securitycode != $secode) {
$error = 1;
$securitycodeerror = 1;
}
#Vai....
if ($error) {
$namesender = stripslashes($namesender);
$subject = stripslashes($subject);
$message = stripslashes($message);
if ($fromjava) { #Se arriva da popup java, ritorna l' OK...
if ($badwordserrorsubject) {
print "BADWORDSSUBJECT";
exit;
}
elseif ($badwordserrormessage) {
print "BADWORDSMESSAGE";
exit;
}
else {
print "SOMETHINGWORG";
exit;
}
}
}
else {
if (!$ADMINISTRATORids[$senderid]) {
#Controlla che siano almeno passati 10 secondi dall' ultimo messaggio spedito...
$query = "SELECT tempo FROM mailboxes WHERE IP = '$useripaddress' order by tempo desc limit 1";
$result = mysql_queryFF($query);
$nitems = mysql_num_rowsFF($result);
if ($nitems) {
#Ora controlla se sono passati almeno 10 secondi dall' ultimo post...
$tempolastpost = mysql_resultFF($result,0, 'tempo');
if ($fromjava) {
$tempodelay = 11;
#Se non e' un membro
}
else {
$tempodelay = 60;
#Ora prende numero messaggi nelle ultime 24 ore...
$last24 = $globaltempo - 86400;
$query1 = "SELECT tempo FROM mailboxes WHERE IP = '$useripaddress' AND tempo > $last24 order by tempo desc";
$result1 = mysql_queryFF($query1);
$nitems1 = mysql_num_rowsFF($result1);
#Se ci sono piu' di 1 messaggio nelle ultime 24 ore, allora blocca
if ($nitems1 > 1) {
$blocco24 = 1;
$iperror = 1;
}
}
if (($globaltempo - $tempolastpost) < $tempodelay) {
$iperror = 1;
}
}
}
if (!$MEMBERid) { #Controlla se non membro ha spedito piu' di 2 messaggi in 24...
$tempo24 = $globaltempo-86400;
$query2 = "SELECT tempo FROM mail_spam_ck WHERE IP = '$useripaddress' and tempo > $tempo24";
$result2 = mysql_queryFF($query2);
$nitems2 = mysql_num_rowsFF($result2);
if ($nitems2 > 2) {
$iperror = 1;
$toomanyms = 1;
}
}
elseif (!checkonline($id)) { #Se membro e il recipient e' off-line fa comunque dei controlli (3-30-09)...
###incrementa messaggi spediti nelle ultime 24 a utenti offline...
if (!$ADMINISTRATORids[$senderid]) {
#Prima preleva current values (se presenti)...
$query2 = "SELECT antispam FROM datamembers WHERE id = $senderid";
$result2 = mysql_queryFF($query2);
$nitems2 = mysql_num_rowsFF($result2);
if ($nitems2) {
$antispam = mysql_resultFF($result2,0, 'antispam');
if ($antispam) {
list ($antispamcc, $antispamtempo) = explode("|", $antispam);
#Se tempo e' minore di 24 ore...
$last24 = $globaltempo - 86400;
if ($antispamtempo > $last24) {
#Controlla se antispamcc e' gia' a 10...
if ($antispamcc >= 10) { #Blocca...
if ($fromjava) {
print 'ANTISPAM';
exit;
}
else {
$iperror = 1;
$antispamflag = 1;
}
}
else {
#Incrementa...
$antispamcc ++;
$antispam = $antispamcc."|".$globaltempo;
$query3 = "UPDATE datamembers SET antispam = '$antispam' WHERE id = $senderid";
$result3 = mysql_queryFF($query3);
}
}
else {#Se tempo e' maggiore, azzera...
$antispamcc = 1;
$antispam = "1|".$globaltempo;
$query3 = "UPDATE datamembers SET antispam = '$antispam' WHERE id = $senderid";
$result3 = mysql_queryFF($query3);
}
$antispamcc ++;
}
else {
#lo crea ex novo...
$antispam = "1|".$globaltempo;
$query3 = "UPDATE datamembers SET antispam = '$antispam' WHERE id = $senderid";
$result3 = mysql_queryFF($query3);
}
}
}
}
#Se bandito...
if ($useripaddress == "78.149.218.91" or $useripaddress == "83.229.101.219" or $email == "mrs.kingsmarg@gmail.com" or $email == "ceilinemilan777@yahoo.cn") {
$iperror = 1;
}
if (!$iperror) {
#print "name: $namesender, email: $email, message: $message";
#Procedure anti-spam...
$namesender = preg_replace("/<\?(php)?.+\?\>/", "", $namesender);
$email = preg_replace("/<\?(PHP)?.+\?\>/", "", $email);
$subject = preg_replace("/<\?(php)?.+\?\>/", "", $subject);
$message = preg_replace("/<\?(PHP)?.+\?\>/", "", $message);
$namesender = preg_replace("/<(\/)?SCRIPT( .)*>/i", "", $namesender);
$email = preg_replace("/<(\/)?SCRIPT( .)*>/i", "", $email);
$subject = preg_replace("/<(\/)?SCRIPT( .)*>/i", "", $subject);
$message = preg_replace("/<(\/)?SCRIPT( .)*>/i", "", $message);
$namesender = stripslashes($namesender);
$subject = stripslashes($subject);
$message = stripslashes($message);
$namesender = htmlentities($namesender, ENT_QUOTES, 'ISO-8859-15');
$subject = htmlentities($subject, ENT_QUOTES, 'ISO-8859-15');
$message = htmlentities($message, ENT_QUOTES, 'ISO-8859-15');
#Tronca eventuale messaggio oltre i 10,000 caratteri...
if (strlen($message) > 10000) {
$message = substr($message, 0, 10000);
}
#print "name: $namesender, email: $email, message: $message";
if (!$senderid or $senderid == "undefined") {
$senderid = 0;
}
#Controlla che senderid esista veramente!! (rev. 5-29-08)...
elseif ($senderid) {
$query = "SELECT email FROM $mainmusicianslist WHERE id = $senderid";
$result = mysql_queryFF($query);
$nitems = mysql_num_rowsFF($result);
if (!$nitems) {
$senderid = 0;
}
}
#Definisce fromscript per sicurezza (6-17-08)...
$fromscriptMYSQL = 'sendmessage.php_';
if ($fromjava) {
$fromscriptMYSQL .= "java";
}
#Scrive in database...
$query = "INSERT INTO mailboxes (id, senderid, sendername, email, subject, message, IP, fromscript, tempo) VALUES ($id, $senderid, '$namesender', '$email', '$subject', '$message', '$useripaddress', '$fromscriptMYSQL', $globaltempo)";
#print "ecco: $query";
$result = mysql_queryFF($query);
checkforwardingnotify($id, $namesender, $email, $subject, $message, mysql_insert_idFF());
##Fa activity score (10-5-09)...
activitylog('messages', $senderid);
#Ora rimuove eventuale dismissal per il ricevente... (rev. 2-13-08)
dismissremove('gotmail',$id);
if ($fromjava) { #Se arriva da popup java, ritorna l' OK...
if (!$MEMBERid) { #Se non membro, fa antispam check (9-9-08)...
#Se inviato, inserisce record dentro mail_spam_ck (9-9-08)...
$query2 = "INSERT INTO mail_spam_ck (IP, tempo) VALUES ('$useripaddress', $globaltempo)";
$result2 = mysql_queryFF($query2);
}
print "OK";
exit;
}
}
}
}
}
else {
$sameusererror = 1;
}
#If no user logged, set cookie to allow to contact musician in case it register later...
if (!$logged) {
setcookie("sendcontactnologged",$id,time()+3600,"/");
}
#start page....
include $basedir.'/includes/doctype.inc';
?>
Musicians Page, Send a Message
$norobots = 1;
include $basedir.'/includes/head.inc';
?>
include $basedir.'/includes/01afterbody.inc';
?>
include $basedir.'/includes/mainheader.inc';
?>
if ($SITENOWRITE == 2) {
$messaggioqui = 'We are currently working to an important server update so this feature is not available at this time. Please, get back soon! For any questions, please
Contact Us. Thanks.';
suggestionbox('WARNING', $messaggioqui, 0, '');
}
elseif ((!$submit or $error) and !$sameusererror) {
?>
Send a message to print $fullname ?>
###Se non loggato, invita a log-in o sign up!!! (rev 4-3-09)...
if (!$logged) {
?>
 |
or |
 |
to proceed... |
}
elseif ($MEMBERstatus == 3) {
if ($MEMBERcategory == 0) {
print '
';
}
else {
print '
';
}
}
elseif ($MEMBERstatus == 2) { #Needs email confirmation...
print '
In order to send messages you need to
Get Verified, choose your category, enter your profile then be approved.
';
}
elseif ($MEMBERstatus != 1) {
print '
In order to send messages you need to be approved.
';
}
else { ###Se loggato....
?>
} #Fine se logged...
?>
}
elseif ($sameusererror) {
?>
}
elseif ($antispamflag) {
?>
}
elseif ($blocco24) {
?>
Sorry, but for security purposes
you can't send more than 2 messages within 24 hours in this way.
To send more messages, you need to activate your Javascript and start over.
Contact Us for any questions.
Return to the previous page page
}
elseif ($iperror) {
if ($toomanyms) {
?>
We are sorry, but for security purposes
you can't send more than 3 messages in 24 hours.
To send more messages, please Log-In or Register.
Return to the previous page page
}
else {
?>
}
}
else {
?>
Your message has been sent.
print '
Return to the previous page';
}
else {
print "/musicians/";
print '">Return to the Main Musicians List page';
}
?>
}
?>
include $basedir.'/includes/navigationleft.inc';
?>
include $basedir.'/includes/rightcolumn.inc';
?>
include $basedir.'/includes/footer.inc';
?>
include $basedir.'/includes/google.inc';
?>