PageRenderTime 70ms CodeModel.GetById 21ms RepoModel.GetById 0ms app.codeStats 0ms

/www/index.php

http://kandidat-cms.googlecode.com/
PHP | 83 lines | 75 code | 3 blank | 5 comment | 35 complexity | eedbbee79e46a0744ba780761e0e4c65 MD5 | raw file
Possible License(s): CC0-1.0 
    

  1. <?php

    2. 

  2. session_start();

    3. 

  3. $begintime=microtime(true);

    4. 

  4. define( '_JEXEC', 1 );

    5. 

  5. 

    6. 

  6. if(file_exists('admin/install/index.php')){Header('Location: ../admin/install/index.php');exit();}

    7. 

  7. include 'conf/config.php';

    8. 

  8. if($gzip_enable=='1') include 'code/gzip.php';

    9. 

  9. if($siteoff) {

    10. 

  10. 	include('code/siteoff.php');exit;

    11. 

  11. }

    12. 

  12. 

    13. 

  13. $captcha = false;

    14. 

  14. if(isset($_SESSION['vcaptcha'])){

    15. 

  15. 	if($_SESSION['vcaptcha']===$_POST['vcaptcha'])$captcha = true;

    16. 

  16. 	$_SESSION['vcaptcha']='';

    17. 

  17. }

    18. 

  18. if($_SESSION['id']!=session_id())$_SESSION['name'] = '?????';

    19. 

  19. 

    20. 

  20. @$whatpage = preg_replace('/[^a-z0-9-_]/iu','',$_REQUEST['whatpage']);

    21. 

  21. @$catpage = preg_replace('/[^a-z0-9-_]/iu','',$_REQUEST['catpage']);

    22. 

  22. @$subcatpage = preg_replace('/[^a-z0-9-_]/iu','',$_REQUEST['subcatpage']);

    23. 

  23. foreach ($_GET as $var => $secvalue) { if((preg_match ('/<[^>]*script*\"?[^>]*>/iu', $secvalue)) || (preg_match ('/<[^>]*object*\"?[^>]*>/iu', $secvalue)) || (preg_match ('/<[^>]*iframe*\"?[^>]*>/iu', $secvalue)) || (preg_match ('/<[^>]*applet*\"?[^>]*>/iu', $secvalue)) || (preg_match ('/<[^>]*meta*\"?[^>]*>/iu', $secvalue)) || (preg_match ('/<[^>]*style*\"?[^>]*>/iu', $secvalue)) || (preg_match ('/<[^>]*form*\"?[^>]*>/iu', $secvalue)) || (preg_match ('/<[^>]*img*\"?[^>]*>/iu', $secvalue)) || (preg_match ('/<[^>]*onmouseover*\"?[^>]*>/iu', $secvalue)) || (preg_match ('/\([^>]*\"?[^)]*\)/iu', $secvalue)) || (preg_match ('/\"/iu', $secvalue))) { die('BAD YOUR CODE'); exit; }}

    24. 

  24. foreach ($_POST as $secvalue) { if((preg_match ('/<[^>]*script *\"?[^>]*>/iu', $secvalue)) || (preg_match ('/<[^>]*style*\"?[^>]*>/iu', $secvalue))) { die('BAD YOUR CODE'); exit; }}

    25. 

  25. include 'code/functions.php';

    26. 

  26. //SAPE

    27. 

  27. if(($sape_user!='')&&file_exists($localpath.$sape_user.'/sape.php')){

    28. 

  28. 	require_once($localpath.$sape_user.'/sape.php');

    29. 

  29. 	$sape=new SAPE_client();

    30. 

  30. }

    31. 

  31. //LINKFEED

    32. 

  32. if(($linkfeed_user!='')&&file_exists($localpath.$linkfeed_user.'/linkfeed.php')){

    33. 

  33. 	require_once($localpath.$linkfeed_user.'/linkfeed.php');

    34. 

  34. 	$linkfeed=new LinkFeedClient();

    35. 

  35. }

    36. 

  36. if(file_exists(CONF.'photoconf.php'))include_once(CONF.'photoconf.php');

    37. 

  37. $templatepp=empty($templatepp)?'dark_rounded':$templatepp;

    38. 

  38. $myFile=ARTICLES;
    39. 

  39. if(!empty($catpage))$myFile.=$catpage.'/';
    40. 

  40. if(!empty($subcatpage))$myFile.=$subcatpage.'/';
    41. 

  41. $myFile.=empty($whatpage)?'main.dat':$whatpage.'.dat';
    42. 

  42. if(!file_exists($myFile)){$myFile=ARTICLES.'404.dat'; header('Status: 404'); header('HTTP/1.1 404 Not Found');}
    43. 

  43. $data=file_get_contents($myFile);

    44. 

  44. $sitetitle=articlesparam('title',$data);

    45. 

  45. $contentcenter=articlesparam('content',$data);

    46. 

  46. $myinclude = articlesparam('myinclude',$data);

    47. 

  47. if(empty($myinclude))$myinclude='main';

    48. 

  48. $metadescription=articlesparam('description',$data);

    49. 

  49. $metakeywords=articlesparam('keywords',$data);

    50. 

  50. $pubdateofpage=articlesparam('pubdate',$data);

    51. 

  51. $enablecomment=(int)articlesparam('comment',$data);

    52. 

  52. //?????? ? ????????

    53. 

  53. $contentcenter.='<div class="myinclude">';

    54. 

  54. ob_start();
    55. 

  55. require(MYCODE.$myinclude.'.php');
    56. 

  56. if($enablecomment>0)require(MYCODE.'comments.php');

    57. 

  57. $contentcenter.=ob_get_contents();
    58. 

  58. ob_end_clean();

    59. 

  59. $contentcenter.='</div>';
    60. 

  60. //????????? ??????
    61. 

  61. $what_templatepage=articlesparam('templatepage',$data);

    62. 

  62. if(!empty($catpage)){
    63. 

  63. 		$myFile=ARTICLES.$catpage.'/main.dat';

    64. 

  64. 		if(file_exists($myFile))$cat_templatepage = articlesparam('templatepage',file_get_contents($myFile));

    65. 

  65. }
    66. 

  66. if(!empty($subcatpage)){
    67. 

  67. 		$myFile=ARTICLES.$catpage.'/'.$subcatpage.'/main.dat';

    68. 

  68. 		if(file_exists($myFile))$subcat_templatepage = articlesparam('templatepage',file_get_contents($myFile));

    69. 

  69. }
    70. 

  70. $templatepage='template';

    71. 

  71. if($what_templatepage==''){

    72. 

  72. 	if($subcat_templatepage==''){

    73. 

  73. 		if($cat_templatepage==''){

    74. 

  74. 			$templatepage .= $what_templatepage;

    75. 

  75. 		}else $templatepage .= $cat_templatepage;

    76. 

  76. 	}else $templatepage .= $subcat_templatepage;

    77. 

  77. }else $templatepage .= $what_templatepage;

    78. 

  78. //????????? ?????? ??????????? ????? ?????????? ????????

    79. 

  79. if(!file_exists(LOCALPATH.'templates/'.$template.'/'.$templatepage.'.php'))$templatepage='template';

    80. 

  80. $incl=file_get_contents(LOCALPATH.'templates/'.$template.'/'.$templatepage.'.php');

    81. 

  81. $incl=parse_incl($incl);

    82. 

  82. $lnav=linkator($whatpage, $catpage, $subcatpage, $sitetitle);

    83. 

  83. eval('?>'.$incl);

    84. 

  84.