PageRenderTime 58ms CodeModel.GetById 19ms RepoModel.GetById 0ms app.codeStats 1ms

/test/subjects/benchmarks/webapps/tigerPhpNewsSystem_1.0_beta_build39/index.php

http://phc.googlecode.com/
PHP | 2777 lines | 2491 code | 105 blank | 181 comment | 861 complexity | f061bf620ef88c20976540361c106b8d MD5 | raw file
Possible License(s): GPL-2.0, 0BSD, BSD-3-Clause, Unlicense, MPL-2.0-no-copyleft-exception, LGPL-2.1

Large files files are truncated, but you can click here to view the full file

  1. <?
  2. /*
  3. * This software is part of the Tiger php news system
  4. * http://tpns.sourceforge.net
  5. *
  6. * This software comes with ABSOLUTELY NO WARRANTY. For details, see
  7. * the enclosed file COPYING for license information (GPL). If you
  8. * did not receive this file, see http://www.gnu.org/licenses/gpl.txt.
  9. *
  10. */
  11. //{{{ PHP start
  12. #start timer:
  13. $stimer = explode( ' ', microtime() );
  14. $stimer = $stimer[1] + $stimer[0];
  15. $isbot=false;
  16. if ( preg_match("/bot|spider|crawl|seek|search|slurp|checker|meta|validator/is",$_SERVER['HTTP_USER_AGENT'] ) )
  17. {
  18. $isbot=true;
  19. }
  20. header("Content-Type: text/html; charset=ISO-8859-15");
  21. require_once( 'Main.php' );
  22. include( 'config.php' );
  23. require_once( 'sessions.php' );
  24. $confnr=$nr;
  25. $main = new Main();
  26. #if ($usedbsessions)
  27. #{
  28. # $session = new session();
  29. # $session->setMain($main);
  30. # session_set_save_handler(array(&$session,"open"), array(&$session,"close"), array(&$session,"read"), array(&$session,"write"), array(&$session,"destroy"), array(&$session,"gc"));
  31. #}
  32. session_start();
  33. //{{{ LOG ANON COMMENTS
  34. if (isset($_REQUEST['page']) and $logannoncomment)
  35. {
  36. if ( !isset($_SESSION['role'])){$_SESSION['role']="0";}
  37. if ($_SESSION['role'] == "0" and $_REQUEST['page'] == "addnewscomment")
  38. {
  39. //open the file and append the contents
  40. $fp = fopen($annoncommentlogfile, "a+");
  41. // Write the request to the file
  42. fwrite($fp, "\n\nREMOTE_ADDR=".$_SERVER['REMOTE_ADDR']);
  43. fwrite($fp, "\nHTTP_HOST=".$_SERVER['HTTP_HOST']);
  44. fwrite($fp, "\nHTTP_USER_AGENT=".$_SERVER['HTTP_USER_AGENT']);
  45. fwrite($fp, "\nHTTP_ACCEPT=".$_SERVER['HTTP_ACCEPT']);
  46. fwrite($fp, "\nHTTP_ACCEPT_LANGUAGE=".$_SERVER['HTTP_ACCEPT_LANGUAGE']);
  47. fwrite($fp, "\nHTTP_ACCEPT_ENCODING=".$_SERVER['HTTP_ACCEPT_ENCODING']);
  48. fwrite($fp, "\nHTTP_ACCEPT_CHARSET=".$_SERVER['HTTP_ACCEPT_CHARSET']);
  49. foreach ($_GET as $key => $val) {fwrite($fp, "\n_GET: ".$key."=".$val);}
  50. foreach ($_POST as $key => $val) {fwrite($fp, "\n_POST: ".$key."=".$val);}
  51. foreach ($_SESSION as $key => $val) {fwrite($fp, "\n_SESSION: ".$key."=".$val);}
  52. foreach ($_COOKIE as $key => $val) { fwrite($fp, "\n_COOKIE: ".$key."=".$val);
  53. }
  54. fwrite($fp, "\n");
  55. // Close the file
  56. fclose($fp);
  57. }
  58. }
  59. //}}}
  60. $havecookie=false;
  61. if ( isset($_COOKIE['PHPSESSID']) and isset($_SESSION['reqid']) )
  62. {
  63. $havecookie=true;
  64. }
  65. $main->isbot=$isbot;
  66. $main->havecookie=$havecookie;
  67. $upload_max_filesize = ini_get('upload_max_filesize');
  68. $form_upload_max_filesize = preg_replace('/M/', '000000', $upload_max_filesize);
  69. $text_upload_max_filesize = preg_replace('/M/', ' Megabyte(s)', $upload_max_filesize);
  70. //$main->Main();
  71. $_REQUEST = $main->clean_array( $_REQUEST, true );
  72. $_SERVER = $main->clean_array( $_SERVER, false, false );
  73. if ( isset($_SESSION['nr']) ){$nr=$_SESSION['nr'];}
  74. if ( isset($_REQUEST['nr']) ){$nr=$_REQUEST['nr'];}
  75. $count=0;
  76. $plugins=array();
  77. //Variables
  78. $page="start";if ( $initpage == "true"){ $page="init";}if ($enablesplash){ $page="splash";}if ( isset($_REQUEST['page']) ){$page=$_REQUEST['page'];}
  79. $bbcode="
  80. <script type=\"text/javascript\">
  81. //<!--
  82. function showBBcodehelp()
  83. {
  84. var bbcodetext = document.getElementById('bbcodehelp');
  85. var bbon = document.getElementById('bbon');
  86. bbcodetext.style.display = \"block\";
  87. bbon.style.display = \"none\";
  88. }
  89. function hideBBcodehelp()
  90. {
  91. var bbcodetext = document.getElementById('bbcodehelp');
  92. var bbon = document.getElementById('bbon');
  93. bbcodetext.style.display = \"none\";
  94. bbon.style.display = \"block\";
  95. }
  96. //-->
  97. </script>
  98. <input type='button' value='bbcode' id='bbon' onclick=\"showBBcodehelp()\" class='button'/>
  99. <div id='bbcodehelp' style='display:none'>
  100. <input type='button' value='bbcode' id='bboff' onclick=\"hideBBcodehelp()\" class='button'/>
  101. <p><small>[b]<b>B</b>[/b] [i]<i>i</i>[/i] [u]<span class='uline'>u</span>[/u] [s]<span class=\"small\">s</span>[/s] [sm]<small>small</small>[/sm] [big]<big>big</big>[/big] [strike]<span class='strike'>strike</span>[/strike]<br />
  102. [color=#f00]<span style=\"color: #f00;\">#f00</span>[/color] [color=#f00000]<span style=\"color: #f00000;\">#f00000</span>[/color] [color=red]<span style=\"color: red;\">red</span>[/color]<br />
  103. [table]<br />[tr][th][/th][/tr]<br />[tr][td][/td][/tr]<br />[/table]<br />
  104. [list][list=1][list=a]<br />
  105. [*] <br />
  106. [/list]<br />
  107. [bq]<br />
  108. blockquote<br />
  109. [/bq]<br />
  110. [url=http://url]name[/url]<br />
  111. [url=mailto:address]name[/url]<br />
  112. [news=#]name[/news]<br />
  113. [page=page]name[/page]<br />
  114. [cat=#]name[/cat]<br />
  115. </small></p></div>";
  116. if ( $enablebbcode != "true" )
  117. {
  118. $bbcode="";
  119. }
  120. $main->setBBcode($bbcode);
  121. if (!isset($_SESSION['imgkey'])){$_SESSION['imgkey']=rand(1000, 9999);}
  122. if (!isset($_REQUEST['imgkey'])){$_REQUEST['imgkey']=0;}
  123. if (!isset($_SESSION['anonemail'])){$_SESSION['anonemail']="";}
  124. if (!isset($_SESSION['anonname'])){$_SESSION['anonname']="";}
  125. if (!isset($_SESSION['anonhomepage'])){$_SESSION['anonhomepage']="";}
  126. $oldrequestid=rand(1000, 9999);if ( isset($_REQUEST['rid'])){$oldrequestid=$_REQUEST['rid'];}else{$_REQUEST['rid']=$oldrequestid;}
  127. $requestid=rand(1000, 9999);;if ( isset($_SESSION['reqid']) ){$requestid=$_SESSION['reqid'];}
  128. //}}}
  129. // {{{ Counter
  130. if ( $enablecounter == "true" )
  131. {
  132. // Open the file for reading
  133. $fp = fopen("counterlog.txt", "r");
  134. // Get the existing count
  135. $count = fread($fp, 1024);
  136. // Close the file
  137. fclose($fp);
  138. if ($main->isPublicIp($_SERVER['REMOTE_ADDR']))
  139. {
  140. if ( !isset($_SESSION['counted']) and !$isbot and $havecookie )
  141. {
  142. $count=$count + 1;
  143. // Reopen the file and erase the contents
  144. $fp = fopen("counterlog.txt", "w");
  145. // Write the new count to the file
  146. fwrite($fp, $count);
  147. // Close the file
  148. fclose($fp);
  149. $_SESSION['counted'] = "1";
  150. }
  151. }
  152. }
  153. //}}} Counter
  154. //{{{ Check referer
  155. if ( isset($_SERVER['HTTP_REFERER']) )
  156. {
  157. if (! preg_match ("/http:\/\/".$_SERVER['HTTP_HOST']."/i", $_SERVER['HTTP_REFERER']))
  158. {
  159. $main->addreferer( $_SERVER['HTTP_REFERER'] );
  160. }
  161. }
  162. ///}}}
  163. //{{{ browser statistics
  164. if ( !isset($_SESSION['bstat']))
  165. {
  166. $testbrowsercap=ini_get("browscap");
  167. if ( $testbrowsercap != "")
  168. {
  169. if ($main->isPublicIp($_SERVER['REMOTE_ADDR']))
  170. {
  171. $browserinfo = get_browser();
  172. $bstatplatform="";if (isset($browserinfo->platform)){$bstatplatform=$browserinfo->platform;}
  173. $bstatbrowser="";if (isset($browserinfo->browser)){$bstatbrowser=$browserinfo->browser;}
  174. $bstatversion="";if (isset($browserinfo->version)){$bstatversion=$browserinfo->version;}
  175. $bstatcrawler=0;if ("$browserinfo->crawler" == "1" ){$bstatcrawler=$browserinfo->crawler;}
  176. if ("$bstatplatform$bstatbrowser$bstatversion" != "" )
  177. {
  178. $main->updatebrowserstat($bstatplatform,$bstatbrowser,$bstatversion,$bstatcrawler);
  179. }
  180. }
  181. }
  182. $_SESSION['bstat']="loged";
  183. }
  184. //}}}
  185. //{{{Login
  186. if ( $page == "login")
  187. {
  188. if (!isset($_SERVER['HTTP_X_FORWARDED_FOR'])){$_SERVER['HTTP_X_FORWARDED_FOR']="";}
  189. if (!isset($_SERVER['HTTP_ACCEPT_CHARSET'])){$_SERVER['HTTP_ACCEPT_CHARSET']="";}
  190. $user="";if ( $_REQUEST['user'] != "" ){$user=$_REQUEST['user'];}
  191. $passwd="";if ( $_REQUEST['passwd'] != "" ){$passwd=$_REQUEST['passwd'];}
  192. $passwd=md5($passwd);
  193. $userdata=$main->login($user, $passwd , true );
  194. if ( isset($userdata->rows) and $userdata->rows == 1 )
  195. {
  196. $userid=$userdata->records[0]['id'];
  197. $role=$userdata->records[0]['role'];
  198. $_SESSION['name']=$userdata->records[0]['name'];
  199. $_SESSION['nr']=$userdata->records[0]['nr'];
  200. $_SESSION['userid']=$userid;
  201. $_SESSION['role']=$role;
  202. $_SESSION['user']=$userdata->records[0]['user'];
  203. $_SESSION['passwd']=$passwd;
  204. $_SESSION['email']=$userdata->records[0]['email'];
  205. $_SESSION['theme']=$userdata->records[0]['theme'];
  206. //$_SESSION['img']=$userdata->records[0]['img'];
  207. //$_SESSION['data']=$userdata->records[0]['data'];
  208. $_SESSION['ip']=$_SERVER['REMOTE_ADDR'];
  209. $_SESSION['agent']="$_SERVER[HTTP_USER_AGENT]$_SERVER[HTTP_X_FORWARDED_FOR]$_SERVER[HTTP_ACCEPT_LANGUAGE]$_SERVER[HTTP_ACCEPT_CHARSET]";
  210. $_SESSION['lang']=$userdata->records[0]['lang'];
  211. }
  212. else
  213. {
  214. print "login failed";
  215. }
  216. $page="start";if ( $initpage == "true"){ $page="init";}if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage']) ){$page=$_SESSION['lastpage'];}
  217. }
  218. if ( isset($_SESSION['userid']) and $_SESSION['userid'] != 0 )
  219. {
  220. if (!isset($_SERVER['HTTP_X_FORWARDED_FOR'])){$_SERVER['HTTP_X_FORWARDED_FOR']="";}
  221. if (!isset($_SERVER['HTTP_ACCEPT_CHARSET'])){$_SERVER['HTTP_ACCEPT_CHARSET']="";}
  222. if ($_SESSION['ip'] == $_SERVER['REMOTE_ADDR'] and $_SESSION['agent'] == "$_SERVER[HTTP_USER_AGENT]$_SERVER[HTTP_X_FORWARDED_FOR]$_SERVER[HTTP_ACCEPT_LANGUAGE]$_SERVER[HTTP_ACCEPT_CHARSET]" )
  223. {
  224. $userid=$_SESSION['userid'];
  225. $role=$_SESSION['role'];
  226. }
  227. else
  228. {
  229. $page="logout";
  230. }
  231. }
  232. //}}}
  233. //{{{ Logout
  234. if ( $page == "logout" )
  235. {
  236. $_SESSION['name']="";
  237. $_SESSION['userid']="0";
  238. $_SESSION['role']="0";
  239. $_SESSION['user']="";
  240. $_SESSION['nr']="$confnr";
  241. $_SESSION['passwd']="";
  242. $_SESSION['email']="";
  243. $_SESSION['img']="";
  244. $_SESSION['data']="";
  245. $userid=0;
  246. $role=0;
  247. $page="start";if ( $initpage == "true"){ $page="init";}if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}
  248. }
  249. //}}}
  250. //{{{ Set Lang
  251. include_once( "lang/en.php" );
  252. $text=$main->clean_array( $text, false, true );
  253. $main->settext($text);
  254. //}}}
  255. if ($usedbsessions){if (!isset($userid)){$userid=0;}$main->run_query("update sessions set user ='$userid', page = '$page', hits = hits + 1 where session_id = '".session_id()."'");}
  256. //{{{ Download
  257. if ( $page == "dload" )
  258. {
  259. $id = $_REQUEST['id'];
  260. $fileinfo=$main->getfileinfo($id);
  261. if ($fileinfo->rows == "1")
  262. {
  263. if ( $fileinfo->records['0']['access'] > $role ){ header("HTTP/1.0 401 Unauthorized",true,401); die("401 Unauthorized");}
  264. $filename = $fileinfo->records['0']['filename'];
  265. $file = "$filepath/$id/$filename";
  266. //First, see if the file exists
  267. if (!is_file($file)) { header("HTTP/1.0 404 Not Found",true,404); die("404 File not found!"); }
  268. //Gather relevent info about file
  269. $len = $fileinfo->records['0']['size'];
  270. $ctype = $fileinfo->records['0']['type'];
  271. //Begin writing headers
  272. header("Pragma: public");
  273. header("Expires: 0");
  274. header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
  275. header("Cache-Control: public");
  276. if ( !isset($_REQUEST['view']))
  277. {
  278. header("Content-Description: File Transfer");
  279. header("Content-Disposition: attachment; filename=$filename;");
  280. }
  281. if ( isset($_REQUEST['view']))
  282. {
  283. if ( $_REQUEST['view'] != "true" )
  284. {
  285. header("Content-Description: File Transfer");
  286. header("Content-Disposition: attachment; filename=$filename;");
  287. }
  288. }
  289. //Use the switch-generated Content-Type
  290. header("Content-Type: $ctype");
  291. header("Content-Transfer-Encoding: binary");
  292. header("Content-Length: ".$len);
  293. @readfile($file) or die("File not found.");
  294. exit;
  295. }
  296. header("HTTP/1.0 404 Not Found",true,404);
  297. die("404 File not found.");
  298. }
  299. //}}}
  300. //{{{start of request id limit
  301. if ( "$oldrequestid" == "$requestid" and $havecookie and !$isbot )
  302. {
  303. //}}}
  304. //{{{Password recovery
  305. if ( $page == "pwdrec3" )
  306. {
  307. if (!isset($_SERVER['HTTP_X_FORWARDED_FOR'])){$_SERVER['HTTP_X_FORWARDED_FOR']="";}
  308. if (!isset($_SERVER['HTTP_ACCEPT_CHARSET'])){$_SERVER['HTTP_ACCEPT_CHARSET']="";}
  309. if ( $_SESSION['pwdid'] == $_REQUEST['pwdinid'])
  310. {
  311. $userdata=$_SESSION['tempuserlogin'];
  312. $userid=$userdata['id'];
  313. $role=$userdata['role'];
  314. $_SESSION['name']=$userdata['name'];
  315. $_SESSION['nr']=$userdata['nr'];
  316. $_SESSION['userid']=$userid;
  317. $_SESSION['role']=$role;
  318. $_SESSION['user']=$userdata['user'];
  319. $_SESSION['passwd']=$userdata['passwd'];
  320. $_SESSION['email']=$userdata['email'];
  321. $_SESSION['theme']=$userdata['theme'];
  322. //$_SESSION['img']=$userdata->records[0]['img'];
  323. //$_SESSION['data']=$userdata->records[0]['data'];
  324. $_SESSION['ip']=$_SERVER['REMOTE_ADDR'];
  325. $_SESSION['agent']="$_SERVER[HTTP_USER_AGENT]$_SERVER[HTTP_X_FORWARDED_FOR]$_SERVER[HTTP_ACCEPT_LANGUAGE]$_SERVER[HTTP_ACCEPT_CHARSET]";
  326. $_SESSION['lang']=$userdata['lang'];
  327. $page="edituser";
  328. $_REQUEST['id']=$userid;
  329. }
  330. else
  331. {
  332. print "login failed";
  333. $page="pwdrec";
  334. }
  335. }
  336. //}}}
  337. //{{{ Vote
  338. if ( "$page" == "vote" )
  339. {
  340. if ( ! isset($_SESSION['vote'][$_REQUEST['id']]) )
  341. {
  342. $_SESSION['vote'][$_REQUEST['id']]='v';
  343. if ( $_REQUEST['value'] < "6" and $_REQUEST['value'] > "0")
  344. {
  345. $main->vote($_REQUEST['id'],$_REQUEST['value']);
  346. }
  347. }
  348. $page="start";if ( $initpage == "true"){ $page="init";}if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage'])){$page=$_SESSION['lastpage'];}
  349. if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
  350. if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
  351. }
  352. //}}}
  353. //{{{ Start of imgkey sheck
  354. if ( $role > 0 or $_SESSION['imgkey'] == $_REQUEST['imgkey'])
  355. {
  356. //}}}
  357. //{{{ Save news
  358. if ( "$page" == "savenews" and "$role" > "0" )
  359. {
  360. $addnews="true";
  361. $id="";if ( $_REQUEST['id'] != "" ){$id=$_REQUEST['id'];}
  362. $access="";if ( $_REQUEST['access'] != "" ){$access=$_REQUEST['access'];}else{$addnews="false";}
  363. $headline="";if ( $_REQUEST['header'] != "" ){$headline=$_REQUEST['header'];}else{$addnews="false";}
  364. $order="";if ( $_REQUEST['order'] != "" ){$order=$_REQUEST['order'];}else{$order="1";}
  365. $type="";if ( $_REQUEST['type'] != "" ){$type=$_REQUEST['type'];}else{$type="1";}
  366. $data="";if ( $_REQUEST['news'] != "" ){$data=$_REQUEST['news'];}else{$addnews="false";}
  367. $data2="";if ( $_REQUEST['extnews'] != "" ){$data2=$_REQUEST['extnews'];}
  368. $filename="";if ( isset($_REQUEST['delimg'])){$filename="del";}
  369. $category="1";
  370. if ( $_REQUEST['newcategory'] != "" )
  371. {
  372. $newcat=$main->addCategory($_REQUEST['newcategory']);
  373. if ( isset($newcat->lastid) and $newcat->lastid != 0)
  374. {
  375. $category=$newcat->lastid;
  376. }
  377. }
  378. elseif($_REQUEST['category'] != "" ){$category=$_REQUEST['category'];}
  379. else{$addnews="false";}
  380. if ( "$addnews" == "true" )
  381. {
  382. if ( $type == "1" ){$page="start";}
  383. elseif( $type == "2" ){$page="newscat";$_REQUEST['catid']=$category;}
  384. elseif( $type == "3" ){$page="viewnews";}
  385. elseif( $type == "4" ){$page="init";$main->removeoldinit($access);}
  386. elseif( $type == "5" ){$page="myhome";$subpage="news";$_REQUEST['id']=$_SESSION['lastuid'];}
  387. elseif( $type == "6" ){$page="myhome";$subpage="private";}
  388. elseif( $type == "7" ){$page="admnews";}
  389. elseif( $type == "8" ){$page="remnews";}
  390. elseif( $type == "9" ){$page="myhome";$_REQUEST['subpage']="hidden";$_REQUEST['id']=$userid;}
  391. else {$page="start";}
  392. $_SESSION['lastpage']=$page;
  393. if ( $role >= "2" )
  394. {
  395. if ($filename == "del" or $_FILES['img']['size'] != "0" )
  396. {
  397. $thumbdir="./thumb/news/$id/";
  398. $smalldir="./small/news/$id/";
  399. $uploaddir="./img/news/$id/";
  400. if(is_dir($thumbdir))
  401. {
  402. $main->rmdirr($thumbdir);
  403. }
  404. if(is_dir($smalldir))
  405. {
  406. $main->rmdirr($smalldir);
  407. }
  408. if(is_dir($uploaddir))
  409. {
  410. $main->rmdirr($uploaddir);
  411. }
  412. }
  413. if ($_FILES['img']['size'] != "0")
  414. {
  415. $filename=$main->uploadfile( $_FILES['img'] , "news", $id );
  416. }
  417. }
  418. $result = $main->savenews( $id, $access, $headline, $filename, $data, $data2, $order, $category, $type );
  419. }
  420. if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
  421. if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
  422. }
  423. //}}}
  424. //{{{ Add news
  425. if ( "$page" == "addnews" and "$role" != "0" )
  426. {
  427. $addnews="true";
  428. $img="";
  429. $access="";if ( $_REQUEST['access'] != "" ){$access=$_REQUEST['access'];}else{$addnews="false";}
  430. $owner=$userid;
  431. $headline="";if ( $_REQUEST['header'] != "" ){$headline=$_REQUEST['header'];}else{$addnews="false";}
  432. $order="";if ( $_REQUEST['order'] != "" ){$order=$_REQUEST['order'];}else{$order="1";}
  433. $type="";if ( $_REQUEST['type'] != "" ){$type=$_REQUEST['type'];}else{$type="1";}
  434. $data="";if ( $_REQUEST['news'] != "" ){$data=$_REQUEST['news'];}else{$addnews="false";}
  435. $data2="";if ( $_REQUEST['extnews'] != "" ){$data2=$_REQUEST['extnews'];}
  436. $category="1";
  437. if ( $_REQUEST['newcategory'] != "" ){
  438. $newcat=$main->addCategory($_REQUEST['newcategory']);
  439. if ( isset($newcat->lastid) and $newcat->lastid != 0)
  440. {
  441. $category=$newcat->lastid;
  442. }
  443. }
  444. elseif($_REQUEST['category'] != "" ){$category=$_REQUEST['category'];}
  445. else{$addnews="false";}
  446. if ( "$addnews" == "true" )
  447. {
  448. if ( $type == "1" ){$page="start";}
  449. elseif( $type == "2" ){$page="newscat";$_REQUEST['catid']=$category;}
  450. elseif( $type == "3" ){$page="viewnews";}
  451. elseif( $type == "4" ){$page="init";$main->removeoldinit($access);}
  452. elseif( $type == "5" ){$page="myhome";$subpage="news";$_REQUEST['id']=$_SESSION['lastuid'];}
  453. elseif( $type == "6" ){$page="myhome";$subpage="private";}
  454. elseif( $type == "7" ){$page="admnews";}
  455. elseif( $type == "8" ){$page="remnews";}
  456. elseif( $type == "9" ){$page="myhome";$_REQUEST['subpage']="hidden";$_REQUEST['id']=$userid;}
  457. else {$page="start";}
  458. $_SESSION['lastpage']=$page;
  459. $filename=str_replace(" ","_",basename($_FILES['img']['name']));
  460. $filename=str_replace("?","a",$filename);
  461. $filename=str_replace("ä","a",$filename);
  462. $filename=str_replace("ö","o",$filename);
  463. $filename=str_replace("?","A",$filename);
  464. $filename=str_replace("Ä","A",$filename);
  465. $filename=str_replace("Ö","O",$filename);
  466. $filename=str_replace("(","_",$filename);
  467. $filename=str_replace(")","_",$filename);
  468. $filename=ereg_replace("[^a-z,A-Z,0-9,_,.]","_",$filename);
  469. $result = $main->addnews( $access, $owner, $headline, $filename, $data, $data2, $order, $category, $type );
  470. if ( $role >= "2" )
  471. {
  472. $filenam=$main->uploadfile( $_FILES['img'], "news", $result->lastid );
  473. }
  474. }
  475. }
  476. //}}}
  477. //{{{ Remove news
  478. if ( "$page" == "rmnews" and "$role" > "0" )
  479. {
  480. $id="";if ( isset($_REQUEST['id']) ){$id=$_REQUEST['id'];}
  481. $main->rmnews( $id, $role );
  482. if ($_SESSION['lastpage'] == "myhome" ){$_REQUEST['id']=$_SESSION['lastuid'];}
  483. $page="start";if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage']) ){$page=$_SESSION['lastpage'];}
  484. if ( "$page" == "myhome")
  485. {
  486. $_REQUEST['id']=$_SESSION['lastuid'];
  487. $_REQUEST['subpage']=$_SESSION['lastsubpage'];
  488. }
  489. if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
  490. if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
  491. }
  492. //}}}
  493. //{{{ Delete news
  494. if ( "$page" == "deletenews" and "$role" >= "3")
  495. {
  496. $id="";if ( isset($_REQUEST['id']) ){$id=$_REQUEST['id'];}
  497. $main->delnews( $id, $role );
  498. $page="start";if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage']) ){$page=$_SESSION['lastpage'];}
  499. if ($page=="viewnews"){$page="start";}
  500. if ( "$page" == "myhome")
  501. {
  502. $_REQUEST['id']=$_SESSION['lastuid'];
  503. $_REQUEST['subpage']=$_SESSION['lastsubpage'];
  504. }
  505. if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
  506. if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
  507. }
  508. //}}}
  509. //{{{ Add comment to news
  510. if ( "$page" == "addnewscomment" and ( $role >= 1 or $allowanonaddcomment == 'true' or ( $_SESSION['lastid'] == "-1" and $allowanonaddguestbook == "true" ) ) )
  511. {
  512. $id="";if ( isset($_SESSION['lastid']) ){$id=$_SESSION['lastid'];}
  513. $headline="";if ( isset($_REQUEST['header']) ){$headline=$_REQUEST['header'];}
  514. $data="";if ( isset($_REQUEST['data']) ){$data=$_REQUEST['data'];}
  515. $anonname="";if ( isset($_REQUEST['name']) ){$anonname=$_REQUEST['name'];}
  516. $_SESSION['anonname']=$anonname;
  517. $anonemail="";if ( isset($_REQUEST['email']) ){$anonemail=$_REQUEST['email'];}
  518. $_SESSION['anonemail']=$anonemail;
  519. $homepage="";if ( isset($_REQUEST['homepage'])){$homepage=$_REQUEST['homepage'];}
  520. $_SESSION['anonhomepage']=preg_replace("#(\<a)(.*?)(\>)(.*?)(\</a\>)#is","$4",$homepage);
  521. if ( $data != "" ){$main->addcomment( $userid, 1, $id, $headline, $data, $anonname, $anonemail,$homepage );}
  522. $page=$_SESSION['lastpage'];
  523. if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
  524. if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
  525. }
  526. //}}}
  527. //{{{Save comment
  528. if ( "$page" == "savecomment" and $role >= 1 )
  529. {
  530. $page=$_SESSION['lastpage'];
  531. $id="";if ( isset($_REQUEST['id']) ){$id=$_REQUEST['id'];}
  532. $headline="";if ( isset($_REQUEST['header']) ){$headline=$_REQUEST['header'];}
  533. $data="";if ( isset($_REQUEST['data']) ){$data=$_REQUEST['data'];}
  534. $anonname="";if ( isset($_REQUEST['name']) ){$anonname=$_REQUEST['name'];}
  535. $anonemail="";if ( isset($_REQUEST['email']) ){$anonemail=$_REQUEST['email'];}
  536. $homepage="";if ( isset($_REQUEST['homepage']) ){$homepage=$_REQUEST['homepage'];}
  537. if ( $headline != "" and $data != "" ){$main->savecomment( $userid, $role, $id, $headline, $data, $anonname, $anonemail, $homepage);}
  538. $_REQUEST['id']=$_SESSION['lastid'];
  539. if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
  540. if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
  541. }
  542. //}}}
  543. // {{{ Remove comments
  544. if ( "$page" == "rmcomment" and $role >= 1 )
  545. {
  546. $page=$_SESSION['lastpage'];
  547. $id="";if ( isset($_REQUEST['id']) ){$id=$_REQUEST['id'];}
  548. if ( $id != "" )
  549. {
  550. $main->rmcomment( $userid, $role, $id);
  551. }
  552. $_REQUEST['id']=$_SESSION['lastid'];
  553. if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
  554. if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
  555. }
  556. //}}}
  557. // {{{ Delete comment
  558. if ( "$page" == "deletecomment" and $role == 4 )
  559. {
  560. $page=$_SESSION['lastpage'];
  561. $id="";if ( isset($_REQUEST['id']) ){$id=$_REQUEST['id'];}
  562. if ( $id != "" )
  563. {
  564. $main->deletecomment( $id);
  565. }
  566. $_REQUEST['id']=$_SESSION['lastid'];
  567. if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
  568. if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
  569. }
  570. //}}}
  571. //{{{ Add user
  572. if ( "$page" == "adduser" and (("$role" == "0" and $allowregister == "true" ) or "$role" >= "3" ))
  573. {
  574. $adduser="true";
  575. $img="";
  576. $newrole="";if ( $_REQUEST['role'] != "" ){$newrole=$_REQUEST['role'];}else{$adduser="false";}
  577. $newname="";if ( $_REQUEST['name'] != "" ){$newname=$_REQUEST['name'];}else{$adduser="false";}
  578. $newuser="";if ( $_REQUEST['nuser'] != "" ){$newuser=$_REQUEST['nuser'];}else{$adduser="false";}
  579. $newemail="";if ( $_REQUEST['email'] != "" ){$newemail=$_REQUEST['email'];}
  580. $newdata="";if ( $_REQUEST['data'] != "" ){$newdata=$_REQUEST['data'];}
  581. $newlang="";if ( $_REQUEST['lang'] != "" ){$newlang=$_REQUEST['lang'];}else{$adduser="false";}
  582. $newpwd1="";if ( $_REQUEST['pwd1'] != "" ){$newpwd1=$_REQUEST['pwd1'];}else{$adduser="false";}
  583. $newpwd2="";if ( $_REQUEST['pwd2'] != "" ){$newpwd2=$_REQUEST['pwd2'];}else{$adduser="false";}
  584. $homepage="";if ( $_REQUEST['homepage'] != "" ){$homepage=$_REQUEST['homepage'];}
  585. $usetheme="default";
  586. if ( $allowusertheme == "true" and $_REQUEST['usetheme'] != "" )
  587. {
  588. $usetheme=$_REQUEST['usetheme'];
  589. if ( !is_file("themes/$usetheme/site.css"))
  590. {
  591. $usetheme="default";
  592. }
  593. }
  594. if( $allowusertheme != "true"){$usetheme="default";}
  595. $nr=$confnr;if ( isset($_REQUEST['nr'])){$nr=$_REQUEST['nr'];}
  596. if ( "$adduser" == "true" and ( "$role" >= "$newrole" or "$newrole" == "1" )and "$newpwd1" == "$newpwd2" )
  597. {
  598. $filename="";
  599. if ( isset($_FILES['img']))
  600. {
  601. $filename=str_replace(" ","_",basename($_FILES['img']['name']));
  602. $filename=str_replace("?","a",$filename);
  603. $filename=str_replace("ä","a",$filename);
  604. $filename=str_replace("ö","o",$filename);
  605. $filename=str_replace("?","A",$filename);
  606. $filename=str_replace("Ä","A",$filename);
  607. $filename=str_replace("Ö","O",$filename);
  608. $filename=str_replace("(","_",$filename);
  609. $filename=str_replace(")","_",$filename);
  610. $filename=ereg_replace("[^a-z,A-Z,0-9,_,.]","_",$filename);
  611. }
  612. $result = $main->adduser( $newrole,$nr,$usetheme,$newname,$newuser,$newemail,$newdata, md5($newpwd1), $filename, $newlang, $homepage );
  613. $_REQUEST['id']=$result->lastid;
  614. $_REQUEST['nextpage']="myhome";
  615. if ($newusermailtoadmin)
  616. {
  617. $admins=$main->run_query("SELECT email FROM `user` where role=4;");
  618. foreach($admins->records as $adminemails )
  619. {
  620. $main->sendMail( "$adminemails[email]" , $main->decode("$sitetitle: $text[useradded]"), $main->decode("$text[name] $newname\n$text[email] $newemail\n$text[description]\n$newdata") , "$adminemail");
  621. }
  622. }
  623. if ( $role >= "2" and isset($_FILES['img']) )
  624. {
  625. $filename=$main->uploadfile( $_FILES['img'] , "user", $result->lastid );
  626. }
  627. }
  628. $page="start";if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage']) ){$page=$_SESSION['lastpage'];}
  629. }
  630. //}}}
  631. //{{{ Save user
  632. if ( "$page" == "saveuser" )
  633. {
  634. $adduser="true";
  635. $newid="";if ( $_REQUEST['id'] != "" ){$newid=$_REQUEST['id'];}else{$adduser="false";}
  636. $newrole="";if ( $_REQUEST['role'] != "" ){$newrole=$_REQUEST['role'];}else{$adduser="false";}
  637. $newname="";if ( $_REQUEST['name'] != "" ){$newname=$_REQUEST['name'];}else{$adduser="false";}
  638. $newemail="";if ( $_REQUEST['email'] != "" ){$newemail=$_REQUEST['email'];}
  639. $newdata="";if ( $_REQUEST['data'] != "" ){$newdata=$_REQUEST['data'];}
  640. $newlang="";if ( $_REQUEST['lang'] != "" ){$newlang=$_REQUEST['lang'];}else{$adduser="false";}
  641. $newpwd1="";if ( $_REQUEST['pwd1'] != "" ){$newpwd1=$_REQUEST['pwd1'];}
  642. $newpwd2="";if ( $_REQUEST['pwd2'] != "" ){$newpwd2=$_REQUEST['pwd2'];}
  643. $homepage="";if ( $_REQUEST['homepage'] != "" ){$homepage=$_REQUEST['homepage'];}
  644. $filename="";if ( isset($_REQUEST['delimg'])){$filename="del";}
  645. $usetheme="default";
  646. if ( $allowusertheme == "true" and $_REQUEST['usetheme'] != "" )
  647. {
  648. $usetheme=$_REQUEST['usetheme'];
  649. if ( !is_file("themes/$usetheme/site.css"))
  650. {
  651. $usetheme="default";
  652. }
  653. elseif( $newid == $userid )
  654. {
  655. $_SESSION['theme']="$usetheme";
  656. }
  657. }
  658. $nr=$confnr;if ( isset($_REQUEST['nr'])){$nr=$_REQUEST['nr'];}
  659. if ( "$role" <= "2" )
  660. {
  661. $newrole=$role;
  662. $newid=$userid;
  663. }
  664. if ( "$adduser" == "true" and ( "$role" >= "$newrole" or "$newrole" == "1" ) and "$newpwd1" == "$newpwd2" )
  665. {
  666. if ( $role >= "2" )
  667. {
  668. if ($filename == "del" or $_FILES['img']['size'] != "0" )
  669. {
  670. $thumbdir="./thumb/user/$newid/";
  671. $smalldir="./small/user/$newid/";
  672. $uploaddir="./img/user/$newid/";
  673. if(is_dir($thumbdir))
  674. {
  675. $main->rmdirr($thumbdir);
  676. }
  677. if(is_dir($smalldir))
  678. {
  679. $main->rmdirr($smalldir);
  680. }
  681. if(is_dir($uploaddir))
  682. {
  683. $main->rmdirr($uploaddir);
  684. }
  685. }
  686. if ( $_FILES['img']['size'] != "0")
  687. {
  688. $filename=$main->uploadfile( $_FILES['img'] , "user", $newid );
  689. }
  690. }
  691. if ( "$newpwd1" != "" )
  692. {
  693. $main->saveuser( $newid, $newrole, $nr,$usetheme, $newname, $newemail,$newdata, md5($newpwd1), $filename, $newlang, $homepage );
  694. }
  695. else
  696. {
  697. $main->saveuser( $newid, $newrole, $nr,$usetheme, $newname, $newemail,$newdata, "", $filename, $newlang, $homepage );
  698. }
  699. if ( $userid == $newid )
  700. {
  701. $_SESSION['lang']=$newlang;
  702. $_SESSION['nr']=$nr;
  703. $_SESSION['name']=$newname;
  704. $_SESSION['email']=$newemail;
  705. include_once( "lang/en.php" );
  706. $text=$main->clean_array( $text, false, true );
  707. $main->settext($text);
  708. }
  709. }
  710. $page="start";if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage']) ){$page=$_SESSION['lastpage'];}
  711. }
  712. //}}}
  713. //{{{ Remove user
  714. if ( "$page" == "rmuser" and "$role" >= "3" )
  715. {
  716. $id="";if ( $_REQUEST['id'] != "" ){$id=$_REQUEST['id'];}
  717. $main->rmuser( $id );
  718. $page="start";if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage']) ){$page=$_SESSION['lastpage'];}
  719. if ( $page == "userhome"){$page="start";if ( $initpage == "true"){ $page="init";}}
  720. }
  721. //}}}
  722. //{{{Edit abbr
  723. if ( $page == "editabbr" and $role >= "3" )
  724. {
  725. if (isset($_REQUEST['deleteid']))
  726. {
  727. $main->delabbr($_REQUEST['deleteid']);
  728. }
  729. if (isset($_REQUEST['do']))
  730. {
  731. if ($_REQUEST['do'] == "save")
  732. {
  733. $main->saveabbr($_REQUEST['id'], $_REQUEST['type'], $_REQUEST['word'] , $_REQUEST['title'], $_REQUEST['abbrdata']);
  734. }
  735. elseif ($_REQUEST['do'] == "add")
  736. {
  737. $main->addabbr( $_REQUEST['type'], $_REQUEST['word'] , $_REQUEST['title'], $_REQUEST['abbrdata'] );
  738. }
  739. }
  740. }
  741. //}}}
  742. //{{{ Delete user
  743. if ( "$page" == "deluser" and "$role" >= "4" )
  744. {
  745. $id="";if ( $_REQUEST['id'] != "" ){$id=$_REQUEST['id'];}
  746. $main->deluser( $id );
  747. $page="start";if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage']) ){$page=$_SESSION['lastpage'];}
  748. if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
  749. if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
  750. if ( $page == "userhome" or $page == "myhome" ){$page="start";if ( $initpage == "true"){ $page="init";}}
  751. }
  752. //}}}
  753. //{{{end of request id limit
  754. }
  755. }
  756. //}}}
  757. //{{{ Update request id
  758. $requestid=rand(1000, 9999);
  759. $_SESSION['reqid']=$requestid;
  760. //}}}
  761. //{{{ HTML header
  762. /*print "<?xml version=\"1.0\" encoding=\"ISO-8859-15\"?>\n";*/
  763. print "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\n\n";
  764. //print "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n";
  765. print "<html xmlns=\"http://www.w3.org/1999/xhtml\">\n<head>\n<title>$sitetitle</title>\n<meta http-equiv='Content-Type' content='text/html; charset=ISO-8859-15' />\n";
  766. if ( $page == "changetheme" and $allowusertheme == "true")
  767. {
  768. $_SESSION['theme']=$_REQUEST['theme'];
  769. $page="start";if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage'])){$page=$_SESSION['lastpage'];}
  770. if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
  771. if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
  772. }
  773. if ( isset($_SESSION['theme']))
  774. {
  775. if ($_SESSION['theme'] != "default")
  776. {
  777. $stylesheet="themes/$_SESSION[theme]/site.css";
  778. }
  779. }
  780. print "<link rel='stylesheet' href='$stylesheet' type='text/css'></link>\n";
  781. print "<meta content='$keywords' name='keywords'></meta>\n";
  782. print "<meta content='$description' name='description'></meta>\n";
  783. if ( "$enablerss" == "true" )
  784. {
  785. if ( "$role" != "0" ){print "<link rel='alternate' type='text/xml' title='RSS' href='rss.php?user=$_SESSION[user]&amp;passwd=$_SESSION[passwd]'></link>\n";}
  786. else {print "<link rel='alternate' type='text/xml' title='RSS' href='rss.php'></link>\n";}
  787. }
  788. if ( $enablesplash and ($page=="" or $page=="splash" ))
  789. {
  790. $page2="start";if ( $initpage == "true"){ $page2="init";}
  791. if ($splashtimer!=0)
  792. {
  793. print "<meta http-equiv='refresh' content='$splashtimer;url=?page=$page2' />";
  794. }
  795. }
  796. print "</head>\n";
  797. $bodyclass="gray";
  798. if ( !isset($_REQUEST['textsize']) and isset($_SESSION['textsize']) )
  799. {
  800. $_REQUEST['textsize']=$_SESSION['textsize'];
  801. }
  802. if (isset($_REQUEST['textsize']))
  803. {
  804. if( $_REQUEST['textsize'] == "s" )
  805. {
  806. $bodyclass="graysmall";
  807. }
  808. if( $_REQUEST['textsize'] == "n" )
  809. {
  810. $bodyclass="gray";
  811. }
  812. if( $_REQUEST['textsize'] == "l" )
  813. {
  814. $bodyclass="graylarge";
  815. }
  816. $_SESSION['textsize']=$_REQUEST['textsize'];
  817. }
  818. print "<body class='$bodyclass'>\n";
  819. print "<table class='main' summary='main table'><tr><td class='tls'></td><td class='ts'></td><td class='trs'></td></tr><tr><td class='ls'></td>";
  820. if ($page=="splash"){print "<td valign='middle' align='center'>\n";}else{print "<td valign='top'>\n";}
  821. //}}}
  822. //{{{ splach
  823. if ( $enablesplash and ($page=="" or $page=="splash" ))
  824. {
  825. $page2="start";if ( $initpage == "true"){ $page2="init";}
  826. print "<a href='?page=$page2'><img src='$splashimage' alt='$sitetitle' /></a>";
  827. }
  828. //}}}
  829. //{{{ Top part
  830. //start splash check
  831. if ($page!="splash")
  832. {
  833. print "<table summary='Main table'>\n";
  834. print "<tr><td><img src='$logo' alt='LOGO' width='$logowidth' /></td><td align='right' class='headerbottom'><p>&nbsp;</p>\n";
  835. if ( $enablesearch == 'true' )
  836. {
  837. $searchvalue="";
  838. $search="";if ( isset($_REQUEST['search']) ){$search=$_REQUEST['search'];}
  839. if ( $search == "" and $page == "search" and $_SESSION['lastpage']=="search" and isset($_SESSION['searchstr']) ){$search=$_SESSION['searchstr'];}
  840. if ( $search != "" ){$searchvalue="value='$search'";}
  841. print "<form enctype='multipart/form-data' action='?page=search' method='post'><p><input type='hidden' name='rid' value='$requestid' />";
  842. print "<label for='search'>$text[search]: </label><input name='search' type='text' id='search' alt='search' $searchvalue />&nbsp;";
  843. print "<input type='submit' value='$text[search]' id='searchbuttom' class='button'/>&nbsp;<input type='reset' value='$text[reset]' class='button'/></p></form>";
  844. }
  845. print "</td><td align='right' class='headermiddle'>\n";
  846. print "<table summary='information table'>";
  847. foreach ($siteheader as $headerline)
  848. {
  849. print "<tr><td align='right' class='menusmall'><b>$headerline[1]</b></td>";
  850. print "<td align='left' class='menusmall'>$headerline[2]</td></tr>";
  851. }
  852. print "</table>";
  853. print "</td></tr></table><table summary='Main table'>\n";
  854. //}}}
  855. //{{{ Menu
  856. print "<tr><td valign='top' class='menu'>\n";
  857. if ( $initpage == "true" )
  858. {
  859. print "<a href='?page=init'>$text[home]</a>&nbsp;<br />\n";
  860. }
  861. $menu = $main->getmenu( $role, $userid );
  862. $lastaccess=0;
  863. foreach( $menu->records as $item )
  864. {
  865. $curaccess=$item['access'];
  866. if ( "$lastaccess" != "$curaccess" )
  867. {
  868. print "<br />\n";
  869. }
  870. $lastaccess=$curaccess;
  871. $menuitem="";
  872. if (isset($text[ $item['data'] ])){$menuitem=str_replace(" ","&nbsp;",$text[ $item['data'] ]);}
  873. if ($menuitem == ""){$menuitem=$item['data'];}
  874. print "<a href='?page=$item[data]'>$menuitem</a>&nbsp;<br />\n";
  875. }
  876. $newslinks=$main->getmenunewslist($role);
  877. if ($newslinks->rows != "0" )
  878. {
  879. print "<br />\n";
  880. foreach( $newslinks->records as $item )
  881. {
  882. $menuitem=str_replace(" ","&nbsp;",$item['headline']);
  883. print "<a href='?page=viewnews&amp;id=$item[id]'>$menuitem</a>&nbsp;<br />\n";
  884. }
  885. }
  886. $category = $main->getCategories($role);
  887. if ($category->rows != "0" )
  888. {
  889. print "<br />$text[category]<br />\n";
  890. foreach( $category->records as $item )
  891. {
  892. $menuitem=str_replace(" ","&nbsp;",$item['name']);
  893. //if ( isset($text[$item['name']])){$menuitem=str_replace(" ","&nbsp;",$text[$item['name']]);}
  894. print "<a href='?page=newscat&amp;catid=$item[id]'>$menuitem</a>&nbsp;<br />\n";
  895. }
  896. }
  897. if ( $enablerss == "true" and "$userid" != "0" )
  898. {
  899. print "<br /><a href='rss.php?user=$_SESSION[user]&amp;passwd=$_SESSION[passwd]'><img src='images/rss.gif' alt='$text[rss]'/></a>&nbsp;<br />\n";
  900. print "<a href='atom.php?user=$_SESSION[user]&amp;passwd=$_SESSION[passwd]'><img src='images/atom.gif' alt='$text[atom]'/></a>&nbsp;<br />\n";
  901. }
  902. elseif ( $enablerss == "true" )
  903. {
  904. print "<br /><a href='rss.php'><img src='images/rss.gif' alt='$text[rss]'/></a>&nbsp;<br />\n";
  905. print "<a href='atom.php'><img src='images/atom.gif' alt='$text[atom]'/></a>&nbsp;<br />\n";
  906. }
  907. if ( $allowusertheme == "true" and "$userid" == "0")
  908. {
  909. print "<br /><form action='?'><p><select onchange=\"location=this.options[this.selectedIndex].value;\">\n";
  910. $d=dir("themes");
  911. $curtheme="";
  912. if ( isset($_SESSION['theme']))
  913. {
  914. $curtheme=$_SESSION['theme'];
  915. }
  916. print "<option value='?page=changetheme&amp;theme=default'>$text[default]</option>\n";
  917. while($entry = $d->read())
  918. {
  919. $entry=str_replace(".php","" ,$entry);
  920. if( is_dir("themes/$entry") and $entry != "." and $entry != ".." and is_file("themes/$entry/site.css"))
  921. {
  922. $selected="";
  923. if ($entry == $curtheme ){$selected="selected=selected";}
  924. print "<option value='?page=changetheme&amp;theme=$entry' $selected>$entry</option>\n";
  925. }
  926. }
  927. print "</select></p></form>\n";
  928. }
  929. else
  930. {
  931. print "<br />\n";
  932. }
  933. $textsizeurl="";
  934. if(isset($_REQUEST['nr'])){$textsizeurl.="&amp;nr=$_REQUEST[nr]";}
  935. if(isset($_REQUEST['start'])){$textsizeurl.="&amp;start=$_REQUEST[start]";}
  936. if(isset($_REQUEST['id'])){$textsizeurl.="&amp;id=$_REQUEST[id]";}
  937. print "<a href='?page=$page&amp;textsize=s&amp;rid=$requestid$textsizeurl' class='small' rel='nofollow'>A</a>";
  938. print "<a href='?page=$page&amp;textsize=n&amp;rid=$requestid$textsizeurl' class='normal' rel='nofollow'>A</a>";
  939. print "<a href='?page=$page&amp;textsize=l&amp;rid=$requestid$textsizeurl' class='large' rel='nofollow'>A</a>";
  940. print "<br />\n";
  941. if ( "$userid" == "0" and $showlogin == "true")
  942. {
  943. print "<br /><hr /><form action='?page=login' method='post'><p><input type='hidden' name='rid' value='$requestid' />\n";
  944. print "<label for='user'>$text[user]</label><br /><input type='text' alt='user' id='user' name='user' size='10'/><br />\n";
  945. print "<label for='passwd'>$text[passwd]</label><br /><input type='password' alt='password' id='passwd' name='passwd' size='10'/><br />\n";
  946. print "<input type='submit' value='$text[login]' id='login' class='button' /><br />\n";
  947. if ( $allowregister == "true" )
  948. {
  949. print "<a href='?page=newuser' rel='nofollow'>$text[register]</a>&nbsp;\n";
  950. }
  951. print "</p></form><a href='?page=pwdrec&amp;rid=$requestid' rel='nofollow'>".str_replace(" ","&nbsp;",$text['pwdrecovery'])."</a><hr />\n";
  952. }
  953. elseif ( "$userid" != "0")
  954. {
  955. print "<br /><hr />$text[logedinas]<br /><a href='?page=myhome&amp;rid=$requestid'>$_SESSION[name]</a>&nbsp;\n";
  956. print "<br />".$text["access$role"]."\n";
  957. print "<br /><a href='?page=logout&amp;rid=$requestid'>$text[logout]</a>&nbsp;<hr />\n";
  958. }
  959. if ( $cookieinfo == "true" )
  960. {
  961. print "<br /><a href='?page=cookie'>".str_replace(" ","&nbsp;",$text['cookieheader'])."</a><br /><br />";
  962. }
  963. print "</td><td valign='top' colspan='2' rowspan='2'>\n";
  964. //if ( isset($_SESSION['nr'])){$_SESSION['lastnr']=$_SESSION['nr'];}
  965. //elseif( $page != "editnews" and $page != "savenews" ){$_SESSION['lastnr']="";}
  966. if ( isset($_REQUEST['start'])){$_SESSION['laststart']=$_REQUEST['start'];}
  967. elseif( $page != "editnews" and $page != "savenews" ){$_SESSION['laststart']="";}
  968. //End splash shech
  969. }
  970. //}}}
  971. //{{{ Init page
  972. if ("$page" == "init" or ("$page" == "" and $initpage == "true" ) )
  973. {
  974. $_SESSION['lastpage']=$page;
  975. $news = $main->getinitnews($role);
  976. $main->incresenewsviews($news->records['0']['id']);
  977. $main->printnews( $news,1,$role,$userid,"-1","-1",$page,"" );
  978. }
  979. //}}}
  980. //{{{Start page
  981. if ( "$page" == "start" or ("$page" == "" and $initpage != "true" ) )
  982. {
  983. $_SESSION['lastpage']=$page;
  984. $start="0";if ( isset($_REQUEST['start']) ){$start=$_REQUEST['start'];}
  985. $news = $main->getnews( $role , 1 , $start , $nr);
  986. $nrofnews = $main->getnrnews( $role, 1);
  987. $nrofnews = $nrofnews->records[0]['nr'];
  988. $main->printnews( $news,$nrofnews,$role,$userid,$start,$nr,$page,"" );
  989. }
  990. //}}}
  991. //{{{Search page
  992. if ( "$page" == "search" )
  993. {
  994. $_SESSION['lastpage']=$page;
  995. $start="0";if ( isset($_REQUEST['start']) ){$start=$_REQUEST['start'];}
  996. $search="";if ( isset($_REQUEST['search']) ){$search=$_REQUEST['search'];$_SESSION['searchstr']=$search;}elseif ( isset($_SESSION['searchstr']) ){$search=$_SESSION['searchstr'];}
  997. $news = $main->search( $search, $role , $start , $nr);
  998. $nrofnews = $main->searchnr( $search, $role );
  999. $nrofnews = $nrofnews->records[0]['nr'];
  1000. $main->printnews( $news,$nrofnews,$role,$userid,$start,$nr,$page,"" );
  1001. }
  1002. //}}}
  1003. //{{{ Toplist page
  1004. if ( "$page" == "top" )
  1005. {
  1006. $_SESSION['lastpage']=$page;
  1007. $start="0";if ( isset($_REQUEST['start']) ){$start=$_REQUEST['start'];}
  1008. $news = $main->gettopnews( $role , $start , $nr);
  1009. $nrofnews = $main->getnrtopnews( $role);
  1010. $nrofnews = $nrofnews->records[0]['nr'];
  1011. $main->printnews( $news,$nrofnews,$role,$userid,$start,$nr,$page,"" );
  1012. }
  1013. //}}}
  1014. //{{{ Toplist view page
  1015. if ( "$page" == "topview" )
  1016. {
  1017. $_SESSION['lastpage']=$page;
  1018. $start="0";if ( isset($_REQUEST['start']) ){$start=$_REQUEST['start'];}
  1019. $news = $main->gettopviewnews( $role , $start , $nr);
  1020. $nrofnews = $main->getnrtopnews( $role);
  1021. $nrofnews = $nrofnews->records[0]['nr'];
  1022. $main->printnews( $news,$nrofnews,$role,$userid,$start,$nr,$page,"" );
  1023. }
  1024. //}}}
  1025. //{{{Top comments page
  1026. if ( "$page" == "topcomment" )
  1027. {
  1028. $_SESSION['lastpage']=$page;
  1029. $start="0";if ( isset($_REQUEST['start']) ){$start=$_REQUEST['start'];}
  1030. $news = $main->gettopcommentnews( $role, $start, $nr);
  1031. $nrofnews = $main->getnrtopnews( $role);
  1032. $nrofnews = $nrofnews->records[0]['nr'];
  1033. $main->printnews( $news,$nrofnews,$role,$userid,$start,$nr,$page,"" );
  1034. }
  1035. //}}}
  1036. //{{{ Category page
  1037. if ( "$page" == "newscat" )
  1038. {
  1039. $_SESSION['lastpage']=$page;
  1040. $start="0";if ( isset($_REQUEST['start']) ){$start=$_REQUEST['start'];}
  1041. $cat="1";if ( isset($_REQUEST['catid']) ){$cat=$_REQUEST['catid'];}elseif ( isset($_SESSION['catid']) ){$cat=$_SESSION['catid'];}
  1042. $_SESSION['catid']=$cat;
  1043. $news = $main->getcatnews( $role, $start , $nr, $cat);
  1044. $nrofnews = $main->getcatnrnews( $role, $cat);
  1045. $nrofnews = $nrofnews->records[0]['nr'];
  1046. $main->printnews( $news,$nrofnews,$role,$userid,$start,$nr,$page,"" );
  1047. }
  1048. //}}}
  1049. //{{{ Guestbook
  1050. if ( "$page" == "guestbook" )
  1051. {
  1052. $_SESSION['lastpage']=$page;
  1053. $cstart=0;if ( isset($_REQUEST['cstart']) ){$cstart=$_REQUEST['cstart'];}
  1054. $cnr=$nr;if ( isset($_REQUEST['cnr']) ){$cnr=$_REQUEST['cnr'];}
  1055. $main->printcomments( "0", $role,$userid,$cstart,$cnr,$page,-1);
  1056. $_SESSION['lastid']="0";
  1057. }
  1058. //}}}
  1059. //{{{ Removed comments
  1060. if ( "$page" == "removedcomments" and $role >= 3)
  1061. {
  1062. $_SESSION['lastpage']=$page;
  1063. $cstart=0;if ( isset($_REQUEST['cstart']) ){$cstart=$_REQUEST['cstart'];}
  1064. $cnr=$nr;if ( isset($_REQUEST['cnr']) ){$cnr=$_REQUEST['cnr'];}
  1065. $main->printcomments( "-1", $role,$userid,$cstart,$cnr,$page,-1);
  1066. $_SESSION['lastid']="-1";
  1067. }
  1068. //}}}
  1069. //{{{ Edit comment
  1070. if ( $page == "editcomment" and $role >= 1)
  1071. {
  1072. print "<script type='text/javascript'>
  1073. function validate(form)
  1074. {
  1075. error=\"\";
  1076. if ( form.header.value == \"\" )
  1077. {
  1078. error=\"".str_replace(":",","," ".$main->edit_array( $text['header'])." ")."\";
  1079. }
  1080. if ( form.data.value == \"\" )
  1081. {
  1082. error=error+\"".str_replace(":",""," ".$main->edit_array( $text['comment'])." ")."\";
  1083. }
  1084. if (error != '' )
  1085. {
  1086. error=error.replace(\":\", \",\");
  1087. alert('".$main->edit_array( $text['missingfields'])."'+' '+error);
  1088. return;
  1089. }
  1090. else
  1091. {
  1092. form.submit();
  1093. }
  1094. }
  1095. </script>";
  1096. $id="";if ( isset($_REQUEST['id']) ){$id=$_REQUEST['id'];}
  1097. $comment=$main->edit_array($main->getcomment( $userid, $role, $id ));
  1098. print "<form enctype='multipart/form-data' action='?page=savecomment' method='post'><p><input type='hidden' name='rid' value='$requestid' /></p>\n";
  1099. print "<table summary='$text[editcomment]'><tr><td colspan='2'><hr></td></tr>\n";
  1100. if ( $comment['records']['0']['role'] == 0 )
  1101. {
  1102. print "<tr><td>$text[name]</td><td><input name='name' type='text' id='name' value='" . $comment['records']['0']['anonname'] . "'/></td></tr>\n";
  1103. print "<tr><td>$text[email]</td><td><input name='email' type='text' id='email' value='" . $comment['records']['0']['anonemail'] . "'/></td></tr>\n";
  1104. print "<tr><td>$text[homepageheader]</td><td><input name='homepage' type='text' id='email' value='" . $comment['records']['0']['anonhomepage'] . "'/></td></tr>\n";
  1105. }
  1106. print "<tr><td>$text[header]</td><td><input name='header' type='text' id='header' value='" . $comment['records']['0']['headline'] . "'/></td></tr>\n";
  1107. print "<tr><td colspan='2'>$text[comment]</td></tr>\n";
  1108. print "<tr><td colspan='2'><input type='hidden' name='id' value='" . $comment['records']['0']['id'] . "'><textarea name='data' rows='5' cols='60'>" . $comment['records']['0']['data'] . "</textarea></td></tr>\n";
  1109. print "<tr><td colspan='2'><input type='button' value='$text[savecomment]' id='savecomment' onclick=\"validate(this.form)\" class='button'/> <input type='reset' value='$text[reset]' class='button' /></td></tr>\n";
  1110. print "</table></form>\n";
  1111. print "$bbcode";
  1112. }
  1113. //}}}
  1114. //{{{ Remnews
  1115. if ( "$page" == "remnews" and "$role" >= "3" )
  1116. {
  1117. $_SESSION['lastpage']=$page;
  1118. $start="0";if ( isset($_REQUEST['start'])){$start=$_REQUEST['start'];}
  1119. $news = $main->getnews( 4 , 8 , $start , $nr);
  1120. $nrofnews = $main->getnrnews( 4, 8);
  1121. $nrofnews = $nrofnews->records[0]['nr'];
  1122. $main->printnews( $news,$nrofnews,$role,$userid,$start,$nr,$page,"" );
  1123. }
  1124. //}}}
  1125. //{{{ Downloads
  1126. if ( $page == "downloads")
  1127. {
  1128. print "<span class=\"headline\"><b>$text[downloads]</b></span><br />";
  1129. $dir="/";if( isset($_REQUEST['dir'])){$dir=$_REQUEST['dir'];}
  1130. if ( !isset($_REQUEST['do']) )
  1131. {
  1132. $_REQUEST['do']="";
  1133. }
  1134. if ( $role >= 3 or $role >= $uploadfileaccess )
  1135. {
  1136. if($_REQUEST['do'] == "upload" and isset($_FILES['file']['name']))
  1137. {
  1138. $filename=str_replace(" ","_",basename($_FILES['file']['name']));
  1139. $filename=str_replace("?","a",$filename);
  1140. $filename=str_replace("ä","a",$filename);
  1141. $filename=str_replace("ö","o",$filename);
  1142. $filename=str_replace("?","A",$filename);
  1143. $filename=str_replace("Ä","A",$filename);
  1144. $filename=str_replace("Ö","O",$filename);
  1145. $filename=str_replace("(","_",$filename);
  1146. $filename=str_replace(")","_",$filename);
  1147. $filename=ereg_replace("[^a-z,A-Z,0-9,_,.]","_",$filename);
  1148. $fname=$_REQUEST['fname'];
  1149. $access=$_REQUEST['access'];
  1150. $dir=$_REQUEST['dir'];
  1151. $subdir=$_REQUEST['subdir'];
  1152. $parrentdir=$_REQUEST['parentdir'];
  1153. if ( $subdir != "" )
  1154. {
  1155. $parrentdir=$dir;
  1156. $dir=$subdir;
  1157. }
  1158. $type=$_FILES['file']['type'];
  1159. $owner=$userid;
  1160. $size=$_FILES['file']['size'];
  1161. $newid=$main->addfile($filename,$fname,$access,$dir,$parrentdir,$type,$owner,$size);
  1162. if ( ! $main->uploadanyfile($_FILES['file'],"$filepath/$newid/"))
  1163. {
  1164. $main->deletefile($newid);
  1165. }
  1166. }

Large files files are truncated, but you can click here to view the full file