PageRenderTime 108ms CodeModel.GetById 16ms app.highlight 76ms RepoModel.GetById 1ms app.codeStats 1ms

/test/subjects/benchmarks/webapps/tigerPhpNewsSystem_1.0_beta_build39/index.php

http://phc.googlecode.com/
PHP | 2777 lines | 2491 code | 105 blank | 181 comment | 861 complexity | f061bf620ef88c20976540361c106b8d MD5 | raw file

Large files files are truncated, but you can click here to view the full file

   1<?
   2/*
   3 * This software is part of the Tiger php news system
   4 * http://tpns.sourceforge.net
   5 * 
   6 * This software comes with ABSOLUTELY NO WARRANTY. For details, see
   7 * the enclosed file COPYING for license information (GPL). If you
   8 * did not receive this file, see http://www.gnu.org/licenses/gpl.txt.
   9 * 
  10 */
  11
  12//{{{ PHP start
  13#start timer:
  14$stimer = explode( ' ', microtime() );
  15$stimer = $stimer[1] + $stimer[0];
  16
  17$isbot=false;
  18if ( preg_match("/bot|spider|crawl|seek|search|slurp|checker|meta|validator/is",$_SERVER['HTTP_USER_AGENT'] ) )
  19{
  20    $isbot=true;
  21}
  22
  23header("Content-Type: text/html; charset=ISO-8859-15");
  24require_once( 'Main.php' );
  25include( 'config.php' );
  26require_once( 'sessions.php' );
  27$confnr=$nr;
  28
  29$main = new Main();
  30#if ($usedbsessions)
  31#{
  32#    $session = new session();
  33#    $session->setMain($main);
  34#    session_set_save_handler(array(&$session,"open"), array(&$session,"close"), array(&$session,"read"), array(&$session,"write"), array(&$session,"destroy"), array(&$session,"gc")); 
  35#}
  36session_start();
  37//{{{ LOG ANON COMMENTS
  38if (isset($_REQUEST['page']) and $logannoncomment)
  39{
  40    if ( !isset($_SESSION['role'])){$_SESSION['role']="0";}
  41    if ($_SESSION['role'] == "0" and $_REQUEST['page'] == "addnewscomment")
  42    {
  43        //open the file and append the contents
  44        $fp = fopen($annoncommentlogfile, "a+");
  45
  46        // Write the request to the file
  47        fwrite($fp, "\n\nREMOTE_ADDR=".$_SERVER['REMOTE_ADDR']);
  48        fwrite($fp, "\nHTTP_HOST=".$_SERVER['HTTP_HOST']);
  49        fwrite($fp, "\nHTTP_USER_AGENT=".$_SERVER['HTTP_USER_AGENT']);
  50        fwrite($fp, "\nHTTP_ACCEPT=".$_SERVER['HTTP_ACCEPT']);
  51        fwrite($fp, "\nHTTP_ACCEPT_LANGUAGE=".$_SERVER['HTTP_ACCEPT_LANGUAGE']);
  52        fwrite($fp, "\nHTTP_ACCEPT_ENCODING=".$_SERVER['HTTP_ACCEPT_ENCODING']);
  53        fwrite($fp, "\nHTTP_ACCEPT_CHARSET=".$_SERVER['HTTP_ACCEPT_CHARSET']);
  54        foreach ($_GET as $key => $val) {fwrite($fp, "\n_GET: ".$key."=".$val);}
  55        foreach ($_POST as $key => $val) {fwrite($fp, "\n_POST: ".$key."=".$val);}
  56        foreach ($_SESSION as $key => $val) {fwrite($fp, "\n_SESSION: ".$key."=".$val);}
  57        foreach ($_COOKIE as $key => $val) { fwrite($fp, "\n_COOKIE: ".$key."=".$val);
  58			}
  59        fwrite($fp, "\n");
  60        // Close the file
  61        fclose($fp);
  62    }
  63}
  64//}}}
  65$havecookie=false;
  66if ( isset($_COOKIE['PHPSESSID']) and isset($_SESSION['reqid']) )
  67{
  68    $havecookie=true;
  69}
  70
  71$main->isbot=$isbot;
  72$main->havecookie=$havecookie;
  73$upload_max_filesize = ini_get('upload_max_filesize');
  74$form_upload_max_filesize = preg_replace('/M/', '000000', $upload_max_filesize);
  75$text_upload_max_filesize = preg_replace('/M/', ' Megabyte(s)', $upload_max_filesize);
  76
  77//$main->Main();
  78$_REQUEST = $main->clean_array( $_REQUEST, true );
  79$_SERVER = $main->clean_array( $_SERVER, false, false );
  80if ( isset($_SESSION['nr']) ){$nr=$_SESSION['nr'];}
  81if ( isset($_REQUEST['nr']) ){$nr=$_REQUEST['nr'];}
  82$count=0;
  83$plugins=array();
  84//Variables
  85$page="start";if ( $initpage == "true"){ $page="init";}if ($enablesplash){ $page="splash";}if ( isset($_REQUEST['page']) ){$page=$_REQUEST['page'];}
  86$bbcode="
  87<script type=\"text/javascript\">
  88//<!--
  89function showBBcodehelp()
  90{
  91        var bbcodetext = document.getElementById('bbcodehelp');
  92        var bbon = document.getElementById('bbon');
  93        bbcodetext.style.display = \"block\";
  94        bbon.style.display = \"none\";
  95}
  96function hideBBcodehelp()
  97{
  98        var bbcodetext = document.getElementById('bbcodehelp');
  99        var bbon = document.getElementById('bbon');
 100        bbcodetext.style.display = \"none\";
 101        bbon.style.display = \"block\";
 102}
 103//-->
 104</script>
 105<input type='button' value='bbcode' id='bbon' onclick=\"showBBcodehelp()\"  class='button'/>
 106<div id='bbcodehelp' style='display:none'>
 107<input type='button' value='bbcode' id='bboff' onclick=\"hideBBcodehelp()\"  class='button'/>
 108<p><small>[b]<b>B</b>[/b] [i]<i>i</i>[/i] [u]<span class='uline'>u</span>[/u] [s]<span class=\"small\">s</span>[/s] [sm]<small>small</small>[/sm] [big]<big>big</big>[/big] [strike]<span class='strike'>strike</span>[/strike]<br />
 109[color=#f00]<span style=\"color: #f00;\">#f00</span>[/color] [color=#f00000]<span style=\"color: #f00000;\">#f00000</span>[/color] [color=red]<span style=\"color: red;\">red</span>[/color]<br />
 110[table]<br />[tr][th][/th][/tr]<br />[tr][td][/td][/tr]<br />[/table]<br />
 111[list][list=1][list=a]<br />
 112[*] <br />
 113[/list]<br />
 114[bq]<br />
 115blockquote<br />
 116[/bq]<br />
 117[url=http://url]name[/url]<br />
 118[url=mailto:address]name[/url]<br />
 119[news=#]name[/news]<br />
 120[page=page]name[/page]<br />
 121[cat=#]name[/cat]<br />
 122</small></p></div>";
 123if ( $enablebbcode != "true" )
 124{
 125    $bbcode="";
 126}
 127$main->setBBcode($bbcode);
 128if (!isset($_SESSION['imgkey'])){$_SESSION['imgkey']=rand(1000, 9999);}
 129if (!isset($_REQUEST['imgkey'])){$_REQUEST['imgkey']=0;}
 130if (!isset($_SESSION['anonemail'])){$_SESSION['anonemail']="";}
 131if (!isset($_SESSION['anonname'])){$_SESSION['anonname']="";}
 132if (!isset($_SESSION['anonhomepage'])){$_SESSION['anonhomepage']="";}
 133$oldrequestid=rand(1000, 9999);if ( isset($_REQUEST['rid'])){$oldrequestid=$_REQUEST['rid'];}else{$_REQUEST['rid']=$oldrequestid;}
 134$requestid=rand(1000, 9999);;if ( isset($_SESSION['reqid']) ){$requestid=$_SESSION['reqid'];} 
 135//}}}
 136// {{{ Counter
 137if ( $enablecounter == "true"  )
 138{
 139    // Open the file for reading
 140    $fp = fopen("counterlog.txt", "r");
 141
 142    // Get the existing count
 143    $count = fread($fp, 1024);
 144
 145    // Close the file
 146    fclose($fp);
 147    if ($main->isPublicIp($_SERVER['REMOTE_ADDR']))
 148    {
 149        if ( !isset($_SESSION['counted']) and !$isbot and $havecookie )
 150        {
 151            $count=$count + 1;
 152
 153            // Reopen the file and erase the contents
 154            $fp = fopen("counterlog.txt", "w");
 155
 156            // Write the new count to the file
 157            fwrite($fp, $count);
 158
 159            // Close the file
 160            fclose($fp);
 161            $_SESSION['counted'] = "1";
 162        }
 163    }
 164}
 165//}}} Counter
 166//{{{ Check referer
 167if ( isset($_SERVER['HTTP_REFERER']) )
 168{
 169    if (! preg_match ("/http:\/\/".$_SERVER['HTTP_HOST']."/i", $_SERVER['HTTP_REFERER'])) 
 170    {
 171        $main->addreferer( $_SERVER['HTTP_REFERER']  );
 172    }
 173}
 174///}}}
 175//{{{ browser statistics
 176
 177    if ( !isset($_SESSION['bstat']))
 178    {
 179    $testbrowsercap=ini_get("browscap");
 180    if ( $testbrowsercap != "")
 181    {
 182        if ($main->isPublicIp($_SERVER['REMOTE_ADDR']))
 183        {
 184            $browserinfo = get_browser();
 185            $bstatplatform="";if (isset($browserinfo->platform)){$bstatplatform=$browserinfo->platform;}
 186            $bstatbrowser="";if (isset($browserinfo->browser)){$bstatbrowser=$browserinfo->browser;}
 187            $bstatversion="";if (isset($browserinfo->version)){$bstatversion=$browserinfo->version;}
 188            $bstatcrawler=0;if ("$browserinfo->crawler" == "1" ){$bstatcrawler=$browserinfo->crawler;}
 189            if ("$bstatplatform$bstatbrowser$bstatversion" != "" )
 190            {
 191                $main->updatebrowserstat($bstatplatform,$bstatbrowser,$bstatversion,$bstatcrawler);
 192            }
 193        }
 194
 195    }
 196    $_SESSION['bstat']="loged";
 197    }
 198//}}}
 199
 200//{{{Login
 201if ( $page == "login")
 202{
 203    if (!isset($_SERVER['HTTP_X_FORWARDED_FOR'])){$_SERVER['HTTP_X_FORWARDED_FOR']="";}
 204    if (!isset($_SERVER['HTTP_ACCEPT_CHARSET'])){$_SERVER['HTTP_ACCEPT_CHARSET']="";}
 205    $user="";if ( $_REQUEST['user'] != "" ){$user=$_REQUEST['user'];}
 206    $passwd="";if ( $_REQUEST['passwd'] != "" ){$passwd=$_REQUEST['passwd'];}
 207    $passwd=md5($passwd);
 208    $userdata=$main->login($user, $passwd , true );
 209    if ( isset($userdata->rows) and $userdata->rows == 1 )
 210    {
 211        $userid=$userdata->records[0]['id'];
 212        $role=$userdata->records[0]['role'];
 213        $_SESSION['name']=$userdata->records[0]['name'];
 214        $_SESSION['nr']=$userdata->records[0]['nr'];
 215        $_SESSION['userid']=$userid;
 216        $_SESSION['role']=$role;
 217        $_SESSION['user']=$userdata->records[0]['user'];
 218        $_SESSION['passwd']=$passwd;
 219        $_SESSION['email']=$userdata->records[0]['email'];
 220        $_SESSION['theme']=$userdata->records[0]['theme'];
 221        //$_SESSION['img']=$userdata->records[0]['img'];
 222        //$_SESSION['data']=$userdata->records[0]['data'];
 223        $_SESSION['ip']=$_SERVER['REMOTE_ADDR'];
 224        $_SESSION['agent']="$_SERVER[HTTP_USER_AGENT]$_SERVER[HTTP_X_FORWARDED_FOR]$_SERVER[HTTP_ACCEPT_LANGUAGE]$_SERVER[HTTP_ACCEPT_CHARSET]";
 225        $_SESSION['lang']=$userdata->records[0]['lang'];
 226    }
 227    else
 228    {
 229        print "login failed";
 230    }
 231    $page="start";if ( $initpage == "true"){ $page="init";}if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage']) ){$page=$_SESSION['lastpage'];}
 232}
 233if ( isset($_SESSION['userid']) and $_SESSION['userid'] != 0 )
 234{
 235    if (!isset($_SERVER['HTTP_X_FORWARDED_FOR'])){$_SERVER['HTTP_X_FORWARDED_FOR']="";}
 236    if (!isset($_SERVER['HTTP_ACCEPT_CHARSET'])){$_SERVER['HTTP_ACCEPT_CHARSET']="";}
 237    if ($_SESSION['ip'] == $_SERVER['REMOTE_ADDR'] and $_SESSION['agent'] == "$_SERVER[HTTP_USER_AGENT]$_SERVER[HTTP_X_FORWARDED_FOR]$_SERVER[HTTP_ACCEPT_LANGUAGE]$_SERVER[HTTP_ACCEPT_CHARSET]" )
 238    {
 239
 240        $userid=$_SESSION['userid'];
 241        $role=$_SESSION['role'];
 242    }
 243    else
 244    {
 245        $page="logout";
 246    }
 247}
 248//}}}
 249//{{{ Logout
 250if ( $page == "logout"  )
 251{
 252    $_SESSION['name']="";
 253    $_SESSION['userid']="0";
 254    $_SESSION['role']="0";
 255    $_SESSION['user']="";
 256    $_SESSION['nr']="$confnr";
 257    $_SESSION['passwd']="";
 258    $_SESSION['email']="";
 259    $_SESSION['img']="";
 260    $_SESSION['data']="";
 261    $userid=0;
 262    $role=0;
 263    $page="start";if ( $initpage == "true"){ $page="init";}if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}
 264}
 265//}}}
 266//{{{ Set Lang
 267include_once( "lang/en.php" );
 268
 269$text=$main->clean_array( $text, false, true );
 270$main->settext($text);
 271//}}}
 272
 273
 274if ($usedbsessions){if (!isset($userid)){$userid=0;}$main->run_query("update sessions set user ='$userid', page = '$page', hits = hits + 1  where session_id = '".session_id()."'");}
 275
 276//{{{ Download
 277if ( $page == "dload" )
 278{
 279    $id = $_REQUEST['id'];
 280    $fileinfo=$main->getfileinfo($id);
 281    if ($fileinfo->rows == "1")
 282    {
 283        if ( $fileinfo->records['0']['access'] > $role ){ header("HTTP/1.0 401 Unauthorized",true,401); die("401 Unauthorized");}
 284        $filename = $fileinfo->records['0']['filename'];
 285        $file = "$filepath/$id/$filename"; 
 286        //First, see if the file exists
 287        if (!is_file($file)) { header("HTTP/1.0 404 Not Found",true,404); die("404 File not found!"); }
 288        //Gather relevent info about file
 289        $len = $fileinfo->records['0']['size'];
 290        $ctype = $fileinfo->records['0']['type']; 
 291        //Begin writing headers
 292        header("Pragma: public");
 293        header("Expires: 0");
 294        header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
 295        header("Cache-Control: public");
 296        if ( !isset($_REQUEST['view']))
 297        {
 298            header("Content-Description: File Transfer");
 299            header("Content-Disposition: attachment; filename=$filename;");
 300        }
 301        if ( isset($_REQUEST['view']))
 302        {
 303            if ( $_REQUEST['view'] != "true" )
 304            {
 305                header("Content-Description: File Transfer");
 306                header("Content-Disposition: attachment; filename=$filename;");
 307            } 
 308        }
 309        //Use the switch-generated Content-Type
 310        header("Content-Type: $ctype");
 311
 312        header("Content-Transfer-Encoding: binary");
 313        header("Content-Length: ".$len);
 314        @readfile($file) or die("File not found.");
 315        exit;
 316    }
 317    header("HTTP/1.0 404 Not Found",true,404);
 318    die("404 File not found.");
 319}
 320//}}}
 321
 322//{{{start of request id limit
 323if ( "$oldrequestid" == "$requestid" and $havecookie  and !$isbot )
 324{
 325    //}}}
 326//{{{Password recovery
 327if ( $page == "pwdrec3" )
 328{
 329    if (!isset($_SERVER['HTTP_X_FORWARDED_FOR'])){$_SERVER['HTTP_X_FORWARDED_FOR']="";}
 330    if (!isset($_SERVER['HTTP_ACCEPT_CHARSET'])){$_SERVER['HTTP_ACCEPT_CHARSET']="";}
 331    if ( $_SESSION['pwdid'] == $_REQUEST['pwdinid'])
 332    {
 333        $userdata=$_SESSION['tempuserlogin'];
 334        $userid=$userdata['id'];
 335        $role=$userdata['role'];
 336        $_SESSION['name']=$userdata['name'];
 337        $_SESSION['nr']=$userdata['nr'];
 338        $_SESSION['userid']=$userid;
 339        $_SESSION['role']=$role;
 340        $_SESSION['user']=$userdata['user'];
 341        $_SESSION['passwd']=$userdata['passwd'];
 342        $_SESSION['email']=$userdata['email'];
 343        $_SESSION['theme']=$userdata['theme'];
 344        //$_SESSION['img']=$userdata->records[0]['img'];
 345        //$_SESSION['data']=$userdata->records[0]['data'];
 346        $_SESSION['ip']=$_SERVER['REMOTE_ADDR'];
 347        $_SESSION['agent']="$_SERVER[HTTP_USER_AGENT]$_SERVER[HTTP_X_FORWARDED_FOR]$_SERVER[HTTP_ACCEPT_LANGUAGE]$_SERVER[HTTP_ACCEPT_CHARSET]";
 348        $_SESSION['lang']=$userdata['lang'];
 349        $page="edituser";
 350        $_REQUEST['id']=$userid;
 351    }
 352    else
 353    {
 354        print "login failed";
 355        $page="pwdrec";
 356    }
 357}
 358//}}}
 359//{{{ Vote
 360if ( "$page" == "vote" )
 361{
 362    if ( ! isset($_SESSION['vote'][$_REQUEST['id']]) )
 363    {
 364        $_SESSION['vote'][$_REQUEST['id']]='v';
 365        if ( $_REQUEST['value'] < "6" and $_REQUEST['value'] > "0")
 366        {
 367            $main->vote($_REQUEST['id'],$_REQUEST['value']);
 368        }
 369    }
 370    $page="start";if ( $initpage == "true"){ $page="init";}if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage'])){$page=$_SESSION['lastpage'];}
 371
 372    if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
 373    if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
 374}
 375//}}}
 376//{{{ Start of imgkey sheck
 377if ( $role > 0 or $_SESSION['imgkey'] == $_REQUEST['imgkey'])
 378{
 379//}}}
 380//{{{ Save news
 381if ( "$page" == "savenews"  and "$role" > "0" )
 382{
 383    $addnews="true";
 384    $id="";if ( $_REQUEST['id'] != "" ){$id=$_REQUEST['id'];}
 385    $access="";if ( $_REQUEST['access'] != "" ){$access=$_REQUEST['access'];}else{$addnews="false";}
 386    $headline="";if ( $_REQUEST['header'] != "" ){$headline=$_REQUEST['header'];}else{$addnews="false";}
 387    $order="";if ( $_REQUEST['order'] != "" ){$order=$_REQUEST['order'];}else{$order="1";}
 388    $type="";if ( $_REQUEST['type'] != "" ){$type=$_REQUEST['type'];}else{$type="1";}
 389    $data="";if ( $_REQUEST['news'] != "" ){$data=$_REQUEST['news'];}else{$addnews="false";}
 390    $data2="";if ( $_REQUEST['extnews'] != "" ){$data2=$_REQUEST['extnews'];}
 391    $filename="";if ( isset($_REQUEST['delimg'])){$filename="del";}
 392    $category="1";
 393    if ( $_REQUEST['newcategory'] != "" )
 394    {
 395        $newcat=$main->addCategory($_REQUEST['newcategory']);
 396        if ( isset($newcat->lastid) and $newcat->lastid != 0)
 397        {
 398            $category=$newcat->lastid;
 399        }
 400    }
 401    elseif($_REQUEST['category'] != "" ){$category=$_REQUEST['category'];}
 402    else{$addnews="false";}
 403
 404    if ( "$addnews" == "true" )
 405    {
 406        if    ( $type == "1" ){$page="start";}
 407        elseif( $type == "2" ){$page="newscat";$_REQUEST['catid']=$category;}
 408        elseif( $type == "3" ){$page="viewnews";}
 409        elseif( $type == "4" ){$page="init";$main->removeoldinit($access);}
 410        elseif( $type == "5" ){$page="myhome";$subpage="news";$_REQUEST['id']=$_SESSION['lastuid'];}
 411        elseif( $type == "6" ){$page="myhome";$subpage="private";}
 412        elseif( $type == "7" ){$page="admnews";}
 413        elseif( $type == "8" ){$page="remnews";}
 414        elseif( $type == "9" ){$page="myhome";$_REQUEST['subpage']="hidden";$_REQUEST['id']=$userid;}
 415        else                  {$page="start";}
 416        $_SESSION['lastpage']=$page;
 417        if ( $role >= "2" )
 418        {
 419            if ($filename == "del" or $_FILES['img']['size'] != "0" )
 420            {
 421                $thumbdir="./thumb/news/$id/";
 422                $smalldir="./small/news/$id/";
 423                $uploaddir="./img/news/$id/";
 424                if(is_dir($thumbdir))
 425                {
 426                    $main->rmdirr($thumbdir);
 427                }
 428                if(is_dir($smalldir))
 429                {
 430                    $main->rmdirr($smalldir);
 431                }
 432                if(is_dir($uploaddir))
 433                {
 434                    $main->rmdirr($uploaddir);
 435                }
 436            }
 437            if ($_FILES['img']['size'] != "0")
 438            {
 439                $filename=$main->uploadfile( $_FILES['img'] , "news", $id );
 440            }
 441        }
 442        $result = $main->savenews( $id, $access, $headline, $filename, $data, $data2, $order, $category, $type );
 443    }
 444    if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
 445    if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
 446}
 447//}}}
 448    //{{{ Add news
 449if ( "$page" == "addnews"  and "$role" != "0" )
 450{
 451    $addnews="true";
 452    $img="";
 453    $access="";if ( $_REQUEST['access'] != "" ){$access=$_REQUEST['access'];}else{$addnews="false";}
 454    $owner=$userid;
 455    $headline="";if ( $_REQUEST['header'] != "" ){$headline=$_REQUEST['header'];}else{$addnews="false";}
 456    $order="";if ( $_REQUEST['order'] != "" ){$order=$_REQUEST['order'];}else{$order="1";}
 457    $type="";if ( $_REQUEST['type'] != "" ){$type=$_REQUEST['type'];}else{$type="1";}
 458    $data="";if ( $_REQUEST['news'] != "" ){$data=$_REQUEST['news'];}else{$addnews="false";}
 459    $data2="";if ( $_REQUEST['extnews'] != "" ){$data2=$_REQUEST['extnews'];}
 460    $category="1";
 461    if ( $_REQUEST['newcategory'] != "" ){
 462        $newcat=$main->addCategory($_REQUEST['newcategory']);
 463        if ( isset($newcat->lastid) and $newcat->lastid != 0)
 464        {
 465            $category=$newcat->lastid;
 466        }
 467    }
 468    elseif($_REQUEST['category'] != "" ){$category=$_REQUEST['category'];}
 469    else{$addnews="false";}
 470
 471    if ( "$addnews" == "true" )
 472    {
 473        if    ( $type == "1" ){$page="start";}
 474        elseif( $type == "2" ){$page="newscat";$_REQUEST['catid']=$category;}
 475        elseif( $type == "3" ){$page="viewnews";}
 476        elseif( $type == "4" ){$page="init";$main->removeoldinit($access);}
 477        elseif( $type == "5" ){$page="myhome";$subpage="news";$_REQUEST['id']=$_SESSION['lastuid'];}
 478        elseif( $type == "6" ){$page="myhome";$subpage="private";}
 479        elseif( $type == "7" ){$page="admnews";}
 480        elseif( $type == "8" ){$page="remnews";}
 481        elseif( $type == "9" ){$page="myhome";$_REQUEST['subpage']="hidden";$_REQUEST['id']=$userid;}
 482        else                  {$page="start";}
 483        $_SESSION['lastpage']=$page;
 484        
 485        $filename=str_replace(" ","_",basename($_FILES['img']['name']));
 486        $filename=str_replace("?","a",$filename);
 487        $filename=str_replace("ä","a",$filename);
 488        $filename=str_replace("ö","o",$filename);
 489        $filename=str_replace("?","A",$filename);
 490        $filename=str_replace("Ä","A",$filename);
 491        $filename=str_replace("Ö","O",$filename);
 492        $filename=str_replace("(","_",$filename);
 493        $filename=str_replace(")","_",$filename);
 494        $filename=ereg_replace("[^a-z,A-Z,0-9,_,.]","_",$filename);
 495
 496        $result = $main->addnews( $access, $owner, $headline, $filename, $data, $data2, $order, $category, $type );
 497        if ( $role >= "2" )
 498        {
 499            $filenam=$main->uploadfile( $_FILES['img'], "news", $result->lastid );
 500        }
 501    }
 502}
 503//}}}
 504//{{{ Remove news
 505if ( "$page" == "rmnews" and "$role" > "0" )
 506{
 507    $id="";if ( isset($_REQUEST['id']) ){$id=$_REQUEST['id'];}
 508    $main->rmnews( $id, $role );
 509    if ($_SESSION['lastpage'] == "myhome" ){$_REQUEST['id']=$_SESSION['lastuid'];}
 510    $page="start";if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage']) ){$page=$_SESSION['lastpage'];}
 511    if ( "$page" == "myhome")
 512    {
 513        $_REQUEST['id']=$_SESSION['lastuid'];
 514        $_REQUEST['subpage']=$_SESSION['lastsubpage'];
 515
 516    }
 517    if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
 518    if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
 519}
 520//}}}
 521//{{{ Delete news
 522if ( "$page" == "deletenews" and "$role" >= "3")
 523{
 524    $id="";if ( isset($_REQUEST['id']) ){$id=$_REQUEST['id'];}
 525    $main->delnews( $id, $role );
 526    $page="start";if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage']) ){$page=$_SESSION['lastpage'];}
 527    if ($page=="viewnews"){$page="start";}
 528    if ( "$page" == "myhome")
 529    {
 530        $_REQUEST['id']=$_SESSION['lastuid'];
 531        $_REQUEST['subpage']=$_SESSION['lastsubpage'];
 532
 533    }
 534    if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
 535    if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
 536}
 537//}}}
 538//{{{ Add comment to news
 539if ( "$page" == "addnewscomment" and ( $role >= 1 or $allowanonaddcomment == 'true' or ( $_SESSION['lastid'] == "-1" and $allowanonaddguestbook == "true" ) ) )
 540{
 541    $id="";if ( isset($_SESSION['lastid']) ){$id=$_SESSION['lastid'];}
 542    $headline="";if ( isset($_REQUEST['header']) ){$headline=$_REQUEST['header'];}
 543    $data="";if ( isset($_REQUEST['data']) ){$data=$_REQUEST['data'];}
 544    $anonname="";if ( isset($_REQUEST['name']) ){$anonname=$_REQUEST['name'];}
 545    $_SESSION['anonname']=$anonname;
 546    $anonemail="";if ( isset($_REQUEST['email']) ){$anonemail=$_REQUEST['email'];}
 547    $_SESSION['anonemail']=$anonemail;
 548    $homepage="";if ( isset($_REQUEST['homepage'])){$homepage=$_REQUEST['homepage'];}
 549    $_SESSION['anonhomepage']=preg_replace("#(\<a)(.*?)(\>)(.*?)(\</a\>)#is","$4",$homepage);
 550    if ( $data != "" ){$main->addcomment( $userid, 1, $id, $headline, $data, $anonname, $anonemail,$homepage );}
 551    $page=$_SESSION['lastpage'];
 552    if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
 553    if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
 554}
 555//}}}
 556//{{{Save comment
 557if ( "$page" == "savecomment"  and $role >= 1 )
 558{
 559    $page=$_SESSION['lastpage'];
 560    $id="";if ( isset($_REQUEST['id']) ){$id=$_REQUEST['id'];}
 561    $headline="";if ( isset($_REQUEST['header']) ){$headline=$_REQUEST['header'];}
 562    $data="";if ( isset($_REQUEST['data']) ){$data=$_REQUEST['data'];}
 563    $anonname="";if ( isset($_REQUEST['name']) ){$anonname=$_REQUEST['name'];}
 564    $anonemail="";if ( isset($_REQUEST['email']) ){$anonemail=$_REQUEST['email'];}
 565    $homepage="";if ( isset($_REQUEST['homepage']) ){$homepage=$_REQUEST['homepage'];}
 566    if ( $headline != "" and $data != "" ){$main->savecomment( $userid, $role, $id, $headline, $data, $anonname, $anonemail, $homepage);}
 567    $_REQUEST['id']=$_SESSION['lastid'];
 568    if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
 569    if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
 570}
 571//}}}
 572// {{{ Remove comments
 573if ( "$page" == "rmcomment"  and $role >= 1 )
 574{
 575    $page=$_SESSION['lastpage'];
 576    $id="";if ( isset($_REQUEST['id']) ){$id=$_REQUEST['id'];}
 577    if ( $id != "" )
 578    {
 579        $main->rmcomment( $userid, $role, $id);
 580    }
 581    $_REQUEST['id']=$_SESSION['lastid'];
 582    if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
 583    if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
 584}
 585//}}}
 586// {{{ Delete comment
 587if ( "$page" == "deletecomment" and $role == 4 )
 588{
 589    $page=$_SESSION['lastpage'];
 590    $id="";if ( isset($_REQUEST['id']) ){$id=$_REQUEST['id'];}
 591    if ( $id != "" )
 592    {
 593        $main->deletecomment( $id);
 594    }
 595    $_REQUEST['id']=$_SESSION['lastid'];
 596    if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
 597    if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
 598}
 599//}}}
 600//{{{ Add user
 601if ( "$page" == "adduser" and (("$role" == "0" and $allowregister == "true" ) or "$role" >= "3" ))
 602{
 603    $adduser="true";
 604    $img="";
 605    $newrole="";if ( $_REQUEST['role'] != "" ){$newrole=$_REQUEST['role'];}else{$adduser="false";}
 606    $newname="";if ( $_REQUEST['name'] != "" ){$newname=$_REQUEST['name'];}else{$adduser="false";}
 607    $newuser="";if ( $_REQUEST['nuser'] != "" ){$newuser=$_REQUEST['nuser'];}else{$adduser="false";}
 608    $newemail="";if ( $_REQUEST['email'] != "" ){$newemail=$_REQUEST['email'];}
 609    $newdata="";if ( $_REQUEST['data'] != "" ){$newdata=$_REQUEST['data'];}
 610    $newlang="";if ( $_REQUEST['lang'] != "" ){$newlang=$_REQUEST['lang'];}else{$adduser="false";}
 611    $newpwd1="";if ( $_REQUEST['pwd1'] != "" ){$newpwd1=$_REQUEST['pwd1'];}else{$adduser="false";}
 612    $newpwd2="";if ( $_REQUEST['pwd2'] != "" ){$newpwd2=$_REQUEST['pwd2'];}else{$adduser="false";}
 613    $homepage="";if ( $_REQUEST['homepage'] != "" ){$homepage=$_REQUEST['homepage'];}
 614    $usetheme="default";
 615    if ( $allowusertheme == "true" and $_REQUEST['usetheme'] != "" )
 616    {
 617        $usetheme=$_REQUEST['usetheme'];
 618        if ( !is_file("themes/$usetheme/site.css"))
 619        {
 620            $usetheme="default";
 621        }
 622    }
 623    if( $allowusertheme != "true"){$usetheme="default";}
 624    $nr=$confnr;if ( isset($_REQUEST['nr'])){$nr=$_REQUEST['nr'];}
 625    if ( "$adduser" == "true" and ( "$role" >= "$newrole" or "$newrole" == "1" )and "$newpwd1" == "$newpwd2" )
 626    {
 627        $filename="";
 628        if ( isset($_FILES['img']))
 629        {
 630            $filename=str_replace(" ","_",basename($_FILES['img']['name']));
 631            $filename=str_replace("?","a",$filename);
 632            $filename=str_replace("ä","a",$filename);
 633            $filename=str_replace("ö","o",$filename);
 634            $filename=str_replace("?","A",$filename);
 635            $filename=str_replace("Ä","A",$filename);
 636            $filename=str_replace("Ö","O",$filename);
 637            $filename=str_replace("(","_",$filename);
 638            $filename=str_replace(")","_",$filename);
 639            $filename=ereg_replace("[^a-z,A-Z,0-9,_,.]","_",$filename);
 640        }
 641        $result = $main->adduser( $newrole,$nr,$usetheme,$newname,$newuser,$newemail,$newdata, md5($newpwd1), $filename, $newlang, $homepage  );
 642        $_REQUEST['id']=$result->lastid;
 643        $_REQUEST['nextpage']="myhome";
 644        if ($newusermailtoadmin)
 645        {
 646            $admins=$main->run_query("SELECT email FROM `user` where role=4;");
 647            foreach($admins->records as $adminemails )
 648            {
 649                $main->sendMail( "$adminemails[email]" , $main->decode("$sitetitle: $text[useradded]"), $main->decode("$text[name] $newname\n$text[email] $newemail\n$text[description]\n$newdata") , "$adminemail");
 650            }
 651        }
 652        if ( $role >= "2" and isset($_FILES['img']) )
 653        {
 654            $filename=$main->uploadfile( $_FILES['img'] , "user", $result->lastid  );
 655        }
 656    }
 657    $page="start";if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage']) ){$page=$_SESSION['lastpage'];}
 658    
 659}
 660//}}}
 661//{{{ Save user
 662if ( "$page" == "saveuser" )
 663{
 664    $adduser="true";
 665    $newid="";if ( $_REQUEST['id'] != "" ){$newid=$_REQUEST['id'];}else{$adduser="false";}
 666    $newrole="";if ( $_REQUEST['role'] != "" ){$newrole=$_REQUEST['role'];}else{$adduser="false";}
 667    $newname="";if ( $_REQUEST['name'] != "" ){$newname=$_REQUEST['name'];}else{$adduser="false";}
 668    $newemail="";if ( $_REQUEST['email'] != "" ){$newemail=$_REQUEST['email'];}
 669    $newdata="";if ( $_REQUEST['data'] != "" ){$newdata=$_REQUEST['data'];}
 670    $newlang="";if ( $_REQUEST['lang'] != "" ){$newlang=$_REQUEST['lang'];}else{$adduser="false";}
 671    $newpwd1="";if ( $_REQUEST['pwd1'] != "" ){$newpwd1=$_REQUEST['pwd1'];}
 672    $newpwd2="";if ( $_REQUEST['pwd2'] != "" ){$newpwd2=$_REQUEST['pwd2'];}
 673    $homepage="";if ( $_REQUEST['homepage'] != "" ){$homepage=$_REQUEST['homepage'];}
 674    $filename="";if ( isset($_REQUEST['delimg'])){$filename="del";}
 675    $usetheme="default";
 676    if (  $allowusertheme == "true" and $_REQUEST['usetheme'] != "" )
 677    {
 678        $usetheme=$_REQUEST['usetheme'];
 679        if ( !is_file("themes/$usetheme/site.css"))
 680        {
 681            $usetheme="default";
 682        }
 683        elseif( $newid == $userid )
 684        {
 685            $_SESSION['theme']="$usetheme";
 686        }
 687    }
 688    $nr=$confnr;if ( isset($_REQUEST['nr'])){$nr=$_REQUEST['nr'];}
 689    if ( "$role" <= "2" )
 690    {
 691        $newrole=$role;
 692        $newid=$userid;
 693    }
 694    if ( "$adduser" == "true" and ( "$role" >= "$newrole" or "$newrole" == "1" ) and "$newpwd1" == "$newpwd2"  )
 695    {
 696        if ( $role >= "2" )
 697        {
 698            if ($filename == "del" or $_FILES['img']['size'] != "0" )
 699            {
 700                $thumbdir="./thumb/user/$newid/";
 701                $smalldir="./small/user/$newid/";
 702                $uploaddir="./img/user/$newid/";
 703                if(is_dir($thumbdir))
 704                {
 705                    $main->rmdirr($thumbdir);
 706                }
 707                if(is_dir($smalldir))
 708                {
 709                    $main->rmdirr($smalldir);
 710                }
 711                if(is_dir($uploaddir))
 712                {
 713                    $main->rmdirr($uploaddir);
 714                }
 715            }
 716            if ( $_FILES['img']['size'] != "0")
 717            {
 718                $filename=$main->uploadfile( $_FILES['img'] , "user", $newid );
 719            }
 720        }
 721        if ( "$newpwd1" != "" )
 722        {
 723            $main->saveuser( $newid, $newrole, $nr,$usetheme, $newname, $newemail,$newdata, md5($newpwd1), $filename, $newlang, $homepage  );
 724        }
 725        else
 726        {
 727            $main->saveuser( $newid, $newrole, $nr,$usetheme, $newname, $newemail,$newdata, "", $filename, $newlang, $homepage  );
 728        }
 729        if ( $userid == $newid )
 730        {
 731            $_SESSION['lang']=$newlang;
 732            $_SESSION['nr']=$nr;
 733            $_SESSION['name']=$newname;
 734            $_SESSION['email']=$newemail;
 735            include_once( "lang/en.php" );
 736            $text=$main->clean_array( $text, false, true );
 737            $main->settext($text);
 738        }
 739    }
 740    $page="start";if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage']) ){$page=$_SESSION['lastpage'];}
 741}
 742//}}}
 743//{{{ Remove user
 744if ( "$page" == "rmuser" and "$role" >= "3"  )
 745{
 746    $id="";if ( $_REQUEST['id'] != "" ){$id=$_REQUEST['id'];}
 747    $main->rmuser( $id );
 748    $page="start";if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage']) ){$page=$_SESSION['lastpage'];}
 749    if ( $page == "userhome"){$page="start";if ( $initpage == "true"){ $page="init";}}
 750}
 751//}}}
 752//{{{Edit abbr
 753if ( $page == "editabbr" and $role >= "3"  )
 754{
 755    if (isset($_REQUEST['deleteid']))
 756    {
 757        $main->delabbr($_REQUEST['deleteid']);
 758    }
 759    if (isset($_REQUEST['do']))
 760    {
 761        if ($_REQUEST['do'] == "save")
 762        {
 763            $main->saveabbr($_REQUEST['id'], $_REQUEST['type'], $_REQUEST['word'] , $_REQUEST['title'], $_REQUEST['abbrdata']);
 764        }
 765        elseif ($_REQUEST['do'] == "add")
 766        {
 767            $main->addabbr( $_REQUEST['type'], $_REQUEST['word'] , $_REQUEST['title'], $_REQUEST['abbrdata'] );
 768        }
 769    }
 770}
 771//}}}
 772//{{{ Delete user
 773if ( "$page" == "deluser" and "$role" >= "4" )
 774{
 775    $id="";if ( $_REQUEST['id'] != "" ){$id=$_REQUEST['id'];}
 776    $main->deluser( $id );
 777    $page="start";if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage']) ){$page=$_SESSION['lastpage'];}
 778    if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
 779    if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
 780    if ( $page == "userhome" or $page == "myhome" ){$page="start";if ( $initpage == "true"){ $page="init";}}
 781}
 782//}}}
 783//{{{end of request id limit
 784}
 785}
 786//}}}
 787//{{{ Update request id
 788$requestid=rand(1000, 9999);
 789$_SESSION['reqid']=$requestid;
 790
 791//}}}
 792
 793//{{{ HTML header
 794/*print "<?xml version=\"1.0\" encoding=\"ISO-8859-15\"?>\n";*/
 795print "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\n\n";
 796//print "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n   \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n";
 797print "<html  xmlns=\"http://www.w3.org/1999/xhtml\">\n<head>\n<title>$sitetitle</title>\n<meta http-equiv='Content-Type' content='text/html; charset=ISO-8859-15' />\n";
 798if ( $page == "changetheme" and $allowusertheme == "true")
 799{
 800    $_SESSION['theme']=$_REQUEST['theme'];
 801    $page="start";if ( isset($_REQUEST['nextpage']) ){$page=$_REQUEST['nextpage'];}elseif(isset($_SESSION['lastpage'])){$page=$_SESSION['lastpage'];}
 802    if ( isset($_SESSION['lastnr']) and $_SESSION['lastnr'] != "" ){$_REQUEST['nr']=$_SESSION['lastnr'];}
 803    if ( isset($_SESSION['laststart']) and $_SESSION['laststart'] != "" ){$_REQUEST['start']=$_SESSION['laststart'];}
 804}
 805
 806if ( isset($_SESSION['theme']))
 807{
 808    if ($_SESSION['theme'] != "default")
 809    {
 810        $stylesheet="themes/$_SESSION[theme]/site.css";
 811    }
 812}
 813print "<link rel='stylesheet' href='$stylesheet' type='text/css'></link>\n";
 814print "<meta content='$keywords' name='keywords'></meta>\n";
 815print "<meta content='$description' name='description'></meta>\n";
 816if ( "$enablerss" == "true" )
 817{
 818    if ( "$role" != "0" ){print "<link rel='alternate' type='text/xml' title='RSS' href='rss.php?user=$_SESSION[user]&amp;passwd=$_SESSION[passwd]'></link>\n";}
 819    else {print "<link rel='alternate' type='text/xml' title='RSS' href='rss.php'></link>\n";}
 820}
 821if ( $enablesplash and ($page=="" or $page=="splash" ))
 822{
 823    $page2="start";if ( $initpage == "true"){ $page2="init";}
 824    if ($splashtimer!=0)
 825    {
 826        print "<meta http-equiv='refresh' content='$splashtimer;url=?page=$page2' />";
 827    }
 828}
 829    
 830print "</head>\n";
 831$bodyclass="gray";
 832if ( !isset($_REQUEST['textsize']) and isset($_SESSION['textsize']) )
 833{
 834    $_REQUEST['textsize']=$_SESSION['textsize'];
 835}
 836if (isset($_REQUEST['textsize']))
 837{
 838    if( $_REQUEST['textsize'] == "s" )
 839    {
 840        $bodyclass="graysmall";
 841    }
 842    if( $_REQUEST['textsize'] == "n" )
 843    {
 844        $bodyclass="gray";
 845    }
 846    if( $_REQUEST['textsize'] == "l" )
 847    {
 848        $bodyclass="graylarge";
 849    }
 850    $_SESSION['textsize']=$_REQUEST['textsize'];
 851    
 852}
 853print "<body class='$bodyclass'>\n";
 854print "<table class='main' summary='main table'><tr><td class='tls'></td><td class='ts'></td><td class='trs'></td></tr><tr><td class='ls'></td>";
 855if ($page=="splash"){print "<td valign='middle' align='center'>\n";}else{print "<td valign='top'>\n";}
 856//}}}
 857//{{{ splach
 858if ( $enablesplash and ($page=="" or $page=="splash" ))
 859{
 860    $page2="start";if ( $initpage == "true"){ $page2="init";}
 861    print "<a href='?page=$page2'><img src='$splashimage' alt='$sitetitle' /></a>";
 862}
 863//}}}
 864//{{{ Top part
 865//start splash check
 866if ($page!="splash")
 867{
 868print "<table summary='Main table'>\n";
 869print "<tr><td><img src='$logo' alt='LOGO' width='$logowidth' /></td><td align='right' class='headerbottom'><p>&nbsp;</p>\n";
 870if ( $enablesearch == 'true' )
 871{
 872    $searchvalue="";
 873    $search="";if ( isset($_REQUEST['search']) ){$search=$_REQUEST['search'];}
 874    if ( $search == "" and $page == "search" and $_SESSION['lastpage']=="search" and isset($_SESSION['searchstr']) ){$search=$_SESSION['searchstr'];}
 875    if ( $search != "" ){$searchvalue="value='$search'";}
 876    print "<form enctype='multipart/form-data' action='?page=search' method='post'><p><input type='hidden' name='rid' value='$requestid' />";
 877    print "<label for='search'>$text[search]: </label><input name='search' type='text' id='search' alt='search' $searchvalue />&nbsp;";
 878    print "<input type='submit' value='$text[search]' id='searchbuttom' class='button'/>&nbsp;<input type='reset' value='$text[reset]' class='button'/></p></form>";
 879}
 880print "</td><td align='right' class='headermiddle'>\n";
 881print "<table summary='information table'>";
 882foreach ($siteheader as $headerline)
 883{
 884    print "<tr><td align='right' class='menusmall'><b>$headerline[1]</b></td>";
 885    print "<td align='left' class='menusmall'>$headerline[2]</td></tr>";
 886}
 887print "</table>";
 888print "</td></tr></table><table summary='Main table'>\n";
 889//}}}
 890//{{{ Menu
 891print "<tr><td valign='top' class='menu'>\n";
 892
 893if ( $initpage == "true" )
 894{
 895    print "<a href='?page=init'>$text[home]</a>&nbsp;<br />\n";	
 896}
 897
 898$menu = $main->getmenu( $role, $userid );
 899$lastaccess=0;
 900foreach( $menu->records as $item )
 901{
 902    $curaccess=$item['access'];
 903    if ( "$lastaccess" != "$curaccess" )
 904    {
 905        print "<br />\n";
 906    }
 907    $lastaccess=$curaccess;
 908    $menuitem="";
 909    if (isset($text[ $item['data'] ])){$menuitem=str_replace(" ","&nbsp;",$text[ $item['data'] ]);}
 910    if ($menuitem == ""){$menuitem=$item['data'];}
 911    print "<a href='?page=$item[data]'>$menuitem</a>&nbsp;<br />\n";
 912}
 913$newslinks=$main->getmenunewslist($role);
 914if ($newslinks->rows != "0" )
 915{
 916    print "<br />\n";
 917    foreach( $newslinks->records as $item )
 918    {
 919        $menuitem=str_replace(" ","&nbsp;",$item['headline']);
 920        print "<a href='?page=viewnews&amp;id=$item[id]'>$menuitem</a>&nbsp;<br />\n";
 921    }
 922}
 923$category = $main->getCategories($role);
 924if ($category->rows != "0" )
 925{
 926    print "<br />$text[category]<br />\n";
 927    foreach( $category->records as $item )
 928    {
 929        $menuitem=str_replace(" ","&nbsp;",$item['name']);
 930        //if ( isset($text[$item['name']])){$menuitem=str_replace(" ","&nbsp;",$text[$item['name']]);}
 931        print "<a href='?page=newscat&amp;catid=$item[id]'>$menuitem</a>&nbsp;<br />\n";
 932    }
 933}
 934
 935if ( $enablerss == "true" and "$userid" != "0" )
 936{
 937    print "<br /><a href='rss.php?user=$_SESSION[user]&amp;passwd=$_SESSION[passwd]'><img src='images/rss.gif' alt='$text[rss]'/></a>&nbsp;<br />\n";
 938    print "<a href='atom.php?user=$_SESSION[user]&amp;passwd=$_SESSION[passwd]'><img src='images/atom.gif' alt='$text[atom]'/></a>&nbsp;<br />\n";
 939}
 940elseif ( $enablerss == "true" )
 941{
 942    print "<br /><a href='rss.php'><img src='images/rss.gif' alt='$text[rss]'/></a>&nbsp;<br />\n";
 943    print "<a href='atom.php'><img src='images/atom.gif' alt='$text[atom]'/></a>&nbsp;<br />\n";
 944}
 945
 946if ( $allowusertheme == "true" and "$userid" == "0")
 947{
 948    print "<br /><form action='?'><p><select onchange=\"location=this.options[this.selectedIndex].value;\">\n";
 949    $d=dir("themes");
 950    $curtheme="";
 951    if ( isset($_SESSION['theme']))
 952    {
 953        $curtheme=$_SESSION['theme'];
 954    }
 955    print "<option value='?page=changetheme&amp;theme=default'>$text[default]</option>\n";
 956    while($entry = $d->read()) 
 957    {
 958        $entry=str_replace(".php","" ,$entry);
 959        if( is_dir("themes/$entry") and $entry != "." and $entry != ".." and is_file("themes/$entry/site.css"))
 960        {
 961            $selected="";
 962            if ($entry == $curtheme ){$selected="selected=selected";}
 963            print "<option value='?page=changetheme&amp;theme=$entry' $selected>$entry</option>\n";
 964        }
 965    }
 966    print "</select></p></form>\n";
 967}
 968else
 969{
 970    print "<br />\n";
 971}
 972$textsizeurl="";
 973if(isset($_REQUEST['nr'])){$textsizeurl.="&amp;nr=$_REQUEST[nr]";}
 974if(isset($_REQUEST['start'])){$textsizeurl.="&amp;start=$_REQUEST[start]";}
 975if(isset($_REQUEST['id'])){$textsizeurl.="&amp;id=$_REQUEST[id]";}
 976print "<a href='?page=$page&amp;textsize=s&amp;rid=$requestid$textsizeurl' class='small' rel='nofollow'>A</a>";
 977print "<a href='?page=$page&amp;textsize=n&amp;rid=$requestid$textsizeurl' class='normal' rel='nofollow'>A</a>";
 978print "<a href='?page=$page&amp;textsize=l&amp;rid=$requestid$textsizeurl' class='large' rel='nofollow'>A</a>";
 979print "<br />\n";
 980if ( "$userid" == "0" and $showlogin == "true")
 981{
 982    print "<br /><hr /><form action='?page=login' method='post'><p><input type='hidden' name='rid' value='$requestid' />\n";
 983    print "<label for='user'>$text[user]</label><br /><input type='text' alt='user' id='user' name='user' size='10'/><br />\n";
 984    print "<label for='passwd'>$text[passwd]</label><br /><input type='password' alt='password' id='passwd' name='passwd' size='10'/><br />\n";
 985    print "<input type='submit' value='$text[login]' id='login' class='button' /><br />\n";
 986    if ( $allowregister == "true" )
 987    {
 988        print "<a href='?page=newuser' rel='nofollow'>$text[register]</a>&nbsp;\n";
 989    }
 990    print "</p></form><a href='?page=pwdrec&amp;rid=$requestid' rel='nofollow'>".str_replace(" ","&nbsp;",$text['pwdrecovery'])."</a><hr />\n";
 991    
 992}
 993elseif ( "$userid" != "0")
 994{
 995    print "<br /><hr />$text[logedinas]<br /><a href='?page=myhome&amp;rid=$requestid'>$_SESSION[name]</a>&nbsp;\n";
 996    print "<br />".$text["access$role"]."\n";
 997    print "<br /><a href='?page=logout&amp;rid=$requestid'>$text[logout]</a>&nbsp;<hr />\n";
 998}
 999if ( $cookieinfo == "true" )
1000{
1001   print "<br /><a href='?page=cookie'>".str_replace(" ","&nbsp;",$text['cookieheader'])."</a><br /><br />";
1002}
1003print "</td><td valign='top' colspan='2' rowspan='2'>\n";
1004//if ( isset($_SESSION['nr'])){$_SESSION['lastnr']=$_SESSION['nr'];}
1005//elseif( $page != "editnews" and $page != "savenews" ){$_SESSION['lastnr']="";}
1006
1007if ( isset($_REQUEST['start'])){$_SESSION['laststart']=$_REQUEST['start'];}
1008elseif( $page != "editnews" and $page != "savenews" ){$_SESSION['laststart']="";}
1009//End splash shech
1010}
1011//}}}
1012//{{{ Init page
1013if ("$page" == "init" or ("$page" == "" and $initpage == "true" ) )
1014{
1015    $_SESSION['lastpage']=$page;
1016    $news = $main->getinitnews($role);
1017    $main->incresenewsviews($news->records['0']['id']);
1018    $main->printnews( $news,1,$role,$userid,"-1","-1",$page,"" );	
1019}
1020//}}}
1021//{{{Start page
1022if ( "$page" == "start" or ("$page" == "" and $initpage != "true" ) )
1023{
1024    $_SESSION['lastpage']=$page;
1025    $start="0";if ( isset($_REQUEST['start']) ){$start=$_REQUEST['start'];}
1026    $news = $main->getnews( $role , 1 , $start , $nr);
1027    $nrofnews = $main->getnrnews( $role, 1);
1028    $nrofnews = $nrofnews->records[0]['nr'];
1029    $main->printnews( $news,$nrofnews,$role,$userid,$start,$nr,$page,"" );
1030}
1031//}}}
1032//{{{Search page
1033if ( "$page" == "search" )
1034{
1035    $_SESSION['lastpage']=$page;
1036    $start="0";if ( isset($_REQUEST['start']) ){$start=$_REQUEST['start'];}
1037    $search="";if ( isset($_REQUEST['search']) ){$search=$_REQUEST['search'];$_SESSION['searchstr']=$search;}elseif ( isset($_SESSION['searchstr']) ){$search=$_SESSION['searchstr'];}
1038    $news = $main->search( $search, $role , $start , $nr);
1039    $nrofnews = $main->searchnr( $search, $role );
1040    $nrofnews = $nrofnews->records[0]['nr'];
1041    $main->printnews( $news,$nrofnews,$role,$userid,$start,$nr,$page,"" );	
1042}
1043//}}}
1044//{{{ Toplist page
1045if ( "$page" == "top" )
1046{
1047    $_SESSION['lastpage']=$page;
1048    $start="0";if ( isset($_REQUEST['start']) ){$start=$_REQUEST['start'];}
1049    $news = $main->gettopnews( $role , $start , $nr);
1050    $nrofnews = $main->getnrtopnews( $role);
1051    $nrofnews = $nrofnews->records[0]['nr'];
1052    $main->printnews( $news,$nrofnews,$role,$userid,$start,$nr,$page,"" );	
1053}
1054//}}}
1055//{{{ Toplist view page
1056if ( "$page" == "topview" )
1057{
1058    $_SESSION['lastpage']=$page;
1059    $start="0";if ( isset($_REQUEST['start']) ){$start=$_REQUEST['start'];}
1060    $news = $main->gettopviewnews( $role , $start , $nr);
1061    $nrofnews = $main->getnrtopnews( $role);
1062    $nrofnews = $nrofnews->records[0]['nr'];
1063    $main->printnews( $news,$nrofnews,$role,$userid,$start,$nr,$page,"" );	
1064}
1065//}}}
1066//{{{Top comments page
1067if ( "$page" == "topcomment" )
1068{
1069    $_SESSION['lastpage']=$page;
1070    $start="0";if ( isset($_REQUEST['start']) ){$start=$_REQUEST['start'];}
1071    $news = $main->gettopcommentnews( $role, $start, $nr);
1072    $nrofnews = $main->getnrtopnews( $role);
1073    $nrofnews = $nrofnews->records[0]['nr'];
1074    $main->printnews( $news,$nrofnews,$role,$userid,$start,$nr,$page,"" );	
1075}
1076//}}}
1077//{{{ Category page
1078if ( "$page" == "newscat" )
1079{
1080    $_SESSION['lastpage']=$page;
1081    $start="0";if ( isset($_REQUEST['start']) ){$start=$_REQUEST['start'];}
1082    $cat="1";if ( isset($_REQUEST['catid']) ){$cat=$_REQUEST['catid'];}elseif ( isset($_SESSION['catid']) ){$cat=$_SESSION['catid'];}
1083    $_SESSION['catid']=$cat;
1084    $news = $main->getcatnews( $role, $start , $nr, $cat);
1085    $nrofnews = $main->getcatnrnews( $role, $cat);
1086    $nrofnews = $nrofnews->records[0]['nr'];
1087    $main->printnews( $news,$nrofnews,$role,$userid,$start,$nr,$page,"" );  
1088}
1089//}}}
1090//{{{ Guestbook
1091if ( "$page" == "guestbook" )
1092{ 
1093    $_SESSION['lastpage']=$page;
1094    $cstart=0;if ( isset($_REQUEST['cstart']) ){$cstart=$_REQUEST['cstart'];}
1095    $cnr=$nr;if ( isset($_REQUEST['cnr']) ){$cnr=$_REQUEST['cnr'];}
1096    $main->printcomments( "0", $role,$userid,$cstart,$cnr,$page,-1);
1097    $_SESSION['lastid']="0";
1098}
1099//}}}
1100//{{{ Removed comments
1101if ( "$page" == "removedcomments" and $role >= 3)
1102{ 
1103    $_SESSION['lastpage']=$page;
1104    $cstart=0;if ( isset($_REQUEST['cstart']) ){$cstart=$_REQUEST['cstart'];}
1105    $cnr=$nr;if ( isset($_REQUEST['cnr']) ){$cnr=$_REQUEST['cnr'];}
1106    $main->printcomments( "-1", $role,$userid,$cstart,$cnr,$page,-1);
1107    $_SESSION['lastid']="-1";
1108}
1109//}}}
1110//{{{ Edit comment
1111if ( $page == "editcomment" and $role >= 1)
1112{
1113    print "<script type='text/javascript'>
1114        function validate(form)
1115        {
1116            error=\"\";
1117            if ( form.header.value == \"\" )
1118            {
1119                error=\"".str_replace(":",","," ".$main->edit_array( $text['header'])." ")."\";
1120            }
1121
1122            if ( form.data.value == \"\" )
1123            {
1124                error=error+\"".str_replace(":",""," ".$main->edit_array( $text['comment'])." ")."\";
1125            }
1126            if (error != '' )
1127            {
1128                error=error.replace(\":\", \",\");
1129                alert('".$main->edit_array( $text['missingfields'])."'+' '+error);
1130                return;
1131            }
1132            else
1133            {
1134                form.submit();
1135            }
1136        }
1137    </script>";
1138    $id="";if ( isset($_REQUEST['id']) ){$id=$_REQUEST['id'];}
1139    $comment=$main->edit_array($main->getcomment( $userid, $role, $id ));
1140    print "<form enctype='multipart/form-data' action='?page=savecomment' method='post'><p><input type='hidden' name='rid' value='$requestid' /></p>\n";
1141    print "<table summary='$text[editcomment]'><tr><td colspan='2'><hr></td></tr>\n";
1142    if ( $comment['records']['0']['role'] == 0  )
1143    {
1144        print "<tr><td>$text[name]</td><td><input name='name' type='text' id='name' value='" . $comment['records']['0']['anonname'] . "'/></td></tr>\n";
1145        print "<tr><td>$text[email]</td><td><input name='email' type='text' id='email' value='" . $comment['records']['0']['anonemail'] . "'/></td></tr>\n";
1146        print "<tr><td>$text[homepageheader]</td><td><input name='homepage' type='text' id='email' value='" . $comment['records']['0']['anonhomepage'] . "'/></td></tr>\n";
1147    }
1148    print "<tr><td>$text[header]</td><td><input name='header' type='text' id='header' value='" . $comment['records']['0']['headline'] . "'/></td></tr>\n";
1149    print "<tr><td colspan='2'>$text[comment]</td></tr>\n";
1150    print "<tr><td colspan='2'><input type='hidden' name='id' value='" . $comment['records']['0']['id'] . "'><textarea name='data' rows='5' cols='60'>" . $comment['records']['0']['data'] . "</textarea></td></tr>\n";
1151    print "<tr><td colspan='2'><input type='button' value='$text[savecomment]' id='savecomment' onclick=\"validate(this.form)\"  class='button'/> <input type='reset' value='$text[reset]' class='button' /></td></tr>\n";
1152    print "</table></form>\n";
1153    print "$bbcode";
1154
1155}
1156//}}}
1157//{{{ Remnews
1158if ( "$page" == "remnews"  and "$role" >= "3" )
1159{
1160    $_SESSION['lastpage']=$page;
1161    $start="0";if ( isset($_REQUEST['start'])){$start=$_REQUEST['start'];}
1162    $news = $main->getnews( 4 , 8 , $start , $nr);
1163    $nrofnews = $main->getnrnews( 4, 8);
1164    $nrofnews = $nrofnews->records[0]['nr'];
1165    $main->printnews( $news,$nrofnews,$role,$userid,$start,$nr,$page,"" );	
1166}
1167//}}}
1168//{{{ Downloads
1169if ( $page == "downloads")
1170{
1171    print "<span class=\"headline\"><b>$text[downloads]</b></span><br />";
1172    $dir="/";if( isset($_REQUEST['dir'])){$dir=$_REQUEST['dir'];}
1173    if ( !isset($_REQUEST['do']) )
1174    {
1175        $_REQUEST['do']="";
1176    }
1177    if ( $role >= 3 or $role >= $uploadfileaccess )
1178    {
1179        if($_REQUEST['do'] == "upload" and isset($_FILES['file']['name']))
1180        {
1181            $filename=str_replace(" ","_",basename($_FILES['file']['name']));
1182            $filename=str_replace("?","a",$filename);
1183            $filename=str_replace("ä","a",$filename);
1184            $filename=str_replace("ö","o",$filename);
1185            $filename=str_replace("?","A",$filename);
1186            $filename=str_replace("Ä","A",$filename);
1187            $filename=str_replace("Ö","O",$filename);
1188            $filename=str_replace("(","_",$filename);
1189            $filename=str_replace(")","_",$filename);
1190            $filename=ereg_replace("[^a-z,A-Z,0-9,_,.]","_",$filename);
1191
1192            $fname=$_REQUEST['fname'];
1193            $access=$_REQUEST['access'];
1194
1195            $dir=$_REQUEST['dir'];
1196            $subdir=$_REQUEST['subdir'];
1197            $parrentdir=$_REQUEST['parentdir'];
1198            if ( $subdir != "" )
1199            {
1200                $parrentdir=$dir;
1201                $dir=$subdir;
1202            }
1203
1204            $type=$_FILES['file']['type'];
1205            $owner=$userid; 
1206            $size=$_FILES['file']['size'];
1207
1208            $newid=$main->addfile($filename,$fname,$access,$dir,$parrentdir,$type,$owner,$size);
1209            if ( ! $main->uploadanyfile($_FILES['file'],"$filepath/$newid/"))
1210            {
1211                $main->deletefile($newid);
1212            }
1213        }
1214        
1215    

Large files files are truncated, but you can click here to view the full file