PageRenderTime 173ms CodeModel.GetById 31ms RepoModel.GetById 0ms app.codeStats 0ms

/mobile/index.php

https://github.com/xythobuz/xythobuzCMS
PHP | 274 lines | 271 code | 0 blank | 3 comment | 56 complexity | 8c72f2fd3a847ba8ac59c7d0e5cc9c06 MD5 | raw file
  1. <?
  2. include('../config.php');
  3. include('func.php');
  4. $db = mysql_connect($sql_host, $sql_username, $sql_password);
  5. mysql_select_db($sql_database);
  6. if (mysql_errno()) {
  7. die ('Could not connect to database!');
  8. }
  9. ?>
  10. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  11. <html xmlns="http://www.w3.org/1999/xhtml">
  12. <head>
  13. <meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
  14. <meta content="yes" name="apple-mobile-web-app-capable" />
  15. <meta content="minimum-scale=1.0, width=device-width, maximum-scale=0.6667, user-scalable=no" name="viewport" />
  16. <link href="style.css" rel="stylesheet" media="screen" type="text/css" />
  17. <link rel="apple-touch-icon" href="images/icon.png" />
  18. <link rel="apple-touch-startup-image" href="images/load.png" />
  19. <title><? echo $xythobuzCMS_title; ?></title>
  20. <?
  21. $sql = 'SELECT
  22. inhalt
  23. FROM
  24. cms_codehead
  25. ORDER BY
  26. id ASC';
  27. $result = mysql_query($sql);
  28. if (!$result) {
  29. die ("Error");
  30. }
  31. while ($row = mysql_fetch_array($result)) {
  32. echo stripslashes($row['inhalt'])."\n";
  33. }
  34. ?>
  35. <script src="javascript/functions.js" type="text/javascript"></script>
  36. <? if (isset($xythobuzCMS_onload)) { ?>
  37. <script type="text/javascript">
  38. window.onDomReady(onReady);
  39. function onReady() {
  40. <? echo $xythobuzCMS_onload; ?>
  41. }
  42. </script>
  43. <? } ?>
  44. </head>
  45. <body>
  46. <div id="topbar">
  47. <? if (isset($_GET['p']) || isset($_GET['search'])) {
  48. if ((isset($_SERVER['HTTP_REFERER'])) && (strpos($_SERVER['HTTP_REFERER'], $xythobuzCMS_root."/index.php") === 0)) { ?>
  49. <div id="leftnav"><a href="index.php"><img src="images/home.png" alt="Home" /></a></div>
  50. <? } else { ?>
  51. <div id="leftnav"><a href="javascript:history.back();">Back</a></div>
  52. <? }
  53. } else if (isset($_GET['news']) && !is_numeric($_GET['news'])) { ?>
  54. <div id="leftnav"><a href="index.php"><img src="images/home.png" alt="Home" /></a></div>
  55. <? } else if (isset($_GET['news'])) { ?>
  56. <div id="leftnav"><a href="index.php?news">Back</a></div>
  57. <? } else { ?>
  58. <div id="leftnav"><a class="noeffect" href="../index.php?desktop"><img alt="Desktop Version" src="images/pc.png" /></a></div>
  59. <? } ?>
  60. <div id="title"><? echo $xythobuzCMS_title; ?></div>
  61. <? if (isset($_GET['p'])) {
  62. if (isset($_GET['lang'])) { // Link to lang 1 ?>
  63. <div id="rightnav"><a href="index.php?p=<? echo $_GET['p']; ?>"><img alt="Change language" src="../img/flags/<? echo $xythobuzCMS_lang; ?>.png"></a></div>
  64. <? } else { // Link to lang 2 ?>
  65. <div id="rightnav"><a href="index.php?p=<? echo $_GET['p']; ?>&amp;lang"><img alt="Change language" src="../img/flags/<? echo $xythobuzCMS_lang2; ?>.png"></a></div>
  66. <? }
  67. } ?>
  68. </div>
  69. <? if (isset($_GET['lang'])) {
  70. $inhaltLanguage = "inhalt_en";
  71. } else {
  72. $inhaltLanguage = "inhalt";
  73. } ?>
  74. <? if ((!isset($_GET['search'])) && (!isset($_GET['news']))) { ?>
  75. <div class="searchbox">
  76. <form action="index.php" method="get">
  77. <fieldset>
  78. <input id="search" placeholder="search" type="text" name="search" />
  79. <input id="submit" type="hidden" />
  80. </fieldset>
  81. </form>
  82. </div>
  83. <? } ?>
  84. <div id="content">
  85. <? if (isset($_GET['p'])) { // Page:
  86. $sql = "SELECT inhalt, inhalt_en, linktext
  87. FROM cms
  88. WHERE kuerzel = '".mysql_real_escape_string($_GET['p'])."'";
  89. $result = mysql_query($sql);
  90. if (!$result) {
  91. die("Database Error");
  92. }
  93. $row = mysql_fetch_array($result);
  94. ?> <span class="graytitle"><? echo $row['linktext']; ?></span>
  95. <ul class="pageitem">
  96. <li class="textbox">
  97. <?
  98. $content = stripslashes($row[$inhaltLanguage]);
  99. $content = preg_replace('#(href|src)="([^:"]*)(?:")#','$1="'.$xythobuzCMS_root.'/$2"',$content);
  100. echo $content;
  101. ?> </li>
  102. </ul>
  103. <?
  104. } else if (isset($_GET['search'])) { // Search:
  105. ?> <span class="graytitle">Search</span>
  106. <? searchInCms($_GET['search']);
  107. } else if (isset($_GET['news'])) {
  108. if ($_GET['news'] == "") {
  109. // List articles
  110. listNews();
  111. } else {
  112. if (isset($_POST['comment'])) {
  113. // Add comment
  114. $ok = 1;
  115. if (isset($xythobuzCMS_captcha_priv)) {
  116. require_once('../recaptchalib.php');
  117. $resp = recaptcha_check_answer($xythobuzCMS_captcha_priv, $_SERVER['REMOTE_ADDR'], $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
  118. if (!$resp->is_valid) {
  119. echo "<p>Captcha wrong!</p>";
  120. $ok = 0;
  121. }
  122. }
  123. if ($ok == 1) {
  124. $sql = 'INSERT INTO
  125. cms_comments(datum, autor, inhalt, parent, frei)
  126. VALUES
  127. (FROM_UNIXTIME('.time().'),
  128. "'.mysql_real_escape_string($_POST['autor']).'",
  129. "'.mysql_real_escape_string($_POST['comment']).'",
  130. '.mysql_real_escape_string($_GET['news']).',
  131. '.$xythobuzCMS_com.')';
  132. $result = mysql_query($sql);
  133. if (!$result) {
  134. echo "<p>Could not add comment!</p>";
  135. } else {
  136. echo "<p>Comment added!</p>";
  137. if ($xythobuzCMS_com == "FALSE") {
  138. $subject = "New Comment!";
  139. $body = $_POST['autor']." posted the following comment on ".$xythobuzCMS_title.":\n\n".$_POST['comment']."\n";
  140. if (!mail($xythobuzCMS_authormail, $subject, $body)) {
  141. echo "Mail Error!";
  142. }
  143. }
  144. }
  145. }
  146. }
  147. // Show article
  148. $sql = 'SELECT inhalt, ueberschrift, datum
  149. FROM cms_news
  150. WHERE id = '.mysql_real_escape_string($_GET['news']);
  151. $result = mysql_query($sql);
  152. if (!$result) {
  153. echo "404 - Page not found";
  154. exit;
  155. }
  156. $row = mysql_fetch_array($result);
  157. ?> <span class="graytitle"><? echo stripslashes(stripslashes($row['ueberschrift']))." (".$row['datum'].")"; ?></span>
  158. <ul class="pageitem">
  159. <li class="textbox">
  160. <? $content = stripslashes($row['inhalt']);
  161. $content = preg_replace('#(href|src)="([^:"]*)(?:")#','$1="'.$xythobuzCMS_root.'/$2"',$content);
  162. echo $content;
  163. ?> </li>
  164. </ul>
  165. <? $sql = 'SELECT inhalt, datum, autor
  166. FROM cms_comments
  167. WHERE parent = '.mysql_real_escape_string($_GET['news']).' && frei = TRUE
  168. ORDER BY datum ASC';
  169. $result = mysql_query($sql);
  170. if ($result) {
  171. $row = mysql_fetch_array($result);
  172. if ($row == false) {
  173. ?> <ul class="pageitem">
  174. <li class="textbox">
  175. No Comments!
  176. </li>
  177. </ul>
  178. <? } else {
  179. do {
  180. ?> <span class="graytitle"><? echo $row['autor']." (".$row['datum'].")"; ?></span>
  181. <ul class="pageitem">
  182. <li class="textbox">
  183. <? echo stripslashes($row['inhalt']); ?>
  184. </li>
  185. </ul>
  186. <? } while($row = mysql_fetch_array($result));
  187. }
  188. } else {
  189. echo "Query Error!";
  190. exit;
  191. }
  192. ?> <form method="post"><fieldset>
  193. <span class="graytitle">New Comment</span>
  194. <ul class="pageitem">
  195. <li class="bigfield">
  196. <input placeholder="Nickname" type="text" name="autor" />
  197. </li>
  198. <li class="textbox">
  199. <span class="header">Comment</span>
  200. <textarea name="comment" rows="3"></textarea>
  201. </li>
  202. <? if (isset($xythobuzCMS_captcha_pub)) {
  203. require_once('../recaptchalib.php'); ?>
  204. <li class="textbox">
  205. <? echo recaptcha_get_html($xythobuzCMS_captcha_pub); ?>
  206. </li>
  207. <? } ?>
  208. <li class="button">
  209. <input type="submit" name="Submit comment" value="Submit comment" />
  210. </li>
  211. </ul>
  212. </fieldset></form>
  213. <? }
  214. } else { // Navigation: ?>
  215. <span class="graytitle">Navigation</span>
  216. <ul class="pageitem">
  217. <li class="menu">
  218. <a href="index.php?news">
  219. <span class="name">Blog</span>
  220. <span class="arrow"></span>
  221. </a>
  222. </li>
  223. <? printPage(0, 0); ?>
  224. </ul>
  225. <span class="graytitle">Links</span>
  226. <ul class="pageitem">
  227. <?
  228. $sql = 'SELECT url, title, nofollow FROM cms_links ORDER BY ord ASC';
  229. $result = mysql_query($sql);
  230. if(!$result) {
  231. die("Database error...");
  232. }
  233. while ($row = mysql_fetch_array($result)) {
  234. ?> <li class="menu">
  235. <a class="noeffect" href="<? echo $row['url']; ?>"<? if ($row['nofollow'] == 1) { echo " rel=\"nofollow\""; } ?>>
  236. <span class="name"><? echo $row['title']; ?></span>
  237. <span class="arrow"></span>
  238. </a>
  239. </li>
  240. <? }
  241. ?> </ul>
  242. <? if (isset($xythobuzCMS_logo)) { ?>
  243. <span class="graytitle">Logo</span>
  244. <ul class="pageitem">
  245. <li class="textbox">
  246. <img src="../<? echo $xythobuzCMS_logo; ?>" alt="Logo">
  247. </li>
  248. </ul>
  249. <? }
  250. } ?>
  251. </div>
  252. <div id="footer">
  253. <a class="noeffect" href="../admin.php">Admin Area</a><br>
  254. <a class="noeffect" href="http://snippetspace.com">iPowered by iWebKit</a><br>
  255. <a href="#"><? include("../count.php"); ?> visitors / pageviews today.</a>
  256. </div>
  257. <?
  258. $sql = 'SELECT
  259. inhalt
  260. FROM
  261. cms_code
  262. ORDER BY
  263. id ASC';
  264. $result = mysql_query($sql);
  265. if (!$result) {
  266. die ("Error");
  267. }
  268. while ($row = mysql_fetch_array($result)) {
  269. echo stripslashes($row['inhalt'])."\n";
  270. }
  271. ?>
  272. </body>
  273. <? mysql_close(); ?>
  274. </html>