Your IP : 216.73.216.40

Current Path : /var/www/html/mmishra/indem/icdp.bak/
Upload File :
Current File : /var/www/html/mmishra/indem/icdp.bak/inner.php

<?php

require("functions.inc");
dbConnect();

//$HTTP_SERVER_VARS['chk_home']=1;
$conf = $_REQUEST["conf"];
$target = $_REQUEST["target"];

$user = ""; $sid = ""; $role = ""; $use_cookie = 0;
session_start();

if (isset($HTTP_SESSION_VARS['user'])) {
        $sid = $HTTP_SESSION_VARS['sid'];
        $user = $HTTP_SESSION_VARS['user'];
        $role = $HTTP_SESSION_VARS['role'];

} else if (isset($HTTP_SESSION_VARS['auto_login'])) {
        $cred = explode(" ", $HTTP_SESSION_VARS['auto_login']);
        $txtID = $cred[0];
        $txtPWD = base64_decode($cred[1]);
        $use_cookie = 1;
}
if (isset($_REQUEST['logout'])) {
	$tbl = 'auth';
        mysql_query("delete from $tbl where sid='$sid'");
        session_unset();
        session_destroy();
        $HTTP_SESSION_VARS['user'] = ""; $HTTP_SESSION_VARS['sid'] = ""; $HTTP_SESSION_VARS['role'] = "";
        $user = ""; $sid = ""; $role = "";
        if ($mode == "forget") setcookie("auto_login", "", time()-3600);
        header("Location: index.php");
        exit;
}
if ($use_cookie == 1 || isset($_POST['login'])) {
        $txtID = $_POST["txtID"];
        $txtPWD = $_POST["txtPWD"];
        $chkRem = $_POST["chkRem"];
        $role = authenticate($txtID, $txtPWD);
        $sid = uniq_sid($txtID, $txtPWD);
        if ($role == "admin" || $role == "user") {
                $user = $txtID;
                session_register("user", "sid", "role");
                if ($use_cookie == 0) {
                        if ($chkRem) setcookie("auto_login", $txtID . " " . base64_encode($txtPWD), time()+31536000);
                        else setcookie("auto_login", "", time()-3600);
                }
                if (!$target) $target = 'fileupload';
                header("Location: inner.php?conf=$target");
        } else { // login failed or account locked
                if ($use_cookie == 0) {
                        header("Location: inner.php?conf=login&target=$target");
                } else {// dont give an error to the user for login attempt from a cookie, just delete the cookie.
                        setcookie("auto_login", "", time()-3600);
                }
        }
}
if ($conf) hitmeter($conf);
$tbl = 'webpages';
$rs = mysql_query("select * from $tbl where pageid='$conf'");
$o = mysql_fetch_object($rs);
if ($o) { 
	// if this is the restricted page, verify login
        if ($o->pageaccess == "admin" && !$user) header("Location: inner.php?conf=login&target=$conf");
        
        $pagetitle = strtoupper($o->pagetitle);
        $pagecontent = $o->pagecontent;
        $parentid = $o->parentid;
        $counter = $o->counter;

        $sibling = sibling($parentid);

        if ($o->pagetype == 'html') $static = 1; //webpage
        else if ($o->pagetype == 'url') header("Location: $pagecontent");
        else if ($o->pagetype == 'file') header("Location: documents/$pagecontent");
        else $static = 0; //php script
} else {
        $static = 1;
        $pagetitle = "<b id='title'>Oops !</b><br><br>";
        $pagecontent = "The page is under construction, Please visit later on.";
}
//maintain logs
logs($user, $_SERVER['HTTP_REFERER'], $_SERVER['REQUEST_URI']);
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html onmousemove="window.status='iiita'" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title><?php echo setup('organization'); ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="author" content="<?php echo setup('webmaster'); ?>" />
<meta name="keywords" content="<?php echo setup('keywords'); ?>" />
<meta name="description" content="<?php echo setup('description'); ?>" />

<link href="css/dropdown/dropdown.css" media="screen" rel="stylesheet" type="text/css" />
<link href="css/dropdown/themes/default.ultimate.css" media="screen" rel="stylesheet" type="text/css" />
<link href="css/style.css" media="screen" rel="stylesheet" type="text/css" />

<!--[if lt IE 7]>
<script type="text/javascript" src="js/jquery.js"></script>
<script type="text/javascript" src="js/jquery.dropdown.js"></script>
<![endif]-->

<?php
echo ajax();
echo flash();
?>

</head>
<body onload="document.f.q.focus();">

<form class='search_form' name='f' method='post' action='search.php'>
Search in iiita.ac.in 
<input type='text' id='q' name='q' size='20' onkeyup="showPage(this.value)">
</form>
<br>

<div class='banner'>
<?php echo banner(); ?>
</div>
<div class='menus'>
<?php echo menus($user, $role, 0); ?>
</div>

<span id="search_result" class="search_result"></span>
<form name="frmStatic" action="inner.php?conf=<?php echo $conf; ?>" method="post" enctype="multipart/form-data"> 
<?php
if ($conf) {
        echo "<div class='content'>
        <b id='title'>$pagetitle</b> [ $counter times ]<br>";
        if ($sibling) echo $sibling;

        if ($static == 1) {
                //if ($hilite != "") echo hilite($content, $hilite);
                //else 
		echo $pagecontent;

                if ($role == 'admin') {
                        echo "<div align='right'><hr>
			[ <a href='inner.php?conf=editpage&pageid=$conf'>Edit content</a> ]
			</div>";
                }
        } else {
                include "$pagecontent";
        }
	echo '</div>';
	mysql_query("update webpages set counter=counter+1 where pageid='$conf'");
}
echo setup('footer');
?>
</form>
</body>
</html>