Your IP : 216.73.216.40
<?php
function dbConnect() {
$link = mysql_connect("localhost", "root", "mysql");
if (!$link) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db("icdp");
return $link;
}
function filePath($content) {
$wroot = substr($_SERVER['SCRIPT_FILENAME'],0,strrpos($_SERVER['SCRIPT_FILENAME'],"/"));
switch ($content) {
case "images":
return $wroot.'/images/';
break;
case "gallery":
return $wroot.'/images/gallery/';
break;
case "documents":
return $wroot.'/documents/';
break;
case "banners":
return $wroot.'/mages/banners/';
break;
default:
return $_SERVER["DOCUMENT_ROOT"];
}
}
function ajax() {
?>
<script language="javascript">
function GetXmlHttpObject() {
var xmlHttp=null;
try {
// Firefox, Opera 8.0+, Safari
xmlHttp=new XMLHttpRequest();
} catch (e) {
// Internet Explorer
try {
xmlHttp=new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
xmlHttp=new ActiveXObject("Microsoft.XMLHTTP");
}
}
return xmlHttp;
}
function showPage(q) {
if (q.length<3) {
document.getElementById("search_result").innerHTML="";
return;
}
xmlHttp=GetXmlHttpObject()
if (xmlHttp==null) {
alert ("Your browser does not support AJAX!");
return;
}
var url="search.php?q="+q;
//alert(url);
xmlHttp.onreadystatechange=stateChanged;
xmlHttp.open("GET",url,true);
xmlHttp.send(null);
}
function stateChanged() {
if (xmlHttp.readyState==4) {
document.getElementById("search_result").innerHTML=xmlHttp.responseText;
}
}
</script>
<?php
}
function flash() {
?>
<!-- START AD -->
<div class="WRBannerCenter" align="center">
<script language="JavaScript"><!--
function show(object) {
if (document.getElementById) {
document.getElementById(object).style.visibility = 'visible';
} else if (document.layers && document.layers[object]) {
document.layers[object].visibility = 'visible';
} else if (document.all) {
document.all[object].style.visibility = 'visible';
}
}
function hide(object) {
if (document.getElementById) {
document.getElementById(object).style.visibility = 'hidden';
} else if (document.layers && document.layers[object]) {
document.layers[object].visibility = 'hidden';
} else if (document.all) {
document.all[object].style.visibility = 'hidden';
}
}
//--></script>
<div class="flash" id="j_dj" onMouseOver="show('j_dj')" onMouseOut="hide('j_dj')">
<?php
//echo parameter('organization') . '<br>';
//echo parameter('address') . '<br>';
//echo parameter('email') . '<br>';
//echo parameter('telephone') . '<br>';
echo parameter('welcome') . '<br>';
?>
</div>
<!-- END AD -->
<?php
}
function parameter($keyname) {
$tbl = 'parameters';
$rs = mysql_query("select keyvalue from $tbl where keyname='$keyname'");
if ($rs) {
$o = mysql_fetch_object($rs);
return $o->keyvalue;
} else {
return "Ooops! value of setup parameter ($keyname) is missing.";
}
}
function familyTree($pageid) {
$tbl = 'webpages';
if ($pageid == 0) $str = "<a href='./'>Home</a>";
else {
$rs = mysql_query("select * from $tbl where rowid=$pageid");
if ($rs) {
$o = mysql_fetch_object($rs);
$str = familyTree($o->parentid) . " > <a href='inner.php?conf=$o->pageid'>$o->hypertext</a>";
} else
$str = "";
}
return $str;
}
function sibling($parentid) {
$tbl = 'webpages';
$rs = mysql_query("select * from $tbl where visibility='enable' and parentid=$parentid");
if ($rs) {
$str = "<div align='right'>See also: ";
while ($o = mysql_fetch_object($rs)) {
$hypertext = str_replace(" ", " ", $o->hypertext);
$str .= "[ <a href='inner.php?conf=$o->pageid'>$hypertext</a> ] ";
}
$str .= "</div>";
}
return $str;
}
function sendMail($email, $subject, $body) {
require("class.phpmailer.php");
$mail = new PHPMailer();
$mail->IsSMTP(); // telling the class to use SMTP
$mail->Host = "mail.iiita.ac.in"; // SMTP server
$mail->FromName = "indem alld";
$mail->From = "indem@iiita.ac.in";
$mail->AddAddress($email,$email);
$mail->AddAddress("indem@iiita.ac.in","indem@iiita.ac.in");
$mail->Username = "indem";
$mail->Password = "#indemica";
$mail->Subject = $subject;
$mail->Body = $body;
$mail->WordWrap = 75;
if (!$mail->Send()) {
return $mail->ErrorInfo;
} else {
return TRUE;
}
}
function accessLog($user, $referer, $url) {
$tbl = 'accesslogs';
if (!$user) $user = 'guest';
if (!$referer) $referer = 'direct';
if ($url == '/') $url = 'index.php';
$ip = $_SERVER["REMOTE_ADDR"];
mysql_query("insert into $tbl(user,referer,weburl,remoteip,dateaccess)
values('$user', '$referer', '$url','$ip',now())");
}
function checkAdmin($role) {
if ($role != "admin") {
echo "<div align=center><h2>You must be a Site Administrator to access this page</h2></div>";
exit;
}
}
function checkLogin($user) {
if (!$user) {
echo "<div align=center>You must be logged in to access this page</div>";
exit;
}
}
function hitCounterx() {
$file = "counter.inc";
if (!file_exists($file)) {
touch ($file);
$count=0;
} else {
include "counter.inc";
$count++;
}
echo $count;
$str = '<? $count='.$count.'; ?>';
$handle = fopen ($file, 'r+');
fwrite ($handle, $str);
fclose($handle);
}
function authenticate($uid, $pwd) {
$tbl = 'webaccounts';
$rs = mysql_query("select * from $tbl where loginid='$uid' and passwd=password('$pwd')");
if (mysql_num_rows($rs)) {
$o = mysql_fetch_object($rs);
if ($o->webmaster == 'yes')
$role = 'admin';
else
$role = 'user';
$epwd = base64_encode($pwd);
srand((double)microtime()*100000000);
//generate a unique sid
$ch = $uid;
for($i=0; $i<20; $i++) {
$ch .= chr(rand(65, 90));
}
//update session info in accounts table
mysql_query("update $tbl set sessionid='$ch',sessionip='".$_SERVER["REMOTE_ADDR"]."',datesession=now() where loginid='$uid'");
} else
$role = 'guest';
return $role;
}
function banner() {
$str = "<div class='datetime'>". date("h:i:s A, l, jS \of F Y") . "</div>";
$str .= "<img id='banner' src='text2image.php' onMouseOver=\"show('j_dj')\" onMouseOut=\"hide('j_dj')\" />";
$str .= "<div class='datetime'>[" . parameter('counter') . " times ]</div>";
mysql_query("update parameters set keyvalue=keyvalue+1 where keyname='counter'");
return $str;
}
function gallery() {
$dir = filePath('gallery');
$dh = opendir($dir);
$counter = 0;
while (false !== ($filename = readdir($dh))) {
if (strlen($filename) > 2) {
$files[] = $filename;
$counter++;
}
}
$no = rand(0, $counter-1);
if (!$files[$no]) $no = 0;
$color = rand(0,255).','.rand(0,255).','.rand(0,255);
$str = "<img id='pic' src='images/gallery/".$files[$no]."' width='400' height='250' title='Logo in Photo Gallery'
onMouseOver=\"this.src='images/logo.jpg'\" onMouseOut=\"this.src='images/gallery/".$files[$no]."'\"
style='border: dashed rgb($color) 1px'>";
return $str;
}
function menus($user, $role, $parentid = 0) {
$tbl = 'webpages';
if ($user)
$rs = mysql_query("select * from $tbl where visibility='enable' and parentid=$parentid order by counter desc, hypertext");
else
$rs = mysql_query("select * from $tbl where visibility='enable' and pageaccess='public' and parentid=$parentid order by counter desc, hypertext");
if ($parentid == 0) {
$str = "<ul id=\"nav\" class=\"dropdown dropdown-horizontal\">
<li><a href='./' title='Back to Homepage'>Home</a></li>";
} else {
if (!mysql_num_rows($rs)) return "";
$str = '<ul>';
}
while ($o = mysql_fetch_object($rs)) {
$dropdownmenu = menus($user, $role, $o->rowid);
if ($dropdownmenu) $str .= "<li><span class=\"dir\">$o->hypertext</span>$dropdownmenu</li>";
else if ($role == 'admin') {
$str .= "<li><a href='inner.php?conf=$o->pageid'>$o->hypertext ($o->counter)</a></li>";
} else {
$str .= "<li><a href='inner.php?conf=$o->pageid' title='Expiry: $o->dateexpiry'>$o->hypertext ($o->counter)</a></li>";
}
}
if ($parentid == 0) {
if ($role == 'admin') $str .= "<li><a href='inner.php?conf=webpages&parentid=0'>Add new...</a></li>";
$str .= "<li><span class=\"dir\">Session</span><ul>";
if ($user) {
$str .= "<li><a href='inner.php?logout=1' title='Session: $user as $role'>Sign Out</a></li>";
if ($role == 'admin') {
$str .= "<li class='divider'><b>Control Panel</b></li>
<li class='divider'><a href='inner.php?conf=parameters' title='Website parameters'>Parameter</a></li>
<li><a href='inner.php?conf=webaccounts' title='Website user accounts'>Webaccount</a></li>
<li><a href='inner.php?conf=webpages' title='Website pages'>Webpage</a></li>
<li><a href='inner.php?conf=fileuploads' title='Web content'>File Upload</a></li>
<li><a href='inner.php?conf=accesslogs' title='Access log view'>Access Log</a></li>";
}
} else
$str .= "<li><a href='inner.php?conf=login' title='For content updation'>Sign In</a></li>";
$tbl = 'webaccounts';
$str .= "<li class='divider'><b>Active Users</b></li>";
$rs = mysql_query("select * from $tbl where sessionid > '' order by datesession");
if (mysql_num_rows($rs)) {
while ($o = mysql_fetch_object($rs)) {
$str .= "<li><a href='inner.php?conf=webaccounts&loginid=$o->loginid'>$o->loginid from $o->sessionip</a></li>";
}
} else $str .= "<li><a href='./'>None</a></li>";
$str .= "</ul></li>";
} else if ($role == 'admin') {
$str .= "<li class='divider'><a href='inner.php?conf=webpages&parentid=$parentid'>Add new...</a></li>";
}
$str .= "</ul>";
return $str;
}
function announcements($role) {
$tbl = 'webpages';
$str = "<b>Announcements</b><br>
<marquee id='scroll' scrolldelay='15' scrollamount='1' width='100%' height='300' direction='up'
onmouseover=\"this.setAttribute('scrollamount', 0, 0);\"
onmouseout=\"this.setAttribute('scrollamount', 1, 0);\">";
$rs = mysql_query("SELECT * FROM $tbl where visibility='scroll' order by datecreation desc, rowid desc");
while ($o = mysql_fetch_object($rs)) {
$i++;
$str .= "<a href='inner.php?conf=$o->pageid' title='Expiry: $o->dateexpiry'>$o->hypertext</a><br>
<span class='description'><img src='images/arrow.gif'> $o->pagetitle</span>
<div class='datetime'>[dated $o->datecreation, $o->counter times]</div>";
if ($o->dateexpiry > date('Y-m-d')) mysql_query("update $tbl set visibility='disable' where rowid=$rowid");
}
$str .= "<br><hr><a href='http://www.adobe.com/products/acrobat/readstep2.html'>Download Acrobat</a>";
if ($role == 'admin') $str .= " [<a href='inner.php?pg=webpages&metacontent=announcement'>Edit content</a>]";
$str .= "</marquee>";
return $str;
}
function updations() {
$tbl = 'webpages';
$str = "<b>Recent Updations</b><br>";
$i = 0;
$rs = mysql_query("SELECT * FROM $tbl order by dateupdation desc limit 1,5");
while ($o = mysql_fetch_object($rs)) {
$i++;
$str .= "<a href='inner.php?conf=$o->pageid' title='Expiry: $o->dateexpiry'>$o->hypertext</a>
<dir class='description'><img src='images/arrow.gif'>".strip_tags(substr($o->pagecontent,0,100))."...</dir>
<div class='datetime'>[dated $o->dateupdation, $o->counter times]</div>";
}
return $str;
}
function fileUpload() {
$maxsize =9998860800;
$uploadfile = strtolower(basename($_FILES['userfile']['name']));
$gallery = $_POST['gallery'];
$filesize = $_FILES["userfile"]["size"];
if ($uploadfile && $filesize < $maxsize) {
$filename = explode(".", strtolower($uploadfile));
$ext = $filename[count($filename)-1];
if ($ext == 'jpg' || $ext == 'gif' || $ext == 'tif' || $ext == 'png') {
$dir = "images/$gallery";
} else $dir = 'documents/';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $dir.$uploadfile)) {
shell_exec("chmod 755 {$dir}{$uploadfile}");
echo "$uploadfile was successfully uploaded.<br><br>";
} else {
echo "Sorry! there may be some error.<br><br>";
}
} else {
echo "Either file name is missing or file size exceeds the max. limit of 10 MB<br><br>";
}
}
function newsFeed(){
$str = '<? xml version=\"1.0\" ?> <rss version=\"2.0\"><channel>';
$rs = mysql_query("SELECT * FROM news where status='current' order by dated desc, rowid desc");
while ($o = mysql_fetch_object($rs)) {
$str .= "<item>
<title>$o->subject</title>
<link>$o->url</link>
<description>$o->description</description>
<pubDate>$o->dated</pubDate>
<category>Achievement</category>
</item>";
}
$str .= "</channel></rss>";
//generate_file("rss.xml", $str);
}
function checkeMail($email) {
if (eregi("^[a-zA-Z0-9_]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$]", $email)) {
return FALSE;
}
list($Username, $Domain) = split("@",$email);
if (getmxrr($Domain, $MXHost)) {
return TRUE;
} else {
if (fsockopen($Domain, 25, $errno, $errstr, 30)) {
return TRUE;
} else {
return FALSE;
}
}
}
function checkAbuser($post,$name,$email,$ip) {
if (mysql_num_rows(mysql_query("select * from abusers where ip='$ip' or email='$email' or name='$name'"))) {
return TRUE;
} else {
$abuses = array('nude','teen','www','url','sex','suck','fuck','xxx','pussy','penis','hotty','sexual','porn','movie');
foreach ($abuses as $abuse) {
if (stristr($post,$abuse)) {
mysql_query("insert into abusers(name,email,ip,dated) values('$name','$email','$ip',now())");
return TRUE;
}
}
return FALSE;
}
}
function ReplaceBadWords($str, $bad_words, $replace_str){
if (!is_array($bad_words)){
$bad_words = explode(',', $bad_words);
}
for ($x=0; $x < count($bad_words); $x++){
$fix = isset($bad_words[$x]) ? $bad_words[$x] : '';
$_replace_str = $replace_str;
if (strlen($replace_str)==1){
$_replace_str = str_pad($_replace_str, strlen($fix), $replace_str);
}
$str = preg_replace('/'.$fix.'/i', $_replace_str, $str);
}
return $str;
}
function htmlSafe($str) {
return trim(htmlspecialchars(stripslashes($str), ENT_QUOTES));
}
function DateAdd($interval) {
$curdate = getdate();
$cday = $curdate['mday']+$interval;
$cmonth = $curdate['mon'];
$cyear = $curdate['year'];
if ($cday > 30) {
$cmonth = $cmonth + 1;
$cday = $cday - 30;
if ($cmonth == 13) {
$cyear = $cyear + 1;
$cmonth = 1;
}
}
if ($cday < 10) $cday .= "0";
if ($cmonth < 10) $cmonth .= "0";
//$ourDate = array($cyear,$cmonth,$cday);
$ourDate = "$cyear-$cmonth-$cday";
return $ourDate;
}
function text2image($str) {
Header ("Content-type: image/png");
putenv('GDFONTPATH=' . realpath('.'));
$font = 'arial.ttf';
$fontSize = 80;//in point;
$onecharwidth = imagefontwidth($font)*($fontSize/8);
$totalwidth = $onecharwidth * strlen($str);
$height = (imagefontheight($font)*($fontSize/8))*2;
$img_handle = imagecreatetruecolor($totalwidth, $height);
$white = imagecolorallocate($img_handle, 255, 255, 255);
imagefill($img_handle, 0, 0, $white);
$black = imagecolorallocate ($img_handle, 0, 0, 0);
$gray = imagecolorallocate ($img_handle, 100, 100, 100);
imagettftext($img_handle, 20, 0, 10, 20, $black, $font, $title1);
$posarr=imagettfbbox(20, 0,$font, $title1);
imagettftext($img_handle, 20, 0, $posarr[2]+$onecharwidth, 20, $gray, $font, $title2);
imagepng ($img_handle);
imagedestroy ($img_handle);
}
?>