Your IP : 216.73.216.40
<?php
function dbConnect() {
$link = mysql_connect("localhost", "root", "mysql");
mysql_select_db("icdp");
return $link;
}
function ajax() {
?>
<script language="javascript">
function GetXmlHttpObject() {
var xmlHttp=null;
try {
// Firefox, Opera 8.0+, Safari
xmlHttp=new XMLHttpRequest();
} catch (e) {
// Internet Explorer
try {
xmlHttp=new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
xmlHttp=new ActiveXObject("Microsoft.XMLHTTP");
}
}
return xmlHttp;
}
function showPage(q) {
if (q.length<3) {
document.getElementById("search_result").innerHTML="";
return;
}
xmlHttp=GetXmlHttpObject()
if (xmlHttp==null) {
alert ("Your browser does not support AJAX!");
return;
}
var url="search.php?q="+q;
//alert(url);
xmlHttp.onreadystatechange=stateChanged;
xmlHttp.open("GET",url,true);
xmlHttp.send(null);
}
function stateChanged() {
if (xmlHttp.readyState==4) {
document.getElementById("search_result").innerHTML=xmlHttp.responseText;
}
}
</script>
<?php
}
function flash() {
?>
<!-- START AD -->
<div class="WRBannerCenter" align="center">
<script language="JavaScript"><!--
function show(object) {
if (document.getElementById) {
document.getElementById(object).style.visibility = 'visible';
} else if (document.layers && document.layers[object]) {
document.layers[object].visibility = 'visible';
} else if (document.all) {
document.all[object].style.visibility = 'visible';
}
}
function hide(object) {
if (document.getElementById) {
document.getElementById(object).style.visibility = 'hidden';
} else if (document.layers && document.layers[object]) {
document.layers[object].visibility = 'hidden';
} else if (document.all) {
document.all[object].style.visibility = 'hidden';
}
}
//--></script>
<div class="flash" id="j_dj" onMouseOver="show('j_dj')" onMouseOut="hide('j_dj')">
<?php
echo parameter('organization') . '<br>';
echo parameter('address') . '<br>';
echo parameter('email') . '<br>';
echo parameter('telephone') . '<br>';
?>
</div>
<!-- END AD -->
<?php
}
function parameter($keyname) {
$tbl = 'parameters';
$rs = mysql_query("select keyvalue from $tbl where keyname='$keyname'");
if ($rs) {
$o = mysql_fetch_object($rs);
return $o->keyvalue;
} else {
return "Ooops! value of setup parameter ($keyname) is missing.";
}
}
function sibling($parentid) {
$tbl = 'webpages';
$rs = mysql_query("select * from $tbl where visibility='enable' and parentid=$parentid");
if ($rs) {
$str = "<div align='right'>See also: ";
while ($o = mysql_fetch_object($rs)) {
$linktext = str_replace(" ", " ", $o->linktext);
$str .= "[ <a href='inner.php?conf=$o->pageid'>$linktext</a> ] ";
}
$str .= "</div>";
}
return $str;
}
function sendmail($email, $subject, $body) {
require("class.phpmailer.php");
$mail = new PHPMailer();
$mail->IsSMTP(); // telling the class to use SMTP
$mail->Host = "mail.iiita.ac.in"; // SMTP server
$mail->FromName = "indem alld";
$mail->From = "indem@iiita.ac.in";
$mail->AddAddress($email,$email);
$mail->AddAddress("indem@iiita.ac.in","indem@iiita.ac.in");
$mail->Username = "indem";
$mail->Password = "#indemica";
$mail->Subject = $subject;
$mail->Body = $body;
$mail->WordWrap = 75;
if (!$mail->Send()) {
return $mail->ErrorInfo;
} else {
return TRUE;
}
}
function accesslog($user, $referer, $url) {
$tbl = 'logs';
if (!$user) $user = 'guest';
if (!$referer) $referer = 'direct';
if ($url == '/') $url = 'index.php';
$ip = $_SERVER["REMOTE_ADDR"];
mysql_query("insert into $tbl(user,referer,url,ip,dated)
values('$user', '$referer', '$url','$ip',now())");
}
function checkadmin($role) {
if ($role != "admin") {
echo "<div align=center>You must be a Site Administrator to access this page</div>";
exit;
}
}
function checklogin($user) {
if (!$user) {
echo "<div align=center>You must be logged in to access this page</div>";
exit;
}
}
function hitcounterx() {
$file = "counter.inc";
if (!file_exists($file)) {
touch ($file);
$count=0;
} else {
include "counter.inc";
$count++;
}
echo $count;
$str = '<? $count='.$count.'; ?>';
$handle = fopen ($file, 'r+');
fwrite ($handle, $str);
fclose($handle);
}
function logview() {
$tbl = 'logs';
$str .= "<tr valign='top'><td>$i</td><td width='80%'><a name='$o->rowid'></a>" .
ucwords($o->subject) . ": $o->message
[ <a href='$PHP_SELF?conf=$conf&rowid=$o->rowid#$o->rowid'>Edit</a> ] ";
if ($o->visibility == 'disable')
$str .= "[ <a href='$PHP_SELF?conf=$conf&visibility=enable&rowid=$o->rowid'>Show</a> ]";
else
$str .= "[ <a href='$PHP_SELF?conf=$conf&visibility=disable&rowid=$o->rowid'>Hide</a> ]";
$str .= "<br>
>> $o->description<br><div align='right'>";
if ($o->weburl) $str .= "Weburl: <a href='$o->weburl'>$o->weburl</a> ";
$str .= "( $o->dateupload - $o->dateexpiry, $o->counter times )</div></td></tr>";
}
function uniq_sid($uid, $pwd) {
$epwd = base64_encode($pwd);
srand((double)microtime()*100000000);
//generate a unique sid
do {
$ch = "";
for($i=0; $i<20; $i++) {
$ch = $ch . chr(rand(65, 90));
}
// loop until a uniq string is generated
} while (!mysql_query("insert into auth values('$ch','$uid','$pwd','".$_SERVER["REMOTE_ADDR"]."',now())"));
return $ch;
}
function authenticate($uid, $pwd) {
$tbl = 'webprofiles';
$rs = mysql_query("select * from $tbl where login='$uid' and passwd=password('$pwd')");
if (mysql_num_rows($rs)) {
$o = mysql_fetch_object($rs);
if ($o->webmaster == 'yes') return 'admin';
else return 'user';
} else {
return 'guest';
}
}
function hilite($body, $text) {
/*Internet stopped working.. So quit halfway */
/* Can we make it work also for & kind of stuffs.. */
/* The & etc is also taken care of now. */
$body = unhtmlentities($body);
$new_text = preg_replace("/\040/","+",$text);
$new_text = explode("+",$new_text);
foreach($new_text as $txt){
$txt = trim($txt);
if(empty($txt)) continue;
$alpha_text = preg_replace("/\W/","-",$text);
$strings = explode("-",$alpha_text);
foreach($strings as $str){
if(!empty($str))
$texts[] = $str;
}
}
//$patterns[$i] = '/'.preg_quote($text[$i], '/').'/i';
$orig_body = $body;
$new_body = "";
foreach($texts as $text){
$text = trim($text);
if(strlen($text)<=2) continue;
if($new_body!=""){
$body=unhtmlentities($new_body);
$new_body="";
}
while ($body!="") {
if (preg_match('{^([^<]*)?(</?[^>]+?>)?(.*)$}s',$body,$matches)) {
/* this while loop is to preserve case of every match. */
$new_str = $matches[1];
while($new_str!=""){
$match_pos = strpos(strtolower($new_str),strtolower($text));
if($match_pos===false){
$new_body.=htmlentities($new_str);
$new_str="";
} else {
if($match_pos!=0)
$new_body.=htmlentities(substr($new_str,0,$match_pos));
$match = substr($new_str,$match_pos,strlen($text));
$replacement = "<span style=\"background: black; color: white;\">$match</span>";
$new_body.= $replacement;
$new_str = substr($new_str,$match_pos+strlen($text));
}
}
$new_body.= $matches[2];
$body = $matches[3];
}
}
}
if($new_body=="") return $orig_body;
else return $orig_body;
}
function banner() {
$dir = $_SERVER['DOCUMENT_ROOT'] . "/wisdom/banners";
$dh = opendir($dir);
$counter = 0;
while (false !== ($filename = readdir($dh))) {
if (strlen($filename) > 2) {
$files[] = $filename;
$counter++;
}
}
$no = rand(0, $counter-1);
if (!$files[$no]) $no = 0;
$str = "<div align='right'>". date("h:i:s A, l, jS \of F Y") . "</div>";
$str .= "<img id='banner' src='banners/" . $files[$no] . "' onMouseOver=\"show('j_dj')\" onMouseOut=\"hide('j_dj')\" />";
$str .= "<div align='right'>[" . parameter('counter') . " times ]</div>";
mysql_query("update parameters set keyvalue=keyvalue+1 where keyname='counter'");
return $str;
}
function gallery() {
$dir = $_SERVER['DOCUMENT_ROOT'] . "/wisdom/images";
$dh = opendir($dir);
$counter = 0;
while (false !== ($filename = readdir($dh))) {
if (strlen($filename) > 2) {
$files[] = $filename;
$counter++;
}
}
$no = rand(0, $counter-1);
if (!$files[$no]) $no = 0;
$str = "<img id='pic' src='images/" . $files[$no] . "' width='400' height='250' class='gallery'
onMouseOver=\"this.src='logo/logo.jpg'\" onMouseOut=\"this.src='images/" . $files[$no] . "'\">";
return $str;
}
function menus($user, $role, $parentid = 0) {
$tbl = 'webpages';
if ($user)
$rs = mysql_query("select * from $tbl where visibility='enable' and parentid=$parentid order by counter desc, linktext");
else
$rs = mysql_query("select * from $tbl where visibility='enable' and pageaccess='public' and parentid=$parentid order by counter desc, linktext");
if ($parentid == 0) {
$str = "<ul id='nav' class='dropdown dropdown-horizontal'>
<li><a href='./'>Home</a></li>";
} else {
if (!mysql_num_rows($rs)) return "";
$str = '<ul>';
}
while ($o = mysql_fetch_object($rs)) {
$dropdownmenu = menus($user, $role, $o->rowid);
if ($dropdownmenu) $str .= "<li><span class='dir'>$o->linktext</span>$dropdownmenu</li>";
else if ($role == 'admin') {
$str .= "<li><a href='inner.php?conf=$o->pageid'>$o->linktext ($o->counter)</a></li>";
} else {
$str .= "<li><a href='inner.php?conf=$o->pageid'>$o->linktext ($o->counter)</a></li>";
}
}
if ($parentid == 0) {
$str .= "<li><span class='dir'>Session</span><ul>";
if ($user)$str .= "<li><a href='inner.php?logout=1'>Sign Out ($user as $role)</a></li>";
else $str .= "<li><a href='inner.php?conf=login'>Sign In</a></li>";
$str .= "</ul></li>";
}
if ($role == 'admin') {
if ($parentid) $str .= "<li class='divider'><a href='inner.php?conf=webpages&parentid=$parentid'>Add new...</a></li>";
else $str .= "<li><a href='inner.php?conf=webpages&parentid=$parentid'>Add new...</a></li>";
}
$str .= "</ul>";
return $str;
}
function announcements() {
$tbl = 'announcements';
$str = "<b>Announcements</b><br>
<marquee scrolldelay='15' scrollamount='1' width='100%' height='300' direction='up'
onmouseover=\"this.setAttribute('scrollamount', 0, 0);\"
onmouseout=\"this.setAttribute('scrollamount', 1, 0);\">";
$rs = mysql_query("SELECT * FROM $tbl where visibility='enable' order by dateupload desc, rowid desc");
while ($o = mysql_fetch_object($rs)) {
$i++;
$str .= "<img src='images/arrow.gif'>
<a href='inner.php?conf=downloads&weburl=" . $o->weburl . "&tbl=announcements'>" .
ucwords($o->subject) . ": $o->message</a><br>
<font size=-1px>$o->description</font>
<div align='right'><font size=-1px>[ dated $o->dateupload, $o->counter times ]</font></div>";
if ($o->dateexpired > date('Y-m-d')) mysql_query("update $tbl set visibility='disable' where rowid=$rowid");
}
$str .= "<hr>[ <a href='http://www.adobe.com/products/acrobat/readstep2.html'>Download Acrobat</a> ]
[ <a href='?conf=xannouncements'>Xpired...</a> ]
</marquee>";
return $str;
}
function updations() {
$tbl = 'webpages';
$str = "<b>Recent Updations</b><br>";
$i = 0;
$rs = mysql_query("SELECT * FROM $tbl order by dateupdation desc limit 1,5");
while ($o = mysql_fetch_object($rs)) {
$i++;
$str .= "<img src='images/arrow.gif'><a href='inner.php?conf=$o->pageid'>$o->pagetitle</a>
<dir class='description'>" . strip_tags(substr($o->pagecontent,0,100)) . "...</dir>
<div class='datetime'>[ dated $o->dateupdation, $o->counter times ]</div>";
}
//generate_file("updations.inc", $str);
return $str;
}
function photo_gallery() {
$fp = fopen ("gallery.inc", "r");
if (!$fp) {
$images = array("logo.jpg");
} else {
$i = 0;
$images = array();
while (!feof ($fp)) {
$line = fgets ($fp, 1024);
//$images = explode(",", $line);
if ($line != "\n") $images[$i] = str_replace("\n", "", $line);
$i++;
}
}
fclose($fp);
$i--;
srand((double)microtime()*1000000);
$no = rand(0, $i);
$fname = $images[$no];
echo "<img src='images/$fname' width='420' height='240'></img>";
}
function upload_file() {
$maxsize =9998860800;
$uploadfile = strtolower(basename($_FILES['userfile']['name']));
$addto_gallery = $_POST['addto_gallery'];
$filesize = $_FILES["userfile"]["size"];
if ($uploadfile && $filesize < $maxsize) {
$filename = explode(".", strtolower($uploadfile));
$ext = $filename[count($filename)-1];
if ($ext == 'jpg' || $ext == 'gif' || $ext == 'tif' || $ext == 'png') {
$dir = 'images/';
if ($addto_gallery == 'yes') addto_gallery($uploadfile);
} else $dir = 'documents/';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $dir.$uploadfile)) {
shell_exec("chmod 755 $dir.$uploadfile");
echo "$uploadfile was successfully uploaded.<br><br>";
} else {
echo "Sorry! there may be some error.<br><br>";
}
} else {
echo "Either file name is missing or file size exceeds the max. limit of 10 MB<br><br>";
}
}
function formatfeed() {
$rs = mysql_query("SELECT * FROM formats where status='current' order by dated desc");
$str = "Please click on the filename to download desired form format.<ul>";
while ($o = mysql_fetch_object($rs)) {
$i++;
$str .= "<li><b>$o->description</b>
<dir style='margin:0 0 0 0'>
<a href='downloads.php?filename=$o->filename&tbl=formats' target='new'>$o->filename</a><br>";
$str .= "<div align='right' style='margin:0 0 0 0'>
<i>Dated $o->dated Downloads $o->counter</i></div>
</dir></li>";
}
$str .= "</ul> <? formatfeed(); ?>
<div align='right'>
<a href='http://www.adobe.com/products/acrobat/readstep2.html'>Download Acrobat</a>
</div>";
//generate_file("formats.inc", $str);
}
function newsfeed(){
$str = '<? xml version=\"1.0\" ?> <rss version=\"2.0\"><channel>';
$rs = mysql_query("SELECT * FROM news where status='current' order by dated desc, rowid desc");
while ($o = mysql_fetch_object($rs)) {
$str .= "<item>
<title>$o->subject</title>
<link>$o->url</link>
<description>$o->description</description>
<pubDate>$o->dated</pubDate>
<category>Achievement</category>
</item>";
}
$str .= "</channel></rss>";
//generate_file("rss.xml", $str);
}
function generate_file($file, $str) {
if (!file_exists($file)) {
touch ($file);
}
if (!$handle = fopen ($file, 'w+')) {
echo "$file file permission error";
} else if (is_writable($file)) {
if (fwrite ($handle, $str) === FALSE) {
echo "Can't write to $file";
}
}
fclose($handle);
$out = shell_exec("chmod 757 $file");
}
function getFileExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
function create_img($image_in,$image_out,$text,$color,$font,$font_size,$angle,$offset_x,$offset_y,$shadow_color) {
if (!$text) $text = 'mmishra@iiita.ac.in';
if (!$offset_x) $offset_x = 0; // Horizontal offset in pixels, from the right
if (!$offset_y) $offset_y = 0; // Vertical offset in pixels, from the bottom
if ($shadow_color) $drop_shadow = true;
else $shadow_color = '#909009';
#################################################################################
# END OF SETTINGS
#################################################################################
// Load functions for image watermarking
include("watermark_text.class.php");
// create class instance
$img = new Zubrag_watermark($image_in);
// shadow params
$img->setShadow($drop_shadow, $shadow_color);
// font params
$img->setFont($font, $font_size);
// Apply watermark
$img->ApplyWatermark($text, $color, $angle, $offset_x, $offset_y);
// Save on server
$img->SaveAsFile($image_out);
// release resources
$img->Free();
return;
}
function checkemail($email) {
if (eregi("^[a-zA-Z0-9_]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$]", $email)) {
return FALSE;
}
list($Username, $Domain) = split("@",$email);
if (getmxrr($Domain, $MXHost)) {
return TRUE;
} else {
if (fsockopen($Domain, 25, $errno, $errstr, 30)) {
return TRUE;
} else {
return FALSE;
}
}
}
function checkabuser($post,$name,$email,$ip) {
if (mysql_num_rows(mysql_query("select * from abusers where ip='$ip' or email='$email' or name='$name'"))) {
return TRUE;
} else {
$abuses = array('nude','teen','www','url','sex','suck','fuck','xxx','pussy','penis','hotty','sexual','porn','movie');
foreach ($abuses as $abuse) {
if (stristr($post,$abuse)) {
mysql_query("insert into abusers(name,email,ip,dated) values('$name','$email','$ip',now())");
return TRUE;
}
}
return FALSE;
}
}
function ReplaceBadWords($str, $bad_words, $replace_str){
if (!is_array($bad_words)){
$bad_words = explode(',', $bad_words);
}
for ($x=0; $x < count($bad_words); $x++){
$fix = isset($bad_words[$x]) ? $bad_words[$x] : '';
$_replace_str = $replace_str;
if (strlen($replace_str)==1){
$_replace_str = str_pad($_replace_str, strlen($fix), $replace_str);
}
$str = preg_replace('/'.$fix.'/i', $_replace_str, $str);
}
return $str;
}
function htmlsafe($str) {
return trim(htmlspecialchars(stripslashes($str), ENT_QUOTES));
}
function unhtmlentities ($string){
$trans_tbl = get_html_translation_table (HTML_ENTITIES);
$trans_tbl = array_flip ($trans_tbl);
return strtr ($string, $trans_tbl);
}
function announcementfeed($role, $conf) {
checkadmin($role);
$tbl = "announcements";
$subjects = array('advertisement','enquiry','event','information','notice','tender');
$rowid = $_REQUEST["rowid"];
$subject = htmlsafe($_POST["subject"]);
$message = htmlsafe($_POST["message"]);
$description = htmlsafe($_POST["description"]);
$weburl = htmlsafe($_POST["weburl"]);
if (basename($_FILES['userfile']['name'])) {
//$weburl = strtolower('documents/'.basename($_FILES['userfile']['name']));
$weburl = strtolower(basename($_FILES['userfile']['name']));
upload_file();
}
$dateexpiry = $_POST["dateexpiry"];
if (!$dateexpiry) $dateexpiry = date("Y-m-d") + 7;
$visibility = $_REQUEST["visibility"];
$submit = $_POST["submit"];
if ($submit == 'SAVE') {
if (mysql_num_rows(mysql_query("select * from $tbl where rowid=$rowid"))) {
mysql_query("update $tbl set subject='$subject',message='$message',description='$description',
$weburl='$weburl',dateexpiry='$dateexpiry' where rowid=$rowid");
} else {
mysql_query("insert into $tbl(subject,message,description,weburl,dateupload,dateexpiry,visibility,counter)
values('$subject','$message','$description','$weburl',now(),'$dateexpiry','enable',1)");
}
} else if ($submit == "DELETE") {
mysql_query("delete from $tbl where rowid=$rowid");
} else if ($visibility == "enable") {
mysql_query("update $tbl set visibility='disable' where rowid=$rowid");
} else if ($visibility == "disable") {
mysql_query("update $tbl set visibility='enable' where rowid=$rowid");
}
$str = "<div align='right'>Upload file linked to this announcement
<input type='file' name='userfile'></div>
<table class=normal width='90%'>";
if (!$rowid) {
$str .= "<tr><td nowrap>Subject</td>
<td><select name='subject'>
";
foreach ($subjects as $sub) {
$str .= "<option value='$sub'";
if ($subject == $sub) $str .= ' selected';
$str .= ">$sub</option>";
}
$str .= "</select></td></tr>
<tr><td nowrap>Message</td>
<td><input type='text' name='message' value='' size='50'></td></tr>
<tr valign='top'><td>Description</td>
<td><textarea name='description' rows='2' cols='50'></textarea></td></tr>
<tr><td nowrap>Web URL</td>
<td><input type='text' name='weburl' value='' size='50'>
(if file is to be uploaded, leave it blank)</td></tr>
<tr><td nowrap>Expiry Date</td>
<td><input type='text' name='dateexpiry' value='$dateexpiry' size='15'></td></tr>
<tr><td></td>
<td><input type='submit' name='submit' value='SAVE' style='width:80px'></td></tr>";
} else {
$str .= "<tr><td>[ <a href='$PHP_SELF?conf=$conf&rowid='>New announcement</a> ]</td></tr>";
}
$str .= "</table>
<table class='normal' width='98%'>
<tr><th>No.</th><th width='95%'>Announcement</th></tr>";
$rs = mysql_query("select * from $tbl order by visibility desc, dateupload desc,rowid desc");
while ($o = mysql_fetch_object($rs)) {
$i++;
if ($rowid == $o->rowid) {
$str .= "<tr><td>$i</td><td>
<input type='hidden' name='rowid' value='$o->rowid'>
<table width='90%'>
<tr><td nowrap>Subject</td>
<td><select name='subject'>
";
foreach ($subjects as $sub) {
$str .= "<option value='$sub'";
if ($subject == $sub) $str .= ' selected';
$str .= ">$sub</option>";
}
$str .= "</select></td></tr>
<tr><td nowrap>Message</td>
<td><input type='text' name='message' value='$o->message' size='50'></td></tr>
<tr valign='top'><td nowrap>Description</td>
<td><textarea name='description' rows='2' cols='50'>$o->description</textarea></td></tr>
<tr><td nowrap>Web URL</td>
<td><input type='text' name='weburl' value='$o->weburl' size='50'></td></tr>
<tr><td nowrap>Expiry Date</td>
<td nowrap><input type='text' name='dateexpiry' value='$o->dateexpiry' size='15'></td></tr>
<tr><td></td>
<td><input type='submit' name='submit' value='SAVE' style='width:80px'>
<input type='submit' name='submit' value='DELETE' style='width:80px'></td></tr>
</table></td></tr>";
} else {
$str .= "<tr valign='top'><td>$i</td><td width='80%'><a name='$o->rowid'></a>" .
ucwords($o->subject) . ": $o->message
[ <a href='$PHP_SELF?conf=$conf&rowid=$o->rowid#$o->rowid'>Edit</a> ] ";
if ($o->visibility == 'disable')
$str .= "[ <a href='$PHP_SELF?conf=$conf&visibility=enable&rowid=$o->rowid'>Show</a> ]";
else
$str .= "[ <a href='$PHP_SELF?conf=$conf&visibility=disable&rowid=$o->rowid'>Hide</a> ]";
$str .= "<br>
>> $o->description<br><div align='right'>";
if ($o->weburl) $str .= "Weburl: <a href='$o->weburl'>$o->weburl</a> ";
$str .= "( $o->dateupload - $o->dateexpiry, $o->counter times )</div></td></tr>";
}
}
$str .= "</table>";
echo $str;
}
?>