Your IP : 216.73.216.40
<?php
//include library functions
require("functions.php");
//connect mysql database
dbConnect();
//check for request parameters
//$HTTP_SERVER_VARS['chk_home']=1;
$conf = $_REQUEST["conf"];
$target = $_REQUEST["target"];
//initialize session variables and session
$user = ""; $role = ""; $use_cookie = 0;
session_start();
//check for sing out signal
if (isset($_REQUEST['logout'])) {
//clear session information
$tbl = 'webaccounts';
mysql_query("update $tbl set sessionid='',sessionip='',datesession='' where loginid='$user'");
//abondon session
session_unset();
session_destroy();
//reset session variables
$HTTP_SESSION_VARS['user'] = ""; $HTTP_SESSION_VARS['role'] = "";
$user = ""; $role = "";
if ($mode == "forget") setcookie("auto_login", "", time()-3600);
//redirect to home page
header("Location: index.php");
}
//check session and session variables
if (isset($HTTP_SESSION_VARS['user'])) {
$user = $HTTP_SESSION_VARS['user'];
$role = $HTTP_SESSION_VARS['role'];
//check for auto login by cookie
} else if (isset($HTTP_SESSION_VARS['auto_login'])) {
$cred = explode(" ", $HTTP_SESSION_VARS['auto_login']);
$txtID = $cred[0];
$txtPWD = base64_decode($cred[1]);
$use_cookie = 1;
}
//authenticate sign in
if ($use_cookie == 1 || isset($_POST['login'])) {
$user = $_POST["txtID"];
$txtPWD = $_POST["txtPWD"];
$chkRem = $_POST["chkRem"];
$role = authenticate($user, $txtPWD);
if ($role == 'admin' || $role == 'user') {
session_register("user", "role");
if ($use_cookie == 0) {
if ($chkRem) setcookie("auto_login", $user . " " . base64_encode($txtPWD), time()+31536000);
else setcookie("auto_login", "", time()-3600);
}
if (!$target) $target = 'fileuploads';
header("Location: inner.php?conf=$target");
//either guest or login failed
} else {
if ($use_cookie == 0) {
header("Location: inner.php?conf=login&target=$target");
} else {// dont give an error to the user for login attempt from a cookie, just delete the cookie.
setcookie("auto_login", "", time()-3600);
}
}
}
$tbl = 'webpages';
//increase counter for this conf
mysql_query("update $tbl set counter=counter+1 where pageid='$conf'");
//query database for webpage based on conf parameter
$rs = mysql_query("select * from $tbl where pageid='$conf'");
//it returns at most one page
if ($rs) {
$o = mysql_fetch_object($rs);
// if this is a restricted page, verify login
if ($o) {
if ($o->pageaccess == "admin" && !$user) header("Location: inner.php?conf=login&target=$conf");
//otherwise retrieve the page attributes
$parentid = $o->parentid;
$pagetitle = strtoupper($o->pagetitle);
$pagecontent = trim($o->pagecontent);
$keyword = $o->keyword;
$keywords = explode(",", $o->keyword);
$counter = $o->counter;
$familytree = familyTree($o->rowid);
$sibling = sibling($parentid);
if ($o->pagetype == 'html') $static = 1; //webpage
else if ($o->pagetype == 'url') header("Location: $pagecontent");
else if ($o->pagetype == 'file') header("Location: documents/$pagecontent");
else $static = 0; //php script
} else {
$static = 1;
$pagetitle = "<br><b>Oops !</b><br>";
$pagecontent = "<dir>The page you are looking for is under construction, Please visit after a short while. Thanks.</dir>";
}
} else {
$static = 1;
$pagetitle = "<br><b>Oops !</b><br>";
$pagecontent = "<dir>The page you are looking for is under construction, Please visit after a short while. Thanks.</dir>";
}
?>
<!--start html code for dynamic webpage-->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html onmousemove="window.status='iiita'" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title><?php echo parameter('organization'); ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="author" content="<?php echo parameter('webmaster'); ?>" />
<meta name="keywords" content="<?php echo parameter('keywords'); ?>" />
<meta name="description" content="<?php echo parameter('description'); ?>" />
<!--link stylesheets-->
<link href="css/dropdown/dropdown.css" media="screen" rel="stylesheet" type="text/css" />
<link href="css/dropdown/themes/flickr.com/default.ultimate.css" media="screen" rel="stylesheet" type="text/css" />
<link href="css/style.css" media="screen" rel="stylesheet" type="text/css" />
<!--include java scripts-->
<!--[if lt IE 7]>
<script type="text/javascript" src="js/jquery.js"></script>
<script type="text/javascript" src="js/jquery.dropdown.js"></script>
<![endif]-->
<?php
echo ajax();
echo flash();
?>
</head>
<body onload="document.f.q.focus();">
<form name="f" action="inner.php?conf=<?php echo $conf; ?>" method="post" enctype="multipart/form-data">
<div class='search'>Search content for
<input type='text' id='q' name='q' size='20' onkeyup="showPage(this.value)">
</div>
<!--show banner and menu-->
<div class='banner'> <?php echo banner(); ?> </div>
<div class='menus'> <?php echo menus($user, $role, 0); ?> </div>
<div class='content'>
<span id="search_result" class="result"></span>
<?php
if ($conf && $pagetitle) {
//log this access to database
accesslog($user, $_SERVER['HTTP_REFERER'], $_SERVER['REQUEST_URI']);
echo "<table width='100%'>
<tr><td>$familytree</td><td align='right'>$sibling</td></tr>
</table><br>
<b>$pagetitle</b> [ $counter times ] ";
if ($role == 'admin') echo "<a href='inner.php?conf=webpages&pageid=$conf'>Edit Content</a>";
echo "<br><br>";
if ($static == 1) {
if (!$pagecontent)
echo "<br><b>Oops !</b><br>
<dir>This link may be a group link for more than one pages.</dir>";
else
echo $pagecontent;
} else if ($static == 0) {
if (file_exists("$pagecontent")) include("$pagecontent");
//call_user_func($pagecontent, $keywords),;
} else {
echo "<br><b>Oops !</b><br>
<dir>The page you are looking for is under construction, Please visit after a short while. Thanks.</dir>";
}
} else {
echo "<br><b>Oops !</b><br>
<dir>The page you are looking for is under construction, Please visit after a short while. Thanks.</dir>";
}
echo "<br><br><div class='footer'>" . parameter('footer') . "</div>";
?>
</div>
</form>
</body>
</html>