Your IP : 216.73.216.40
<?php
require("functions.inc.php");
function dbConnect() {
$link = mysql_connect("localhost", "root", "imac");
if (!$link) die('Could not connect: ' . mysql_error());
mysql_select_db("icdp");
return $link;
}
$dbcon = dbConnect();
/*
parse url for incoming http request
*/
$conf = $_REQUEST["conf"];
/*session handle
initialize session variables and session
$user = "";
*/
session_start();
/*
store the value of webid either from uri or session
*/
if (!$HTTP_SESSION_VARS['webid']) {
//$webid = substr($_SERVER["SERVER_NAME"], 0, strpos($_SERVER["SERVER_NAME"], '.'));
$webid = $_SERVER["SERVER_NAME"];
} else {
$webid = $HTTP_SESSION_VARS['webid'];
}
/*
lookup for website information
*/
$tbl = 'websites';
$rs = mysql_query("select * from $tbl where webid='$webid'");
if (mysql_num_rows($rs)) {
$o = mysql_fetch_object($rs);
$title = $o->title;
$author = $o->author;
$description = $o->description;
$keywords = $o->keywords;
$contact = $o->contact;
$footer = $o->footer;
$status = $o->status;
$counter = $o->counter;
$datecreation = $o->datecreation;
$bgcolor = $o->bgcolor;
if ($status == 'online') {
$_SESSION["webid"] = $webid;
mysql_query("update $tbl set counter=counter+1 where webid='$webid'");
if (!file_exists($webid)) {
shell_exec("mkdir $webid $webid/images $webid/documents $webid/gallery");
shell_exec("chmod -R 757 $webid");
mysql_query("insert into webusers(webid,userid,passwd)
values('$webid','admin',password('icdp'))");
}
} else {
echo "<div id='error'>
The website [$webid] you are looking for is currently offline. Thanks.
</div>";
exit;
}
} else {
echo "<div id='error'>
The website [$webid] you are looking for does not exist on this server. Thanks.
</div>";
exit;
}
function innerconf($content) {
$tbl = 'webpages';
$rs = mysql_query("select * from $tbl where lcase(pagecontent) like '".strtolower($content)."%'");
if (mysql_num_rows($rs)) {
$q = mysql_fetch_object($rs);
return $q->rowid;
} else
return 0;
}
function banner($webid) {
$tbl = 'websites';
$rs = mysql_query("select * from $tbl where webid='$webid'");
if ($rs) {
$o = mysql_fetch_object($rs);
if ($o) {
$title = $o->title;
$contact = $o->contact;
$description = $o->description;
}
}
if ($title) {
//$str = "<table width='80%' background='$webid/images/bg1.jpg'
//onmouseover=\"document.getElementById('t2').style.visibility = 'hidden';\"
//onmouseout=\"document.getElementById('t2').style.visibility = 'visible';\">
$str = "<table width='80%' class='banner'>
<tr>
<td align='left' width='10%'>
<img src='$webid/images/idol.jpg' height='90' width='90'>
</td>
<th width='80%'>
<h2>$title</h2>
<span class='contact'>$contact $description</span>
</th>
<td width='10%' align='right'>
<img src='$webid/images/logo.jpg' height='90' width='90'>
</td>
</tr></table>";
}
return $str;
}
function footer($webid, $user='guest') {
$str = "|
<a href='#' onclick=\"showPage('telephones','online','$webid')\">Telephones</a> |
<a href='#' onclick=\"showPage('profiles','online','$webid')\">Profiles</a> |
<a href='#' onclick=\"showPage('tender','online','$webid')\">Tenders</a> |
<a href='#' onclick=\"showPage('format','online','$webid')\">Downloads</a> |
";
$id1 = innerconf('feedback');
$id2 = innerconf('gallery');
$str .= "<a href='inner.php?conf=$id1'>Query/Feedback</a> |
<a href='inner.php?conf=$id2'>Gallery</a> |
<!--add more links here -->
<a href='#' onclick=\"showPage('sitemap','online','$webid')\">Sitemap</a> |
<a href='#' onclick=\"showPage('statics','online','$webid')\">Statics</a> |
";
if ($user)
$str .= "<a href='index.php?logout=1'>Logout</a> ($user) |";
else
$str .= "<a href='#' onclick=\"showPage('login','online','$webid')\">Login</a> |";
$str .= "<p><br>";
$tbl = 'websites';
$rs1 = mysql_query("select * from $tbl where webid='$webid'");
if (mysql_num_rows($rs1)) {
$o = mysql_fetch_object($rs1);
$str .= "$o->footer <div class='datetime'>[$o->counter hits since $o->datecreation]</div>";
}
//$str .= "Developed by: <a href='http://profile.iiita.ac.in/mmishra'>Mithilesh Kr. Mishra</a> & Team, <a href='http://www.iiita.ac.in'>IIIT Allahabad</a>";
$str .= "Developed by: <a href='http://profile.iiita.ac.in/mmishra'>Mithilesh Kr. Mishra</a>";
return $str;
}
function telephones($webid, $id) {
$tbl = 'telephones';
$str ="<span class='heading'>Telephones</span>
<ol>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' order by rowid");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='#' onclick=\"showPage('telephones','$o->rowid','$webid')\">$o->fullname</a> ($o->designation) -- Phones: $o->phoneoffice (O), $o->phonehome (R), $o->mobileno (M)</li>";
}
$str .= "</ol>";
return $str;
}
function profiles($webid, $user) {
$tbl = 'webusers';
$str ="<span class='heading'>Profiles</span>
<ol>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' order by rowid");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='#' onclick=\"showPage('profiles','$o->userid','$webid')\">$o->fullname</a> (email: $o->email, dated $o->datecreation)";
if ($user == $o->userid) $str .= "<dir>".htmlunsafe($o->profile)."</dir>";
$str .= "</li>";
}
$str .= "</ol>";
return $str;
}
function profiles1($webid) {
$tbl = 'webpages';
$str ="<span class='heading'>Profiles</span>
<ol>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and parentid=99997 order by rowid");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='inner.php?conf=$o->rowid'>$o->hypertext</a> (dated $o->datecreation)</li>";
}
$str .= "</ol>";
return $str;
}
function statics($webid) {
$tbl = 'webpages';
$str ="<table width='100%'><tr valign='top'>
<td align='left' width='50%'><u>Recent Access</u><ul>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and hypertext>'' and status='online' order by dateaccess desc limit 0,5");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='inner.php?conf=$o->rowid'>".strtolower($o->hypertext)."</a> [ dated $o->dateaccess ]</li>";
}
$str .= "</ul></td><td align='left' width='50%'><u>Recent Updations</u><ul>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and hypertext>'' and status='online' order by dateupdation desc limit 0,5");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='inner.php?conf=$o->rowid'>".strtolower($o->hypertext)."</a> [ dated $o->dateupdation ]</li>";
}
$str .= "</ul></td></tr>
<tr valign='top'><td align='left' width='50%'><u>Hot Links</u><ul>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and hypertext>'' and status='online' order by hits desc limit 0,9");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='inner.php?conf=$o->rowid'>".strtolower($o->hypertext)."</a> ($o->hits hits)</li>";
}
$str .= "</ul></td><td align='left'><u>Cold Links</u><ul>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and hits>2 and status='online' order by hits limit 0,9");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='inner.php?conf=$o->rowid'>".strtolower($o->hypertext)."</a> ($o->hits hits)</li>";
}
$str .= "</ul></td></tr>
<tr valign='top'><td align='left'><u>Latest Visitors</u><ul>";
$tbl = 'accesslogs'; //online users during last 5 minutes
$rs1 = mysql_query("select distinct remoteip,userid,referer from $tbl where webid='$webid' order by rowid desc limit 0,9");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li>$o->remoteip/$o->userid/".substr($o->referer,0,50)."</li>";
}
$id = innerconf('accesslog');
$str .= "<li><a href='inner.php?conf=$id'>Accesslog</a></li></ul></td><td><u>Latest Abusers</u><ul>";
$tbl = 'abusers'; //recent abusers
$rs1 = mysql_query("select remoteip,email from $tbl where webid='$webid' order by rowid desc limit 0,9");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li>$o->remoteip/$o->email</li>";
}
$str .= "</ul></td></tr></table>";
return $str;
}
function login($webid) {
$str = "
Please login here using your login ID and password.<br>
<table class='login' align='center'>
<tr>
<td>Login ID:</td>
<td><input type='text' name='txtID' size='20' value=''></td>
</tr><tr>
<td>Password:</td>
<td><input type='password' name='txtPWD' size='20' value=''></td>
</tr><tr>
<td><img src='images/login.jpg' width='70' height='50'></td>
<td><input type='submit' name='submit' value='LOGIN' style='width: 80px'></td>
</tr>
</table>
<input type='hidden' name='login'><br>
<script type='text/javascript'>
document.form.txtID.focus();
</script>";
return $str;
}
function accessLog($webid, $user, $referer, $url) {
$tbl = 'accesslogs';
if (!$user) $user = 'guest';
if (!$referer) $referer = 'direct';
if ($url == '/') $url = 'index.php';
$ip = $_SERVER["REMOTE_ADDR"];
mysql_query("insert into $tbl(webid,userid,referer,weburl,remoteip,dateaccess)
values('$webid','$user', '$referer', '$url','$ip',now())");
}
function checkAdmin($user) {
$tbl = 'webusers';
$rs = mysql_query("select * from $tbl where userid='$user'");
if (mysql_num_rows($rs)) {
$o = mysql_fetch_object($rs);
$role = $o->role;
} else
$role = 'public';
if ($role != "admin") {
echo "<div id='error'>You must be a Webmaster to access this page</div>";
exit;
}
}
function checkLogin($user) {
if (!$user) {
echo "<div id='error'>You must be logged in to access this page</div>";
exit;
}
}
function checkEmail($email) {
if (eregi("^[a-zA-Z0-9_]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$]", $email)) {
return FALSE;
}
list($Username, $Domain) = split("@",$email);
if (getmxrr($Domain, $MXHost)) {
return TRUE;
} else {
if (fsockopen($Domain, 25, $errno, $errstr, 30)) {
return TRUE;
} else {
return FALSE;
}
}
}
function checkAbuser($webid, $message, $name, $email, $remoteip) {
$tbl = 'abusers';
if (mysql_num_rows(mysql_query("select * from $tbl where remoteip='$remoteip' or email='$email'"))) {
return TRUE;
} else {
$abuses = array('nude','teen','www','url','sex','suck','fuck','xxx','pussy','penis','hotty','sexual','porn','movie');
foreach ($abuses as $abuse) {
if (stristr($message, $abuse)) {
mysql_query("insert into $tbl(webid,name,email,content,remoteip,datecreation)
values('$webid','$name','$email','$message','$remoteip',now())");
return TRUE;
}
}
return FALSE;
}
}
function authenticate($webid, $user, $pwd) {
$tbl = 'webusers';
//$rs = mysql_query("select * from $tbl where webid='$webid' and userid='$user' and passwd=password('$pwd')");
$rs = mysql_query("select * from $tbl where webid='$webid' and userid='$user' and status='online' and passwd=password('$pwd')");
if (mysql_num_rows($rs)) {
$o = mysql_fetch_object($rs);
$role = $o->role;
$epwd = base64_encode($pwd);
srand((double)microtime()*100000000);
//generate a unique sid
$ch = $user;
for($i=0; $i<20; $i++) {
$ch .= chr(rand(65, 90));
}
} else $role = 'guest';
return $role;
}
function absolutePath($webid, $object) {
$wroot = substr($_SERVER['SCRIPT_FILENAME'], 0, strrpos($_SERVER['SCRIPT_FILENAME'], "/"));
switch ($object) {
case "images":
return $wroot."/$webid/images";
break;
case "gallery":
return $wroot."/$webid/gallery";
break;
case "documents":
return $wroot."/$webid/documents";
break;
default:
return "$webid/".$_SERVER["DOCUMENT_ROOT"];
}
}
function relativePath($webid, $object) {
$wroot = substr($_SERVER['SCRIPT_FILENAME'], 0, strrpos($_SERVER['SCRIPT_FILENAME'], "/"));
switch ($object) {
case "images":
return "/$webid/images";
break;
case "gallery":
return "/$webid/gallery";
break;
case "documents":
return "/$webid/documents";
break;
default:
return $_SERVER["DOCUMENT_ROOT"];
}
}
function flash($webid, $title) {
return "<div class='flash' id='flash' onMouseOver=\"show('flash')\" onMouseOut=\"hide('flash')\">
<img src='$webid/images/logo.jpg' height='100' width='100'></img>$title
</div>";
}
function familytree($webid, $rowid) {
switch ($rowid) {
case 0:
$str = "<a href='/'>Home</a>";
break;
case 99995:
$str = "<a href='/'>Home</a> > Format";
break;
case 99996:
$str = "<a href='/'>Home</a> > Tender";
break;
case 99997:
$str = "<a href='/'>Home</a> > Profile";
break;
case 99998:
$str = "<a href='/'>Home</a> > Advertisement";
break;
case 99999:
$str = "<a href='/'>Home</a> > Announcement";
break;
default:
$tbl = 'webpages';
if ($webid) $rs = mysql_query("select * from $tbl where webid='$webid' and status='online' and rowid=$rowid");
else $rs = mysql_query("select * from $tbl where status='online' and rowid=$rowid");
if ($rs) {
$o = mysql_fetch_object($rs);
if ($o->pagecontent)
$str = familytree($webid, $o->parentid) . " > <a href='inner.php?conf=$o->rowid'>$o->hypertext</a>";
else
$str = familytree($webid, $o->parentid) . " > $o->hypertext";
} else
$str = '';
break;
}
return $str;
}
function sibling($webid, $parentid, $rowid) {
$tbl = 'webpages';
$str = "<div class='datetime'>See also: ";
$rs = mysql_query("select * from $tbl where webid='$webid' and status='online' and parentid=$parentid and rowid<>$rowid");
if (mysql_num_rows($rs)) {
while ($o = mysql_fetch_object($rs)) {
$hypertext = str_replace(" ", " ", $o->hypertext);
if ($o->pagecontent && $o->pageaccess != 'admin') {
$str .= "<a href='inner.php?conf=$o->rowid'>$hypertext</a>, ";
} else {
if ($user) $str .= "<a href='admin.php?conf=$o->rowid'>$hypertext</a>, ";
}
}
} else
$str .= 'Nothing';
$str = rtrim($str, ", ") . "</div>";
return $str;
}
function sendmail($email, $subject, $body) {
require("classes/class.phpmailer.php");
$mail = new PHPMailer();
$mail->IsSMTP(); // telling the class to use SMTP
$mail->Host = "mail.iiita.ac.in"; // SMTP server
$mail->FromName = "Webmailer";
$mail->From = "indem@iiita.ac.in";
$mail->AddAddress($email,$email);
$mail->AddAddress("indem@iiita.ac.in","indem@iiita.ac.in");
$mail->Username = "indem";
$mail->Password = "@medni2020";
$mail->Subject = $subject;
$mail->Body = $body;
$mail->WordWrap = 75;
if (!$mail->Send()) {
return $mail->ErrorInfo;
} else {
return TRUE;
}
}
function gallery($webid) {
$agPath = absolutePath($webid,'gallery');
$rgPath = relativePath($webid,'gallery');
$riPath = relativePath($webid,'images');
$dh = opendir($agPath);
$i = 0;
while (false !== ($filename = readdir($dh))) {
if (strlen($filename) > 2) {
$files[] = $filename;
$i++;
}
}
$no = rand(0, $i-1);
if (!$files[$no]) $no = 0;
$color = rand(0,255).','.rand(0,255).','.rand(0,255);
$str = "<img id='pic' src='$rgPath/".$files[$no]."' height='420' width='100%' title='Logo in Photo Gallery'>";
return $rgPath.'/'.$files[$no];
}
/*
function gallery($webid) {
$agPath = absolutePath($webid,'gallery');
$rgPath = relativePath($webid,'gallery');
$riPath = relativePath($webid,'images');
$dh = opendir($agPath);
$i = 0;
while (false !== ($filename = readdir($dh))) {
if (strlen($filename) > 2) {
$files[] = $filename;
$i++;
}
}
$no = rand(0, $i-1);
if (!$files[$no]) $no = 0;
$color = rand(0,255).','.rand(0,255).','.rand(0,255);
$str = "<img id='pic' src='$rgPath/".$files[$no]."' height='420' width='100%' title='Logo in Photo Gallery'>";
return $str;
}
*/
function upload($webid) {
$maxsize = 9998860800;
$uploadfile = strtolower(basename($_FILES['userfile']['name']));
$filesize = $_FILES["userfile"]["size"];
$gallery = $_POST['gallery'];
if ($uploadfile && $filesize < $maxsize) {
$filename = explode(".", strtolower($uploadfile));
$ext = $filename[count($filename)-1];
if ($ext == 'jpg' || $ext == 'gif' || $ext == 'tif' || $ext == 'png') {
if ($gallery) $uPath = absolutePath($webid,'gallery');
else $uPath = absolutePath($webid,'images');
} else $uPath = absolutePath($webid,'documents');
if (move_uploaded_file($_FILES['userfile']['tmp_name'], "$uPath/$uploadfile")) {
shell_exec("chmod -R 755 $uPath");
if ($gallery) shell_exec("mogrify -resize 400 $uPath/$uploadfilechmod");
$str = "Thanks! $uploadfile file has successfully been uploaded";
} else {
$str = "Oops! $uploadfile file could not be uploaded due to system error";
}
} else {
$str = "Oops! either file name is missing or file size exceeds the max. limit of 10 MB";
}
echo "<div class='error'>$st.</div>";
}
function text2image($str) {
Header ("Content-type: image/png");
putenv('GDFONTPATH=' . realpath('.'));
$font = 'arial.ttf';
$fontSize = 80;//in point;
$onecharwidth = imagefontwidth($font)*($fontSize/8);
$totalwidth = $onecharwidth * strlen($str);
$height = (imagefontheight($font)*($fontSize/8))*2;
$img_handle = imagecreatetruecolor($totalwidth, $height);
$white = imagecolorallocate($img_handle, 255, 255, 255);
imagefill($img_handle, 0, 0, $white);
$black = imagecolorallocate ($img_handle, 0, 0, 0);
$gray = imagecolorallocate ($img_handle, 100, 100, 100);
imagettftext($img_handle, 20, 0, 10, 20, $black, $font, $title1);
$posarr=imagettfbbox(20, 0,$font, $title1);
imagettftext($img_handle, 20, 0, $posarr[2]+$onecharwidth, 20, $gray, $font, $title2);
imagepng ($img_handle);
imagedestroy ($img_handle);
}
function ReplaceBadWords($str, $bad, $good){
if (!is_array($bad)){
$bad = explode(',', $bad);
}
for ($i=0; $i < count($bad); $i++){
$fix = isset($bad[$i]) ? $bad[$i] : '';
$_good = $good;
if (strlen($good)==1){
$_good = str_pad($_good, strlen($fix), $good);
}
$str = preg_replace('/'.$fix.'/i', $_good, $str);
}
return $str;
}
function htmlsafe($str) {
return trim(htmlspecialchars(stripslashes($str), ENT_QUOTES));
}
function htmlunsafe($str) {
return trim(htmlspecialchars_decode($str, ENT_COMPAT));
}
function DateAdd($interval) {
$curdate = getdate();
$cday = $curdate['mday']+$interval;
$cmonth = $curdate['mon'];
$cyear = $curdate['year'];
if ($cday > 30) {
$cmonth = $cmonth + 1;
$cday = $cday - 30;
if ($cmonth == 13) {
$cyear = $cyear + 1;
$cmonth = 1;
}
}
if ($cday < 10) $cday .= "0";
if ($cmonth < 10) $cmonth .= "0";
//$ourDate = array($cyear,$cmonth,$cday);
$ourDate = "$cyear-$cmonth-$cday";
return $ourDate;
}
function ajax() {
?>
<script language="javascript">
function GetXmlHttpObject() {
var xmlHttp = null;
try {
// Firefox, Opera 8.0+, Safari
xmlHttp = new XMLHttpRequest();
} catch (e) {
// Internet Explorer
try {
xmlHttp = new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
xmlHttp = new ActiveXObject("Microsoft.XMLHTTP");
}
}
return xmlHttp;
}
function showPage(task, query, webid) {
if (task.length == 1 || query.length < 3) {
document.getElementById("ajax").innerHTML="";
document.getElementById("ajax").style.visibility = 'hidden';
return;
} else
document.getElementById("ajax").style.visibility = 'visible';
xmlHttp=GetXmlHttpObject()
if (xmlHttp == null) {
alert ("Your browser does not support AJAX!");
return;
}
var url = "ajaxpage.php?task="+task+"&query="+query+"&webid="+webid;
//alert(url);
xmlHttp.onreadystatechange = stateChanged;
xmlHttp.open("GET", url, true);
xmlHttp.send(null);
}
function stateChanged() {
if (xmlHttp.readyState==4) {
document.getElementById("ajax").innerHTML=xmlHttp.responseText;
}
}
</script>
<?php
}
?>