Your IP : 216.73.216.40
<?php
/*
include library of configuration and subroutines
*/
require("config.inc.php");
/*
check session and session variables
if session is created, store role of user
*/
if (isset($HTTP_SESSION_VARS['user'])) {
$webid = $HTTP_SESSION_VARS['webid'];
$user = $HTTP_SESSION_VARS['user'];
/*retrieve role of user from database*/
$tbl = 'webusers';
$rs = mysql_query("select * from $tbl where userid='$user'");
if (mysql_num_rows($rs)) {
$o = mysql_fetch_object($rs);
$role = $o->role;
} else
$role = 'public';
}
/*
in case wrong webid, redirect to index page
where situation has been delt with
*/
if (!$webid) header("Location: index.php");
/*
check for login and authenticate signin
after successful authentication, store user role
*/
if (isset($_POST['login'])) {
$user = $_POST["txtID"];
$pwd = $_POST["txtPWD"];
$role = authenticate($webid, $user, $pwd);
if ($role != 'guest') {
$_SESSION["user"] = "$user";
/*
store session information in the database
*/
$remoteip = $_SERVER["REMOTE_ADDR"];
$tbl = 'sessions';
mysql_query("insert into $tbl(webid,userid,sessionid,remoteip,action,datesession)
values('$webid','$user','$sessionid','$remoteip','login',now())");
/*
rowid of upload page may vary with implementation
hence call innerconf function by page title
on successfull login redirect user to admin module
*/
$id = innerconf('upload');
header("Location: admin.php?conf=$id");
}
}
$tbl = 'webpages';
/*
parse url and http request for
pageid so that content can be crawled from the database
query database for webpage based on conf metadata
rowid being unique can return at most one record
*/
//$rs = mysql_query("select * from $tbl where webid='$webid' and rowid=$conf");
//no need to put additional filter on webid as rowid itself is unique
$rs = mysql_query("select * from $tbl where rowid=$conf");
if (mysql_num_rows($rs)) {
/*
if this is a restricted page, verify login
*/
if ($o = mysql_fetch_object($rs)) {
if ($o->pageaccess == "admin" && !$user) {
header("Location: index.php");
}
//otherwise retrieve the page attributes
$parentid = $o->parentid;
$pagetitle = strtoupper($o->pagetitle);
$pagecontent = trim(htmlunsafe($o->pagecontent));
$keywords = $o->keywords;
$keywordss = explode(",", $o->keywords);
$hits = $o->hits;
$datecreation = $o->datecreation;
$dateupdation = $o->dateupdation;
$dateaccess = $o->dateaccess;
$userid = $o->userid;
/*
compose family tree to present navigation path
identify sibling to provide their links
*/
$familytree = familytree($webid, $o->rowid);
$sibling = sibling($webid, $parentid, $o->rowid);
/*
evaluate the pagetype and do the required hook
if content is html or php stay with the url
otherwise redirect to new url
*/
if ($o->pagetype == 'html')
$static = 1; //webpages
else if ($o->pagetype == 'url')
header("Location: $pagecontent"); //external links
else if ($o->pagetype == 'file')
header("Location: $webid/documents/$pagecontent"); //other documents
else
$static = 0; //php scripts
} else {
/*
error handler, if page is not available
*/
$static = 1;
$pagetitle = "<b>Oops!</b>";
$pagecontent = "The page is under construction, Please visit later. Thanks.";
}
} else {
/*
error handler, if page is not available
*/
$static = 1;
$pagetitle = "<b>Oops!</b>";
$pagecontent = "The page is under construction, Please visit later. Thanks.";
}
/*
start html document here
with charset=ISO-8859-1 and form enctype=multipart/form-data
which is required to enable HTTP upload feature
*/
?>
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\'>
<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'>
<?php
/*
these variables store values from database
rich keywords help in higher rating of this web portal
*/
echo "<head> <title>$title</title>
<meta http-equiv='Content-Type' content='text/html; charset=ISO-8859-1' />
<meta name='author' content='$author' />
<meta name='keywords' content='$keywords' />
<meta name='description' content='$description' />
";
/*
ajax function facilitates download and rendering of
AJAX pages. This help in reducing the HTTP request to server
*/
echo ajax();
/*
this is a dynamic stylesheet to support custom background color
of web portal. this also help change in background image
*/
echo "<style type='text/css'>";
include "jquerycssmenu.css.inc";
echo "</style>";
/*
other style sheets take care look and feel of web portal
javascripts go here after style sheet incusion
*/
?>
<link rel='stylesheet' type='text/css' href='css/style.css' media='screen' />
<link rel='SHORTCUT ICON' href='images/icdp.ico'>
<!--[if lte IE 7]>
<style type='text/css'>
html .jquerycssmenu{height: 1%;} /*for IE7 and below*/
</style>
<![endif]-->
<script type='text/javascript' src='js/white/jquery.min.js'></script>
<script type='text/javascript' src='js/white/jquerycssmenu.js'></script>
<script type='text/javascript' src='js/mm.js'></script>
<script type='text/javascript' src='js/fontsizer.js'></script>
</head>
<body id='b'>
<center>
<form name='frm' action='inner.php?conf=<?php echo $conf;?>' method='post' enctype='multipart/form-data'>
<?php
/*
display banner content followed with dynamically generated menu
*/
echo banner($webid);
/*
call hmenu recursive function for horizontal menu links
*/
echo "<div id='myjquerymenu' class='jquerycssmenu'>";
echo hmenus($webid, $user, 0);
/*
division ajax is a place holder for ajax pages
initially it is empty
paragraph tags <p> help in resizing the text size on the web portal
*/
echo "</div>
<div id='ajax' class='ajaxpage'></div>
<table id='t2' class='watermark' width='80%' height='500' border='0'>
<tr valign='top'><td width='100%' class='content'>
<div class='datehit'>
<a href=\"javascript:decreaseFontSize();\"><img src='images/font-dec.gif' border='0'></a>
<a href=\"javascript:increaseFontSize();\"><img src='images/font-inc.gif' border='0'></a>
</div><p>";
//show content
if ($conf && $pagetitle) {
//log this access to database
accessLog($webid, $user, $_SERVER['HTTP_REFERER'], $_SERVER['REQUEST_URI']);
echo "$familytree $sibling<br>";
echo "<span class='heading'>$pagetitle</span>";
echo "<div class='datetime'>[ dated $datecreation, updated $dateupdation, accessed $dateaccess, $hits hits ]</div>";
if ($static == 1) {
if ($pagecontent)
echo htmlunsafe($pagecontent);
else
echo "<b>Oops!</b><br>
<dir>The page is under construction, Please visit later. Thanks.</dir>";
if ($role == 'admin' && $userid == $user) {
echo "<div class='datetime'><a href='admin.php?conf=$conf'>Edit Content</a></div>";
}
} else {
if (file_exists("$pagecontent"))
include("$pagecontent");
else {
echo "<b>Oops!</b><br>
<dir>This link refers to a missing file. Please visit later. Thanks.</dir>";
//call_user_func($pagecontent, $keywords);
}
}
} else {
echo "<b>Oops!</b><br>
<dir>The page is under construction, Please visit later. Thanks.</dir>";
}
echo "</p></td></tr><tr><td class='footer'>";
/*
footer content such as standard links, disclaimer, developer info
are placed one by one from database
*/
echo footer($webid, $user);
echo "</td></tr></table>";
$tbl = 'webpages';
//increase hit counter for this pageid i.e. conf value
mysql_query("update $tbl set hits=hits+1,dateaccess=now() where webid='$webid' and rowid=$conf");
//disable expired pages
mysql_query("update $tbl set status='offline' where webid='$webid' and dateexpiry<now()");
/*
end of html form and body content
*/
?>
</form>
</center>
</body>
</html>