Your IP : 216.73.216.40
<?php
function dbConnect() {
$link = mysql_connect("localhost", "root", "iiita2010");
if (!$link) die('Could not connect: ' . mysql_error());
mysql_select_db("icdp");
return $link;
}
dbConnect();
//session handle, parse url for incoming metadata
$conf = $_REQUEST["conf"];
$target = $_REQUEST["target"];
//initialize session variables and session
session_start();
if (!$HTTP_SESSION_VARS['webid']) {
//$webid = substr($_SERVER["SERVER_NAME"], 0, strpos($_SERVER["SERVER_NAME"], '.'));
//$webid = hash('md5', $_SERVER["SERVER_NAME"]);
$webid = $_SERVER["SERVER_NAME"];
} else {
$webid = $HTTP_SESSION_VARS['webid'];
}
//lookup for site info
$tbl = 'websites';
$rs = mysql_query("select * from $tbl where webid='$webid'");
if ($rs) {
$o = mysql_fetch_object($rs);
if ($o) {
$title = $o->title;
$author = $o->author;
$description = htmlunsafe($o->description);
$keywords = $o->keywords;
$contact = htmlunsafe($o->contact)."<br>Welcomes you at its official website";
$footer = htmlunsafe($o->footer)."Developed by: <a href='http://profile.iiita.ac.in/mmishra'>Mithilesh Kr. Mishra</a> & Team, <a href='http://www.iiita.ac.in'>IIIT Allahabad</a>";
$status = $o->status;
$counter = $o->counter;
if ($status == 'online') {
$_SESSION["webid"] = $webid;
mysql_query("update $tbl set counter=counter+1 where webid='$webid'");
} else {
echo "The website [$webid] you are looking for is currently offline. Thanks.";
exit;
}
} else {
echo "The website [$webid] you are looking for does not exist on this server. Thanks.";
exit;
}
} else {
echo "The website [$webid] you are looking for does not exist on this server. Thanks.";
exit;
}
function innerconf($content) {
$tbl = 'webpages';
$rs = mysql_query("select * from $tbl where lcase(pagecontent) like '".strtolower($content)."%'");
if (mysql_num_rows($rs)) {
$q = mysql_fetch_object($rs);
return $q->rowid;
} else
return 0;
}
function footer($webid) {
$str = "
<a href='#' onclick=\"showPage('tender','online','$webid')\">Tenders</a> |
<a href='#' onclick=\"showPage('format','online','$webid')\">Forms</a> |
<!--<a href='#' onclick=\"showPage('feedback','online','$webid')\">Query/Feedback</a>-->";
$id = innerconf('feedback');
$str .= "<a href='inner.php?conf=$id'>Query/Feedback</a> |
<!--add more links here -->
<a href='http://www.adobe.com/products/acrobat/readstep2.html'>PDF Reader</a>
";
return $str;
}
function accessLog($webid, $user, $referer, $url) {
$tbl = 'accesslogs';
if (!$user) $user = 'guest';
if (!$referer) $referer = 'direct';
if ($url == '/') $url = 'index.php';
$ip = $_SERVER["REMOTE_ADDR"];
mysql_query("insert into $tbl(webid,userid,referer,weburl,remoteip,dateaccess)
values('$webid','$user', '$referer', '$url','$ip',now())");
}
function checkAdmin($role) {
if ($role != "admin") {
echo "<div align=center><h2>You must be a Webmaster to access this page</h2></div>";
exit;
}
}
function checkLogin($user) {
if (!$user) {
echo "<div align=center>You must be logged in to access this page</div>";
exit;
}
}
function checkEmail($email) {
if (eregi("^[a-zA-Z0-9_]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$]", $email)) {
return FALSE;
}
list($Username, $Domain) = split("@",$email);
if (getmxrr($Domain, $MXHost)) {
return TRUE;
} else {
if (fsockopen($Domain, 25, $errno, $errstr, 30)) {
return TRUE;
} else {
return FALSE;
}
}
}
function checkAbuser($message, $name, $email, $systemip) {
$tbl = 'abusers';
if (mysql_num_rows(mysql_query("select * from $tbl where systemip='$ip' or email='$email' or name='$name'"))) {
return TRUE;
} else {
$abuses = array('nude','teen','www','url','sex','suck','fuck','xxx','pussy','penis','hotty','sexual','porn','movie');
foreach ($abuses as $abuse) {
if (stristr($message, $abuse)) {
mysql_query("insert into $tbl(name,email,systemip,datecreation) values('$name','$email','$systemip',now())");
return TRUE;
}
}
return FALSE;
}
}
function authenticate($webid, $userid, $pwd) {
$tbl = 'webusers';
//$rs = mysql_query("select * from $tbl where webid='$webid' and userid='$userid' and passwd=password('$pwd')");
$rs = mysql_query("select * from $tbl where webid='$webid' and userid='$userid' and status='online' and passwd=password('$pwd')");
if (mysql_num_rows($rs)) {
$o = mysql_fetch_object($rs);
$role = $o->role;
$epwd = base64_encode($pwd);
srand((double)microtime()*100000000);
//generate a unique sid
$ch = $userid;
for($i=0; $i<20; $i++) {
$ch .= chr(rand(65, 90));
}
//update session info in accounts table
mysql_query("update $tbl set sessionid='$ch',sessionip='".$_SERVER["REMOTE_ADDR"]."',datesession=now() where webid='$webid' and userid='$userid'");
} else $role = 'guest';
return $role;
}
function absolutePath($webid, $object) {
$wroot = substr($_SERVER['SCRIPT_FILENAME'], 0, strrpos($_SERVER['SCRIPT_FILENAME'], "/"));
switch ($object) {
case "images":
return $wroot."/images/$webid";
break;
case "gallery":
return $wroot."/gallery/$webid";
break;
case "documents":
return $wroot."/documents/$webid";
break;
default:
return $_SERVER["DOCUMENT_ROOT"]."/$webid";
}
}
function relativePath($webid, $object) {
$wroot = substr($_SERVER['SCRIPT_FILENAME'], 0, strrpos($_SERVER['SCRIPT_FILENAME'], "/"));
switch ($object) {
case "images":
return "/images/$webid";
break;
case "gallery":
return "/gallery/$webid";
break;
case "documents":
return "/documents/$webid";
break;
default:
return $_SERVER["DOCUMENT_ROOT"];
}
}
function ajax() {
?>
<script language="javascript">
function GetXmlHttpObject() {
var xmlHttp = null;
try {
// Firefox, Opera 8.0+, Safari
xmlHttp = new XMLHttpRequest();
} catch (e) {
// Internet Explorer
try {
xmlHttp = new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
xmlHttp = new ActiveXObject("Microsoft.XMLHTTP");
}
}
return xmlHttp;
}
function showPage(task, query, webid) {
if (task.length == 1 || query.length < 3) {
document.getElementById("ajax").innerHTML="";
document.getElementById("ajax").style.visibility = 'hidden';
return;
} else
document.getElementById("ajax").style.visibility = 'visible';
xmlHttp=GetXmlHttpObject()
if (xmlHttp == null) {
alert ("Your browser does not support AJAX!");
return;
}
var url = "ajaxpage.php?task="+task+"&query="+query+"&webid="+webid;
//alert(url);
xmlHttp.onreadystatechange = stateChanged;
xmlHttp.open("GET", url, true);
xmlHttp.send(null);
}
function stateChanged() {
if (xmlHttp.readyState==4) {
document.getElementById("ajax").innerHTML=xmlHttp.responseText;
}
}
</script>
<?php
}
function flash($webid, $title) {
?>
<!-- START AD -->
<script language="JavaScript"><!--
function show(object) {
if (document.getElementById) {
document.getElementById(object).style.visibility = 'visible';
} else if (document.layers && document.layers[object]) {
document.layers[object].visibility = 'visible';
} else if (document.all) {
document.all[object].style.visibility = 'visible';
}
}
function hide(object) {
if (document.getElementById) {
document.getElementById(object).style.visibility = 'hidden';
} else if (document.layers && document.layers[object]) {
document.layers[object].visibility = 'hidden';
} else if (document.all) {
document.all[object].style.visibility = 'hidden';
}
}
//--></script>
<div class="flash" id="flash" onMouseOver="show('flash')" onMouseOut="hide('flash')">
<?php echo "<img src='/images/iiita.jpg' height='100' width='100'>Developed by: Mithilesh Kr. Mishra & Team, IIIT Allahabad</img>"; ?>
</div>
<!-- END AD -->
<?php
}
function familytree($webid, $rowid) {
switch ($rowid) {
case 0:
$str = "<a href='/'>Home</a>";
break;
case 99995:
$str = "<a href='/'>Home</a> > Format";
break;
case 99996:
$str = "<a href='/'>Home</a> > Tender";
break;
case 99997:
$str = "<a href='/'>Home</a> > Profile";
break;
case 99998:
$str = "<a href='/'>Home</a> > Advertisement";
break;
case 99999:
$str = "<a href='/'>Home</a> > Announcement";
break;
default:
$tbl = 'webpages';
if ($webid) $rs = mysql_query("select * from $tbl where webid='$webid' and status='online' and rowid=$rowid");
else $rs = mysql_query("select * from $tbl where status='online' and rowid=$rowid");
if ($rs) {
$o = mysql_fetch_object($rs);
if ($o->pagecontent)
$str = familytree($webid, $o->parentid) . " > <a href='inner.php?conf=$o->rowid'>$o->hypertext</a>";
else
$str = familytree($webid, $o->parentid) . " > $o->hypertext";
} else
$str = '';
break;
}
return $str;
}
function sibling($webid, $parentid, $rowid) {
$tbl = 'webpages';
$str = "See also: ";
if ($parentid)
$rs = mysql_query("select * from $tbl where webid='$webid' and status='online' and parentid=$parentid and rowid<>$rowid");
else
$rs = mysql_query("select * from $tbl where webid='' and pageaccess='admin' and parentid=0 and rowid<>$rowid");
if (mysql_num_rows($rs)) {
while ($o = mysql_fetch_object($rs)) {
$hypertext = str_replace(" ", " ", $o->hypertext);
if ($o->pagecontent) {
if ($o->webid) $str .= "<a href='inner.php?conf=$o->rowid'>$hypertext</a>, ";
else $str .= "<a href='admin.php?conf=$o->rowid'>$hypertext</a>, ";
}
}
} else
$str .= 'Nothing';
$str = rtrim($str, ", ");
return $str;
}
function sendmail($email, $subject, $body) {
require("classes/class.phpmailer.php");
$mail = new PHPMailer();
$mail->IsSMTP(); // telling the class to use SMTP
$mail->Host = "mail.iiita.ac.in"; // SMTP server
$mail->FromName = "Webmailer";
$mail->From = "indem@iiita.ac.in";
$mail->AddAddress($email,$email);
$mail->AddAddress("indem@iiita.ac.in","indem@iiita.ac.in");
$mail->Username = "indem";
$mail->Password = "@medni2020";
$mail->Subject = $subject;
$mail->Body = $body;
$mail->WordWrap = 75;
if (!$mail->Send()) {
return $mail->ErrorInfo;
} else {
return TRUE;
}
}
function gallery($webid) {
$agPath = absolutePath($webid,'gallery');
$rgPath = relativePath($webid,'gallery');
$riPath = relativePath($webid,'images');
$dh = opendir($agPath);
$i = 0;
while (false !== ($filename = readdir($dh))) {
if (strlen($filename) > 2) {
$files[] = $filename;
$i++;
}
}
$no = rand(0, $i-1);
if (!$files[$no]) $no = 0;
$color = rand(0,255).','.rand(0,255).','.rand(0,255);
$str = "<img id='pic' src='$rgPath/".$files[$no]."' height='350' width='100%' title='Logo in Photo Gallery'
onMouseOver=\"this.src='".$riPath."/logo.jpg'\" onMouseOut=\"this.src='$rgPath/".$files[$no]."'\">";
return $str;
}
function upload($webid) {
$maxsize = 90998860800;
$uploadfile = strtolower(basename($_FILES['userfile']['name']));
$gallery = $_POST['gallery'];
$filesize = $_FILES["userfile"]["size"];
if ($uploadfile && $filesize < $maxsize) {
$filename = explode(".", strtolower($uploadfile));
$ext = $filename[count($filename)-1];
if ($ext == 'jpg' || $ext == 'gif' || $ext == 'tif' || $ext == 'png') {
if ($gallery) $uPath = absolutePath($webid,'gallery');
else $uPath = absolutePath($webid,'images');
} else $uPath = absolutePath($webid,'documents');
if (move_uploaded_file($_FILES['userfile']['tmp_name'], "$uPath/$uploadfile")) {
shell_exec("chmod -R 755 $uPath");
echo "<div class='error'>Thanks! $uploadfile file has successfully been uploaded.</div>";
} else {
echo "<div class='error'>Oops! $uploadfile file could not be uploaded due to system error.</div>";
}
} else {
echo "<div class='error'>Oops! either file name is missing or file size exceeds the max. limit of 10 MB.</div>";
}
}
function text2image($str) {
Header ("Content-type: image/png");
putenv('GDFONTPATH=' . realpath('.'));
$font = 'arial.ttf';
$fontSize = 80;//in point;
$onecharwidth = imagefontwidth($font)*($fontSize/8);
$totalwidth = $onecharwidth * strlen($str);
$height = (imagefontheight($font)*($fontSize/8))*2;
$img_handle = imagecreatetruecolor($totalwidth, $height);
$white = imagecolorallocate($img_handle, 255, 255, 255);
imagefill($img_handle, 0, 0, $white);
$black = imagecolorallocate ($img_handle, 0, 0, 0);
$gray = imagecolorallocate ($img_handle, 100, 100, 100);
imagettftext($img_handle, 20, 0, 10, 20, $black, $font, $title1);
$posarr=imagettfbbox(20, 0,$font, $title1);
imagettftext($img_handle, 20, 0, $posarr[2]+$onecharwidth, 20, $gray, $font, $title2);
imagepng ($img_handle);
imagedestroy ($img_handle);
}
function ReplaceBadWords($str, $bad_words, $replace_str){
if (!is_array($bad_words)){
$bad_words = explode(',', $bad_words);
}
for ($x=0; $x < count($bad_words); $x++){
$fix = isset($bad_words[$x]) ? $bad_words[$x] : '';
$_replace_str = $replace_str;
if (strlen($replace_str)==1){
$_replace_str = str_pad($_replace_str, strlen($fix), $replace_str);
}
$str = preg_replace('/'.$fix.'/i', $_replace_str, $str);
}
return $str;
}
function htmlsafe($str) {
return trim(htmlspecialchars(stripslashes($str), ENT_QUOTES));
}
function htmlunsafe($str) {
return trim(htmlspecialchars_decode($str, ENT_COMPAT));
}
function DateAdd($interval) {
$curdate = getdate();
$cday = $curdate['mday']+$interval;
$cmonth = $curdate['mon'];
$cyear = $curdate['year'];
if ($cday > 30) {
$cmonth = $cmonth + 1;
$cday = $cday - 30;
if ($cmonth == 13) {
$cyear = $cyear + 1;
$cmonth = 1;
}
}
if ($cday < 10) $cday .= "0";
if ($cmonth < 10) $cmonth .= "0";
//$ourDate = array($cyear,$cmonth,$cday);
$ourDate = "$cyear-$cmonth-$cday";
return $ourDate;
}
?>