Your IP : 216.73.216.40
<?php
//include configuration and function library
require("config.inc.php");
require("functions.inc.php");
require("menus.inc.php");
//call database connection
dbConnect();
//some enumerated values
$contentcategories = array(0=>'Homepage',99990=>'Orphan',99992=>'Upload',99995=>'Form',99996=>'Tender',99997=>'Profile',99998=>'Advertisement',99999=>'Announcement');
$featuress = array('telephones','tenders','forms','downloads','profiles','feedback','gallery','search','sitemap','metadata');
$pagetypes = array('menu','html','url','file','php');
$pageaccesses = array('public','user','webmaster','admin');
$statuss = array('online','offline');
$remoteip = $_SERVER["REMOTE_ADDR"];
$referer = $_SERVER['HTTP_REFERER'];
$url = $_SERVER['REQUEST_URI'];
//session handle, parse url for incoming metadata
$conf = $_REQUEST["conf"];
//initialize session variables and session
session_start();
if (!$HTTP_SESSION_VARS['webid']) {
//$webid = substr($_SERVER["SERVER_NAME"], 0, strpos($_SERVER["SERVER_NAME"], '.'));
//$webid = hash('md5', $_SERVER["SERVER_NAME"]);
$webid = $_SERVER["SERVER_NAME"];
if ($webid == 'uprtou.iiita.ac.in') $webid = 'www.uprtou.ac.in';
} else {
$webid = $HTTP_SESSION_VARS['webid'];
}
if (isset($HTTP_SESSION_VARS['user'])) {
//check session and session variables
$webid = $HTTP_SESSION_VARS['webid'];
$sessionid = $HTTP_SESSION_VARS['sessionid'];
$user = $HTTP_SESSION_VARS['user'];
$role = $HTTP_SESSION_VARS['role'];
} else if (isset($_POST['login'])) { //authenticate sign in
$user = $_POST["txtID"];
$pwd = $_POST["txtPWD"];
$role = authenticate($webid, $user, $pwd);
if ($role != 'guest') {
$sessionid = base64_encode($user.'-'.$pwd);
$_SESSION["user"] = "$user";
$_SESSION["role"] = "$role";
$_SESSION["sessionid"] = "$sessionid";
//session information
$tbl = 'sessions';
mysql_query("insert into $tbl(webid,userid,remoteip,action,datesession)
values('$webid','$user','$remoteip','login',now())");
if ($role == 'user') {
$id = innerconf('sharing');
header("Location: inner.php?conf=$id");
} else if ($role == 'admin') {
$id = innerconf('upload');
header("Location: admin.php?conf=$id");
} else if ($role == 'webmaster') {
$id = innerconf('access');
header("Location: admin.php?conf=$id");
} else {
$id = innerconf('error');
header("Location: inner.php?conf=$id");
}
} else {
$id = innerconf('error');
header("Location: inner.php?conf=$id");
}
}
//$role = $HTTP_SESSION_VARS['role'];
//$role = $_SESSION['role'];
if ($_REQUEST['logout'] == 1) { //check for sing out signal
//session information
$tbl = 'sessions';
mysql_query("insert into $tbl(webid,userid,remoteip,action,datesession)
values('$webid','$user','$remoteip','logout',now())");
//reset session variables
$HTTP_SESSION_VARS['user'] = "";
$HTTP_SESSION_VARS['role'] = "";
$user = "";
$role = "";
header("Location: /");
}
//$role = authenticate($webid, $user);
//lookup for site info
$tbl = 'websites';
$rs = mysql_query("select * from $tbl where webid='$webid'");
if ($rs) {
$o = mysql_fetch_object($rs);
if ($o) {
$title = $o->title;
$author = $o->author;
$logo = $o->banner;
$banner = "$webid/images/".$o->banner;
$description = htmlunsafe($o->description);
$contact = htmlunsafe($o->contact);
$email = htmlunsafe($o->email);
$footer = htmlunsafe($o->footer);
$status = $o->status;
$counter = $o->counter;
$datecreation = $o->datecreation;
$bgcolor = $o->bgcolor;
$features = $o->features;
if ($status == 'online') {
$_SESSION["webid"] = $webid;
mysql_query("update $tbl set counter=counter+1 where webid='$webid'");
} else {
echo "The website [$webid] you are looking for is currently offline. Thanks.";
exit;
}
} else {
echo "The website [$webid] you are looking for does not exist on this server. Thanks.";
exit;
}
} else {
echo "The website [$webid] you are looking for does not exist on this server. Thanks.";
exit;
}
$tbl = 'webpages';
//update content through admin page
if ($_POST["submit"] == 'UPDATE') {
$ptitle = htmlsafe($_POST["pagetitle"]);
$pcontent = htmlsafe($_POST["pagecontent"]);
if ($_FILES['userfile']['name'] > "") {
$filename = upload($webid, 0);
$pcontent .= "<p>Download file <a href=\"$filename\">$filename</a></p>";
}
mysql_query("update $tbl set pagetitle='$pagetitle',pagecontent='$pcontent',dateupdation=now() where rowid=$conf");
}
//query database for webpage based on conf metadata
//$rs = mysql_query("select * from $tbl where webid='$webid' and rowid=$conf");
if ($conf) {
$rs = mysql_query("select * from $tbl where rowid=$conf");
//it returns at most one page, if this is a restricted page, verify login
while ($o = mysql_fetch_object($rs)) {
if ($o->pageaccess == "admin" && !$user) {
$id = innerconf('login');
header("Location: $PHP_SELF?conf=$id");
}
//otherwise retrieve the page attributes
$parentid = $o->parentid;
$pagetitle = strtoupper($o->pagetitle);
$pagecontent = trim(htmlunsafe($o->pagecontent));
$pagetype = $o->pagetype;
$pageaccess = $o->pageaccess;
$datecreation = $o->datecreation;
$dateupdation = $o->dateupdation;
$dateaccess = $o->dateaccess;
$hits = $o->hits;
$userid = $o->userid;
$familytree = familytree($webid, $o->rowid);
$sibling = sibling($webid, $parentid, $o->rowid);
if ($o->pagetype == 'html')
$static = 1; //webpages
else if ($o->pagetype == 'url')
header("Location: ".strip_tags($pagecontent)); //external links
else if ($o->pagetype == 'file') {
$static = 1;
$myfile = strtolower(strip_tags(trim($pagecontent)));
if ($myfile) {
$filename = explode(".", $myfile);
$ext = $filename[count($filename)-1];
if ($ext == 'jpg' || $ext == 'gif' || $ext == 'tif' || $ext == 'png') {
//echo system("file -i -b file.pdf");
if (file_exists(absolutePath($webid,'images').'/'.$myfile)) {
$myfile = relativePath($webid,'images').'/'.$myfile;
$pagecontent = "<img src='$myfile' width='98%' height='300' border='0' />";
} else
$pagecontent = "<b>Oops!</b><dir>The linked file $myfile does not exist on server. Thanks.</dir>";
} else if ($ext == 'mp3' || $ext == 'avi' || $ext == 'wav' || $ext == 'wma') {
if (file_exists(absolutePath($webid,'multimedia').'/'.$myfile)) {
$myfile = relativePath($webid,'multimedia').'/'.$myfile;
$pagecontent = "<a href='$myfile'>Download this file</a><br>";
if ($ext == 'wma')
$pagecontent .= "<OBJECT id='VIDEO' width='320' height='240'
style='position:absolute; left:0;top:0;'
CLASSID='CLSID:6BF52A52-394A-11d3-B153-00C04F79FAA6'
type='application/x-oleobject'>
<PARAM NAME='URL' VALUE='$myfile'>
<PARAM NAME='SendPlayStateChangeEvents' VALUE='True'>
<PARAM NAME='AutoStart' VALUE='True'>
<PARAM name='uiMode' value='none'>
<PARAM name='PlayCount' value='9999'>
</OBJECT>";
else if ($ext == 'avi')
$pagecontent .= "<embed type='application/x-vlc-plugin' name='VLC' autoplay='yes'
loop='no' volume='100' width='320' height='240' target='$myfile'>
<OBJECT id='rvocx1' classid='clsid:CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA' width='400' height='240'>
<param name='src' value='$myfile'>
<param name='autostart' value='true'>
<param name='controls' value='ImageWindow'>
<param name='console' value='video'>
<param name='loop' value='false'>
<EMBED src='$myfile' width='400' height='240'
loop='false' type='audio/x-pn-realaudio-plugin' controls='imagewindow' console='video' autostart='true'>
</OBJECT>";
else
$pagecontent .= "<OBJECT ID='rvocx2' CLASSID='clsid:CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA' WIDTH=400 HEIGHT=100>
<param name='src' value='$myfile'>
<param name='autostart' value='true'>
<PARAM NAME='CONTROLS' VALUE='All'>
<PARAM NAME='CONSOLE' VALUE='one'>
<EMBED SRC='$myfile' WIDTH=400 HEIGHT=100 NOJAVA=true CONTROLS=All CONSOLE=one autostart='true'>
</OBJECT>";
} else
$pagecontent = "<b>Oops!</b><dir>The linked file $myfile does not exist on server. Thanks.</dir>";
} else if ($ext == 'php') {
if (file_exists(asolutePath($webid,'').'/'.$myfile))
$static = 0;
else
$pagecontent = "<b>Oops!</b><dir>The linked file $$myfile does not exist on server. Thanks.</dir>";
} else if ($ext == 'pdf') {
if (file_exists(absolutePath($webid,'documents').'/'.$myfile)) {
$myfile = relativePath($webid,'documents').'/'.$myfile;
$pagecontent = "<a href='$myfile'>Download this file</a><br>
<iframe src='http://docs.google.com/gview?url=http://$webid/$myfile&embedded=true'
style='width:100%; height:600px;' frameborder='0'></iframe>";
}
} else {
if (file_exists(absolutePath($webid,'documents').'/'.$myfile)) {
$myfile = relativePath($webid,'documents').'/'.$myfile;
header("Location: $myfile"); //other documents
} else
$pagecontent = "<b>Oops!</b><dir>The linked file $myfile does not exist on server. Thanks.</dir>";
}
} else
$pagecontent = "<b>Oops!</b><dir>The page is under construction, Please visit later. Thanks.</dir>";
} else
$static = 0; //php scripts
}
//worst case
if (!$pagetitle) {
$static = 1;
$pagetitle = "<b>Sorry!</b>";
$pagecontent = "<b>Oops!</b><dir>The page is under construction, Please visit later. Thanks.</dir>";
}
}
//log activity in access log database
accessLog($webid, $user);
//increase hit counter for this conf
//mysql_query("update $tbl set hits=hits+1,dateaccess=now() where webid='$webid' and rowid=$conf");
mysql_query("update $tbl set hits=hits+1,dateaccess=now() where rowid=$conf"); //rowid is unique value
//check the expiry of content
if (!$conf) {
//disable expired pages
mysql_query("update $tbl set status='offline' where webid='$webid' and dateexpiry<now()");
}
?>