Your IP : 216.73.216.40
<?php
require("functions.inc.php");
function dbConnect() {
$link = mysql_connect("localhost", "root", "alld");
if (!$link) die('Could not connect: ' . mysql_error());
mysql_select_db("icdp");
return $link;
}
dbConnect();
//session handle, parse url for incoming metadata
$conf = $_REQUEST["conf"];
//initialize session variables and session
session_start();
if (!$HTTP_SESSION_VARS['webid']) {
//$webid = substr($_SERVER["SERVER_NAME"], 0, strpos($_SERVER["SERVER_NAME"], '.'));
//$webid = hash('md5', $_SERVER["SERVER_NAME"]);
$webid = $_SERVER["SERVER_NAME"];
//if ($webid == 'uprtou.iiita.ac.in') $webid = 'www.uprtou.ac.in';
//else header("Location: http://www.uprtouallahabad.org.in");
} else {
$webid = $HTTP_SESSION_VARS['webid'];
}
if (isset($HTTP_SESSION_VARS['user'])) {
//check session and session variables
$webid = $HTTP_SESSION_VARS['webid'];
$user = $HTTP_SESSION_VARS['user'];
$role = $HTTP_SESSION_VARS['role'];
} else if (isset($_POST['login'])) {
//authenticate sign in
$user = $_POST["txtID"];
$pwd = $_POST["txtPWD"];
$role = authenticate($webid, $user, $pwd);
if ($role == 'admin' || $role == 'user') { //session_register("user", "role");
$_SESSION["user"] = "$user";
$_SESSION["role"] = "$role";
//session information
$sessionip = $_SERVER["REMOTE_ADDR"];
$tbl = 'sessions';
mysql_query("insert into $tbl(webid,userid,sessionid,sessionip,action,datesession)
values('$webid','$user','$sessionid','$sessionip','login',now())");
$id = innerconf('upload');
header("Location: admin.php?conf=$id");
}
}
if (isset($_REQUEST['logout'])) {
//check for sing out signal
//session information
$sessionip = $_SERVER["REMOTE_ADDR"];
$tbl = 'sessions';
mysql_query("insert into $tbl(webid,userid,sessionid,sessionip,action,datesession)
values('$webid','$user','$sessionid','$sessionip','logout',now())");
//reset session variables
$HTTP_SESSION_VARS['user'] = "";
$HTTP_SESSION_VARS['role'] = "";
$user = "";
$role = "";
}
//lookup for site info
$tbl = 'websites';
$rs = mysql_query("select * from $tbl where webid='$webid'");
if ($rs) {
$o = mysql_fetch_object($rs);
if ($o) {
$title = $o->title;
$author = $o->author;
$logo = $o->logo;
$banner = $o->banner;
$description = htmlunsafe($o->description);
$keywords = $o->keywords;
$contact = htmlunsafe($o->contact);
$footer = htmlunsafe($o->footer);
$status = $o->status;
$counter = $o->counter;
$datecreation = $o->datecreation;
$bgcolor = $o->bgcolor;
$features = $o->features;
if ($status == 'online') {
$_SESSION["webid"] = $webid;
mysql_query("update $tbl set counter=counter+1 where webid='$webid'");
} else {
echo "The website [$webid] you are looking for is currently offline. Thanks.";
exit;
}
} else {
echo "The website [$webid] you are looking for does not exist on this server. Thanks.";
exit;
}
} else {
echo "The website [$webid] you are looking for does not exist on this server. Thanks.";
exit;
}
$tbl = 'webpages';
//update content directly
if ($_POST["submit"] == 'UPDATE') {
mysql_query("update $tbl set pagetitle='".$_POST["pagetitle"]."',pagecontent='".htmlsafe($_POST["pagecontent"])."',dateupdation=now() where rowid=$conf");
}
//query database for webpage based on conf metadata
//$rs = mysql_query("select * from $tbl where webid='$webid' and rowid=$conf");
if ($conf) {
$rs = mysql_query("select * from $tbl where rowid=$conf");
//it returns at most one page, if this is a restricted page, verify login
while ($o = mysql_fetch_object($rs)) {
if ($o->pageaccess == "admin" && !$user) {
$id = innerconf('login');
header("Location: $PHP_SELF?conf=$id");
}
//otherwise retrieve the page attributes
$parentid = $o->parentid;
$pagetitle = strtoupper($o->pagetitle);
$pagecontent = trim(htmlunsafe($o->pagecontent));
$keywords = $o->keywords;
$keywordss = explode(",", $o->keywords);
$hits = $o->hits;
$datecreation = $o->datecreation;
$dateupdation = $o->dateupdation;
$dateaccess = $o->dateaccess;
$userid = $o->userid;
if ($pageaccess != 'admin') {
$familytree = familytree($webid, $o->rowid);
$sibling = sibling($webid, $parentid, $o->rowid);
} else {
$familytree = "<a href='/'>Home</a> > Edit > <a href='$PHP_SELF?conf=$conf'>$hypertext</a>";
$id = innerconf('websites');
$sibling = "<div class='datetime'>See also: <a href='$PHP_SELF?conf=$id'>Website</a>, ";
$id = innerconf('webusers');
$sibling .= "<a href='$PHP_SELF?conf=$id'>Webuser</a>, ";
$id = innerconf('webpages');
$sibling .= "<a href='$PHP_SELF?conf=$id'>Webpage</a>, ";
$id = innerconf('gallery');
$sibling .= "<a href='$PHP_SELF?conf=$id'>Gallery</a>, ";
$id = innerconf('telephone');
$sibling .= "<a href='$PHP_SELF?conf=$id'>Telephone</a></div> ";
}
if ($o->pagetype == 'html')
$static = 1; //webpages
else if ($o->pagetype == 'url')
header("Location: ".strip_tags($pagecontent)); //external links
else if ($o->pagetype == 'file') {
$static = 1;
$myfile = strtolower(strip_tags(trim($pagecontent)));
if ($myfile) {
$filename = explode(".", $myfile);
$ext = $filename[count($filename)-1];
if ($ext == 'jpg' || $ext == 'gif' || $ext == 'tif' || $ext == 'png') {
if (file_exists(absolutePath($webid,'images').'/'.$myfile)) {
$myfile = relativePath($webid,'images').'/'.$myfile;
$pagecontent = "<img src='$myfile' width='400' height='300' border='0' />";
} else
$pagecontent = "<b>Oops!</b><dir>The linked file $myfile does not exist on server. Thanks.</dir>";
} else if ($ext == 'mp3' || $ext == 'avi' || $ext == 'wav' || $ext == 'wma') {
if (file_exists(absolutePath($webid,'multimedia').'/'.$myfile)) {
$myfile = relativePath($webid,'multimedia').'/'.$myfile;
$pagecontent = "<a href='$myfile'>Download this file</a><br>";
if ($ext == 'wma')
$pagecontent .= "<OBJECT id='VIDEO' width='320' height='240'
style='position:absolute; left:0;top:0;'
CLASSID='CLSID:6BF52A52-394A-11d3-B153-00C04F79FAA6'
type='application/x-oleobject'>
<PARAM NAME='URL' VALUE='$myfile'>
<PARAM NAME='SendPlayStateChangeEvents' VALUE='True'>
<PARAM NAME='AutoStart' VALUE='True'>
<PARAM name='uiMode' value='none'>
<PARAM name='PlayCount' value='9999'>
</OBJECT>";
else if ($ext == 'avi')
$pagecontent .= "<embed type='application/x-vlc-plugin' name='VLC' autoplay='yes'
loop='no' volume='100' width='320' height='240' target='$myfile'>
<OBJECT id='rvocx1' classid='clsid:CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA' width='400' height='240'>
<param name='src' value='$myfile'>
<param name='autostart' value='true'>
<param name='controls' value='ImageWindow'>
<param name='console' value='video'>
<param name='loop' value='false'>
<EMBED src='$myfile' width='400' height='240'
loop='false' type='audio/x-pn-realaudio-plugin' controls='imagewindow' console='video' autostart='true'>
</OBJECT>";
else
$pagecontent .= "<OBJECT ID='rvocx2' CLASSID='clsid:CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA' WIDTH=400 HEIGHT=100>
<param name='src' value='$myfile'>
<param name='autostart' value='true'>
<PARAM NAME='CONTROLS' VALUE='All'>
<PARAM NAME='CONSOLE' VALUE='one'>
<EMBED SRC='$myfile' WIDTH=400 HEIGHT=100 NOJAVA=true CONTROLS=All CONSOLE=one autostart='true'>
</OBJECT>";
} else
$pagecontent = "<b>Oops!</b><dir>The linked file $myfile does not exist on server. Thanks.</dir>";
} else if ($ext == 'php') {
if (file_exists(asolutePath($webid,'').'/'.$myfile))
$static = 0;
else
$pagecontent = "<b>Oops!</b><dir>The linked file $$myfile does not exist on server. Thanks.</dir>";
} else if ($ext == 'pdf') {
if (file_exists(absolutePath($webid,'documents').'/'.$myfile)) {
$myfile = relativePath($webid,'documents').'/'.$myfile;
$pagecontent = "<a href='$myfile'>Download this file</a><br>
<iframe src='http://docs.google.com/gview?url=http://$webid/$myfile&embedded=true'
style='width:100%; height:600px;' frameborder='0'></iframe>";
}
} else {
if (file_exists(absolutePath($webid,'documents').'/'.$myfile)) {
$myfile = relativePath($webid,'documents').'/'.$myfile;
header("Location: $myfile"); //other documents
} else
$pagecontent = "<b>Oops!</b><dir>The linked file $myfile does not exist on server. Thanks.</dir>";
}
} else
$pagecontent = "<b>Oops!</b><dir>The page is under construction, Please visit later. Thanks.</dir>";
} else
$static = 0; //php scripts
}
//worst case
if (!$pagetitle) {
$static = 1;
$pagetitle = "<b>Sorry!</b>";
$pagecontent = "<b>Oops!</b><dir>The page is under construction, Please visit later. Thanks.</dir>";
}
}
//log activity in access log database
accessLog($webid, $user, $_SERVER['HTTP_REFERER'], $_SERVER['REQUEST_URI']);
//increase hit counter for this conf
//mysql_query("update $tbl set hits=hits+1,dateaccess=now() where webid='$webid' and rowid=$conf");
mysql_query("update $tbl set hits=hits+1,dateaccess=now() where rowid=$conf"); //rowid is unique value
//disable expired pages
mysql_query("update $tbl set status='offline' where webid='$webid' and dateexpiry<now()");
$img = picture($webid);
function innerconf($content) {
$tbl = 'webpages';
$rs = mysql_query("select * from $tbl where lcase(pagecontent) like '".strtolower($content)."%'");
if (mysql_num_rows($rs)) {
$q = mysql_fetch_object($rs);
return $q->rowid;
} else
return 0;
}
function banner($webid) {
$tbl = 'websites';
$rs = mysql_query("select * from $tbl where webid='$webid'");
if ($rs) {
$o = mysql_fetch_object($rs);
if ($o) {
$title = $o->title;
$contact = $o->contact;
$description = $o->description;
}
}
if ($title) {
//$str = "<table width='80%' background='$webid/images/bg1.jpg'
//onmouseover=\"document.getElementById('t2').style.visibility = 'hidden';\"
//onmouseout=\"document.getElementById('t2').style.visibility = 'visible';\">
$str = "<table width='80%' class='banner'>
<tr>
<td align='left' width='10%'>
<img src='$webid/images/rajarshi2.jpg' height='90' width='90'>
</td>
<th width='80%'>
<h2>$title</h2>
<span class='contact'>$contact $description</span>
</th>
<td width='10%' align='right'>
<img src='$webid/images/logo.jpg' height='90' width='90'>
</td>
</tr></table>";
}
return "<img src='$webid/images/uprtoubanner.png' height='90' width='80%' class='banner'>";//$str
}
function features($webid) {
$tbl = 'websites';
$rs = mysql_query("select features from websites where webid='$webid'");
if (mysql_num_rows($rs)) {
$o = mysql_fetch_object($rs);
$featuress = explode(',', $o->features);
}
foreach ($featuress as $ft) {
if ($ft) {
if ($ft == 'search' || $ft == 'feedback' || $ft == 'gallery') {
$id = innerconf($ft);
$str .= "[<a href='inner.php?conf=$id'>".ucwords($ft)."</a>] ";
} else
$str .= "[<a href='#' onclick=\"showPage('$ft','online','$webid')\">".ucwords($ft)."</a>] ";
}
}
return $str;
}
function signin($webid, $user) {
if ($user)
//$str .= "<a href='#' onclick=\"showPage('logout','online','$webid')\">Logout</a> |";
$str = "<a href='index.php?logout=1'>Logout</a> ($user)";
else
$str = "<a href='#' onclick=\"showPage('login','online','$webid')\">Login</a>";
return $str;
}
function gallery($webid, $no) {
if (!$no) $no = 1;
$i = 0;
$agPath = absolutePath($webid,'gallery');
$rgPath = relativePath($webid,'gallery');
//if ($fname) shell_exec("rm -f {$agPath}/{$fname}");
$dh = opendir($agPath);
while (false !== ($filename = readdir($dh))) {
if (strlen($filename) > 2) {
$files[] = $filename;
$i++;
}
}
if ($no > $i) $no = 1;
$fname = $files[$no];
if (!$fname) $fname = $files[0];
$str = "$fname ($no of $i photos)<center>
<img src='$rgPath/$fname' width='100%' height='400' /><br>";
$no--;
if ($no > 0) $str .= "[ <a href='#' onclick=\"showPage('gallery', $no, '$webid')\">Prev</a> ]";
$no++; $no++;
//if ($no <= $i) $str .= "[ <a href='$PHP_SELF?conf=$conf&no=$no'>Next</a> ]";
if ($no <= $i) $str .= "[ <a href='#' onclick=\"showPage('gallery', $no, '$webid')\">Next</a> ]";
$str .= "</center>";
/* if ($user) {
$id = innerconf('upload');
echo "<div align='right'>
[ <a href='$PHP_SELF?conf={$id}&addto_gallery=1'>Add</a> |
<a href='$PHP_SELF?conf=$conf&action=remove&no=$no&fname=$fname'>Remove</a> ]
</div>";
}
*/
return $str;
}
function footer($webid) {
$tbl = 'websites';
$rs1 = mysql_query("select * from $tbl where webid='$webid'");
if (mysql_num_rows($rs1)) {
$o = mysql_fetch_object($rs1);
$str .= "$o->footer <div class='datetime'>[$o->counter hits since $o->datecreation]</div>";
}
$str .= "Developed by: <a href='http://profile.iiita.ac.in/mmishra'>Mithilesh Kr. Mishra</a> & Team, <a href='http://www.iiita.ac.in'>IIIT Allahabad</a>";
return $str;
}
function telephones($webid, $id) {
$tbl = 'telephones';
$str ="<span class='heading'>Telephones</span>
<ol>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and status='online' order by rowid");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='#' onclick=\"showPage('telephones','$o->rowid','$webid')\">$o->fullname</a>
($o->designation)<dir>
-- Phone: $o->phoneoffice (O), $o->phonehome (R), $o->mobileno (M)<br>
-- Email: <a href='mailto:$o->email'>".str_replace('@','{at}',str_replace('.','{dot}',$o->email))."</a>
</dir></li>";
}
$str .= "</ol>";
return $str;
}
function profiles($webid, $userid) {
$tbl = 'webusers';
$str ="<span class='heading'>Profiles</span>
<ol>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' order by rowid");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='#' onclick=\"showPage('profiles','$o->userid','$webid')\">$o->fullname</a> (email: $o->email, dated $o->datecreation)";
if ($userid == $o->userid) $str .= "<dir>".htmlunsafe($o->profile)."</dir>";
$str .= "</li>";
}
$str .= "</ol>";
return $str;
}
function profiles1($webid) {
$tbl = 'webpages';
$str ="<span class='heading'>Profiles</span>
<ol>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and parentid=99997 order by rowid");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='inner.php?conf=$o->rowid'>$o->hypertext</a> (dated $o->datecreation)</li>";
}
$str .= "</ol>";
return $str;
}
function statics($webid) {
$tbl = 'webpages';
$str ="<table width='100%'><tr valign='top'>
<td align='left' width='50%'><u>Recent Access</u><ul>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and hypertext>'' and status='online' order by dateaccess desc limit 0,5");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='inner.php?conf=$o->rowid'>".strtolower($o->hypertext)."</a> [ dated $o->dateaccess ]</li>";
}
$str .= "</ul></td><td align='left' width='50%'><u>Recent Updations</u><ul>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and hypertext>'' and status='online' order by dateupdation desc limit 0,5");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='inner.php?conf=$o->rowid'>".strtolower($o->hypertext)."</a> [ dated $o->dateupdation ]</li>";
}
$str .= "</ul></td></tr>
<tr valign='top'><td align='left' width='50%'><u>Hot Links</u><ul>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and hypertext>'' and status='online' order by hits desc limit 0,9");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='inner.php?conf=$o->rowid'>".strtolower($o->hypertext)."</a> ($o->hits hits)</li>";
}
$str .= "</ul></td><td align='left'><u>Cold Links</u><ul>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and hits>2 and status='online' order by hits limit 0,9");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='inner.php?conf=$o->rowid'>".strtolower($o->hypertext)."</a> ($o->hits hits)</li>";
}
$str .= "</ul></td></tr>
<tr valign='top'><td align='left' width='50%'><u>Recent Expired</u><ul>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and hypertext>'' and status='offline' order by dateexpiry limit 0,9");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='inner.php?conf=$o->rowid'>".strtolower($o->hypertext)."</a> [ dated $o->dateexpiry ]</li>";
}
$str .= "</ul></td><td align='left'><u>Near Expiry</u><ul>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and status='online' order by dateexpiry limit 0,9");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='inner.php?conf=$o->rowid'>".strtolower($o->hypertext)."</a> [ dated $o->dateexpiry ]</li>";
}
$str .= "</ul></td></tr>
<tr valign='top'><td align='left'><u>Latest Visitors</u><ul>";
$tbl = 'accesslogs'; //online users during last 5 minutes
$rs1 = mysql_query("select distinct remoteip,userid,referer from $tbl where webid='$webid' order by rowid desc limit 0,9");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li>$o->remoteip/$o->userid/".substr($o->referer,0,50)."</li>";
}
$id = innerconf('accesslog');
$str .= "<li><a href='inner.php?conf=$id'>Accesslog</a></li></ul></td><td><u>Latest Abusers</u><ul>";
$tbl = 'abusers'; //recent abusers
$rs1 = mysql_query("select remoteip,email from $tbl where webid='$webid' order by rowid desc limit 0,9");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li>$o->remoteip/$o->email</li>";
}
$str .= "</ul></td></tr></table>";
return $str;
}
function login($webid) {
$str = "
Please login here using your login ID and password.<br>
<table class='login' align='center'>
<tr>
<td>Login ID:</td>
<td><input type='text' name='txtID' size='20' value=''></td>
</tr><tr>
<td>Password:</td>
<td><input type='password' name='txtPWD' size='20' value=''></td>
</tr><tr>
<td><img src='images/login.jpg' width='70' height='50'></td>
<td><input type='submit' name='submit' value='LOGIN' style='width: 80px'></td>
</tr>
</table>
<input type='hidden' name='login'><br>
<script type='text/javascript'>
document.form.txtID.focus();
</script>";
return $str;
}
function accessLog($webid, $user, $referer, $url) {
$tbl = 'accesslogs';
if (!$user) $user = 'guest';
if (!$referer) $referer = 'direct';
if ($url == '/') $url = 'index.php';
$ip = $_SERVER["REMOTE_ADDR"];
mysql_query("insert into $tbl(webid,userid,referer,weburl,remoteip,dateaccess)
values('$webid','$user', '$referer', '$url','$ip',now())");
}
function checkAdmin($role) {
if ($role != "admin") {
echo "<div align=center><h2>You must be a Webmaster to access this page</h2></div>";
exit;
}
}
function checkLogin($user) {
if (!$user) {
echo "<div align=center>You must be logged in to access this page</div>";
exit;
}
}
function checkEmail($email) {
if (eregi("^[a-zA-Z0-9_]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$]", $email)) {
return FALSE;
}
list($Username, $Domain) = split("@",$email);
if (getmxrr($Domain, $MXHost)) {
return TRUE;
} else {
if (fsockopen($Domain, 25, $errno, $errstr, 30)) {
return TRUE;
} else {
return FALSE;
}
}
}
function checkAbuser($webid, $message, $name, $email, $remoteip) {
$tbl = 'abusers';
if (mysql_num_rows(mysql_query("select * from $tbl where remoteip='$remoteip' or email='$email'"))) {
return TRUE;
} else {
$abuses = array('nude','teen','www','url','sex','suck','fuck','xxx','pussy','penis','hotty','sexual','porn','movie');
foreach ($abuses as $abuse) {
if (stristr($message, $abuse)) {
mysql_query("insert into $tbl(webid,name,email,content,remoteip,datecreation)
values('$webid','$name','$email','$message','$remoteip',now())");
return TRUE;
}
}
return FALSE;
}
}
function authenticate($webid, $userid, $pwd) {
$tbl = 'webusers';
//$rs = mysql_query("select * from $tbl where webid='$webid' and userid='$userid' and passwd=password('$pwd')");
$rs = mysql_query("select * from $tbl where webid='$webid' and userid='$userid' and status='online' and passwd=password('$pwd')");
if (mysql_num_rows($rs)) {
$o = mysql_fetch_object($rs);
$role = $o->role;
} else $role = 'guest';
return 'admin'; //$role;
}
function absolutePath($webid, $object) {
$wroot = substr($_SERVER['SCRIPT_FILENAME'], 0, strrpos($_SERVER['SCRIPT_FILENAME'], "/"));
switch ($object) {
case "images":
return $wroot."/$webid/images";
break;
case "gallery":
return $wroot."/$webid/gallery";
break;
case "documents":
return $wroot."/$webid/documents";
break;
case "multimedia":
return $wroot."/$webid/multimedia";
break;
default:
return $_SERVER["DOCUMENT_ROOT"];
}
}
function relativePath($webid, $object) {
$wroot = substr($_SERVER['SCRIPT_FILENAME'], 0, strrpos($_SERVER['SCRIPT_FILENAME'], "/"));
switch ($object) {
case "images":
return "/$webid/images";
break;
case "gallery":
return "/$webid/gallery";
break;
case "documents":
return "/$webid/documents";
break;
case "multimedia":
return "/$webid/multimedia";
break;
default:
return $_SERVER["DOCUMENT_ROOT"];
}
}
function flash($webid, $title) {
return "<div class='flash' id='flash' onMouseOver=\"show('flash')\" onMouseOut=\"hide('flash')\">
<img src='$webid/images/logo.jpg' height='100' width='100'></img>$title
</div>";
}
function familytree($webid, $rowid) {
switch ($rowid) {
case 0:
$str = "<a href='/'>Home</a>";
break;
case 99995:
$str = "<a href='/'>Home</a> > Format";
break;
case 99996:
$str = "<a href='/'>Home</a> > Tender";
break;
case 99997:
$str = "<a href='/'>Home</a> > Profile";
break;
case 99998:
$str = "<a href='/'>Home</a> > Advertisement";
break;
case 99999:
$str = "<a href='/'>Home</a> > Announcement";
break;
default:
$tbl = 'webpages';
if ($webid) $rs = mysql_query("select * from $tbl where webid='$webid' and status='online' and rowid=$rowid");
else $rs = mysql_query("select * from $tbl where status='online' and rowid=$rowid");
if ($rs) {
$o = mysql_fetch_object($rs);
if ($o->pagecontent)
$str = familytree($webid, $o->parentid) . " > <a href='inner.php?conf=$o->rowid'>$o->hypertext</a>";
else
$str = familytree($webid, $o->parentid) . " > $o->hypertext";
} else
$str = '';
break;
}
return $str;
}
function sibling($webid, $parentid, $rowid) {
$tbl = 'webpages';
$str = "<div class='datetime'>See also: ";
$rs = mysql_query("select * from $tbl where webid='$webid' and status='online' and parentid=$parentid and rowid<>$rowid");
if (mysql_num_rows($rs)) {
while ($o = mysql_fetch_object($rs)) {
$hypertext = str_replace(" ", " ", $o->hypertext);
if ($o->pagecontent && $o->pageaccess != 'admin') {
$str .= "<a href='inner.php?conf=$o->rowid'>$hypertext</a>, ";
} else {
if ($user) $str .= "<a href='admin.php?conf=$o->rowid'>$hypertext</a>, ";
}
}
} else
$str .= 'Nothing';
$str = rtrim($str, ", ") . "</div>";
return $str;
}
function sendmail($email, $subject, $body) {
require("classes/class.phpmailer.php");
$mail = new PHPMailer();
$mail->IsSMTP(); // telling the class to use SMTP
$mail->Host = "mail.iiita.ac.in"; // SMTP server
$mail->FromName = "Webmailer";
$mail->From = "indem@iiita.ac.in";
$mail->AddAddress($email,$email);
$mail->AddAddress("indem@iiita.ac.in","indem@iiita.ac.in");
$mail->Username = "indem";
$mail->Password = "@medni2020";
$mail->Subject = $subject;
$mail->Body = $body;
$mail->WordWrap = 75;
if (!$mail->Send()) {
return $mail->ErrorInfo;
} else {
return TRUE;
}
}
function picture($webid) {
$agPath = absolutePath($webid,'gallery');
$rgPath = relativePath($webid,'gallery');
$riPath = relativePath($webid,'images');
$dh = opendir($agPath);
$i = 0;
while (false !== ($filename = readdir($dh))) {
if (strlen($filename) > 2) {
$files[] = $filename;
$i++;
}
}
$no = rand(0, $i-1);
if (!$files[$no]) $no = 0;
return $rgPath.'/'.$files[$no];
}
/*
function gallery($webid) {
$agPath = absolutePath($webid,'gallery');
$rgPath = relativePath($webid,'gallery');
$riPath = relativePath($webid,'images');
$dh = opendir($agPath);
$i = 0;
while (false !== ($filename = readdir($dh))) {
if (strlen($filename) > 2) {
$files[] = $filename;
$i++;
}
}
$no = rand(0, $i-1);
if (!$files[$no]) $no = 0;
$color = rand(0,255).','.rand(0,255).','.rand(0,255);
$str = "<img id='pic' src='$rgPath/".$files[$no]."' height='420' width='100%' title='Logo in Photo Gallery'>";
return $str;
}
*/
function upload($webid, $gallery=0) {
$maxsize = 90998860800;
$uploadfile = basename($_FILES['userfile']['name']);
$tempfile = $_FILES['userfile']['tmp_name'];
$filesize = $_FILES["userfile"]["size"];
$uploadfile = str_replace(" ","-",$uploadfile);
$uploadfile = str_replace("'","",$uploadfile);
$uploadfile = str_replace('"',"",$uploadfile);
$uploadfile = str_replace('(',"",$uploadfile);
$uploadfile = strtolower(str_replace(')',"",$uploadfile));
if ($uploadfile && $filesize < $maxsize) {
$filename = explode(".", $uploadfile);
$ext = $filename[count($filename)-1];
if ($ext == 'jpg' || $ext == 'gif' || $ext == 'tif' || $ext == 'png') {
if ($gallery == 1) $uPath = absolutePath($webid,'gallery');
else $uPath = absolutePath($webid,'images');
} else if ($ext == 'mp3' || $ext == 'avi' || $ext == 'wav' || $ext == 'wma') {
$uPath = absolutePath($webid,'multimedia');
} else {
$uPath = absolutePath($webid,'documents');
}
//echo (move_uploaded_file($tempfile, "$uPath/$uploadfile"));
if (move_uploaded_file($tempfile, "$uPath/$uploadfile")) {
shell_exec("chmod -R 755 $uPath");
if ($gallery) {
shell_exec("convert -resize 30% {$uPath}/{$uploadfile} {$uPath}/gl{$uploadfile}");
}
echo "<div>Thanks! $uploadfile file has successfully been uploaded.</div>";
} else {
echo "<div>Oops! $uPath/$uploadfile ($tempfile) file could not be uploaded due to system error.</div>";
}
} else {
echo "<div>Oops! either file name is missing or file size exceeds the max. limit of 10 MB.</div>";
}
}
function text2image($str) {
Header ("Content-type: image/png");
putenv('GDFONTPATH=' . realpath('.'));
$font = 'arial.ttf';
$fontSize = 80;//in point;
$onecharwidth = imagefontwidth($font)*($fontSize/8);
$totalwidth = $onecharwidth * strlen($str);
$height = (imagefontheight($font)*($fontSize/8))*2;
$img_handle = imagecreatetruecolor($totalwidth, $height);
$white = imagecolorallocate($img_handle, 255, 255, 255);
imagefill($img_handle, 0, 0, $white);
$black = imagecolorallocate ($img_handle, 0, 0, 0);
$gray = imagecolorallocate ($img_handle, 100, 100, 100);
imagettftext($img_handle, 20, 0, 10, 20, $black, $font, $title1);
$posarr=imagettfbbox(20, 0,$font, $title1);
imagettftext($img_handle, 20, 0, $posarr[2]+$onecharwidth, 20, $gray, $font, $title2);
imagepng ($img_handle);
imagedestroy ($img_handle);
}
function ReplaceBadWords($str, $bad_words, $replace_str){
if (!is_array($bad_words)){
$bad_words = explode(',', $bad_words);
}
for ($x=0; $x < count($bad_words); $x++){
$fix = isset($bad_words[$x]) ? $bad_words[$x] : '';
$_replace_str = $replace_str;
if (strlen($replace_str)==1){
$_replace_str = str_pad($_replace_str, strlen($fix), $replace_str);
}
$str = preg_replace('/'.$fix.'/i', $_replace_str, $str);
}
return $str;
}
function htmlsafe($str) {
return trim(htmlspecialchars(stripslashes($str), ENT_QUOTES));
}
function htmlunsafe($str) {
return trim(htmlspecialchars_decode($str, ENT_COMPAT));
}
function DateAdd($interval) {
$curdate = getdate();
$cday = $curdate['mday']+$interval;
$cmonth = $curdate['mon'];
$cyear = $curdate['year'];
if ($cday > 30) {
$cmonth = $cmonth + 1;
$cday = $cday - 30;
if ($cmonth == 13) {
$cyear = $cyear + 1;
$cmonth = 1;
}
}
if ($cday < 10) $cday .= "0";
if ($cmonth < 10) $cmonth .= "0";
//$ourDate = array($cyear,$cmonth,$cday);
$ourDate = "$cyear-$cmonth-$cday";
return $ourDate;
}
function ajax() {
?>
<script language="javascript">
function GetXmlHttpObject() {
var xmlHttp = null;
try {
// Firefox, Opera 8.0+, Safari
xmlHttp = new XMLHttpRequest();
} catch (e) {
// Internet Explorer
try {
xmlHttp = new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
xmlHttp = new ActiveXObject("Microsoft.XMLHTTP");
}
}
return xmlHttp;
}
function showPage(task, query, webid) {
if (task.length == 1 || query.length < 3) {
document.getElementById("ajax").innerHTML="";
document.getElementById("ajax").style.visibility = 'hidden';
return;
} else
document.getElementById("ajax").style.visibility = 'visible';
xmlHttp=GetXmlHttpObject()
if (xmlHttp == null) {
alert ("Your browser does not support AJAX!");
return;
}
var url = "ajaxpage.php?task="+task+"&query="+query+"&webid="+webid;
//alert(url);
xmlHttp.onreadystatechange = stateChanged;
xmlHttp.open("GET", url, true);
xmlHttp.send(null);
}
function stateChanged() {
if (xmlHttp.readyState==4) {
document.getElementById("ajax").innerHTML=xmlHttp.responseText;
}
}
</script>
<?php
}
?>