Your IP : 216.73.216.40
<?php
function dbConnect() {
$link = mysql_connect("localhost", "root", "alld@uprtou");
if (!$link) die('Could not connect: ' . mysql_error());
mysql_select_db("icdp");
return $link;
}
function innerconf($content) {
$tbl = 'webpages';
//$rs = mysql_query("select rowid from $tbl where pagetype='php' and lcase(pagecontent) like '%".strtolower($content)."%'");
$rs = mysql_query("select rowid from $tbl where lcase(pagecontent) like '".strtolower($content)."%'");
if (mysql_num_rows($rs)) {
$q = mysql_fetch_object($rs);
return $q->rowid;
} else
return 0;
}
function features($webid) {
$tbl = 'websites';
$rs = mysql_query("select features from $tbl where webid='$webid' and status='online'");
if (mysql_num_rows($rs)) {
$o = mysql_fetch_object($rs);
$featuress = explode(',', $o->features);
}
$str = '<ul>';
foreach ($featuress as $ft) {
if ($ft) {
if ($ft == 'search' || $ft == 'feedback' || $ft == 'gallery') {
$id = innerconf($ft);
$str .= "<li><a href='inner.php?conf=$id'>".ucwords($ft)."</a></li>";
} else
$str .= "<li><a href='#' onclick=\"showPage('$ft','online','$webid')\">".ucwords($ft)."</a></li>";
}
}
$str .= '</ul>';
return $str;
}
function footer($webid) {
$tbl = 'websites';
$rs = mysql_query("select * from $tbl where webid='$webid'");
if (mysql_num_rows($rs)) {
$o = mysql_fetch_object($rs);
$str = "$o->footer <div align='right' style='font-size:9px'>[$o->counter hits since $o->datecreation]</div>";
}
$str .= "Developed by: <a href='http://profile.iiita.ac.in/mmishra'>Mithilesh Kr. Mishra</a> & Team, <a href='http://www.iiita.ac.in'>IIIT Allahabad</a>";
return $str;
}
function signin($webid, $user, $role) {
if ($user) {
if ($role != 'error' && $role != 'guest')
return "<a href='index.php?logout=1'>Logout ($user|$role)</a>";
else
return "<a href='#' onclick=\"showPage('login','online','$webid')\">Login</a>";
} else
return "<a href='#' onclick=\"showPage('login','online','$webid')\">Login</a>";
}
function accessLog($webid, $user) {
$tbl = 'accesslogs';
$referer = $_SERVER['HTTP_REFERER'];
$url = $_SERVER['REQUEST_URI'];
$remoteip = $_SERVER["REMOTE_ADDR"];
if (!$user) $user = 'guest';
if (!$referer) $referer = 'direct';
if ($url == '/') $url = 'index.php';
mysql_query("insert into $tbl(webid,userid,referer,weburl,remoteip,dateaccess)
values('$webid','$user', '$referer', '$url','$remoteip',now())");
}
function checkAdmin($webid, $user, $role) {
//$role = $HTTP_SESSION_VARS['role'];
//$role = authenticate($webid, $user);
if ($role == 'guest')
die ("<div align=center><h2>You must be a Webmaster to access this page</h2></div>");
}
function checkLogin($webid, $user) {
//$role = authenticate($webid, $user);
if (!$user)
die ("<div align=center><h2>You must be logged in to access this page</h2></div>");
}
function checkEmail($email) {
if (eregi("^[a-zA-Z0-9_]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$]", $email)) {
return FALSE;
}
list($Username, $Domain) = split("@",$email);
if (getmxrr($Domain, $MXHost)) {
return TRUE;
} else {
if (fsockopen($Domain, 25, $errno, $errstr, 30)) {
return TRUE;
} else {
return FALSE;
}
}
}
function checkAbuser($message, $name, $email, $systemip) {
$tbl = 'abusers';
if (mysql_num_rows(mysql_query("select * from $tbl where systemip='$ip' or email='$email' or name='$name'"))) {
return TRUE;
} else {
$abuses = array('nude','teen','www','url','sex','suck','fuck','xxx','pussy','penis','hotty','sexual','porn','movie');
foreach ($abuses as $abuse) {
if (stristr($message, $abuse)) {
mysql_query("insert into $tbl(name,email,systemip,datecreation) values('$name','$email','$systemip',now())");
return TRUE;
}
}
return FALSE;
}
}
function authenticate($webid, $user, $pwd='') {
$tbl = 'webusers';
$role = 'guest';
//$rs = mysql_query("select * from $tbl where webid='$webid' and userid='$userid' and passwd=password('$pwd')");
$rs = mysql_query("select role from $tbl where webid='$webid' and userid='$user' and status='online'");
if (mysql_num_rows($rs)) {
if ($pwd) {
$rs = mysql_query("select role from $tbl where webid='$webid' and userid='$user' and status='online' and passwd=password('$pwd')");
if (mysql_num_rows($rs)) {
$o = mysql_fetch_object($rs);
$role = $o->role;
}
}
} else
$role = "error";
return $role;
}
function telephones($webid, $id) {
$tbl = 'telephones';
$str ="<h3>Telephones</h3>
<ol>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and status='online' order by rowid");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='#' onclick=\"showPage('telephones','{$o->rowid}mm','$webid')\">$o->fullname</a>
($o->designation)<dir>
-- Phone: $o->phoneoffice (O), $o->phonehome (R), $o->mobileno (M)<br>
-- Email: <a href='mailto:$o->email'>".str_replace('@','{at}',str_replace('.','{dot}',$o->email))."</a>
</dir></li>";
}
$str .= "</ol>";
return $str;
}
function profiles($webid, $id) {
$tbl = 'webusers';
$str ="<h3>Profiles</h3>
<ol>";
$rs = mysql_query("select * from $tbl where webid='$webid' and status='online' order by rowid");
while ($o = mysql_fetch_object($rs)) {
$str .= "<li><a href='#' onclick=\"showPage('profiles', '{$o->rowid}mm', '$webid')\">$o->fullname</a>
<dir>
-- Contact: $o->contact<br>
-- Email: <a href='mailto:$o->email'>".str_replace('@','{at}',str_replace('.','{dot}',$o->email))."</a>";
if (intval($id) == $o->rowid) $str .= "<hr>".$o->profile."<br>";
$str .= "</dir></li>";
}
$str .= "</ol>";
return $str;
}
function absolutePath($webid, $object) {
$wroot = substr($_SERVER['SCRIPT_FILENAME'], 0, strrpos($_SERVER['SCRIPT_FILENAME'], "/"));
switch ($object) {
case "images":
return $wroot."/$webid/images";
break;
case "gallery":
return $wroot."/$webid/gallery";
break;
case "documents":
return $wroot."/$webid/documents";
break;
case "multimedia":
return $wroot."/$webid/multimedia";
break;
default:
return $_SERVER["DOCUMENT_ROOT"];
}
}
function relativePath($webid, $object) {
//$wroot = substr($_SERVER['SCRIPT_FILENAME'], 0, strrpos($_SERVER['SCRIPT_FILENAME'], "/"));
switch ($object) {
case "images":
return "/$webid/images";
break;
case "gallery":
return "/$webid/gallery";
break;
case "documents":
return "/$webid/documents";
break;
case "multimedia":
return "/$webid/multimedia";
break;
default:
return $_SERVER["DOCUMENT_ROOT"];
}
}
function ajax() {
?>
<script language="javascript">
function GetXmlHttpObject() {
var xmlHttp = null;
try {
// Firefox, Opera 8.0+, Safari
xmlHttp = new XMLHttpRequest();
} catch (e) {
// Internet Explorer
try {
xmlHttp = new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
xmlHttp = new ActiveXObject("Microsoft.XMLHTTP");
}
}
return xmlHttp;
}
function showPage(task, query, webid) {
if (task.length < 1 || query.length < 3) {
document.getElementById("ajax").innerHTML="";
document.getElementById("ajax").style.visibility = 'hidden';
return;
} else
document.getElementById("ajax").style.visibility = 'visible';
xmlHttp=GetXmlHttpObject()
if (xmlHttp == null) {
alert ("Your browser does not support AJAX!");
return;
}
var url = "ajaxpage.php?task="+task+"&query="+query+"&webid="+webid;
//alert(url);
xmlHttp.onreadystatechange = stateChanged;
xmlHttp.open("GET", url, true);
xmlHttp.send(null);
}
function stateChanged() {
if (xmlHttp.readyState==4) {
document.getElementById("ajax").innerHTML=xmlHttp.responseText;
}
}
</script>
<?php
}
function flash($webid, $title) {
?>
<!-- START AD -->
<script language="JavaScript"><!--
function show(object) {
if (document.getElementById) {
document.getElementById(object).style.visibility = 'visible';
} else if (document.layers && document.layers[object]) {
document.layers[object].visibility = 'visible';
} else if (document.all) {
document.all[object].style.visibility = 'visible';
}
}
function hide(object) {
if (document.getElementById) {
document.getElementById(object).style.visibility = 'hidden';
} else if (document.layers && document.layers[object]) {
document.layers[object].visibility = 'hidden';
} else if (document.all) {
document.all[object].style.visibility = 'hidden';
}
}
//--></script>
<div class="flash" id="flash" onMouseOver="show('flash')" onMouseOut="hide('flash')">
<?php echo "<img src='/images/iiita.jpg' height='100' width='100'>Developed by: Mithilesh Kr. Mishra & Team, IIIT Allahabad</img>"; ?>
</div>
<!-- END AD -->
<?php
}
function familytree($webid, $rowid) {
switch ($rowid) {
case 0:
$str = "<a href='/'>Home</a>";
break;
case 99995:
$str = "<a href='/'>Home</a> > Format";
break;
case 99996:
$str = "<a href='/'>Home</a> > Tender";
break;
case 99997:
$str = "<a href='/'>Home</a> > Profile";
break;
case 99998:
$str = "<a href='/'>Home</a> > Advertisement";
break;
case 99999:
$str = "<a href='/'>Home</a> > Announcement";
break;
default:
$tbl = 'webpages';
if ($webid) $rs = mysql_query("select * from $tbl where webid='$webid' and status='online' and rowid=$rowid");
else $rs = mysql_query("select * from $tbl where status='online' and rowid=$rowid");
if ($rs) {
$o = mysql_fetch_object($rs);
if ($o->pagecontent)
$str = familytree($webid, $o->parentid) . " > <a href='inner.php?conf=$o->rowid'>$o->hypertext</a>";
else
$str = familytree($webid, $o->parentid) . " > $o->hypertext";
} else
$str = '';
break;
}
return $str;
}
function sibling($webid, $parentid, $rowid) {
$tbl = 'webpages';
$str = "Other links: ";
if ($parentid)
$rs = mysql_query("select * from $tbl where webid='$webid' and status='online' and parentid=$parentid and rowid<>$rowid");
else
$rs = mysql_query("select * from $tbl where webid='' and pageaccess='admin' and parentid=0 and rowid<>$rowid");
if (mysql_num_rows($rs)) {
while ($o = mysql_fetch_object($rs)) {
$hypertext = str_replace(" ", " ", $o->hypertext);
if ($o->pagecontent && !stripos($o->hypertext, ".")) {
if ($o->webid) $str .= "<a href='inner.php?conf=$o->rowid'>$hypertext</a>, ";
else $str .= "<a href='admin.php?conf=$o->rowid'>$hypertext</a>, ";
} else
$str = '';
}
} else
$str .= 'Nothing';
$str = rtrim($str, ", ");
return $str;
}
function sendmail($email, $subject, $body) {
require("classes/class.phpmailer.php");
$mail = new PHPMailer();
$mail->IsSMTP(); // telling the class to use SMTP
$mail->Host = "mail.iiita.ac.in"; // SMTP server
$mail->FromName = "Webmailer";
$mail->From = "indem@iiita.ac.in";
$mail->AddAddress($email,$email);
$mail->AddAddress("indem@iiita.ac.in","indem@iiita.ac.in");
$mail->Username = "indem";
$mail->Password = "@medni2020";
$mail->Subject = $subject;
$mail->Body = $body;
$mail->WordWrap = 75;
if (!$mail->Send()) {
return $mail->ErrorInfo;
} else {
return TRUE;
}
}
function gallery($webid) {
$agPath = absolutePath($webid,'gallery');
$rgPath = relativePath($webid,'gallery');
$riPath = relativePath($webid,'images');
$dh = opendir($agPath);
$i = 0;
while (false !== ($filename = readdir($dh))) {
if (strlen($filename) > 2) {
$files[] = $filename;
$i++;
}
}
$no = rand(0, $i-1);
if (!$files[$no]) $no = 0;
$color = rand(0,255).','.rand(0,255).','.rand(0,255);
$str = "<img id='pic' src='$rgPath/".$files[$no]."' width='100%' height='120' title='Photo Gallery'>";
//onMouseOver=\"this.src='".$riPath."/logo.jpg'\" onMouseOut=\"this.src='$rgPath/".$files[$no]."'\">";
return $str;
}
function metadata($webid) {
$tbl = 'webpages';
$str ="<h3>Metadata</h3>
<table width='100%'><tr valign='top'>
<td align='left' width='50%'><u>Recent Access</u><ul>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and hypertext>'' and status='online' order by dateaccess desc limit 0,5");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='inner.php?conf=$o->rowid'>".strtolower($o->hypertext)."</a> [ dated $o->dateaccess ]</li>";
}
$str .= "</ul></td><td align='left' width='50%'><u>Recent Updations</u><ul>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and hypertext>'' and status='online' order by dateupdation desc limit 0,5");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='inner.php?conf=$o->rowid'>".strtolower($o->hypertext)."</a> [ dated $o->dateupdation ]</li>";
}
$str .= "</ul></td></tr>
<tr valign='top'><td align='left' width='50%'><u>Hot Links</u><ul>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and hypertext>'' and status='online' order by hits desc limit 0,9");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='inner.php?conf=$o->rowid'>".strtolower($o->hypertext)."</a> ($o->hits hits)</li>";
}
$str .= "</ul></td><td align='left'><u>Cold Links</u><ul>";
$rs1 = mysql_query("select * from $tbl where webid='$webid' and hits>2 and status='online' order by hits limit 0,9");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li><a href='inner.php?conf=$o->rowid'>".strtolower($o->hypertext)."</a> ($o->hits hits)</li>";
}
$str .= "</ul></td></tr>
<tr valign='top'><td align='left'><u>Latest Visitors</u><ul>";
$tbl = 'accesslogs'; //online users during last 5 minutes
$rs1 = mysql_query("select distinct remoteip,userid,referer from $tbl where webid='$webid' order by rowid desc limit 0,9");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li>$o->remoteip/$o->userid/".substr($o->referer,0,50)."</li>";
}
$id = innerconf('accesslog');
$str .= "<li><a href='inner.php?conf=$id'>Accesslog</a></li></ul></td><td><u>Latest Abusers</u><ul>";
$tbl = 'abusers'; //recent abusers
$rs1 = mysql_query("select remoteip,email from $tbl where webid='$webid' order by rowid desc limit 0,9");
while ($o = mysql_fetch_object($rs1)) {
$str .= "<li>$o->remoteip/$o->email</li>";
}
$str .= "</ul></td></tr></table>";
return $str;
}
function upload($webid, $gallery=0) {
$maxsize = 90998860800;
$uploadfile = basename($_FILES['userfile']['name']);
$tempfile = $_FILES['userfile']['tmp_name'];
$filesize = $_FILES["userfile"]["size"];
$uploadfile = str_replace(" ","-",$uploadfile);
$uploadfile = str_replace("'","",$uploadfile);
$uploadfile = str_replace('"',"",$uploadfile);
$uploadfile = str_replace('(',"",$uploadfile);
$uploadfile = strtolower(str_replace(')',"",$uploadfile));
if ($uploadfile && $filesize < $maxsize) {
$filename = explode(".", $uploadfile);
$ext = $filename[count($filename)-1];
if ($ext == 'jpg' || $ext == 'gif' || $ext == 'tif' || $ext == 'png') {
if ($gallery == 1) {
$aPath = absolutePath($webid,'gallery');
$rPath = relativePath($webid,'gallery');
} else {
$aPath = absolutePath($webid, 'images');
$rPath = relativePath($webid, 'images');
}
} else if ($ext == 'mp3' || $ext == 'avi' || $ext == 'wav' || $ext == 'wma') {
$aPath = absolutePath($webid, 'multimedia');
$rPath = relativePath($webid, 'multimedia');
} else {
$aPath = absolutePath($webid, 'documents');
$rPath = relativePath($webid, 'documents');
}
//echo (move_uploaded_file($tempfile, "$uPath/$uploadfile"));
if (move_uploaded_file($tempfile, "$aPath/$uploadfile")) {
shell_exec("chmod -R 755 $aPath");
//echo "<div>Thanks! $uploadfile file has successfully been uploaded.</div>";
return "$rPath/$uploadfile";
} else {
echo "<div>Oops! $aPath/$uploadfile ($tempfile) file could not be uploaded due to system error.</div>";
return "Error: system problem";
}
} else {
//echo "<div>Oops! either file name is missing or file size exceeds the max. limit of 10 MB.</div>";
return "Error: filesize > 10 MB";
}
}
function setright($rowid, $userid) {
$tbl = 'webpages';
mysql_query("update $tbl set userid='$userid' where rowid=$rowid");
mysql_query("update $tbl set userid='$userid' where parentid=$rowid");
$rs = mysql_query("select * from $tbl where parentid=$rowid");
if (mysql_num_rows($rs)) {
while ($o = mysql_fetch_object($rs)) {
setright($o->rowid, $userid);
}
}
return '';
}
function login($webid) {
$str = "
Please login here using your login ID and password.<br>
<table class='login' align='center'>
<tr> <td>Login ID:</td> <td><input type='text' name='txtID' size='20' value=''></td> </tr>
<tr> <td>Password:</td> <td><input type='password' name='txtPWD' size='20' value=''></td> </tr>
<tr> <td><img src='images/login.jpg' width='70' height='50'></td> <td><input type='submit' name='submit' value='LOGIN' style='width: 80px'></td> </tr>
</table>
<input type='hidden' name='login'><br>
<script type='text/javascript'>
document.form.txtID.focus();
</script>";
return $str;
}
function text2image($str) {
Header ("Content-type: image/png");
putenv('GDFONTPATH=' . realpath('.'));
$font = 'arial.ttf';
$fontSize = 80;//in point;
$onecharwidth = imagefontwidth($font)*($fontSize/8);
$totalwidth = $onecharwidth * strlen($str);
$height = (imagefontheight($font)*($fontSize/8))*2;
$img_handle = imagecreatetruecolor($totalwidth, $height);
$white = imagecolorallocate($img_handle, 255, 255, 255);
imagefill($img_handle, 0, 0, $white);
$black = imagecolorallocate ($img_handle, 0, 0, 0);
$gray = imagecolorallocate ($img_handle, 100, 100, 100);
imagettftext($img_handle, 20, 0, 10, 20, $black, $font, $title1);
$posarr=imagettfbbox(20, 0,$font, $title1);
imagettftext($img_handle, 20, 0, $posarr[2]+$onecharwidth, 20, $gray, $font, $title2);
imagepng ($img_handle);
imagedestroy ($img_handle);
}
function ReplaceBadWords($str, $bad_words, $replace_str){
if (!is_array($bad_words)){
$bad_words = explode(',', $bad_words);
}
for ($x=0; $x < count($bad_words); $x++){
$fix = isset($bad_words[$x]) ? $bad_words[$x] : '';
$_replace_str = $replace_str;
if (strlen($replace_str)==1){
$_replace_str = str_pad($_replace_str, strlen($fix), $replace_str);
}
$str = preg_replace('/'.$fix.'/i', $_replace_str, $str);
}
return $str;
}
?>