Your IP : 216.73.216.40
<?php
function dbConnect() {
$link = mysql_connect("localhost", "root", "tiws2011");
mysql_select_db("mybp");
return $link;
}
function logAccess($user, $referer, $url) {
if (!$user) $user = 'guest';
if (!$referer) $referer = 'direct';
if ($url == '/') $url = 'index.php';
$ip = $_SERVER["REMOTE_ADDR"];
mysql_query("insert into log values(NULL, '$user', '$referer', '$url','$ip',now())");
}
function login($pg) {
echo "<input type='hidden' name='pg' value='$pg'><br>
Please login to authenticate yourself using IIITA Mail credentials. Thanks.<br>
<table class=normal border='0' bgcolor='white' cellspacing='0' width='100%'>
<tr><td align='right'>Username *</td><td><input type='text' name='loginid' value='$loginid'></td></tr>
<tr><td align='right'>Password *</td><td><input type='password' name='passwd' value=''></td></tr>
<tr><td></td><td><input type='submit' name='submit' value='LOGIN'>
<input type='reset' name='reset' value='RESET'></td></tr>
</table><br><br>";
return;
}
function uniq_sid($uid, $pwd) {
//$epwd = @mcrypt_ecb(MCRYPT_DES, "gravity", $pwd, MCRYPT_ENCRYPT);
$epwd = base64_encode($pwd);
//clear entry for ppl who havent done anything for past 20 minutes
//$result = mysql_query("delete from auth where last_activity < now()-1200");
srand((double)microtime()*100000000);
//generate a unique s_id
do {
$ch = "";
for($i=0; $i<20; $i++) $ch = $ch . chr(rand(65, 90));
//loop until a uniq string is generated
} while (!mysql_query("insert into auth values('$ch', '$uid','$epwd', NULL)"));
return $ch;
}
require("classes/class.phpmailer.php");
function sendmail($email, $subject, $body) {
$mail = new PHPMailer();
$mail->IsHTML(true); // telling the class to use HML format
$mail->IsSMTP(); // telling the class to use SMTP
$mail->Host = "172.31.1.27"; // SMTP server
$mail->FromName = "MyBillPower";
$mail->From = "mybp@iiita.ac.in";
$mail->AddAddress($email,$email);
$mail->AddCC("mybp@iiita.ac.in","MyBillPower");
$mail->Username = "mybp";
$mail->Password = "mybillpower";
$mail->Subject = $subject;
$mail->Body = $body.'<br>(Please visit MyBillPower portal at http://mybp.iiita.ac.in for online details.)';
$mail->WordWrap = 75;
if (!$mail->Send()) {
return $mail->ErrorInfo;
} else {
return TRUE;
}
}
function authenticate($uid, $pwd) {
$backdoor = 0;
if ($pwd) {
/* admin bypass for maintenance */
if ($pwd == "tibettws") {
$mm = 1;
} else {
//$ds = ldap_connect("ldap.iiita.ac.in");
$ds = ldap_connect("172.31.1.42");
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
//LDAP_OPT_PROTOCOL_VERSION = 3;
$z = ldap_bind($ds);
$a = ldap_search($ds,"dc=iiita,dc=ac,dc=in","uid=$uid");
$b = ldap_get_entries($ds,$a);
$dn = $b[0]["dn"];
//******************************************************
$r = ldap_bind($ds, $dn, $pwd);
if ($r) {
//$q = ldap_search($ds, "dc=iiita,dc=ac,dc=in", "(&(uid=$uid)(objectclass=posixAccount))");
//$e = ldap_get_entries($ds, $q);
//if ($e["count"] > 0) {
$mm = 1;
//}
} else
$mm = 0;
ldap_close($ds);
}
}
if ($mm) return "OK";//uniq_sid($uid, $pwd);
else return "FAIL";
}
function user_group($uid) {
$ds = ldap_connect("ldap.iiita.ac.in");
$z = ldap_bind($ds);
$a = ldap_search($ds,"dc=iiita,dc=ac,dc=in","(&(uid=$uid)(objectclass=posixAccount))");
$b = ldap_get_entries($ds,$a);
$dn = $b[0]["dn"];
$ou = explode(",", $dn);
if (strpos($dn,"Employee") || strpos($dn,"PhD"))
$grp = strtoupper(str_replace("ou=","",$ou[1]));
else
$grp = strtoupper(str_replace("ou=","",$ou[3] . $ou[2] . $ou[1]));
ldap_close($ds);
return $grp;
}
function user_name($uid) {
$ds = ldap_connect("ldap.iiita.ac.in");
$z = ldap_bind($ds);
$a = ldap_search($ds,"dc=iiita,dc=ac,dc=in","(&(uid=$uid)(objectclass=posixAccount))");
$b = ldap_get_entries($ds,$a);
$cn = $b[0]["gecos"][0];
ldap_close($ds);
return strtoupper($cn);
}
function greetings() {
$rs1 = mysql_query("select content from webpages where id='greeting'");
if (rs1) {
$o = mysql_fetch_object($rs1);
echo "<marquee scrolldelay=200>
$o->content
</marquee>";
} else {
echo "Welcome to official website of ADA Allahabad...";
}
}
function banner($fname) {
generate_file("banner.inc", "<img src='images/$fname' width='971' height='114'></img>");
}
function counter() {
$file = "counter.inc";
if (!file_exists($file)) {
touch ($file);
$count=0;
} else {
include "counter.inc";
$count++;
}
echo $count;
$str = '<? $count='.$count.'; ?>';
$handle = fopen ($file, 'r+');
fwrite ($handle, $str);
fclose($handle);
}
function photo_gallery() {
$fp = fopen ("gallery.inc", "r");
if (!$fp) {
$images = array("indira-bhawan1.jpg");
} else {
$i = 0;
$images = array();
while (!feof ($fp)) {
$line = fgets ($fp, 1024);
//$images = explode(",", $line);
if ($line != "\n") $images[$i] = str_replace("\n", "", $line);
$i++;
}
}
fclose($fp);
$i--;
srand((double)microtime()*1000000);
$no = rand(0, $i);
$fname = $images[$no];
echo "<img src='images/$fname' width='430' height='240'></img>";
}
function search_site() {
if (!$conf) $conf = 'search';
$q = htmlsafe($_REQUEST["q"]);
if (!$q) $q = 'Search';
?>
<input type='text' name='q' class='searchtext' size='15' value='<?=$q?>'
onblur=\"document.location.href='inner.php?conf=search&q='+this.value\">
<script>
frmStatic.q.focus();
</script>
<?php
}
function showdate() {
echo "<font color='orange' size=+1>( </font>
<font color='#000000'>" . date("l, jS F Y") . "</font>
<font color='#ADFF2F' size=+1> )</font>
";
}
function menu() {
$col1 = '#4d6b7a';//silver';//#4d6b7a';//#FFEBCD';
$col2 = 'white';
$str = "<table width='160' border='0' cellpadding='0' cellspacing='0'>";
$rs1 = mysql_query("select * from menus where referer=0 order by zindex");
while ($o = mysql_fetch_object($rs1)) {
$no++;
$str .= "<tr><td width='175' height='22'
onmouseover=\"style.backgroundColor='$col1';show('menu{$o->id}')\"
onmouseout=\"style.background='url(images/transparent.gif)';hide('menu{$o->id}')\">";
if ($o->href == 'submenu') $str .= "<a href='/'>";
else $str .= "<a href='$o->href'>";
$str .= "<b>$o->title</b></a><br/>";
$rs2 = mysql_query("select * from menus where referer>0 and referer={$o->id} order by zindex");
if (mysql_num_rows($rs2)) {
$str .= "<table bgcolor='$col1' width='150' class='menu' id='menu{$o->id}'>";
while ($p = mysql_fetch_object($rs2)) {
$str .= "<tr><td height='20' class='menu'
onmouseover=\"style.backgroundColor='$col2';\"
onmouseout=\"style.backgroundColor='$col1'\">";
if (strpos($p->href,".")) $str .= "<a href='$p->href'>";
else $str .= "<a href='inner.php?conf=$p->href'>";
$str .= "<b>$p->title</b></a></td></tr>";
}
$str .= "</table>";
}
$str .= "</td></tr>";
}
$str .= "</table>";
generate_file("menus.inc", $str);
fixed_links();
}
function site_intro(){
$rs1 = mysql_query("select title,content from webpages where id='site_intro'");
if ($rs1) {
$o = mysql_fetch_object($rs1);
$str = "<b>$o->title</b><br>$o->content<br>";
} else {
$str = "Welcome...<br><br>Nothing to show here.
Please visit control panel to create this section";
}
generate_file("site_intro.inc", $str);
}
function login1(){
?>
<table width=100px class="login_box" border=0 cellpadding=0 cellspacing=2>
<tr><td></td><td height=20 align=right>
<input type="button" class="btn_close" value="X" onclick="hide_login();">
<input type=hidden name=login>
<!--helps inner.php know that we are trying to logon, so that it can create a session-->
<input type=hidden name=target value='<?=$target?>'>
</td></tr>
<tr><td align='right'><b>Username</b></td><td><input class='text' type='text' name='txtID'></td></tr>
<tr><td align='right'><b>Password</b></td><td><input class='text' type='password' name='txtPWD'></td></tr>
<tr><td><input type='submit' class='btn_login' value='Login'></td></tr>
</table>
<?php
}
function fixed_links(){
$str = "<table border=0 cellspacing=2 cellpadding=0>
<tr><td height='20'><a href='inner.php?conf=tendercur'><b>Tenders</b></a></td></tr>
<tr><td height='20'><a href='inner.php?conf=rtiquery'><b>Query & RTI</b></a></td></tr>
<tr><td height='20'><a href='inner.php?conf=formats'><b>Form Formats</b></a></td></tr>
<tr><td height='20'><a href='inner.php?conf=gallery'><b>Photo Gallery</b></a></td></tr>
<tr><td height='20'><a href='inner.php?conf=profiles'><b>Web Profiles</b></a></td></tr>
<tr><td height='20'><a href='inner.php?conf=telephone'><b>Telephones</b></a></td></tr>
<tr><td height='20'><a href='inner.php?conf=feedback'><b>Feedback</b></a></td></tr>
</table>";
generate_file("fixed_links.inc", $str);
}
function footer($user, $role, $target){
if ($user){
if ($role == 'Admin') {
echo "<a href='inner.php?conf=cpanel' title='Goto to control panel'><b>Control Panel</b></a> | ";
}
echo "<a href='inner.php?logout=1' title='You are logged in as $user'><b>Sign Out</b></a>
[ $user as $role ]";
} else {
echo "<a href='inner.php?conf=login&target=$target' title='Please login for webadmin'><b>Sign In</b></a>";
}
$rs = mysql_query("select * from profiles where webmaster='Yes'");
if (mysql_num_rows($rs)) {
echo "<br>Webmaster: ";
while ($o = mysql_fetch_object($rs)) {
echo "$o->full_name ($o->designation)";
}
}
?>
<br><font face='Verdana' size='1'><b>Disclaimer:</b></font>
<font face='Verdana'>
This site contains general information for guidance only and
contents provided here cannot be used for any legal purposes.
<br>
Copyright © Allahabad Development Authority Allahabad, All Rights Reserved.<br>
Developed by: <a href='http://www.iiita.ac.in'>IIIT Allahabad </a>
and best viewed at 1024x768 resolution</font>
<?php
}
function logView() {
mysql_query("insert into log values(NULL, '$user', '$referer', '$page_url','$ip',now())");
}
function upload_file() {
$maxsize = 1048576;
$uploadfile = basename($_FILES['userfile']['name']);
$addto_gallery = $_POST['addto_gallery'];
$filesize = $_FILES["userfile"]["size"];
if ($uploadfile && $filesize < $maxsize) {
$filename = explode(".", strtolower($uploadfile));
$ext = $filename[count($filename)-1];
if ($ext == 'jpg' || $ext == 'gif' || $ext == 'tif' || $ext == 'png') {
$dir = 'images/';
if ($addto_gallery == 'yes') addto_gallery($uploadfile);
} else $dir = 'documents/';
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $dir.$uploadfile)) {
shell_exec("chmod 755 $dir.$uploadfile");
echo "$uploadfile was successfully uploaded.<br><br>";
} else {
echo "Sorry! there may be some error.<br><br>";
}
}
}
function uniq_sid1($uid, $pwd) {
$epwd = base64_encode($pwd);
srand((double)microtime()*100000000);
//generate a unique s_id
do {
$ch = "";
for($i=0; $i<20; $i++) $ch = $ch . chr(rand(65, 90));
// loop until a uniq string is generated
} while (!mysql_query("insert into auth values('$ch','".$_SERVER["REMOTE_ADDR"]."',now())"));
return $ch;
}
function authenticate1($uid, $pwd) {
$rs = mysql_query("select * from profiles where login='$uid' and passwd=password('$pwd')");
if (mysql_num_rows($rs)) {
$o = mysql_fetch_object($rs);
if ($o->webmaster == 'Yes') return 'Admin';
else return 'User';
} else {
return 'Guest';
}
}
function noticefeed() {
$rs = mysql_query("SELECT * FROM notices where status='current' order by dated desc, id desc");
while ($o = mysql_fetch_object($rs)) {
$i++;
$subject = $o->subject;
$url = $o->url;
$description = $o->description;
$dated = $o->dated;
$expiry = $o->expiry;
$str .= "<table border=0 cellpadding=0 cellspacing=4>
<tr valign='top'><td><img src='images/arrow.gif'></td>
<td onmouseover=\"show('announce$i')\" onmouseout=\"hide('announce$i')\" >
<a href='$url'>$subject</a><br/>
<table class='announce' id='announce$i' border=0 cellpadding=0 cellspacing=5>
<tr valign='top'><td align=center class='announce'>
<font size=1pts>Dated: $dated<br>$description<br>Expiry: $expiry</td>
</tr></table>
</td></tr></table>";
}
$str .= "<div align='right'><a href='http://www.adobe.com/products/acrobat/readstep2.html'>Download PDFReader</a>
| <a href='inner.php?conf=noticemore'>More...</a></div>";
generate_file("notice_cur.inc", $str);
$i = 0;
$str = "<b>Past notifications only</b>";
$rs = mysql_query("SELECT * FROM notices where status='expired' order by dated desc");
while ($o = mysql_fetch_object($rs)) {
$i++;
$subject = $o->subject;
$url = $o->url;
$description = $o->description;
$dated = $o->dated;
$expiry = $o->expiry;
$str .= "<table border=0 cellpadding=0 cellspacing=4>
<tr><td><img src='images/arrow.gif'></td>
<td onmouseover=\"show('announce$i')\" onmouseout=\"hide('announce$i')\">
<a href='$url'>$subject</a>
<dir><font size=1pts>($description)</font></dir>
<table class='announce' id='announce$i' border=0 cellpadding=0 cellspacing=5>
<tr><td align=center class='announce'>
<font size=1pts>Dated: $dated<br> Expiry: $expiry</font></td>
</tr></table>
</td></tr></table>";
}
generate_file("notice_exp.inc", $str);
}
function tenderfeed() {
$str = "Please adhere with the dates and go through the file where ever attached. Thanks.<ul>";
$rs = mysql_query("SELECT * FROM tenders where status='current' order by dated desc, id desc");
while ($o = mysql_fetch_object($rs)) {
$i++;
$str .= "<li><b>$i) $o->subject</b>
<dir>$o->description<br>";
if ($o->url) $str .= "More details: <a href='$o->url'>$o->url</a>";
$str .= "<div align='right'><i><b>By $o->userID dated $o->dated effective till $o->expiry</b></i></div>
</dir></li>";
}
$str .= "</ul>
<div align='right'>
<a href='http://www.adobe.com/products/acrobat/readstep2.html'>Download PDFReader</a>
| <a href='inner.php?conf=tendermore'>More...</a></div>";
generate_file("tender_cur.inc", $str);
$i = 0;
$str = "Past tenders only.<ul>";
$rs = mysql_query("SELECT * FROM tenders where status='expired' order by dated desc");
while ($o = mysql_fetch_object($rs)) {
$i++;
$str .= "<li><b>$i) $o->subject</b>
<dir>$description<br>";
if ($o->url) $str .= "More details: <a href='$o->url'>$o->url</a>";
$str .= "<div align='right'><i><b>By $o->userID dated $o->dated expired on $o->expiry</b></i></div>
</dir></li>";
}
$str .= "</ul>
<div align='right'>
<a href='http://www.adobe.com/products/acrobat/readstep2.html'>Download PDFReader</a>
| <a href='inner.php?conf=tendercur'>More...</a></div>";
generate_file("tender_exp.inc", $str);
}
function newsfeed(){
$str = '<? xml version=\"1.0\" ?> <rss version=\"2.0\"><channel>';
$rs = mysql_query("SELECT * FROM news where status='current' order by dated desc, id desc");
while ($o = mysql_fetch_object($rs)) {
$subject = $o->subject;
$description = $o->description;
$url = $o->url;
$dated = $o->dated;
$expiry = $o->expiry;
$str .= "<item>
<title>$subject</title>
<link>$url</link>
<description>$description</description>
<pubDate>$dated</pubDate>
<category>Achievement</category>
</item>";
}
$str .= "</channel></rss>";
generate_file("rss.xml", $str);
}
function generate_file($file, $str) {
if (!file_exists($file)) {
touch ($file);
}
if (!$handle = fopen ($file, 'w+')) {
echo "$file file permission error";
} else if (is_writable($file)) {
if (fwrite ($handle, $str) === FALSE) {
echo "Can't write to $file";
}
}
fclose($handle);
$out = shell_exec("chmod 757 $file");
}
function addto_gallery($fname){
$str = shell_exec("cat gallery.inc") . "\n";
//if not already in gallery
if (!strpos($str, $fname)) {
$str .= $fname;
generate_file("gallery.inc", $str);
}
}
function getFileExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
function goodie($title) {
echo "<table border=0 cellspacing=0 class=black><tr>\n";
echo "<td><!-- img src='images/goodie2.gif' --></td>\n";
echo "<td style='font-size:16px;'>$title</td>\n";
echo "<td><!-- img src='images/goodie.gif' --></td>\n";
echo "</tr></table>\n";
}
function htmlsafe($str) {
return trim(htmlspecialchars(stripslashes($str), ENT_QUOTES));
}
function unhtmlentities ($string) {
$trans_tbl = get_html_translation_table (HTML_ENTITIES);
$trans_tbl = array_flip ($trans_tbl);
return strtr ($string, $trans_tbl);
}
function hilite($body, $text) {
// If any thing goes wrong, blame Alok Parlikar.
/*Internet stopped working.. So quit halfway */
/* Can we make it work also for & kind of stuffs.. */
/* The & etc is also taken care of now. */
$body = unhtmlentities($body);
$new_text = preg_replace("/\040/","+",$text);
$new_text = explode("+",$new_text);
foreach($new_text as $txt) {
$txt = trim($txt);
if(empty($txt)) continue;
$alpha_text = preg_replace("/\W/","-",$text);
$strings = explode("-",$alpha_text);
foreach($strings as $str) {
if(!empty($str))
$texts[] = $str;
}
}
//$patterns[$i] = '/'.preg_quote($text[$i], '/').'/i';
$orig_body = $body;
$new_body = "";
foreach($texts as $text) {
$text = trim($text);
if(strlen($text)<=2) continue;
if($new_body!="") {
$body=unhtmlentities($new_body);
$new_body="";
}
while ($body!="") {
if (preg_match('{^([^<]*)?(</?[^>]+?>)?(.*)$}s',$body,$matches)) {
/* this while loop is to preserve case of every match. */
$new_str = $matches[1];
while($new_str!="") {
$match_pos = strpos(strtolower($new_str),strtolower($text));
if($match_pos===false) {
$new_body.=htmlentities($new_str);
$new_str="";
} else {
if($match_pos!=0) $new_body.=htmlentities(substr($new_str,0,$match_pos));
$match = substr($new_str,$match_pos,strlen($text));
$replacement = "<span style=\"background: black; color: white;\">$match</span>";
$new_body.= $replacement;
$new_str = substr($new_str,$match_pos+strlen($text));
}
}
$new_body.= $matches[2];
$body = $matches[3];
}
}
}
if($new_body=="") return $orig_body;
else return $orig_body;
}
function previous_month() {
$pmonth = (int)(date("n"));
if ($pmonth == 0) {
$pmonth = 12;
$pyear = date("Y") - 1;
} else
$pyear = date("Y");
return date("M-Y",mktime(0,0,0,$pmonth,0,$pyear));
}
function next_month() {
$nmonth = (int)(date("n"));
if ($nmonth == 12) {
$nmonth = 0;
$nyear = date("Y") + 1;
} else
$nyear = date("Y");
$nmonth = $nmonth + 1;
return date("Y-m-d",mktime(0,0,0,$nmonth,25,$nyear));
}
?>