// include_once('NHtml.php');
session_start();
$link = mysql_pconnect("localhost", "ziman", "kukucka");
mysql_select_db("ziman");
mysql_query("SET NAMES 'utf8'");
require("functions.inc.php");
require('diskusia.php');
/* User flags */
$UF_LOGGED_IN = 1;
$UF_ADD = 2; /* Umoznuje pridavat */
$UF_DELETE = 4; /* Umoznuje mazat*/
$UF_WRITE = 6; /* Umoznuje zobrazit editovacie formulare */
$UF_ADMIN = 8; /* Spristupnuje administraciu stranky - zoznam pristupov, pridavanie noviniek */
$UF_VOTE = 16; /* Hlasovanie */
$UF_CONTACTS = 32; /* Umoznuje vidiet osobne udaje */
/* Default user flags */
// $u_flags = $UF_ADD;
$u_flags = 0;
if (@$_POST['action'] == "login") {
$_SESSION['user'] = $_POST['user'];
$_SESSION['pass'] = md5($_POST['pass']);
}
if (@$_POST['action'] == "logout") {
mysql_query("UPDATE 4f_users SET online = 0 WHERE (user = '".$_SESSION['user']."') AND (pass = '".$_SESSION['pass']."')");
unset($_SESSION['user']);
unset($_SESSION['pass']);
}
$log = fopen("http_log.txt", "a");
@$HTTP_USER_AGENT = $_SERVER['HTTP_USER_AGENT'];
@$REMOTE_HOST = $_SERVER['REMOTE_HOST'];
@$REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
@$HTTP_REFERER = $_SERVER['HTTP_REFERER'];
@$REQUEST_URI = $_SERVER['REQUEST_URI'];
if(!isset($_SESSION['session_id'])) {
$browser = $HTTP_USER_AGENT;
$date = date("YmdHis");
if ($REMOTE_HOST == "") $host = $REMOTE_ADDR; else $host = $REMOTE_HOST;
if( empty( $HTTP_REFERER ) or '' == $HTTP_REFERER ) {$HTTP_REFERER = 'No Referer';}
mysql_query ("INSERT INTO 4f_hit (browser, date, last, host, ip, referer) VALUES ('$browser','$date','$date','".gethostbyaddr($host)."', '$host','$HTTP_REFERER')");
$_SESSION['session_id'] = mysql_insert_id();
fwrite($log, $_SESSION['session_id'].":$browser:".time().":$host:$REQUEST_URI:$HTTP_REFERER\n");
} else {
mysql_query("UPDATE 4f_hit SET last='".date('YmdHis')."' WHERE id='".$_SESSION['session_id']."'");
fwrite($log, $_SESSION['session_id']."::".time()."::$REQUEST_URI:$HTTP_REFERER\n");
}
fclose($log);
if(eregi("MSIE", $HTTP_USER_AGENT, $regs)) {
$ie_hack = 1;
} else {
$ie_hack = 0;
}
if (isset($_SESSION['user'])) {
$u_flags = 0;
$res = mysql_query( "SELECT 4f_users.id, 4f_users.user, 4f_users.flags, 4f_ziaci.meno, 4f_ziaci.priezvisko, 4f_users.ziak FROM 4f_users, 4f_ziaci WHERE ".
"user='".$_SESSION['user']."' AND pass='".$_SESSION['pass']."' AND (4f_ziaci.id = 4f_users.ziak OR 4f_users.ziak IS NULL)");
if ($res != 0 && mysql_num_rows($res) > 0) {
$r = mysql_fetch_row($res);
$u_id = $r[0];
$u_name = $r[1];
$u_flags = $r[2] | $UF_LOGGED_IN;
$u_realname = ($r[5] == "") ? "" : $r[3].' '.$r[4];
mysql_query("UPDATE 4f_users SET last_visit = NOW(), online = 1 WHERE id = $u_id");
} else {
/* print("
login failed.
"); */
}
}
mysql_query("UPDATE 4f_users SET online = 0 WHERE (online = 1) AND ((NOW() - last_visit) > 7200)");
/* Odtialto je user uz plne lognuty */
require('mailbox_actions.php');
require('ankety_actions.php');
$unread_mail = 0;
if ($u_flags & $UF_LOGGED_IN) {
$res = mysql_query("SELECT COUNT(*) FROM 4f_mail WHERE rcpt='$u_id' AND unread");
$r = mysql_fetch_row($res);
$unread_mail = $r[0];
}
if (@$_POST['action'] == "addnews" && ($u_flags & $UF_ADMIN)) {
mysql_query("INSERT INTO 4f_novinky (data, datum, user) VALUES ('".$_POST['data']."', '".date("YmdHis")."', '$u_name')");
}
if (isset($_POST['titulka']) && ($u_flags & $UF_ADMIN)) {
$f = fopen('titulka.txt', 'w');
fwrite($f, stripslashes($_POST['titulka']));
fclose($f);
}
$css = 'default';
if ($u_flags & $UF_LOGGED_IN) {
if(@$_GET['action'] == 'css') {
$css = $_GET['id'];
if (preg_match('/^[a-z]+$/', $css)) {
mysql_query("UPDATE 4f_users SET css = '$css' WHERE id = $u_id");
}
}
$result = mysql_query("SELECT css FROM 4f_users WHERE id = $u_id");
$r = mysql_fetch_row($result);
$css = $r[0];
}
/* Prasacina, ja viem, niekedy to snad prehodim do DB :) */
if (isset($_GET['p']))
switch ($_GET['p']) {
case 'kontakty': $title = 'Kontakty'; break;
case 'nastenka':
if (isset($_GET['typ'])) {
switch ($_GET['typ']) {
case 'nastenka':
$title = 'Nástenka';
break;
case 'log':
$title = 'Logy';
break;
}
}
break;
case 'akcie': $title = 'Akcie'; break;
case 'urlhash': $title = 'Linky'; break;
case 'bang': $title = 'Bang - návod'; break;
case 'news': $title = 'Novinky'; break;
case 'chpass': $title = 'Zmena hesla'; break;
case 'mailbox': $title = 'Prijaté správy'; break;
case 'compose': $title = 'Odoslanie správy'; break;
case 'addnews': $title = 'Pridanie novinky'; break;
case 'hits': $title = 'Výpis prístupov'; break;
case 'main': $title = 'Úvodná stránka'; break;
case 'hosts': $title = 'IRC host search'; break;
case 'outbox': $title = 'Odoslané správy'; break;
case 'title': $title = 'Editácia titulky'; break;
case 'ankety': $title = 'Ankety'; break;
case 'video': $title = 'Video'; break;
case 'album': $title = 'Album'; break;
case 'fotky': $title = 'Fotky'; break;
case 'newalbum': $title = 'Nový album'; break;
case 'mkalbum': $title = 'Nový album'; break;
case 'admalbum': $title = 'Administrácia albumu'; break;
default:
$title = isset($_GET['p']) ? $_GET['p'] : "";
break;
}
if (!isset($title) || $title == "") $title = 'Úvodná stránka';
$title = '4.F @ GK2-PO: 2001-2005 - '.$title;
?>
print("\t$title\n");
?>
print("\t");
print("\t");
if ($ie_hack) print("\t".''."\n");
?>
if ($u_flags & $UF_LOGGED_IN) {
print('
');
print("Nalogovaný: $u_name
\n");
if ($u_realname != "")
print("$u_realname
");
?>
} else {
?>
}
?>
$f = file('titulka.txt');
$txt = isset($f[0]) ? $f[0] : '';
if ($txt != '') print('
'.$txt.'
'."\n");
if ($unread_mail > 0) print('
');
?>
require('right.php');
?>
wnd_open($title);
$p = isset($_GET['p']) ? $_GET['p'] : "";
if ($p == "") $p = "main";
if (eregi("[a-z_]*", $p) && file_exists("$p.php")) {
require("$p.php");
} else {
require("404.php");
}
wnd_close();
?>