View file main.php

File size: 5.53Kb
<?php
require('includes/header.php');
require('includes/utils.php');
require('includes/db.php');
require('includes/config.php');

$message = '';

if((isset($_POST['login']) && isset($_POST['pass'])) || (isset($_GET['id']) || isset($_GET['p'])))
{
   if($_SERVER['REQUEST_METHOD'] == 'POST')
   {
      $_POST = decode_array($_POST);

      $users = mysql_query('SELECT id, login FROM users WHERE login = "' . addslashes($_POST['login']) . '" AND password = "' . md5($_POST['pass']) . '"');
   }
   else
   {
      $_GET = decode_array($_GET);

      $users = mysql_query('SELECT id, login FROM users WHERE id = "' . (int)($_GET['id']) . '" AND login = "' . addslashes($_GET['p']) . '"');
   }
   if(mysql_num_rows($users) == 0)
   {
?>
<wml>
<card id="error" title="error" ontimer="main.php"><timer value="15"/>
<p align="center">
Неправильный логин/пароль
</p>
</card>
</wml>
<?php
   }
   else
   {
      // show main page
      $user = mysql_fetch_array($users, MYSQL_ASSOC);
      $id = $user['id'];
      $login = $user['login'];

      if(isset($_GET['clear']) && $_GET['clear'] == 1)
      {
         $banners = mysql_query('SELECT banner FROM users WHERE login = "' . $login . '"');
         list($banner) = mysql_fetch_array($banners);

         if($banner == 'top' || $banner == 'bottom')
           $random_link = get_random_link();
         else
           $random_link = '';

         // clearing main page
         $fp = fopen("$login/index.wml", 'w');
         $counter_tag = '<img src="http://' . $server_name . '/counter.php?id=' . $id . '" alt="counter"/>';
         $clear_page = '<?xml version="1.0" encoding="UTF-8"?>';
         $clear_page .= <<<CLEARPAGE
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
<wml>
<head><meta http-equiv="Cache-Control" content="no-cache" forua="true"/></head>
<card id="index" title="&#x0413;&#x043B;&#x0430;&#x0432;&#x043D;&#x0430;&#x044F;">
<do type="prev" label="&#x041D;&#x0430;&#x0437;&#x0430;&#x0434;"><prev/></do>
<p align="center">
$random_link
<br/>
$counter_tag 
</p>
</card>
</wml>
CLEARPAGE;
         fputs($fp, $clear_page);
         fclose($fp);
         $message = 'Главная страница очищена';
      }
      else if(isset($_GET['go']) && $_GET['go'] == 'clear')
      {
         mysql_query('DELETE FROM guest_book WHERE user_id = "' . $id . '"');
         $message = 'Гостевая книга очищена';
      }
?>
<wml>
<head><meta http-equiv="Cache-Control" content="no-cache" forua="true"/></head>
<card id="main" title="&#x041C;&#x0435;&#x043D;&#x044E;">
<p align="center">
<?php
   if($message != '')
      echo $message . "\n<br/>\n";

   $users_active = mysql_query('SELECT active FROM users WHERE id = "' . $id . '" AND login = "' . $login . '"');
   list($user_active) = mysql_fetch_array($users_active);
   if(!$user_active)
      echo 'Внимание! Ваш аккаунт заблокирован. Обратитесь к администратору: ' . $admin_email . '<br/>';
?>
<a href="edit.php?id=<?php echo $id; ?>&amp;p=<?php echo $login; ?>">&#x0420;&#x0435;&#x0434;&#x0430;&#x043A;&#x0442;&#x043E;&#x0440;</a><br/>
<a href="manager.php?id=<?php echo $id; ?>&amp;p=<?php echo $login; ?>">&#x041C;&#x0435;&#x043D;&#x0435;&#x0434;&#x0436;&#x0435;&#x0440; &#x0441;&#x0442;&#x0440;&#x0430;&#x043D;&#x0438;&#x0446;</a><br/>
<a href="content.php?id=<?php echo $id; ?>&amp;p=<?php echo $login; ?>">&#x041C;&#x0435;&#x043D;&#x0435;&#x0434;&#x0436;&#x0435;&#x0440; &#x0437;&#x0430;&#x043A;&#x0430;&#x0447;&#x0430;&#x043D;&#x043D;&#x044B;&#x0445; &#x0444;&#x0430;&#x0439;&#x043B;&#x043E;&#x0432;</a><br/>
<a href="viewlinks.php?id=<?php echo $id; ?>&amp;p=<?php echo $login; ?>">Каталог ссылок</a><br/>
<a href="viewnews.php?id=<?php echo $id; ?>&amp;p=<?php echo $login; ?>">Новости</a><br/>
<a href="viewpolls.php?id=<?php echo $id; ?>&amp;p=<?php echo $login; ?>">Голосования</a><br/>
<a href="main.php?id=<?php echo $id; ?>&amp;p=<?php echo $login; ?>&amp;go=clear">&#x041E;&#x0447;&#x0438;&#x0441;&#x0442;&#x0438;&#x0442;&#x044C; &#x0433;&#x043E;&#x0441;&#x0442;&#x0435;&#x0432;&#x0443;&#x044E;</a><br/>
*********<br/>
<a href="main.php?id=<?php echo $id; ?>&amp;p=<?php echo $login; ?>&amp;clear=1">Очистить главную страницу (index.wml)</a><br/>
*********<br/>
<a href="editprofile.php?id=<?php echo $id; ?>&amp;p=<?php echo $login; ?>">&#x0412;&#x0430;&#x0448; &#x043F;&#x0440;&#x043E;&#x0444;&#x0430;&#x0439;&#x043B;</a><br/>
*********<br/>
<a href="index.php">Wap-builder</a>
</p>
</card>
</wml>
<?php
   }
}
else
{
?>
<wml>
<card id="auth" title="&#x0410;&#x0432;&#x0442;&#x043E;&#x0440;&#x0438;&#x0437;&#x0430;&#x0446;&#x0438;&#x044F;">
<do type="options" name="main" label="Wap-builder"><go href="index.php"/></do>
<p align="center">
<b>&#x0410;&#x0432;&#x0442;&#x043E;&#x0440;&#x0438;&#x0437;&#x0430;&#x0446;&#x0438;&#x044F;</b><br/>
&#x041B;&#x043E;&#x0433;&#x0438;&#x043D;:<br/>
<input name="login" title="Login"/><br/>
&#x041F;&#x0430;&#x0440;&#x043E;&#x043B;&#x044C;:<br/>
<input name="pass" title="Password"/><br/>
<anchor title="Sign">Ok<go href="main.php" method="post">
<postfield name="login" value="$(login)"/>
<postfield name="pass" value="$(pass)"/>
</go></anchor><br/>
<a href="lostpassword.php">&#x0417;&#x0430;&#x0431;&#x044B;&#x043B;&#x0438; &#x043F;&#x0430;&#x0440;&#x043E;&#x043B;&#x044C;?<br/></a>
<a href="index.php">Wap-builder</a>
</p>
</card>
</wml>
<?php
}
?>