Location: PHPKode > projects > Basic Announce > Basic Announce Version 4.0/index.php
<?php
################################################################################
##              -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =-                 #
## --------------------------------------------------------------------------- #
##  ApPHP AdminPanel Pro version 3.5.1                                         #
##  Developed by:  ApPHP <hide@address.com>                                      #
##  License:       GNU LGPL v.3                                                #
##  Site:          http://www.apphp.com/php-adminpanel/                        #
##  Copyright:     ApPHP AdminPanel (c) 2006-2011. All rights reserved.        #
##                                                                             #
##  Additional modules (embedded):                                             #
##  -- ApPHP DataGrid v5.0.7 (datagrid component)             http://apphp.com #
##  -- ApPHP Easy Installer v2.0.2 (installation module)      http://apphp.com #
##  -- ApPHP Tabs v2.0.2 (tabs component)                     http://apphp.com #
##  -- ApPHP DataGrid Wizard v2.0.1                           http://apphp.com #
##  -- ApPHP Calendar v2.0.1                                  http://apphp.com #
##  -- jQuery v1.4.2 (JS Library)                            http://jquery.com #
##  -- Base64 encode/decode class           		http://www.webtoolkit.info #
##  -- Crystal Project Icons (icons set)               http://www.everaldo.com #
##  -- Drop Down Menu - Head Script                	          ┬ęStephen Chapman #
##  -- PHPMailer v5.2 https://code.google.com/a/apache-extras.org/p/phpmailer/ #
##  -- ARCHIVE class 2.1                  ┬ęDevin Doucette (hide@address.com) #
##  -- SecureSession class      http://phpclasses.org/browse/package/2794.html #
##  -- Lytebox v3.22                             http://www.dolem.com/lytebox/ #
##                                                                             #
################################################################################

	//--------------------------------------------------------------------------
	// check if Admin Panel was already installed
	if(!file_exists("inc/config.inc.php")){
		header("location: install.php");
		exit;
	}
		
    session_start();
	
    //--------------------------------------------------------------------------
	// after this number of seconds, stored data will be seen as 'garbage' and
    // cleaned up by the garbage collection process.
    // session.gc_maxlifetime = 1440
    ini_set("session.gc_maxlifetime","3600");

	//--------------------------------------------------------------------------
	// *** remote file inclusion, check for strange characters in $_GET keys
	// *** all keys with "/" or "\" or ":" are blocked, so it becomes virtually impossible
	// *** to inject other pages or websites
	foreach($_GET as $get_key => $get_value){
		if(is_string($get_value) &&
		 ((preg_match("/\//", $get_value)) || (preg_match("/\[\\\]/", $get_value)) || (preg_match("/:/", $get_value))))
		{
			eval("unset(\${$get_key});");
			die("A hacking attempt has been detected. For security reasons, we're blocking any code execution.");
		}
	}

	// *** set flag that this is a parent file
	define("APPHP_EXEC", "access allowed");

	require_once("inc/config.inc.php");
	require_once("inc/settings.inc.php");
	require_once("inc/functions.inc.php");
	require_once("inc/languages/".$SETTINGS['site_language'].".php");

	//--------------------------------------------------------------------------
	// force https protocol if defined
	if($SETTINGS['force_https_protocol'] && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off')){
		header('location: https://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
		exit;
	}
    
    $adm_logged 	= (isset($_SESSION['adm_logged'])) ? prepare_input($_SESSION['adm_logged']) : false;	
	$adm_status		= (isset($_SESSION['adm_status'])) ? prepare_input($_SESSION['adm_status']) : "";
	$log 			= (isset($_REQUEST['log'])) ? "out" : "";
    $msg 			= (isset($_REQUEST['msg'])) ? $_REQUEST['msg'] : "";
	$content_type 	= (isset($_SESSION['content_type'])) ? prepare_input($_SESSION['content_type']) : "";
	$dgpid 	        = (isset($_SESSION['dgpid'])) ? (int)$_SESSION['dgpid'] : "";
	$br 			= set_browser_definitions();
    $menu_group_index = 0;
    $menu_group_count = 0;
	$colspan 		= ($SETTINGS['menu_style'] == "side") ? "colspan='3'" : "";
	$mainColHeight  = ($SETTINGS['menu_style'] == "top") ? "90%" : "90%";
	$adm_user_id    = (isset($_SESSION['adm_user_id'])) ? (int)$_SESSION['adm_user_id'] : "0";
	
	if($adm_logged == true){
		$content_page = "system/home.php";
		if($SETTINGS['menu_style'] == "top"){
			$content_page = (isset($_GET['page'])) ? $_GET['page'] : "system/home.php";
			$content_page = str_replace("[=]", "?", $content_page);
		}
		if($adm_status != "admin" && $adm_status != "main admin"){
			$content_page = "system/user_home.php";			
		}
		if($content_type == "static"){
			$content_page = "system/static_pages_manager.php";
		}else if($content_type == "dynamic"){
			$content_page = "system/dynamic_pages_manager.php";
		}else if($content_type == "datagrid"){
			$content_page = "system/datagrid_wizard.php?dgpid=".(int)$dgpid;
		}
	}else{		
		$content_page = "login.php";		
	}		
  
    if($adm_status == "main admin"){
		$sql = "SELECT * FROM ".TABLE_MENU."
				WHERE
					is_menu_group = 1 AND
					is_hidden = 0 AND
					is_menu_item = 1
				ORDER BY order_index ASC";
		$res1 = $db->Query($sql);
		if($res1) $menu_group_count = $db->RowCount();     
    }else if($adm_status == "admin"){
		$sql =  "SELECT ".TABLE_MENU.".*
				FROM ".TABLE_MENU."
					INNER JOIN ".TABLE_MENU_ACCESS_RIGHTS." ON ".TABLE_MENU.".id = ".TABLE_MENU_ACCESS_RIGHTS.".menu_id
					INNER JOIN ".TABLE_ADMINS." ON ".TABLE_MENU_ACCESS_RIGHTS.".admin_id = ".TABLE_ADMINS.".id    
				WHERE
					".TABLE_MENU.".is_menu_group = 1 AND
					".TABLE_MENU.".is_hidden = 0 AND
					".TABLE_MENU.".is_menu_item = 1 AND 
					".TABLE_MENU_ACCESS_RIGHTS.".is_accessible = 1 AND
					".TABLE_ADMINS.".status = 'admin' AND
					".TABLE_ADMINS.".id = ".$adm_user_id." 
				ORDER BY ".TABLE_MENU.".order_index ASC";
		$res1 = $db->Query($sql);
		if($res1) $menu_group_count = $db->RowCount();     
    }else{
		$sql =  "SELECT ".TABLE_MENU.".*
				FROM ".TABLE_MENU_ACCESS_RIGHTS."
					INNER JOIN ".TABLE_MENU." ON ".TABLE_MENU_ACCESS_RIGHTS.".menu_id = ".TABLE_MENU.".id
					INNER JOIN ".TABLE_USERS." ON ".TABLE_MENU_ACCESS_RIGHTS.".user_id = ".TABLE_USERS.".id
				WHERE
					".TABLE_MENU_ACCESS_RIGHTS.".user_id = '".$adm_user_id."' AND
					".TABLE_MENU.".is_menu_group = 0 AND
					".TABLE_MENU.".file_type_id = 1";
		$menu_group_count = 1;
		$res1 = $db->Query($sql);
		if($db->RowCount() > 0) $menu_group_count++;		
	}
            
	// Prepare menu group variables
	$FilterCatIds = array();
	for($i = 0; $i < $menu_group_count; $i++){
		$FilterCatIds[$i] = (isset($_COOKIE['FilterCatId_'.$i.'_State']) && ($_COOKIE['FilterCatId_'.$i.'_State'] != "")) ? $_COOKIE['FilterCatId_'.$i.'_State'] : "maximized";
	}
?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd">
<html>
<head>
    <title><?php echo $SETTINGS['site_name']; ?> :: <?php echo lang('admin_panel'); ?></title>
    <!-- Meta tags -->    
    <meta http-equiv=Content-Type content="text/html; charset=utf-8">
    <meta http-equiv="cache-control" content="no-cache">
    <meta http-equiv="pragma" content="no-cache">
    <meta http-equiv="expires" content="0">
	<link rel="SHORTCUT ICON" href="images/apphp.ico"/>
	
    <!-- CSS style files -->
    <link href="styles/<?php echo $SETTINGS['css_style'];?>/style.css" type=text/css rel=stylesheet>

    <!-- JavaScript files -->
    <script type="text/javascript" src="modules/jquery/jquery.js"></script>
    <script type="text/javascript" src="js/functions.js"></script>
	
	<?php if($adm_logged == true){ ?>
		<script type="text/javascript">	
			var menu_group_count = <?php echo $menu_group_count;?>;
			var left_panel_scrolling = <?php echo ($SETTINGS['left_panel_scrolling']) ? "true" : "false"; ?>; 
			var default_session_timeout = 60*<?php echo (int)$SETTINGS['session_timeout']; ?>; // in sec
			var minimal_timeout_value = default_session_timeout/10; // in sec
			var session_timeout = default_session_timeout; // in sec
			var delaytime = 30000; // in msec		
			
			setTimeout("checkSessionTimeout()", delaytime); 
		</script>
		
		<?php if($SETTINGS['menu_style'] == "side"){ ?>		
			<script type="text/javascript" src="js/left_menu.js"></script>
			<link href="styles/<?php echo $SETTINGS['css_style'];?>/menu.css" type="text/css" rel="stylesheet">
			<link href="styles/left_menu.css" type="text/css" rel="stylesheet">	
		<?php }else if($SETTINGS['menu_style'] == "top"){ ?>
			<script type="text/javascript" src="js/top_menu.js"></script>
			<link href="styles/<?php echo $SETTINGS['css_style'];?>/top_menu.css" type="text/css" rel="stylesheet">
			<script type="text/javascript">    
			// Drop Bown Menu - Head Script
			// copyright Stephen Chapman, 4th March 2005, 5th February 2006
			// you may copy this menu provided that you retain the copyright notice
			// var mapLink = 'aaa.html';
			// var mapName = 'Page AAA';
			var fix = 1; var delay = 2000; var modd = 0;
			var bar = new menuBar();
			<?php
			    // draw links for top menu
				if($adm_status != "admin" && $adm_status != "main admin"){			
					echo "bar.addMenu('".lang('general')."'); \n";	    
					echo "bar.addItem('system/user_home.php','".lang('home')."');";
					echo "bar.addItem('system/user_edit_account.php','".lang('edit_account')."');";
					
					$sql = "SELECT ".TABLE_MENU.".*						
					   FROM ".TABLE_MENU."
						   INNER JOIN ".TABLE_MENU_ACCESS_RIGHTS." ON ".TABLE_MENU.".id = ".TABLE_MENU_ACCESS_RIGHTS.".menu_id
						   INNER JOIN ".TABLE_USERS." ON ".TABLE_MENU_ACCESS_RIGHTS.".user_id = ".TABLE_USERS.".id    
					   WHERE
							 ".TABLE_USERS.".id = ".(int)$_SESSION['adm_user_id']." AND
							 ".TABLE_MENU_ACCESS_RIGHTS.".is_accessible = 1 AND
							 ".TABLE_MENU.".is_menu_group = 0 AND
							 ".TABLE_MENU.".is_hidden = 0 AND
							 (".TABLE_MENU.".file_type_id = 1 OR ".TABLE_MENU.".file_type_id = 2)							  
					   ORDER BY order_index ASC";							
					$res2 = $db->Query($sql);					
					if($db->RowCount() > 0) echo "bar.addMenu('".lang("pages")."'); \n";	    
					while($r___ = $res2->fetch()){
						if($r___['file_type_id'] == "1"){ // static_page
							echo "bar.addItem('system/static_pages.php?page=".$r___['id']."','".$r___['name']."');";
						}else if($r___['file_type_id'] == "0"){ // system pages
							echo "bar.addItem('system/".$r___['page_name']."','".$r___['name']."');";
						}else{
							echo "bar.addItem('pages/".$r___['page_name']."','".$r___['name']."');";
						}			
					}
						
				}else{
					while($r__ = $res1->fetch()){
						echo "bar.addMenu('".$r__['name']."'); \n";	    
						$res2 = $db->Query("SELECT * FROM ".TABLE_MENU." WHERE is_menu_group = 0 AND is_hidden = 0 AND is_menu_item = 1 AND parent_id = ".(int)$r__['id']." ORDER BY order_index ASC");
						while($r___ = $res2->fetch()){
							if($r___['file_type_id'] == "1"){ // static_page
								echo "bar.addItem('system/static_pages.php?page=".$r___['id']."','".$r___['name']."');";
							}else if($r___['file_type_id'] == "0"){ // system pages
								echo "bar.addItem('system/".$r___['page_name']."','".lang(str_replace(" ", "_", $r___['name']), false)."');";
							}else{
								echo "bar.addItem('pages/".$r___['page_name']."','".lang(str_replace(" ", "_", $r___['name']), false)."');";
							}			
						}
					}					
				}			
			?>	    
			bar.addMenu('<?php echo lang('log_out');?>');
			bar.addItem('logout.php','<?php echo lang('log_out');?>');			
			<?php
				if($SETTINGS['css_style'] == "blue"){
					echo "var blc = '#ffffff'; // background color for tabs \n";
					echo "var lc  = '#4b6ca6'; // tabs text color \n";
					echo "var la  = '#ffffff'; // active tab text color \n";
					echo "var bla = '#4b6ca6'; // active tab background color for ";
				}else if($SETTINGS['css_style'] == "green"){
					echo "var blc = '#ffffff'; // background color for tabs \n";
					echo "var lc  = '#668b4f'; // tabs text color \n";
					echo "var la  = '#ffffff'; // active tab text color \n";
					echo "var bla = '#668b4f'; // active tab background color for ";			
				}else{
					echo "var blc = '#ffffff'; // background color for tabs \n";
					echo "var lc  = '#444444'; // tabs text color \n";
					echo "var la  = '#ffffff'; // active tab text color \n";
					echo "var bla = '#444444'; // active tab background color for ";			
				}	
			?>
			// do not change anything below this line	
			var blh = '#222222'; // 		
			var lh  = '#00ff00';			
			if(fix) window.onscroll=sMenu;window.onload=iMenu;var onm = null;var ponm = null;var podm = null;var ndm = bar.mO.length;
			if(fix) {var ag = navigator.userAgent.toLowerCase();var isG = (ag.indexOf('gecko') != -1);var isR=0;if (isG) {t = ag.split("rv:"); isR = parseFloat(t[1]);}if (isR && isR<1) setInterval('sMenu()',50);}       
			</script>
		<?php } ?>
	<?php }else{ ?>
		<link href="styles/<?php echo $SETTINGS['css_style'];?>/menu.css" type="text/css" rel="stylesheet">
	<?php } ?>	
</head>
<body style="overflow:hidden;" <?php echo ((($adm_logged == true) && ($SETTINGS['menu_style'] == "side") && $SETTINGS['left_panel_scrolling']) ? "onResize='setPageHeight()' onLoad='setPageHeight()'" : ""); ?>>

	<table border="0" cellspacing="1" cellpadding="1" width="100%" height="100%">
	<tr>
		<td <?php echo $colspan; ?> height="9%">
			<?php include_once("system/header.php"); ?>
		</td>
	</tr>
	<?php if($SETTINGS['menu_style'] == "top" && $adm_logged){ ?>
		<tr><td <?php echo $colspan; ?> height="20px"><?php include_once("system/top_menu.php"); ?></td></tr>
	<?php } ?>
	<tr>
		<?php if($SETTINGS['language_dir'] == "ltr" && $SETTINGS['menu_style'] == "side" && $adm_logged){ ?>
			<td id='colLeft' width="160x" valign="top" style="padding-right:0px">
				<?php include_once("system/left_menu.php"); ?>
			</td>
			<td id='colMiddle' width="12px" valign="top" align="center" style="padding-top:3px;">
				<img id="imgArrow" style="cursor:w-resize;" onclick="resizeLeftPanel('<?php echo $SETTINGS['language_dir'];?>')" src="images/collapse_panel.gif" alt="" title="<?php echo lang("click_to_collapse");?>" />
			</td>
		<?php } ?>
		<td id='colMain' valign="top" height="<?php echo $mainColHeight;?>" style="min-width:400px;padding-top:2px;padding-right:4px;">
			<iframe id="frameMain" name="frameMain"
				src="<?php echo $content_page; ?>" 
				marginwidth="0" marginheight="0" vspace="0" hspace="0"
				frameborder="2" width="100%" height="100%" scrolling="auto">			
			</iframe>			
		</td>
		<?php if($SETTINGS['language_dir'] == "rtl" && $SETTINGS['menu_style'] == "side" && $adm_logged){ ?>
			<td id='colMiddle' width="12px" valign="top" align="center" style="padding-top:3px;">
				<img id="imgArrow" style="cursor:w-resize;" onclick="resizeLeftPanel('<?php echo $SETTINGS['language_dir'];?>')" src="images/expand_panel.gif" alt="" title="<?php echo lang("click_to_collapse");?>" />
			</td>
			<td id='colLeft' width="160x" valign="top" style="padding-right:0px">
				<?php include_once("system/left_menu.php"); ?>
			</td>
		<?php } ?>
	</tr>	
	</table>
	
	<!-- session expired popup -->
	<div id="fade" class="black_overlay" onclick="javascript:appCloseExpiredWindow();"></div>
	<div id="light">
		<div class="white_content">
			<br />
            <b>Your session will expire soon. Please make sure to save your work often! You may click on</b>
			<br /><br />
			<ul>
				<li>STAY LOGGED to reset session timeout</li>
				<li>LOGOUT to finish current session.</li>
			</ul>
			<br /><br />
			<input type='button' value='Stay Logged' onclick="javascript:appCloseExpiredWindow();" />
			&nbsp;&nbsp;&nbsp;
			<input type='button' value='Logout' onclick="javascript:document.location.href='logout.php'" />
		</div>
	</div>	
	<object type="application/x-mplayer2" height="0" width="0" id="sound_alert">
		<param name="fileName" value="images/alert.wav">
		<param name="autostart" value="0">
		<param name="playcount" value="2">
	</object>
</body>
</html>
<?php
	unset($_SESSION['content_type']);
	unset($_SESSION['dgpid']);
?>
<!-- This script was generated by PHPAP (ApPHP AdminPanel) v.<?php echo _PHP_AP_VERSION; ?> | http://www.apphp.com/php-adminpanel/index.php -->
Return current item: Basic Announce