Location: PHPKode > projects > Lan Action > lanaction-0.6-rc1/include/header.php
<?php
/* $Id: header.php,v 1.38 2004/01/25 17:51:07 pbaecher Exp $ */
/*
          LanAction - PHP/MySQL Lan orga system
        ==============================================
            (c) 2002-2004 by
               Paul Baecher       <hide@address.com>
          Johannes Zuendel <joh-hide@address.com>

          This  program is  free  software;  you can
          redistribute it and/or modify it under the
          terms of the GNU General Public License as
          published by the Free Software Foundation;
          either  version 2 of  the License,  or (at
          your option) any later version.

        ==============================================

*/

error_reporting(E_ALL);
set_magic_quotes_runtime(0);

/* defines */
define('TYPE_GET', 0);
define('TYPE_POST', 1);
define('TYPE_AUTO', 2);

require('include/mysql_data.php');
require('include/functions.php');
require('include/module_header.php');

mysql_connect($mysql_host, $mysql_user, $mysql_pass);
mysql_select_db($mysql_db);
unset($mysql_pass);

$T = new template;

if( !($remote_ip = @getenv('REMOTE_ADDR')) )
	$remote_ip = @getenv('HTTP_X_FORWARDED_FOR');

/* read configuration */
$cfg = array();
$r_registry = query("SELECT keyname, value, type FROM ".PREF."registry WHERE module=''");
while( $registry = mysql_fetch_array($r_registry) )
{
	switch( $registry['type'] )
	{
		case 'date': // date and time are actually timestamps, no extra treatment required.
		case 'time':
		case 'int':
		case 'bool':
			$cfg[$registry['keyname']] = (int)($registry['value']);
			break;
		case 'float':
			$cfg[$registry['keyname']] = (float)($registry['value']);
			break;
		default:
			$cfg[$registry['keyname']] = $registry['value'];
	}
}

/*login stuff */
$login_nick = get_var('login_nick');
if( $login_nick )
{
	$r_user = query("SELECT userid, nick, password FROM ".PREF."user WHERE nick='".addslashes($login_nick)."'");
	if( mysql_num_rows($r_user) > 0 )
	{
		$user = mysql_fetch_array($r_user);
		$login_password = md5(get_var('login_password'));
		if( $user['password'] == $login_password )
		{
			/* login correct */
			$s = md5(microtime().uniqid('', microtime()));
			query("INSERT INTO ".PREF."session (sessionid, lastupdate, ip, userid) VALUES
			('".addslashes($s)."',
			'".addslashes(time())."',
			'".addslashes($remote_ip)."',
			'".addslashes($user['userid'])."')");
			
			header_redirect('index.php?s='.$s);
		}
	}
	mysql_free_result($r_user);
}

/* user, session */
$g_user = array('userid' => 0, 'nick' => 'Gast');
$g_group[4] = 'guest';
$s = get_var('s');
if( $s )
{
	$r_session = query("SELECT sessionid, lastupdate, ip, userid FROM ".PREF."session WHERE sessionid='".addslashes($s)."'");
	if( mysql_num_rows($r_session) > 0 )
	{
		$session = mysql_fetch_array($r_session);
		if( $session['ip'] == $remote_ip &&
			$session['lastupdate'] > (time() - $cfg['session_timeout']) )
		{
			if( get_var('logout') ) //logout user
			{
				query("DELETE FROM ".PREF."session WHERE sessionid='".addslashes($s)."'");
				header_redirect('index.php');
			}

			$r_user = query("SELECT * FROM ".PREF."user WHERE userid='".$session['userid']."'");
			if( mysql_num_rows($r_user) > 0 )
			{
				$g_user = mysql_fetch_array($r_user);

				/* update session*/
				query("UPDATE ".PREF."session SET lastupdate='".time()."' WHERE sessionid='".$s."'");
			}
			
			/* selects the groups the user belongs to*/
			$r_usergroup = query("SELECT groupid FROM ".PREF."usergroup WHERE userid='".$session['userid']."'");
			while( $a_usergroup = mysql_fetch_array($r_usergroup) )
			{
				/*get group name*/
				$r_group = query("SELECT groupid, groupname FROM ".PREF."group WHERE groupid='".$a_usergroup['groupid']."'");
				$a_group = mysql_fetch_array($r_group);
				$g_group[$a_group['groupid']] = $a_group['groupname'];
			}
		}
	}
	mysql_free_result($r_session);
}


/* remove some records */
if( time() % 100 > 90 )
	query("DELETE FROM ".PREF."session WHERE lastupdate<".(time() - $cfg['session_timeout'])."");

/* installed modules */
$a_installedmod	= array();
$r_module = query("SELECT unixname FROM ".PREF."module");
while( $module = mysql_fetch_array($r_module) )
{
	$a_installedmod[$module['unixname']] = 1;
}

/////////////////menu stuff has to be written better

/* build menu */
$T->precache_global('menuitem');
$T->precache_global('usermenu');
$T->precache_global('orgamenu');
$T->precache_global('adminmenu');
$menuitems		= '';
$useritems 		= '';
$orgaitems 		= '';
$adminitems 	= '';

$adminmenu		= '';
$usermenu		= '';
$default_module	= $cfg['default_module'];


/* get menu items */
if(in_array("root", $g_group))
{
	/* get all menu items */
	$r_menu = query("SELECT menuid, title, location, funcname, modulename, func.funcid FROM ".PREF."menu AS menu
		INNER JOIN ".PREF."func AS func ON func.funcid = menu.funcid
		ORDER BY displayorder ASC");
}
else
{
	/* get menu items user has access */
	$r_menu = query("SELECT menuid, title, location, funcname, modulename,  funcgroup.funcid FROM ".PREF."menu AS menu
		INNER JOIN ".PREF."funcgroup AS funcgroup ON funcgroup.funcid = menu.funcid
		INNER JOIN ".PREF."func AS func ON func.funcid = menu.funcid
		INNER JOIN ".PREF."group AS groups ON groups.groupid = funcgroup.groupid
		WHERE groups.groupid IN ( '".implode("', '", array_keys($g_group))."' )
		AND groups.active='1'
		ORDER BY menu.displayorder ASC");
}

$funcid = 0;
while( $menu = mysql_fetch_array($r_menu) )
{
	if($funcid == $menu['funcid'])
		continue;

	$funcid = $menu['funcid'];

	$menu['funcname'] = substr($menu['funcname'], 7);

	if( $menu['location'] == MENU_ROOT )
	{
		$menu['class'] = 'adminlink';
		$adminitems .= $T->parse('menuitem', $menu);
	}
	elseif( $menu['location'] == MENU_ORGA )
	{
		$menu['class'] = 'orgalink';
		$orgaitems .= $T->parse('orgaitem', $menu);
	}
	elseif( $menu['location'] == MENU_USER )
	{
		$menu['class'] = 'userlink';
		$useritems .= $T->parse('menuitem', $menu);
	}
	else
	{
		if( !$default_module)
			$default_module = $menu['module'];
		$menu['class'] = 'mlink';
		$menuitems .= $T->parse('menuitem', $menu);
	}
}



if( $useritems )
{
	$usermenu = $T->parse('usermenu', array('useritems' => $useritems));
}
if( $orgaitems )
{
	$usermenu = $T->parse('orgamenu', array('orgaitems' => $orgaitems));
}
if( $adminitems )
{
	$adminmenu = $T->parse('adminmenu', array('adminitems' => $adminitems));
}

?>
Return current item: Lan Action