Location: PHPKode > projects > Phpwebfiles > phpwebfiles/index.php
<?php
/*

    Author: Attila Agas <hide@address.com>
    Copyright (C) 2007

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License version 2,
    as published by the Free Software Foundation.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
*/

$version='0.9.0';

ob_start();
header("Cache-Control: no-cache");
if (ereg("MSIE",$_SERVER['HTTP_USER_AGENT'])) $png_support=false;
else $png_support=true;
$logged_in=false;
$uid=-1;
$sid=$_COOKIE["sid"];
if ($_SERVER["REQUEST_METHOD"]=="GET")
{
	$param=$_GET;
}
else if ($_SERVER["REQUEST_METHOD"]=="POST")
{
	$param=$_POST;
}
$action=$param['action'];
function do_not_hack_please()
{
	//thank you :)
}

include 'config.php';
include 'mysql.php';
$lang=$param['lang'];
$langfile='languages/'.$lang.'.php';

include 'languages/en.php'; //for everything that is not translated, we don't want empty strings...
if (file_exists($langfile))
{
	include $langfile;
}
else
{
	$lang=$default_lang;
	$langfile='languages/'.$lang.'.php';
	include $langfile;
}	
myquery("SET NAMES '$names'");



myquery("LOCK TABLES users WRITE");

$result=myquery("SELECT id,user,name,email,flags FROM users WHERE sid='$sid' and UNIX_TIMESTAMP(now())-UNIX_TIMESTAMP(lastactivity)<1800");
if (mysql_num_rows($result)==1)
{
	$sor=mysql_fetch_object($result);
	$id=$sor->id;
	$user=$sor->user;
	$name=$sor->name;
	$email=$sor->email;
	$superuser=(($sor->flags & 1)==1);
	myquery("UPDATE users SET lastactivity=now() WHERE sid='$sid'"); 
	if ($action==="quit")
	{
		$sid=gensid(mt_rand(),mt_rand());
		myquery("UPDATE users SET sid='$sid' WHERE id=$id");
	}
	else
	$logged_in=true;
}
else
{
	$badpass=false;
	if ($action==="login")
	{
		$user=mysql_real_escape_string($param["user"]);
		$pass=mysql_real_escape_string($param["pass"]);
		$result=myquery("SELECT id,user,name,user,flags FROM users WHERE user='$user' and pass=MD5('$pass')");
		if (mysql_num_rows($result)==1)
		{
			$sor=mysql_fetch_object($result);
			$id=$sor->id;
			$user=$sor->user;
			$name=$sor->name;
			$email=$sor->email;
			$superuser=(($sor->flags & 1)==1);
			$sid=gensid($id,$user);
			myquery("UPDATE users SET lastactivity=now(),sid='$sid' WHERE id='$id'");
			setcookie("sid",$sid);
			$logged_in=true;
		}
		else $badpass=true;
	}
}
myquery("UNLOCK TABLES");

function gensid($uid,$user)
{
	$tmp=md5($uid.$user);
	$tmp.=md5(mt_rand());
	$tmp.=md5(mt_rand());
	$tmp.=md5($tmp.mt_rand());
	return $tmp;
}

$des=$param['des'];
if (strlen($des)==0) $des=$default_design;
$desfile='design/'.$des.'.php';
if ((file_exists($desfile)) && ($des!='default'))
{
	include $desfile;
}
else 
{
	include 'design/default.php';
	class Design extends BaseDesign {}
}

include 'languages/list.php';
include 'design/list.php';
include 'files.php';
include 'selectors.php';
header("Content-Type: text/html; charset=$contentenc");
ob_end_flush();

$design=new Design();

?>


<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php print $charset; ?>" />
<link href="<?php print $design->css; ?>" rel="stylesheet" type="text/css" />
<title><?php print $design->title; ?></title>
</head>
<body>
<center>
<table border="0" cellpadding="0" cellspacing="0" width="800" class="<?php print $design->mainclass; ?>">
<tr>
<td colspan="3">
    <table width="100%" border="0" cellspacing="0" cellpadding="0">
    <tr>
    <td align="left" valign="middle" class="<?php print $design->fillclass; ?>" ><img src="<?php print $design->logo; ?>" /></td>
    <td align="right" valign="middle"><?php include 'menu.php'; ?></td>
    </tr>
    </table>
</td>
</tr>
<tr>
<td colspan="3" height="16" class="<?php print $design->fillclass; ?>"></td>
</tr>

<tr>
<td class="frame_left_top"></td>
<td class="frame_top" align="center" valign="middle">
<?php 
print $cwd;
?>
</td>
<td class="frame_right_top"></td>
</tr>

<tr>
<td class="frame_left_middle"></td>
<td class="frame_middle" align="center" valign="middle"><?php include 'main.php'; ?></td>
<td class="frame_right_middle"></td>
</tr>

<tr>
<td class="frame_left_bottom"></td>
<td class="frame_bottom"></td>
<td class="frame_right_bottom"></td>
</tr>
</table>
<?php 
print '<br />version:'.$version; 
?>
</center>
</body>
</html>
PHPKode Newsletter X is easy to install and configure on the most servers. Try now!
Return current item: Phpwebfiles