Location: PHPKode > projects > VSecure > functions.php
<?php
/*******************************************************************/
/*                        vsecurity                                */
/*        copyrights(c)2001 jan vilimek(hide@address.com)         */
/*               see gpl license in file license.txt               */
/*           and http://www.guanoweb.cz for more details           */
/*                                                                 */
/* function: secure your pages  (functions)                        */
/* for instalation see readme.txt                                  */
/*******************************************************************/

####################################################################################
# description of the file: some function for many reasons - see the desc. bellow   #
####################################################################################

if (!defined("LOADED_PROPERLY"))die("<h1>Acess denied!</h1><br />-VSecurity required-<br /><br />get it on www.guanoweb.cz/");

/************************************************************/
/*Login form:outputs a login form acording to what's in $what*/
/* {only if login == anonym, else outputs nothing}           */
/*                                                           */
/* what          *outputs                                    */
/*-----------------------------------------------------------*/
/* script        * script for no form                        */
/* div           * div with key catch                        */
/* /div          * </div>                                    */
/* login         * login input                               */
/* 'anything'    * anything                                  */
/* password      * password input                            */
/* ok            * ok link                                   */
/* <frm>         * begin of form with hidden inputs          */
/* </frm>        * end of form                               */
/* ref_login     * reference to login form                   */
/* send          * OK as an button for login form            */
/*                                                           */
/*                                                           */
/*Examples:                                                  */
/* login_form("login password ok '&nbsp;(' ref_login ')'");  */
/* login_form("<frm>login password send <frm>");             */
/*************************************************************/
function login_form($what)
 {
 global $VSecure_path,$MAIN_URL,$ID_form_login,$login;
 
 if ($login=='anonym')
 {
 echo "\n\n\n<!-- ***************** LOGIN LOGIN LOGIN ********************** -->\n";
 // seed with microseconds since last "whole" second
 mt_srand ((double) microtime() * 1000000000);
 $_SESSION['ID_form_login']=(integer)mt_rand(0,999999999);

  $style=explode(" ",$what);
  reset ($style);
  /*for each option get a result */
  while (list ($key, $val) = each ($style)) {
    if ($val=="login")
	 {
     echo "Login:&nbsp;<input type=\"text\" name=\"login\" class=\"log\" size=\"10\" value=\"\" />&nbsp;";
	 }
	elseif ($val=="script")
	 {
	 echo "<!-- ***************** LOGIN LOGIN LOGIN ********************** -->\n<script language=\"JavaScript\" type=\"text/javascript\">\n<!--\n";
     @readfile(dirname(__FILE__)."/script.js");
     echo "\nfunction _login()\n  {\n window.open('${MAIN_URL}?action=iscorrect&login='+login.value+'&paswd='+MD5(paswd.value)+'&md5=true&id_form=".$_SESSION['ID_form_login']."', '_self', '');\n  }\n//-->\n</script>\n";
     }
	elseif ($val=="div")
	 {
     echo "\n<div onkeypress=\"getkey();margin:0px;\">\n";
     }
	elseif ($val=="/div")
	 {
     echo "\n</div>\n";
     }
	elseif ($val=="password")
	 {
	 echo "Paswd:&nbsp;<input type=\"password\" name=\"paswd\" class=\"log\" size=10 value=\"\" />&nbsp;\n";
	 }
	elseif ($val=="ok")
	 {
	 echo "<a class=\"logok\" href='javascript:_login()'>&nbsp;OK&nbsp;</a>\n";
	 }
	elseif ($val=="<frm>")
	 {
	 echo "<form action=\"".$MAIN_URL."\" method=\"post\" name=\"login_form\" id=\"login_form\" style=\"margin:0px;\">\n";
	 echo "<input type='hidden' name='action' value='iscorrect' />\n";
	 echo "<input type='hidden' name='id_form' value='".$_SESSION['ID_form_login']."' />\n";
	 }
	elseif ($val=="</frm>")
	 {
	 echo "</form>\n";
	 }
	elseif ($val=="send")
	 {
	 echo "<input type=\"submit\" name=\"send\" value=\"ok\" class=\"login_submit\" />\n";
	 }
	elseif ($val=="ref_login")
	 {
	 echo "<a href='".$MAIN_URL."?login=login'>login</a>\n";
	 }
	elseif (ereg("^'",$val))
	 {
	 echo ereg_replace("(^')|('$)",'',$val)."\n";
	 }
   } /*for each option*/

 echo "<!-- ***************** LOGIN LOGIN LOGIN ********************** -->\n\n\n";
 }/*login!=anonym*/
 }/*function login_form*/

/***********************************************************/
/*connects to database and check if this user session exist*/
/*should returns following:                                */
/*VS_NO_SESSION =  no session with id SSid                 */
/*VS_BAD_IP     =  bad session - bad users ip address      */
/*VS_BAD_USER   =  bad session - not users session         */
/*VS_SESSION_OK =  everithing seems to be all right        */
/***********************************************************/
function is_user_session($SSid,$login,$ip)
 {
  global $MySQL_link,$VSecure_tbl_ss;
  $qw="SELECT login,ip FROM $VSecure_tbl_ss WHERE session='".$SSid."' " ;
  $result= @mysql_query ($qw , $MySQL_link)or
      echo_error(__FILE__,__LINE__,ERR_MYSQL,"Could not find the session...");
  if (!($session=mysql_fetch_array($result)))
   {
   /*no session with id SSid*/
   return VS_NO_SESSION;
   }
 if ($session['login']!=md5($login))
   {
   /*bad session - not users session*/
   return VS_BAD_USER;
   }
 if ($session['ip']!=$ip)
   {
   /*bad session - bad users ip address*/
   return VS_BAD_IP;
   }
  mysql_free_result($result);
  return VS_SESSION_OK;
 }

/**************************/
/*updates the session     */
/**************************/
function update_user_session()
 {
 global $VSecure_tbl_ss,$MySQL_link;
 $qw="UPDATE $VSecure_tbl_ss SET timestamp=".time()." WHERE session='".$_SESSION['usrSSid']."' " ;
 $result= @mysql_query ($qw , $MySQL_link) or 
    echo_error(__FILE__,__LINE__,ERR_MYSQL,"Could not update session...");
 }	   

/**************************/
/*deletes old sessions    */
/**************************/
function delete_old_sessions()
 {
 global $VSecure_tbl_ss,$MySQL_link;
 $qw="DELETE FROM $VSecure_tbl_ss WHERE timestamp< ". (time() - 1200);
 $result= @mysql_query ($qw , $MySQL_link);
 if (!$result)return false;else return true;
 }
 
/***********************************/
/*returns array of user name,...   */
/***********************************/
function get_user_name_etc()
 {
 global $VSecure_tbl_usr,$MySQL_link,$login;
 $qw="SELECT status,nick,name,email,id from $VSecure_tbl_usr where login='".md5($login)."' " ;
$result= @mysql_query ($qw , $MySQL_link) or
      echo_error(__FILE__,__LINE__,ERR_MYSQL,"could not get user data...");
 $RET= mysql_fetch_array($result);
 mysql_free_result($result);
 return $RET;
 }	   

/***********************************/
/*returns all user data            */
/***********************************/
function get_user_dats($login)
 {
 global $VSecure_tbl_usr,$MySQL_link;
 return load_user_data(VS_LOAD_DATA_ALL,$login);
 }	   

/*********************************************/
/*saves user data to theVSecure table        */
/*Identifier=name of the data handler        */
/*Data=string of data                        */
/*If Identifier exist, data will be replaced */
/*returns true if succeed                    */
/*********************************************/
function save_user_data($Identifier,$Data,$login)
 {
 global $VSecure_tbl_usr,$MySQL_link;
 /*get prewious stored data*/
 if (strlen($login)!=32)$mdlogin=md5($login);else $mdlogin=$login;
 $qw="select data from $VSecure_tbl_usr where login='".$mdlogin."' " ;
 $result= @mysql_query ($qw , $MySQL_link) or
     echo_error(__FILE__,__LINE__,ERR_MYSQL,"could not get the user main data...");
 $old_data= mysql_fetch_row($result);
 $old_data=unserialize($old_data[0]);
 $old_data[$Identifier]=$Data;
 mysql_free_result($result);
 /*save data*/ 
 $new_data=serialize($old_data);
 $qw="update $VSecure_tbl_usr set data='".addslashes($new_data)."' where login='".md5($login)."' " ;
 $result= @mysql_query ($qw , $MySQL_link) or
    echo_error(__FILE__,__LINE__,ERR_MYSQL,"could not save the user data...");
 return true; 
 }
 
/*********************************************/
/*gets user data from the VSecure table      */
/*Identifier=name of the data handler        */
/*Data=string of data                        */
/*If Identifier daesnt exist, return false   */
/*returns true if succeed                    */
/*Id=VS_LOAD_DATA_ALL => get array of vars   */
/*********************************************/
function load_user_data($Identifier,$login)
 {
 global $VSecure_tbl_usr,$MySQL_link;
 /*get prewious stored data*/
 if (strlen($login)!=32)$mdlogin=md5($login);else $mdlogin=$login;
 $qw="SELECT DATA FROM $VSecure_tbl_usr WHERE login='".$mdlogin."' " ;
 $result= @mysql_query ($qw , $MySQL_link) or 
    echo_error(__FILE__,__LINE__,ERR_MYSQL,"Could not get the user data...");
 $_data= mysql_fetch_row($result);
 $_data=unserialize($_data[0]);
 mysql_free_result($result);
 if ($Identifier==VS_LOAD_DATA_ALL)
  { return $_data; }else
  { if (isset($_data[$Identifier])) { return $_data[$Identifier]; }else { return false; } }
 }

/*********************************************/
/*deletes user data from theVSecure table    */
/*Identifier=name of the data handler        */
/*If Identifier exist, data will be deleted  */
/*returns true if succeed                    */
/*Id=VS_DESTROY_DATA_ALL =>all data will be lost*/
/*********************************************/
function delete_user_data($Identifier,$login)
 {
 global $VSecure_tbl_usr,$MySQL_link,$login;
 /*get prewious stored data*/
 if (strlen($login)!=32)$mdlogin=md5($login);else $mdlogin=$login;
 $qw="SELECT DATA FROM $VSecure_tbl_usr WHERE login='".$mdlogin."' " ;
 $result= @mysql_query ($qw , $MySQL_link) or 
     echo_error(__FILE__,__LINE__,ERR_MYSQL,"Could not get the user data...");
 $old_data= mysql_fetch_row($result);
 $old_data=unserialize($old_data[0]);
 if (($Identifier!=VS_DESTROY_DATA_ALL)&&($old_data))
 {
 while (list ($key, $val) = each ($old_data)) 
    {if ($key!=$Identifier) $new_data[$key] = $val; }
 mysql_free_result($result);
 /*save data*/ 
 $new_data=serialize($new_data);
 }else $new_data="";
 $qw="UPDATE $VSecure_tbl_usr set DATA='".addslashes($new_data)."' WHERE login='".md5($login)."' " ;
 $result= @mysql_query ($qw , $MySQL_link) or 
     echo_error(__FILE__,__LINE__,ERR_MYSQL,"Could not save the user data...");
 return true; 
 }



/************************************************************/
/*Echo_error:outputs a ERROR OCCURED form acording to what's */
/* in $which_err                                             */
/*                                                           */
/*from_file - please, input __FILE__ const.                  */
/*from_line - please, input __LINE__ const.                  */
/*                                                           */
/*which_err: ERR_MYSQL                                       */
/* err_report: which mysql error occured                     */
/* example of err_report: "Could not connect to SQL database"*/
/*                                                           */
/*which_err: ERR_SESSION                                     */
/* err_report: 1st word: which user can not be created       */
/*             following: which error occured                */
/* example of err_report: "Anonym can not delete session..." */
/*                                                           */
/*which_err: ERR_FILE                                        */
/* err_report: which file                                    */
/* example of err_report: "/data/files/datafile.dat"         */
/*                                                           */
/*Examples:                                                  */
/* echo_error(__FILE__,__LINE__,ERR_MYSQL,                   */
/*            "Could not connect to SQL database");          */
/*************************************************************/
function echo_error($from_file,$from_line,$which_err,$err_report) 
 {
 global $login, $user_email,$user_name, $user_nick, $user_status;
 echo " <style type=\"text/css\">	<!--
	BODY{
		background-color : #EEEEEE;
	}
	H1{
		color : #8B0000;
		font-family : Arial, Helvetica, sans-serif;
		font-size : 40;
		font-weight : bold;
		letter-spacing : 2;
	}
	.ERR{
		background-color : #FEBDA7;
		margin-left : 20%;
		margin-right : 20%;
	}
	.CR{
		background-color : White;
		border : 1px solid Black;
		margin-left : 3;
		margin-right : 3;
		margin-top : 3;
		text-align : justify;
		scrollbar-track-color : White;
		scrollbar-darkshadow-color : white;
		scrollbar-arrow-color : Black;
		scrollbar-highlight-color : black;
		scrollbar-shadow-color : black;
		scrollbar-base-color : white;
		scrollbar-3dlight-color : white;
		scrollbar-face-color : white;

	}
	-->
</style>";
 echo "<div align=\"center\"><br /><br />\n";
 $err = "<h1>Error</h1><br /><br />";
 $err.= "<div class=err><br /> In file <b>".basename($from_file)."</b> on line <b>".$from_line."</b><br /><br />\n\n";
 if ($which_err==ERR_MYSQL)
  {
  $err.= "<b>Something wrong with MySQL server, database, tables or querie</b><br />\n";
  $err.= "<b><i>".$err_report."</i></b><br />\n";
  $err.= "Got MySQL error: '".mysql_error()."' ";
  }
 elseif ($which_err==ERR_SESSION)
  {
  $err.= "<b>Can not set the user session!</b><br />\n";
  $err.= "<b>Something wrong with session table, MySQL server, database or querie</b><br />\n";
  $c=strpos($err_report," ");
  if ($c!=false)
   {
   $usr=substr($err_report,0,$c);
   $warning=substr($err_report,$c);
   }
  $err.= "<b><i> USER: ".$usr."</i></b><br />\n";
  $err.= "<b><i> WARNING: ".$warning."</i></b><br />\n";
  $err.= "Got MySQL error: '".mysql_error()."' ";
  }
 elseif ($which_err==ERR_FILE)
  {
  $err.= "<b>Can not handle with file!</b><br />\n";
  $err.= "<b>Probably you have no rights to acces to this file or file daes not exist.</b><br />\n";
  $err.= "<b><i>FILE: ".$err_report."</i></b><br />\n";
  }
 else
  {
  $err.= "<b>Uknown error nr.</b><br />\n";
  $err.= "<b><i>".$err_report."</i></b>";
  }
 
 $err.= "<br /><br /></div><br />\n\n";
 
 echo $err;
 echo "Please send a message to administrator:<form action='mailto:?subject=error' method=post enctype='text/plain' target= onClick=\"window.alert('Thanx for your time.');\">\n";
 echo "<textarea cols=65 rows=7 name=error wrap=\"on\" class=cr>\n";
 echo strip_tags($err);
 echo "</textarea><br /><br />\n";
 echo "<input type=\"submit\" />\n";
 echo " <input type=\"hidden\" name=\"login\" value=\"".$login."\" />\n";
 echo " <input type=\"hidden\" name=\"user_status\" value=\"".$user_status."\" />\n";
 echo " <input type=\"hidden\" name=\"user_nick\" value=\"".$user_nick."\" />\n";
 echo " <input type=\"hidden\" name=\"user_name\" value=\"".$user_name."\" />\n";
 echo " <input type=\"hidden\" name=\"user_email\" value=\"".$user_email."\" />\n";
 echo "</form></div>\n";
 alert("Error occured - please send message to administrator...");
 exit();
 }


/***********************************/
/* basic information about VSecure */
/***********************************/
function VSecure_info()
 {
 global $VSecure_version,$MAIN_URL,$MAIN_QUERY,$language,$VSecure_magic_quotes;
 global $adminEml,$adminname,$VSecure_tbl_usr,$VSecure_tbl_ss;
 global $VSecure_Y,$VSecure_N,$VSecure_conf;
 echo " <style type=\"text/css\">	<!--
	BODY{
		background-color : #EEEEEE;
	}
	.HH1{
		color : #8B0000;
		font-family : Arial, Helvetica, sans-serif;
		font-size : 40;
		font-weight : bold;
		letter-spacing : 2;
	}
	-->
</style>";
 echo "<div align=\"center\"><span class=hh1>Info</span><br /><b><i>- VSecure -</i></b></div>\n";
 echo "<br />\n";
 echo "<table width=\"80%\" border=\"1\" cellspacing=\"0\" cellpadding=\"2\" align=\"center\" bgcolor=\"#EEEEEE\" bordercolor=\"Black\" bordercolorlight=\"Black\" bordercolordark=\"Black\" frame=\"void\" rules=\"rows\">\n";
 echo "<tr><td><b>Version</b>:</td><td align=\"right\"><b><i>&nbsp;".$VSecure_version."</i></b></td></tr>\n";
 echo "<tr><td><b>MAIN_URL</b>:</td><td align=\"right\"><b><i>&nbsp;".$MAIN_URL."</i></b></td></tr>\n";
 echo "<tr><td><b>REMOTE_ADDR</b>:</td><td align=\"right\"><b><i>&nbsp;".$_SERVER['REMOTE_ADDR']."</i></b></td></tr>\n";
 echo "<tr><td><b>MAIN_QUERY</b>:</td><td align=\"right\"><b><i>&nbsp;".$MAIN_QUERY."</i></b></td></tr>\n";
 echo "<tr><td><b>language</b>:</td><td align=\"right\"><b><i>&nbsp;".$language."</i></b></td></tr>\n";
 echo "<tr><td><b>VSecure_magic_quotes</b>:</td><td align=\"right\"><b><i>&nbsp;";
 if ($VSecure_magic_quotes) echo $VSecure_Y;else echo $VSecure_N;
 echo "</i></b></td></tr>\n";
 echo "</table><br />";
 echo "<table width=\"80%\" border=\"1\" cellspacing=\"0\" cellpadding=\"2\" align=\"center\" bgcolor=\"#EEEEEE\" bordercolor=\"Black\" bordercolorlight=\"Black\" bordercolordark=\"Black\" frame=\"void\" rules=\"rows\">\n";
 echo "<tr><td><b>\$VSecure_conf['admin_name']</b>:</td><td align=\"right\"><b><i>&nbsp;".$VSecure_conf['admin_name']."</i></b></td></tr>\n";
 echo "<tr><td><b>\$VSecure_conf['admin_email']</b>:</td><td align=\"right\"><b><i>&nbsp;".$VSecure_conf['admin_email']."</i></b></td></tr>\n";
 echo "<tr><td><b>VSecure_tbl_usr</b>:</td><td align=\"right\"><b><i>&nbsp;".$VSecure_tbl_usr."</i></b></td></tr>\n";
 echo "<tr><td><b>VSecure_tbl_ss</b>:</td><td align=\"right\"><b><i>&nbsp;".$VSecure_tbl_ss."</i></b></td></tr>\n";
 echo "<tr><td valign=\"top\"><b>\$VSecure_conf['status_level'][]</b>:</td><td align=\"right\"><b><i>&nbsp;";
 $i=0;
 while (isset($VSecure_conf['status_level'][$i])){ echo $VSecure_conf['status_level'][$i]."<br /> ";$i++;}
 echo "</i></b></td></tr>\n";
// echo "<tr><td><b></b>:</td><td align=\"right\"><b><i>".$."</i></b></td></tr>\n";
 echo "</table><br />";
 echo "<table width=\"80%\" border=\"1\" cellspacing=\"0\" cellpadding=\"2\" align=\"center\" bgcolor=\"#EEEEEE\" bordercolor=\"Black\" bordercolorlight=\"Black\" bordercolordark=\"Black\" frame=\"void\" rules=\"rows\">\n";
 echo "<tr><td valign=\"top\" width=\"100%\"><b>Defined const.</b></td><td align=\"left\"><b>VS_NO_SESSION<br />VS_BAD_IP<br />VS_BAD_USER<br />VS_SESSION_OK<br />VS_LOAD_DATA_ALL<br />VS_DESTROY_DATA_ALL<br />ERR_MYSQL<br />ERR_SESSION<br />ERR_FILE</b><br /></td></tr>\n";
 echo "</table>";
 }

/******************************************/
/*  returns true if the user is online    */
/*(it means that he's got a valid session)*/
/******************************************/

function is_online($login)
 {
 global $MySQL_link,$VSecure_tbl_ss;
 
 $qw="select login from $VSecure_tbl_ss WHERE login='".md5($login)."' " ;
 $result= @mysql_query ($qw , $MySQL_link) or 
     echo_error(__FILE__,__LINE__,ERR_MYSQL,"Could not read in the session table...");
 if ($row=mysql_fetch_row($result))return true;
 return false;
 }

/*********************************************/
/*set_user_session - sets new session in     */
/*                   MySQL session table     */
/*                                           */
/*note: it is NOT controled, if session      */
/*      existed yet! (because of speed)      */
/*                                           */
/*login = login of the user                  */
/*                                           */
/*                                           */
/*returns true if succeed                    */
/*********************************************/
function set_user_session($login)
 {
 global $usrSSid,$usrlogin,$MySQL_link,$VSecure_tbl_ss;

 // seed with microseconds since last "whole" second
 mt_srand ((double) microtime() * 1000000000);

 $session_=(string)mt_rand(0,999999999);
 destroy_user_session();
 $qw="INSERT INTO $VSecure_tbl_ss (session,login, ip,timestamp) VALUES ( $session_ , '".md5($login)."','".$_SERVER['REMOTE_ADDR']."',".time().")";
 $result= @mysql_query ($qw , $MySQL_link)
      or echo_error(__FILE__,__LINE__,ERR_SESSION, $login ." Can't write session...");
 $usrSSid=$session_;
 $usrlogin=$login;
 return true;
 }

/*********************************************/
/*destroy_user_session - deletes session from*/
/*                   MySQL session table     */
/*                                           */
/*note: it is NOT controled, if session      */
/*      existed! (because of speed)          */
/*                                           */
/*returns true if succeed                    */
/*********************************************/
function destroy_user_session()
 {
 global $usrSSid,$usrlogin,$MySQL_link,$REMOTE_ADDR,$VSecure_tbl_ss;
 $qw="DELETE FROM $VSecure_tbl_ss WHERE session = '".$usrSSid."' ";
 $result= @mysql_query ($qw , $MySQL_link)
      or echo_error(__FILE__,__LINE__,ERR_SESSION, $login ." Can't delete session...");
 $usrSSid="";
 $usrlogin="";
 return true;
 }

/*********************************************/
/*logout - logouts user                      */
/*       ==destroys session from MySQL table */
/*                                           */
/*                                           */
/*returns true if succeed                    */
/*********************************************/
function logout()
 {
 global $usrSSid, $usrlogin,$MySQL_link,$warningalert,$MAIN_URL,$VSecure_tbl_ss,$url;

 $whom=$usrSSid;


 set_user_session("anonym");
 if ($warningalert!="")alert($warningalert);
 if ($url=="")$url=$MAIN_URL;
 do_redir($url);
 }

/*********************************************/
/*how_many -returns the count of logged users*/
/*                                           */
/*                                           */
/*type: "all"       - count all users        */
/*      "anonymous" - count of no logged usrs*/
/*      "logged"    - count of logged users  */
/*                                           */
/*********************************************/


function how_many($type)
 {
 global $MySQL_link,$VSecure_tbl_ss;
 
 if ($type=="all")
  {
  $qw="select * from $VSecure_tbl_ss ";
  }
 elseif ($type=="anonymous")
  {
  $qw="select * from $VSecure_tbl_ss where login='".md5('anonym')."' ";
  }
 elseif ($type=="logged")
  {
  $qw="select * from $VSecure_tbl_ss where login!='".md5('anonym')."' ";
  }
 else
  {
  return false;
  }

 $result=@mysql_query ($qw,$MySQL_link);
 return mysql_num_rows ($result);
 }

#########################################################
# return random password made only from numbers and a-Z #
#########################################################
function random_passwd($length_)
 {
 $passwd_="";$i=0;
 for ($i=0;$i<$length_;$i++)
  {
  $rnd_=mt_rand(0,2);
  if ($rnd_==0)$rnd_=mt_rand(48,57);
  if ($rnd_==1)$rnd_=mt_rand(65,90);
  if ($rnd_==2)$rnd_=mt_rand(97,122);
  $passwd_.= chr($rnd_);
  }
 return $passwd_;
 }

#########################################################
# outputs xhtml 1.1 header of document with title $TITLE#
#########################################################
function xhtml_header($TITLE,$styles = false,$script = false)
 {
 global $language,$charset;
 echo '<?xml version="1.0" encoding="'.$charset.'"?>';
 echo "\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\n";
 echo "<html xmlns=\"http://www.w3.org/1999/xhtml\">\n";
 echo "<head>\n";
 echo "	  <meta http-equiv=\"content-type\" content=\"text/html; charset=".$charset."\" />\n";
 echo "   <meta http-equiv=\"content-style-type\" content=\"text/css\" />\n";
 echo "	  <meta http-equiv=\"content-language\" content=\"$language\" /> \n";
 if ((file_exists('style.css'))&&($styles)) echo "	  <link rel=\"stylesheet\" type=\"text/css\" href=\"style.css\" />\n";
 echo "	<title> $TITLE</title>\n";
 echo "</head>\n";
 echo "<body bgcolor=\"#ffffff\" textcolor=\"#000000\" >\n";
 if ((file_exists('script.js'))&&($script)) echo " <script language=\"JavaScript1.2\" src=\"script.js\" type=\"text/javascript\">\n</script>\n";
 echo " <div style=\"margin:0px;\" >\n";
 }

#########################################################
# outputs xhtml 1.1 foot of document and axits          #
#########################################################
function xhtml_footer()
 {
 echo "\n\n <br />\n<br />\n";
 echo "<div style=\"font-weight:bold;text-align:center;font-size:12px;color:Maroon;\">Jan Vilimek, <a href=\"mailto:hide@address.com?subject=VSecure".htmlentities (" on server ".$_SERVER['SERVER_NAME'])."\" title=\"mail me\">hide@address.com</a>, &copy; 2001<br />\n";
 echo "\n          ...please check our pages <a href=\"http://www.guanoweb.cz\" title=\"Click here...\">www.guanoweb.cz</a> for new updates...</div>\n";
 echo "\n </div>\n";
 echo "</body>\n";
 echo "</html>";
 exit();
 }

###########################################################
# returns shorted string with '...' on the end if shorted #
###########################################################
function str_shorten($str,$new_length)
 {
 if ((strlen($str)>$new_length)&&($new_length>4))
  {
  $newstr= substr ( $str, 0 , $new_length - 3);
  $newstr.='...';
  return $newstr;
  }else return $str;
 }

?>
Return current item: VSecure