Location: PHPKode > projects > ZompLog > content.php
<?php

## security (thanks to Tim Glabisch for his Zomplog security patch)
include_once("admin/includes/security_class.php");
$sec_content = new sec_patch();
$sec_content->sec_included(__FILE__,0);

include_once("admin/functions_display.php");

/* This script collects the content from the database and prepares it before it is sent to the template */
/* Depending on which kind of content is requested (blog posts, a page or the archive) this script does all the work for you. */


/* --------------------------------------------------------------------------------------------------------------------------------- */




// blog post
if ($content == 'entry'){

// include moblog system
$moblog = loadMoblogSettings($link,$table_moblog);

if($moblog[use_moblog]){
include("moblog.php");
}

//  obtain current date in order to select out not-yet-published and expired posts
$rev_datetime  = date('YmdHis');

// start of page numbering
// category
if($_GET[catid]){
$thecatid = 1; // if the parameter is not numeric (possible hacking attempt), the script defaults to 1
if(is_numeric($_GET['catid'])){ 
$thecatid =  $_GET['catid'];
}
$dbquery = "SELECT * FROM $table WHERE (date <= $rev_datetime) AND (expirydate >= $rev_datetime) AND catid = '$thecatid' ORDER BY date DESC";
}

// username
elseif($_GET[username]){
$dbquery = "SELECT * FROM $table WHERE (date <= $rev_datetime) AND (expirydate >= $rev_datetime) AND username = '$_GET[username]' ORDER BY date DESC";
$user = loadUser($_GET[username],$link,$table_users);
if(!$user){
echo "$lang_no_result";
}
else{

if($user[name]){
$notice = "$lang_posts_by $user[name]";
}
else
{
$notice = "$lang_posts_by $_GET[username]";
}
}

}
// search
elseif($_GET[search]){
$search = htmlspecialchars($_GET[search]);

$dbquery = "SELECT * FROM $table WHERE (date <= $rev_datetime) AND (expirydate >= $rev_datetime) AND (title LIKE '%$search%' OR text LIKE '%$search%' OR extended LIKE '%$search%') ORDER BY date DESC";
$notice = "$lang_searched_for $search";
}
else
{

// okay, what's this...?
// this part allows plugins to use $_GET-variables to influence the main-content
// first we define a filter in the plugin, like $filter = 'tag';
// now when someone puts in something like index.php?tag=bla, this value can be used by the actual filter (which is also defined in plugin)
// for an example of usage, look at the "tagger"-plugin

$hook = "filter-define";
include("admin/loadplugins.php");

// tricky stuff, but very cool, though!
if(isset($filter)){

if($_GET[$filter]){
// this is where the actual plugin comes in!
$hook = "filter";
include("admin/loadplugins.php");
}
else
{
$dbquery = "SELECT * FROM $table WHERE (date <= $rev_datetime) AND (expirydate >= $rev_datetime) ORDER BY date DESC";
}
}
// no plugin filter found
else{
$dbquery = "SELECT * FROM $table WHERE (date <= $rev_datetime) AND (expirydate >= $rev_datetime) ORDER BY date DESC";
}



// this is one of the few things you cannot edit throught the theme-editor
if($settings[site_welcome]){
echo "<br /><div class='text'>$settings[site_welcome]</div><br />";
}
}

// this is one of the few things you cannot edit throught the theme-editor
if($notice){
echo "<br /><div class='text'>$notice</div><br />";
}




$query = mysql_query($dbquery,$link);
$numrows = mysql_num_rows ($query);

if (!isset ($_GET[show])) {
$display = 1;
} 
elseif(!is_numeric($_GET[show])){
$display = 1;
}
else {
	$display = $_GET[show];
}

$start = (($display * $limit) - $limit);

$mainquery = "$dbquery LIMIT $start, $limit";
$result = mysql_query($mainquery);
$results = mysql_fetch_array($result);
if(!$results){
echo "$lang_no_results";
}	



$result = mysql_query ($mainquery, $link) or die("Died getting info from db.  Error returned if any: ".mysql_error());
$entries = arrayMaker($result,MYSQL_ASSOC);

foreach($entries as $entry){

$hook = 'blogentry-top';
include("admin/loadplugins.php");

$title = $entry[title];
$text = nl2br($entry[text]);

$query = "SELECT * FROM $table_files WHERE entry_id = '$entry[id]' ORDER BY fileorder ASC";
$result = mysql_query($query, $link);
while($row = mysql_fetch_array($result)){
// see admin/functions_display.php
$image .= handleImages($row,$entry[id]);
$file .= handleFiles($row);

/* old style (linking to detail page), uncomment if you want this back (and comment out the above two lines)
if($row[type] == 'image/jpeg' || $row[type] == 'image/pjpeg' || $row[type] == 'image/gif'){

if(!$row['width']){
// for moblog users
// disable enlargement if lightbox plugin is not active
$query = "SELECT * FROM $table_plugins WHERE name = 'lightbox' AND active = '1'";
$result = mysql_query($query, $link);
$numrows = mysql_num_rows($result);
if($numrows){
$lightbox_start = "<a href='".ROOT."upload/$row[name]'
class='thumbnail' rel='lightbox[$entry[id]]'>";
$lightbox_end = "</a>";
}

$image .= "<p>$lightbox_start<img src='".ROOT."upload/thumbnail.php?gd=2&src=$row[name]&maxw=130' alt='image'  border='0' class='img' />$lightbox_end</p>";
}
else
{
$image .= "<p><a href='".ROOT."upload/$row[name]?$row[width],$row[height]'
class='thumbnail' rel='lightbox[$entry[id]]'><img src='thumbs/$row[name]' alt='image' border='0' class='img' /></a></p>";
}                              
}

// plain text, csv, eps, word doc, zip-files, powerpoint, rtf, excel, .tgz, .tar
// these files will all be forced downloaded when a user clicks the link
if($row[type] == 'text/plain' || $row[type] == 'application/postscript' || $row[type] == 'application/msword' || $row[type] == 'application/x-gzip' || $row[type] == 'application/vnd.ms-powerpoint' || $row[type] == 'application/rtf' || $row[type] == 'application/vnd.ms-excel' || $row[type] == 'application/x-tar' || $row[type] == 'application/x-compressed' || $row[type] == 'application/zip' || $row[type] == 'application/pdf'){
$filename=urlencode($row[name]);
// fix to get the real name of the file
$name = substr($row[name],13);
$type=urlencode($row[type]);
$file .= " <a href='".ROOT."upload/force_download.php?file=$filename&amp;type=$type'>$name</a><br />";
}
                            
// mp3 embed
if(!$override_player){ //override if you want to use another player, e.g. plugin player
if($row[type] == 'audio/mpeg' || $row[type] == 'audio/mp3'){
if(ROOT){
$file .= " <a href='".ROOT."posts/$entry[id]'>$lang_listen</a><br />";
}
else
{
$file .= " <a href='?content=detail&amp;id=$entry[id]'>$lang_listen</a><br />";
}
}
}

// quicktime embed
if($row[type] == 'video/quicktime' || $row[type] == 'video/mpeg'  || $row[type] == 'video/mp4'){
if(ROOT){
$file .= " <a href='".ROOT."posts/$entry[id]'>$lang_view</a><br />";
}
else
{
$file .= " <a href='?content=detail&amp;id=$entry[id]'>$lang_view</a><br />";
}
}


// RealPlayer embed
if($row[type] == 'audio/x-pn-realaudio'){
if(ROOT){
$file .= " <a href='".ROOT."posts/$entry[id]'>$lang_view</a><br />";
}
else
{
$file .= " <a href='?content=detail&amp;id=$entry[id]'>$lang_view</a><br />";
}
}

// Windows media embed
if($row[type] == 'video/x-ms-wmv' || $row[type] == 'video/x-ms-wma'){
if(ROOT){
$file .= " <a href='".ROOT."posts/$entry[id]'>$lang_view</a><br />";
}
else
{
$file .= " <a href='?content=detail&amp;id=$entry[id]'>$lang_view</a><br />";
}
}

// vimeo, youtube, myspace, etc embed code
if($row[type] == 'embed'){
$file .= $row[full_url];
}



// YouTube embed
if($row[type] == 'video/youtube'){
$file .= " <a href='?content=detail&amp;id=$entry[id]'>$lang_view</a><br />";
}

*/

}




if($entry[extended]){
if(ROOT){
$read = " <a href='".ROOT."/posts/$entry[id]'>$lang_read_more</a><br />";
}
else
{
$read = " <a href='?content=detail&amp;id=$entry[id]'>$lang_read_more</a><br />";
}
}

$hook = 'blogentry-bottom';
include("admin/loadplugins.php");


$query = mysql_query ("SELECT * FROM $table_comments WHERE entry_id = $entry[id]");
$numcomments = mysql_num_rows ($query);

// converting timestamp to current user-formatted date
$q = mysql_query("SELECT date, UNIX_TIMESTAMP(date) AS timestamp FROM $table WHERE id = '$entry[id]'");
$row = mysql_fetch_array($q);

// then use PHP's date() function :
$postdate = date("$userdate", $row['timestamp']);

$user = loadUser($entry[username],$link,$table_users);
if($user[name]){
if(ROOT){
$username = " <a href='".ROOT."profile/$user[id]'>$user[name]</a>";
}
else
{
$username = "<a href='?content=profile&amp;id=$user[id]'>$user[name]</a>";
}
}
else
{
if(ROOT){
$username = " <a href='".ROOT."profile/$user[id]'>$entry[username]</a>";
}
else
{
$username = "<a href='?content=profile&amp;id=$user[id]'>$entry[username]</a>";
}
}

if($entry[catid]){
$query = "SELECT * FROM $table_cat WHERE id = $entry[catid]";
$result = mysql_query ($query, $link) or die("Died getting info from db.  Error returned if any: ".mysql_error());
$cat = mysql_fetch_array($result,MYSQL_ASSOC);
if(ROOT){
$category = "<a href='".ROOT."categories/$cat[id]'>$cat[name]</a>";
}
else
{
$category = "<a href='?catid=$cat[id]'>$cat[name]</a>";
}
}

if($settings[comments]){
if(ROOT){
$comments = "<a href='".ROOT."posts/$entry[id]#comments'>$numcomments $lang_number_comments</a>";
}
else
{
$comments = "<a href='?content=detail&amp;id=$entry[id]#comments'>$numcomments $lang_number_comments</a>";
}
}

// include the content after checking if the theme has its own content.php (if not, use layout/content.php)
$contentpath = "themes/$settings[skin]/content.php";
fetchContentpath($contentpath);
include($contentpath);

// fix to set back image array to "empty"
$image = FALSE;
$pluginspace1 = FALSE;
$file = FALSE;
}

// end entry
}


/* --------------------------------------------------------------------------------------------------------------------------------- */
// detail page content

if ($content == 'detail'){

$entry = loadEntry($link,$table);

// make sure the id exists
if(!$entry){
echo "$lang_no_results";
exit;
}	

$query = "SELECT ip FROM $table_banned";
$result = mysql_query($query,$link) or die("Could not load banned ip information.");
$banned = mysql_fetch_array($result,MYSQL_ASSOC);

if($banned){
if( in_array( $_SERVER['REMOTE_ADDR'], $banned ) ) { exit("<div class='text'>You're banned from this page.</div>"); }
}




if($_POST[addreview]){

if(!$_POST[name])
{
$messages[]="$lang_error_name";
}

if(!$_POST[comment])
{
$messages[]="$lang_error_comment";
}

// insert plugin hook
$hook = "spamwordslist";
include("admin/loadplugins.php");

// this checks the comment name against a list of spamwords (spamwords.php)
$myname= explode(' ', $_POST[name]);
foreach($myname as $name){
if(in_array($name, $spamwords)){
$messages[]="$lang_message001";
}
}

// this checks the comment against a list of spamwords (spamwords.php)
$mycomment = explode(' ', $_POST[comment]);
foreach($mycomment as $comment){
if(in_array($comment, $spamwords)){
$messages[]="$lang_message001";
}
}

if(!empty($messages)){
	displayErrors($messages);
}

if(empty($messages)) {

		newComment($link,$table_comments,$date);
		
$notice = $lang_error_comment_success;

	}

	}

// this is one of the few things you cannot edit throught the theme-editor
if($notice){
echo "<div class='text'>$notice</div><br />";
}


// start of mainpage content

$hook = 'blogentry-top';
include("admin/loadplugins.php");
	
$title = "$entry[title]";

$text = nl2br($entry[text]);

if($entry[extended]){
$extended = nl2br($entry[extended]);
}



$query = "SELECT * FROM $table_files WHERE entry_id = '$entry[id]' ORDER BY fileorder ASC";
$result = mysql_query($query, $link);
while($row = mysql_fetch_array($result)){
$image .= handleImages($row,$entry[id]);
$file .= handleFiles($row);
}

$hook = 'blogentry-bottom';
include("admin/loadplugins.php");

// converting timestamp to current user-formatted date
$q = mysql_query("SELECT date, UNIX_TIMESTAMP(date) AS timestamp FROM $table WHERE id = '$entry[id]'");
$row = mysql_fetch_array($q);

// then use PHP's date() function :
$postdate = date("$userdate", $row['timestamp']);

$user = loadUser($entry[username],$link,$table_users);
if($user[name]){
if(ROOT){
$username = " <a href='".ROOT."profile/$user[id]'>$user[name]</a>";
}
else
{
$username = "<a href='?content=profile&amp;id=$user[id]'>$user[name]</a>";
}
}
else
{
if(ROOT){
$username = " <a href='".ROOT."profile/$user[id]'>$entry[username]</a>";
}
else
{
$username = "<a href='?content=profile&amp;id=$user[id]'>$entry[username]</a>";
}
}


if($entry[catid]){
$query = "SELECT * FROM $table_cat WHERE id = $entry[catid]";
$result = mysql_query ($query, $link) or die("Died getting info from db.  Error returned if any: ".mysql_error());
$cat = mysql_fetch_array($result,MYSQL_ASSOC);
if(ROOT){
$category = "<a href='".ROOT."categories/$cat[id]'>$cat[name]</a>";
}
else
{
$category = "<a href='?catid=$cat[id]'>$cat[name]</a>";
}


}





$content = "detail";
// include the content after checking if the theme has its own content.php (if not, use layout/content.php)
$contentpath = "themes/$settings[skin]/content.php";
fetchContentpath($contentpath);
include($contentpath);


  if($settings[comments]){
  
  $comments = loadComments($entry[id],$link,$table_comments);
  
if(!$comments){
echo "<div class='text'>$lang_no_comments_found</div>";
}
else
{
foreach ($comments as $comment){



		$comments_title = wordwrap($comment[comment], 60, "\n", 1);
		
		// converting timestamp to current user-formatted date
$q = mysql_query("SELECT date, UNIX_TIMESTAMP(date) AS timestamp FROM $table_comments WHERE id = '$comment[id]'");
$row = mysql_fetch_array($q);

// then use PHP's date() function :
$postdate = date("$userdate", $row['timestamp']);

		 $comment_name = "$comment[name]";
     $comment_date =  $postdate;

		$comment_text = wordwrap($comment[comment], 60, "\n", 1);
		$hook = 'display-comment-text';
        include("admin/loadplugins.php");
		
		
		$content = "comment";
// include the content after checking if the theme has its own content.php (if not, use layout/content.php)
$contentpath = "themes/$settings[skin]/content.php";
fetchContentpath($contentpath);
include($contentpath);
  }
  }
  }


// end detail
}




/* --------------------------------------------------------------------------------------------------------------------------------- */
// page content

if ($content == 'page'){

$thepageid = 1; // if the parameter is not numeric (possible hacking attempt), the script defaults to 1
if(is_numeric($_GET['id'])){ 
$thepageid =  $_GET['id'];
}

$query = "SELECT * FROM $table_pages WHERE id = '$thepageid'";
$result = mysql_query ($query, $link) or die("Died getting info from db.  Error returned if any: ".mysql_error());
$page = mysql_fetch_array($result,MYSQL_ASSOC);

// make sure the id exists
if(!$page){
echo "$lang_no_results";
}	


if($page[use_form]){

// the part below extensively tests if the email is not spam
// and removes unwanted header-information spammers could possibly add.


if($_POST["submit"]){

	if(!$_POST[name])
	{
	$messages[]="$lang_message030";
	}

	if(!$_POST[email])
	{
	$messages[]="$lang_message031";
	}
	
// test if email-adress is valid	
if (eregi('^[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.([a-zA-Z]{2,4})$', $_POST['email'])) { 
//fine, do nothing
} else { 
$messages[]="$lang_message032";
} 


// insert plugin hook
$hook = "spamwordslist";
include("admin/loadplugins.php");

	
	// this checks the comment name against a list of spamwords (spamwords.php)
$myname= explode(' ', $_POST[name]);
foreach($myname as $name){
if(in_array($name, $spamwords)){
$messages[]="$lang_message033";
}
}

// this checks the comment against a list of spamwords (spamwords.php)
$myemail = explode(' ', $_POST[email]);
foreach($myemail as $email){
if(in_array($email, $spamwords)){
$messages[]="$lang_message033";
}
}

// this checks the comment against a list of spamwords (spamwords.php)
$myremarks = explode(' ', $_POST[remarks]);
foreach($myremarks as $remark){
if(in_array($remark, $spamwords)){
$messages[]="$lang_message033";
}
}


	
	if(empty($messages)) {
	
		$thename = mailsafe($_POST[name]);
		$theemail = mailsafe($_POST[email]);
		$theremarks = mailsafe($_POST[remarks]);
		$thesendto = mailsafe($page[form_email]);
		$thepage = mailsafe($_POST[page]);
		$theadress = mailsafe($_POST[adress]);
		$thezip = mailsafe($_POST[zip]);
		$thecity = mailsafe($_POST[city]);
		$thephone = mailsafe($_POST[phone]);
		$themobile = mailsafe($_POST[mobile]);
	
		
		$thename = htmlspecialchars($thename, ENT_QUOTES);
		$theemail = htmlspecialchars($theemail, ENT_QUOTES);
		$theremarks = htmlspecialchars($theremarks, ENT_QUOTES);
		$thesendto = htmlspecialchars($thesendto, ENT_QUOTES);
		$thepage = htmlspecialchars($thepage, ENT_QUOTES);
		$theadress = htmlspecialchars($theadress, ENT_QUOTES);
		$thezip = htmlspecialchars($thezip, ENT_QUOTES);
		$thecity = htmlspecialchars($thecity, ENT_QUOTES);
		$thephone = htmlspecialchars($thephone, ENT_QUOTES);
		$themobile = htmlspecialchars($themobile, ENT_QUOTES);
		

		
		$body = "name: $thename\n\nadress: $theadress\n\nzip: $thezip\n\ncity: $thecity\n\nphone: $thephone\n\nmobile: $themobile\n\n email: $theemail\n\n remarks: $theremarks";
		mail("$thesendto", "Email sent from your page: $thepage", "$body", "From: $theemail");

$notice = "$lang_your_email_sent";

	}

	}

// end if($page[use_form])	
}	

// this is one of the few things you cannot edit throught the theme-editor
if($notice){
echo "<div class='text'>$notice</div><br />";
}


if(!empty($messages)){
	displayErrors($messages);
}



	
// start of mainpage content


$title = nl2br($page[title]);
$text = nl2br($page[text]);

$query = "SELECT * FROM $table_files WHERE page_id = '$page[id]'";
$result = mysql_query($query, $link);
while($row = mysql_fetch_array($result)){
$image .= handleImages($row,$entry[id]);
$file .= handleFiles($row);
}

// include the content after checking if the theme has its own content.php (if not, use layout/content.php)
$contentpath = "themes/$settings[skin]/content.php";
fetchContentpath($contentpath);
include($contentpath);


// end page
}

/* --------------------------------------------------------------------------------------------------------------------------------- */
// archive content

if ($content == "archive"){
	
	 if($_GET[userid]){
$userid = 1; // if the parameter is not numeric (possible hacking attempt), the script defaults to 1
if(is_numeric($_GET['userid'])){ 
$userid =  $_GET['userid'];
}	 

	 if($_GET[year]){
$year= 2000; 
// if the parameter is not numeric (possible hacking attempt), the script defaults to the year 2000
// let's call it a reversed Y2K bug :)
if(is_numeric($_GET['year'])){ 
$year =  $_GET['year'];
}	
} 
	  
		$query = "SELECT * FROM $table_users WHERE id = '$userid'";
$result = mysql_query ($query, $link) or die("Died getting info from db.  Error returned if any: ".mysql_error());
$user = mysql_fetch_array($result);
		
		echo "of $user[login]";
		}
		
	
	
	$MAANDEN = array ('01' => "$lang_january", '02' => "$lang_february", '03' => "$lang_march", '04' => "$lang_april", '05' => "$lang_may", '06' => "$lang_june", '07'  => "$lang_july", '08' => "$lang_august", '09' => "$lang_september", '10' => "$lang_october", '11' => "$lang_november", '12' => "$lang_december");


	$jaar = 0;
	$maand = 0;
//  obtain current date in order to select out not-yet-published and expired posts
$rev_datetime = date('YmdHis');
	if($_GET[userid]){
	$mainquery = mysql_query ("SELECT * FROM $table WHERE (date <= $rev_datetime) AND (expirydate >= $rev_datetime) AND userid = '$userid' AND date LIKE '$year' ORDER BY date DESC");
	}
	else
	{
	$mainquery = mysql_query ("SELECT * FROM $table WHERE (date <= $rev_datetime) AND (expirydate >= $rev_datetime) ORDER BY date DESC");
	}
	while ($row = mysql_fetch_array ($mainquery))
	{
	// nasty gerben hack to split up unix timestamp
	  $row['jaar'] = substr($row['date'], 0, 4);
	  $row['maand'] = substr($row['date'], 4, 2);
	  $row['dag'] = substr($row['date'], 6, 2);
 	
$myquery = mysql_query ("SELECT * FROM $table_comments WHERE entry_id = $row[id]");
$numcomments = mysql_num_rows ($myquery);

$query = "SELECT * FROM $table_users WHERE login = '$row[username]'";
$result = mysql_query ($query, $link) or die("Died getting info from db.  Error returned if any: ".mysql_error());
$user = mysql_fetch_array($result);

$q = mysql_query("SELECT date, UNIX_TIMESTAMP(date) AS timestamp FROM $table WHERE id = '$row[id]'");
$myrow = mysql_fetch_array($q);

// then use PHP's date() function :
$postdate = date("$userdate", $myrow['timestamp']);
if(ROOT){
$title = "<a href='".ROOT."posts/$row[id]'>$row[title]</a>";
}
else
{
$title = "<a href='?content=detail&amp;id=$row[id]'>$row[title]</a>";
}

if($user[name]){
if(ROOT){
$username = " <a href='".ROOT."profile/$user[id]'>$user[name]</a>";
}
else
{
$username = "<a href='?content=profile&amp;id=$user[id]'>$user[name]</a>";
}
}
else
{
if(ROOT){
$username = " <a href='".ROOT."profile/$user[id]'>$entry[username]</a>";
}
else
{
$username = "<a href='?content=profile&amp;id=$user[id]'>$entry[username]</a>";
}
}

	
	$content = "archive";
// include the content after checking if the theme has its own content.php (if not, use layout/content.php)
$contentpath = "themes/$settings[skin]/content.php";
fetchContentpath($contentpath);
include($contentpath);
	}
	


// end archive
}


/* --------------------------------------------------------------------------------------------------------------------------------- */
// profile content

if ($content == "profile"){
	
	 if($_GET[id]){

if(is_numeric($_GET['id'])){ 
$userid =  $_GET['id'];
}	 

// getting the userdata	  
$query = "SELECT * FROM $table_users WHERE id = '$userid'";
$result = mysql_query ($query, $link) or die("Died getting info from db.  Error returned if any: ".mysql_error());
$user = mysql_fetch_array($result);

//preparing it before it is sent to the template
$loginname = $user[login];
$realname = $user[name];
$email = $user[email];
$about = $user[about];
$adress = $user[adress];
$zip = $user[zip];
$country = $user[country];
$birthday = $user[birthday];
$gender = $user[gender];
$interests = $user[interests];
$image = "<img src='$user[image]' width='300px' />";
$url = "<a href='$user[url]' target='_blank'>$user[url]</a>";

if($user[movie]){
// because of the way YouTube handles the embed, we need to substract the filename
$video = substr($user[movie],31,41);

$movie = '<object width="425" height="350"><param name="movie" value="http://www.youtube.com/v/'.$video.'"></param><param name="wmode" value="transparent"></param><embed src="http://www.youtube.com/v/'.$video.'" type="application/x-shockwave-flash" wmode="transparent" width="425" height="350"></embed></object>';
}

//  obtain current date in order to select out not-yet-published and expired posts
$rev_datetime = date('YmdHis');
// getting recent post activity
$query = "SELECT * FROM $table WHERE (date <= $rev_datetime) AND (expirydate >= $rev_datetime) AND username = '$user[login]' ORDER BY id DESC LIMIT 5";
$result = mysql_query ($query, $link) or die("Died getting info from db.  Error returned if any: ".mysql_error());
while($therow = mysql_fetch_array($result)){
if(ROOT){
$latest_posts .= "<a href='".ROOT."posts/$therow[id]'>$therow[title]</a><br />";
}
else
{
$latest_posts .= "<a href='?content=detail&amp;id=$therow[id]'>$therow[title]</a><br />";
}

}


$content = "profile";
// include the content after checking if the theme has its own content.php (if not, use layout/content.php)
$contentpath = "themes/$settings[skin]/content.php";
fetchContentpath($contentpath);
include($contentpath);

// end profile
}
}


/* --------------------------------------------------------------------------------------------------------------------------------- */
// mainpage


if ($content == "mainpage"){


$query = "SELECT * FROM $table_pages WHERE mainpage = '1' ORDER BY id DESC LIMIT 1";
$result = mysql_query ($query, $link) or die("Died getting info from db.  Error returned if any: ".mysql_error());
$page = mysql_fetch_array($result,MYSQL_ASSOC);


$title = nl2br($page[title]);
$text = nl2br($page[text]);

$query = "SELECT * FROM $table_files WHERE page_id = '$page[id]'";
$result = mysql_query($query, $link);
while($row = mysql_fetch_array($result)){
$image .= handleImages($row,$entry[id]);
$file .= handleFiles($row);
}

$content = 'page';
// include the content after checking if the theme has its own content.php (if not, use layout/content.php)
$contentpath = "themes/$settings[skin]/content.php";
fetchContentpath($contentpath);
include($contentpath);


// end login
}





$hook = "prepare-content";
include ("admin/loadplugins.php");

if($content == 'error'){
$content = "error";
echo "$lang_no_results";
}

?>
Return current item: ZompLog