1 |
ravilov |
1.1 |
<? |
2 |
|
|
|
3 |
dpavlin |
1.11 |
global $smarty,$dbh,$user_authed; |
4 |
ravilov |
1.1 |
|
5 |
|
|
// fetch menu |
6 |
|
|
|
7 |
dpavlin |
1.5 |
if (!isset($m)) { |
8 |
|
|
$m=$section; |
9 |
|
|
} else { |
10 |
|
|
$smarty->assign("m_session","m=$m&"); |
11 |
dpavlin |
1.8 |
$smarty->assign("m_session_urlend","&m=$m"); |
12 |
dpavlin |
1.6 |
$smarty->assign("m_form_session","<input type=\"hidden\" name=\"m\" value=\"$m\">"); |
13 |
dpavlin |
1.5 |
} |
14 |
|
|
|
15 |
dpavlin |
1.9 |
$sth = $dbh->prepare("select item,url,file,w,h from menu where section='$m' and $visible_is_true order by num"); |
16 |
ravilov |
1.1 |
$sth->execute(); |
17 |
|
|
while ($row=$sth->fetchrow_hash()) { |
18 |
|
|
$menu[]=$row; |
19 |
|
|
} |
20 |
|
|
|
21 |
|
|
$smarty->assign("menu",$menu); |
22 |
|
|
|
23 |
dpavlin |
1.10 |
|
24 |
|
|
// link na otroke sa slatkorne stran |
25 |
|
|
if ($m == "sladkorna") $smarty->assign("link_otroci",1); |
26 |
|
|
|
27 |
|
|
|
28 |
|
|
$sql_where=" and substr(type,3,1)<>'x'" ; // don't show locked records |
29 |
|
|
|
30 |
dpavlin |
1.11 |
|
31 |
dpavlin |
1.10 |
// auth... based on m |
32 |
dpavlin |
1.11 |
|
33 |
|
|
$cookie_data=md5(strftime("%w%Y").$PHP_AUTH_USER.$PHP_AUTH_PW); |
34 |
|
|
|
35 |
dpavlin |
1.10 |
if ($m == "za_zdravnike") { |
36 |
|
|
|
37 |
dpavlin |
1.11 |
|
38 |
|
|
if ($cookie_data != $pliva_si_user) { |
39 |
|
|
|
40 |
|
|
$sth = $dbh->prepare("select login as user,geslo as pw from people where login = '$PHP_AUTH_USER'"); |
41 |
|
|
$sth->execute(); |
42 |
|
|
if (! $row=$sth->fetchrow_hash() || $PHP_AUTH_PW != $row[pw]) { |
43 |
|
|
header("WWW-authenticate: basic realm=\"$HTTP_HOST\"") ; |
44 |
|
|
header("HTTP/1.0 401 Unauthorized") ; |
45 |
|
|
print "<html>Unauthorized</html>"; |
46 |
|
|
exit; |
47 |
|
|
} else { |
48 |
|
|
setcookie("pliva_si_user",$cookie_data); |
49 |
|
|
} |
50 |
|
|
} |
51 |
|
|
|
52 |
|
|
$user_authed++; |
53 |
|
|
|
54 |
|
|
$sql_where=""; // don't limit output to authed users |
55 |
|
|
} else { |
56 |
|
|
if ($cookie_data == $pliva_si_user) $user_authed++; |
57 |
dpavlin |
1.10 |
} |
58 |
dpavlin |
1.11 |
$smarty->assign("user_authed",$user_authed); |
59 |
|
|
|
60 |
dpavlin |
1.10 |
|
61 |
ravilov |
1.1 |
// fetch news |
62 |
|
|
|
63 |
dpavlin |
1.10 |
$sth = $dbh->prepare("select id,title from news where substr(type,1,1)='n' $sql_where and $visible_is_true order by date desc limit 5"); |
64 |
ravilov |
1.1 |
$sth->execute(); |
65 |
|
|
while ($row=$sth->fetchrow_hash()) { |
66 |
|
|
$news[]=$row; |
67 |
|
|
} |
68 |
|
|
$smarty->assign("news",$news); |
69 |
|
|
|
70 |
dpavlin |
1.10 |
$sth = $dbh->prepare("select id,title from news where substr(type,1,1)='e' $sql_where and $visible_is_true order by priority desc,date desc limit 5"); |
71 |
ravilov |
1.1 |
$sth->execute(); |
72 |
|
|
while ($row=$sth->fetchrow_hash()) { |
73 |
|
|
$events[]=$row; |
74 |
|
|
} |
75 |
|
|
$smarty->assign("events",$events); |
76 |
|
|
|
77 |
dpavlin |
1.11 |
$smarty->assign("self",$PHP_SELF); |
78 |
|
|
|
79 |
ravilov |
1.1 |
#include("debug.inc"); |
80 |
|
|
|
81 |
|
|
function check_required() { |
82 |
|
|
global $inputs_required; |
83 |
|
|
global $inputs_required_type; |
84 |
|
|
$ok=1; |
85 |
|
|
if (isset($inputs_required)) { |
86 |
|
|
foreach ($inputs_required as $i) { |
87 |
|
|
if (! isset($GLOBALS[$i]) || $GLOBALS[$i] == "") $ok=0; |
88 |
|
|
switch (strtolower($inputs_required_type[$i])) { |
89 |
|
|
case 'email': |
90 |
|
|
if (!strstr($GLOBALS[$i],'@')) $ok=0; |
91 |
|
|
} |
92 |
dpavlin |
1.11 |
# print "$i: $GLOBALS[$i] type: $inputs_required_type[$i] $ok --<br>\n "; |
93 |
ravilov |
1.1 |
|
94 |
|
|
} |
95 |
|
|
} else { |
96 |
|
|
print "<!-- no inputs required -->"; |
97 |
|
|
} |
98 |
|
|
return $ok; |
99 |
|
|
} |
100 |
|
|
|
101 |
|
|
?> |