--- inc/common.inc	2001/09/20 09:50:24	1.9
+++ inc/common.inc	2002/05/14 12:54:54	1.13
@@ -1,6 +1,6 @@
 <?
 
-global $smarty,$dbh;
+global $smarty,$dbh,$user_authed;
 
 // fetch menu
 
@@ -20,42 +20,64 @@
 
 $smarty->assign("menu",$menu);
 
+
+// link na otroke sa slatkorne stran
+if ($m == "sladkorna") $smarty->assign("link_otroci",1);
+
+
+$sql_where=" and substr(type,3,1)<>'x'" ; // don't show locked records
+
+
+// auth... based on m
+
+$cookie_data=md5(strftime("%w%Y").$PHP_AUTH_USER.$PHP_AUTH_PW);
+
+if ($m == "za_zdravnike") {
+
+
+	if ($cookie_data != $pliva_si_user) {
+
+		$sth = $dbh->prepare("select login as user,geslo as pw from people where login = '$PHP_AUTH_USER'");
+		$sth->execute();
+		if (! $row=$sth->fetchrow_hash() || $PHP_AUTH_PW != $row[pw]) {
+			header("WWW-authenticate: basic realm=\"$HTTP_HOST\"") ;
+			header("HTTP/1.0 401 Unauthorized") ;
+			print "<html>Unauthorized</html>";
+			exit;
+		} else {
+			setcookie("pliva_si_user",$cookie_data);
+		}
+	}
+
+	$user_authed++;
+	$sql_where="";	// don't limit output to authed users
+} else {
+	if ($cookie_data == $pliva_si_user) {
+		$user_authed++;
+		$sql_where="";	// don't limit output to authed users
+	}
+}
+$smarty->assign("user_authed",$user_authed);
+
+
 // fetch news
 
-$sth = $dbh->prepare("select id,title from news where substr(type,1,1)='n' and $visible_is_true order by date desc limit 5");
+$sth = $dbh->prepare("select id,title from news where substr(type,1,1)='n' $sql_where and $visible_is_true order by date desc limit 5");
 $sth->execute();
 while ($row=$sth->fetchrow_hash()) {
 	$news[]=$row;
 }
 $smarty->assign("news",$news);
 
-$sth = $dbh->prepare("select id,title from news where substr(type,1,1)='e' and $visible_is_true order by priority desc,date desc limit 5");
+$sth = $dbh->prepare("select id,title from news where substr(type,1,1)='e' $sql_where and $visible_is_true order by priority desc,date desc limit 5");
 $sth->execute();
 while ($row=$sth->fetchrow_hash()) {
 	$events[]=$row;
 }
 $smarty->assign("events",$events);
 
-#include("debug.inc");
-
-function check_required() {
-	global $inputs_required;
-	global $inputs_required_type;
-	$ok=1;
-	if (isset($inputs_required)) {
-		foreach ($inputs_required as $i) {
-			if (! isset($GLOBALS[$i]) || $GLOBALS[$i] == "") $ok=0;
-			switch (strtolower($inputs_required_type[$i])) {
-				case 'email':
-					if (!strstr($GLOBALS[$i],'@')) $ok=0;
-			}
-//			print "$i: $GLOBALS[$i] type: $inputs_required_type[$i] $ok -- ";
+$smarty->assign("self",$PHP_SELF);
 
-		}
-	} else {
-		print "<!-- no inputs required -->";
-	}
-	return $ok;
-}
+#include("debug.inc");
 
 ?>