1 |
<? |
2 |
|
3 |
global $smarty,$dbh,$user_authed; |
4 |
|
5 |
// fetch menu |
6 |
|
7 |
if (!isset($m)) { |
8 |
$m=$section; |
9 |
} else { |
10 |
$smarty->assign("m_session","m=$m&"); |
11 |
$smarty->assign("m_session_urlend","&m=$m"); |
12 |
$smarty->assign("m_form_session","<input type=\"hidden\" name=\"m\" value=\"$m\">"); |
13 |
} |
14 |
|
15 |
$sth = $dbh->prepare("select item,url,file,w,h from menu where section='$m' and $visible_is_true order by num"); |
16 |
$sth->execute(); |
17 |
while ($row=$sth->fetchrow_hash()) { |
18 |
$menu[]=$row; |
19 |
} |
20 |
|
21 |
$smarty->assign("menu",$menu); |
22 |
|
23 |
|
24 |
// link na otroke sa slatkorne stran |
25 |
if ($m == "sladkorna") $smarty->assign("link_otroci",1); |
26 |
|
27 |
|
28 |
$sql_where=" and substr(type,3,1)<>'x'" ; // don't show locked records |
29 |
|
30 |
|
31 |
// auth... based on m |
32 |
|
33 |
$cookie_data=md5(strftime("%w%Y").$PHP_AUTH_USER.$PHP_AUTH_PW); |
34 |
|
35 |
if ($m == "za_zdravnike") { |
36 |
|
37 |
|
38 |
if ($cookie_data != $pliva_si_user) { |
39 |
|
40 |
$sth = $dbh->prepare("select login as user,geslo as pw from people where login = '$PHP_AUTH_USER'"); |
41 |
$sth->execute(); |
42 |
if (! $row=$sth->fetchrow_hash() || $PHP_AUTH_PW != $row[pw]) { |
43 |
header("WWW-authenticate: basic realm=\"$HTTP_HOST\"") ; |
44 |
header("HTTP/1.0 401 Unauthorized") ; |
45 |
print "<html>Unauthorized</html>"; |
46 |
exit; |
47 |
} else { |
48 |
setcookie("pliva_si_user",$cookie_data); |
49 |
} |
50 |
} |
51 |
|
52 |
$user_authed++; |
53 |
$sql_where=""; // don't limit output to authed users |
54 |
} else { |
55 |
if ($cookie_data == $pliva_si_user) { |
56 |
$user_authed++; |
57 |
$sql_where=""; // don't limit output to authed users |
58 |
} |
59 |
} |
60 |
$smarty->assign("user_authed",$user_authed); |
61 |
|
62 |
|
63 |
// fetch news |
64 |
|
65 |
$sth = $dbh->prepare("select id,title from news where substr(type,1,1)='n' $sql_where and $visible_is_true order by date desc limit 5"); |
66 |
$sth->execute(); |
67 |
while ($row=$sth->fetchrow_hash()) { |
68 |
$news[]=$row; |
69 |
} |
70 |
$smarty->assign("news",$news); |
71 |
|
72 |
$sth = $dbh->prepare("select id,title from news where substr(type,1,1)='e' $sql_where and $visible_is_true order by priority desc,date desc limit 5"); |
73 |
$sth->execute(); |
74 |
while ($row=$sth->fetchrow_hash()) { |
75 |
$events[]=$row; |
76 |
} |
77 |
$smarty->assign("events",$events); |
78 |
|
79 |
$smarty->assign("self",$PHP_SELF); |
80 |
|
81 |
#include("debug.inc"); |
82 |
|
83 |
?> |