1 |
<? |
2 |
|
3 |
set_magic_quotes_runtime(0); |
4 |
|
5 |
include("inc/class.FastTemplate.pinc"); |
6 |
include("inc/conn.inc"); |
7 |
include("inc/fixsql.inc"); |
8 |
|
9 |
$tpl = new FastTemplate("./html"); |
10 |
|
11 |
$tpl->define( |
12 |
array( |
13 |
main => "main.html", |
14 |
nologin => "nologin.html", |
15 |
listall => "list.html", |
16 |
newtopic => "new.html", |
17 |
startnew => "startnew.html", |
18 |
ttable => "topics-table.html", |
19 |
theader => "topics-header.html", |
20 |
tlheader => "topics-list-header.html", |
21 |
trow => "topics-row.html", |
22 |
tlrow => "topics-list-row.html", |
23 |
reply => "reply.html", |
24 |
checkboxes => "checkboxes.html" |
25 |
) |
26 |
); |
27 |
|
28 |
if (isset($PHP_AUTH_USER)) { |
29 |
$sth = $dbh->prepare("select id,login,passwd,full_name,analitical,solution from osobe where login like '$PHP_AUTH_USER'"); |
30 |
$sth->execute(); |
31 |
if ($row=$sth->fetchrow_hash()) { |
32 |
if ($row && $row[passwd] == $PHP_AUTH_PW) { |
33 |
$md5user=md5($PHP_AUTH_USER.$PHP_AUTH_PW); |
34 |
$osoba_id=$row[id]; |
35 |
if ($row[analitical] == "t") { |
36 |
$analitical_room=1; |
37 |
$tpl->assign(array( ROOM => "You are member of analitical room" )); |
38 |
} else { |
39 |
$sql_poruke_where.="and poruke.analitical is false"; |
40 |
} |
41 |
if ($row[solution] == "t") { |
42 |
$solution_room=1; |
43 |
$sql_poruke_where.="and poruke.solution is true"; |
44 |
$tpl->assign(array( ROOM => "You are in solution room" )); |
45 |
} |
46 |
$tpl->assign(array( |
47 |
FULL_NAME => $row[full_name], |
48 |
RELOGIN => "$PHP_SELF?relogin=$md5user" |
49 |
)); |
50 |
} |
51 |
} else { // try to verify user via pop3 |
52 |
include("auth_pop3.php"); |
53 |
$pop3 = new POP3(); |
54 |
|
55 |
if($pop3->connect("intranet.pliva.hr")) { |
56 |
if ($pop3->checklogin($PHP_AUTH_USER,$PHP_AUTH_PW)) { |
57 |
$pop3->quit(); |
58 |
// o.k., user exists now insert it in db! |
59 |
include("finger.inc"); |
60 |
$full_name=finger($PHP_AUTH_USER); |
61 |
$dbh->dbh_do("insert into osobe (login,full_name,email,passwd) values ('$PHP_AUTH_USER','$full_name','$PHP_AUTH_USER@pliva.hr','$PHP_AUTH_PW')"); |
62 |
$sth = $dbh->prepare("select last_value as id from osobe_id_seq"); |
63 |
$sth->execute(); |
64 |
$row=$sth->fetchrow_hash(); |
65 |
$md5user=md5($PHP_AUTH_USER.$PHP_AUTH_PW); |
66 |
$osoba_id=$row[id]; |
67 |
$tpl->assign(array( |
68 |
FULL_NAME => $full_name, |
69 |
RELOGIN => "$PHP_SELF?relogin=$md5user" |
70 |
)); |
71 |
} |
72 |
} |
73 |
} |
74 |
} |
75 |
if (md5($PHP_AUTH_USER.$PHP_AUTH_PW) != $md5user || isset($relogin) && $md5user == $relogin ) { |
76 |
header("WWW-authenticate: basic realm=\"Innovation Commitie\"") ; |
77 |
header("HTTP/1.0 401 Unauthorized") ; |
78 |
$tpl->parse(MAIN, "nologin"); |
79 |
$tpl->parse(MAIN, "main"); |
80 |
$tpl->FastPrint(); |
81 |
exit ; |
82 |
} else { |
83 |
$dbh->dbh_do("update osobe set last_login=now() where login='$PHP_AUTH_USER'"); |
84 |
} |
85 |
|
86 |
//---- insert reply into database |
87 |
|
88 |
if (isset($insert_reply) && isset($p)) { |
89 |
$sth=$dbh->prepare("select sadrzaj,level,thread_id,pos from poruke where id=$p"); |
90 |
$sth->execute(); |
91 |
$row=$sth->fetchrow_hash(); |
92 |
|
93 |
$thread_id=$row[thread_id]; |
94 |
if ($thread_id == 0) $thread_id=$p; // reply to top level topic |
95 |
|
96 |
$level=$row[level] + 1; |
97 |
$pos=$row[pos]; |
98 |
|
99 |
while(strlen($pos) < $level) $pos.="a"; |
100 |
$sth=$dbh->prepare("select pos from poruke where pos like '$pos'"); |
101 |
$sth->execute(); |
102 |
if ($row=$sth->fetchrow_hash()) { |
103 |
for($i=0; $i<$level; $i++) $mask.="_"; |
104 |
$sth=$dbh->prepare("select pos from poruke where thread_id=$thread_id and pos like '$mask' order by pos desc limit 1"); |
105 |
$sth->execute(); |
106 |
if ($row=$sth->fetchrow_hash()) { |
107 |
$pos=$row[pos]; |
108 |
$pos_l=substr($pos,0,strlen($pos)-1); |
109 |
$pos_r=substr($pos,strlen($pos)-1,1); |
110 |
$pos_r++; |
111 |
$pos=$pos_l.$pos_r; |
112 |
} |
113 |
} |
114 |
|
115 |
function fix_checkbox($what) { |
116 |
if (isset($GLOBALS[$what])) { |
117 |
$GLOBALS[$what]="true"; |
118 |
} else { |
119 |
$GLOBALS[$what]="false"; |
120 |
} |
121 |
} |
122 |
|
123 |
fix_checkbox("analitical"); |
124 |
fix_checkbox("solution"); |
125 |
|
126 |
$sadrzaj=trim($sadrzaj); |
127 |
$dbh->dbh_do(fixsql("insert into poruke (thread_id,reply_id,osoba_id,sadrzaj,level,pos,analitical,solution) values ($thread_id,$p,$osoba_id,'$sadrzaj',$level,'$pos',$analitical,$solution)")); |
128 |
|
129 |
$sth=$dbh->prepare("select currval('poruke_id_seq') as id"); |
130 |
$sth->execute(); |
131 |
|
132 |
if ($row=$sth->fetchrow_hash()) { |
133 |
$p=$row[id]; // poruka_id for later |
134 |
} |
135 |
$what="show"; |
136 |
|
137 |
} elseif (isset($insert_newtopic)) { |
138 |
|
139 |
//---- insert new topic into database |
140 |
|
141 |
if (isset($osoba_id)) { |
142 |
$dbh->dbh_do(fixsql("insert into poruke (thread_id,osoba_id,sadrzaj) values (0,$osoba_id,'$sadrzaj')")); |
143 |
$sth=$dbh->prepare("select currval('poruke_id_seq') as id"); |
144 |
$sth->execute(); |
145 |
if ($row=$sth->fetchrow_hash()) { |
146 |
$t=$row[id]; // topic for later |
147 |
$title=trim($title); |
148 |
$dbh->dbh_do(fixsql("insert into topics (id,title) values ($t,'$title')")); |
149 |
} |
150 |
} |
151 |
} |
152 |
|
153 |
//----- end of inserts/updates... |
154 |
|
155 |
if (($what=="reply" || $what=="show") && isset($t)) { |
156 |
$sql_where=" and topics.id=$t"; |
157 |
} |
158 |
|
159 |
if ($solution_room == 1) { |
160 |
// don't limit just to topics starts |
161 |
$sql_where.=" and poruke.thread_id=topics.id and poruke.thread_id!=0"; |
162 |
} else { |
163 |
// limit just to topics start |
164 |
$sql_where.=" and poruke.id=topics.id and poruke.thread_id=0"; |
165 |
} |
166 |
|
167 |
$sth = $dbh->prepare("select topics.id as topic_id,title,sadrzaj,full_name,poruke.datum as datum |
168 |
from topics,poruke,osobe |
169 |
where poruke.osoba_id=osobe.id $sql_where $sql_poruke_where |
170 |
order by datum asc |
171 |
"); |
172 |
|
173 |
$sth->execute(); |
174 |
$topics=""; |
175 |
while ($row=$sth->fetchrow_hash()) { |
176 |
$tpl->assign( array( |
177 |
TITLE => $row[title], |
178 |
AUTHOR => $row[full_name], |
179 |
DATE => $row[datum], |
180 |
SADRZAJ => $row[sadrzaj], |
181 |
COMMENTS => "<a href=\"$PHP_SELF?what=show&t=$row[topic_id]\">comments>></a>", |
182 |
PHP_SELF => $PHP_SELF |
183 |
)); |
184 |
|
185 |
if (isset($t) && $t==$row[topic_id]) { |
186 |
$tpl->parse(ROWS,".theader"); |
187 |
$sth2 = $dbh->prepare(" |
188 |
select poruke.id as id,sadrzaj as topic,level,thread_id,reply_id,full_name,poruke.datum as datum,poruke.analitical as poruka_analitical |
189 |
from poruke,osobe |
190 |
where (thread_id=$t or poruke.id=$t) and poruke.osoba_id=osobe.id $sql_poruke_where |
191 |
order by pos |
192 |
"); |
193 |
$sth2->execute(); |
194 |
|
195 |
while ($row2=$sth2->fetchrow_hash()) { |
196 |
$l_ul=$r_ul=""; |
197 |
for ($i=0; $i<$row2[level]; $i++) { |
198 |
$l_ul.="<ul>"; |
199 |
$r_ul.="</ul>"; |
200 |
} |
201 |
// don't indent in solution room |
202 |
if ($solution_room == 1) { $l_ul=$r_ul=""; } |
203 |
$tpl->assign( array( |
204 |
L_INDENT => $l_ul, |
205 |
R_INDENT => $r_ul |
206 |
)); |
207 |
$topic=trim(strip_tags($row2[topic])); |
208 |
if (isset($p) && $p == $row2[id] && $what=="reply") { |
209 |
$topic="<font color=red>$topic...</font>"; |
210 |
$tpl->assign( array( P => $p, T => $t )); |
211 |
if ($analitical_room == 1) { |
212 |
$tpl->parse(CHECKBOXES, ".checkboxes"); |
213 |
} |
214 |
$tpl->parse(REPLY, ".reply"); |
215 |
} elseif (isset($p) && $p == $row2[id]) { |
216 |
$topic="<font color=red>$topic...</font>"; |
217 |
$tpl->assign( array( P => $p, T => $t )); |
218 |
} else { |
219 |
if (!isset($p)) { $p=$t; } |
220 |
$tmp_t=$row2[thread_id]; |
221 |
if ($tmp_t == 0) { $tmp_t=$row2[id]; } |
222 |
$tpl->assign( array( |
223 |
REPLY => "<a href=\"$PHP_SELF?what=reply&p=$row2[id]&t=$tmp_t\">reply</a>" |
224 |
)); |
225 |
} |
226 |
$this.="<br>"; |
227 |
|
228 |
if ($row2[poruka_analitical] == "t") { |
229 |
$topic="<i>$topic</i>"; |
230 |
} |
231 |
|
232 |
$tpl->assign( array( |
233 |
AUTHOR => $row2[full_name], |
234 |
DATE => $row2[datum], |
235 |
SADRZAJ => $topic |
236 |
)); |
237 |
$tpl->parse(ROWS,".trow"); |
238 |
} |
239 |
} else { |
240 |
// non-unroll topics (list) |
241 |
$tpl->assign( array( |
242 |
SADRZAJ => $row[sadrzaj], |
243 |
COMMENTS => "<a href=\"$PHP_SELF?what=show&t=$row[topic_id]\">comments>></a>" |
244 |
)); |
245 |
$tpl->parse(ROWS,".tlheader"); |
246 |
$tpl->parse(ROWS,".tlrow"); |
247 |
} |
248 |
|
249 |
} |
250 |
$tpl->parse(TOPIC_LIST, "ttable"); |
251 |
|
252 |
$tpl->assign( array( |
253 |
PHP_SELF => $PHP_SELF, |
254 |
TITLE => "List of topics" |
255 |
) ); |
256 |
|
257 |
if ($what != "new") { |
258 |
$tpl->parse(START_NEW_TOPIC, "startnew"); |
259 |
} |
260 |
$tpl->parse(MAIN, "listall"); |
261 |
if ($what == "new") { |
262 |
$tpl->parse(MAIN, ".newtopic"); |
263 |
$tpl->assign(array( TITLE => "Start of new topic" )); |
264 |
} elseif ($what == "show") { |
265 |
$tpl->assign(array( |
266 |
TITLE => "Select article for reply", |
267 |
P => $p |
268 |
)); |
269 |
} elseif ($what == "reply") { |
270 |
$tpl->assign(array( |
271 |
TITLE => "Reply to selected article", |
272 |
P => $p |
273 |
)); |
274 |
} |
275 |
$tpl->parse(MAIN, "main"); |
276 |
|
277 |
$tpl->FastPrint(); |
278 |
|
279 |
#include("debug.inc"); |
280 |
|
281 |
?> |