session_name('w7400cms'); session_start(); // Sys-INIT $JumpToEdit = ''; $w74page = ''; $onload_message = ''; $loadparent = ''; $grandparent = ''; $linkspur[1] = ''; $linkspur[2] = ''; $linkspur[3] = ''; $pagespur[1] = ''; $pagespur[2] = ''; $pagespur[3] = ''; if( ! isset( $_SESSION['online'] ) ) { $_SESSION['online'] = false; } // MySQL öffnen if( file_exists( '7400_config/config.inc.php' ) ) { include( '7400_config/config.inc.php' ); if( ! $w74handle ) { include( '7400_styles/nosql.php' ); die(); } } else { include( '7400_styles/nosql.php' ); die(); } // Login-Installation $log = mysql_query( "SELECT params FROM ".W74PREFIX."install WHERE addon='Std-Login' LIMIT 1" ); if( mysql_num_rows( $log ) == 1 ) { $lin = mysql_fetch_assoc( $log ); $pars = explode( '|', $lin['params'] ); $par1 = explode( ':', $pars[0] ); $par2 = explode( ':', $pars[1] ); mysql_query( "UPDATE ".W74PREFIX."navibox SET aktiv='".$par1[1]."' WHERE name='Login' LIMIT 1" ); mysql_query( "UPDATE ".W74PREFIX."navibox SET aktiv='".$par1[1]."' WHERE name='Logout' LIMIT 1" ); mysql_query( "UPDATE ".W74PREFIX."content SET freigabe='".$par2[1]."' WHERE page='Std-Login' LIMIT 1 " ); } // Style Name holen $w74stname = mysql_fetch_assoc( mysql_query( "SELECT inhalt FROM ".W74PREFIX."config WHERE schluessel='STYLE_Aktiv' LIMIT 1" ) ); $stname = trim( $w74stname['inhalt'] ); // Style Parameter $w74aktstyle = mysql_fetch_assoc( mysql_query( "SELECT * FROM ".W74PREFIX."stylemain WHERE stylename='".$stname."' LIMIT 1" ) ); $style_path = $w74aktstyle['pfad']; $style_banner = $w74aktstyle['banner']; $style_navigate = $w74aktstyle['navigate']; $style_abstl = $w74aktstyle['abstl']; $style_absto = $w74aktstyle['absto']; $style_tabelle = $w74aktstyle['tabelle']; $style_frei = $w74aktstyle['frei']; $_SESSION['style_path'] = $style_path; switch( $w74aktstyle['lage'] ) { case 'links' : $style_lage = 'left'; break; case 'mitte' : $style_lage = 'center'; break; case 'rechts' : $style_lage = 'right'; break; } // Sonstige globale Parameter $w74active = mysql_fetch_assoc( mysql_query( "SELECT inhalt FROM ".W74PREFIX."config WHERE schluessel='MENUE_Indicate' LIMIT 1" ) ); $menue_indicate = StrToBool( $w74active['inhalt'] ); $w74proname = mysql_fetch_assoc( mysql_query( "SELECT inhalt FROM ".W74PREFIX."config WHERE schluessel='PROJEKT_Name' LIMIT 1" ) ); $projekt_name = $w74proname['inhalt']; $w74lauf = mysql_fetch_assoc( mysql_query( "SELECT inhalt FROM ".W74PREFIX."config WHERE schluessel='HP_Laufschrift' LIMIT 1" ) ); $hp_laufschrift = $w74lauf['inhalt']; // Externe User-DB... $w74extdb = mysql_fetch_assoc( mysql_query( "SELECT inhalt FROM ".W74PREFIX."config WHERE schluessel='EXTERN_UserDB' LIMIT 1" ) ); $w74extusr = explode( ',', $w74extdb['inhalt'] ); $fields = $w74extusr[1].','.$w74extusr[2].','.$w74extusr[3]; $extdb = $w74extusr[0]; $extlog = $w74extusr[1]; $extpwd = $w74extusr[2]; $extid = $w74extusr[3]; // NextLink-Parameter lesen if( $_GET['page'] != '' ) { $w74page = $_GET['page']; } if( $_POST['page'] != '' ) { $w74page = $_POST['page']; } // Login-Status prüfen if( $_POST['login'] == '1' ) { // Erst interne DB prüfen $vuser = mysql_fetch_assoc( mysql_query( "SELECT * FROM ".W74PREFIX."userdata WHERE BINARY login='".$_POST['username']."' LIMIT 1" ) ); if( $vuser['password'] == md5( $_POST['password'] ) ) { $_SESSION['login'] = $vuser['login']; $_SESSION['password'] = $vuser['password']; $_SESSION['user_id'] = $vuser['id']; $_SESSION['level'] = $vuser['level']; $_SESSION['online'] = true; $_SESSION['errcnt'] = 0; SetLogin( 0, '', '' ); mysql_query( "UPDATE ".W74PREFIX."userdata SET session='".session_id()."' WHERE id='".$vuser['id']."' LIMIT 1" ); } else { // Eventuell externe DB? if( trim( $extdb ) == '' ) { $onload_message = "Username oder Passwort unbekannt."; SetLogin( 1, $_POST['username'], $_POST['password'] ); } else { // Ja, externe DB vorhanden $vuser = mysql_fetch_assoc( mysql_query( "SELECT ".$fields." FROM ".$extdb." WHERE BINARY ".$extlog."='".$_POST['username']."' LIMIT 1" ) ); if( $vuser[$extpwd] == md5( $_POST['password'] ) ) { $_SESSION['login'] = $vuser[$extlog]; $_SESSION['password'] = $vuser[$extpwd]; $_SESSION['user_id'] = $vuser[$extid]; $_SESSION['level'] = 0; $_SESSION['online'] = true; $_SESSION['errcnt'] = 0; SetLogin( 0, '', '' ); } else { $onload_message = "Username oder Passwort unbekannt."; SetLogin( 1, $_POST['username'], $_POST['password'] ); } } } } // Logout-Anforderung prüfen if( $_POST['logout'] == '1' ) { $_SESSION['login'] = ''; $_SESSION['password'] = ''; $_SESSION['user_id'] = ''; $_SESSION['level'] = ''; $_SESSION['online'] = false; } // Angeforderte Seite erlaubt? if( ! trim( $w74page ) == '' ) { // Freigabe = JA ??? $erlaubt = mysql_fetch_assoc( mysql_query( "SELECT freigabe, status FROM ".W74PREFIX."content WHERE page='".$w74page."' LIMIT 1" ) ); if( ! StrToBool( $erlaubt['freigabe'] ) ) { $w74page = ''; $onload_message = "Seite nicht gefunden."; } else { if( ! CheckStatus( $erlaubt['status'], false, $w74page ) ) { $w74page = ''; $onload_message = "Seite nicht gefunden!"; } else { if( $_SESSION['login'] != '' ) { $ts = mysql_fetch_assoc( mysql_query( "SELECT session FROM ".W74PREFIX."userdata WHERE login='".$_SESSION['login']."' LIMIT 1" ) ); if( $ts['session'] != session_id() ) { $w74page = ''; $onload_message = "Seite nicht gefunden!!"; } } } } } // Unbekannt oder nicht erlaubt? Dann "default-Seite" zeigen if( $w74page == '' ) { $w74tmp = mysql_fetch_assoc( mysql_query( "SELECT inhalt FROM ".W74PREFIX."config WHERE schluessel='CONTENT_Default' LIMIT 1 " ) ); $w74page = $w74tmp['inhalt']; if( $w74tmp['inhalt'] == '' ) { // nicht definiert > 1. Seite vom Content $w74tmp = mysql_fetch_assoc( mysql_query( "SELECT page FROM ".W74PREFIX."content ORDER BY id LIMIT 1" ) ); $w74page = $w74tmp['page']; } } // Seiteninhalte lesen und aufbereiten $contentlines = array(); $pagecontent = array( 0, false ); // Erste Spalte und erste Zeile $submenu = array(); $res00 = mysql_fetch_assoc( mysql_query( "SELECT * FROM ".W74PREFIX."content WHERE page='".$w74page."' LIMIT 1" ) ); $master = $res00['first']; $reihe = $res00['sublast']; array_push( $submenu, $res00['submenu'] ); $head_title_text = $res00['titel']; $head_keywords = $res00['keywords']; $head_description = $res00['description']; $hide_navigation = StrToBool( $res00['hidenavi'] ); // Sprung zur Eingabemaske if( $_GET['JumpToEdit'] == 'JA' ) { $JumpToEdit = '#JumpToEdit'; } // Brotkrümel und Subemenüs $linkspur[1] = $res00['bezeich']; $pagespur[1] = $res00['page']; $loadparent = $res00['untervon']; if( $loadparent != '' ) { $pa = mysql_fetch_assoc( mysql_query( "SELECT bezeich, page FROM ".W74PREFIX."content WHERE page='".$loadparent."' LIMIT 1" ) ); $linkspur[2] = $pa['bezeich']; $pagespur[2] = $pa['page']; } $gp = mysql_fetch_assoc( mysql_query( "SELECT untervon FROM ".W74PREFIX."content WHERE page='".$loadparent."' LIMIT 1" ) ); $grandparent = $gp['untervon']; if( $grandparent != '' ) { $gpa = mysql_fetch_assoc( mysql_query( "SELECT bezeich, page FROM ".W74PREFIX."content WHERE page='".$grandparent."' LIMIT 1" ) ); $linkspur[3] = $gpa['bezeich']; $pagespur[3] = $gpa['page']; } // Content aufbereiten array_push( $pagecontent, MainBox( $res00 ) ); $pagecontent[0]++; if( trim( $res00['second'] ) != '' ) { $n = NebenBox( $res00['second'] ); if( $n['frei'] ) { array_push( $pagecontent, $n ); $pagecontent[0]++; } } if( trim( $res00['third'] ) != '' ) { $n = NebenBox( $res00['third'] ); if( $n['frei'] ) { array_push( $pagecontent, $n ); $pagecontent[0]++; } } if( PageConTitle( $pagecontent ) ) { $pagecontent[1] = true; } array_push( $contentlines, $pagecontent ); // SunContents lesen je nach Reihenfolge if( $res00['sublast'] == 'JA' ) { // Alle übrigen am Anfang $res00 = mysql_query( "SELECT * FROM ".W74PREFIX."subcon WHERE typ='Main' ORDER BY id" ); // 03 while( $val00 = mysql_fetch_assoc( $res00 ) ) { if( $val00['maincon'] == $w74page ) { if( $val00['freigabe'] == 'JA' ) { array_push( $contentlines, GetSubCon( $val00 ) ); if( $val00['submenu'] != '' ) { array_push( $submenu, $val00['submenu'] ); } } } } // MASTER zum Schluss if( $master != '' ) { $val00 = mysql_fetch_assoc( mysql_query( "SELECT * FROM ".W74PREFIX."subcon WHERE scid='".$master."' ORDER BY id LIMIT 1" ) ); // 01 if( $val00['freigabe'] == 'JA' ) { if( ! trim( $val00['scid'] ) == '' ) { array_push( $contentlines, GetSubCon( $val00 ) ); if( $val00['submenu'] != '' ) { array_push( $submenu, $val00['submenu'] ); } } } } } else { // Zuerst MASTER if( $master != '' ) { $val00 = mysql_fetch_assoc( mysql_query( "SELECT * FROM ".W74PREFIX."subcon WHERE scid='".$master."' ORDER BY id LIMIT 1" ) ); // 01 if( $val00['freigabe'] == 'JA' ) { if( ! trim( $val00['scid'] ) == '' ) { array_push( $contentlines, GetSubCon( $val00 ) ); if( $val00['submenu'] != '' ) { array_push( $submenu, $val00['submenu'] ); } } } } // Dann alle übrigen $res00 = mysql_query( "SELECT * FROM ".W74PREFIX."subcon WHERE typ='Main' ORDER BY id" ); // 03 while( $val00 = mysql_fetch_assoc( $res00 ) ) { if( $val00['maincon'] == $w74page ) { if( $val00['freigabe'] == 'JA' ) { array_push( $contentlines, GetSubCon( $val00 ) ); if( $val00['submenu'] != '' ) { array_push( $submenu, $val00['submenu'] ); } } } } } // Navigationen einlesen und aufbereiten sofern AKTIV $navigation = array(); $res01 = mysql_query( "SELECT * FROM ".W74PREFIX."navibox WHERE aktiv='JA' ORDER BY id" ); while( $val01 = mysql_fetch_assoc( $res01 ) ) { if( CheckStatus( $val01['status'], true, '' ) ) { if( $val01['abhaengig'] == 'JA' ) { foreach( $submenu as $sub ) { if( $sub == $val01['nid'] ) { array_push( $navigation, $val01 ); } } } else { switch( $val01['name'] ) { case 'Login' : if( ! $_SESSION['online'] ) { array_push( $navigation, $val01 ); } break; case 'Logout' : if( $_SESSION['online'] ) { array_push( $navigation, $val01 ); } break; default : array_push( $navigation, $val01 ); break; } } } } // Zugriffszähler aktualisieren $v = mysql_fetch_assoc( mysql_query( "SELECT klicks FROM ".W74PREFIX."content WHERE page='".$w74page."' LIMIT 1" ) ); $n = $v['klicks'] + 1; mysql_query( "UPDATE ".W74PREFIX."content SET klicks='".$n."' WHERE page='".$w74page."' LIMIT 1" ); // Seite laden und zeigen include( '7400_styles/page.inc.php' ); // ----------------------------------------------------------------------------------------------------------------------------------- function GetSubCon( $ident ) { $pc = array( 0, false ); array_push( $pc, SubBox( $ident ) ); $pc[0]++; if( trim( $ident['second'] ) != '' ) { $n = NebenBox( $ident['second'] ); if( $n['frei'] ) { array_push( $pc, $n ); $pc[0]++; } } if( trim( $ident['third'] ) != '' ) { $n = NebenBox( $ident['third'] ); if( $n['frei'] ) { array_push( $pc, $n ); $pc[0]++; } } if( PageConTitle( $pc ) ) { $pc[1] = true; } return $pc; } function StrToBool( $str ) { if( $str == 'JA' ) { return true; } else { return false; } } function PathBackground( $str ) { return '7400_images/sysimg/'.$str; } function MainBox( $res ) { return array( 'typ' => '0', 'visible' => StrToBool( $res['showtitle'] ), 'id' => $res['id'] ); } function SubBox( $res ) { return array( 'typ' => '1', 'visible' => StrToBool( $res['showtitle'] ), 'id' => $res['id'] ); } function NebenBox( $res ) { $r = mysql_fetch_assoc( mysql_query( "SELECT id, showtitle, freigabe FROM ".W74PREFIX."subcon WHERE scid='".$res."' LIMIT 1" ) ); return array( 'typ' => '1', 'visible' => StrToBool( $r['showtitle'] ), 'id' => $r['id'], 'frei' => StrToBool( $r['freigabe'] ) ); } function PageConTitle( $v ) { if( $v[2]['visible'] || $v[3]['visible'] || $v3[4]['visible'] ) { return true; } else { return false; } } function GetFromSQL( $ty, $id ) { if( $ty == 0 ) { return mysql_fetch_assoc( mysql_query( "SELECT * FROM ".W74PREFIX."content WHERE id='".$id."' LIMIT 1" ) ); } else { return mysql_fetch_assoc( mysql_query( "SELECT * FROM ".W74PREFIX."subcon WHERE id='".$id."' LIMIT 1" ) ); } } function ShowOneBox( $r ) { if( $r['herkunft'] == 'intern' ) { echo bbParse( html_entity_decode( $r['content'], ENT_QUOTES ) ); } else { include( $r['nachladen'] ); } } function CheckStatus( $r, $box, $pag ) { switch( $r ) { case '0' : return true; break; case '1' : if( $_SESSION['login'] == '' ) { return false; } else { return true; } break; case '2' : if( $box ) { if( $_SESSION['level'] > 0 ) { return true; } else { return false; } } else { if( $_SESSION['level'] > 131000 ) { return true; } else { if( $_SESSION['level'] > 0 ) { $rechte = mysql_query( "SELECT * FROM ".W74PREFIX."rights WHERE login='".$_SESSION['login']."' AND page='".$pag."' " ); if( mysql_num_rows( $rechte ) == 1 ) { return true; } else { return false; } } else { return false; } } } break; case '3' : if( $_SESSION['level'] > 131000 ) { return true; } else { return false; } break; } } function SetLogin( $i, $u, $p ) { $remote = getenv( 'REMOTE_ADDR' ); switch( $i ) { case 0 : mysql_query( "DELETE FROM ".W74PREFIX."admlogin WHERE ipadr='".$remote."' " ); break; case 1 : $tmp = mysql_query( "SELECT * FROM ".W74PREFIX."admlogin WHERE ipadr='".$remote."' " ); if( mysql_num_rows( $tmp ) == 0 ) { mysql_query( "INSERT INTO ".W74PREFIX."admlogin ( ipadr, user, cnt ) VALUES ( '".$remote."', '".$u."', '1' )" ); } else { $vmp = mysql_fetch_assoc( $tmp ); $vmp['cnt'] = $vmp['cnt'] + 1; mysql_query( "UPDATE ".W74PREFIX."admlogin SET cnt='".$vmp['cnt']."' WHERE ipadr='".$remote."' LIMIT 1" ); $_SESSION['errcnt'] = $vmp['cnt']; } break; } } function CheckCustom() { $tmp = mysql_query( "SELECT cnt FROM ".W74PREFIX."admlogin WHERE ipadr='".getenv('REMOTE_ADDR')."' " ); if( mysql_num_rows( $tmp ) == 0 ) { return true; } else { $vmp = mysql_fetch_assoc( $tmp ); if( $vmp['cnt'] < 3 ) { return true; } else { return false; } } } function bbParse( $ein ) { $aus = $ein; $aus = preg_replace('/\[b\](.*?)\[\/b\]/', '$1', $aus ); $aus = preg_replace('/\[i\](.*?)\[\/i\]/', '$1', $aus ); $aus = preg_replace('/\[u\](.*?)\[\/u\]/', '$1', $aus ); $aus = preg_replace('/\[em\](.*?)\[\/em\]/', '$1', $aus ); $aus = preg_replace('/\[strong\](.*?)\[\/strong\]/', '$1', $aus ); $aus = preg_replace('/\[h1\](.*?)\[\/h1\]/', '