ACC SHELL
<?php
function init_db()
{
$server_url = "localhost";
$user = "amkbrno";
$pass = "AmKb9134";
$db_name = "amkbrno";
$connection = mysql_connect($server_url, $user, $pass) or die("Nepodarilo se pripojit k databazi");
mysql_select_db($db_name) or die("Nepodarilo se vybrat databazi");
}
function close_db()
{
mysql_close();
}
// Quotes a variable for use in a sql statement
//
function quote_smart($value)
{
// strip quotes if they've already been added because of server configuration
if(get_magic_quotes_gpc())
$value = stripslashes($value);
// escape the string
if(!is_numeric($value) && is_string($value))
$value = "'" . mysql_real_escape_string($value) . "'";
else
if(!is_numeric($value))
die("Spatny argument");
return $value;
}
// Generates a alphanumeric salt string of the given length
//
function generate_salt()
{
return md5(uniqid(rand(), true));
}
function is_session_valid()
{
if(isset($_SESSION["logged_in"]) && $_SESSION["logged_in"] == true)
return true;
admin_msgbox("Nejste přihlášeni...");
die("");
return false;
}
function generate_header()
{
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="cz" lang="cz">
<head>
<title>AMK Brno</title>
<link rel="stylesheet" type="text/css" href="style.css" media="screen"/>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<meta http-equiv="cache-control" content="no-cache"/>
<meta name="description" content="AMK Brno"/>
<script type="text/javascript">
<!--
startList = function()
{
if(document.all && document.getElementById)
{
navRoot = document.getElementById("nav");
//counter = 0;
for(i = 0;i < navRoot.childNodes.length;i++)
{
node = navRoot.childNodes[i];
//counter++;
if (node.nodeName=="LI")
{
node.onmouseover=function()
{
this.className += " over";
}
node.onmouseout=function()
{
this.className=this.className.replace(" over", "");
}
}
}
}
}
window.onload=startList;
// -->
</script>
</head>
<body>
<div class="super_main">
<div class="main">
<div class="left_column">
<div class="logo"> </div>
<a class="button" href="index.php?id=0">aktuality</a>
<div class="spacer_4px"> </div>
<a class="button" href="index.php?id=1">kontakty</a>
<div class="spacer_4px"> </div>
<a class="button" href="index.php?id=2">kalendáře</a>
<div class="spacer_4px"> </div>
<a class="button" href="index.php?id=3">fotogalerie</a>
<div class="spacer_4px"> </div>
<a class="button" href="index.php?id=4">reklamní partneři</a>
<div class="spacer_4px"> </div>
<a class="button" href="index.php?id=22">ceník</a>
<div class="spacer_4px"> </div>
<a class="button" href="index.php?id=6">odkazy</a>
<div class="spacer_4px"> </div>
<a class="button" href="index.php?id=7">dráha</a>
<div class="spacer_4px"> </div>
<div class="spacer_4px"> </div>
<div class="spacer_4px"> </div>
<a href="index.php?id=30" class="clothes_button">
</a>
<div class="spacer_4px"> </div>
<div class="spacer_4px"> </div>
<div class="spacer_4px"> </div>
<div class="calendar" >
<h1 style="font-size: 0.9em; text-align: center; color: white">Sezona 2010</h1>
<table style=";border-collapse: collapse; margin-top: 0.5em; margin-bottom: 1.0em; width: 168px">
<tr><td class="calendar_left">18.4.</td><td class="calendar_right">Minibike Race</td></tr>
<tr><td class="calendar_left">27.6.</td><td class="calendar_right">Minibike Race</td></tr>
<tr><td class="calendar_left" style="width: 78px">7.–11.9.</td><td class="calendar_right" style=" width: 90px; font-size: 80%">„100“ hodinovka motokár</td></tr>
<tr><td class="calendar_left">18.–19.9.</td><td class="calendar_right">Minibike Race</td></tr>
</table>
</div>
<!--13. - 15.června 2008 • FIA WTCC (MS cestovních automobilů)
26. - 29.června 2008 • Memoriál Františka Šťastného (ALPE ADRIA)
18. - 20.července 2008 • MS Superbiků
25. - 27.července 2008 • MEJ MINIBIKE 40
15. - 17.srpna 2008 • Cardion ab Grand Prix České republiky
28. - 31.srpna 2008 • Memoriál Jaroslava Huleše (ALPE ADRIA)
12. - 14.září 2008 • FIA GT Championship
19.-21. září 2008 • Podzimní cena Brna
24.-25.října 2008 • Epilog-->
</div>
<div class="right_column">
<div class="banner"> </div>
<div class="top_menu">
<ul id="nav">
<li>
<a href="#">členská základna</a>
<ul>
<li><a class="submenu" href="index.php?id=8">aktuality</a></li>
<li><a class="submenu" href="index.php?id=28">zájezd do Assenu</a></li>
<li><a class="submenu" href="index.php?id=9">rada AMK</a></li>
<li><a class="submenu" href="index.php?id=10">plán jednání</a></li>
<li><a class="submenu" href="index.php?id=11">přátelská setkání</a></li>
<li><a class="submenu" href="index.php?id=29">dokumenty</a></li>
</ul>
</li>
<li>
<a href="#">sport</a>
<ul>
<li><a class="submenu" href="index.php?id=12">aktuality</a></li>
<li><a class="submenu" href="index.php?id=13">kalendář</a></li>
<li><a class="submenu" href="index.php?id=14">profily jezdců</a></li>
<li><a class="submenu" href="index.php?id=15">výsledky</a></li>
<li><a class="submenu" href="index.php?id=16">soustředění</a></li>
<li><a class="submenu" href="index.php?id=17">dokumenty</a></li>
<li><a class="submenu" href="index.php?id=18">fotogalerie</a></li>
</ul>
</li>
<li>
<a href="#">komerce</a>
<ul>
<li><a class="submenu" href="index.php?id=19">aktuality</a></li>
<li><a class="submenu" href="index.php?id=20">nabídka</a></li>
<li><a class="submenu" href="index.php?id=26"><span style="font-size: 0.9em">doplňkové aktivity</span></a></li>
<li><a class="submenu" href="index.php?id=21">kalendář</a></li>
<!--<li><a class="submenu" href="index.php?id=22">ceník</a></li>-->
</ul>
</li>
<li>
<a href="#">veřejnost</a>
<ul>
<li><a class="submenu" href="index.php?id=23">aktuality</a></li>
<li><a class="submenu" href="index.php?id=24">kalendář</a></li>
<!--<li><a class="submenu" href="index.php?id=25">speciální akce</a></li> -->
</ul>
</li>
</ul>
<!--<div style="width: 1px;height: 0px; visibility: hidden;clear: right; background-color: red;"> </div>-->
</div>
<?php
}
function generate_footer()
{
?>
<div style="clear:both"> </div>
</div>
</div>
<div class="copyright">© AMK Brno, design & implementace Jan Beneš, <a href="http://validator.w3.org/check?uri=referer" class="copyright_link">XHTML</a> & <a href="http://jigsaw.w3.org/css-validator/check/referer" class="copyright_link">CSS</a></div>
</div>
</body>
</html>
<?php
}
function logout()
{
if(isset($_SESSION["logged_in"]))
unset($_SESSION["logged_in"]);
}
function print_category_combo($selected_id)
{
$query = "SELECT category_id, name FROM category WHERE 1";
$result = mysql_query($query);
while($row = mysql_fetch_row($result))
{
if($selected_id == $row[0])
printf("<option name=\"category\" value=\"" . $row[0] . "\" selected>" . $row[1] . "</option>\n");
else
printf("<option name=\"category\" value=\"" . $row[0] . "\">" . $row[1] . "</option>\n");
}
}
function print_user($user_id)
{
$query = "SELECT name FROM user WHERE user_id = " . $user_id;
$result = mysql_query($query);
if(mysql_num_rows($result) != 1)
die("Interni chyba, neznamy uzivatel");
$row = mysql_fetch_row($result);
echo $row[0];
}
function print_perex_image_radio()
{
$query = "SELECT perex_image_id, filename, URL FROM perex_image WHERE 1";
$result = mysql_query($query);
while($row = mysql_fetch_row($result))
{
printf("<input type=\"radio\" name=\"perex_image_id\" value=\"" . $row[0] . "\><img src=\"" . $row[2] . "\"/></input>\n");
}
}
function print_news($news_id, $headline, $perex, $perex_image)
{
echo
"<div class=\"news_item\" style=\"background-image: url('" . $perex_image .
"')\"><h1>" . $headline . "</h1>" . $perex . " <a href=\"index.php?article=" . $news_id . "\">více >></a> </div>\n";
}
//function print_news_body($headline, $body, $image_main)
//{
// echo "<div class=\"content_text\"><h1>" . $headline . "</h1>" . $body . "</div>";
//}
function print_news_list($category_id, $from, $to)
{
$query =
"SELECT news_id, headline, perex, has_perex_image, category_id FROM news WHERE published = 1 " .
($category_id == -1 ? "" : ("AND category_id = " . quote_smart($category_id))) .
" ORDER BY added_on DESC LIMIT " . quote_smart($from) . ", " . quote_smart($to);
$result = mysql_query($query);
if(mysql_num_rows($result) == 0)
return;
while($row = mysql_fetch_row($result))
{
if($row[3]) // has_perex_image
print_news($row[0], $row[1], $row[2], "gfx/perex/" . $row[0] . ".jpg");
else
print_news($row[0], $row[1], $row[2], "gfx/perex/default/" . $row[4] . ".png");
}
}
function print_article($article_id, $image_file = NULL)
{
$query = "SELECT news_id, headline, body, has_perex_image, image_position FROM news WHERE news_id = " . quote_smart($article_id);
$result = mysql_query($query);
if(!$result || mysql_num_rows($result) != 1)
{
// TODO
}
else
{
$row = mysql_fetch_row($result);
$image = "";
if($row[3] == 1)
{
if($image_file == NULL)
$image_file = "gfx/thumb/" . $row[0] . ".jpg";
$image = "<img alt=\"obrázek\" class=\"content_img\" src=\"" . $image_file . "\"/>";
$image = "<a class=\"" . $row[4]. "_img\" href=\"gfx/img/" . $row[0] . ".jpg\">" . $image . "</a>";
}
$body = str_replace("\n\r", "</p><p>", $row[2]);
$body = $image . "<p>" . $body . "</p>";
$body = str_replace("<p></p>", "", $body);
if($image_file == NULL)
$image_file = $article_id + "";
echo "<div class=\"content_text\">";
echo "<h1>" . $row[1] . "</h1>";
echo $body;
echo "<div style=\"clear: both; visibility: hidden\"> </div>";
echo "</div>";
// echo "<div style=\"visibility:hidden; clear: both\"></div>";
}
}
function print_news_navigation($page, $id, $category_id)
{
$query =
"SELECT COUNT(*) FROM news WHERE published = 1 " . ($category_id == -1 ? "" : (" AND category_id = " . quote_smart($category_id)));
$result = mysql_query($query);
if(mysql_num_rows($result) != 1)
die("chyba" . $query . "kategorie" . $category_id);
$row = mysql_fetch_row($result);
$older_text = "starší";
$newer_text = "novější";
$older_link = "<a href=\"index.php?id=" . $id . "&page=" . ($page + 1) . "\">starší</a>";
$newer_link = "<a href=\"index.php?id=" . $id . "&page=" . ($page - 1) . "\">novější</a>";
if($page == 0)
$newer_link = $newer_text;
if($row[0] <= ($page + 1) * 6)
$older_link = $older_text;
?>
<div class="content_text" style="text-align: center; padding: 0.2em;">
<?php echo $newer_link . " | " . $older_link ?>
</div>
<?php
}
function publish_news($news_id)
{
$query = "UPDATE news SET published = 1 WHERE news_id = " . $news_id;
mysql_query($query);
}
function is_login_valid($email, $password)
{
$query = "SELECT salt FROM user WHERE email = " . quote_smart($email);
$result = mysql_query($query);
if(mysql_num_rows($result) != 1)
return false;
$row = mysql_fetch_row($result);
$salt = $row[0];
$query = "SELECT * FROM user WHERE password = SHA1(" . quote_smart($password . $salt) . ")";
$result = mysql_query($query);
$rows = mysql_num_rows($result);
return $rows == 1;
}
function get_user_id($email)
{
$query = "SELECT user_id FROM user WHERE email = " . quote_smart($email);
$result = mysql_query($query);
$row = mysql_fetch_row($result);
return $row[0];
}
function set_has_image($id, $value = 1)
{
$query = "UPDATE news SET has_perex_image = " . $value . " , image_position = " . ($value ? "'left'" : "'none'") . " WHERE news_id = " . quote_smart($id);
mysql_query($query);
}
function add_user($name, $email, $password)
{
$query = "SELECT * FROM user WHERE email = " . quote_smart($email) . " OR name = " . quote_smart($name);
$result = mysql_query($query);
$rows = mysql_num_rows($result);
if($rows != 0)
{
echo "uzivatel uz existuje";
return false;
}
$salt = generate_salt();
$query =
"INSERT INTO user (name, password, salt, email) VALUES (" .
quote_smart($name) . ", " .
"SHA1(" . quote_smart($password . $salt) . "), " .
quote_smart($salt) . ", " .
quote_smart($email) . ")";
mysql_query($query) or die("Nepodarilo se vlozit uzivatele");
return true;
}
function add_category($name)
{
$query = "INSERT INTO category (name) VALUES (" . quote_smart($name) . ")";
mysql_query($query) or die("Nepodarilo se pridat kategorii");
}
function add_perex_image($filename, $URL)
{
$query = "INSERT INTO perex_image (filename, URL) VALUES (" . quote_smart($name) . ", " . quote_smart($URL) . ")";
mysql_query($query) or die("Nepodarilo se pridat obrazek");
}
function update_news($id, $headline, $published, $perex, $text, $category_id, $user_id, $has_perex_image, $image_position)
{
$query = "UPDATE news SET " .
" headline = " . quote_smart($headline) .
", published=" . ($published ? "'1'" : "'0'") .
", perex=" . quote_smart($perex) .
", body=" . quote_smart($text) .
", category_id=" . quote_smart($category_id) .
", user_id=" . quote_smart($user_id) .
", has_perex_image=" . ($has_perex_image ? "'1'" : "'0'") .
", image_position='" . $image_position . "' WHERE news_id = " . quote_smart($id);
if(!mysql_query($query))
{
echo $query;
echo "image position: " . $image_position;
admin_msgbox("Nepodařilo se upravit novinku");
die();
}
}
function add_news($headline, $published, $perex, $text, $category_id, $user_id, $has_perex_image, $image_position)
{
$query =
"INSERT INTO news (headline, published, perex, body, category_id, user_id, added_on, has_perex_image, image_position) VALUES (" .
quote_smart($headline) . ", " .
($published ? "'1'" : "'0'") . ", " .
quote_smart($perex) . ", " .
quote_smart($text) . ", " .
quote_smart($category_id) . ", " .
quote_smart($user_id) . ", " .
quote_smart(date("Y-m-d H-i-s")) . ", " .
($has_perex_image ? "'1'" : "'0'") . ", " .
"'" . $image_position . "')";
//echo $query;
//die("");
mysql_query($query) or die("Nepodarilo se pridat novinku (" .$query . ")");
return mysql_insert_id();
}
?>
ACC SHELL 2018