|
|||||||||||
|
|
|
|||||||||
| |
|||||||||||
![\"Name](\"".$base_url."/images/icon_favorite_small.gif\"){kind=icon}
";
}
else{
$favorite = "";
}
//
}
}
else{
$babycategory = "Unknown";
$babyname = "Invalid Article Title";
}
$includefile = "templates/displayname.html";
$pagetitle = "$babyname";
$pagedescription = "$babyname";
}
}
elseif ($action == "logout"){
if ($_SESSION['loggedin']!=1){
header("Location: $base_url");
exit;
}
session_unset();
// unset our sessions
session_destroy();
// now destory them and remove them from the users browser
$includefile = "main.php";
}
elseif ($action == "addtofavs"){
if ($_SESSION['loggedin']!=1){
header("Location: $base_url");
exit;
}
$userfavorites = $_SESSION['loggedinuserfavorties'];
$babynamefavorite = "*".$nid."*";
if (strpos($userfavorites,$babynamefavorite)=== false){
$userfavorites = $userfavorites.$babynamefavorite;
$add_Favorite = mysql_query("UPDATE users
set favorites = '$userfavorites'
where id = '$loggedinuserid'");
$_SESSION['loggedinuserfavorties'] = $userfavorites;
}
// Now bring them back to the page they were already at
header("Location: ".$base_url."article/".$nid."/Added-To-Favorites");
exit;
// Bye!
}
elseif($action == "deletefav"){
if ($_SESSION['loggedin']!=1){
header("Location: $base_url");
exit;
}
$deletefav = "*".$nid."*";
echo ">".$userfavorites."< ";
$userfavorites = $_SESSION['loggedinuserfavorties'];
echo ">".$userfavorites."< ";
$userfavorites = str_replace($deletefav,"",$userfavorites);
echo ">".$userfavorites."< ";
$_SESSION['loggedinuserfavorties'] = $userfavorites;
$delete_favorite = mysql_query("UPDATE users
set favorites = '$userfavorites'
where id = '$loggedinuserid'");
$user = clean_text($_SESSION['loggedinuser']);
// Now bring them back to the page they were already at
//header("Location: ".$base_url."favorite-articles/".$loggedinuserid."/".$user."");
exit;
// Bye!
}
elseif ($action == "rate"){
$rating = addslashes($_GET['r']);
$update_rating = mysql_query("UPDATE names
set votes=votes+1,
points=points+$rating
where id=$nid");
$bn = clean_text($bn);
header("Location: ".$base_url."article/".$nid."/".$bn."");
exit;
}
elseif ($action == "addcomment"){
if ($allow_comments == 1){
$nameid = addslashes($_POST['id']);
$namecomment = strip_tags(addslashes($_POST['comment']));
$name = $_POST['cname'];
$name = clean_text($name);
if ($loggedinstatus == 1)
$commentuser = $loggedinuserid;
else
$commentuser = "0";
$commentdate = time();
if (!empty($namecomment))
$insert_comment = mysql_query("INSERT into comments
set comment = '$namecomment',
name = '$nameid',
user = '$commentuser',
date = '$commentdate',
ip = '$ipaddress'");
header("Location: ".$base_url."article/".$nameid."/".$name."");
exit;
}
header("Location: $base_url");
exit;
}
elseif($action == "generate"){
$lastname = $_POST['lastname'];
$includefile = "templates/generate.html";
$pagetitle = "Read Random Article";
$pagedescription = "Use our online random article generator";
}
elseif($action == "login"){
if ($_SESSION['loggedin']==1){
header("Location: $base_url");
exit;
}
$postusername = addslashes($_POST['username']);
$postpassword = addslashes($_POST['password']);
$postpassword = md5($postpassword);
if (!empty($postusername) && !empty($postpassword)){
$sql = "SELECT * FROM users WHERE username = '$postusername' AND password = '$postpassword' AND status = '1'";
$result = mysql_query($sql) or die(mysql_error());
$num = mysql_num_rows($result);
if ($num != 0) {
$_SESSION['loggedin'] = 1;
$_SESSION['loggedinuser'] = $postusername;
while($row = mysql_fetch_array($result))
{
$userid = $row['id'];
$favorites = $row['favorites'];
}
$_SESSION['loggedinuserid'] = $userid;
$_SESSION['loggedinuserfavorties'] = $favorites;
header("Location: $base_url");
exit;
}
else {
$_SESSION['status'] = "Invalid Username or Password";
header('Location: '.$base_url.'index.php?action=login');
exit(); }
}
else{
$includefile = "templates/login.html";
$pagetitle = "Login to your account";
$pagedescription = "Login to your account.";
}
}
elseif ($action == "browse"){
// Get the catergory name to put in the title of the page
if (!empty($o)){
$catname = get_category($o);
$pagetitle = "$catname";
}
elseif (!empty($abc))
$pagetitle = " $abc";
else
$pagetitle = "Cool Cash Online";
$includefile = "main.php";
$pagedescription = "Find Cool ways to make cash online";
}
elseif($action == "submit"){
$sn = addslashes($_POST['sn']);
$sm = addslashes($_POST['sm']);
$sg = addslashes($_POST['sg']);
$so = addslashes($_POST['so']);
// Check for duplicate
}
elseif($action == "page"){
// Get the custom page!
$pid = addslashes($_GET['pid']);
$sql_page_query = "SELECT * from pages WHERE id = $pid && status = 1 LIMIT 1";
//store the SQL query in the result variable
$page_result = @mysql_query($sql_page_query);
if(mysql_num_rows($page_result))
{
//output as long as there are still available fields
while($row = mysql_fetch_array($page_result))
{
$custompage = $row['content'];
//$custompage = nl2br($custompage);
$custompagetitle = $row['title'];
$pagetitle = $custompagetitle;
$pagedescription = strip_tags($custompage);
}
}
else{
header("Location: $base_url");
exit;
}
}
elseif ($action == "commentform"){
$includefile = "templates/commentform.html";
$pagetitle = "Contact Us";
$pagedescription = "Submit a Comment";
}
elseif ($action == "sendcomment"){
$cname = mysql_real_escape_string($_POST['cn']);
$cemail = mysql_real_escape_string($_POST['ce']);
$csubj = mysql_real_escape_string($_POST['cs']);
$csubj2 = "Comment Form Regarding $csubj";
$ctext = mysql_real_escape_string($_POST['cc']);
if (empty($cname) || empty($cemail) || empty($csubj) || empty($ctext)){
$_SESSION['cname'] = $cname;
$_SESSION['cemail'] = $cemail;
$_SESSION['csubj'] = $csubj;
$_SESSION['ctext'] = $ctext;
$_SESSION['commentstatus'] = "Please fill out all the boxes before submitting.";
header("Location: ".$base_url."index.php?action=commentform");
exit;
}
$to = "$contactemail";
$subject = "$csubj2";
$headers ="Return-Path: $contactemail\r\n";
$headers .= "From: $cname <$cemail>\n";
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html\r\n";
mail($to, $subject, $ctext, $headers);
$_SESSION['cname'] = "";
$_SESSION['cemail'] = "";
$_SESSION['csubj'] = "";
$_SESSION['ctext'] = "";
$includefile = "templates/thankyou.html";
$pagetitle = "Comment Sent";
$pagedescription = "Your Comment Has Been Sent";
}
elseif ($action == "submitname"){
if (isset($_POST['name']) || isset($_POST['gender']) || isset($_POST['category']) || isset($_POST['meaning'])){
$newname = mysql_real_escape_string($_POST['name']);
$newgender = mysql_real_escape_string($_POST['gender']);
$newcategory = mysql_real_escape_string($_POST['category']);
$newmeaning = mysql_real_escape_string($_POST['meaning']);
$newcomments = mysql_real_escape_string($_POST['comments']);
if ($newcategory == "#")
$newcategory = "";
if (empty($newname) || empty($newgender) || empty($newcategory)){
$_SESSION['newname'] = $newname;
$_SESSION['newmeaning'] = $newmeaning;
$_SESSION['newcomments'] = $newcomments;
$_SESSION['newgender'] = $newgender;
$_SESSION['newcategory'] = $newcategory;
$_SESSION['submitstatus'] = "Please fill out all the boxes before submitting.";
header("Location: ".$base_url."index.php?action=submitname");
exit;
}
$now = time();
$insert_name = mysql_query("INSERT into names
set name = '$newname',
gender = '$newgender',
category = '$newcategory',
comments = '$newcomments',
date = '$now',
description = '$newmeaning',
status = '3'");
$_SESSION['newname'] = "";
$_SESSION['newmeaning'] = "";
$_SESSION['newcomments'] = "";
$_SESSION['newgender'] = "";
$_SESSION['newcategory'] = "";
$_SESSION['submitstatus'] = "Submission received! Thank you!";
}
$includefile = "templates/submitform.html";
$pagetitle = "Submit An Article";
$pagedescription = "Submit an Article";
}
elseif ($action == "search"){
$includefile = "templates/search.html";
$pagetitle = "Search";
$pagedescription = "Search";
}
else{
$includefile = "templates/mainpage.html";
$pagetitle = "Cool Cash Online";
$pagedescription = "Find Cool ways to make cash online";
}
if (empty($pagedescription))
$pagedescription = "";
?>
|
|||||||||||||||||||
