viewvc.cgi/inncomm/index.php

<?

set_magic_quotes_runtime(0);

include("inc/class.FastTemplate.pinc");
include("inc/conn.inc");
include("inc/fixsql.inc");

$tpl = new FastTemplate("./html");

$tpl->define(
        array(
                main => "main.html",
                nologin => "nologin.html",
                listall => "list.html",
                newtopic => "new.html",
                startnew => "startnew.html",
                ttable => "topics-table.html",
                theader => "topics-header.html",
                tlheader => "topics-list-header.html",
                trow => "topics-row.html",
                tlrow => "topics-list-row.html",
                reply => "reply.html",
                checkboxes => "checkboxes.html"
        )
);

if (isset($PHP_AUTH_USER)) {
        $sth = $dbh->prepare("select id,login,passwd,full_name,analitical,solution from osobe where login like '$PHP_AUTH_USER'");
        $sth->execute();
        if ($row=$sth->fetchrow_hash()) {
                if ($row && $row[passwd] == $PHP_AUTH_PW) {
                        $md5user=md5($PHP_AUTH_USER.$PHP_AUTH_PW);
        $osoba_id=$row[id];
                        if ($row[analitical] == "t") {
                                $analitical_room=1;
                                $tpl->assign(array( ROOM => "You are member of analitical room" ));
                        } else {
                                $sql_poruke_where.="and poruke.analitical is false";
                        }
                        if ($row[solution] == "t") {
                                $solution_room=1;
                                $sql_poruke_where.="and poruke.solution is true";
                                $tpl->assign(array( ROOM => "You are in solution room" ));
                        }
                        $tpl->assign(array(
                                FULL_NAME => $row[full_name],
                                RELOGIN => "$PHP_SELF?relogin=$md5user"
                        ));
                }
        } else {        // try to verify user via pop3
                include("auth_pop3.php");
                $pop3 = new POP3();

                if($pop3->connect("intranet.pliva.hr")) {
                        if ($pop3->checklogin($PHP_AUTH_USER,$PHP_AUTH_PW)) {
                                $pop3->quit();
                                // o.k., user exists now insert it in db!
                                include("finger.inc");
                                $full_name=finger($PHP_AUTH_USER);
                                $dbh->dbh_do("insert into osobe (login,full_name,email,passwd) values ('$PHP_AUTH_USER','$full_name','$PHP_AUTH_USER@pliva.hr','$PHP_AUTH_PW')");
                                $sth = $dbh->prepare("select last_value as id from osobe_id_seq");
                                $sth->execute();
                                $row=$sth->fetchrow_hash();
                                $md5user=md5($PHP_AUTH_USER.$PHP_AUTH_PW);
                                $osoba_id=$row[id];
                                $tpl->assign(array(
                                        FULL_NAME => $full_name,
                                        RELOGIN => "$PHP_SELF?relogin=$md5user"
                                ));
                        }
                }
        }
}
if (md5($PHP_AUTH_USER.$PHP_AUTH_PW) != $md5user || isset($relogin) && $md5user == $relogin ) {
        header("WWW-authenticate: basic realm=\"Innovation Commitie\"") ;
        header("HTTP/1.0 401 Unauthorized") ;
        $tpl->parse(MAIN, "nologin");
        $tpl->parse(MAIN, "main");
        $tpl->FastPrint();
        exit ;
} else {
        $dbh->dbh_do("update osobe set last_login=now() where login='$PHP_AUTH_USER'");
}

//---- insert reply into database

        if (isset($insert_reply) && isset($p)) {
                $sth=$dbh->prepare("select sadrzaj,level,thread_id,pos from poruke where id=$p");
                $sth->execute();
                $row=$sth->fetchrow_hash();

                $thread_id=$row[thread_id];
                if ($thread_id == 0) $thread_id=$p; // reply to top level topic

                $level=$row[level] + 1;
                $pos=$row[pos];

                while(strlen($pos) < $level) $pos.="a";
                $sth=$dbh->prepare("select pos from poruke where pos like '$pos'");
                $sth->execute();
                if ($row=$sth->fetchrow_hash()) {
                        for($i=0; $i<$level; $i++) $mask.="_";
                        $sth=$dbh->prepare("select pos from poruke where thread_id=$thread_id and pos like '$mask' order by pos desc limit 1");
                        $sth->execute();
                        if ($row=$sth->fetchrow_hash()) {
                                $pos=$row[pos];
                                $pos_l=substr($pos,0,strlen($pos)-1);
                                $pos_r=substr($pos,strlen($pos)-1,1);
                                $pos_r++;
                                $pos=$pos_l.$pos_r;
                        }
                }

                function fix_checkbox($what) {
                        if (isset($GLOBALS[$what])) {
                                $GLOBALS[$what]="true";
                        } else {
                                $GLOBALS[$what]="false";
                        }
                }

                fix_checkbox("analitical");
                fix_checkbox("solution");

                $sadrzaj=trim($sadrzaj);
                $dbh->dbh_do(fixsql("insert into poruke (thread_id,reply_id,osoba_id,sadrzaj,level,pos,analitical,solution) values ($thread_id,$p,$osoba_id,'$sadrzaj',$level,'$pos',$analitical,$solution)"));

                $sth=$dbh->prepare("select currval('poruke_id_seq') as id");
                $sth->execute();

                if ($row=$sth->fetchrow_hash()) {
                        $p=$row[id];    // poruka_id for later
                }
                $what="show";

        } elseif (isset($insert_newtopic)) {

//---- insert new topic into database

                if (isset($osoba_id)) {
                        $dbh->dbh_do(fixsql("insert into poruke (thread_id,osoba_id,sadrzaj) values (0,$osoba_id,'$sadrzaj')"));
                        $sth=$dbh->prepare("select currval('poruke_id_seq') as id");
                        $sth->execute();
                        if ($row=$sth->fetchrow_hash()) {
                                $t=$row[id];    // topic for later
                                $title=trim($title);
                                $dbh->dbh_do(fixsql("insert into topics (id,title) values ($t,'$title')"));
                        }
                }
        }

//----- end of inserts/updates...

if (($what=="reply" || $what=="show") && isset($t)) {
        $sql_where=" and topics.id=$t";
}

if ($solution_room == 1) {
        // don't limit just to topics starts
        $sql_where.=" and poruke.thread_id=topics.id and poruke.thread_id!=0";
} else {
        // limit just to topics start
        $sql_where.=" and poruke.id=topics.id and poruke.thread_id=0";
}

$sth = $dbh->prepare("select topics.id as topic_id,title,sadrzaj,full_name,poruke.datum as datum
        from topics,poruke,osobe
        where poruke.osoba_id=osobe.id $sql_where $sql_poruke_where
        order by datum asc
        ");

$sth->execute();
$topics="";
while ($row=$sth->fetchrow_hash()) {
        $tpl->assign( array(
                TITLE => $row[title],
                AUTHOR => $row[full_name],
                DATE => $row[datum],
                SADRZAJ => $row[sadrzaj],
                COMMENTS => "<a href=\"$PHP_SELF?what=show&t=$row[topic_id]\">comments&gt;&gt;</a>",
                PHP_SELF => $PHP_SELF
        ));

        if (isset($t) && $t==$row[topic_id]) {
                $tpl->parse(ROWS,".theader");
                $sth2 = $dbh->prepare("
                        select poruke.id as id,sadrzaj as topic,level,thread_id,reply_id,full_name,poruke.datum as datum,poruke.analitical as poruka_analitical
                        from poruke,osobe
                        where (thread_id=$t or poruke.id=$t) and poruke.osoba_id=osobe.id $sql_poruke_where
                order by pos
                ");
                $sth2->execute();

                while ($row2=$sth2->fetchrow_hash()) {
                        $l_ul=$r_ul="";
                        for ($i=0; $i<$row2[level]; $i++) {
                                $l_ul.="<ul>";
                                $r_ul.="</ul>";
                        }
                        // don't indent in solution room
                        if ($solution_room == 1) { $l_ul=$r_ul=""; }
                        $tpl->assign( array(
                                L_INDENT => $l_ul,
                                R_INDENT => $r_ul
                                ));
                        $topic=trim(strip_tags($row2[topic]));
                        if (isset($p) && $p == $row2[id] && $what=="reply") {
                                $topic="<font color=red>$topic...</font>";
                                $tpl->assign( array( P => $p, T => $t ));
                                if ($analitical_room == 1) {
                                        $tpl->parse(CHECKBOXES, ".checkboxes");
                                }
                                $tpl->parse(REPLY, ".reply");
                        } elseif (isset($p) && $p == $row2[id]) {
                                $topic="<font color=red>$topic...</font>";
                                $tpl->assign( array( P => $p, T => $t ));
                        } else {
                                if (!isset($p)) { $p=$t; }
                                $tmp_t=$row2[thread_id];
                                if ($tmp_t == 0) { $tmp_t=$row2[id]; }
                                $tpl->assign( array(
                                        REPLY => "<a href=\"$PHP_SELF?what=reply&p=$row2[id]&t=$tmp_t\">reply</a>"
                                ));
                        }
                        $this.="<br>";

                        if ($row2[poruka_analitical] == "t") {
                                $topic="<i>$topic</i>";
                        }

                        $tpl->assign( array(
                                        AUTHOR => $row2[full_name],
                                        DATE => $row2[datum],
                                        SADRZAJ => $topic
                                ));
                        $tpl->parse(ROWS,".trow");
                }
        } else {
                // non-unroll topics (list)
                $tpl->assign( array(
                                SADRZAJ => $row[sadrzaj],
                                COMMENTS => "<a href=\"$PHP_SELF?what=show&t=$row[topic_id]\">comments&gt;&gt;</a>"
                        ));
                $tpl->parse(ROWS,".tlheader");
                $tpl->parse(ROWS,".tlrow");
        }

}
$tpl->parse(TOPIC_LIST, "ttable");

$tpl->assign( array(
                PHP_SELF => $PHP_SELF,
                TITLE => "List of topics"
        ) );

if ($what != "new") {
        $tpl->parse(START_NEW_TOPIC, "startnew");
}
$tpl->parse(MAIN, "listall");
if ($what == "new") {
        $tpl->parse(MAIN, ".newtopic");
        $tpl->assign(array( TITLE => "Start of new topic" ));
} elseif ($what == "show") {
        $tpl->assign(array(
                TITLE => "Select article for reply",
                P => $p
        ));
} elseif ($what == "reply") {
        $tpl->assign(array(
                TITLE => "Reply to selected article",
                P => $p
        ));
}
$tpl->parse(MAIN, "main");

$tpl->FastPrint();

#include("debug.inc");

?>
1	dpavlin	1.1	<?
2
3	dpavlin	1.4	set_magic_quotes_runtime(0);
4
5	dpavlin	1.1	include("inc/class.FastTemplate.pinc");
6			include("inc/conn.inc");
7			include("inc/fixsql.inc");
8
9			$tpl = new FastTemplate("./html");
10
11			$tpl->define(
12			array(
13			main => "main.html",
14			nologin => "nologin.html",
15			listall => "list.html",
16			newtopic => "new.html",
17			startnew => "startnew.html",
18			ttable => "topics-table.html",
19			theader => "topics-header.html",
20	dpavlin	1.6	tlheader => "topics-list-header.html",
21	dpavlin	1.1	trow => "topics-row.html",
22	dpavlin	1.6	tlrow => "topics-list-row.html",
23	dpavlin	1.1	reply => "reply.html",
24			checkboxes => "checkboxes.html"
25			)
26			);
27
28			if (isset($PHP_AUTH_USER)) {
29			$sth = $dbh->prepare("select id,login,passwd,full_name,analitical,solution from osobe where login like '$PHP_AUTH_USER'");
30			$sth->execute();
31			if ($row=$sth->fetchrow_hash()) {
32			if ($row && $row[passwd] == $PHP_AUTH_PW) {
33			$md5user=md5($PHP_AUTH_USER.$PHP_AUTH_PW);
34	dpavlin	1.7	$osoba_id=$row[id];
35	dpavlin	1.1	if ($row[analitical] == "t") {
36			$analitical_room=1;
37			$tpl->assign(array( ROOM => "You are member of analitical room" ));
38			} else {
39			$sql_poruke_where.="and poruke.analitical is false";
40			}
41			if ($row[solution] == "t") {
42			$solution_room=1;
43			$sql_poruke_where.="and poruke.solution is true";
44	dpavlin	1.3	$tpl->assign(array( ROOM => "You are in solution room" ));
45	dpavlin	1.1	}
46			$tpl->assign(array(
47			FULL_NAME => $row[full_name],
48			RELOGIN => "$PHP_SELF?relogin=$md5user"
49			));
50			}
51			} else { // try to verify user via pop3
52	dpavlin	1.8	include("auth_pop3.php");
53	dpavlin	1.1	$pop3 = new POP3();
54
55			if($pop3->connect("intranet.pliva.hr")) {
56	dpavlin	1.8	if ($pop3->checklogin($PHP_AUTH_USER,$PHP_AUTH_PW)) {
57	dpavlin	1.1	$pop3->quit();
58			// o.k., user exists now insert it in db!
59			include("finger.inc");
60			$full_name=finger($PHP_AUTH_USER);
61			$dbh->dbh_do("insert into osobe (login,full_name,email,passwd) values ('$PHP_AUTH_USER','$full_name','$PHP_AUTH_USER@pliva.hr','$PHP_AUTH_PW')");
62			$sth = $dbh->prepare("select last_value as id from osobe_id_seq");
63			$sth->execute();
64			$row=$sth->fetchrow_hash();
65			$md5user=md5($PHP_AUTH_USER.$PHP_AUTH_PW);
66			$osoba_id=$row[id];
67			$tpl->assign(array(
68	dpavlin	1.7	FULL_NAME => $full_name,
69	dpavlin	1.1	RELOGIN => "$PHP_SELF?relogin=$md5user"
70			));
71			}
72			}
73			}
74			}
75			if (md5($PHP_AUTH_USER.$PHP_AUTH_PW) != $md5user \|\| isset($relogin) && $md5user == $relogin ) {
76			header("WWW-authenticate: basic realm=\"Innovation Commitie\"") ;
77			header("HTTP/1.0 401 Unauthorized") ;
78			$tpl->parse(MAIN, "nologin");
79			$tpl->parse(MAIN, "main");
80			$tpl->FastPrint();
81			exit ;
82	dpavlin	1.7	} else {
83			$dbh->dbh_do("update osobe set last_login=now() where login='$PHP_AUTH_USER'");
84	dpavlin	1.1	}
85
86			//---- insert reply into database
87
88			if (isset($insert_reply) && isset($p)) {
89			$sth=$dbh->prepare("select sadrzaj,level,thread_id,pos from poruke where id=$p");
90			$sth->execute();
91			$row=$sth->fetchrow_hash();
92
93			$thread_id=$row[thread_id];
94			if ($thread_id == 0) $thread_id=$p; // reply to top level topic
95
96			$level=$row[level] + 1;
97			$pos=$row[pos];
98
99			while(strlen($pos) < $level) $pos.="a";
100			$sth=$dbh->prepare("select pos from poruke where pos like '$pos'");
101			$sth->execute();
102			if ($row=$sth->fetchrow_hash()) {
103			for($i=0; $i<$level; $i++) $mask.="_";
104			$sth=$dbh->prepare("select pos from poruke where thread_id=$thread_id and pos like '$mask' order by pos desc limit 1");
105			$sth->execute();
106			if ($row=$sth->fetchrow_hash()) {
107			$pos=$row[pos];
108			$pos_l=substr($pos,0,strlen($pos)-1);
109			$pos_r=substr($pos,strlen($pos)-1,1);
110			$pos_r++;
111			$pos=$pos_l.$pos_r;
112			}
113			}
114
115			function fix_checkbox($what) {
116			if (isset($GLOBALS[$what])) {
117			$GLOBALS[$what]="true";
118			} else {
119	dpavlin	1.2	$GLOBALS[$what]="false";
120	dpavlin	1.1	}
121			}
122
123			fix_checkbox("analitical");
124			fix_checkbox("solution");
125
126	dpavlin	1.2	$sadrzaj=trim($sadrzaj);
127			$dbh->dbh_do(fixsql("insert into poruke (thread_id,reply_id,osoba_id,sadrzaj,level,pos,analitical,solution) values ($thread_id,$p,$osoba_id,'$sadrzaj',$level,'$pos',$analitical,$solution)"));
128	dpavlin	1.1
129			$sth=$dbh->prepare("select currval('poruke_id_seq') as id");
130			$sth->execute();
131
132			if ($row=$sth->fetchrow_hash()) {
133			$p=$row[id]; // poruka_id for later
134			}
135	dpavlin	1.2	$what="show";
136	dpavlin	1.1
137			} elseif (isset($insert_newtopic)) {
138
139			//---- insert new topic into database
140
141			if (isset($osoba_id)) {
142			$dbh->dbh_do(fixsql("insert into poruke (thread_id,osoba_id,sadrzaj) values (0,$osoba_id,'$sadrzaj')"));
143			$sth=$dbh->prepare("select currval('poruke_id_seq') as id");
144			$sth->execute();
145			if ($row=$sth->fetchrow_hash()) {
146			$t=$row[id]; // topic for later
147	dpavlin	1.2	$title=trim($title);
148	dpavlin	1.1	$dbh->dbh_do(fixsql("insert into topics (id,title) values ($t,'$title')"));
149			}
150			}
151			}
152
153			//----- end of inserts/updates...
154
155	dpavlin	1.5	if (($what=="reply" \|\| $what=="show") && isset($t)) {
156	dpavlin	1.1	$sql_where=" and topics.id=$t";
157			}
158
159	dpavlin	1.2	if ($solution_room == 1) {
160			// don't limit just to topics starts
161			$sql_where.=" and poruke.thread_id=topics.id and poruke.thread_id!=0";
162			} else {
163			// limit just to topics start
164			$sql_where.=" and poruke.id=topics.id and poruke.thread_id=0";
165			}
166
167	dpavlin	1.1	$sth = $dbh->prepare("select topics.id as topic_id,title,sadrzaj,full_name,poruke.datum as datum
168			from topics,poruke,osobe
169	dpavlin	1.2	where poruke.osoba_id=osobe.id $sql_where $sql_poruke_where
170	dpavlin	1.1	order by datum asc
171			");
172	dpavlin	1.2
173	dpavlin	1.1	$sth->execute();
174			$topics="";
175			while ($row=$sth->fetchrow_hash()) {
176			$tpl->assign( array(
177			TITLE => $row[title],
178			AUTHOR => $row[full_name],
179			DATE => $row[datum],
180			SADRZAJ => $row[sadrzaj],
181	dpavlin	1.2	COMMENTS => "<a href=\"$PHP_SELF?what=show&t=$row[topic_id]\">comments>></a>",
182	dpavlin	1.1	PHP_SELF => $PHP_SELF
183			));
184
185			if (isset($t) && $t==$row[topic_id]) {
186	dpavlin	1.6	$tpl->parse(ROWS,".theader");
187	dpavlin	1.1	$sth2 = $dbh->prepare("
188			select poruke.id as id,sadrzaj as topic,level,thread_id,reply_id,full_name,poruke.datum as datum,poruke.analitical as poruka_analitical
189			from poruke,osobe
190			where (thread_id=$t or poruke.id=$t) and poruke.osoba_id=osobe.id $sql_poruke_where
191			order by pos
192			");
193			$sth2->execute();
194
195			while ($row2=$sth2->fetchrow_hash()) {
196			$l_ul=$r_ul="";
197			for ($i=0; $i<$row2[level]; $i++) {
198			$l_ul.="<ul>";
199			$r_ul.="</ul>";
200			}
201	dpavlin	1.2	// don't indent in solution room
202			if ($solution_room == 1) { $l_ul=$r_ul=""; }
203	dpavlin	1.1	$tpl->assign( array(
204			L_INDENT => $l_ul,
205			R_INDENT => $r_ul
206			));
207			$topic=trim(strip_tags($row2[topic]));
208	dpavlin	1.2	if (isset($p) && $p == $row2[id] && $what=="reply") {
209	dpavlin	1.1	$topic="<font color=red>$topic...</font>";
210	dpavlin	1.2	$tpl->assign( array( P => $p, T => $t ));
211			if ($analitical_room == 1) {
212			$tpl->parse(CHECKBOXES, ".checkboxes");
213			}
214	dpavlin	1.1	$tpl->parse(REPLY, ".reply");
215	dpavlin	1.2	} elseif (isset($p) && $p == $row2[id]) {
216			$topic="<font color=red>$topic...</font>";
217			$tpl->assign( array( P => $p, T => $t ));
218	dpavlin	1.1	} else {
219			if (!isset($p)) { $p=$t; }
220			$tmp_t=$row2[thread_id];
221			if ($tmp_t == 0) { $tmp_t=$row2[id]; }
222			$tpl->assign( array(
223			REPLY => "<a href=\"$PHP_SELF?what=reply&p=$row2[id]&t=$tmp_t\">reply</a>"
224			));
225			}
226			$this.="<br>";
227
228			if ($row2[poruka_analitical] == "t") {
229			$topic="<i>$topic</i>";
230			}
231
232			$tpl->assign( array(
233			AUTHOR => $row2[full_name],
234			DATE => $row2[datum],
235			SADRZAJ => $topic
236			));
237			$tpl->parse(ROWS,".trow");
238			}
239			} else {
240	dpavlin	1.6	// non-unroll topics (list)
241	dpavlin	1.1	$tpl->assign( array(
242			SADRZAJ => $row[sadrzaj],
243	dpavlin	1.2	COMMENTS => "<a href=\"$PHP_SELF?what=show&t=$row[topic_id]\">comments>></a>"
244	dpavlin	1.1	));
245	dpavlin	1.6	$tpl->parse(ROWS,".tlheader");
246			$tpl->parse(ROWS,".tlrow");
247	dpavlin	1.1	}
248
249			}
250			$tpl->parse(TOPIC_LIST, "ttable");
251
252			$tpl->assign( array(
253			PHP_SELF => $PHP_SELF,
254			TITLE => "List of topics"
255			) );
256
257			if ($what != "new") {
258			$tpl->parse(START_NEW_TOPIC, "startnew");
259			}
260			$tpl->parse(MAIN, "listall");
261			if ($what == "new") {
262			$tpl->parse(MAIN, ".newtopic");
263			$tpl->assign(array( TITLE => "Start of new topic" ));
264	dpavlin	1.2	} elseif ($what == "show") {
265			$tpl->assign(array(
266			TITLE => "Select article for reply",
267			P => $p
268			));
269	dpavlin	1.1	} elseif ($what == "reply") {
270			$tpl->assign(array(
271			TITLE => "Reply to selected article",
272			P => $p
273			));
274			}
275			$tpl->parse(MAIN, "main");
276
277			$tpl->FastPrint();
278
279			#include("debug.inc");
280
281			?>