Page 1
LAMPIRAN-A
LISTING PROGRAM
/****************************************************************/ /* Index */ /****************************************************************/ <?php require_once("mainfile.php"); $_SERVER['PHP_SELF'] = "modules.php"; $row = $db->sql_fetchrow($db->sql_query("SELECT main_module from ".$prefix."_main")); $name = $row['main_module']; $home = 1; if ($httpref==1) { $referer = $_SERVER["HTTP_REFERER"]; $referer = check_html($referer, nohtml); if ($referer=="" OR eregi("^unknown", $referer) OR substr("$referer",0,strlen($nukeurl))==$nukeurl OR eregi("^bookmark",$referer)) { } else { $result = $db->sql_query("INSERT INTO ".$prefix."_referer VALUES (NULL, '$referer')"); } $numrows = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_referer")); if($numrows>=$httprefmax) { $result2 = $db->sql_query("DELETE FROM ".$prefix."_referer"); } } if (!isset($mop)) { $mop="modload"; } if (!isset($mod_file)) { $mod_file="index"; } $name = trim($name); $file = trim($file); $mod_file = trim($mod_file); $mop = trim($mop); if (ereg("\.\.",$name) || ereg("\.\.",$file) || ereg("\.\.",$mod_file) || ereg("\.\.",$mop)) { echo "You are so cool..."; } else { $ThemeSel = get_theme(); if (file_exists("themes/$ThemeSel/module.php")) { include("themes/$ThemeSel/module.php"); if (is_active("$default_module") AND file_exists("modules/$default_module/".$mod_file.".php")) { $name = $default_module; } } if (file_exists("themes/$ThemeSel/modules/$name/".$mod_file.".php")) { $modpath = "themes/$ThemeSel/"; } $modpath .= "modules/$name/".$mod_file.".php";
Page 2
if (file_exists($modpath)) { include($modpath); } else { $index = 1; include("header.php"); OpenTable(); if (is_admin($admin)) { echo "<center><font class=\"\"><b>"._HOMEPROBLEM."</b></font><br><br>[ <a href=\"admin.php?op=modules\">"._ADDAHOME."</a> ]</center>"; } else { echo "<center>"._HOMEPROBLEMUSER."</center>"; } CloseTable(); include("footer.php"); } } ?>
/****************************************************************/ /* Berita Lama */ /****************************************************************/ <?php if (eregi("block-Berita lama.php", $_SERVER['PHP_SELF'])) { Header("Location: index.php"); die(); } global $locale, $oldnum, $storynum, $storyhome, $cookie, $categories, $cat, $prefix, $multilingual, $currentlang, $db, $new_topic, $user_news; if ($multilingual == 1) { if ($categories == 1) { $querylang = "where catid='$cat' AND (alanguage='$currentlang' OR alanguage='')"; } else { $querylang = "where (alanguage='$currentlang' OR alanguage='')"; if ($new_topic != 0) { $querylang .= " AND topic='$new_topic'"; } } } else { if ($categories == 1) { $querylang = "where catid='$cat'"; } else { $querylang = ""; if ($new_topic != 0) { $querylang = "WHERE topic='$new_topic'"; } } } if (isset($cookie[3]) AND $user_news == 1) {
Page 3
$storynum = $cookie[3]; } else { $storynum = $storyhome; } $boxstuff = "<table border=\"0\" width=\"100%\">"; $boxTitle = _PASTARTICLES; $result = $db->sql_query("SELECT sid, title, time, comments FROM ".$prefix."_stories $querylang ORDER BY time DESC LIMIT $storynum, $oldnum"); $vari = 0; $r_options = ""; if (isset($cookie[4])) { $r_options .= "&mode=$cookie[4]"; } if (isset($cookie[5])) { $r_options .= "&order=$cookie[5]"; } if (isset($cookie[6])) { $r_options .= "&thold=$cookie[6]"; } while ($row = $db->sql_fetchrow($result)) { $sid = intval($row['sid']); $title = stripslashes($row['title']); $time = $row['time']; $comments = $row['comments']; $see = 1; setlocale(LC_TIME, $locale); ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime2); $datetime2 = strftime(""._DATESTRING2."", mktime($datetime2[4],$datetime2[5],$datetime2[6],$datetime2[2],$datetime2[3],$datetime2[1])); $datetime2 = ucfirst($datetime2); if ($articlecomm == 1) { $comments = "($comments)"; } else { $comments = ""; } if($time2==$datetime2) { $boxstuff .= "<tr><td valign=\"top\"><strong><big>·</big></strong></td><td> <a href=\"modules.php?name=News&file=article&sid=$sid$r_options\">$title</a> $comments</td></tr>\n"; } else { if($a=="") { $boxstuff .= "<tr><td colspan=\"2\"><b>$datetime2</b></td></tr><tr><td valign=\"top\"><strong><big>·</big></strong></td><td> <a href=\"modules.php?name=News&file=article&sid=$sid$r_options\">$title</a> $comments</td></tr>\n"; $time2 = $datetime2; $a = 1; } else { $boxstuff .= "<tr><td colspan=\"2\"><b>$datetime2</b></td></tr><tr><td valign=\"top\"><strong><big>·</big></strong></td><td> <a href=\"modules.php?name=News&file=article&sid=$sid$r_options\">$title</a> $comments</td></tr>\n"; $time2 = $datetime2; } } $vari++; if ($vari==$oldnum) { if (isset($cookie[3])) { $storynum = $cookie[3]; } else {
Page 4
$storynum = $storyhome; } $min = $oldnum + $storynum; $dummy = 1; } } if ($dummy == 1 AND is_active(Stories_Archive)) { $boxstuff .= "</table><br><a href=\"modules.php?name=Stories_Archive\"><b>"._OLDERARTICLES."</b></a>\n"; } else { $boxstuff .= "</table>"; } if ($see == 1) { $content = $boxstuff; } ?> /****************************************************************/ /* Downloads */ /****************************************************************/ <?php if (eregi("block-Top10_Downloads.php",$_SERVER['PHP_SELF']) { Header("Location: index.php"); die(); } global $prefix, $db; $a = 1; $result = $db->sql_query("SELECT lid, title FROM ".$prefix."_downloads_downloads ORDER BY hits DESC LIMIT 0,10"); while ($row = $db->sql_fetchrow($result)) { $lid = intval($row['lid']); $title = stripslashes($row['title']); $title2 = ereg_replace("_", " ", $title); $content .= "<strong><big>·</big></strong> $a: <a href=\"modules.php?name=Downloads&d_op=viewdownloaddetails&lid=$lid&title=$title\">$title2</a><br>"; $a++; } ?>
Page 5
/****************************************************************/ /* Search */ /****************************************************************/ <?php if (!eregi("modules.php", $_SERVER['PHP_SELF'])) { die ("You can't access this file directly..."); } require_once("mainfile.php"); $module_name = basename(dirname(__FILE__)); get_lang($module_name); global $admin, $prefix, $db, $module_name, $articlecomm, $multilingual; if ($multilingual == 1) { $queryalang = "AND (s.alanguage='$currentlang' OR s.alanguage='')"; /* stories */ $queryrlang = "AND rlanguage='$currentlang' "; /* reviews */ } else { $queryalang = ""; $queryrlang = ""; $queryslang = ""; } switch($op) { case "comments": break; default: $ThemeSel = get_theme(); $offset=10; if (!isset($min)) $min=0; if (!isset($max)) $max=$min+$offset; $query = stripslashes(check_html($query, nohtml)); $pagetitle = "- "._SEARCH.""; include("header.php"); $topic = intval($topic); if ($topic>0) { $row = $db->sql_fetchrow($db->sql_query("SELECT topicimage, topictext from ".$prefix."_topics where topicid='$topic'")); $topicimage = $row['topicimage']; $topictext = $row['topictext']; if (file_exists("themes/$ThemeSel/images/topics/$topicimage")) { $topicimage = "themes/$ThemeSel/images/topics/$topicimage"; } else { $topicimage = "$tipath/$topicimage"; } } else { $topictext = ""._ALLTOPICS.""; if (file_exists("themes/$ThemeSel/images/topics/AllTopics.gif")) { $topicimage = "themes/$ThemeSel/images/topics/AllTopics.gif"; } else { $topicimage = "$tipath/AllTopics.gif"; }
Page 6
} if (file_exists("themes/$ThemeSel/images/topics/AllTopics.gif")) { $alltop = "themes/$ThemeSel/images/topics/AllTopics.gif"; } else { $alltop = "$tipath/AllTopics.gif"; } OpenTable(); if ($type == "users") { echo "<center><font class=\"title\"><b>"._SEARCHUSERS."</b></font></center><br>"; } elseif ($type == "reviews") { echo "<center><font class=\"title\"><b>"._SEARCHREVIEWS."</b></font></center><br>"; } elseif ($type == "comments" AND isset($sid)) { $res = $db->sql_query("select title from ".$prefix."_stories where sid='$sid'"); list($st_title) = $db->sql_fetchrow($res); $instory = "AND sid='$sid'"; echo "<center><font class=\"title\"><b>"._SEARCHINSTORY." $st_title</b></font></center><br>"; } else { echo "<center><font class=\"title\"><b>"._SEARCHIN." $topictext</b></font></center><br>"; } echo "<table width=\"100%\" border=\"0\"><TR><TD>"; if (($type == "users") OR ($type == "reviews")) { echo "<img src=\"$alltop\" align=\"right\" border=\"0\" alt=\"\">"; } else { echo "<img src=\"$topicimage\" align=\"right\" border=\"0\" alt=\"$topictext\">"; } echo "<form action=\"modules.php?name=$module_name\" method=\"POST\">" ."<input size=\"25\" type=\"text\" name=\"query\" value=\"$query\"> " ."<input type=\"submit\" value=\""._SEARCH."\"><br><br>"; if (isset($sid)) { echo "<input type='hidden' name='sid' value='$sid'>"; } echo "<!-- Topic Selection -->"; $toplist = $db->sql_query("SELECT topicid, topictext from ".$prefix."_topics order by topictext"); echo "<select name=\"topic\">"; echo "<option value=\"\">"._ALLTOPICS."</option>\n"; while($row2 = $db->sql_fetchrow($toplist)) { $topicid = intval($row2['topicid']); $topics = $row2['topictext']; if ($topicid==$topic) { $sel = "selected "; } echo "<option $sel value=\"$topicid\">$topics</option>\n"; $sel = ""; } echo "</select>"; /* Category Selection */ $category = intval($category); echo " <select name=\"category\">"; echo "<option value=\"0\">"._ARTICLES."</option>\n"; $result3 = $db->sql_query("SELECT catid, title from ".$prefix."_stories_cat order by title");
Page 7
while ($row3 = $db->sql_fetchrow($result3)) { $catid = intval($row3['catid']); $title = $row3['title']; if ($catid==$category) { $sel = "selected "; } echo "<option $sel value=\"$catid\">$title</option>\n"; $sel = ""; } echo "</select>"; /* Authors Selection */ $thing = $db->sql_query("SELECT aid from ".$prefix."_authors order by aid"); echo " <select name=\"author\">"; echo "<option value=\"\">"._ALLAUTHORS."</option>\n"; while($row4 = $db->sql_fetchrow($thing)) { $authors = $row4['aid']; if ($authors==$author) { $sel = "selected "; } echo "<option value=\"$authors\">$authors</option>\n"; $sel = ""; } echo "</select>"; /* Date Selection */ ?> <select name="days"> <option <?php echo $days == 0 ? "selected " : ""; ?> value="0"><?php echo _ALL ?></option> <option <?php echo $days == 7 ? "selected " : ""; ?> value="7">1 <?php echo _WEEK ?></option> <option <?php echo $days == 14 ? "selected " : ""; ?> value="14">2 <?php echo _WEEKS ?></option> <option <?php echo $days == 30 ? "selected " : ""; ?> value="30">1 <?php echo _MONTH ?></option> <option <?php echo $days == 60 ? "selected " : ""; ?> value="60">2 <?php echo _MONTHS ?></option> <option <?php echo $days == 90 ? "selected " : ""; ?> value="90">3 <?php echo _MONTHS ?></option> </select><br> <?php if (($type == "stories") OR ($type == "")) { $sel1 = "checked"; } elseif ($type == "comments") { $sel2 = "checked"; } elseif ($type == "users") { $sel3 = "checked"; } elseif ($type == "reviews") { $sel4 = "checked"; } $num_rev = $db->sql_numrows($db->sql_query("SELECT * from ".$prefix."_reviews")); echo ""._SEARCHON.""; echo "<input type=\"radio\" name=\"type\" value=\"stories\" $sel1> "._SSTORIES.""; if ($articlecomm == 1) { echo "<input type=\"radio\" name=\"type\" value=\"comments\" $sel2> "._SCOMMENTS.""; } echo "<input type=\"radio\" name=\"type\" value=\"users\" $sel3> "._SUSERS.""; if ($num_rev > 0) {
Page 8
echo "<input type=\"radio\" name=\"type\" value=\"reviews\" $sel4> "._REVIEWS.""; } echo "</form></td></tr></table>"; $query = addslashes($query); if ($type=="stories" OR !$type) { if ($category > 0) { $categ = "AND catid='$category' "; } elseif ($category == 0) { $categ = ""; } $q = "select s.sid, s.aid, s.informant, s.title, s.time, s.hometext, s.bodytext, a.url, s.comments, s.topic from ".$prefix."_stories s, ".$prefix."_authors a where s.aid=a.aid $queryalang $categ"; if (isset($query)) $q .= "AND (s.title LIKE '%$query%' OR s.hometext LIKE '%$query%' OR s.bodytext LIKE '%$query%' OR s.notes LIKE '%$query%') "; if ($author != "") $q .= "AND s.aid='$author' "; if ($topic != "") $q .= "AND s.topic='$topic' "; if ($days != "" && $days!=0) $q .= "AND TO_DAYS(NOW()) - TO_DAYS(time) <= '$days' "; $q .= " ORDER BY s.time DESC LIMIT $min,$offset"; $t = $topic; $result5 = $db->sql_query($q); $nrows = $db->sql_numrows($result5); $x=0; if ($query != "") { echo "<br><hr noshade size=\"1\"><center><b>"._SEARCHRESULTS."</b></center><br><br>"; echo "<table width=\"99%\" cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n"; if ($nrows>0) { while($row5 = $db->sql_fetchrow($result5)) { $sid = intval($row5['sid']); $aid = $row5['aid']; $informant = $row5['informant']; $title = $row5['title']; $time = $row5['time']; $hometext = $row5['hometext']; $bodytext = $row5['bodytext']; $url = $row5['url']; $comments = $row5['comments']; $topic = $row5['topic']; $row6 = $db->sql_fetchrow($db->sql_query("SELECT topictext from ".$prefix."_topics where topicid='$topic'")); $topictext = $row6['topictext']; $furl = "modules.php?name=News&file=article&sid=$sid"; $datetime = formatTimestamp($time); $query = stripslashes($query); if ($informant == "") { $informant = $anonymous; } else { $informant = "<a href=\"modules.php?name=Your_Account&op=userinfo&username=$informant\">$informant</a>"; } if ($query != "" AND $query != "*") {
Page 9
if (eregi(quotemeta($query),$title)) { $a = 1; } $text = "$hometext$bodytext"; if (eregi(quotemeta($query),$text)) { $a = 2; } if (eregi(quotemeta($query),$text) AND eregi(quotemeta($query),$title)) { $a = 3; } if ($a == 1) { $match = _MATCHTITLE; } elseif ($a == 2) { $match = _MATCHTEXT; } elseif ($a == 3) { $match = _MATCHBOTH; } if (!isset($a)) { $match = ""; } else { $match = "$match<br>"; } } printf("<tr><td><img src=\"images/folders.gif\" border=\"0\" alt=\"\"> <font class=\"option\"><a href=\"%s\"><b>%s</b></a></font><br><font class=\"content\">"._CONTRIBUTEDBY." $informant<br>"._POSTEDBY." <a href=\"%s\">%s</a>",$furl,$title,$url,$aid,$informant); echo " "._ON." $datetime<br>" ."$match" .""._TOPIC.": <a href=\"modules.php?name=$module_name&query=&topic=$topic\">$topictext</a> "; if ($comments == 0) { echo "("._NOCOMMENTS.")"; } elseif ($comments == 1) { echo "($comments "._UCOMMENT.")"; } elseif ($comments >1) { echo "($comments "._UCOMMENTS.")"; } if (is_admin($admin)) { echo " [ <a href=\"admin.php?op=EditStory&sid=$sid\">"._EDIT."</a> | <a href=\"admin.php?op=RemoveStory&sid=$sid\">"._DELETE."</a> ]"; } echo "</font><br><br><br></td></tr>\n"; $x++; } echo "</table>"; } else { echo "<tr><td><center><font class=\"option\"><b>"._NOMATCHES."</b></font></center><br><br>"; echo "</td></tr></table>"; } $prev=$min-$offset; if ($prev>=0) {
Page 10
print "<br><br><center><a href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$prev&query=$query&type=$type&category=$category\">"; print "<b>$min "._PREVMATCHES."</b></a></center>"; } $next=$min+$offset; if ($x>=9) { print "<br><br><center><a href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$max&query=$query&type=$type&category=$category\">"; print "<b>"._NEXTMATCHES."</b></a></center>"; } } } elseif ($type=="comments") { /* $sid = intval($sid); if (isset($sid)) { $row7 = $db->sql_fetchrow($db->sql_query("SELECT title from ".$prefix."_stories where sid='$sid'")); $st_title = $row7['title']; $instory = "AND sid='$sid'"; } else { $instory = ""; } */ $result8 = $db->sql_query("SELECT tid, sid, subject, date, name from ".$prefix."_comments where (subject like '%$query%' OR comment like '%$query%') $instory order by date DESC limit $min,$offset"); $nrows = $db->sql_numrows($result8); $x=0; if ($query != "") { echo "<br><hr noshade size=\"1\"><center><b>"._SEARCHRESULTS."</b></center><br><br>"; echo "<table width=\"99%\" cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n"; if ($nrows>0) { while($row8 = $db->sql_fetchrow($result8)) { $tid = intval($row8['tid']); $sid = intval($row8['sid']); $subject = $row8['subject']; $date = $row8['date']; $name = $row8['name']; $row_res = $db->sql_fetchrow($db->sql_query("SELECT title from ".$prefix."_stories where sid='$sid'")); $title = $row_res['title']; $reply = $db->sql_numrows($db->sql_query("SELECT * from ".$prefix."_comments where pid='$tid'")); $furl = "modules.php?name=News&file=article&thold=-1&mode=flat&order=1&sid=$sid#$tid"; if(!$name) { $name = "$anonymous"; } else { $name = "<a href=\"modules.php?name=Your_Account&op=userinfo&username=$name\">$name</a>";
Page 11
} $datetime = formatTimestamp($date); echo "<tr><td><img src=\"images/folders.gif\" border=\"0\" alt=\"\"> <font class=\"option\"><a href=\"$furl\"><b>$subject</b></a></font><font class=\"content\"><br>"._POSTEDBY." $name" ." "._ON." $datetime<br>" .""._ATTACHART.": $title<br>"; if ($reply == 1) { echo "($reply "._SREPLY.")"; if (is_admin($admin)) { echo " [ <a href=\"admin.php?op=RemoveComment&tid=$tid&sid=$sid\">"._DELETE."</a> ]"; } echo "<br><br><br></td></tr>\n"; } else { echo "($reply "._SREPLIES.")"; if (is_admin($admin)) { echo " [ <a href=\"admin.php?op=RemoveComment&tid=$tid&sid=$sid\">"._DELETE."</a> ]"; } echo "<br><br><br></td></tr>\n"; } $x++; } echo "</table>"; } else { echo "<tr><td><center><font class=\"option\"><b>"._NOMATCHES."</b></font></center><br><br>"; echo "</td></tr></table>"; } $prev=$min-$offset; if ($prev>=0) { print "<br><br><center><a href=\"modules.php?name=$module_name&author=$author&topic=$topic&min=$prev&query=$query&type=$type\">"; print "<b>$min "._PREVMATCHES."</b></a></center>"; } $next=$min+$offset; if ($x>=9) { print "<br><br><center><a href=\"modules.php?name=$module_name&author=$author&topic=$topic&min=$max&query=$query&type=$type\">"; print "<b>"._NEXTMATCHES."</b></a></center>"; } } } elseif ($type=="reviews") { $res_n = $db->sql_query("SELECT id, title, text, reviewer, score from ".$prefix."_reviews where (title like '%$query%' OR text like '%$query%') $queryrlang order by date DESC limit $min,$offset"); $nrows = $db->sql_numrows($res_n); $x=0; if ($query != "") { echo "<br><hr noshade size=\"1\"><center><b>"._SEARCHRESULTS."</b></center><br><br>";
Page 12
echo "<table width=\"99%\" cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n"; if ($nrows>0) { while($rown = $db->sql_fetchrow($res_n)) { $id = intval($rown['id']); $title = $rown['title']; $text = $rown['text']; $reviewer = $rown['reviewer']; $score = intval($rown['score']); $furl = "modules.php?name=Reviews&op=showcontent&id=$id"; $pages = count(explode( "<!--pagebreak-->", $text )); echo "<tr><td><img src=\"images/folders.gif\" border=\"0\" alt=\"\"> <font class=\"option\"><a href=\"$furl\"><b>$title</b></a></font><br>" ."<font class=\"content\">"._POSTEDBY." $reviewer<br>" .""._REVIEWSCORE.": $score/10<br>"; if ($pages == 1) { echo "($pages "._PAGE.")"; } else { echo "($pages "._PAGES.")"; } if (is_admin($admin)) { echo " [ <a href=\"modules.php?name=Reviews&op=mod_review&id=$id\">"._EDIT."</a> | <a href=\"modules.php?name=Reviews.php&op=del_review&id_del=$id\">"._DELETE."</a> ]"; } print "<br><br><br></font></td></tr>\n"; $x++; } echo "</table>"; } else { echo "<tr><td><center><font class=\"option\"><b>"._NOMATCHES."</b></font></center><br><br>"; echo "</td></tr></table>"; } $prev=$min-$offset; if ($prev>=0) { print "<br><br><center><a href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$prev&query=$query&type=$type\">"; print "<b>$min "._PREVMATCHES."</b></a></center>"; } $next=$min+$offset; if ($x>=9) { print "<br><br><center><a href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$max&query=$query&type=$type\">"; print "<b>"._NEXTMATCHES."</b></a></center>"; } } } elseif ($type=="users") { $res_n3 = $db->sql_query("SELECT user_id, username, name from ".$user_prefix."_users where (username like '%$query%' OR name like '%$query%' OR bio like '%$query%') order by username ASC limit $min,$offset");
Page 13
$nrows = $db->sql_numrows($res_n3); $x=0; if ($query != "") { echo "<br><hr noshade size=\"1\"><center><b>"._SEARCHRESULTS."</b></center><br><br>"; echo "<table width=\"99%\" cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n"; if ($nrows>0) { while($rown3 = $db->sql_fetchrow($res_n3)) { $uid = intval($rown3['user_id']); $uname = $rown3['username']; $name = $rown3['name']; $furl = "modules.php?name=Your_Account&op=userinfo&username=$uname"; if ($name=="") { $name = ""._NONAME.""; } echo "<tr><td><img src=\"images/folders.gif\" border=\"0\" alt=\"\"> <font class=\"option\"><a href=\"$furl\"><b>$uname</b></a></font><font class=\"content\"> ($name)"; if (is_admin($admin)) { echo " [ <a href=\"admin.php?chng_uid=$uid&op=modifyUser\">"._EDIT."</a> | <a href=\"admin.php?op=delUser&chng_uid=$uid\">"._DELETE."</a> ]"; } echo "</font></td></tr>\n"; $x++; } echo "</table>"; } else { echo "<tr><td><center><font class=\"option\"><b>"._NOMATCHES."</b></font></center><br><br>"; echo "</td></tr></table>"; } $prev=$min-$offset; if ($prev>=0) { print "<br><br><center><a href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$prev&query=$query&type=$type\">"; print "<b>$min "._PREVMATCHES."</b></a></center>"; } $next=$min+$offset; if ($x>=9) { print "<br><br><center><a href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$max&query=$query&type=$type\">"; print "<b>"._NEXTMATCHES."</b></a></center>"; } } } CloseTable(); if (isset($query) AND $query != "") { echo "<br>"; if (is_active("Downloads")) {
Page 14
$dcnt = $db->sql_numrows($db->sql_query("SELECT * from ".$prefix."_downloads_downloads WHERE title LIKE '%$query%' OR description LIKE '%$query%'")); $mod1 = "<li> <a href=\"modules.php?name=Downloads&d_op=search&query=$query\">"._DOWNLOADS."</a> ($dcnt "._SEARCHRESULTS.")"; } if (is_active("Web_Links")) { $lcnt = $db->sql_numrows($db->sql_query("SELECT * from ".$prefix."_links_links WHERE title LIKE '%$query%' OR description LIKE '%$query%'")); $mod2 = "<li> <a href=\"modules.php?name=Web_Links&l_op=search&query=$query\">"._WEBLINKS."</a> ($lcnt "._SEARCHRESULTS.")"; } if (is_active("Encyclopedia")) { $ecnt1 = $db->sql_query("SELECT eid from ".$prefix."_encyclopedia WHERE active='1'"); $ecnt = 0; while($row_e = $db->sql_fetchrow($ecnt1)) { $eid = intval($row_e['eid']); $ecnt2 = $db->sql_numrows($db->sql_query("select * from ".$prefix."_encyclopedia WHERE title LIKE '%$query%' OR description LIKE '%$query%' AND eid='$eid'")); $ecnt3 = $db->sql_numrows($db->sql_query("select * from ".$prefix."_encyclopedia_text WHERE title LIKE '%$query%' OR text LIKE '%$query%' AND eid='$eid'")); $ecnt = $ecnt+$ecnt2+$ecnt3; } $mod3 = "<li> <a href=\"modules.php?name=Encyclopedia&file=search&query=$query\">"._ENCYCLOPEDIA."</a> ($ecnt "._SEARCHRESULTS.")"; } OpenTable(); echo "<font class=\"title\">"._FINDMORE."<br><br>" .""._DIDNOTFIND."</font><br><br>" .""._SEARCH." \"<b>$query</b>\" "._ON.":<br><br>" ."<ul>" ."$mod1" ."$mod2" ."$mod3" ."<li> <a href=\"http://www.google.com/search?q=$query\" target=\"new\">Google</a>" ."<li> <a href=\"http://groups.google.com/groups?q=$query\" target=\"new\">Google Groups</a>" ."</ul>"; CloseTable(); } include("footer.php"); break; } ?>
Page 15
/****************************************************************/ /* Topic */ /****************************************************************/ <?php if (!eregi("modules.php", $_SERVER['PHP_SELF'])) { die ("You can't access this file directly..."); } require_once("mainfile.php"); $module_name = basename(dirname(__FILE__)); get_lang($module_name); $pagetitle = "- "._ACTIVETOPICS.""; include("header.php"); global $prefix, $db; $result = $db->sql_query("SELECT topicid, topicname, topicimage, topictext FROM ".$prefix."_topics ORDER BY topictext"); if ($db->sql_numrows($result) == 0) { include("header.php"); include("footer.php"); } if ($db->sql_numrows($result) > 0) { $r_options = ""; if (isset($cookie[4])) { $r_options .= "&mode=$cookie[4]"; } if (isset($cookie[5])) { $r_options .= "&order=$cookie[5]"; } if (isset($cookie[6])) { $r_options .= "&thold=$cookie[6]"; } OpenTable(); echo "<center><font class=\"title\"><b>"._ACTIVETOPICS."</b></font><br>\n" ."<font class=\"content\">"._CLICK2LIST."</font><br><br>\n" ."<form action=\"modules.php?name=Search\" method=\"post\">" ."<input type=\"name\" name=\"query\" size=\"30\"> " ."<input type=\"submit\" value=\""._SEARCH."\">" ."</form></center><br><br>"; while ($row = $db->sql_fetchrow($result)) { $topicid = intval($row['topicid']); $topicname = $row['topicname']; $topicimage = $row['topicimage']; $topictext = $row['topictext']; $ThemeSel = get_theme(); if (@file_exists("themes/$ThemeSel/images/topics/$topicimage")) { $t_image = "themes/$ThemeSel/images/topics/$topicimage"; } else { $t_image = "$tipath$topicimage"; } $res = $db->sql_query("SELECT counter FROM ".$prefix."_stories WHERE topic='$topicid'"); $numrows = $db->sql_numrows($res); $reads = 0; while ($counting = $db->sql_fetchrow($res)) { $ccounter = $counting[counter]; $reads = $reads+$ccounter; } title($topictext); echo "<table border=\"1\" width=\"100%\" align=\"center\" cellpadding=\"2\">\n" ."<tr><td valign=\"top\" width='25%'>\n"
Page 16
."<a href=\"modules.php?name=News&new_topic=$topicid\"><img src=\"$t_image\" border=\"0\" alt=\"$topictext\" title=\"$topictext\" hspace='5' vspace='5'></a><br><br>\n" ."<font class=\"content\">\n" ."<big><strong>·</strong></big> <b>"._TOPIC.":</b> $topictext<br>\n" ."<big><strong>·</strong></big> <b>"._TOTNEWS.":</b> $numrows<br>\n" ."<big><strong>·</strong></big> <b>"._TOTREADS.":</b> $reads</font>\n" ."</td>\n" ."<td valign='top'>"; $result2 = $db->sql_query("SELECT sid, catid, title FROM ".$prefix."_stories WHERE topic='$topicid' ORDER BY sid DESC LIMIT 0,10"); $num = $db->sql_numrows($result2); if ($num != 0) { while ($row2 = $db->sql_fetchrow($result2)) { $sid = intval($row2['sid']); $catid = $row2['catid']; $title = $row2['title']; $row3 = $db->sql_fetchrow($db->sql_query("SELECT title FROM ".$prefix."_stories_cat WHERE catid='$catid'")); $rtitle = $row3['title']; if ($catid == 0) { $cat_link = ""; } else { $cat_link = "<a href='modules.php?name=News&file=categories&op=newindex&catid=$catid'><b>$rtitle</b></a>: "; } echo "<img src='modules/$module_name/images/arrow.gif' border='0' alt='' title=''> $cat_link<a href='modules.php?name=News&file=article&sid=$sid$r_options'>$title</a><br>"; } if ($num == 10) { echo "<div align='right'><big><strong>·</strong></big> <a href='modules.php?name=News&new_topic=$topicid'><b>"._MORE." --></b></a> </div>"; } } else { echo "<i>"._NONEWSYET."</i>"; } echo "</td></tr></table><br><br>"; } } CloseTable(); include("footer.php"); ?>
Page 17
/****************************************************************/ /* Siapa yang online */ /****************************************************************/ <?php if (eregi("block-siapa_yang_Online.php", $_SERVER['PHP_SELF'])) { Header("Location: index.php"); die(); } global $user, $cookie, $prefix, $db, $user_prefix; cookiedecode($user); $ip = $_SERVER["REMOTE_ADDR"]; $uname = $cookie[1]; if (!isset($uname)) { $uname = "$ip"; $guest = 1; } $guest_online_num = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_session WHERE guest='1'")); $member_online_num = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_session WHERE guest='0'")); $who_online_num = $guest_online_num + $member_online_num; $who_online = "<center><font class=\"content\">"._CURRENTLY." $guest_online_num "._GUESTS." $member_online_num "._MEMBERS."<br>"; $content = "$who_online"; if (is_user($user)) { if (is_active("Private_Messages")) { $row = $db->sql_fetchrow($db->sql_query("SELECT user_id FROM ".$user_prefix."_users WHERE username='$uname'")); $uid = intval($row['user_id']); $newpm = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_bbprivmsgs WHERE privmsgs_to_userid='$uid' AND (privmsgs_type='5' OR privmsgs_type='1')")); } } $row2 = $db->sql_fetchrow($db->sql_query("SELECT title FROM ".$prefix."_blocks WHERE bkey='online'")); $title = $row2['title']; if (is_user($user)) { $content .= "<br>"._YOUARELOGGED." <b>$uname</b>.<br>"; if (is_active("Private_Messages")) { $row3 = $db->sql_fetchrow($db->sql_query("SELECT user_id FROM ".$user_prefix."_users WHERE username='$uname'")); $uid = intval($row3['user_id']); $numrow = $db->sql_numrows($db->sql_query("SELECT privmsgs_to_userid FROM ".$prefix."_bbprivmsgs WHERE privmsgs_to_userid='$uid' AND (privmsgs_type='1' OR privmsgs_type='5' OR privmsgs_type='0')"));
Page 18
$content .= ""._YOUHAVE." <a href=\"modules.php?name=Private_Messages\"><b>$numrow</b></a> "._PRIVATEMSG.""; } $content .= "</font></center>"; } else { $content .= "<br>"._YOUAREANON."</font></center>"; } ?> /****************************************************************/ /* Survey */ /****************************************************************/ <?php if (eregi("block-Survey.php", $_SERVER['PHP_SELF'])) { Header("Location: index.php"); die(); } global $prefix, $multilingual, $currentlang, $db, $boxTitle, $content, $pollcomm, $user, $cookie; if ($multilingual == 1) { $querylang = "WHERE planguage='$currentlang' AND artid='0'"; } else { $querylang = "WHERE artid='0'"; } $row = $db->sql_fetchrow($db->sql_query("SELECT pollID FROM ".$prefix."_poll_desc $querylang ORDER BY pollID DESC LIMIT 1")); $pollID = intval($row['pollID']); if ($pollID == 0 || $pollID == "") { $content = ""; } else { if (!isset($url)) { $url = sprintf("modules.php?name=Surveys&op=results&pollID=%d", $pollID); } $content .= "<form action=\"modules.php?name=Surveys\" method=\"post\">"; $content .= "<input type=\"hidden\" name=\"pollID\" value=\"".$pollID."\">"; $content .= "<input type=\"hidden\" name=\"forwarder\" value=\"".$url."\">"; $row2 = $db->sql_fetchrow($db->sql_query("SELECT pollTitle, voters FROM ".$prefix."_poll_desc WHERE pollID='$pollID'")); $pollTitle = $row2['pollTitle']; $voters = intval($row2['voters']); $boxTitle = _SURVEY; $content .= "<font class=\"content\"><b>$pollTitle</b></font><br><br>\n"; $content .= "<table border=\"0\" width=\"100%\">"; for($i = 1; $i <= 12; $i++) { $row3 = $db->sql_fetchrow($db->sql_query("SELECT pollID, optionText, optionCount, voteID FROM ".$prefix."_poll_data WHERE (pollID='$pollID') AND (voteID='$i')")); if(isset($row3)) {
Page 19
$optionText = $row3['optionText']; if ($optionText != "") { $content .= "<tr><td valign=\"top\"><input type=\"radio\" name=\"voteID\" value=\"".$i."\"></td><td width=\"100%\"><font class=\"content\">$optionText</font></td></tr>\n"; } } } $content .= "</table><br><center><font class=\"content\"><input type=\"submit\" value=\""._VOTE."\"></font><br>"; if (is_user($user)) { cookiedecode($user); } for($i = 0; $i < 12; $i++) { $row4 = $db->sql_fetchrow($db->sql_query("SELECT optionCount FROM ".$prefix."_poll_data WHERE (pollID='$pollID') AND (voteID='$i')")); $optionCount = intval($row4['optionCount']); $sum = (int)$sum+$optionCount; } $content .= "<br><font class=\"content\"><a href=\"modules.php?name=Surveys&op=results&pollID=$pollID&mode=$cookie[4]&order=$cookie[5]&thold=$cookie[6]\"><b>"._RESULTS."</b></a><br><a href=\"modules.php?name=Surveys\"><b>"._POLLS."</b></a><br>"; if ($pollcomm) { $numcom = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_pollcomments WHERE pollID='$pollID'")); $content .= "<br>"._VOTES.": <b>$sum</b> <br> "._PCOMMENTS." <b>$numcom</b>\n\n"; } else { $content .= "<br>"._VOTES." <b>$sum</b>\n\n"; } $content .= "</font></center></form>\n\n"; } ?> /****************************************************************/ /* Login */ /****************************************************************/ <?php if (eregi("block-Login.php", $_SERVER['PHP_SELF'])) { Header("Location: index.php"); die(); } global $admin, $user, $sitekey, $gfx_chk; mt_srand ((double)microtime()*1000000); $maxran = 1000000;
Page 20
$random_num = mt_rand(0, $maxran); $content = "<form action=\"modules.php?name=Your_Account\" method=\"post\">"; $content .= "<center><font class=\"content\">"._NICKNAME."<br>"; $content .= "<input type=\"text\" name=\"username\" size=\"10\" maxlength=\"25\"><br>"; $content .= ""._PASSWORD."<br>"; $content .= "<input type=\"password\" name=\"user_password\" size=\"10\" maxlength=\"20\"><br>"; if (extension_loaded("gd") AND ($gfx_chk == 2 OR $gfx_chk == 4 OR $gfx_chk == 5 OR $gfx_chk == 7)) { $content .= ""._SECURITYCODE.": <img src='modules.php?name=Your_Account&op=gfx&random_num=$random_num' border='1' alt='"._SECURITYCODE."' title='"._SECURITYCODE."'><br>\n"; $content .= ""._TYPESECCODE."<br><input type=\"text\" NAME=\"gfx_check\" SIZE=\"7\" MAXLENGTH=\"6\">\n"; $content .= "<input type=\"hidden\" name=\"random_num\" value=\"$random_num\"><br>\n"; } else { $content .= "<input type=\"hidden\" name=\"random_num\" value=\"$random_num\">"; $content .= "<input type=\"hidden\" name=\"gfx_check\" value=\"$code\">"; } $content .= "<input type=\"hidden\" name=\"op\" value=\"login\">"; $content .= "<input type=\"submit\" value=\""._LOGIN."\"></font></center></form>"; $content .= "<center><font class=\"content\">"._ASREGISTERED."</font></center>"; if (is_admin($admin) AND is_user($user)) { $content = "<center>"._ADMIN."<br>[ <a href=\"admin.php?op=logout\">"._LOGOUT."</a> ]</center>"; } ?> /****************************************************************/ /* Admin */ /****************************************************************/ <?php if(stristr($_SERVER["QUERY_STRING"],'AddAuthor') || stristr($_SERVER["QUERY_STRING"],'UpdateAuthor')) { die("Illegal Operation"); } $checkurl = $_SERVER['REQUEST_URI']; if ((preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) { echo "die"; exit; } require_once("mainfile.php"); get_lang(admin); function create_first($name, $url, $email, $pwd, $user_new) { global $prefix, $db, $user_prefix; $first = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors")); if ($first == 0) { $pwd = md5($pwd); $the_adm = "God";
Page 21
$db->sql_query("INSERT INTO ".$prefix."_authors VALUES ('$name', '$the_adm', '$url', '$email', '$pwd', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '1', '')"); if ($user_new == 1) { $user_regdate = date("M d, Y"); $user_avatar = "gallery/blank.gif"; $commentlimit = 4096; if ($url == "http://") { $url = ""; } $db->sql_query("INSERT INTO ".$user_prefix."_users (user_id, username, user_email, user_website, user_avatar, user_regdate, user_password, theme, commentmax, user_level, user_lang, user_dateformat) VALUES (NULL,'$name','$email','$url','$user_avatar','$user_regdate','$pwd','$Default_Theme','$commentlimit', '2', 'english','D M d, Y g:i a')"); } login(); } } $the_first = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors")); if ($the_first == 0) { if (!$name) { include("header.php"); title("$sitename: "._ADMINISTRATION.""); OpenTable(); echo "<center><b>"._NOADMINYET."</b></center><br><br>" ."<form action=\"admin.php\" method=\"post\">" ."<table border=\"0\">" ."<tr><td><b>"._NICKNAME.":</b></td><td><input type=\"text\" name=\"name\" size=\"30\" maxlength=\"25\"></td></tr>" ."<tr><td><b>"._HOMEPAGE.":</b></td><td><input type=\"text\" name=\"url\" size=\"30\" maxlength=\"255\" value=\"http://\"></td></tr>" ."<tr><td><b>"._EMAIL.":</b></td><td><input type=\"text\" name=\"email\" size=\"30\" maxlength=\"255\"></td></tr>" ."<tr><td><b>"._PASSWORD.":</b></td><td><input type=\"password\" name=\"pwd\" size=\"11\" maxlength=\"10\"></td></tr>" ."<tr><td colspan=\"2\">"._CREATEUSERDATA." <input type=\"radio\" name=\"user_new\" value=\"1\" checked>"._YES." <input type=\"radio\" name=\"user_new\" value=\"0\">"._NO."</td></tr>" ."<tr><td><input type=\"hidden\" name=\"fop\" value=\"create_first\">" ."<input type=\"submit\" value=\""._SUBMIT."\">" ."</td></tr></table></form>"; CloseTable(); include("footer.php"); } switch($fop) { case "create_first": create_first($name, $url, $email, $pwd, $user_new); break; } die(); } require("auth.php"); if(!isset($op)) { $op = "adminMain"; } $pagetitle = "- "._ADMINMENU."";
Page 22
/* Fungsi Login */ function login() { global $gfx_chk; include ("header.php"); mt_srand ((double)microtime()*1000000); $maxran = 1000000; $random_num = mt_rand(0, $maxran); OpenTable(); echo "<center><font class=\"title\"><b>"._ADMINLOGIN."</b></font></center>"; CloseTable(); echo "<br>"; OpenTable(); echo "<form action=\"admin.php\" method=\"post\">" ."<table border=\"0\">" ."<tr><td>"._ADMINID."</td>" ."<td><input type=\"text\" NAME=\"aid\" SIZE=\"20\" MAXLENGTH=\"25\"></td></tr>" ."<tr><td>"._PASSWORD."</td>" ."<td><input type=\"password\" NAME=\"pwd\" SIZE=\"20\" MAXLENGTH=\"18\"></td></tr>"; if (extension_loaded("gd") AND ($gfx_chk == 1 OR $gfx_chk == 5 OR $gfx_chk == 6 OR $gfx_chk == 7)) { echo "<tr><td colspan='2'>"._SECURITYCODE.": <img src='admin.php?op=gfx&random_num=$random_num' border='1' alt='"._SECURITYCODE."' title='"._SECURITYCODE."'></td></tr>" ."<tr><td colspan='2'>"._TYPESECCODE.": <input type=\"text\" NAME=\"gfx_check\" SIZE=\"7\" MAXLENGTH=\"6\"></td></tr>"; } echo "<tr><td>" ."<input type=\"hidden\" NAME=\"random_num\" value=\"$random_num\">" ."<input type=\"hidden\" NAME=\"op\" value=\"login\">" ."<input type=\"submit\" VALUE=\""._LOGIN."\">" ."</td></tr></table>" ."</form>"; CloseTable(); include ("footer.php"); } function gfx($random_num) { global $prefix, $db; require("config.php"); $datekey = date("F j"); $rcode = hexdec(md5($_SERVER[HTTP_USER_AGENT] . $sitekey . $random_num . $datekey)); $code = substr($rcode, 2, 6); $image = ImageCreateFromJPEG("images/admin/code_bg.jpg"); $text_color = ImageColorAllocate($image, 80, 80, 80); Header("Content-type: image/jpeg"); ImageString ($image, 5, 12, 2, $code, $text_color); ImageJPEG($image, '', 75); ImageDestroy($image); die(); } function deleteNotice($id) { global $prefix, $db;
Page 23
$id = intval($id); $db->sql_query("DELETE FROM ".$prefix."_reviews_add WHERE id = '$id'"); Header("Location: admin.php?op=reviews"); } /* Fungsi Administration Menu */ function adminmenu($url, $title, $image) { global $counter, $admingraphic, $Default_Theme; $ThemeSel = get_theme(); if (file_exists("themes/$ThemeSel/images/admin/$image")) { $image = "themes/$ThemeSel/images/admin/$image"; } else { $image = "images/admin/$image"; } if ($admingraphic == 1) { $img = "<img src=\"$image\" border=\"0\" alt=\"$title\" title=\"$title\"></a><br>"; $close = ""; } else { $img = ""; $close = "</a>"; } echo "<td align=\"center\" valign=\"top\" width=\"16%\"><font class=\"content\"><a href=\"$url\">$img<b>$title</b>$close<br><br></font></td>"; if ($counter == 5) { echo "</tr><tr>"; $counter = 0; } else { $counter++; } } function GraphicAdmin() { global $aid, $admingraphic, $language, $admin, $prefix, $db; $newsubs = $db->sql_numrows($db->sql_query("SELECT qid FROM ".$prefix."_queue")); $row = $db->sql_fetchrow($db->sql_query("SELECT radminarticle,radmintopic,radminuser,radminsurvey,radminlink,radminfaq,radmindownload,radminreviews,radminnewsletter,radminforum,radmincontent,radminency,radminsuper FROM ".$prefix."_authors WHERE aid='$aid'")); $radminarticle = intval($row['radminarticle']); $radmintopic = intval($row['radmintopic']); $radminsurvey = intval($row['radminsurvey']); $radmindownload = intval($row['radmindownload']); $radmincontent = intval($row['radmincontent']); $radminency = intval($row['radminency']); $radminsuper = intval($row['radminsuper']); OpenTable(); echo "<center><a href=\"admin.php\"><font class='title'>"._ADMINMENU."</font></a>"; echo "<br><br>"; echo"<table border=\"0\" width=\"100%\" cellspacing=\"1\"><tr>"; $linksdir = dir("admin/links"); while($func=$linksdir->read()) { if(substr($func, 0, 6) == "links.") { $menulist .= "$func "; } }
Page 24
closedir($linksdir->handle); $menulist = explode(" ", $menulist); sort($menulist); for ($i=0; $i < sizeof($menulist); $i++) { if($menulist[$i]!="") { $counter = 0; include($linksdir->path."/$menulist[$i]"); } } adminmenu("admin.php?op=logout", ""._ADMINLOGOUT."", "logout.gif"); echo"</tr></table></center>"; CloseTable(); echo "<br>"; } /* Fungsi Administration Main */ function adminMain() { global $language, $admin, $aid, $prefix, $file, $db, $sitename, $user_prefix; include ("header.php"); $dummy = 0; $Today = getdate(); $month = $Today['month']; $mday = $Today['mday']; $year = $Today['year']; $pmonth = $Today['month']; $pmday = $Today['mday']; $pmday = $mday-1; $pyear = $Today['year']; if ($pmonth=="January") { $pmonth=1; } else if ($pmonth=="February") { $pmonth=2; } else if ($pmonth=="March") { $pmonth=3; } else if ($pmonth=="April") { $pmonth=4; } else if ($pmonth=="May") { $pmonth=5; } else if ($pmonth=="June") { $pmonth=6; } else if ($pmonth=="July") { $pmonth=7; } else if ($pmonth=="August") { $pmonth=8; } else if ($pmonth=="September") { $pmonth=9; } else if ($pmonth=="October") { $pmonth=10; } else if ($pmonth=="November") { $pmonth=11; } else if ($pmonth=="December") { $pmonth=12; }; $test = mktime (0,0,0,$pmonth,$pmday,$pyear,1); $curDate2 = "%".$month[0].$month[1].$month[2]."%".$mday."%".$year."%"; $preday = strftime ("%d",$test); $premonth = strftime ("%B",$test); $preyear = strftime ("%Y",$test); $curDateP = "%".$premonth[0].$premonth[1].$premonth[2]."%".$preday."%".$preyear."%"; GraphicAdmin(); $aid = substr("$aid", 0,25); $row = $db->sql_fetchrow($db->sql_query("SELECT radminarticle, radminsuper, admlanguage FROM ".$prefix."_authors WHERE aid='$aid'")); $radminarticle = intval($row['radminarticle']); $radminsuper = intval($row['radminsuper']); $admlanguage = $row['admlanguage']; if ($admlanguage != "" ) { $queryalang = "WHERE alanguage='$admlanguage' "; } else {
Page 25
$queryalang = ""; } $row2 = $db->sql_fetchrow($db->sql_query("SELECT main_module from ".$prefix."_main")); $main_module = $row2['main_module']; OpenTable(); echo "<center><b>$sitename: "._DEFHOMEMODULE."</b><br><br>" .""._MODULEINHOME." <b>$main_module</b><br>[ <a href=\"admin.php?op=modules\">"._CHANGE."</a> ]</center>"; CloseTable(); echo "<br>"; OpenTable(); $guest_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='1'")); $member_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='0'")); $who_online_num = $guest_online_num + $member_online_num; $who_online = "<center><font class=\"option\">"._WHOSONLINE."</font><br><br><font class=\"content\">"._CURRENTLY." $guest_online_num "._GUESTS." $member_online_num "._MEMBERS."<br>"; $row3 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount from $user_prefix"._users." WHERE user_regdate LIKE '$curDate2'")); $userCount = $row3['userCount']; $row4 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount FROM $user_prefix"._users." WHERE user_regdate LIKE '$curDateP'")); $userCount2 = $row4['userCount']; echo "<center>$who_online<br>" .""._BTD.": <b>$userCount</b> - "._BYD.": <b>$userCount2</b></center>"; CloseTable(); echo "<br>"; OpenTable(); echo "<center><b>"._AUTOMATEDARTICLES."</b></center><br>"; $count = 0; $result5 = $db->sql_query("SELECT anid, aid, title, time, alanguage FROM ".$prefix."_autonews $queryalang ORDER BY time ASC"); while ($row5 = $db->sql_fetchrow($result5)) { $anid = intval($row5['anid']); $aid = $row5['aid']; $said = substr("$aid", 0,25); $title = $row5['title']; $time = $row5['time']; $alanguage = $row5['alanguage']; if ($alanguage == "") { $alanguage = ""._ALL.""; } if ($anid != "") { if ($count == 0) { echo "<table border=\"1\" width=\"100%\">"; $count = 1; } $time = ereg_replace(" ", "@", $time); if (($radminarticle==1) OR ($radminsuper==1)) { if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) { echo "<tr><td nowrap> (<a href=\"admin.php?op=autoEdit&anid=$anid\">"._EDIT."</a>-<a href=\"admin.php?op=autoDelete&anid=$anid\">"._DELETE."</a>) </td><td width=\"100%\"> $title </td><td
Page 26
align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */ } else { echo "<tr><td> ("._NOFUNCTIONS.") </td><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */ } } else { echo "<tr><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */ } } } if (($anid == "") AND ($count == 0)) { echo "<center><i>"._NOAUTOARTICLES."</i></center>"; } if ($count == 1) { echo "</table>"; } CloseTable(); echo "<br>"; OpenTable(); echo "<center><b>"._LAST." 20 "._ARTICLES."</b></center><br>"; $result6 = $db->sql_query("SELECT sid, aid, title, time, topic, informant, alanguage FROM ".$prefix."_stories $queryalang ORDER BY time DESC LIMIT 0,20"); echo "<center><table border=\"1\" width=\"100%\" bgcolor=\"$bgcolor1\">"; while ($row6 = $db->sql_fetchrow($result6)) { $sid = intval($row6['sid']); $aid = $row6['aid']; $said = substr("$aid", 0,25); $title = $row6['title']; $time = $row6['time']; $topic = $row6['topic']; $informant = $row6['informant']; $row7 = $db->sql_fetchrow($db->sql_query("SELECT topicname FROM ".$prefix."_topics WHERE topicid='$topic'")); $topicname = $row7['topicname']; if ($alanguage == "") { $alanguage = ""._ALL.""; } formatTimestamp($time); echo "<tr><td align=\"right\"><b>$sid</b>" ."</td><td align=\"left\" width=\"100%\"><a href=\"modules.php?name=News&file=article&sid=$sid\">$title</a>" ."</td><td align=\"center\">$alanguage" ."</td><td align=\"right\">$topicname"; if (($radminarticle==1) OR ($radminsuper==1)) { if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) { echo "</td><td align=\"right\" nowrap>(<a href=\"admin.php?op=EditStory&sid=$sid\">"._EDIT."</a>-<a href=\"admin.php?op=RemoveStory&sid=$sid\">"._DELETE."</a>)" ."</td></tr>"; } else { echo "</td><td align=\"right\" nowrap><font class=\"content\"><i>("._NOFUNCTIONS.")</i></font>"
Page 27
."</td></tr>"; } } else { echo "</td></tr>"; } } echo "</table>"; if (($radminarticle==1) OR ($radminsuper==1)) { echo "<center>" ."<form action=\"admin.php\" method=\"post\">" .""._STORYID.": <input type=\"text\" NAME=\"sid\" SIZE=\"10\">" ."<select name=\"op\">" ."<option value=\"EditStory\" SELECTED>"._EDIT."</option>" ."<option value=\"RemoveStory\">"._DELETE."</option>" ."</select>" ."<input type=\"submit\" value=\""._GO."\">" ."</form></center>"; } CloseTable(); $row8 = $db->sql_fetchrow($db->sql_query("SELECT pollID, pollTitle FROM ".$prefix."_poll_desc WHERE artid='0' ORDER BY pollID DESC LIMIT 1")); $pollID = intval($row8['pollID']); $pollTitle = $row8['pollTitle']; echo "<br>"; OpenTable(); echo "<center><b>"._CURRENTPOLL.":</b> $pollTitle [ <a href=\"admin.php?op=polledit&pollID=$pollID\">"._EDIT."</a> | <a href=\"admin.php?op=create\">"._ADD."</a> ]</center>"; CloseTable(); include ("footer.php"); } if($admintest) { switch($op) { case "do_gfx": do_gfx(); break; case "deleteNotice": deleteNotice($id); break; case "GraphicAdmin": GraphicAdmin(); break; case "adminMain": adminMain(); break; case "logout": setcookie("admin"); $admin = ""; include("header.php"); OpenTable();
Page 28
echo "<center><font class=\"title\"><b>"._YOUARELOGGEDOUT."</b></font></center>"; CloseTable(); include("footer.php"); break; case "login"; unset($op); default: $casedir = dir("admin/case"); while($func=$casedir->read()) { if(substr($func, 0, 5) == "case.") { include($casedir->path."/$func"); } } closedir($casedir->handle); break; } } else { switch($op) { case "gfx": gfx($random_num); break; default: login(); break; } } ?> /****************************************************************/ /* Modul */ /****************************************************************/ <?php require_once("mainfile.php"); $module = 1; $name = trim($name); if (isset($name)) { if (eregi("http\:\/\/", $name)) { die("Hi and Bye"); } global $nukeuser, $db, $prefix;
Page 29
$user = addslashes($user); $nukeuser = base64_decode($user); $result = $db->sql_query("SELECT active, view FROM ".$prefix."_modules WHERE title='$name'"); $row = $db->sql_fetchrow($result); $mod_active = intval($row['active']); $view = intval($row['view']); if (($mod_active == 1) OR ($mod_active == 0 AND is_admin($admin))) { if (!isset($mop)) { $mop="modload"; } if (!isset($file)) { $file="index"; } if (ereg("\.\.",$name) || ereg("\.\.",$file) || ereg("\.\.",$mop)) { echo "You are so cool..."; } else { $ThemeSel = get_theme(); if (file_exists("themes/$ThemeSel/modules/$name/".$file.".php")) { $modpath = "themes/$ThemeSel/"; } else { $modpath = ""; } if ($view == 0) { $modpath .= "modules/$name/".$file.".php"; if (file_exists($modpath)) { include($modpath); } else { die ("Sorry, such file doesn't exist..."); } } else if ($view == 1 AND is_user($user) OR is_group($user, $name) OR is_admin($admin)) { $modpath .= "modules/$name/".$file.".php"; if (file_exists($modpath)) { include($modpath); } else { die ("Sorry, such file doesn't exist..."); } } elseif ($view == 1 AND !is_user($user) AND !is_admin($admin)) { $pagetitle = "- "._ACCESSDENIED.""; include("header.php"); title("$sitename: "._ACCESSDENIED.""); OpenTable(); echo "<center><b>"._RESTRICTEDAREA."</b><br><br>" .""._MODULEUSERS.""; $result2 = $db->sql_query("SELECT mod_group FROM ".$prefix."_modules WHERE title='$name'"); $row2 = $db->sql_fetchrow($result2); if ($row2[mod_group] != 0) { $result3 = $db->sql_query("SELECT name FROM ".$prefix."_groups WHERE id='$row2[mod_group]'"); $row3 = $db->sql_fetchrow($result3); echo ""._ADDITIONALYGRP.": <b>$row3[name]</b><br><br>"; } echo ""._GOBACK.""; CloseTable(); include("footer.php"); die(); } else if ($view == 2 AND is_admin($admin)) { $modpath .= "modules/$name/".$file.".php"; if (file_exists($modpath)) {
Page 30
include($modpath); } else { die ("Sorry, such file doesn't exist..."); } } elseif ($view == 2 AND !is_admin($admin)) { $pagetitle = "- "._ACCESSDENIED.""; include("header.php"); title("$sitename: "._ACCESSDENIED.""); OpenTable(); echo "<center><b>"._RESTRICTEDAREA."</b><br><br>" .""._MODULESADMINS."" .""._GOBACK.""; CloseTable(); include("footer.php"); die(); } else if ($view == 3 AND paid()) { $modpath .= "modules/$name/$file.php"; if (file_exists($modpath)) { include($modpath); } else { die ("Sorry, such file doesn't exist..."); } } else { $pagetitle = "- "._ACCESSDENIED.""; include("header.php"); title("$sitename: "._ACCESSDENIED.""); OpenTable(); echo "<center><b>"._RESTRICTEDAREA."</b><br><br>" .""._MODULESSUBSCRIBER.""; if ($subscription_url != "") { echo "<br>"._SUBHERE.""; } echo "<br><br>"._GOBACK.""; CloseTable(); include("footer.php"); die(); } } } else { include("header.php"); OpenTable(); echo "<center>"._MODULENOTACTIVE."<br><br>" .""._GOBACK."</center>"; CloseTable(); include("footer.php"); } } else { die ("Sorry, you can't access this file directly..."); } ?>
Page 31
LAMPIRAN-B
DATABASE
Tabel Topics
Tabel Autonews
Page 32
Tabel user
Tabel Config
Tabel download categories
Page 33
Tabel download_download
Tabel download_editorial
Page 34
Tabel poll_check
Tabel poll_data
Tabel pollcomment
