[mirrors/Kyberia-bloodline.git] / wwwroot / nodes.php

<?php
// output buffering forcing (mx)
if (!empty($_POST['FORCE_OB']) && $_POST['FORCE_OB'] == 'true') ob_start();

//header("Location: http://web.archive.org/web/20020925021139/http://kyberia.sk");
//echo "je to uz uplne v pici. vsetky data su stratene, prajem pekny den :)";
//exit;
error_reporting(1);
//exit;

//starting timer for benchmarking purposes
$timer_start=Time()+SubStr(MicroTime(),0,8);

//setting PHPSESSID cookie and starting user session
session_start();


if ($_SESSION['debugging']) {

    error_reporting(E_ALL);
    echo "GET VARIABLES::<br/>";
    print_r($_GET);
    echo "POST VARIABLES::<br/>";
    print_r($_POST);
    echo "<b>SESSION VARIABLES::</b><br/>";
    print_r($_SESSION);
}

//requiring main config file with path/database etc. constants
require('config/config.inc');
require(INCLUDE_DIR.'senate.inc');

preg_match("/id\/(.*)\//",$_SERVER['HTTP_REFERER'],$ref_match);
$referer_id=$ref_match[1];

//connecting to database and creating universal $db object
require(INCLUDE_DIR.'log.inc');
require(INCLUDE_DIR.'ubik.inc');
require(INCLUDE_DIR.'nodes.inc');
require(INCLUDE_DIR.'error_messages.inc');
require(INCLUDE_DIR.'database.inc');

$db = new CLASS_DATABASE();
$log = new log; //XXX

if (!empty($_GET['template_id'])) {
	$template_id=$_GET['template_id'];
}
else $template_id=false;

//initializing node methods
if (!empty($_GET['node_name'])) {
	$node  = nodes::redirByName($_GET['node_name']);
}
elseif (!empty($_GET['node_id'])) {
	$node = nodes::getNodeById($_GET['node_id'],$_SESSION['user_id']);
}

//loading smarty template engine and setting main parameters
require(SMARTY_DIR.'Smarty.class.php');
$smarty = new Smarty;

$smarty->template_dir = TEMPLATE_DIR.TEMPLATE_SET;
//echo TEMPLATE_DIR.TEMPLATE_SET;
//echo $smarty->template_dir;
$smarty->compile_dir = SYSTEM_ROOT."data/templates_c/".TEMPLATE_SET;
$smarty->config_dir = SMARTY_DIR.'configs/';
$smarty->cache_dir = SMARTY_DIR.'cache/';
$smarty->plugins_dir = SMARTY_PLUGIN_DIR ;
if ($_SESSION['debugging']) $smarty->debugging=true;

//initializing variables
if (empty($_POST['event'])) $event=false;
else $event=$_POST['event'];


if ($_SESSION['debugging']) {
	echo "<pre><b>NODE::";
	print_r($node);
	echo "</pre>";
}

if ($node['node_creator']==$_SESSION['user_id']) $node['node_permission']='owner';

if ($_SESSION['cube_vector']) {
	if (strpos($node['node_vector'],$_SESSION['cube_vector'])===false) {
		echo "node::".$node['node_vector'];
		echo "cube_Vector::".$_SESSION['cube_vector'];
		echo "you are out of allowed cwbe. access forbidden";
		die();
	}
}

//if not existent node show our own 404
if (empty($node)) {
	$nodes= nodes::getNodesByName($_GET['node_name']);
	if ($nodes) {
		$smarty->assign('nodes',$nodes);
		$content=$smarty->display("404.tpl");
		die();
	}
	elseif ($_SESSION['user_id']) {
		$smarty->assign('node_name',$_GET['node_name']);
		$content=$smarty->display("modules/addnode.tpl");
	}
}

//modifying node glass pearl
if (is_array($children_types[$node['node_type']])) $smarty->assign('children_types',$children_types[$node['node_type']]);
$smarty->assign('types',$types);


//$node['node_type']=$types[$node['node_type']];
$node['node_content']=StripSlashes($node['node_content']);
$node['node_name']=StripSlashes($node['node_name']);

//checking permissions
function _checkPermissions()
{
	global $permissions, $node;

	require(INCLUDE_DIR.'permissions.inc');
	$permissions=permissions::checkPermissions($node);
	$permissions['h']=permissions::isHierarch($node);
}

// mail rss
if ($template_id=='rss')
{
	$_feedType = "RSS0.91";
	if (!is_numeric($_SESSION['user_id']))
	{
		if (!isset($_SERVER['PHP_AUTH_USER'])) {
			header('WWW-Authenticate: Basic realm="Kyberia"');
			header('HTTP/1.0 401 Unauthorized');
			echo 'Cancel button';
			exit;
		}
		else
		{
			require_once(EVENT_DIR.'/login.inc');
			$_POST['login'] = $_SERVER['PHP_AUTH_USER'];
			$_POST['password'] = $_SERVER['PHP_AUTH_PW'];
			$_POST['login_type'] = "name";
			if (!login())
			{
				echo "Zle meno/heslo.";
				exit();
			}
		}
	}

	_checkPermissions();

	// Mail
	if ($_GET['node_id']==='24' && $permissions['r'])
	{
	   require_once(INCLUDE_DIR.'/feedcreator.class.php');

	   $rss =& new UniversalFeedCreator();
	   $rss->title = "Kyberia mail";
	   $rss->description = "";
	   $rss->link = "https://kyberia.sk/id/24";

	   $query = "select date_format(mail.mail_timestamp,\"%e.%c. %k:%i:%s\") as cas,
   userfrom.user_action as locationfrom_action,
   userfrom.user_action_id as locationfrom_action_id,
   userto.user_action as locationto_action,
   userto.user_action_id as locationto_action_id,
   userto.login as mail_to_name, userfrom.login as mail_from_name,
   mail.* from mail left join users as userfrom on
   mail_from=userfrom.user_id left join users as userto on mail_to=userto.user_id
   where mail_user='$_SESSION[user_id]' and mail_to='$_SESSION[user_id]' order by mail_id desc limit 0,10";

	   $set = $db->query($query);

	   while($set->next()) {
		   $m = $set->getRecord();
		   if ($m['mail_to'] != $_SESSION['user_id'])
			   continue;
		   $item =& new FeedItem();
		   $item->title = $m['mail_from_name'];
		   $item->link = "https://kyberia.sk/id/24";
		   $item->description = $m['mail_text'];
		   $rss->addItem($item);
	   }
	}
	// bookmarks
	elseif ($_GET['node_id']=='19' && $permissions['r'])
	{
		require_once(INCLUDE_DIR.'/feedcreator.class.php');

		$rss =& new UniversalFeedCreator();
		$rss->title = "Kyberia bookmarks";
		$rss->link = "http://kyberia.sk/id/19";

		require_once(SMARTY_PLUGIN_DIR.'/function.get_bookmarks.php');
		smarty_function_get_bookmarks(array(), $smarty);
		$_items = $smarty->get_template_vars('get_bookmarks');
		foreach ($_items as $_item)
		{
			if (is_array($_item['children']))
				foreach ($_item['children'] as $_b)
				{
					$item =& new FeedItem();
					$item->title = $_b['node_name'];
					$item->link = "http://kyberia.sk/id/".$_b['node_id']."/rss";
					$rss->addItem($item);
				}
		}
		$_feedType = 'OPML';
	}
	elseif ($permissions['r'])
	{
		require_once(INCLUDE_DIR.'/feedcreator.class.php');

		$rss =& new UniversalFeedCreator();
		$rss->title = $node['node_name'];
		$rss->description = "";
		$rss->link = "http://kyberia.sk/id/".$node['node_id'];

		// K list
		if ($_GET['node_id']=='15')
		{
			require_once(SMARTY_PLUGIN_DIR.'/function.get_k.php');
			smarty_function_get_k(array(), $smarty);
			$_items = $smarty->get_template_vars('get_k');
		}
		else
		{
			require_once(SMARTY_PLUGIN_DIR.'/function.get_children.php');
			smarty_function_get_children(
				array('orderby' => 'desc', 'orderby_type' => 'time'), $smarty);
			$_items = $smarty->get_template_vars('get_children');
		}

		foreach ($_items as $_item)
		{
			$item =& new FeedItem();
			$item->title = $_item['node_name'];
			$item->link = "http://kyberia.sk/id/".$_item['node_id'];
			$item->description = $_item['node_content'];
			$rss->addItem($item);
		}
	}

	if ($permissions['r']) $rss->showFeed($_feedType);
	exit();
}

_checkPermissions();

//entering the node

//sventest
if (($permissions['r']) || ($event != 'register')) {

//performing node_events (based on update/insert/delete db queries)
if ($event) {
	require(INCLUDE_DIR.'eventz.inc');
}

elseif ($transaction) {
	require(INCLUDE_DIR.'transaction.inc');
}
//end of performing node events

//sventest
}


if ($permissions['r']) {

//these 4 lines are not the source of kyberia lagging problems. leave them. started on the 10.4. data gained will be used for scientific purposes
if ($_SESSION['user_id']) {
	$q="insert delayed into levenshtein set user_id='".$_SESSION['user_id']."',node_id='".$node['node_id']."'";
	$db->update($q);
}

//if node is css
if ($node['template_id']!='2019721'){

	$log->log('enter',$node['node_id'],'ok',$node['node_user_subchild_count']);
	if (!empty($_SESSION['user_id']) && is_numeric($node['node_id'])) {
		$q="update node_access set visits=visits+1,node_user_subchild_count='0',last_visit=NOW() where node_id='".$node['node_id']."' and user_id='".$_SESSION['user_id']."'";
//		echo $q;
		$result=$db->update($q);

		if (!$result) {
			$q="insert into node_access set user_id='".$_SESSION['user_id']."',node_id='".$node['node_id']."',last_visit=NOW()";
			$db->query($q);
	}
}//end of if node os css
}


	}
// DO NOT MESS WITH THIS !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
//creating neural network
$db->update("update nodes set node_views=node_views+1 where node_id='".$node['node_id']."'");
if (is_numeric($referer_id)) {
	$q="update neurons set synapse=synapse+1 where dst='".$node['node_id']."' and src='$referer_id'";
	$result=$db->update($q);
	if (!$result) {
		$q="insert into neurons set synapse_creator='".$_SESSION['user_id']."',dst='".$node['node_id']."',src='$referer_id',synapse=1";
		$db->query($q);
		}
}


elseif (!$permissions['r'] && $_GET['magic_word']) {
	$magic_word_big=$_GET['magic_word'];

	if ( preg_match("/(\d+)-(.+)/",$_GET['magic_word'],$mu)) {
		$magic_uid=$mu['1'];
		$magic_word=addslashes($mu['2']);
		$q="select login from users where user_id='$magic_uid' and magic_word='$magic_word'";
		$set=$db->query($q);
		if ($set->getNumRows()) {
			$permissions['r']=true;
		}
	}
}


else {
	$log->log('enter',$node['node_id'],'failed'); XXX
}


//assigning user data to smarty if user logged in
if ($user_id=$_SESSION['user_id']) {
	$smarty->assign('_POST',$_POST);
	$smarty->assign('bookmarks',$_SESSION['bookmarks']);
	$smarty->assign('ignore',$_SESSION['ignore']);
	$smarty->assign('bookstyl',$_SESSION['bookstyl']);
	$smarty->assign('fook',$_SESSION['fook']);
	$smarty->assign('user_id',$_SESSION['user_id']);
	if (!empty($_SESSION['cube_vector'])) $smarty->assign('cube_vector',$_SESSION['cube_vector']);
        $smarty->assign('friends',$_SESSION['friends']); //req by freezy, done by darkaural
	$smarty->assign('user_quota',$_SESSION['user_quota']);
	$newmailset=$db->query("select user_mail,user_mail_name,user_k,k_wallet from users where user_id='$user_id'");
	$newmailset->next();
	$new_mail=$newmailset->getString('user_mail');
	$newmailset2 = $db->query("select users.user_mail_id,mailsender.login
 from users left join users as mailsender on users.user_mail_id = mailsender.user_id where users.user_id = '$user_id'");
	$newmailset2->next();
	$smarty->assign('new_mail',$new_mail);
	$smarty->assign('new_mail_name',$newmailset->getString('user_mail_name'));
	$smarty->assign('new_mail_name2',$newmailset2->getString('login'));
	$user_k=$newmailset->getString('user_k');
	$smarty->assign('user_k',$user_k);
	$k_wallet=$newmailset->getString('k_wallet');
	$smarty->assign('k_wallet',$k_wallet);
	$user_id=$_SESSION['user_id'];

	//mail node
	if ($node['node_name']=='mail') {

		//clear new mail message
		if ($new_mail) $db->query("update users set user_mail=0 where user_id='$user_id'");

		//set messages as delivered to recipient
		$set=$db->query("select mail_id,mail_duplicate_id from mail where mail_user='$user_id' and mail_to='$user_id' and mail_read='no'");
		while($set->next()) {
			$db->query("update mail set mail_read='yes' where mail_id='".$set->getString('mail_duplicate_id')."'");
			$db->query("update mail set mail_read='yes' where mail_id='".$set->getString('mail_id')."'");

			$new_messages[$set->getString('mail_id')]=true;
		}
/*
		if (count($new_messages)) {
			$db->query("update mail set mail_read='yes' where mail_user='$user_id' and mail_user=mail_to and mail_read='no'");
			$smarty->assign('new_messages',$new_messages);

        	}
*/
	}
}


if ($node['node_system_access']=='crypto') {
	$smarty->assign('crypto_pass',$_SESSION['crypto'][$node['node_id']]);
}

//hlaska
//$error .= "ocakavajte planovany vypadok okolo 6 hodiny <br>
//s pozdravom br .)";
//$error .= "dnes od 22:00 zurka v subclube! ucast povinna!";

$smarty->assign('error',$error);
$smarty->assign('permissions',$permissions);
$smarty->assign('current_vector',$node['node_vector']);
if ($permissions['r']) $smarty->assign('node',$node);
else {

	$smarty->assign('node',$node);
	//new templates by Dark matter
	$smarty->template_dir=OWN_TEMPLATE_DIR;

	$smarty->display('1549864.tpl');
	$smarty->display('1549885.tpl');
	$smarty->display('630526.tpl');
	die();

	//redirect to mainpage
// looks like poeple totaly hate this redirect!
//	header("Location: /id/1");
}


if ($node['template_id']!='2019721'){
//setting user location
$q="update users set last_action=NOW(),user_location_vector='".$node['node_vector']."',user_action='".addslashes($node['node_name'])."',user_action_id='".$node['node_id']."' where user_id='".$_SESSION['user_id']."'";
$db->executequery($q);
}

$whole_time=SubStr((Time()+SubStr(MicroTime(),0,8)-$timer_start),0,7);
$smarty->assign('whole_time',$whole_time);


if ($template_id=='download' OR $template_id=='download.jpg') {
	if ($permissions['r']) {
	$linkname = SYSTEM_ROOT."/files/".$node['node_id'];
	$filename= readlink($linkname);
	$suffix=preg_replace("/(.*?)\.(.*?)/i","$2",$filename);

	$ext = substr( $filename,-3 );
	if( $filename == "" ) {
	   echo "ERROR: Empty file to download. ";
	   exit;
	} elseif ( ! file_exists( $filename ) ) {
	 	exit;
	};
	switch( strtolower($ext) ){
	   case "pdf": $ctype="application/pdf";              break;
	   case "exe": $ctype="application/octet-stream";      break;
	   case "zip": $ctype="application/zip";              break;
	   case "doc": $ctype="application/msword";            break;
	   case "xls": $ctype="application/vnd.ms-excel";      break;
	   case "ppt": $ctype="application/vnd.ms-powerpoint"; break;
	   case "gif": $ctype="image/gif";                    break;
	   case "png": $ctype="image/png";                    break;
	   case "jpg": $ctype="image/jpg";                    break;
	   default:    $ctype="application/force-download";
	}
	$file=str_replace(" ","_",$node['node_name']).".$ext";
	header("Pragma: public");
	header("Expires: 0");
	header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
	header("Content-Type: $ctype");
	$user_agent = strtolower ($_SERVER["HTTP_USER_AGENT"]);
	if ((is_integer (strpos($user_agent, "msie"))) && (is_integer
	(strpos($user_agent, "win")))) {
	   header( "Content-Disposition: filename=$file;" );
	} else 	{
	   header( "Content-Disposition: attachment;
	filename=$file;" );
	}
	header("Content-Transfer-Encoding: binary");
	header("Content-Length: ".filesize($filename));
	readfile("$filename");
	exit();
	}
	else { echo "you don't have permissions for downloading this data"; die(); }
}

if ($node['template_id']=='2019721'){
Header("Cache-control: max-age=3600");
}else{
Header("Cache-control: no-cache");
Header("Expires:".gmdate("D, d M Y H:i:s")." GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
}


//for cases like search & preview
	$smarty->assign('post_vars',$_POST);
if (!empty($_POST['template_event'])) {
	$smarty->assign('template_event',$_POST['template_event']);

}

//setting listing parameters
        $children_count=$node['node_children_count'];
	$descendant_count=$node['node_descendant_count'];

        if (is_numeric($_POST['listing_amount'])) $listing_amount=$_POST['listing_amount'];
        elseif (!empty($_SESSION['listing_amount'])) $listing_amount=$_SESSION['listing_amount'];
        else $listing_amount=DEFAULT_LISTING_AMOUNT;
	$smarty->assign('listing_amount',$listing_amount);

	if ($_POST['listing_order']) $listing_order=$_POST['listing_order'];
	elseif (!empty($_SESSION['listing_order'])) $listing_order=$_SESSION['listing_order'];
	else $listing_order=DEFAULT_LISTING_ORDER;
	$smarty->assign('listing_order',$listing_order);

	if (is_numeric($_POST['get_children_offset'])) $offset=$_POST['get_children_offset'];
        else $offset=0;


        //movement forward and backward
//	if ($listing_order=='asc' && !$offset) $offset=$descendant_count-$listing_amount;

        if ($_POST['get_children_move']=='<') {
	        $offset=$offset-$listing_amount;
       	      if ($offset<0) $offset=0;
        }
        elseif ($_POST['get_children_move']=='>') {
		$offset=$offset+$listing_amount;
        }
	elseif ($_POST['get_children_move']=='>>') {
        	$offset=$descendant_count-$listing_amount;
       	}

        elseif ($_POST['get_children_move']=='<<') {
               $offset=0;
        }
        if ($offset<0) $offset=0;
        $_POST['offset']=$offset;
        $smarty->assign('offset',$offset);


if ($node['external_link']=='header://svg' && !is_numeric($template_id)) {
	header("Content-Type: image/svg+xml");
}

//show own header
elseif ($_SESSION['header_id']==true) {
	$smarty->assign('header_id',$_SESSION['header_id']);
	$smarty->template_dir=OWN_TEMPLATE_DIR;
	$content=$smarty->fetch($_SESSION['header_id'].".tpl");
	$smarty->template_dir = TEMPLATE_DIR.TEMPLATE_SET;
	//not registered user
	if ($_SESSION['header_id']==2091520) {
		echo $content;
		session_destroy();
		die();
	}
}

$smarty->template_dir=OWN_TEMPLATE_DIR;

if (is_numeric($template_id)) {
	$content.=$smarty->fetch($template_id.".tpl");
}

else {
	$template_id=$node['template_id'];
	$content.=$smarty->fetch($node['template_id'].".tpl");
}

if ($template_id=='2019721'){
	$content=$smarty->fetch($template_id.".tpl");
	echo $content;
}else{
	$time=SubStr((Time()+SubStr(MicroTime(),0,8)-$timer_start),0,7);
	echo $content;
//	echo "<center>page generation took: $time second</center>";
}
//end of displaying

// output buffering forcing (mx)
if (!empty($_POST['FORCE_OB']) && $_POST['FORCE_OB'] == 'true') ob_end_flush();

?>
Commit	Line	Data
51ff3226	1	<?php
	2	// output buffering forcing (mx)
	3	if (!empty($_POST['FORCE_OB']) && $_POST['FORCE_OB'] == 'true') ob_start();
	4
51ff3226	5	//header("Location: http://web.archive.org/web/20020925021139/http://kyberia.sk");
51ff3226	6	//echo "je to uz uplne v pici. vsetky data su stratene, prajem pekny den :)";
51ff3226	7	//exit;
ab8ec5e5	8	error_reporting(1);
51ff3226	9	//exit;
ab8ec5e5	10
51ff3226	11	//starting timer for benchmarking purposes
	12	$timer_start=Time()+SubStr(MicroTime(),0,8);
	13
	14	//setting PHPSESSID cookie and starting user session
	15	session_start();
	16
	17
	18	if ($_SESSION['debugging']) {
	19
	20	error_reporting(E_ALL);
	21	echo "GET VARIABLES::<br/>";
	22	print_r($_GET);
	23	echo "POST VARIABLES::<br/>";
	24	print_r($_POST);
	25	echo "<b>SESSION VARIABLES::</b><br/>";
	26	print_r($_SESSION);
	27	}
	28
	29	//requiring main config file with path/database etc. constants
ab8ec5e5	30	require('config/config.inc');
1757f060	31	require(INCLUDE_DIR.'senate.inc');
51ff3226	32
	33	preg_match("/id\/(.*)\//",$_SERVER['HTTP_REFERER'],$ref_match);
	34	$referer_id=$ref_match[1];
	35
	36	//connecting to database and creating universal $db object
1757f060	37	require(INCLUDE_DIR.'log.inc');
	38	require(INCLUDE_DIR.'ubik.inc');
	39	require(INCLUDE_DIR.'nodes.inc');
	40	require(INCLUDE_DIR.'error_messages.inc');
	41	require(INCLUDE_DIR.'database.inc');
51ff3226	42
e23557a6	43	$db = new CLASS_DATABASE();
e23557a6	44	$log = new log; //XXX
51ff3226	45
	46	if (!empty($_GET['template_id'])) {
	47	$template_id=$_GET['template_id'];
	48	}
	49	else $template_id=false;
	50
	51	//initializing node methods
	52	if (!empty($_GET['node_name'])) {
51ff3226	53	$node = nodes::redirByName($_GET['node_name']);
	54	}
	55	elseif (!empty($_GET['node_id'])) {
	56	$node = nodes::getNodeById($_GET['node_id'],$_SESSION['user_id']);
	57	}
	58
	59	//loading smarty template engine and setting main parameters
	60	require(SMARTY_DIR.'Smarty.class.php');
	61	$smarty = new Smarty;
	62
	63	$smarty->template_dir = TEMPLATE_DIR.TEMPLATE_SET;
	64	//echo TEMPLATE_DIR.TEMPLATE_SET;
	65	//echo $smarty->template_dir;
	66	$smarty->compile_dir = SYSTEM_ROOT."data/templates_c/".TEMPLATE_SET;
	67	$smarty->config_dir = SMARTY_DIR.'configs/';
	68	$smarty->cache_dir = SMARTY_DIR.'cache/';
	69	$smarty->plugins_dir = SMARTY_PLUGIN_DIR ;
	70	if ($_SESSION['debugging']) $smarty->debugging=true;
	71
	72	//initializing variables
	73	if (empty($_POST['event'])) $event=false;
	74	else $event=$_POST['event'];
	75
	76
	77	if ($_SESSION['debugging']) {
	78	echo "<pre><b>NODE::";
	79	print_r($node);
	80	echo "</pre>";
	81	}
	82
	83	if ($node['node_creator']==$_SESSION['user_id']) $node['node_permission']='owner';
	84
	85	if ($_SESSION['cube_vector']) {
	86	if (strpos($node['node_vector'],$_SESSION['cube_vector'])===false) {
	87	echo "node::".$node['node_vector'];
	88	echo "cube_Vector::".$_SESSION['cube_vector'];
	89	echo "you are out of allowed cwbe. access forbidden";
	90	die();
	91	}
	92	}
	93
	94	//if not existent node show our own 404
	95	if (empty($node)) {
	96	$nodes= nodes::getNodesByName($_GET['node_name']);
	97	if ($nodes) {
	98	$smarty->assign('nodes',$nodes);
	99	$content=$smarty->display("404.tpl");
	100	die();
	101	}
	102	elseif ($_SESSION['user_id']) {
	103	$smarty->assign('node_name',$_GET['node_name']);
	104	$content=$smarty->display("modules/addnode.tpl");
	105	}
	106	}
	107
	108	//modifying node glass pearl
	109	if (is_array($children_types[$node['node_type']])) $smarty->assign('children_types',$children_types[$node['node_type']]);
	110	$smarty->assign('types',$types);
	111
	112
	113	//$node['node_type']=$types[$node['node_type']];
	114	$node['node_content']=StripSlashes($node['node_content']);
	115	$node['node_name']=StripSlashes($node['node_name']);
	116
117	//checking permissions
118	function _checkPermissions()
119	{
120	global $permissions, $node;
121
e909f81b	122	require(INCLUDE_DIR.'permissions.inc');
51ff3226	123	$permissions=permissions::checkPermissions($node);
	124	$permissions['h']=permissions::isHierarch($node);
	125	}
	126
	127	// mail rss
	128	if ($template_id=='rss')
	129	{
	130	$_feedType = "RSS0.91";
	131	if (!is_numeric($_SESSION['user_id']))
	132	{
	133	if (!isset($_SERVER['PHP_AUTH_USER'])) {
	134	header('WWW-Authenticate: Basic realm="Kyberia"');
	135	header('HTTP/1.0 401 Unauthorized');
	136	echo 'Cancel button';
	137	exit;
	138	}
	139	else
	140	{
	141	require_once(EVENT_DIR.'/login.inc');
	142	$_POST['login'] = $_SERVER['PHP_AUTH_USER'];
	143	$_POST['password'] = $_SERVER['PHP_AUTH_PW'];
	144	$_POST['login_type'] = "name";
	145	if (!login())
	146	{
	147	echo "Zle meno/heslo.";
	148	exit();
	149	}
	150	}
	151	}
	152
	153	_checkPermissions();
	154
	155	// Mail
	156	if ($_GET['node_id']==='24' && $permissions['r'])
	157	{
	158	require_once(INCLUDE_DIR.'/feedcreator.class.php');
	159
	160	$rss =& new UniversalFeedCreator();
	161	$rss->title = "Kyberia mail";
	162	$rss->description = "";
	163	$rss->link = "https://kyberia.sk/id/24";
	164
	165	$query = "select date_format(mail.mail_timestamp,\"%e.%c. %k:%i:%s\") as cas,
	166	userfrom.user_action as locationfrom_action,
	167	userfrom.user_action_id as locationfrom_action_id,
	168	userto.user_action as locationto_action,
	169	userto.user_action_id as locationto_action_id,
	170	userto.login as mail_to_name, userfrom.login as mail_from_name,
	171	mail.* from mail left join users as userfrom on
	172	mail_from=userfrom.user_id left join users as userto on mail_to=userto.user_id
	173	where mail_user='$_SESSION[user_id]' and mail_to='$_SESSION[user_id]' order by mail_id desc limit 0,10";
	174
	175	$set = $db->query($query);
	176
	177	while($set->next()) {
	178	$m = $set->getRecord();
	179	if ($m['mail_to'] != $_SESSION['user_id'])
	180	continue;
	181	$item =& new FeedItem();
	182	$item->title = $m['mail_from_name'];
	183	$item->link = "https://kyberia.sk/id/24";
	184	$item->description = $m['mail_text'];
	185	$rss->addItem($item);
	186	}
187	}
188	// bookmarks
189	elseif ($_GET['node_id']=='19' && $permissions['r'])
190	{
191	require_once(INCLUDE_DIR.'/feedcreator.class.php');
192
193	$rss =& new UniversalFeedCreator();
194	$rss->title = "Kyberia bookmarks";
195	$rss->link = "http://kyberia.sk/id/19";
196
197	require_once(SMARTY_PLUGIN_DIR.'/function.get_bookmarks.php');
198	smarty_function_get_bookmarks(array(), $smarty);
199	$_items = $smarty->get_template_vars('get_bookmarks');
200	foreach ($_items as $_item)
201	{
202	if (is_array($_item['children']))
203	foreach ($_item['children'] as $_b)
204	{
205	$item =& new FeedItem();
206	$item->title = $_b['node_name'];
207	$item->link = "http://kyberia.sk/id/".$_b['node_id']."/rss";
208	$rss->addItem($item);
209	}
210	}
211	$_feedType = 'OPML';
212	}
213	elseif ($permissions['r'])
214	{
215	require_once(INCLUDE_DIR.'/feedcreator.class.php');
216
217	$rss =& new UniversalFeedCreator();
218	$rss->title = $node['node_name'];
219	$rss->description = "";
220	$rss->link = "http://kyberia.sk/id/".$node['node_id'];
221
222	// K list
223	if ($_GET['node_id']=='15')
224	{
225	require_once(SMARTY_PLUGIN_DIR.'/function.get_k.php');
226	smarty_function_get_k(array(), $smarty);
227	$_items = $smarty->get_template_vars('get_k');
228	}
229	else
230	{
231	require_once(SMARTY_PLUGIN_DIR.'/function.get_children.php');
232	smarty_function_get_children(
233	array('orderby' => 'desc', 'orderby_type' => 'time'), $smarty);
234	$_items = $smarty->get_template_vars('get_children');
235	}
236
237	foreach ($_items as $_item)
238	{
239	$item =& new FeedItem();
240	$item->title = $_item['node_name'];
241	$item->link = "http://kyberia.sk/id/".$_item['node_id'];
242	$item->description = $_item['node_content'];
243	$rss->addItem($item);
244	}
245	}
246
247	if ($permissions['r']) $rss->showFeed($_feedType);
248	exit();
249	}
250
251	_checkPermissions();
252
253	//entering the node
254
255	//sventest
256	if (($permissions['r']) \|\| ($event != 'register')) {
257
258	//performing node_events (based on update/insert/delete db queries)
259	if ($event) {
e909f81b	260	require(INCLUDE_DIR.'eventz.inc');
51ff3226	261	}
	262
	263	elseif ($transaction) {
e909f81b	264	require(INCLUDE_DIR.'transaction.inc');
51ff3226	265	}
	266	//end of performing node events
	267
	268	//sventest
	269	}
	270
	271
	272	if ($permissions['r']) {
	273
	274	//these 4 lines are not the source of kyberia lagging problems. leave them. started on the 10.4. data gained will be used for scientific purposes
	275	if ($_SESSION['user_id']) {
	276	$q="insert delayed into levenshtein set user_id='".$_SESSION['user_id']."',node_id='".$node['node_id']."'";
	277	$db->update($q);
	278	}
	279
	280	//if node is css
	281	if ($node['template_id']!='2019721'){
	282
e23557a6	283	$log->log('enter',$node['node_id'],'ok',$node['node_user_subchild_count']);
51ff3226	284	if (!empty($_SESSION['user_id']) && is_numeric($node['node_id'])) {
	285	$q="update node_access set visits=visits+1,node_user_subchild_count='0',last_visit=NOW() where node_id='".$node['node_id']."' and user_id='".$_SESSION['user_id']."'";
	286	// echo $q;
	287	$result=$db->update($q);
	288
	289	if (!$result) {
	290	$q="insert into node_access set user_id='".$_SESSION['user_id']."',node_id='".$node['node_id']."',last_visit=NOW()";
	291	$db->query($q);
	292	}
	293	}//end of if node os css
	294	}
	295
	296
	297	}
	298	// DO NOT MESS WITH THIS !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
	299	//creating neural network
	300	$db->update("update nodes set node_views=node_views+1 where node_id='".$node['node_id']."'");
	301	if (is_numeric($referer_id)) {
	302	$q="update neurons set synapse=synapse+1 where dst='".$node['node_id']."' and src='$referer_id'";
	303	$result=$db->update($q);
	304	if (!$result) {
	305	$q="insert into neurons set synapse_creator='".$_SESSION['user_id']."',dst='".$node['node_id']."',src='$referer_id',synapse=1";
	306	$db->query($q);
	307	}
	308	}
	309
	310
	311	elseif (!$permissions['r'] && $_GET['magic_word']) {
	312	$magic_word_big=$_GET['magic_word'];
	313
	314	if ( preg_match("/(\d+)-(.+)/",$_GET['magic_word'],$mu)) {
	315	$magic_uid=$mu['1'];
	316	$magic_word=addslashes($mu['2']);
	317	$q="select login from users where user_id='$magic_uid' and magic_word='$magic_word'";
	318	$set=$db->query($q);
	319	if ($set->getNumRows()) {
	320	$permissions['r']=true;
	321	}
	322	}
	323	}
	324
	325
	326
	327
	328
	329	else {
e23557a6	330	$log->log('enter',$node['node_id'],'failed'); XXX
51ff3226	331	}
	332
	333
	334
	335	//assigning user data to smarty if user logged in
	336	if ($user_id=$_SESSION['user_id']) {
	337	$smarty->assign('_POST',$_POST);
	338	$smarty->assign('bookmarks',$_SESSION['bookmarks']);
	339	$smarty->assign('ignore',$_SESSION['ignore']);
	340	$smarty->assign('bookstyl',$_SESSION['bookstyl']);
	341	$smarty->assign('fook',$_SESSION['fook']);
	342	$smarty->assign('user_id',$_SESSION['user_id']);
	343	if (!empty($_SESSION['cube_vector'])) $smarty->assign('cube_vector',$_SESSION['cube_vector']);
	344	$smarty->assign('friends',$_SESSION['friends']); //req by freezy, done by darkaural
	345	$smarty->assign('user_quota',$_SESSION['user_quota']);
	346	$newmailset=$db->query("select user_mail,user_mail_name,user_k,k_wallet from users where user_id='$user_id'");
	347	$newmailset->next();
	348	$new_mail=$newmailset->getString('user_mail');
	349	$newmailset2 = $db->query("select users.user_mail_id,mailsender.login
	350	from users left join users as mailsender on users.user_mail_id = mailsender.user_id where users.user_id = '$user_id'");
	351	$newmailset2->next();
	352	$smarty->assign('new_mail',$new_mail);
	353	$smarty->assign('new_mail_name',$newmailset->getString('user_mail_name'));
	354	$smarty->assign('new_mail_name2',$newmailset2->getString('login'));
	355	$user_k=$newmailset->getString('user_k');
	356	$smarty->assign('user_k',$user_k);
	357	$k_wallet=$newmailset->getString('k_wallet');
	358	$smarty->assign('k_wallet',$k_wallet);
	359	$user_id=$_SESSION['user_id'];
	360
	361	//mail node
	362	if ($node['node_name']=='mail') {
	363
	364	//clear new mail message
	365	if ($new_mail) $db->query("update users set user_mail=0 where user_id='$user_id'");
	366
	367	//set messages as delivered to recipient
	368	$set=$db->query("select mail_id,mail_duplicate_id from mail where mail_user='$user_id' and mail_to='$user_id' and mail_read='no'");
	369	while($set->next()) {
	370	$db->query("update mail set mail_read='yes' where mail_id='".$set->getString('mail_duplicate_id')."'");
	371	$db->query("update mail set mail_read='yes' where mail_id='".$set->getString('mail_id')."'");
	372
	373	$new_messages[$set->getString('mail_id')]=true;
	374	}
	375	/*
	376	if (count($new_messages)) {
	377	$db->query("update mail set mail_read='yes' where mail_user='$user_id' and mail_user=mail_to and mail_read='no'");
	378	$smarty->assign('new_messages',$new_messages);
	379
	380	}
	381	*/
	382	}
	383	}
	384
	385
	386
	387	if ($node['node_system_access']=='crypto') {
	388	$smarty->assign('crypto_pass',$_SESSION['crypto'][$node['node_id']]);
	389	}
	390
	391	//hlaska
	392	//$error .= "ocakavajte planovany vypadok okolo 6 hodiny <br>
	393	//s pozdravom br .)";
	394	//$error .= "dnes od 22:00 zurka v subclube! ucast povinna!";
395
396	$smarty->assign('error',$error);
397	$smarty->assign('permissions',$permissions);
398	$smarty->assign('current_vector',$node['node_vector']);
399	if ($permissions['r']) $smarty->assign('node',$node);
400	else {
401
402	$smarty->assign('node',$node);
403	//new templates by Dark matter
404	$smarty->template_dir=OWN_TEMPLATE_DIR;
405
406	$smarty->display('1549864.tpl');
407	$smarty->display('1549885.tpl');
408	$smarty->display('630526.tpl');
409	die();
410
411	//redirect to mainpage
412	// looks like poeple totaly hate this redirect!
413	// header("Location: /id/1");
414	}
415
416
417	if ($node['template_id']!='2019721'){
418	//setting user location
419	$q="update users set last_action=NOW(),user_location_vector='".$node['node_vector']."',user_action='".addslashes($node['node_name'])."',user_action_id='".$node['node_id']."' where user_id='".$_SESSION['user_id']."'";
420	$db->executequery($q);
421	}
422
423	$whole_time=SubStr((Time()+SubStr(MicroTime(),0,8)-$timer_start),0,7);
424	$smarty->assign('whole_time',$whole_time);
425
426
427	if ($template_id=='download' OR $template_id=='download.jpg') {
428	if ($permissions['r']) {
429	$linkname = SYSTEM_ROOT."/files/".$node['node_id'];
430	$filename= readlink($linkname);
431	$suffix=preg_replace("/(.?)\.(.?)/i","$2",$filename);
432
433	$ext = substr( $filename,-3 );
434	if( $filename == "" ) {
435	echo "ERROR: Empty file to download. ";
436	exit;
437	} elseif ( ! file_exists( $filename ) ) {
438	exit;
439	};
440	switch( strtolower($ext) ){
441	case "pdf": $ctype="application/pdf"; break;
442	case "exe": $ctype="application/octet-stream"; break;
443	case "zip": $ctype="application/zip"; break;
444	case "doc": $ctype="application/msword"; break;
445	case "xls": $ctype="application/vnd.ms-excel"; break;
446	case "ppt": $ctype="application/vnd.ms-powerpoint"; break;
447	case "gif": $ctype="image/gif"; break;
448	case "png": $ctype="image/png"; break;
449	case "jpg": $ctype="image/jpg"; break;
450	default: $ctype="application/force-download";
451	}
452	$file=str_replace(" ","_",$node['node_name']).".$ext";
453	header("Pragma: public");
454	header("Expires: 0");
455	header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
456	header("Content-Type: $ctype");
457	$user_agent = strtolower ($_SERVER["HTTP_USER_AGENT"]);
458	if ((is_integer (strpos($user_agent, "msie"))) && (is_integer
459	(strpos($user_agent, "win")))) {
460	header( "Content-Disposition: filename=$file;" );
461	} else {
462	header( "Content-Disposition: attachment;
463	filename=$file;" );
464	}
465	header("Content-Transfer-Encoding: binary");
466	header("Content-Length: ".filesize($filename));
467	readfile("$filename");
468	exit();
469	}
470	else { echo "you don't have permissions for downloading this data"; die(); }
471	}
472
473	if ($node['template_id']=='2019721'){
474	Header("Cache-control: max-age=3600");
475	}else{
476	Header("Cache-control: no-cache");
477	Header("Expires:".gmdate("D, d M Y H:i:s")." GMT");
478	header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
479	}
480
481
482	//for cases like search & preview
483	$smarty->assign('post_vars',$_POST);
484	if (!empty($_POST['template_event'])) {
485	$smarty->assign('template_event',$_POST['template_event']);
486
487	}
488
489	//setting listing parameters
490	$children_count=$node['node_children_count'];
491	$descendant_count=$node['node_descendant_count'];
492
493	if (is_numeric($_POST['listing_amount'])) $listing_amount=$_POST['listing_amount'];
494	elseif (!empty($_SESSION['listing_amount'])) $listing_amount=$_SESSION['listing_amount'];
495	else $listing_amount=DEFAULT_LISTING_AMOUNT;
496	$smarty->assign('listing_amount',$listing_amount);
497
498	if ($_POST['listing_order']) $listing_order=$_POST['listing_order'];
499	elseif (!empty($_SESSION['listing_order'])) $listing_order=$_SESSION['listing_order'];
500	else $listing_order=DEFAULT_LISTING_ORDER;
501	$smarty->assign('listing_order',$listing_order);
502
503	if (is_numeric($_POST['get_children_offset'])) $offset=$_POST['get_children_offset'];
504	else $offset=0;
505
506
507	//movement forward and backward
508	// if ($listing_order=='asc' && !$offset) $offset=$descendant_count-$listing_amount;
509
510	if ($_POST['get_children_move']=='<') {
511	$offset=$offset-$listing_amount;
512	if ($offset<0) $offset=0;
513	}
514	elseif ($_POST['get_children_move']=='>') {
515	$offset=$offset+$listing_amount;
516	}
517	elseif ($_POST['get_children_move']=='>>') {
518	$offset=$descendant_count-$listing_amount;
519	}
520
521	elseif ($_POST['get_children_move']=='<<') {
522	$offset=0;
523	}
524	if ($offset<0) $offset=0;
525	$_POST['offset']=$offset;
526	$smarty->assign('offset',$offset);
527
528
529	if ($node['external_link']=='header://svg' && !is_numeric($template_id)) {
530	header("Content-Type: image/svg+xml");
531	}
532
533	//show own header
534	elseif ($_SESSION['header_id']==true) {
535	$smarty->assign('header_id',$_SESSION['header_id']);
536	$smarty->template_dir=OWN_TEMPLATE_DIR;
537	$content=$smarty->fetch($_SESSION['header_id'].".tpl");
538	$smarty->template_dir = TEMPLATE_DIR.TEMPLATE_SET;
539	//not registered user
540	if ($_SESSION['header_id']==2091520) {
541	echo $content;
542	session_destroy();
543	die();
544	}
545	}
546
547	$smarty->template_dir=OWN_TEMPLATE_DIR;
548
549	if (is_numeric($template_id)) {
550	$content.=$smarty->fetch($template_id.".tpl");
551	}
552
553	else {
554	$template_id=$node['template_id'];
555	$content.=$smarty->fetch($node['template_id'].".tpl");
556	}
557
558	if ($template_id=='2019721'){
559	$content=$smarty->fetch($template_id.".tpl");
560	echo $content;
561	}else{
562	$time=SubStr((Time()+SubStr(MicroTime(),0,8)-$timer_start),0,7);
563	echo $content;
564	// echo "<center>page generation took: $time second</center>";
565	}
566	//end of displaying
567
568	// output buffering forcing (mx)
569	if (!empty($_POST['FORCE_OB']) && $_POST['FORCE_OB'] == 'true') ob_end_flush();
570
571	?>