F4l0x

1. <?php
2.  
3. error_reporting(E_ALL);
4.  
5. session_start();
6.  
7. include('db_connect.php');
8.  
9. if(isset($_GET['name'])){
10.  
11. if(!isset($_GET['p'])){
12.  
13. header('Location: http://www.' . $_GET['name'] . '.falox.nl/start');
14.  
15. }else{
16.  
17. $page = $_GET['p'];
18.  
19. }
20.  
21. $uQuery = mysql_query("SELECT * FROM users WHERE username = '" . mysql_real_escape_string($_GET['name']) . "' AND NOT type = 4") or die(mysql_error());
22. $uFetch = mysql_fetch_assoc($uQuery);
23.  
24. if(mysql_num_rows($uQuery) == 0){
25.  
26. die('Dit lid is niet gevonden!');
27.  
28. }
29.  
30. if($uFetch['banned_until'] != '0000-00-00 00:00:00' and $uFetch['banned_until'] >= date('Y-m-d H:i:s')){
31.  
32. die('Dit lid is verbannen.');
33.  
34. }
35.  
36. $pQuery = mysql_query("SELECT * FROM pages WHERE title = '" . mysql_real_escape_string($page) . "' AND author = '" . $uFetch['id'] . "'") or die(mysql_error());
37. $pFetch = mysql_fetch_assoc($pQuery);
38.  
39. if(mysql_num_rows($pQuery) == 0){
40.  
41. if($page == '' or $page == '/'){
42.  
43. header('Location: http://www.' . $_GET['name'] . '.falox.nl/start');
44.  
45. }else{
46.  
47. $eQuery = mysql_query("SELECT * FROM pages WHERE title = '404' AND author = '" . mysql_real_escape_string($uFetch['id']) . "'") or die(mysql_error());
48.  
49. if(mysql_num_rows($eQuery) > 0){
50.  
51. $contents = file_get_contents('http://' . $uFetch['username'] . '.falox.nl/404');
52.  
53. echo $contents;
54.  
55. die();
56.  
57. }else{
58.  
59. die('De pagina kon niet worden gevonden.');
60.  
61. }
62.  
63. }
64.  
65. }
66.  
67. ?>
68. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
69. <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
70. <head>
71. <title> - <?php echo $pFetch['title']; ?></title>
72. <meta http-equiv="content-type" content="application/xhtml+xml; charset=UTF-8" />
73. <script type="text/javascript" src="http://falox.nl/js/popups.js"></script>
74. <style type="text/css">
75. body { 
76.     margin: 0;
77.     padding: 0;
78.     font-size: 13px;
79.     font-family: Tahoma;
80.     background-image: url(<?php echo $pFetch['bgimg']; ?>);
81.     background-repeat: <?php echo $pFetch['bgrepeat']; ?>;
82.     background-color: #<?php echo $pFetch['bgcolor']; ?>;
83. }
84. img {
85.     border: 0;
86. }
87. </style>
88. </head>
89. <body>
90.  
91. <?php
92. if($uFetch['show_vote'] == 1){
93.   ?>
94.  
95. <button style="background: #FFFFFF; border: 1px solid #CCCCCC; border-radius: 5px;" onclick="javascript:NewWindow('http://falox.nl/vote.php?id=<?php echo $pFetch['author']; ?>','vote_window','360','208','custom','front');">Geef punten</button>
96.  
97. <?php
98.  
99. }
100.  
101. if($pFetch['bg_music'] != ''){
102.  
103. ?>
104. <object width="0" height="0"><param name="movie" value="http://www.youtube.com/v/<?php echo $pFetch['bg_music']; ?>?fs=1&amp;hl=nl_NL&autoplay=1"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/<?php echo $pFetch['bg_music']; ?>?fs=1&amp;hl=nl_NL&autoplay=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="0" height="0"></embed></object>
105. <?php
106.  
107. }
108.  
109.  
110. $iQuery = mysql_query("SELECT * FROM items WHERE page_id = '" . mysql_real_escape_string($pFetch['id']) . "'") or die(mysql_error());
111.  
112. while($iFetch = mysql_fetch_assoc($iQuery)){
113.  
114. ?>
115.  
116. <div id="item<?php echo $iFetch['id']; ?>" style="position: absolute; left: <?php echo $iFetch['pos_left']; ?>px; top: <?php echo $iFetch['pos_top'] - 40; ?>px; z-index: <?php echo $iFetch['z_index']; ?>;">
117. <div id="item_content<?php echo $iFetch['id']; ?>" style="<?php if($iFetch['width'] != 0){ echo 'width: ' . $iFetch['width'] . 'px;'; } if($iFetch['height'] != 0){ echo 'height: ' . $iFetch['height'] . 'px;'; } ?>  border: <?php if($iFetch['border_color'] != ''){ echo ' #' . $iFetch['border_color']; } if($iFetch['border_width'] != ''){ echo ' ' . $iFetch['border_width'] . 'px'; } if($iFetch['border_style'] != ''){ echo ' ' . htmlspecialchars($iFetch['border_style']); } ?>; <?php if($iFetch['background'] != ''){ echo 'background: #' . htmlspecialchars($iFetch['background']); } ?>">
118. <?php
119.  
120. if($iFetch['type'] == 1) {
121.  
122. echo stripslashes(str_replace('cookie', '', $iFetch['text']));
123.  
124. }elseif($iFetch['type'] == 2){
125.  
126. echo '<img src="' . $iFetch['img_url'] . '" />';
127.  
128. }elseif($iFetch['type'] == 3){
129.  
130. menu($pFetch['author'], $iFetch['id']);
131.  
132. }
133.  
134. ?>
135. </div>
136. </div>
137.  
138. <?php
139.  
140. }
141.  
142. /*
143.  
144. Advertentie:
145.  
146.  
147. <div style="float: right; padding: 2px; z-index: 9999; position: relative;">
148. <?php
149.  
150. $aQuery = mysql_query("SELECT * FROM ads WHERE vertical = 1 AND horizontal = 0 ORDER BY RAND() LIMIT 1") or die(mysql_error());
151. $aFetch = mysql_fetch_assoc($aQuery);
152.  
153. ?>
154. <a href="http://falox.nl/index.php?p=ad&id=<?php echo $aFetch['id']; ?>"><img src="http://falox.nl/img/ads/<?php echo $aFetch['id']; ?>.<?php echo $aFetch['filetype']; ?>" /></a>
155. </div>
156.  
157. */
158.  
159. ?>
160.  
161. </body>
162. </html>
163.  
164. <?php
165.  
166. }
167.  
168. function menu($f_id, $f_item_id)
169. {
170.  
171. $e_id = $f_id;
172. $e_item_id = $f_item_id;
173.  
174. include('editor_menu.php');
175.  
176. }
177.  
178. ?>