Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

GT - Index.php

By: a guest on May 31st, 2012  |  syntax: None  |  size: 10.84 KB  |  views: 25  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. <?php
  2. /*
  3. Template Name: Home Page
  4. */
  5. ?>
  6. <?php
  7. ############################################
  8. ######## ESSENTIAL CORE HEAD START #########
  9. ############################################
  10. $child_dir =  get_stylesheet_directory();
  11. $child_fn_dir = get_stylesheet_directory() . '/library/functions/';
  12. if (file_exists($child_dir.'/child.txt')) {
  13.     $ct_on=1;
  14. } else{$ct_on=0;}
  15.  
  16. if(isset($_REQUEST['ajax']) && $_REQUEST['ajax'] != '')
  17. {
  18.         include_once(TEMPLATEPATH.'/ajax_queries.php');exit;
  19. }else
  20. if(isset($_REQUEST['export']) && $_REQUEST['export'] != '')
  21. {
  22.         include_once(TEMPLATEPATH.'/export.php');exit;
  23. }else
  24. if(isset($_REQUEST['pay_mobile']) && $_REQUEST['pay_mobile'] != '')
  25. {
  26.         include_once(TEMPLATEPATH.'/app/paypal_mobile_response.php');exit;
  27. }else
  28. if(isset($_REQUEST['api']) && $_REQUEST['api'] != '')
  29. {
  30.         include_once(TEMPLATEPATH.'/app/api_get_markers.php');exit;
  31. }else
  32. if(isset($_REQUEST['api_submit']) && $_REQUEST['api_submit'] != '')
  33. {
  34.         include_once(TEMPLATEPATH.'/app/api_submit.php');exit;
  35. }else
  36. if(isset($_REQUEST['ptype']) && $_REQUEST['ptype'] == 'get_markers')
  37. {
  38.         if($ct_on && file_exists($child_dir.'/library/map/get_markers.php')){include_once($child_dir.'/library/map/get_markers.php');exit;}
  39.         else{include_once (TEMPLATEPATH . '/library/map/get_markers.php');exit;}
  40. }else
  41. if(isset($_REQUEST['ptype']) && $_REQUEST['ptype'] == 'ga')
  42. {
  43.         if($ct_on && file_exists($child_dir.'/library/includes/google_analytics.php')){include_once ($child_dir.'/library/includes/google_analytics.php');}
  44. else{include_once (TEMPLATEPATH . '/library/includes/google_analytics.php');}exit;
  45. }else
  46. if(isset($_REQUEST['ptype']) && $_REQUEST['ptype'] == 'calendar')
  47. {
  48.         if($ct_on && file_exists($child_dir.'/library/calendar/calendar.php')){include_once ($child_dir.'/library/calendar/calendar.php');}
  49. else{include_once (TEMPLATEPATH . '/library/calendar/calendar.php');}exit;
  50. }else
  51. if(isset($_REQUEST['ptype']) && $_REQUEST['ptype'] == 'favorite')
  52. {
  53.         if(isset($_REQUEST['action']) && $_REQUEST['action']=='add')
  54.         {
  55.                 add_to_favorite($_REQUEST['pid']);
  56.         }else{
  57.                 remove_from_favorite($_REQUEST['pid']);
  58.         }
  59. }else
  60. if(isset($_REQUEST['ptype']) && $_REQUEST['ptype']=='profile')
  61. {
  62.         global $current_user;
  63.         if(!$current_user->data->ID)
  64.         {
  65.                 wp_redirect(site_url().'/?ptype=login');
  66.                 exit;
  67.         }
  68.         if($ct_on && file_exists($child_dir.'/library/includes/profile.php')){include_once ($child_dir.'/library/includes/profile.php');}
  69. else{include_once (TEMPLATEPATH . '/library/includes/profile.php');}exit;
  70. }elseif(isset($_REQUEST['ptype']) && $_REQUEST['ptype'] == 'phpinfo')
  71. {    echo 'Access Denied!'; // Added by Stiofan
  72.         //echo phpinfo();exit; // removed by Stiofan hebtech.co.uk ### Not a security risk by it's self but a window in to your server for the baddies ###
  73. }elseif(isset($_REQUEST['ptype']) && $_REQUEST['ptype'] == 'csvdl')
  74. {
  75.         if($ct_on && file_exists($child_dir."/library/includes/csvdl.php")){include_once ($child_dir."/library/includes/csvdl.php");}
  76. else{include_once (TEMPLATEPATH . "/library/includes/csvdl.php");}
  77. }
  78. elseif(isset($_REQUEST['ptype']) && ($_REQUEST['ptype'] == 'register' || $_REQUEST['ptype'] == 'login'))
  79. {
  80.         if($ct_on && file_exists($child_dir."/library/includes/registration.php")){include_once ($child_dir."/library/includes/registration.php");}
  81. else{include_once (TEMPLATEPATH . "/library/includes/registration.php");}
  82. }
  83. elseif(isset($_REQUEST['ptype']) && $_REQUEST['ptype'] == 'verify')
  84. {
  85.         if($ct_on && file_exists($child_dir."/library/includes/claim_listing_verify.php")){include_once ($child_dir."/library/includes/claim_listing_verify.php");}
  86. else{include_once (TEMPLATEPATH . "/library/includes/claim_listing_verify.php");}
  87. }
  88. elseif(isset($_REQUEST['ptype']) && $_REQUEST['ptype']=='post_listing' && $_REQUEST['pid']){
  89.         $id = $_REQUEST['pid'];
  90.                         if(get_edit_post_link($id)){
  91.                                 if($ct_on && file_exists($child_dir.'/submit_place.php')){include_once ($child_dir.'/submit_place.php');}
  92. else{include_once (TEMPLATEPATH . '/submit_place.php');}exit;
  93.                         }else echo 'Access Denied!';
  94. }elseif(isset($_REQUEST['ptype']) && $_REQUEST['ptype']=='post_listing')
  95. {
  96.         if($_REQUEST['ptype']=='post_listing' && get_option('is_user_addevent')=='0'){wp_redirect(site_url());exit;}
  97. if($ct_on && file_exists($child_dir.'/submit_place.php')){include_once ($child_dir.'/submit_place.php');}
  98. else{include_once (TEMPLATEPATH . '/submit_place.php');}exit;
  99. }elseif(isset($_REQUEST['ptype']) && $_REQUEST['ptype']=='post_event')
  100. {
  101.         if($_REQUEST['ptype']=='post_event' && get_option('is_user_eventlist')=='0' && $_REQUEST['pid']==''){wp_redirect(site_url());exit;}
  102.         if($ct_on && file_exists($child_dir.'/submit_event.php')){include_once ($child_dir.'/submit_event.php');}
  103. else{include_once (TEMPLATEPATH . '/submit_event.php');}exit;
  104. }
  105. elseif(isset($_REQUEST['ptype']) && $_REQUEST['ptype'] == 'preview')
  106. {      
  107.         if($_REQUEST['pid']) //SECURITY FIX BY STIOFAN HEBTECH.CO.UK - CHECK IF USER HAS PERMISION TO VIEW DELETE LISTING PAGE
  108.                 {
  109.                         $id = $_REQUEST['pid'];
  110.                         if(get_edit_post_link($id)){
  111.                                 if($ct_on && file_exists($child_dir."/library/includes/preview.php")){include_once ($child_dir."/library/includes/preview.php");}
  112. else{include_once (TEMPLATEPATH . "/library/includes/preview.php");}
  113.                         }elseif($_REQUEST['alook']){
  114.                 if($ct_on && file_exists($child_dir."/library/includes/preview.php")){include_once ($child_dir."/library/includes/preview.php");}
  115. else{include_once (TEMPLATEPATH . "/library/includes/preview.php");}
  116.                 }      
  117.                         else echo 'Access Denied!';
  118.                
  119.                 }else {if($ct_on && file_exists($child_dir."/library/includes/preview.php")){include_once ($child_dir."/library/includes/preview.php");}
  120. else{include_once (TEMPLATEPATH . "/library/includes/preview.php");}}
  121. }
  122. elseif(isset($_REQUEST['ptype']) && $_REQUEST['ptype'] == 'preview_event')
  123. {      
  124.         if($_REQUEST['pid']) //SECURITY FIX BY STIOFAN HEBTECH.CO.UK - CHECK IF USER HAS PERMISION TO VIEW DELETE LISTING PAGE
  125.                 {
  126.                         $id = $_REQUEST['pid'];
  127.                         if(get_edit_post_link($id)){
  128.                                 if($ct_on && file_exists($child_dir."/library/includes/preview_event.php")){include_once ($child_dir."/library/includes/preview_event.php");}
  129. else{include_once (TEMPLATEPATH . "/library/includes/preview_event.php");}
  130.                         }elseif($_REQUEST['alook']){if($ct_on && file_exists($child_dir."/library/includes/preview_event.php")){include_once ($child_dir."/library/includes/preview_event.php");}
  131. else{include_once (TEMPLATEPATH . "/library/includes/preview_event.php");}}
  132.                                
  133.                         else echo 'Access Denied!';
  134.                
  135.                 }else {if($ct_on && file_exists($child_dir."/library/includes/preview_event.php")){include_once ($child_dir."/library/includes/preview_event.php");}
  136. else{include_once (TEMPLATEPATH . "/library/includes/preview_event.php");}}
  137. }
  138. elseif(isset($_REQUEST['ptype']) && $_REQUEST['ptype'] == 'paynow')
  139. {
  140.         if($ct_on && file_exists($child_dir."/library/includes/paynow.php")){include_once ($child_dir."/library/includes/paynow.php");}
  141. else{include_once (TEMPLATEPATH . "/library/includes/paynow.php");}
  142. }elseif(isset($_REQUEST['ptype']) && $_REQUEST['ptype'] == 'paynow_event')
  143. {
  144.         if($ct_on && file_exists($child_dir."/library/includes/paynow_event.php")){include_once ($child_dir."/library/includes/paynow_event.php");}
  145. else{include_once (TEMPLATEPATH . "/library/includes/paynow_event.php");}
  146. }
  147. elseif(isset($_REQUEST['ptype']) && $_REQUEST['ptype'] == 'cancel_return')
  148. {
  149.         if($ct_on && file_exists($child_dir.'/library/includes/cancel.php')){include_once ($child_dir.'/library/includes/cancel.php');}
  150. else{include_once (TEMPLATEPATH . '/library/includes/cancel.php');}
  151.         exit;
  152. }
  153. elseif(isset($_GET['ptype']) && ($_GET['ptype'] == 'return' || $_GET['ptype'] == 'payment_success'))  // PAYMENT GATEWAY RETURN
  154. {
  155.         if($ct_on && file_exists($child_dir.'/library/includes/return.php')){include_once ($child_dir.'/library/includes/return.php');}
  156. else{include_once (TEMPLATEPATH . '/library/includes/return.php');}
  157.         exit;
  158. }
  159. elseif(isset($_GET['ptype']) && $_GET['ptype'] == 'success')  // PAYMENT GATEWAY RETURN
  160. {
  161.         if($ct_on && file_exists($child_dir.'/library/includes/success.php')){include_once ($child_dir.'/library/includes/success.php');}
  162. else{include_once (TEMPLATEPATH . '/library/includes/success.php');}
  163.         exit;
  164. }
  165. elseif(isset($_GET['ptype']) && $_GET['ptype'] == 'notifyurl')  // PAYMENT GATEWAY NOTIFY URL
  166. {
  167.         if(isset($_GET['pmethod']) && $_GET['pmethod'] == 'paypal')
  168.         {
  169.                 if($ct_on && file_exists($child_dir.'/library/includes/ipn_process.php')){include_once ($child_dir.'/library/includes/ipn_process.php');}
  170. else{include_once (TEMPLATEPATH . '/library/includes/ipn_process.php');}
  171.         }elseif(isset($_GET['pmethod']) && $_GET['pmethod'] == '2co')
  172.         {
  173.                 if($ct_on && file_exists($child_dir.'/library/includes/ipn_process_2co.php')){include_once ($child_dir.'/library/includes/ipn_process_2co.php');}
  174. else{include_once (TEMPLATEPATH . '/library/includes/ipn_process_2co.php');}
  175.         }
  176.         exit;
  177. }
  178. elseif(isset($_REQUEST['ptype']) && $_REQUEST['ptype'] == 'sort_image')
  179. {
  180.         global $wpdb;
  181.         //echo $_REQUEST['pid'];
  182.         $arr_pid = explode(',',$_REQUEST['pid']);
  183.         for($j=0;$j<count($arr_pid);$j++)
  184.         {
  185.                 $media_id = $arr_pid[$j];
  186.                 if(strstr($media_id,'div_'))
  187.                 {
  188.                         $media_id = str_replace('div_','',$arr_pid[$j]);
  189.                 }
  190.                 $wpdb->query('update '.$wpdb->posts.' set  menu_order = "'.$j.'" where ID = "'.$media_id.'" ');
  191.         }
  192.         echo 'Image order saved successfully';
  193. }
  194. elseif(isset($_REQUEST['ptype']) && $_REQUEST['ptype'] == 'delete')
  195. {
  196.         global $current_user;
  197.         if($_REQUEST['pid']) //SECURITY FIX BY STIOFAN HEBTECH.CO.UK - CHECK IF USER HAS PERMISION TO DELETE LISTING
  198.         {$pid = $_REQUEST['pid'];  
  199.         if(get_edit_post_link($pid)){
  200.                 wp_delete_post($_REQUEST['pid']);
  201.                 wp_redirect(get_author_link($echo = false, $current_user->data->ID));
  202.         }else echo 'Access Denied!'; // Added by Stiofan
  203. }       else echo 'Access Denied!'; // Added by Stiofan
  204. }
  205. elseif(isset($_REQUEST['ptype']) && $_REQUEST['ptype'] == 'att_delete')
  206. {      
  207.     if($_REQUEST['remove'] == 'temp')
  208.         {
  209.  
  210.                 if($_SESSION["file_info"])
  211.                 {
  212.                         $tmp_file_info = array();
  213.                         foreach($_SESSION["file_info"] as $image_id=>$val)
  214.                         {
  215.                                     if($image_id == $_REQUEST['pid'])
  216.                                         {
  217.                                                 @unlink(ABSPATH."/".$upload_folder_path."tmp/".$_REQUEST['pid'].".jpg");
  218.                                         }else{ 
  219.                                                 $tmp_file_info[$image_id] = $val;
  220.                                         }
  221.                                        
  222.                         }
  223.                         $_SESSION["file_info"] = $tmp_file_info;
  224.                 }
  225.                
  226.                
  227.         }else{  global $current_user;
  228.         if(get_edit_post_link($_REQUEST['pid'])){
  229.                         wp_delete_attachment($_REQUEST['pid']);
  230.                         }else echo 'Access Denied!'; // Added by Stiofan
  231.         }      
  232. }
  233. else
  234. {
  235. ############################################
  236. ######## ESSENTIAL CORE HEAD STOP ##########
  237. ############################################
  238. get_header();?>
  239. <?php dynamic_sidebar(1);?>
  240. <div id="wrapper" class="clearfix">
  241. <div id="content" class="clearfix">
  242. <?php dynamic_sidebar(2);  ?>  
  243. </div> <!-- content #end -->
  244. <div id="sidebar">
  245. <?php dynamic_sidebar(3);  ?>  
  246. </div> <!-- sidebar #end -->  
  247. <?php  get_footer(); ?>
  248. <?php }?>