function bio_read_diaryland($bio_owner)
{
list($bio_owner) = explode('@', $bio_owner);
$url = "http://members.diaryland.com/profile.phtml?user={$username}";
$bio = file_get_contents($url);
// pulls out the substantive part, ignoring the DL template
list($crap, $bio) = explode('<!-- content goes here -->', $bio);
// eliminates the table structure. not sure why
$bio = str_replace(array('</td>', '</TD>', '</tr>', '</TR>'), array(' ', ' ', "<br />\n", "<br />\n"), $bio);
// get rid of bad formatting or javascript that might have been inserted
$bio = removeEvilTags($bio);
return $bio;
}
/**
* Prepare update SQL
*
* @param array $data key/value pairs of data
* @returns string result SQL, suitable for INSERT/UPDATE
*/
function prepareSQL($data, $setonly = false)
{
global $config, $imdb_set_fields, $db_null_fields, $db_zero_fields;
// get global variables into local scope
extract($data);
// Fix for Bugreport [1122052] Automatic DiskID generation problem
if ($config['autoid'] && !empty($diskid) && $diskid == $autoid) {
// in case DiskID is already used in meanwhile
// -> update to new DiskId
$diskid = getDiskId();
}
// set default mediatype
if (empty($mediatype)) {
$mediatype = $config['mediadefault'];
}
// set owner
if (is_numeric($owner_id)) {
$SQL = 'owner_id = ' . $owner_id;
}
// rating up to 10
$rating = min($rating, 10);
// update all fields according to list
foreach ($imdb_set_fields as $name) {
if ($setonly && !isset(${$name})) {
continue;
}
// sanitize input
${$name} = removeEvilTags(${$name});
${$name} = html_entity_decode(${$name});
// make sure no formatting contained in basic data
if (in_array($name, array('title', 'subtitle'))) {
${$name} = trim(strip_tags(${$name}));
// string leading articles?
if ($config['removearticles']) {
${$name} = removeArticles(${$name});
}
}
$SET = "{$name} = '" . addslashes(${$name}) . "'";
// special null/zero handling
if (empty(${$name})) {
if (in_array($name, $db_null_fields)) {
$SET = "{$name} = NULL";
} elseif (in_array($name, $db_zero_fields)) {
$SET = "{$name} = 0";
}
}
if ($SQL) {
$SQL .= ', ';
}
$SQL .= $SET;
}
return $SQL;
}
<lastBuildDate><?php
echo date('r', strtotime($firstcomment->createdDate));
?>
</lastBuildDate>
<?php
foreach ($comments as $comment) {
$data = new XNC_Comment($comment);
?>
<item>
<title><?php
echo 'Comment by ' . $data->contributorName;
?>
</title>
<description><?php
echo htmlspecialchars(removeEvilTags(nl2br($data->description)));
?>
</description>
<pubDate><?php
echo date('r', strtotime($data->createdDate));
?>
</pubDate>
<link>http://<?php
echo $_SERVER['HTTP_HOST'];
?>
/view.php?id=<?php
echo $file->id . '#c' . $data->id;
?>
</link>
<guid>http://<?php
echo $_SERVER['HTTP_HOST'];
?>
</a>
by <a href="http://<?php
echo $_SERVER['HTTP_HOST'];
?>
/?user=<?php
echo $data->contributorName;
?>
" class="author user"><?php
echo $data->contributorName;
?>
</a>
<dl>
<dt>body</dt>
<dd class="content"><?php
echo removeEvilTags(nl2br($data->description));
?>
</dd>
</dl>
</li>
<?php
}
//end foreach
echo '</ul>';
}
//end if
// Display the add a comment form
if (XN_Profile::current()->isLoggedIn()) {
?>
<form id="commentForm" method="post" action="?id=<?php
echo $file->id;
function validate_form_data($form_id)
{
global $label;
if (!defined('MAX_UPLOAD_BYTES')) {
define('MAX_UPLOAD_BYTES', 150000);
}
$sql = "SELECT *, t2.field_label AS LABEL, t2.error_message as error_message FROM form_fields as t1, form_field_translations as t2 WHERE t1.field_id=t2.field_id AND t2.lang='" . $_SESSION['MDS_LANG'] . "' AND form_id='{$form_id}' AND field_type != 'SEPERATOR' AND field_type != 'BLANK' AND field_type != 'NOTE' order by field_sort";
$result = mysql_query($sql) or die(mysql_error());
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
if ($row['field_type'] == 'TEXT' || $row['field_type'] == 'TEXTAREA' || $row['field_type'] == 'EDITOR') {
if (check_for_bad_words($_REQUEST[$row['field_id']])) {
$error .= $row['LABEL'] . " - " . $label['bad_words_not_accept'] . "<br>";
}
}
if (BREAK_LONG_WORDS == 'YES') {
if ($row['field_type'] == 'TEXT' || $row['field_type'] == 'TEXTAREA') {
// HTML not allowed
$_REQUEST[$row['field_id']] = trim(break_long_words($_REQUEST[$row['field_id']], false));
}
if ($row['field_type'] == 'EDITOR') {
// field where limited HTML is allowed
$_REQUEST[$row['field_id']] = trim(break_long_words($_REQUEST[$row['field_id']], true));
}
}
define('STRIP_LATIN1', 'YES');
define('STRIP_HTML', 'YES');
// clean the data..
if (STRIP_LATIN1 == 'YES') {
$_REQUEST[$row[field_id]] = remove_non_latin1_chars($_REQUEST[$row[field_id]]);
}
if ($row[field_type] == 'EDITOR' || $row[field_type] == 'TEXTAREA') {
if (STRIP_HTML == 'YES') {
$_REQUEST[$row[field_id]] = stripslashes($_REQUEST[$row[field_id]]);
//echo htmlentities($_REQUEST[$row[field_id]]);
$_REQUEST[$row[field_id]] = removeEvilTags($_REQUEST[$row[field_id]]);
$_REQUEST[$row[field_id]] = str_replace("'", "\\'", $_REQUEST[$row[field_id]]);
}
}
if (($row['field_type'] == 'FILE' || $row['field_type'] == 'IMAGE') && $_FILES[$row['field_id']]['name'] != '') {
$a = explode(".", $_FILES[$row['field_id']]['name']);
$ext = array_pop($a);
if (!is_filetype_allowed($_FILES[$row['field_id']]['name']) && $row['field_type'] == 'FILE') {
$label['vaild_file_ext_error'] = str_replace("%EXT_LIST%", ALLOWED_EXT, $label['vaild_file_ext_error']);
$label['vaild_file_ext_error'] = str_replace("%EXT%", $ext, $label['vaild_file_ext_error']);
$error .= $label['vaild_file_ext_error'] . "<br>";
}
if (!is_imagetype_allowed($_FILES[$row['field_id']]['name']) && $row['field_type'] == 'IMAGE') {
$label['vaild_image_ext_error'] = str_replace("%EXT_LIST%", ALLOWED_IMG, $label['vaild_image_ext_error']);
$label['vaild_image_ext_error'] = str_replace("%EXT%", $ext, $label['vaild_image_ext_error']);
$error .= $label['vaild_image_ext_error'] . "<br>";
}
if (ini_get("safe_mode") === false) {
if (filesize($_FILES[$row['field_id']]['tmp_name']) > MAX_UPLOAD_BYTES) {
$label['valid_file_size_error'] = str_replace("%FILE_NAME%", $_FILES[$row['field_id']]['name'], $label['valid_file_size_error']);
$error .= $label['valid_file_size_error'] . "<br>";
}
}
//echo "filesize: ".filesize($_FILES[$row['field_id']]['tmp_name']);
}
if ($row[is_required] == 'Y') {
if ($row['field_type'] == 'DATE' || $row['field_type'] == 'DATE_CAL') {
$row['reg_expr'] = "date";
// default to date check
}
//if ($row[field_type]=='TEXT') {
//$_REQUEST[$row[field_id]] = htmlspecialchars ($_REQUEST[$row[field_id]]); // escape html...
//}
switch ($row['reg_expr']) {
case "not_empty":
if (trim($_REQUEST[$row[field_id]] == '')) {
$error .= " - '" . $row['LABEL'] . "' " . $row['error_message'] . "<br>";
}
break;
case "email":
if (!validate_mail(trim($_REQUEST[$row[field_id]]))) {
$error .= " - '" . $row['LABEL'] . "' " . $row['error_message'] . "<br>";
}
break;
case "date":
if ($row['field_type'] == 'DATE') {
$day = $_REQUEST[$row[field_id] . "d"];
$month = $_REQUEST[$row[field_id] . "m"];
$year = $_REQUEST[$row[field_id] . "y"];
} else {
$ts = strtotime($row['field_id'] . " GMT");
$day = date('d', $ts);
$month = date('m', $ts);
$year = date('y', $ts);
}
//$date_str = "$year-$month-$day"; // ISO 8601
//echo $date_str." *".strtotime($date_str)."*<Br>";
if (!@checkdate($month, $day, $year)) {
$error .= " - '" . $row['LABEL'] . "' " . $row['error_message'] . "<br>";
}
break;
case 'url':
if ($_REQUEST[$row[field_id]] == '' || $_REQUEST[$row[field_id]] == 'http://') {
$error .= " - '" . $row['LABEL'] . "' " . $row['error_message'] . "<br>";
} elseif (VALIDATE_LINK == 'YES') {
//$handle = fopen($_REQUEST[url], "r");
$url_arr = explode("/", $_REQUEST[$row[field_id]]);
$host = array_shift($url_arr);
$host = array_shift($url_arr);
$host = array_shift($url_arr);
$fp = @fsockopen($host, 80, $errno, $errstr, 30);
if (!$fp) {
//$error .= "<b>- Cannot connect to host in the URL. ($errstr)</b><br>";
} else {
$path = implode("/", $url_arr);
$out = "GET /{$path} HTTP/1.1\r\n";
$out .= "Host: {$host}\r\n";
$out .= "Connection: Close\r\n\r\n";
fwrite($fp, $out);
$str = fgets($fp);
if (strpos($str, "404") || strpos($str, "401") || strpos($str, "403")) {
$error .= "- " . $row['LABEL'] . "<b>" . $label['advertiser_publish_bad_url'] . "</b><br>";
}
fclose($fp);
}
}
default:
if (trim($_REQUEST[$row[field_id]] == '')) {
$error .= " - '" . $row['LABEL'] . "' " . $row['error_message'] . "<br>";
}
break;
}
}
}
return $error;
}
function InsertMovie($imdb_id, &$ret_title, $seen, $mediatype)
{
$imdb_set_fields = array('md5', 'title', 'subtitle', 'language', 'diskid', 'mediatype', 'comment', 'disklabel', 'imdbID', 'year', 'imgurl', 'director', 'actors', 'runtime', 'country', 'plot', 'filename', 'filesize', 'filedate', 'audio_codec', 'video_codec', 'video_width', 'video_height', 'istv', 'custom1', 'custom2', 'custom3', 'custom4');
//fetching all the data
$imdbdata = engineGetData($imdb_id);
if ($imdbdata['title'] == '') {
return 0;
}
//sorting needed things
//genres--------------------------
$genres = array();
$gnames = $imdbdata['genres'];
if (isset($gnames)) {
foreach ($gnames as $gname) {
// check if genre is found- otherwise fail silently
if (is_numeric($genre = getGenreId($gname))) {
$genres[] = $genre;
}
}
}
//--------------------------------
//actors
$actors = $imdbdata['cast'];
//movie owner---------------------
if (check_permission(PERM_WRITE, $_COOKIE['VDBuserid'])) {
$owner_id = $_COOKIE['VDBuserid'];
} else {
$owner_id = 0;
}
//--------------------------------
//cover
$imgurl = $imdbdata['coverurl'];
// lookup all other fields
foreach (array_keys($imdbdata) as $name) {
if (in_array($name, array('coverurl', 'genres', 'cast', 'id'))) {
continue;
}
${$name} = $imdbdata[$name];
}
//year
if (empty($year)) {
$year = '0000';
}
// set owner
if (!empty($owner_id)) {
$SETS = 'owner_id = ' . addslashes($owner_id);
}
$imdbID = $imdb_id;
// update all fields according to list
foreach ($imdb_set_fields as $name) {
// sanitize input
${$name} = removeEvilTags(${$name});
// make sure no formatting contained in basic data
if (in_array($name, array('title', 'subtitle'))) {
${$name} = trim(strip_tags(${$name}));
// string leading articles?
if ($config['removearticles']) {
foreach ($articles as $article) {
if (preg_match("/^{$article}+/i", ${$name})) {
${$name} = trim(preg_replace("/(^{$article})(.+)/i", "\$2, \$1", ${$name}));
break;
}
}
}
}
$SET = "{$name} = '" . addslashes(${$name}) . "'";
if (empty(${$name})) {
if (in_array($name, $db_null_fields)) {
$SET = "{$name} = NULL";
} elseif (in_array($name, $db_zero_fields)) {
$SET = "{$name} = 0";
}
}
if ($SETS) {
$SETS .= ', ';
}
$SETS .= $SET;
}
//inserting into database--------------------
$INSERT = 'INSERT INTO ' . TBL_DATA . ' SET ' . $SETS . ', created = NOW()';
//print_r($INSERT);
//echo "<br><br>";
$id = runSQL($INSERT);
// save genres
setItemGenres($id, $genres);
//-------------------------------------------
// insert userseen data
$INSERTSEEN = 'INSERT INTO `userseen` (`video_id`, `user_id`) VALUES (' . $id . ',' . $owner_id . ')';
runSQL($INSERTSEEN);
$ret_title = $title;
return 1;
}
function MakeSemiSafe($UnsafeSource)
{
return myaddslashes(removeEvilTags(trim($UnsafeSource)));
}
function send_display($correspondent, $form = TRUE, $offset = 0)
{
$correspondent = str_replace("@planwatch.org", '', $correspondent);
$send_dir = "{$_SERVER['USER_ROOT']}/sends";
if (!is_dir($send_dir)) {
umask(0);
mkdir($send_dir, 0755);
}
$sendlist = files_list($send_dir, files_encode_safe_name($correspondent) . "*message*");
if (is_array($sendlist)) {
foreach ($sendlist as $i => $send) {
$send_fn = basename($send);
$send = str_replace("@planwatch.org", '', files_decode_safe_name($send_fn));
list($recipient, $time, $direction) = explode("..", $send);
if ($direction == 'messagefrom') {
$from = $correspondent;
$style = ' class="send_from" ';
} else {
$from = $_SERVER['USER'];
$style = ' class="send_to" ';
}
if (IS_JOSH) {
$sendarray[$time] = "<div {$style}>" . smart_nl2br(removeEvilTags(file_get_contents($send_dir . "/{$send_fn}"))) . "<div style='text-align: right; font-size: 70%; font-weight: normal;'>— {$from} <span style='font-size: 70%; font-weight: normal;'>(" . formattime($time) . ")</span></div> </div>\n";
} else {
$sendarray[$time] = "<div {$style}> {$from} (" . formattime($time) . "): " . smart_nl2br(removeEvilTags(file_get_contents($send_dir . "/{$send_fn}"))) . "</div>\n";
}
}
krsort($sendarray);
if (IS_JOSH) {
$firstmessage = reset($sendarray);
unset($sendarray[key($sendarray)]);
}
if (OUTPUT_MODE == 'MOBILE') {
$sendarray = array_slice($sendarray, $offset, 20);
} else {
$sendarray = array_slice($sendarray, $offset, 100);
}
$latest_time = array_shift(array_keys($sendarray));
// if ($latest_time < time() - 600 && $_SERVER['OUTPUT_MODE']=='AJAX') $content="IGNORE.NULL";
//else
$content = implode("\n", $sendarray);
if (file_exists("{$send_dir}/" . files_encode_safe_name("{$correspondent}..new"))) {
unlink("{$send_dir}/" . files_encode_safe_name("{$correspondent}..new"));
}
if (file_exists("{$send_dir}/" . files_encode_safe_name("{$correspondent}@planwatch.org..new"))) {
unlink("{$send_dir}/" . files_encode_safe_name("{$correspondent}@planwatch.org..new"));
}
}
$content = hyperlink($content);
if ($form) {
if (browser_is_modern() && $_SERVER['OUTPUT_MODE'] != 'IPHONE' && $_SERVER['OUTPUT_MODE'] != 'MOBILE') {
$sendbutton = "<input type='button' onclick='sendMessage();' value='Send' style='font-size: 20px; color: white; background: {$GLOBALS['linkcolor']}; font-family: {$GLOBALS['pfont']},{$GLOBALS['pfonts']}; font-weight: bold; ' />";
} else {
$sendbutton = "<input type=\"submit\" value='Send' class='whiteButton' href=\"#\" style='' />";
}
if (!$offset) {
if (IS_JOSH) {
$content = "\n\t\t\t\t{$firstmessage}<br clear='all' />\n\t\t\t\t<form action='{$_SERVER['WEB_ROOT']}/scripts/send.php' style='margin: 0px; display: block; ' method='post' class='panel'>\n\t\t\t\t<textarea id='textbox' name='sendmessage' style='width: 90%; font-size: 16px; height: 40px;' onfocus='this.style.height=\"200px;\"' onblur='this.style.height=\"40px;\"'></textarea>\n\t\t\t\t{$sendbutton}<br clear='all' />\n\n\t\t\t\t<hr />\n\t\t\t\t<h2>previously...</h2>\n\t\t\t\t<input type='hidden' name='action' value='send'/>\n\t\t\t\t<input type='hidden' id='recipient' name='recipient' value='{$correspondent}'/>\n\t\t\t\t<input type='hidden' id='sender' name='sender' value='{$_SERVER['USER']}'/>\n\t\t\t\t</form>\n\t\t\t\t<div id='send_div'>\n\t\t\t\t{$content}\n\t\t\t\t</div>\n\t\t\t\t<script type='text/javascript'>\tsetInterval(\"send_refresh();\",9757);</script>\n\n\t\t\t\t";
return $content;
}
if ($_SERVER['OUTPUT_MODE'] == 'HTML') {
$content = "\n\t\t\t\t<form action='{$_SERVER['WEB_ROOT']}/scripts/send.php' style='margin: 0px;' method='post' class='panel'>\n\t\t\t\t<h1>Send with <a href='/read/{$correspondent}'>{$correspondent}</a></h1>\n\t\t\t\t<div id='send_div' style='overflow: auto; height: 200px; margin-bottom: 30px; width: 80%;'>\n\t\t\t\t{$content}\n\t\t\t\t</div>\n<!--\t\t\t\t<script src='/resources/javascript/edit.js'></script>-->\n\t\t\t\t<textarea id='textbox' name='sendmessage'></textarea>\n\t\t\t\t{$sendbutton}\n\t\t\t\t<input type='hidden' name='action' value='send'/>\n\t\t\t\t<input type='hidden' id='recipient' name='recipient' value='{$correspondent}'/>\n\t\t\t\t<input type='hidden' id='sender' name='sender' value='{$_SERVER['USER']}'/>\n\t\t\t\t</form>\n<!--\t\t\t\t<a href='/send/{$correspondent}/" . ($offset + 100) . "'>more...</a>-->\n\t\t\t\t<script type='text/javascript'>\tsetInterval(\"send_refresh();\",9757);</script>\n";
}
if ($_SERVER['OUTPUT_MODE'] == 'IPHONE' || $_SERVER['OUTPUT_MODE'] == 'MOBILE') {
$content = "\n\t\t\t\t<style type='text/css'>.send_from { background-color: #ffc; }</style>\n\t\t\t\t<form action='{$_SERVER['WEB_ROOT']}/scripts/send.php' style='margin: 0px;' method='post' class='panel'>\n\t\t\t\t<h3>Send with <a href='/read/{$correspondent}'>{$correspondent}</a></h3>\n<!--\t\t\t\t<script src='/resources/javascript/edit.js'></script>-->\n\t\t\t\t<textarea id='textbox' name='sendmessage' style='width: 300px; font-size: 16px;'></textarea>\n<!--\t\t\t\t<textarea id='sendmessage' style='width: 300px; height: 80px;' name='sendmessage'></textarea>-->\n\t\t\t\t{$sendbutton}<br clear='all' />\n\t\t\t\t<input type='hidden' name='action' value='send'/>\n\t\t\t\t<input type='hidden' id='recipient' name='recipient' value='{$correspondent}'/>\n\t\t\t\t<input type='hidden' id='sender' name='sender' value='{$_SERVER['USER']}'/>\n\t\t\t\t</form>\n\t\t\t\t<div id='send_div'>\n\t\t\t\t{$content}\n\t\t\t\t</div>\n\t\t\t\t<a target='_replace' href='/send/{$correspondent}/" . ($offset + 20) . "'>more...</a>\n\t\t\t\t<script type='text/javascript'>\tsetInterval(\"send_refresh();\",9757);</script>\n";
}
} else {
output("send from {$correspondent} starting at {$offset}", $content);
}
}
return $content;
}
function extComments($file)
{
?>
<xn:head>
<style type="text/css">
/* Comment Styles */
.comments {
list-style-type: none;
margin-left: 0px;
margin-top: 0.5em;
}
.comments li {
display: block;
margin-left: 0px;
margin-bottom: 1em;
}
.comments dl {
display: inline;
}
.comments dd {
margin-left: 0px;
}
.comments dt {
display: none;
}
.comments dd.author {
display: inline;
font-size: 1em;
}
.comments dd.content {
display: block;
margin-top: 0.5em;
}
</style>
</xn:head>
<?php
$newComment = new XNC_Comment($file);
// Handle any form submission of adding a new comment
if ($newComment->willProcessForm()) {
$newComment->processForm();
$cnt = XN_Content::load($newComment->id);
$cnt->my->set('parentid', $file->id);
$cnt->isPrivate = false;
$cnt->save();
} elseif ($newComment->lastError() != XNC_Comment::ERROR_FORM_ABSENT) {
print $newComment->lastError();
}
// Display a list of comments belonging to a parent object
if ($file->my->content($newComment->referenceAttribute, true)) {
echo '<ul class="xoxo comments">';
foreach ($file->my->content($newComment->referenceAttribute, true) as $comment) {
$data = new XNC_Comment($comment);
?>
<li id="<?php
echo 'c' . $data->id;
?>
">
Posted on <a href="<?php
echo $_SERVER['SCRIPT_URI'] . ($_SERVER['QUERY_STRING'] ? '?' . $_SERVER['QUERY_STRING'] : '');
?>
#<?php
echo 'c' . $data->id;
?>
" title="<?php
echo strtotime($data->createdDate);
?>
"><?php
echo date('Y-m-d H:i', strtotime($data->createdDate));
?>
</a>
by <a href="http://<?php
echo $_SERVER['HTTP_HOST'];
?>
/?user=<?php
echo $data->contributorName;
?>
" class="author user"><?php
echo $data->contributorName;
?>
</a>
<dl>
<dt>body</dt>
<dd class="content"><?php
echo removeEvilTags(nl2br($data->description));
?>
</dd>
</dl>
</li>
<?php
}
//end foreach
echo '</ul>';
}
//end if
// Display the add a comment form
if (XN_Profile::current()->isLoggedIn()) {
?>
<form id="commentForm" method="post" action="<?php
echo $_SERVER['SCRIPT_URI'] . ($_SERVER['QUERY_STRING'] ? '?' . $_SERVER['QUERY_STRING'] : '');
?>
">
<input type="hidden" name="xnc_comment" value="xnc_comment" /><input type="hidden" name="Comment:_parent_id" value="<?php
echo $file->id;
?>
" />Comment: <br />
<textarea name="Comment:description" rows="5" cols="50"></textarea><br />
<input type="submit" name="submit" value="Save Comment" class="button"/><br />
</form>
<a href="http://cocomment.com/"><img src="http://cocomment.com/images/cocomment-integrated.gif" alt="coComment Integrated" /></a>
<script type="text/javascript">
var blogTool = "Ning App";
var blogURL = "http://<?php
echo $_SERVER['HTTP_HOST'];
?>
/";
var blogTitle = "<?php
echo addslashes(XN_Application::load()->name);
?>
";
var postURL = "<?php
echo $_SERVER['SCRIPT_URI'] . ($_SERVER['QUERY_STRING'] ? '?' . $_SERVER['QUERY_STRING'] : '');
?>
";
var postTitle = "<?php
echo addslashes($file->title);
?>
";
var commentTextFieldName = "Comment:description";
var commentButtonName = "submit";
var commentAuthorLoggedIn = true;
var commentAuthor = "<?php
echo XN_Profile::current()->screenName;
?>
";
var commentFormID = "commentForm";
var cocomment_force = false;
var cocoscript = document.createElement('script');
cocoscript.setAttribute('id', 'cocomment-fetchlet');
cocoscript.setAttribute('trackAllComments', 'true');
cocoscript.setAttribute('src', 'http://www.cocomment.com/js/enabler.js');
document.getElementsByTagName('head')[0].appendChild(cocoscript);
</script>
<?php
}
?>
</div>
<?php
}