echo " <description>" . htmlspecialchars($sys_name . " - " . $sys_title) . "</description>\n";
echo " <language>en-us</language>\n";
echo " <image>\n";
echo " <title>" . htmlspecialchars($sys_name) . "</title>\n";
echo " <url>http:" . $sys_url . $sys_logo_small_image . "</url>\n";
echo " <link>http:" . $sys_url . "</link>\n";
echo " <description>" . htmlspecialchars($sys_name . " - " . $sys_title) . "</description>\n";
echo " <width>66</width>\n";
echo " <height>73</height>\n";
echo " </image>\n";
echo " <item>\n";
echo " <title><b>News:</b></title>\n";
echo " <link>http:" . $sys_url . "news.php</link>\n";
echo " </item>\n";
$db = new DB_SourceBiz();
$db->query("SELECT * FROM news WHERE news.status_new='A' ORDER BY news.modification_new DESC limit 5");
$i = 0;
while ($db->next_record()) {
echo " <item>\n";
echo " <title>" . htmlspecialchars($db->f("subject_new")) . "</title>\n";
echo " <link>http:" . $sys_url . "newbynewid.php?id=" . $db->f("newid") . "</link>\n";
echo " </item>\n";
$i++;
}
$blklen = 5;
$time = floor(time() / 5);
$db->query("SELECT COUNT(*) as cnt FROM enterprise WHERE enterprise.status='A'");
$db->next_record();
$entcnt = $db->f("cnt");
$blkcnt = floor($entcnt / $blklen);
if ($entcnt % $blklen > 0) {
page_open(array("sess" => "SourceBiz_Session", "auth" => "SourceBiz_Auth", "perm" => "SourceBiz_Perm"));
require "./include/header.inc";
$bx = new box("", $th_box_frame_color, $th_box_frame_width, $th_box_title_bgcolor, $th_box_title_font_color, $th_box_title_align, $th_box_body_bgcolor, $th_box_body_font_color, $th_box_body_align);
$be = new box("", $th_box_frame_color, $th_box_frame_width, $th_box_title_bgcolor, $th_box_title_font_color, $th_box_title_align, $th_box_body_bgcolor, $th_box_error_font_color, $th_box_body_align);
?>
<!-- content -->
<?php
if ($perm->have_perm("admin")) {
if (isset($category) && !empty($category)) {
$dbcat = new DB_SourceBiz();
// Look if Category is already in table
$columns = "*";
$tables = "categories";
$where = "type='{$type}' AND category='{$category}'";
if (!$dbcat->query("SELECT {$columns} FROM {$tables} WHERE {$where}")) {
mysql_die($dbcat);
} else {
switch ($action) {
case "ins":
if ($dbcat->num_rows() > 0) {
$be->box_full($t->translate("Error"), $t->translate("Category") . " {$category} " . $t->translate("already exists"));
} else {
$set = "type='{$type}',category='{$category}'";
if (!$dbcat->query("INSERT {$tables} SET {$set}")) {
mysql_die($dbcat);
} else {
$bx->box_full($t->translate("Administration"), $t->translate("Category") . " {$category} " . $t->translate("has been added"));
}
}
break;
require "./include/config.inc";
require "./include/lib.inc";
echo "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n";
echo "<!DOCTYPE rss PUBLIC \"-//Netscape Communications//DTD RSS 0.91//EN\"\n";
echo " \"http://my.netscape.com/publish/formats/rss-0.91.dtd\">\n";
echo "<rss version=\"0.91\">\n";
echo " <channel>\n";
echo " <title>" . htmlspecialchars($sys_name) . " - News</title>\n";
echo " <link>http:" . $sys_url . "</link>\n";
echo " <description>" . htmlspecialchars($sys_name . " - " . $sys_title) . "</description>\n";
echo " <language>en-us</language>\n";
echo " <image>\n";
echo " <title>" . htmlspecialchars($sys_name) . "</title>\n";
echo " <url>http:" . $sys_url . $sys_logo_small_image . "</url>\n";
echo " <link>http:" . $sys_url . "</link>\n";
echo " <description>" . htmlspecialchars($sys_name . " - " . $sys_title) . "</description>\n";
echo " <width>66</width>\n";
echo " <height>73</height>\n";
echo " </image>\n";
$db = new DB_SourceBiz();
$db->query("SELECT * FROM news WHERE news.status_new='A' ORDER BY news.modification_new DESC limit 5");
$i = 0;
while ($db->next_record()) {
echo " <item>\n";
echo " <title>" . htmlspecialchars($db->f("subject_new")) . "</title>\n";
echo " <link>http:" . $sys_url . "newbynewid.php?id=" . $db->f("newid") . "</link>\n";
echo " </item>\n";
$i++;
}
echo " </channel>\n";
echo "</rss>\n";
$columns = "*";
$tables = "enterprise";
$where = "entid='{$id}'";
if (!$db->query("SELECT {$columns} FROM {$tables} WHERE {$where}")) {
mysql_die($db);
} else {
// If enterprise in table
if ($db->next_record()) {
// If enterprise owner is logged in user
if ($db->f("user") == $auth->auth["uname"] || $perm->have_perm("admin")) {
// Look if profile is already in table
$dbprf = new DB_SourceBiz();
$columns = "*";
$tables = "profile,enterprise";
$where = "entid_prf='{$id}' AND enterprise.entid = profile.entid_prf";
if ($dbprf->query("SELECT {$columns} FROM {$tables} WHERE {$where}")) {
// If profile in table
if ($dbprf->next_record()) {
// Modify existing profile
prfmod($dbprf);
} else {
// Insert new profile
prfform($db);
}
} else {
mysql_die($db);
}
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied") . ".");
}
// If enterprise not in table
$bystr = $t->translate("All");
}
$bx->box_title($t->translate("Users") . ": " . $bystr);
$bx->box_body_begin();
?>
<table border=0 align=center cellspacing=1 cellpadding=1 width=100%>
<?php
echo "<tr><td><b>" . $t->translate("No") . ".</b></td><td><b># " . $t->translate("Ent") . "</b></td><td><b>" . $t->translate("Username") . "</b></td><td><b>" . $t->translate("Realname") . "</b></td><td><b>" . $t->translate("E-Mail") . "</b></td></tr>\n";
$i = 1;
while ($db->next_record()) {
$columns = "COUNT(*)";
$tables = "enterprise";
$where = "user=\"" . $db->f("username") . "\" AND status=\"A\"";
$num = "";
$dbn = new DB_SourceBiz();
if ($dbn->query("SELECT {$columns} AS cnt FROM {$tables} WHERE {$where}")) {
$dbn->next_record();
$num = "[" . sprintf("%03d", $dbn->f("cnt")) . "]";
}
echo "<tr><td>" . sprintf("%d", $i) . "</td>\n";
echo "<td><a href=\"" . $sess->url("enterprises.php") . $sess->add_query(array("by" => "filter", "author" => $db->f("username"))) . "\">{$num}</a></td>\n";
echo "<td>" . $db->f("username") . "</td>\n";
echo "<td>" . $db->f("realname") . "</td>";
echo "<td><<a href=\"mailto:" . mailtoencode($db->f("email_usr")) . "\">" . ereg_replace("@", " at ", htmlentities($db->f("email_usr"))) . "</a>></td>";
echo "</tr>\n";
$i++;
}
echo "</table>\n";
}
$bx->box_body_end();
$bx->box_end();
echo " <title>" . htmlspecialchars($sys_name) . " - Enterprises</title>\n";
echo " <link>http:" . $sys_url . "</link>\n";
echo " <description>" . htmlspecialchars($sys_name . " - " . $sys_title) . "</description>\n";
echo " <language>en-us</language>\n";
echo " <image>\n";
echo " <title>" . htmlspecialchars($sys_name) . "</title>\n";
echo " <url>http:" . $sys_url . $sys_logo_small_image . "</url>\n";
echo " <link>http:" . $sys_url . "</link>\n";
echo " <description>" . htmlspecialchars($sys_name . " - " . $sys_title) . "</description>\n";
echo " <width>66</width>\n";
echo " <height>73</height>\n";
echo " </image>\n";
$db = new DB_SourceBiz();
$blklen = 5;
$time = floor(time() / 5);
$db->query("SELECT COUNT(*) as cnt FROM enterprise WHERE enterprise.status='A'");
$db->next_record();
$entcnt = $db->f("cnt");
$blkcnt = floor($entcnt / $blklen);
if ($entcnt % $blklen > 0) {
$blkcnt += 1;
}
$offset = $time % $blkcnt;
if ($offset == 0) {
$offset = $blkcnt;
}
$offset = $offset * $blklen - $blklen;
if ($offset + $blklen >= $entcnt) {
$offset = $entcnt - $blklen;
}
$db->query("SELECT * FROM enterprise WHERE enterprise.status='A' LIMIT {$offset},{$blklen}");
###
## Get a database connection
$db = new DB_SourceBiz();
// Check if there was a submission
while (is_array($HTTP_POST_VARS) && (list($key, $val) = each($HTTP_POST_VARS))) {
switch ($key) {
case "create":
// Create a new user
if (empty($username) || empty($password) || empty($email_usr)) {
// Do we have all necessary data?
$be->box_full($t->translate("Error"), $t->translate("Please enter") . " <B>" . $t->translate("Username") . "</B>, <B>" . $t->translate("Password") . "</B> " . $t->translate("and") . " <B>" . $t->translate("E-Mail") . "</B>!");
break;
}
/* Does the user already exist?
NOTE: This should be a transaction, but it isn't... */
$db->query("select * from auth_user where username='******'");
if ($db->nf() > 0) {
$be->box_full($t->translate("Error"), $t->translate("User") . " <B>{$username}</B> " . $t->translate("already exists") . ".");
break;
}
// Create a uid and insert the user...
$u_id = md5(uniqid($hash_secret));
$permlist = addslashes(implode($perms, ","));
$modification_usr = "******";
$creation_usr = "******";
$query = "insert into auth_user values('{$u_id}','{$username}','{$password}','{$realname}','{$email_usr}',{$modification_usr},{$creation_usr},'{$permlist}')";
$db->query($query);
if ($db->affected_rows() == 0) {
$be->box_full($t->translate("Error"), "<b>" . $t->translate("Database Access failed") . ":</b> {$query}");
break;
}
$db->next_record();
// Move uploaded logo to logo directory
if (!empty($logo_name)) {
$to = $sys_logo_dir . $db->f("entid") . "ent_" . basename($logo_name);
if (!copy($logo, $to)) {
$be->box_full($t->translate("Error"), $t->translate("Unable to copy logofile to logo directory"));
}
if (!chmod($to, 0666)) {
$be->box_full($t->translate("Error"), $t->translate("Unable to change logofile mode"));
}
}
// Insert new counters
$dbcnt = new DB_SourceBiz();
$tables = "counter";
$set = "entid=" . $db->f("entid");
if (!$dbcnt->query("INSERT {$tables} SET {$set}")) {
mysql_die($dbcnt);
} else {
// Select and show new enterprise with counters
entbyentid($db, $db->f("entid"));
if ($ml_notify) {
$msg = "insert enterprise {$name} by " . $auth->auth["uname"] . ".";
mailuser("admin", "insert enterprise", $msg);
}
}
}
}
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Short Profile specified"));
switch ($key) {
case "u_edit":
// Change user parameters
if ($auth->auth["uid"] == $u_id) {
// user changes his own account
$password = trim($password);
$cpassword = trim($cpassword);
$realname = trim($realname);
$email_usr = trim($email_usr);
if (strcmp($password, $cpassword)) {
// password are identical?
$be->box_full($t->translate("Error"), $t->translate("The passwords are not identical") . ". " . $t->translate("Please try again") . "!");
break;
}
$query = "UPDATE auth_user SET password='******', realname='{$realname}', email_usr='******', modification_usr=NOW() WHERE user_id='{$u_id}'";
$db->query($query);
if ($db->affected_rows() == 0) {
$be->box_full($t->translate("Error"), $t->translate("Change User Parameters failed") . ":<br>{$query}");
break;
}
$bi->box_full($t->translate("Change User Parameters"), $t->translate("Password and/or E-Mail Address of") . " <b>" . $auth->auth["uname"] . "</b> " . $t->translate("is changed") . ".");
if ($ml_notify) {
$message = "Username: "******"uname"] . "\n";
$message .= "Realname: {$realname}\n";
$message .= "E-Mail: {$email_usr}\n";
mailuser("admin", "User parameters has changed", $message);
}
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
}
break;