$gb_auth = new gb_session($include_path); $AUTH = $gb_auth->checkSessionID(); $VARS = $gb_auth->fetch_array($gb_auth->query("SELECT * FROM " . $gb_auth->table['cfg'])); $gb_auth->free_result($gb_auth->result); $template = new gb_template($include_path); if (isset($_COOKIE['lang']) && !empty($_COOKIE['lang'])) { $template->set_lang($_COOKIE['lang']); } else { $template->set_lang($VARS['lang']); } $LANG = $template->get_content(); $gb_auth->close_db(); $enter_html = ""; if (!$AUTH) { $message = isset($username) || isset($password) ? $LANG["PassMess2"] : $LANG["PassMess1"]; eval("\$enter_html = \"" . $template->get_template($GB_TPL['header']) . "\";"); eval("\$enter_html .= \"" . $template->get_template($GB_TPL['adm_enter']) . "\";"); eval("\$enter_html .= \"" . $template->get_template($GB_TPL['footer']) . "\";"); echo $enter_html; } else { $GB_PG["admin"] = $GB_PG["base_url"] . "/admin.php?username={$username}&password={$password}&enter=1"; header("Location: {$GB_PG['admin']}"); exit; } break; case "comment": require_once $include_path . "/lib/vars.class.php"; require_once $include_path . "/lib/comment.class.php"; $gb_com = new gb_comment($include_path); $gb_com->id = isset($_GET["gb_id"]) ? $_GET["gb_id"] : ''; $gb_com->id = isset($_POST["gb_id"]) ? $_POST["gb_id"] : $gb_com->id;
if (isset($_COOKIE['lang']) && !empty($_COOKIE['lang'])) { $template->set_lang($_COOKIE['lang']); } else { $template->set_lang($VARS['lang']); } $LANG = $template->get_content(); if (!$AUTH) { define('IS_INCLUDE', false); $message = isset($username) || isset($password) ? '<div style="border: 1px solid #D00; width: 300px; background: #FFC0CB; margin: 0 auto 10px auto; padding: 3px 0;" id="admin_error">' . $LANG['PassMess2'] . '</div>' : ''; $adminVariables = ''; if (!empty($action) && !empty($tbl) && !empty($id)) { $adminVariables = htmlspecialchars('?action=' . $action . '&tbl=' . $tbl . '&id=' . intval($id)); } $EMAILJS = ''; $enter_html = ''; eval("\$enter_html = \"" . $template->get_template('header') . "\";"); eval("\$enter_html .= \"" . $template->get_template('admin_enter') . "\";"); eval("\$enter_html .= \"" . $template->get_template('footer') . "\";"); echo $enter_html; } else { // This is an array of some generic variables common to most forms $postVars = array('gbsession', 'uid', 'action', 'panel', 'section', 'tbl'); create_variable($postVars); $action = !isset($action) ? '' : $action; $rid = !isset($rid) ? '' : $rid; $admin = new gb_admin($AUTH['session'], $AUTH['uid']); $admin->VARS =& $VARS; $admin->db =& $gb_auth; switch ($action) { case 'accept': $admin->accept_entry($id, $tbl);