$add_comment = 1;
}
}
}
}
}
# Check if the requested item exists.
#
# $HandlerMatches is a global array defined index.php where the
# request url was matched.
#
$escaped_item_title = $db->escape($sane_item_title);
# Fetch the item
#
$item_query = "SELECT " . join(',', $ITEM_FIELDS) . " FROM items " . "WHERE sane_title = '{$escaped_item_title}' AND visible = 1";
$item = $db->fetchRowQueryAssoc($item_query, 'id');
if ($db->isError()) {
$smarty->assign('tpl_content', 'content-error.tpl.html');
$smarty->assign('error', 'Database error has occured: ' . $db->getError());
$smarty->display('index.tpl.html');
exit;
}
if (!$item) {
# The requested item was not found
#
$smarty->assign('tpl_content', 'content-error.tpl.html');
$smarty->assign('error', "Item '" . htmlentities($HandlerMatches[1]) . "' does not exist!");
$smarty->display('index.tpl.html');
exit;
}
if ($add_comment) {
if (empty($_POST['password'])) {
$error = "Password was left blank!";
$smarty->assign('login_username', $_POST['username']);
}
}
}
}
}
if ($error) {
$smarty->assign('login_error', $error);
$smarty->display('index.tpl.html');
exit;
}
$db = new SQLite($SQLITE_DB_PATH);
$query = "SELECT id, password, can_login FROM users WHERE username = '******'username']}'";
$user_info = $db->fetchRowQueryAssoc($query);
if ($db->isError()) {
$error = "Login failed! There was a database error: " . $db->getError();
$smarty->assign('login_error', $error);
$smarty->display('index.tpl.html');
exit;
}
if (!$user_info) {
$error = "Username '{$_POST['username']}' does not exist!";
$smarty->assign('login_error', $error);
$smarty->assign('login_username', $_POST['username']);
$smarty->display('index.tpl.html');
exit;
}
if ($user_info['can_login'] == 0) {
$error = "Your account has been disabled! Sorry...";
$smarty = new MySmarty();
if ($smarty->is_cached('index.tpl.html', $unique_page_name)) {
$smarty->display('index.tpl.html', $unique_page_name);
exit;
}
$db = new SQLite($SQLITE_DB_PATH);
# Check if the requested site exists.
#
# $HandlerMatches is a global array defined index.php where the
# request url was matched.
#
$escaped_site = $db->escape($HandlerMatches[1]);
# find the sites to display
# TODO: cache this (because it changes very rarely)
#
$site = $db->fetchRowQueryAssoc("SELECT id, name, sane_name, url FROM sites WHERE sane_name = '{$escaped_site}' AND visible = 1");
if ($db->isError()) {
$smarty->assign('tpl_content', 'content-error.tpl.html');
$smarty->assign('error', 'Database error has occured: ' . $db->getError());
$smarty->display('index.tpl.html');
exit;
}
if (!$site) {
# The requested site was not found
#
$smarty->assign('tpl_content', 'content-error.tpl.html');
$smarty->assign('error', "Pictures from '" . htmlentities($HandlerMatches[1]) . "' are not being collected!");
$smarty->display('index.tpl.html');
exit;
}
# Prepare data for navigation through pages [<prev] [1], [2], [3], etc, [next>]
