<?php $operation = $_REQUEST['ajax']; switch ($operation) { case 'read': $item_id = $_POST['id']; // Currently a huge security hole! Fix later! $sql = "UPDATE lylina_items\n\t\t\t SET viewed = 1\n\t\t\t WHERE id = {$item_id}"; $result = runSQL($sql); break; case 'update': $conf['debug'] = 'false'; require find_op("fetch"); $newest = $_REQUEST['newest']; // Also stupid and should be fixed $sql = "SELECT COUNT(*)\n FROM lylina_items\n WHERE id > {$newest}\n AND UNIX_TIMESTAMP(dt) > UNIX_TIMESTAMP()-(8*60*60)"; $result = runSQL($sql); echo $result[0]["COUNT(*)"]; break; case 'items': require_once 'inc/display.php'; require_once 'inc/itemDisplay.inc.php'; // echo '<div id="new">Get new items</div>'; printItems(0, 8); break; }
// If we aren't setup yet, run the installer if (!isset($conf) || $conf == '') { require_once 'installer/install.php'; } elseif ($conf['version'] != $version) { $upgrade_bit = true; require_once 'installer/upgrade.php'; } // Perform basic includes for all pages require_once "inc/smarty/libs/Smarty.class.php"; require_once 'inc/html.php'; require_once 'inc/display.php'; $UID = checkAuth($_REQUEST); // Output page headers writeHeaders(); // Setup the smarty output and include basic variables $output = new Smarty(); $output->assign('lang', $lang); // Language $output->assign('conf', $conf); // Main configuration $output->assign('version', $version); // Lylina version $output->assign('user', $UID); // User ID require_once "pages/{$page}.inc.php"; // Run smarty display $output->display("{$page}.tpl"); } else { // If we've got to perform a function require_once find_op($op); }