[ PHPXref.com ] [ Generated: Sun Jul 20 18:25:51 2008 ] [ KnowledgeRoot 0.9.6c ]
[ Index ]     [ Variables ]     [ Functions ]     [ Classes ]     [ Constants ]     [ Statistics ]

title

Body

[close]

/ -> index.php (source)

   1  <?php
   2  // Knowledgeroot is published under the GNU GPL! Read LICENSE
   3  // Frank Habermann <lordlamer@lordlamer.de>
   4  // Robert Scholz <scholzrobert@web.de>
   5  
   6  $version = "0.9.6c";
   7  
   8  require_once ("include/class-tree.php");
   9  require_once ("config.php");
  10  require_once ("include/function.php");
  11  require_once ("include/class-knowledgeroot.php");
  12  require_once ("language/language.php");
  13  require_once ("include/fckeditor.php");
  14  
  15  if($dbtype == "mysql") {
  16      require_once ("include/class-mysql.php");
  17  }
  18  
  19  if($dbtype == "mysqli") {
  20      require_once ("include/class-mysqli.php");
  21  }
  22  
  23  if($dbtype == "pgsql") {
  24      require_once ("include/class-pgsql.php");
  25  }
  26  
  27  if($KNOWLEDGEROOTDB != "PGSQL" && $KNOWLEDGEROOTDB != "MYSQL") {
  28      echo "WRONG DBTYPE SELECTED!\n";
  29      exit();
  30  }
  31  
  32  $db = new db();
  33  
  34  $db->connect($dbhost,$dbuser,$dbpass,$dbdatabase);
  35  
  36  if($dbtype == "pgsql") {
  37      $db->schema($dbschema);
  38      $db->set_client_encoding($dbencoding);
  39  }
  40  
  41  $knowledgeroot = new knowledgeroot();
  42  $knowledgeroot->start($db,$_SESSION['userid'],$_SESSION['groupid'],$languagetoken[$language], $dbtype);
  43  
  44  // addslashes on GET/POST
  45  $knowledgeroot->addSlashesOnArray($HTTP_GET_VARS);
  46  $knowledgeroot->addSlashesOnArray($HTTP_POST_VARS);
  47  
  48  session_name("sessionid");
  49  session_start();
  50  
  51  //check if userid and groupid is set, if not set to 0
  52  if($_SESSION['userid'] == "" || $_SESSION['groupid'] == "") {
  53      $_SESSION['userid'] = 0;
  54      $_SESSION['groupid'] = 0;
  55  }
  56  
  57  if($_SESSION['firstrun'] == "" && $expandall == 1) {
  58      $doexpand = 1;
  59  } else {
  60      $doexpand = 0;
  61  }
  62  
  63  if($HTTP_GET_VARS['id'] != "") {
  64      $id = $HTTP_GET_VARS['id'];
  65  } else {
  66      $id = $HTTP_POST_VARS['id'];
  67  }
  68  
  69  if($id != "") {
  70      $_SESSION['cid'] = $id;
  71      //echo $_SESSION['cid'];
  72  }
  73  
  74  if($HTTP_GET_VARS['action'] == "logout") {
  75          $_SESSION['user'] = "guest";
  76          $_SESSION['password'] = "guest";
  77          $_SESSION['md5hash'] = "";
  78          $_SESSION['cid'] = "";
  79          $_SESSION['userid'] = "";
  80          $_SESSION['groupid'] = "";
  81          $_SESSION['admin'] = "0";
  82          $treecache = $_SESSION['open'];
  83          session_destroy();
  84          $_SESSION['open'] = $treecache;
  85  }
  86  
  87  if($_SESSION['user'] != "guest" && $_SESSION['password'] != "guest" && $_SESSION['md5hash'] != md5($_SESSION['user'] . $_SESSION['password'])) {
  88          $_SESSION['user'] = "guest";
  89          $_SESSION['password'] = "guest";
  90          $_SESSION['md5hash'] = "";
  91          $_SESSION['admin'] = "0";
  92  }
  93  
  94  if($HTTP_POST_VARS['login'] != "") {
  95      $user = addslashes($HTTP_POST_VARS['user']);
  96      $pass = md5(addslashes($HTTP_POST_VARS['password']));
  97  
  98      $res = $db->query("SELECT id, defaultgroup, admin, rightedit, treecache FROM users WHERE name='$user' and password='$pass' and enabled=1");
  99      $anz = $db->num_rows($res);
 100      
 101      if($anz == 1) {
 102          $row = $db->fetch_assoc($res);
 103          $_SESSION['userid'] = $row['id'];
 104          $_SESSION['groupid'] = $row['defaultgroup'];
 105          $_SESSION['user'] = $user;
 106          $_SESSION['password'] = $pass;
 107          $_SESSION['md5hash'] = md5($user . $pass);
 108          $_SESSION['admin'] = $row['admin'];
 109          $_SESSION['rightedit'] = $row['rightedit'];
 110          $_SESSION['open'] = array();
 111          $_SESSION['open'] = unserialize($row['treecache']);
 112      } else {
 113          $_SESSION['user'] = "guest";
 114          $_SESSION['password'] = "guest";
 115      }
 116  }
 117  
 118  if($_GET['download'] != "") {
 119      $rs = $db->query("select * from files where id =".$_GET['download'].";");
 120      $anz = $db->num_rows($rs);
 121      
 122      if($anz != 1) {
 123          echo "WRONG DOWNLOADFILE!\n";
 124          exit();
 125      }
 126      
 127      $row = $db->fetch_assoc($rs);
 128  
 129      if($knowledgeroot->checkRecursivPerm($row['belongs_to'], $_SESSION['userid']) == 0) {
 130          echo "No File for you!\n";
 131          exit();
 132      }
 133      
 134      header('Accept-Ranges: bytes');
 135      header('Content-Length: '.$row['filesize'].'');
 136      header('Keep-Alive: timeout=15, max=100');
 137      header('Content-type: '.$row['filetype'].'');
 138      header('Content-Disposition: attachment; filename="'.$row['filename'].'"');
 139  
 140      if($dbtype == "pgsql") {
 141          $db->query ("begin");
 142          $loid = $db->lo_open($row['object'], "r");
 143          $db->lo_read_all ($loid);
 144          $db->lo_close ($loid);
 145          $db->query ("commit");
 146          $db->close();
 147      }
 148      
 149      if($dbtype == "mysql") {
 150          echo unserialize($row['file']);
 151      }
 152      
 153  
 154      exit();
 155  }
 156  
 157  // if readonly than disable
 158  if($readonly == 0) {
 159      if($HTTP_POST_VARS['submit'] && $HTTP_POST_VARS['editid']) {
 160          if($knowledgeroot->getPageRights($_SESSION['cid'],$_SESSION['userid']) == 2 && $knowledgeroot->getContentRights($HTTP_POST_VARS['editid'],$_SESSION['userid']) == 2) {
 161              if($HTTP_POST_VARS['close'] == "") {
 162                  $content = stripslashes($content);
 163                  
 164                  if($_SESSION['rightedit'] == 1) {
 165                      if($dbtype == "pgsql") {
 166                          $res = $db->query("UPDATE content SET content='".$HTTP_POST_VARS['content']."', owner='".$HTTP_POST_VARS['user']."', \"group\"='".$HTTP_POST_VARS['group']."', userrights='".$HTTP_POST_VARS['userrights']."', grouprights='".$HTTP_POST_VARS['grouprights']."', otherrights='".$HTTP_POST_VARS['otherrights']."' WHERE id='".$HTTP_POST_VARS['editid']."'");
 167                      } else {
 168                          $res = $db->query("UPDATE content SET content='".$HTTP_POST_VARS['content']."', owner='".$HTTP_POST_VARS['user']."', `group`='".$HTTP_POST_VARS['group']."', userrights='".$HTTP_POST_VARS['userrights']."', grouprights='".$HTTP_POST_VARS['grouprights']."', otherrights='".$HTTP_POST_VARS['otherrights']."' WHERE id='".$HTTP_POST_VARS['editid']."'");
 169                      }
 170                  } else {
 171                      $res = $db->query("UPDATE content SET content='".$HTTP_POST_VARS['content']."' WHERE id='".$HTTP_POST_VARS['editid']."'");
 172                  }
 173                  
 174                  if($HTTP_POST_VARS['save'] != "") {
 175                      $HTTP_GET_VARS['eid'] = $HTTP_POST_VARS['editid'];
 176                  }
 177              }
 178          }
 179      }
 180      
 181      if($HTTP_POST_VARS['submit'] && $HTTP_POST_VARS['neditid']) {
 182          if($knowledgeroot->getPageRights($HTTP_POST_VARS['belongsto'],$_SESSION['userid']) == 2) {
 183              if($HTTP_POST_VARS['close'] == "") {
 184                  $content = stripslashes($content);
 185                  
 186                  if($_SESSION['rightedit'] == 1) {
 187                      if($dbtype == "pgsql") {
 188                          $res = $db->query("INSERT INTO content (belongs_to, content,owner,\"group\",userrights,grouprights,otherrights) VALUES(".$HTTP_POST_VARS['belongsto'].", '".$HTTP_POST_VARS['content']."', '".$HTTP_POST_VARS['user']."', '".$HTTP_POST_VARS['group']."', '".$HTTP_POST_VARS['userrights']."', '".$HTTP_POST_VARS['grouprights']."', '".$HTTP_POST_VARS['otherrights']."')");
 189                      } else {
 190                          $res = $db->query("INSERT INTO content (belongs_to, content,owner,`group`,userrights,grouprights,otherrights) VALUES(".$HTTP_POST_VARS['belongsto'].", '".$HTTP_POST_VARS['content']."', '".$HTTP_POST_VARS['user']."', '".$HTTP_POST_VARS['group']."', '".$HTTP_POST_VARS['userrights']."', '".$HTTP_POST_VARS['grouprights']."', '".$HTTP_POST_VARS['otherrights']."')");
 191                      }
 192                  } else {
 193                      if(!empty($_SESSION['userid'])) {
 194                          // user logged in but have no rightedit -> use defaultrights
 195                          $res = $db->query("SELECT id,defaultgroup,defaultrights FROM users WHERE id=".$_SESSION['userid']."");
 196                          $anz = $db->num_rows($res);
 197                          
 198                          if($anz == 1) {
 199                              $row = $db->fetch_assoc($res);
 200                              if($dbtype == "pgsql") {
 201                                  $res = $db->query("INSERT INTO content (belongs_to, content,owner,\"group\",userrights,grouprights,otherrights) VALUES(".$HTTP_POST_VARS['belongsto'].", '".$HTTP_POST_VARS['content']."', '".$row['id']."', '".$row['defaultgroup']."', '".substr($row['defaultrights'],0,1)."', '".substr($row['defaultrights'],1,1)."', '".substr($row['defaultrights'],2,1)."')");
 202                              } else {
 203                                  $res = $db->query("INSERT INTO content (belongs_to, content,owner,`group`,userrights,grouprights,otherrights) VALUES(".$HTTP_POST_VARS['belongsto'].", '".$HTTP_POST_VARS['content']."', '".$row['id']."', '".$row['defaultgroup']."', '".substr($row['defaultrights'],0,1)."', '".substr($row['defaultrights'],1,1)."', '".substr($row['defaultrights'],2,1)."')");
 204                              }
 205                          } else {
 206                              if($dbtype == "pgsql") {
 207                                  $res = $db->query("INSERT INTO content (belongs_to, content,owner,\"group\",userrights,grouprights,otherrights) VALUES(".$HTTP_POST_VARS['belongsto'].", '".$HTTP_POST_VARS['content']."', '0', '0', '2', '2', '2')");
 208                              } else {
 209                                  $res = $db->query("INSERT INTO content (belongs_to, content,owner,`group`,userrights,grouprights,otherrights) VALUES(".$HTTP_POST_VARS['belongsto'].", '".$HTTP_POST_VARS['content']."', '0', '0', '2', '2', '2')");
 210                              }
 211                          }
 212                      } else {
 213                          // no user logged in
 214                          if($dbtype == "pgsql") {
 215                              $res = $db->query("INSERT INTO content (belongs_to, content,owner,\"group\",userrights,grouprights,otherrights) VALUES(".$HTTP_POST_VARS['belongsto'].", '".$HTTP_POST_VARS['content']."', '0', '0', '2', '2', '2')");
 216                          } else {
 217                              $res = $db->query("INSERT INTO content (belongs_to, content,owner,`group`,userrights,grouprights,otherrights) VALUES(".$HTTP_POST_VARS['belongsto'].", '".$HTTP_POST_VARS['content']."', '0', '0', '2', '2', '2')");
 218                          }
 219                      }
 220                  }
 221                  
 222                  if($HTTP_POST_VARS['save'] != "") {
 223                      $HTTP_GET_VARS['eid'] = $db->last_id("seq_knowledge");
 224                  }    
 225              }
 226          }
 227      }
 228      
 229      if($HTTP_POST_VARS['submit'] && $HTTP_POST_VARS['newpage']) {
 230          if($knowledgeroot->getPageRights($HTTP_POST_VARS['belongsto'],$_SESSION['userid']) == 2 && $HTTP_POST_VARS['title'] != "") {
 231              if($_SESSION['rightedit'] == 1) {
 232                  //change this for mysql
 233                  if($dbtype == "pgsql") {
 234                      $res = $db->query("INSERT INTO tree (belongs_to,title,owner,\"group\",userrights,grouprights,otherrights) VALUES ('".$HTTP_POST_VARS['belongsto']."','".$HTTP_POST_VARS['title']."', '".$HTTP_POST_VARS['user']."', '".$HTTP_POST_VARS['group']."', '".$HTTP_POST_VARS['userrights']."', '".$HTTP_POST_VARS['grouprights']."', '".$HTTP_POST_VARS['otherrights']."')");
 235                  } else {
 236                      $res = $db->query("INSERT INTO tree (belongs_to,title,owner,`group`,userrights,grouprights,otherrights) VALUES ('".$HTTP_POST_VARS['belongsto']."','".$HTTP_POST_VARS['title']."', '".$HTTP_POST_VARS['user']."', '".$HTTP_POST_VARS['group']."', '".$HTTP_POST_VARS['userrights']."', '".$HTTP_POST_VARS['grouprights']."', '".$HTTP_POST_VARS['otherrights']."')");
 237                  }
 238              } else {
 239                  if(!empty($_SESSION['userid'])) {
 240                      // user logged in but have no rightedit -> use defaultrights
 241                      $res = $db->query("SELECT id,defaultgroup,defaultrights FROM users WHERE id=".$_SESSION['userid']."");
 242                      $anz = $db->num_rows($res);
 243                      
 244                      if($anz == 1) {
 245                          $row = $db->fetch_assoc($res);
 246                          if($dbtype == "pgsql") {
 247                              $res = $db->query("INSERT INTO tree (belongs_to,title,owner,\"group\",userrights,grouprights,otherrights) VALUES ('".$HTTP_POST_VARS['belongsto']."','".$HTTP_POST_VARS['title']."', '".$row['id']."', '".$row['defaultgroup']."', '".substr($row['defaultrights'],0,1)."', '".substr($row['defaultrights'],1,1)."', '".substr($row['defaultrights'],2,1)."')");
 248                          } else {
 249                              $res = $db->query("INSERT INTO tree (belongs_to,title,owner,`group`,userrights,grouprights,otherrights) VALUES ('".$HTTP_POST_VARS['belongsto']."','".$HTTP_POST_VARS['title']."', '".$row['id']."', '".$row['defaultgroup']."', '".substr($row['defaultrights'],0,1)."', '".substr($row['defaultrights'],1,1)."', '".substr($row['defaultrights'],2,1)."')");
 250                          }
 251                      } else {
 252                          if($dbtype == "pgsql") {
 253                              $res = $db->query("INSERT INTO tree (belongs_to,title,owner,\"group\",userrights,grouprights,otherrights) VALUES ('".$HTTP_POST_VARS['belongsto']."','".$HTTP_POST_VARS['title']."', '0', '0', '2', '2', '2')");
 254                          } else {
 255                              $res = $db->query("INSERT INTO tree (belongs_to,title,owner,`group`,userrights,grouprights,otherrights) VALUES ('".$HTTP_POST_VARS['belongsto']."','".$HTTP_POST_VARS['title']."', '0', '0', '2', '2', '2')");
 256                          }
 257                      }
 258                  } else {
 259                      // no user logged in
 260                      if($dbtype == "pgsql") {
 261                          $res = $db->query("INSERT INTO tree (belongs_to,title,owner,\"group\",userrights,grouprights,otherrights) VALUES ('".$HTTP_POST_VARS['belongsto']."','".$HTTP_POST_VARS['title']."', '0', '0', '2', '2', '2')");
 262                      } else {
 263                          $res = $db->query("INSERT INTO tree (belongs_to,title,owner,`group`,userrights,grouprights,otherrights) VALUES ('".$HTTP_POST_VARS['belongsto']."','".$HTTP_POST_VARS['title']."', '0', '0', '2', '2', '2')");
 264                      }
 265                  }    
 266              }
 267              
 268              
 269              
 270              $_SESSION['open'][$HTTP_POST_VARS['belongsto']] = 1;
 271          }
 272      }
 273      
 274      if($HTTP_POST_VARS['submit'] && $HTTP_POST_VARS['upload']) {
 275          if($knowledgeroot->getContentRights($HTTP_POST_VARS['contentid'],$_SESSION['userid']) == 2) {
 276              $uploaddir = "uploads/";
 277              if(move_uploaded_file($_FILES['datei']['tmp_name'], $uploaddir . $_FILES['datei']['name'])) {
 278          //
 279              $fp = fopen($uploaddir.$_FILES['datei']['name'],"r");
 280              $buffer = fread($fp,filesize($uploaddir.$_FILES['datei']['name']));
 281              fclose($fp);
 282          
 283              //import for postgresql
 284              if($dbtype == "pgsql") {
 285                  $db->query ("begin");
 286                  $oid = $db->lo_create ();
 287                  $rs = $db->query("insert into files(belongs_to,object,filename,filesize,filetype,owner) values('".$HTTP_POST_VARS['contentid']."',$oid,'" . $_FILES['datei']['name'] .  "','" . $_FILES['datei']['size'] . "','" . $_FILES['datei']['type'] . "','".$_SESSION['userid']."');");//object field type must be "oid"
 288                  $handle = $db->lo_open ($oid, "w");
 289                  $db->lo_write ($handle, $buffer);
 290                  $db->lo_close ($handle);
 291                  $db->query ("commit");
 292              }
 293          
 294              //import for mysql
 295              if($dbtype == "mysql") {
 296                  $db->query("INSERT INTO files(belongs_to,file,filename,filesize,filetype,owner) VALUES ('".$HTTP_POST_VARS['contentid']."','".addslashes(serialize($buffer))."','" . $_FILES['datei']['name'] .  "','" . $_FILES['datei']['size'] . "','" . $_FILES['datei']['type'] . "','".$_SESSION['userid']."')");
 297              }
 298          
 299              unlink($uploaddir.$_FILES['datei']['name']);
 300              
 301          //    
 302              }
 303          }
 304      }
 305      
 306      if($HTTP_GET_VARS['delid'] != "") {
 307          if($knowledgeroot->getContentRights($HTTP_GET_VARS['delid'],$_SESSION['userid']) == 2) {
 308              $res = $db->query("UPDATE content SET deleted=1 WHERE id='".$HTTP_GET_VARS['delid']."'");
 309              $res = $db->query("UPDATE files SET deleted=1 WHERE belongs_to='".$HTTP_GET_VARS['delid']."'");
 310              //$res = $db->query("DELETE FROM content WHERE id='".$HTTP_GET_VARS['delid']."'");
 311              //$res = $db->query("DELETE FROM files WHERE belongs_to='".$HTTP_GET_VARS['delid']."'");
 312          }
 313      }
 314      
 315      if($HTTP_GET_VARS['delpage'] != "") {
 316          if($knowledgeroot->getPageRights($HTTP_GET_VARS['delpage'],$_SESSION['userid']) == 2) {
 317              $res = $db->query("SELECT count(*) AS anz FROM content WHERE belongs_to='".$HTTP_GET_VARS['delpage']."' AND deleted=0");
 318              $row = $db->fetch_object($res);
 319              $anz = $row->anz;
 320              
 321              $res = $db->query("SELECT count(*) AS anz FROM tree WHERE belongs_to='".$HTTP_GET_VARS['delpage']."' AND deleted=0");
 322              $row = $db->Fetch_object($res);
 323              $anz = $anz + $row->anz; 
 324              
 325              if($anz == "0") {
 326                  //$res = $db->query("DELETE FROM tree WHERE id='".$HTTP_GET_VARS['delpage']."'");
 327                  $res = $db->query("UPDATE tree SET deleted=1 WHERE id='".$HTTP_GET_VARS['delpage']."'");
 328              } else {
 329                  $delpagemessage = "<div class=\"redmsg\">". $languagetoken[$language]['delpagefailed'] . "</div>\n";
 330              }
 331          }
 332      }
 333      
 334      if($HTTP_POST_VARS['editpage'] != "" && $HTTP_POST_VARS['editpage'] != "1") {
 335          if($knowledgeroot->getPageRights($_SESSION['cid'],$_SESSION['userid']) == 2 && $HTTP_POST_VARS['title'] != "") {
 336              if($_SESSION['rightedit'] == 1 || $_SESSION['admin'] == 1) {
 337                  if($dbtype == "pgsql") {
 338                      $res = $db->query("UPDATE tree SET title='".$HTTP_POST_VARS['title']."', owner='".$HTTP_POST_VARS['user']."', \"group\"='".$HTTP_POST_VARS['group']."', userrights='".$HTTP_POST_VARS['userrights']."', grouprights='".$HTTP_POST_VARS['grouprights']."', otherrights='".$HTTP_POST_VARS['otherrights']."' WHERE id='".$_SESSION['cid']."'");
 339                  } else {
 340                      $res = $db->query("UPDATE tree SET title='".$HTTP_POST_VARS['title']."', owner='".$HTTP_POST_VARS['user']."', `group`='".$HTTP_POST_VARS['group']."', userrights='".$HTTP_POST_VARS['userrights']."', grouprights='".$HTTP_POST_VARS['grouprights']."', otherrights='".$HTTP_POST_VARS['otherrights']."' WHERE id='".$_SESSION['cid']."'");
 341                  }
 342                  
 343                  if($HTTP_POST_VARS['recursiv'] == 1) {
 344                      $knowledgeroot->setRightsRecursiv($_SESSION['cid'],$_SESSION['userid'],$HTTP_POST_VARS['user'],$HTTP_POST_VARS['group'],$HTTP_POST_VARS['userrights'].$HTTP_POST_VARS['grouprights'].$HTTP_POST_VARS['otherrights']);
 345                  }
 346              } else {
 347                  $res = $db->query("UPDATE tree SET title='".$HTTP_POST_VARS['title']."' WHERE id='".$_SESSION['cid']."'");
 348              }
 349          }
 350      }
 351      
 352      if($HTTP_GET_VARS['delfile'] != "") {
 353          $res = $db->query("SELECT belongs_to FROM files WHERE id='".$HTTP_GET_VARS['delfile']."'");
 354          $anz = $db->num_rows($res);
 355          
 356          if($anz == 1) {
 357              $row = $db->fetch_assoc($res);
 358              
 359              if($knowledgeroot->getContentRights($row['belongs_to'],$_SESSION['userid']) == 2) {
 360              
 361                  if($dbtype == "pgsql") {
 362                      $res = $db->query("SELECT object FROM files WHERE id='".$HTTP_GET_VARS['delfile']."'");
 363              
 364                      $anz = $db->num_rows($res);
 365              
 366                      if($anz == 1) {
 367                          $row = $db->fetch_assoc($res);
 368                          $db->lo_unlink($row['object']);
 369                      }
 370                  }
 371                  
 372                  //$res = $db->query("DELETE FROM files WHERE id='".$HTTP_GET_VARS['delfile']."'");
 373                  $res = $db->query("UPDATE files SET deleted=1 WHERE id='".$HTTP_GET_VARS['delfile']."'");
 374              }
 375          }
 376      }
 377  
 378      if($HTTP_POST_VARS['submit'] && $HTTP_POST_VARS['action'] == "createroot") {
 379          // rechte checken -> adminrechte
 380          if($_SESSION['admin'] == 1) {
 381              //für mysql umschreiben wegen " um group
 382              if($dbtype == "pgsql") {
 383                  $res = $db->query("INSERT INTO tree (belongs_to, title, owner, \"group\", userrights, grouprights, otherrights) VALUES (0, '".$HTTP_POST_VARS['title']."', '".$HTTP_POST_VARS['user']."', '".$HTTP_POST_VARS['group']."', '".$HTTP_POST_VARS['userrights']."', '".$HTTP_POST_VARS['grouprights']."', '".$HTTP_POST_VARS['otherrights']."')");
 384              } else {
 385                  $res = $db->query("INSERT INTO tree (belongs_to, title, owner, `group`, userrights, grouprights, otherrights) VALUES (0, '".$HTTP_POST_VARS['title']."', '".$HTTP_POST_VARS['user']."', '".$HTTP_POST_VARS['group']."', '".$HTTP_POST_VARS['userrights']."', '".$HTTP_POST_VARS['grouprights']."', '".$HTTP_POST_VARS['otherrights']."')");
 386              }
 387          }
 388      }
 389      
 390      if($HTTP_POST_VARS['submit'] && $HTTP_POST_VARS['action'] == "adduser" && $HTTP_POST_VARS['name'] != "") {
 391          if($_SESSION['admin'] == 1) {
 392              //print_r($HTTP_POST_VARS['groups']);
 393              $res = $db->query("INSERT INTO users (name, password, enabled, defaultgroup, defaultrights, admin, rightedit) VALUES ('".$HTTP_POST_VARS['name']."','".md5($HTTP_POST_VARS['password'])."', ".$HTTP_POST_VARS['enabled'].", ".$HTTP_POST_VARS['defaultgroup'].", ".$HTTP_POST_VARS['userrights'].$HTTP_POST_VARS['grouprights'].$HTTP_POST_VARS['otherrights'].",".$HTTP_POST_VARS['admin'].",".$HTTP_POST_VARS['rightedit'].")");
 394              
 395              $res = $db->query("SELECT id FROM users WHERE name='".$HTTP_POST_VARS['name']."'");
 396              while($row = $db->fetch_assoc($res)) {
 397                  foreach($HTTP_POST_VARS['groups'] as $key => $value) {
 398                      $res = $db->query("INSERT INTO user_group (userid, groupid) VALUES (".$row['id'].",".$value.")");
 399                  }
 400              }
 401          
 402              $HTTP_GET_VARS['action'] = "users";
 403          }    
 404      }
 405      
 406      if($HTTP_POST_VARS['submit'] && $HTTP_POST_VARS['action'] == "edituser" && $HTTP_POST_VARS['name'] != "") {
 407          if($_SESSION['admin'] == 1) {
 408              //print_r($HTTP_POST_VARS['groups']);
 409              if($HTTP_POST_VARS['password'] == "") {
 410                  $res = $db->query("UPDATE users SET name='".$HTTP_POST_VARS['name']."', enabled=".$HTTP_POST_VARS['enabled'].", defaultgroup=".$HTTP_POST_VARS['defaultgroup'].", defaultrights=".$HTTP_POST_VARS['userrights'].$HTTP_POST_VARS['grouprights'].$HTTP_POST_VARS['otherrights'].", admin=".$HTTP_POST_VARS['admin'].", rightedit=".$HTTP_POST_VARS['rightedit']." WHERE id=".$HTTP_POST_VARS['uid']."");
 411              } else {
 412                  $res = $db->query("UPDATE users SET name='".$HTTP_POST_VARS['name']."', password='".md5($HTTP_POST_VARS['password'])."', enabled=".$HTTP_POST_VARS['enabled'].", defaultgroup=".$HTTP_POST_VARS['defaultgroup'].", defaultrights=".$HTTP_POST_VARS['userrights'].$HTTP_POST_VARS['grouprights'].$HTTP_POST_VARS['otherrights'].", admin=".$HTTP_POST_VARS['admin'].", rightedit=".$HTTP_POST_VARS['rightedit']." WHERE id=".$HTTP_POST_VARS['uid']."");
 413              }
 414              
 415              $res = $db->query("DELETE FROM user_group WHERE userid=".$HTTP_POST_VARS['uid']."");
 416              foreach($HTTP_POST_VARS['groups'] as $key => $value) {
 417                  $res = $db->query("INSERT INTO user_group (userid, groupid) VALUES (".$HTTP_POST_VARS['uid'].",".$value.")");
 418              }
 419              
 420              $HTTP_GET_VARS['action'] = "users";
 421          }
 422      }
 423      
 424      if($HTTP_POST_VARS['submit'] && $HTTP_POST_VARS['action'] == "addgroup" && $HTTP_POST_VARS['name'] != "") {
 425          if($_SESSION['admin'] == 1) {
 426              $res = $db->query("INSERT INTO groups (name,enabled) VALUES ('".$HTTP_POST_VARS['name']."', 1)");
 427              $HTTP_GET_VARS['action'] = "users";
 428          }
 429      }
 430      
 431      if($HTTP_POST_VARS['submit'] && $HTTP_POST_VARS['action'] == "editgroup" && $HTTP_POST_VARS['name'] != "") {
 432          if($_SESSION['admin'] == 1) {
 433              $res = $db->query("UPDATE groups SET name='".$HTTP_POST_VARS['name']."' WHERE id=".$HTTP_POST_VARS['gid']."");
 434              $HTTP_GET_VARS['action'] = "users";
 435          }
 436      }
 437      
 438      if($HTTP_GET_VARS['action'] == "deluser" && $HTTP_GET_VARS['uid'] != "") {
 439          if($_SESSION['admin'] == 1) {
 440              $res = $db->query("DELETE FROM users WHERE id =".$HTTP_GET_VARS['uid']."");
 441              $HTTP_GET_VARS['action'] = "users";
 442          }
 443      }
 444  
 445      if($HTTP_GET_VARS['action'] == "delgroup" && $HTTP_GET_VARS['gid'] != "") {
 446          if($_SESSION['admin'] == 1) {
 447              $res = $db->query("DELETE FROM groups WHERE id =".$HTTP_GET_VARS['gid']."");
 448              $HTTP_GET_VARS['action'] = "users";
 449          }
 450      }
 451  
 452      if($HTTP_POST_VARS['action'] == "options") {
 453          if($HTTP_POST_VARS['password'] == $HTTP_POST_VARS['password1'] && $_SESSION['userid'] != 0) {
 454              $res = $db->query("UPDATE users SET password='".md5($HTTP_POST_VARS['password'])."' WHERE id=".$_SESSION['userid']."");
 455              $message = "<div class=\"greenmsg\">".$languagetoken[$language]['optionform']['changed']."</div>";
 456          } else {
 457              $message = "<div class=\"redmsg\">".$languagetoken[$language]['optionform']['failed']."</div>";
 458          }
 459      }
 460      
 461  }
 462  
 463  $tree = new categoryTree();
 464  $tree->start($db,$doexpand,$_SESSION['userid'],$_SESSION['groupid']);
 465  
 466  if($readonly == 0) {
 467  
 468      // move page
 469      if($HTTP_POST_VARS['move'] == "move" && $HTTP_POST_VARS['to'] != $_SESSION['cid']) {
 470          if($knowledgeroot->getPageRights($_SESSION['cid'],$_SESSION['userid']) == 2 && $knowledgeroot->getPageRights($HTTP_POST_VARS['to'],$_SESSION['userid']) == 2) {
 471              
 472              // check if element is a kind of element to move -> if yes than abort
 473              if(!$tree->isParentelement($HTTP_POST_VARS['to'],$_SESSION['cid'])) {
 474                  $res = $db->query("UPDATE tree SET belongs_to='".$HTTP_POST_VARS['to']."' WHERE id='".$_SESSION['cid']."'");
 475              }
 476          }
 477      }
 478      
 479      // move page content
 480      if($HTTP_POST_VARS['move'] == "cmove" && $HTTP_POST_VARS['to'] != $_SESSION['cid'] && $HTTP_POST_VARS['contentid'] != "") {
 481          if($knowledgeroot->getPageRights($HTTP_POST_VARS['to'],$_SESSION['userid']) == 2 && $knowledgeroot->getContentRights($HTTP_POST_VARS['contentid'],$_SESSION['userid']) == 2) {
 482              $res = $db->query("UPDATE content SET belongs_to='".$HTTP_POST_VARS['to']."' WHERE id='".$HTTP_POST_VARS['contentid']."'");
 483          }
 484      }
 485      
 486      
 487      if($HTTP_GET_VARS['openid'] != "") {
 488          //echo "#$#".$_SESSION['open'][$openid]."#";
 489          if($_SESSION['open'][$HTTP_GET_VARS['openid']] == 0) {
 490              $_SESSION['open'][$HTTP_GET_VARS['openid']] = 1;
 491              //echo ":::";
 492          } else {
 493              $_SESSION['open'][$HTTP_GET_VARS['openid']] = 0;
 494          }
 495          
 496          // save treecache
 497          if(!empty($_SESSION['userid'])) {
 498              $res = $db->query("UPDATE users SET treecache='".serialize($_SESSION['open'])."' WHERE id=".$_SESSION['userid']."");
 499          }
 500      }
 501  
 502  }
 503  ?>
 504  <html>
 505  <head>
 506      <title>KnowledgeRoot</title>
 507  <?php
 508  if($charset != "") {
 509      echo "\t<meta http-equiv=\"Content-Type\" content=\"text/html\" charset=\"" . $charset . "\">\n";
 510  }
 511  ?>
 512      <meta name="generator" content="Knowledgeroot 0.9.6" />
 513      <link rel="stylesheet" href="knowledgeroot.css" type="text/css">
 514  </head>
 515  <body>
 516  <a name="top"></a>
 517  <table border="0" cellpadding="0" cellspacing="0" width="100%">
 518  <tr class="head"><td class="head" colspan="2"><table border="0" cellpadding="0" cellspacing="0" width="100%"><tr><td><div class="title"><?php echo $title; ?></div></td><td align="right" valign="bottom"><div class="version"><a href="http://www.linuxdelta.de/Knowledgeroot.html">Knowledgeroot</a> - Frank Habermann - <?php echo $languagetoken[$language]['version'] . ":&nbsp;" . $version; ?></div>
 519  <div class="mainnavi">[<?php
 520  if($_SESSION['user'] == "guest" || empty($_SESSION['userid'])) {
 521      echo "<a href=\"index.php?action=login\">".$languagetoken[$language]['menu']['login']."</a>"; 
 522  } else {
 523      if($_SESSION['admin'] == 1) {
 524          echo "<a href=\"index.php?action=createroot\">".$languagetoken[$language]['menu']['roots']."</a>]&nbsp;";
 525          echo "[<a href=\"index.php?action=users\">".$languagetoken[$language]['menu']['user']."</a>]&nbsp;";
 526          echo "[<a href=\"index.php?action=options\">".$languagetoken[$language]['menu']['options']."</a>]&nbsp;";
 527          echo "[<a href=\"index.php?action=logout\">".$languagetoken[$language]['menu']['logout']."</a>"; 
 528      } else {
 529          echo "<a class=\"mainnavi\" href=\"index.php?action=options\">".$languagetoken[$language]['menu']['options']."</a>]&nbsp;";
 530           echo "[<a class=\"mainnavi\" href=\"index.php?action=logout\">".$languagetoken[$language]['menu']['logout']."</a>";     
 531      }
 532  } ?>
 533  ]</div></td></tr></table></td></tr>
 534  
 535  <tr class="navigationpath"><form action="index.php" method="post"><td class="navigation" colspan="2"><div class="navigationleft"><b><?php echo $languagetoken[$language]['path']; ?>:
 536  <?php
 537  
 538  $path = new pathTree();
 539  $path->start($db,$doexpand,$_SESSION['userid'],$_SESSION['groupid']);
 540  
 541  if($knowledgeroot->checkRecursivPerm($_SESSION['cid'], $_SESSION['userid']) != 0) {
 542      echo $path->getPath($_SESSION['cid']);
 543  } else {
 544      echo "/";
 545  }
 546  
 547  ?>
 548  
 549  </b></div><div class="navigationright"><?php echo $languagetoken[$language]['user'] . ":&nbsp;" . $_SESSION['user']; ?>&nbsp;</div>
 550  <div class="navigationmiddle">
 551      
 552          <?php echo $languagetoken[$language]['search']; ?>:
 553          <input class="searchfield" type="text" name="search" value="">
 554          <input class="searchgo" type="submit" name="submit" value="<?php echo $languagetoken[$language]['searchgo']; ?>">
 555      
 556  </div></td></form></tr>
 557  
 558  <tr>
 559   <td align="left" style="padding:10px 10px 5px 15px;" valign="top" width="100">
 560  <?php
 561  $tree->open = $_SESSION['open'];
 562  
 563  $tree->buildTree(0);
 564  
 565  ?>
 566   </td>
 567   <td align="left" valign="top" style="padding:20px 20px 20px 20px;">
 568  <?php
 569  
 570      if($HTTP_GET_VARS['action'] == "newcontent" && $readonly == 0) {
 571          if($knowledgeroot->getPageRights($_SESSION['cid'],$_SESSION['userid']) == 2) {
 572              echo "[<a href=\"index.php\">".$languagetoken[$language]['back']."</a>]<br><br>";
 573              echo "<form action=\"index.php\" method=\"post\">";
 574              echo "<input type=\"hidden\" name=\"neditid\" value=\"new\">";
 575              echo "<input type=\"hidden\" name=\"belongsto\" value=\"".$_SESSION['cid']."\">";
 576              echo "<input type=\"hidden\" name=\"submit\" value=\"submit\">";
 577              echo "<input type=\"submit\" name=\"save\" value=\"".$languagetoken[$language]['save']."\">";
 578              echo "<input type=\"submit\" name=\"saveandclose\" value=\"".$languagetoken[$language]['saveandclose']."\">";
 579              echo "<input type=\"submit\" name=\"close\" value=\"".$languagetoken[$language]['close']."\">";
 580              echo "<br><br>\n";
 581                      
 582              if($htmleditor == 1) {
 583                  $sBasePath = $_SERVER['PHP_SELF'] ;
 584                  $sBasePath = substr( $sBasePath, 0, strpos( $sBasePath, "index.php" ) );
 585                  
 586                  $oFCKeditor = new FCKeditor('content') ;
 587                  $oFCKeditor->BasePath    = $sBasePath;
 588                  $oFCKeditor->Value = '' ;
 589                  $oFCKeditor->Width  = $htmleditorwidth;
 590                  $oFCKeditor->Height = $htmleditorheight;
 591                  $oFCKeditor->Config['AutoDetectLanguage']    = $htmleditorlangdetect;
 592                  $oFCKeditor->Config['DefaultLanguage']        = $htmleditorlangdefault;
 593                  $oFCKeditor->Config['SkinPath'] = $sBasePath . 'editor/skins/' . $htmleditorskin . '/' ;
 594                  $oFCKeditor->ToolbarSet = $htmleditortoolbar;
 595                  $oFCKeditor->Create() ;
 596              } else {
 597                  echo "<textarea name=\"content\" cols=\"75\" rows=\"20\">\n";
 598                  echo "</textarea>\n";
 599              }
 600              
 601              echo "<br><br>\n";
 602              //check rights!!!
 603              
 604              if(!empty($_SESSION['userid'])) {
 605                  echo $knowledgeroot->rightpanel($_SESSION['userid']);
 606              }
 607              
 608              echo "<br><br>\n";
 609              echo "<input type=\"submit\" name=\"submit\" value=\"".$languagetoken[$language]['save']."\">";
 610              echo "<input type=\"submit\" name=\"submit\" value=\"".$languagetoken[$language]['saveandclose']."\">";
 611              echo "<input type=\"submit\" name=\"submit\" value=\"".$languagetoken[$language]['close']."\">";
 612              echo "</form>";
 613          }
 614      } elseif($HTTP_GET_VARS['action'] == "newpage" && $readonly == 0) {
 615          if($knowledgeroot->getPageRights($_SESSION['cid'],$_SESSION['userid']) == 2) {
 616              echo "[<a href=\"index.php\">".$languagetoken[$language]['back']."</a>]<br><br>";
 617              echo "<form action=\"index.php\" method=\"post\">";
 618              echo "<input type=\"hidden\" name=\"newpage\" value=\"new\">";
 619              echo "<input type=\"hidden\" name=\"belongsto\" value=\"".$_SESSION['cid']."\">";
 620              echo "<input type=\"text\" name=\"title\" value=\"\"><br>";
 621              echo "<input type=\"submit\" name=\"submit\" value=\"".$languagetoken[$language]['save']."\">";
 622              //check rights!!!
 623              if(!empty($_SESSION['userid'])) {
 624                  echo $knowledgeroot->rightpanel($_SESSION['userid']);
 625              }
 626              
 627              echo "</form>";
 628          }
 629      } elseif($HTTP_GET_VARS['action'] == "editpage" && $readonly == 0) {
 630          if($knowledgeroot->getPageRights($_SESSION['cid'],$_SESSION['userid']) == 2) {
 631              $res = $db->query("SELECT * FROM tree WHERE id='".$_SESSION['cid']."'");
 632              $anz = $db->num_rows($res);
 633      
 634              if($anz == 1) {
 635                  $row = $db->fetch_assoc($res);
 636              }
 637              
 638              echo "[<a href=\"index.php\">".$languagetoken[$language]['back']."</a>]<br><br>";
 639              echo "<form action=\"index.php\" method=\"post\">";
 640              echo "<input type=\"hidden\" name=\"editpage\" value=\"".$_SESSION['cid']."\">";
 641              echo "<input type=\"text\" name=\"title\" value=\"".$row['title']."\"><br>";
 642              echo "<input type=\"submit\" name=\"submit\" value=\"".$languagetoken[$language]['rename']."\">";
 643              
 644              //check rights
 645              if(!empty($_SESSION['userid'])) {
 646                  echo $knowledgeroot->editRightPanel($row['owner'],$row['group'],$row['userrights'].$row['grouprights'].$row['otherrights'],1);
 647              }
 648              
 649              echo "</form>";
 650          }
 651      } elseif($HTTP_GET_VARS['eid'] != "" && $readonly == 0) {
 652          if($knowledgeroot->getPageRights($_SESSION['cid'],$_SESSION['userid']) == 2 && $knowledgeroot->getContentRights($HTTP_GET_VARS['eid'],$_SESSION['userid']) == 2) {
 653              echo "[<a href=\"index.php\">".$languagetoken[$language]['back']."</a>]<br><br>";
 654              echo "<form action=\"index.php\" method=\"post\">";
 655              echo "<input type=\"hidden\" name=\"editid\" value=\"".$HTTP_GET_VARS['eid']."\">";
 656              echo "<input type=\"hidden\" name=\"submit\" value=\"submit\">";
 657              echo "<input type=\"submit\" name=\"save\" value=\"".$languagetoken[$language]['save']."\">";
 658              echo "<input type=\"submit\" name=\"saveandclose\" value=\"".$languagetoken[$language]['saveandclose']."\">";
 659              echo "<input type=\"submit\" name=\"close\" value=\"".$languagetoken[$language]['close']."\">";
 660              echo "<br><br>\n";
 661              $res = $db->query("SELECT * FROM content WHERE id='".$HTTP_GET_VARS['eid']."' ORDER BY id ASC");
 662      
 663              while($row = $db->fetch_assoc($res)) {
 664                  if($htmleditor == 1) {
 665                      $sBasePath = $_SERVER['PHP_SELF'] ;
 666                      $sBasePath = substr( $sBasePath, 0, strpos( $sBasePath, "index.php" ) );
 667                      
 668                      $oFCKeditor = new FCKeditor('content') ;
 669                      $oFCKeditor->BasePath    = $sBasePath;
 670                      $oFCKeditor->Value = $row['content'];
 671                      $oFCKeditor->Width  = $htmleditorwidth;
 672                      $oFCKeditor->Height = $htmleditorheight;
 673                      $oFCKeditor->Config['AutoDetectLanguage']    = $htmleditorlangdetect;
 674                      $oFCKeditor->Config['DefaultLanguage']        = $htmleditorlangdefault;
 675                      $oFCKeditor->ToolbarSet = $htmleditortoolbar;
 676                      $oFCKeditor->Config['SkinPath'] = $sBasePath . 'editor/skins/' . $htmleditorskin . '/' ;
 677                      $oFCKeditor->Create() ;
 678                  } else {
 679                      echo "<textarea name=\"content\" cols=\"75\" rows=\"20\">\n";
 680                      echo $row['content'];
 681                      echo "</textarea>\n";
 682                  }
 683                  
 684                  echo "<br><br>";
 685                  
 686                  //check rights        
 687                  if(!empty($_SESSION['userid'])) {
 688                      echo $knowledgeroot->editRightPanel($row['owner'],$row['group'],$row['userrights'].$row['grouprights'].$row['otherrights']);
 689                  }
 690              }
 691              
 692              echo "<br><br>";
 693              echo "<input type=\"submit\" name=\"submit\" value=\"".$languagetoken[$language]['save']."\">";
 694              echo "<input type=\"submit\" name=\"submit\" value=\"".$languagetoken[$language]['saveandclose']."\">";
 695              echo "<input type=\"submit\" name=\"submit\" value=\"".$languagetoken[$language]['close']."\">";
 696              echo "</form>";
 697          }
 698      } elseif ($HTTP_POST_VARS['submit'] && $HTTP_POST_VARS['search'] != "") {
 699          $searchword = addslashes($HTTP_POST_VARS['search']);
 700          echo $languagetoken[$language]['searchfor'] . " <b>'" . $searchword . "'</b><br><br>";
 701          
 702          echo "<h3>" . $languagetoken[$language]['searchcontent'] . ":</h3>\n";
 703          
 704          $_SESSION['userid'] = $_SESSION['userid'] == "" ? 0 : $_SESSION['userid'];
 705          $_SESSION['groupid'] = $_SESSION['userid'] == "" ? 0 : $_SESSION['groupid'];
 706          
 707          if($_SESSION['admin'] == 1) {
 708              if($dbtype == "pgsql") {
 709                  $sql = "SELECT id,belongs_to,content FROM content WHERE content ilike '%$searchword%' AND deleted=0";
 710              } else {
 711                  $sql = "SELECT id,belongs_to,content FROM content WHERE content like '%$searchword%' AND deleted=0";
 712              }
 713          } else {
 714              if($dbtype == "pgsql") {
 715                  $sql = "SELECT id,belongs_to,content FROM content WHERE content ilike '%$searchword%' AND deleted=0 AND ((otherrights > 0) OR (\"group\"='".$_SESSION['groupid']."' AND grouprights > 0) OR (owner='".$_SESSION['userid']."' AND userrights>0))";
 716              } else {
 717                  $sql = "SELECT id,belongs_to,content FROM content WHERE content like '%$searchword%' AND deleted=0 AND ((otherrights > 0) OR (\"group\"='".$_SESSION['groupid']."' AND grouprights > 0) OR (owner='".$_SESSION['userid']."' AND userrights>0))";
 718              }
 719          }
 720          
 721          $res = $db->query($sql);
 722          $anz = $db->num_rows($res);
 723          
 724          if($anz != 0) {
 725              $x = 0;
 726              while($row = $db->fetch_assoc($res)) {
 727                  //echo $row['id'];
 728                  if($knowledgeroot->checkRecursivPerm($row['belongs_to'],$_SESSION['userid']) != 0) {
 729                      echo $path->getPath($row['belongs_to']) . "&nbsp;/&nbsp;[<a href=\"index.php?id=" . $row['belongs_to'] . "#" . $row['id'] . "\">" . $languagetoken[$language]['searchshow'] . "</a>]<br>\n";
 730                      $x++;
 731                  }
 732              }
 733              
 734              if($x == 0) {
 735                  echo $languagetoken[$language]['nothingfound'] . "<br>\n";
 736              }
 737          } else {
 738              echo $languagetoken[$language]['nothingfound'];
 739          }
 740          
 741          echo "<hr>\n";
 742          
 743          echo "<h3>" . $languagetoken[$language]['searchmenu'] . ":</h3>\n";
 744          
 745          if($dbtype == "pgsql") {
 746              $sql = "SELECT id,belongs_to,title FROM tree WHERE title ilike '%$searchword%'";
 747          } else {
 748              $sql = "SELECT id,belongs_to,title FROM tree WHERE title like '%$searchword%'";
 749          }
 750          
 751          $res = $db->query($sql);
 752          $anz = $db->num_rows($res);
 753          
 754          if($anz != 0) {
 755              $x = 0;
 756              while($row = $db->fetch_assoc($res)) {
 757                  //echo $row['id'];
 758                  if($knowledgeroot->checkRecursivPerm($row['id'], $_SESSION['userid']) != 0) {
 759                      echo $path->getPath($row['id']) . "<br>\n";
 760                      $x++;
 761                  }
 762              }
 763              
 764              if($x == 0) {
 765                  echo $languagetoken[$language]['nothingfound'] . "<br>\n";
 766              }
 767          } else {
 768              echo $languagetoken[$language]['nothingfound'] . "<br>\n";
 769          }
 770  
 771          echo "<hr>\n";
 772          
 773          echo "<h3>" . $languagetoken[$language]['searchfiles'] . ":</h3>\n";
 774          
 775          if($dbtype == "pgsql") {
 776              $sql = "SELECT f.id,t.belongs_to,f.filename,f.filesize FROM files f, tree t, content c WHERE f.belongs_to = c.id AND c.belongs_to = t.id AND filename ilike '%$searchword%'";
 777          } else {
 778              $sql = "SELECT f.id,t.belongs_to,f.filename,f.filesize FROM files f, tree t, content c WHERE f.belongs_to = c.id AND c.belongs_to = t.id AND filename like '%$searchword%'";
 779          }
 780          
 781          $res = $db->query($sql);
 782          $anz = $db->num_rows($res);
 783          
 784          if($anz != 0) {
 785              $x = 0;
 786              while($row = $db->fetch_assoc($res)) {
 787                  //echo $row['id'];
 788                  if($knowledgeroot->checkRecursivPerm($row['belongs_to'], $_SESSION['userid']) != 0) {
 789                      echo $path->getPath($row['belongs_to']) . "&nbsp;/\n";
 790                      echo "<a href=\"index.php?download=".$row['id']."\"><img border=\"0\" src=\"images/file.gif\">".$row['filename']."</a>&nbsp;<font class=\"text\">[".getfilesize($row['filesize'])."]</font><br>\n";
 791                      $x++;
 792                  }
 793              }
 794              
 795              if($x == 0) {
 796                  echo $languagetoken[$language]['nothingfound'] . "<br>\n";
 797              }
 798          } else {
 799              echo $languagetoken[$language]['nothingfound'] . "<br>\n";
 800          }
 801      } elseif($HTTP_GET_VARS['action'] == "login") {
 802          echo '
 803              <div class="loginform">
 804              
 805              <fieldset>
 806                      <legend><b>'.$languagetoken[$language]['loginform']['title'].'</b></legend>
 807                  
 808              <form action="index.php" method="post">
 809              <input type="hidden" name="'.session_name().'" value="'.session_id().'">
 810              <table class="loginform" border="0" cellspacing="0" cellpadding="0" width="300">
 811                  <tr><td><b style="color:#FFFFFF">Login</b></td></tr>
 812                  <tr><td>'.$languagetoken[$language]['loginform']['user'].':</td><td align="right" style="padding:2px 2px 2px 2px;"><input type="text" name="user" value="" size="20"></td></tr>
 813                  <tr><td>'.$languagetoken[$language]['loginform']['password'].':</td><td align="right" style="padding:2px 2px 2px 2px;"><input type="password" name="password" value="" size="20"></td></tr>
 814                  <tr><td colspan="2" align="right" style="padding:2px 2px 2px 2px;"><input type="submit" name="login" value="'.$languagetoken[$language]['loginform']['submit'].'"></td></tr>
 815              </table>
 816              </form>
 817              
 818              </fieldset>
 819              </div>
 820          ';
 821      } elseif($HTTP_GET_VARS['action'] == "createroot" && $_SESSION['admin']) {
 822          // rechte checken -> adminrechte
 823          echo '
 824              <h2>'.$languagetoken[$language]['rootform']['title'].'</h2>
 825              <div class="createroot">
 826              <form action="index.php" method="post">
 827              <input type="hidden" name="action" value="createroot">
 828              <input type="hidden" name="'.session_name().'" value="'.session_id().'">
 829              
 830              <fieldset>
 831                      <legend><b>'.$languagetoken[$language]['rootform']['title'].'</b></legend>
 832                  
 833              <table border="0" cellspacing="1" cellpadding="1" width="300">
 834                  <tr><td>'.$languagetoken[$language]['rootform']['name'].':</td><td style="padding:2px 2px 2px 2px;" colspan="3"><input type="text" name="title" value="" size="20"></td></tr>
 835                  <tr><td></td><td><input type="submit" name="submit" value="'.$languagetoken[$language]['rootform']['submit'].'"></td></tr>
 836              </table><p />';
 837              
 838          if(!empty($_SESSION['userid'])) {
 839              echo $knowledgeroot->rightpanel($_SESSION['userid']);    
 840          }    
 841              
 842              
 843          echo '    </fiedliest></form>
 844              </div>
 845          ';
 846      } elseif(($HTTP_GET_VARS['action'] == "options" || $HTTP_POST_VARS['action'] == "options") && !empty($_SESSION['userid'])) {
 847          echo '
 848              <h2>'.$languagetoken[$language]['optionform']['title'].'</h2>
 849              ';
 850          
 851          echo $message . "<br>\n";
 852              
 853          echo '    
 854              <fieldset>
 855                      <legend><b>'.$languagetoken[$language]['optionform']['subtitle'].'</b></legend>
 856                  
 857              <form action="index.php" method="post">
 858              <input type="hidden" name="action" value="options">
 859              <table border="0" cellpadding="0" cellspacing="0" width="300">
 860                  <tr><td>'.$languagetoken[$language]['optionform']['newpassword'].':</td><td align="right" style="padding:2px 2px 2px 2px;"><input type="password" name="password" value=""></td></tr>
 861                  <tr><td>'.$languagetoken[$language]['optionform']['newpassword2'].':</td><td align="right" style="padding:2px 2px 2px 2px;"><input type="password" name="password1" value=""></td></tr>
 862                  <tr><td align="right" colspan="2" style="padding:2px 2px 2px 2px;"><input type="submit" name="submit" value="'.$languagetoken[$language]['optionform']['submit'].'"></td></tr>
 863              </table>
 864              </form>
 865              
 866              </fieldset>
 867          ';
 868      } elseif($HTTP_GET_VARS['action'] == "users" && $_SESSION['admin'] == 1) {
 869          // list users
 870          echo '
 871              <h2>'.$languagetoken[$language]['userform']['usertitle'].'</h2>
 872              [<a href="index.php?action=adduser">'.$languagetoken[$language]['userform']['adduser'].'</a>]<br>
 873              <table style="border:1px solid #000000;" cellpadding="1" cellspacing="1">
 874                  <tr><td>'.$languagetoken[$language]['userform']['username'].'</td><td>'.$languagetoken[$language]['userform']['defaultgroup'].'</td><td>'.$languagetoken[$language]['userform']['defaultrights'].'</td><td>'.$languagetoken[$language]['userform']['admin'].'</td><td>'.$languagetoken[$language]['userform']['rightedit'].'</td><td>'.$languagetoken[$language]['userform']['enabled'].'</td><td>'.$languagetoken[$language]['userform']['action'].'</td></tr>
 875          ';
 876          
 877          $res = $db->query("SELECT * FROM users");
 878          while($row = $db->fetch_assoc($res)) {
 879              echo "<tr><td>".$row['name']."</td><td>".$knowledgeroot->getGroup($row['defaultgroup'])."</td><td>".$row['defaultrights']."</td><td>".$knowledgeroot->yesno($row['admin'])."</td><td>".$knowledgeroot->yesno($row['rightedit'])."</td><td>".$knowledgeroot->yesno($row['enabled'])."</td><td>[<a href=\"index.php?action=edituser&amp;uid=".$row['id']."\">".$languagetoken[$language]['userform']['edit']."</a>]&nbsp;[<a href=\"index.php?action=deluser&amp;uid=".$row['id']."\" onclick=\"return confirm('" . $languagetoken[$language]['userform']['deluserask'] . "');\">".$languagetoken[$language]['userform']['delete']."</a>]</td></tr>\n";
 880          }
 881          
 882          echo '
 883              </table>
 884          ';
 885          
 886          // list groups
 887          echo '
 888              <h2>'.$languagetoken[$language]['userform']['grouptitle'].'</h2>
 889              [<a href="index.php?action=addgroup">'.$languagetoken[$language]['userform']['addgroup'].'</a>]<br>
 890              <table style="border:1px solid #000000;" cellpadding="1" cellspacing="1">
 891                  <tr><td>'.$languagetoken[$language]['userform']['groupname'].'</td><td>'.$languagetoken[$language]['userform']['action'].'</td></tr>
 892          ';
 893          
 894          $res = $db->query("SELECT * FROM groups");
 895          while($row = $db->fetch_assoc($res)) {
 896              echo "<tr><td>".$row['name']."</td><td>[<a href=\"index.php?action=editgroup&amp;gid=".$row['id']."\">".$languagetoken[$language]['userform']['edit']."</a>]&nbsp;[<a href=\"index.php?action=delgroup&amp;gid=".$row['id']."\" onclick=\"return confirm('" . $languagetoken[$language]['userform']['delgroupask'] . "');\">".$languagetoken[$language]['userform']['delete']."</a>]</td></tr>\n";
 897          }
 898          
 899          echo '
 900              </table>
 901          ';
 902      } elseif($HTTP_GET_VARS['action'] == "adduser" && $_SESSION['admin'] == 1) {
 903          echo '
 904              <h2>'.$languagetoken[$language]['userform']['adduser'].'</h2>
 905              
 906              <form action="index.php" method="post">
 907              <input type="hidden" name="action" value="adduser">
 908              
 909              <fieldset>
 910                      <legend><b>'.$languagetoken[$language]['userform']['newuser'].'</b></legend>
 911              <table border="0" cellpadding="1" cellspacing="3">
 912              <tr><td>'.$languagetoken[$language]['userform']['username'].': </td><td><input type="text" name="name" value=""></td></tr>
 913              <tr><td>'.$languagetoken[$language]['userform']['password'].': </td><td><input type="password" name="password" value=""></td></tr>
 914              <tr><td>'.$languagetoken[$language]['userform']['defaultgroup'].': </td><td>' . $knowledgeroot->groupdropdown("defaultgroup") . '</td></tr>
 915              <tr><td>'.$languagetoken[$language]['userform']['admin'].': </td><td>' . $knowledgeroot->yesnodropdown("admin") . '</td></tr>
 916              <tr><td>'.$languagetoken[$language]['userform']['rightedit'].': </td><td>' . $knowledgeroot->yesnodropdown("rightedit") . '</td></tr>
 917              <tr><td>'.$languagetoken[$language]['userform']['enabled'].': </td><td>' . $knowledgeroot->yesnodropdown("enabled") . '</td></tr>
 918              <tr><td valign="top">'.$languagetoken[$language]['userform']['groups'].': </td><td> ' . $knowledgeroot->groupDropDown("groups[]","","yes") . ' </td></tr>
 919              <tr><td>'.$languagetoken[$language]['userform']['defaultrights'].': </td><td></td></tr>
 920              <tr><td>&nbsp;'.$languagetoken[$language]['userform']['user'].': </td><td><select name="userrights">'."\t<option value=\"2\" selected>Lesen+Schreiben</option>\n\t<option value=\"1\">Lesen</option>\n\t<option value=\"0\">Keine</option>\n".'</select></td></tr>
 921              <tr><td>&nbsp;'.$languagetoken[$language]['userform']['group'].': </td><td><select name="grouprights">'."\t<option value=\"2\">Lesen+Schreiben</option>\n\t<option value=\"1\" selected>Lesen</option>\n\t<option value=\"0\">Keine</option>\n".'</select></td></tr>
 922              <tr><td>&nbsp;'.$languagetoken[$language]['userform']['others'].': </td><td><select name="otherrights">'."\t<option value=\"2\">Lesen+Schreiben</option>\n\t<option value=\"1\" selected>Lesen</option>\n\t<option value=\"0\">Keine</option>\n".'</select></td></tr>
 923          
 924              <tr><td></td><td align="left"><input type="submit" name="submit" value="'.$languagetoken[$language]['userform']['submit'].'"></td></tr>
 925              </table>
 926                </fieldset>
 927              </form>
 928          
 929          ';
 930      } elseif($HTTP_GET_VARS['action'] == "edituser" && $_SESSION['admin'] == 1) {
 931          $res = $db->query("SELECT * FROM users WHERE id=".$HTTP_GET_VARS['uid']."");
 932          $anz = $db->num_rows($res);
 933          
 934          if($anz == 1) {
 935              $row = $db->fetch_assoc($res);
 936          
 937              //fetch groups
 938              $res = $db->query("SELECT * FROM user_group WHERE userid=".$row['id']."");
 939              $x = 0;
 940              while($rowgroup = $db->fetch_assoc($res)) {
 941                  $grouparr[$x] = $rowgroup['groupid'];
 942                  $x++;
 943              }
 944              
 945              echo '
 946                  <h2>'.$languagetoken[$language]['userform']['edituser'].'</h2>
 947                  
 948                  <form action="index.php" method="post">
 949                  <input type="hidden" name="action" value="edituser">
 950                  <input type="hidden" name="uid" value="'.$row['id'].'">
 951                  
 952                  <fieldset>
 953                      <legend><b>'.$languagetoken[$language]['userform']['edituser'].'</b></legend>
 954                  
 955                  <table border="0" cellpadding="1" cellspacing="3">
 956                  <tr><td>'.$languagetoken[$language]['userform']['username'].': </td><td><input type="text" name="name" value="'.$row['name'].'"></td></tr>
 957                  <tr><td>'.$languagetoken[$language]['userform']['password'].': </td><td><input type="password" name="password" value=""></td></tr>
 958                  <tr><td>'.$languagetoken[$language]['userform']['defaultgroup'].': </td><td>' . $knowledgeroot->groupdropdown("defaultgroup",$row['defaultgroup']) . '</td></tr>
 959                  <tr><td>'.$languagetoken[$language]['userform']['admin'].': </td><td>' . $knowledgeroot->yesnodropdown("admin", $row['admin']) . '</td></tr>
 960                  <tr><td>'.$languagetoken[$language]['userform']['rightedit'].': </td><td>' . $knowledgeroot->yesnodropdown("rightedit",$row['rightedit']) . '</td></tr>
 961                  <tr><td>'.$languagetoken[$language]['userform']['enabled'].': </td><td>' . $knowledgeroot->yesnodropdown("enabled",$row['enabled']) . '</td></tr>
 962                  <tr><td valign="top">'.$languagetoken[$language]['userform']['groups'].': </td><td>' . $knowledgeroot->groupDropDown("groups[]","","yes",$grouparr) . ' </td></tr>
 963                  <tr><td>'.$languagetoken[$language]['userform']['defaultrights'].': </td><td></td></tr>
 964                  <tr><td>&nbsp; '.$languagetoken[$language]['userform']['user'].': </td><td>'.$knowledgeroot->rightDropDown("userrights",substr($row['defaultrights'],0,1)).'</td></tr>
 965                  <tr><td>&nbsp; '.$languagetoken[$language]['userform']['group'].': </td><td>'.$knowledgeroot->rightDropDown("grouprights",substr($row['defaultrights'],1,1)).'</td></tr>
 966                  <tr><td>&nbsp; '.$languagetoken[$language]['userform']['others'].': </td><td>'.$knowledgeroot->rightDropDown("otherrights",substr($row['defaultrights'],2,1)).'</td></tr>
 967              
 968                  <tr><td></td><td><input type="submit" name="submit" value="'.$languagetoken[$language]['userform']['submit'].'"></td></tr>
 969                  
 970                  </table>
 971                  </fieldset>
 972                  </form>    
 973              ';    
 974          }
 975      } elseif($HTTP_GET_VARS['action'] == "addgroup" && $_SESSION['admin'] == 1) {
 976          echo '
 977              <h2>'.$languagetoken[$language]['userform']['addgroup'].'</h2>
 978              <fieldset>
 979                  <legend><b>'.$languagetoken[$language]['userform']['addgroup'].'</b></legend>
 980              <form action="index.php" method="post">
 981                  <input type="hidden" name="action" value="addgroup">
 982                  <table border="0" cellpadding="1" cellspacing="3">
 983                  <tr><td>'.$languagetoken[$language]['userform']['groupname'].': </td><td><input type="text" name="name" value=""></td></tr>
 984                  <tr><td></td><td><input type="submit" name="submit" value="'.$languagetoken[$language]['userform']['submit'].'"></td></tr>
 985                  </table>
 986              </form>
 987          ';
 988          
 989      } elseif($HTTP_GET_VARS['action'] == "editgroup" && $_SESSION['admin'] == 1) {
 990          $res = $db->query("SELECT * FROM groups WHERE id=".$HTTP_GET_VARS['gid']."");
 991          $anz = $db->num_rows($res);
 992          
 993          if($anz == 1) {
 994              $row = $db->fetch_assoc($res);
 995              echo '
 996                  <h2>'.$languagetoken[$language]['userform']['editgroup'].'</h2>
 997                  <fieldset>
 998                      <legend><b>'.$languagetoken[$language]['userform']['editgroup'].'</b></legend>
 999                  <form action="index.php" method="post">
1000                      <input type="hidden" name="action" value="editgroup">
1001                      <input type="hidden" name="gid" value="'.$row['id'].'">
1002                      <table border="0" cellpadding="1" cellspacing="3">
1003                      <tr><td>'.$languagetoken[$language]['userform']['groupname'].': </td><td><input type="text" name="name" value="'.$row['name'].'"></td></tr>
1004                      <tr><td></td><td><input type="submit" name="submit" value="'.$languagetoken[$language]['userform']['submit'].'"></td></tr>
1005                      </table>
1006                  </form>
1007              ';
1008          }
1009      
1010      } elseif($HTTP_GET_VARS['action'] == "error") {
1011          echo '
1012              HIER KOMMT DIE FEHLERMELDUNG
1013          ';
1014      } else {
1015  
1016          if($_SESSION['cid'] != "" && $path->isTree($_SESSION['cid']) && $knowledgeroot->checkRecursivPerm($_SESSION['cid'], $_SESSION['userid']) != 0) {
1017              echo $delpagemessage;
1018              
1019              // get my rights - possible is 0,1,2
1020              $mypagerights = $knowledgeroot->getPageRights($_SESSION['cid'],$_SESSION['userid']);
1021              
1022              if($readonly == 0 && $mypagerights == 2) {
1023                  echo "[<a href=\"index.php?action=newpage\">".$languagetoken[$language]['newpage']."</a>]&nbsp;\n";
1024                  echo "[<a href=\"index.php?action=editpage\">".$languagetoken[$language]['renamepage']."</a>]&nbsp;\n";
1025                  
1026                  //if($_SESSION['cid'] != "1") {
1027                      echo "[<a href=\"#\" onclick=\"window.document.forms.move.move.value='move'; window.open('move.php','Knowledgeroot','width=310,height=400,menubar=yes,resizable=no');\">".$languagetoken[$language]['movepage']."</a>]&nbsp;\n";
1028                      echo "[<a href=\"index.php?delpage=".$_SESSION['cid']."\" onclick=\"return confirm('" . $languagetoken[$language]['delpageask'] . "');\">".$languagetoken[$language]['delpage']."</a>]&nbsp;\n";
1029                  //}
1030                  
1031                  echo "[<a href=\"index.php?action=newcontent\">".$languagetoken[$language]['newcontent']."</a>]\n<br><hr><br>";
1032              }
1033              
1034              //check if userid and groupid is set, if not set to 0
1035              if($_SESSION['userid'] == "" || $_SESSION['groupid'] == "") {
1036                  $_SESSION['userid'] = 0;
1037                  $_SESSION['groupid'] = 0;
1038              }
1039              
1040              // select the content in table content with userrights
1041              if($_SESSION['admin'] == 1) {
1042                  $query = "SELECT id,content FROM content WHERE belongs_to='".$_SESSION['cid']."' AND deleted=0 ORDER BY id ASC";
1043              } else {
1044                  $query = "SELECT id,content FROM content WHERE belongs_to='".$_SESSION['cid']."' AND deleted=0 AND ((otherrights > 0) OR (\"group\"='".$_SESSION['groupid']."' AND grouprights > 0) OR (owner='".$_SESSION['userid']."' AND userrights>0)) ORDER BY id ASC";
1045              }
1046              
1047              $res = $db->query($query);
1048              $anz = $db->num_rows($res);
1049              
1050              // check if some table is on the page
1051              if($anz != 0) {
1052                  while($row = $db->fetch_assoc($res)) {
1053                      $mycontentrights = $knowledgeroot->getContentRights($row['id'],$_SESSION['userid']);
1054                      
1055                      echo "<a name=\"" . $row['id'] . "\"></a>\n";
1056                      //echo "<table width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" style=\"border:1px solid black; padding:5px; background-color:#ffffff;\"><tr><td>";
1057                      echo $row['content'];
1058                      echo "<br><br>\n";
1059                      if($dbtype == "pgsql") {
1060                          $result = $db->query("SELECT *, to_char(date,'DD. Mon YYYY HH24:MI:SS') AS dateform FROM files WHERE belongs_to='".$row['id']."' AND deleted=0 ORDER BY id ASC");
1061                      } else {
1062                          $result = $db->query("SELECT *, DATE_FORMAT(date,'%d. %M %Y %H:%i:%s') AS dateform FROM files WHERE belongs_to='".$row['id']."' AND deleted=0 ORDER BY id ASC");
1063                      }
1064                      
1065                      while($zeile = $db->fetch_assoc($result)) {
1066                          $title = "";
1067                          if($zeile['owner'] == NULL || $zeile['owner'] == 0 || $zeile['owner'] == "") {
1068                              $title = $zeile['dateform'];
1069                          } else {
1070                              $title = $knowledgeroot->getOwner($zeile['owner']) . " - " . $zeile['dateform'];
1071                          }
1072                          
1073                          if($readonly == 0 && $mycontentrights == 2) {
1074                              echo "<a href=\"index.php?delfile=".$zeile['id']."\"><img src=\"images/delete.gif\" alt=\"".$languagetoken[$language]['del']."\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<a href=\"index.php?download=".$zeile['id']."\" title=\"".$title."\"><img border=\"0\" src=\"images/file.gif\">".$zeile['filename']."</a>&nbsp;<font class=\"text\">[".getfilesize($zeile['filesize'])."]</font><br>\n";
1075                          } else {
1076                              echo "<a href=\"index.php?download=".$zeile['id']."\" title=\"".$title."\"><img border=\"0\" src=\"images/file.gif\">".$zeile['filename']."</a>&nbsp;<font class=\"text\">[".getfilesize($zeile['filesize'])."]</font><br>\n";
1077                          }
1078                      }
1079                      
1080                      if($readonly == 0 && $mycontentrights == 2) {
1081                          echo "<br>\n[<a href=\"index.php?eid=".$row['id']."\">".$languagetoken[$language]['editcontent']."</a>]&nbsp;\n";
1082                          echo "[<a href=\"index.php?delid=".$row['id']."\" onclick=\"return confirm('" . $languagetoken[$language]['delete'] . "');\">".$languagetoken[$language]['delcontent']."</a>]&nbsp;\n";
1083                          echo "[<a href=\"#\" onclick=\"window.document.forms.move.contentid.value='".$row['id']."'; window.document.forms.move.move.value='cmove'; window.open('move.php','Knowledgeroot','width=310,height=400,menubar=yes,resizable=no');\">".$languagetoken[$language]['movecontent']."</a>]\n<br><br>\n";
1084      
1085                          echo "<b>".$languagetoken[$language]['addfile']."</b>\n<form action=\"index.php\" method=\"post\" enctype=\"multipart/form-data\">\n<input type=\"hidden\" name=\"upload\" value=\"yes\"><input type=\"hidden\" name=\"contentid\" value=\"".$row['id']."\"><input type=\"file\" name=\"datei\">&nbsp;\n<input type=\"submit\" name=\"submit\" value=\"".$languagetoken[$language]['add']."\"></form><br><div style=\"float:right;\">[&nbsp;<a href=\"#top\" alt=\"" . $languagetoken[$language]['topdescription'] . "\">".$languagetoken[$language]['top']."</a>&nbsp;]</div><br><hr><br>\n";
1086      
1087                      } else {
1088                          echo "<div style=\"float:right;\">[&nbsp;<a href=\"#top\" alt=\"" . $languagetoken[$language]['topdescription'] . "\">".$languagetoken[$language]['top']."</a>&nbsp;]</div><br><hr>";
1089                      }
1090                      //echo "</td></tr></table>";
1091                  }
1092                  
1093                  if($readonly == 0 && $mypagerights == 2) {
1094                      echo "[<a href=\"index.php?action=newpage\">".$languagetoken[$language]['newpage']."</a>]&nbsp;\n";
1095                      echo "[<a href=\"index.php?action=editpage\">".$languagetoken[$language]['renamepage']."</a>]&nbsp;\n";
1096                  
1097                      //if($_SESSION['cid'] != "1") {
1098                          echo "[<a href=\"#\" onclick=\"window.document.forms.move.move.value='move'; window.open('move.php','Knowledgeroot','width=310,height=400,menubar=yes,resizable=no');\">".$languagetoken[$language]['movepage']."</a>]&nbsp;\n";
1099                          echo "[<a href=\"index.php?delpage=".$_SESSION['cid']."\" onclick=\"return confirm('" . $languagetoken[$language]['delpageask'] . "');\">".$languagetoken[$language]['delpage']."</a>]&nbsp;\n";
1100                      //}
1101                  
1102                      echo "[<a href=\"index.php?action=newcontent\">".$languagetoken[$language]['newcontent']."</a>]\n<br><br>";
1103                  }
1104              } else {
1105                  echo "<h3>" . $languagetoken[$language]['nocontent'] . "</h3>\n";
1106              }
1107  
1108              // form for move page
1109                      echo "<form name=\"move\" action=\"index.php\" method=\"post\">\n";
1110                      echo "<input type=\"hidden\" name=\"move\" value=\"move\">\n";
1111                      echo "<input type=\"hidden\" name=\"to\" value=\"".$_SESSION['cid']."\">\n";
1112              echo "<input type=\"hidden\" name=\"contentid\" value=\"\">\n"; // use for move pagecontent
1113                      echo "</form>\n";
1114  
1115          
1116          } else {
1117              echo "<div class=\"welcome\">".$languagetoken[$language]['welcome']."</div>\n";
1118          }
1119      }
1120  ?>
1121   </td>
1122  </tr>
1123  </table>
1124  
1125  <?php
1126      $_SESSION['firstrun'] = "yes";
1127      $db->close();
1128  ?>
1129  </body>
1130  </html>


[ Powered by PHPXref - Served by Debian GNU/Linux ]