Security

Name
Password

'; include("inc/close.txt"); die(); } } function jsedit () { global $news, $pictures, $categories; for ($i = 0; $i < count($news); $i += 5) { $i2 = ($i / 5) + 1; echo "\t\tif (element.selectedIndex == $i2)\n"; echo "\t\t\t{\n"; //echo "\t\t\tcategories.value = \"" . htmlspecialchars($news[$i]) . "\";\n"; $cats = explode(" ", trim(htmlspecialchars($news[$i]))); for ($i3 = 0; $i3 < 3; $i3++) { if ($i3 < count($cats)) { $thiscat = $cats[$i3]; $key = array_search($thiscat, $categories) + 1; } else $key = 0; echo "\t\t\tcategories" . ($i3 + 1) . ".options[$key].selected = true;\n"; } echo "\t\t\ttitle.value = \"" . htmlspecialchars($news[$i + 1]) . "\";\n"; $pics = explode(" ", trim(htmlspecialchars($news[$i + 2]))); if ($pics[count($pics) - 1] == '') unset($pics[count($pics) - 1]); for ($i3 = 0; $i3 < 3; $i3++) { if ($i3 < count($pics)) { $thispic = $pics[$i3]; $key = array_search($thispic, $pictures) + 1; } else $key = 0; echo "\t\t\tpictures" . ($i3 + 1) . ".options[$key].selected = true;\n"; } echo "\t\t\tdescription.value = \"" . htmlspecialchars($news[$i + 3]) . "\";\n"; echo "\t\t\t}\n"; } } function listcategories ($name) { global $categories; echo "\t\t\t\t\t\t\n"; } function listnewsitems ($first, $onchange = '', $name = '') { global $news; echo "\n"; } function listpictures ($name) { global $pictures; echo "\t\t\t\t\t\t\n"; } function processdeleteform () { global $news; if (!isset($_GET['delete'])) return; if (isset($_POST['deletenewsitems'])) $dm = $_POST['deletenewsitems']; else return; $newnews = array(); for ($i = 0; $i < count($news); $i += 5) { if (($i / 5) != $dm) { for ($i2 = 0; $i2 < 5; $i2++) $newnews[] = $news[$i + $i2]; } } $f = fopen("inc/news.txt", "w"); fputs($f, implode("\r\n", $newnews)); fclose($f); startup('News was deleted!'); } function processeditform () { global $news, $categories, $pictures; if (!isset($_GET['edit'])) return; isset($_POST['createnewsitems']) ? $createnewsitems = $_POST['createnewsitems']: $bad = 1; isset($_POST['tool_categories1']) ? $tool_categories1 = $_POST['tool_categories1']: $bad = 2; isset($_POST['tool_categories2']) ? $tool_categories2 = $_POST['tool_categories2']: $bad = 3; isset($_POST['tool_categories3']) ? $tool_categories3 = $_POST['tool_categories3']: $bad = 4; isset($_POST['tool_title']) ? $tool_title = $_POST['tool_title']: $bad = 5; isset($_POST['tool_pictures1']) ? $tool_pictures1 = $_POST['tool_pictures1']: $bad = 6; isset($_POST['tool_pictures2']) ? $tool_pictures2 = $_POST['tool_pictures2']: $bad = 7; isset($_POST['tool_pictures3']) ? $tool_pictures3 = $_POST['tool_pictures3']: $bad = 8; isset($_POST['tool_description']) ? $tool_description = $_POST['tool_description']: $bad = 9; if (isset($bad)) return; $newnews = array(); $cats = ''; if ($tool_categories1 != '') $cats .= $categories[$tool_categories1]; if ($tool_categories2 != '') $cats .= ' ' . $categories[$tool_categories2]; if ($tool_categories3 != '') $cats .= ' ' . $categories[$tool_categories3]; $pics = ''; if ($tool_pictures1 != '') $pics .= $pictures[$tool_pictures1]; if ($tool_pictures2 != '') $pics .= ' ' . $pictures[$tool_pictures2]; if ($tool_pictures3 != '') $pics .= ' ' . $pictures[$tool_pictures3]; if ($createnewsitems == 0) { // add new item $newnews[] = $cats; $newnews[] = $tool_title; $newnews[] = $pics; $newnews[] = $tool_description; $newnews[] = ''; foreach($news as $item) $newnews[] = $item; } else { // edit for ($i = 0; $i < count($news); $i += 5) { if (($i / 5) == $createnewsitems) { $newnews[] = $cats; $newnews[] = $tool_title; $newnews[] = $pics; $newnews[] = $tool_description; $newnews[] = ''; } else { for ($i2 = 0; $i2 < 5; $i2++) $newnews[] = $news[$i + $i2]; } } } $f = fopen("inc/news.txt", "w"); fputs($f, implode("\r\n", $newnews)); fclose($f); startup('News was created or edited!'); } function processloginform () { if (!isset($_GET['login'])) return; isset($_POST['name']) ? $name = $_POST['name']: $name = ""; isset($_POST['pass']) ? $pass = $_POST['pass']: $pass = ""; // give error message or set cookies if ($name != "-------" || $pass != "------------") { echo ""; } else { setcookie('name', $name, time() + 3600 * 24 * 3650); setcookie('pass', $pass, time() + 3600 * 24 * 3650); // refresh echo ""; } } function processpictureform () { if (!isset($_GET['addpicture'])) return; if (!isset($_POST['filename'])) return; if (!isset($_FILES['file'])) return; $filename = $_POST['filename']; vt($filename, '.'); if ($_FILES['file']['error'] != 0) return; if ($_FILES['file']['size'] > 2097152) return; // avoid server-side scripting $whitelist = array('.jpg', '.gif', '.png'); $iswhite = false; foreach ($whitelist as $item) { if (strpos(strtolower($filename), $item) + strlen($item) == strlen($filename)) {$iswhite = true;} } if (!$iswhite) return; $filer = "img/$filename"; $download_destination = getcwd() . "/$filer"; if (move_uploaded_file($_FILES['file']['tmp_name'], $download_destination)) chmod($download_destination, 0777); startup("$filename was successfully uploaded!"); } function startup ($info = '') { global $categories, $news, $pictures; if ($info != '') echo "

$info

\n"; $categories = array('home', 'atp', 'mai', 'manufacturers', 'products'); $news = file("inc/news.txt", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); for ($i = 0; $i < count($news); $i++) {$news[$i] = trim($news[$i]);} $news[] = ""; $handler = opendir('img/'); $counter = -1; while ($file = readdir($handler)) { if ($file != '.' && $file != '..') { $counter++; $pictures[$counter] = $file; } } closedir($handler); sort($pictures); } echo '

Administration

This page is only for the site owner. A password is required to change these databases.

'; function vt (&$t, $allowthistoo = "") { for ($i = 0; $i < strlen($t); $i ++) { if (strpos("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-" . $allowthistoo, $t[$i]) === false) {$t[$i] = "_";} } } startup(); checklogin(); processeditform(); processdeleteform(); processpictureform(); ?>

Your site has been viewed a total of times.

Select an item

Title
Categories
Pictures

Description

Select a picture
Filename