connect(); $template = new template(); $admin_obj = new admin(); if($fields[0] == "pictures") { include $_SERVER['DOCUMENT_ROOT']."/classes/class.image.php"; $image = new image(); $file = explode(".", $fields[3]); $size = explode("_", $file[0]); $imgagesize = getimagesize($_SERVER['DOCUMENT_ROOT']."/pictures/".$fields[1]."/".$fields[2]."/".$size[0].".jpg"); $width = $imgagesize[0]; $height = $imgagesize[1]; $image->resize("pictures/".$fields[1]."/".$fields[2]."/".$size[0].".jpg", $size[1]); } if($fields[0] == "login") { $template->usethis("login.html"); } else { $template->usethis("main.html"); } if(!isset($_SESSION["loggedin"]) && $fields[0] != "login") { echo ""; } elseif($fields[0] == "" && isset($_SESSION["loggedin"])) { echo ""; } elseif($fields[0] == "logout") { session_destroy(); echo ""; } elseif($fields[0] == "folder") { if(!isset($fields[1])) { $template->replacethis("#CONTENT#", $admin_obj->folder()); } elseif($fields[1] == "details") { if(!isset($fields[3])) { $template->replacethis("#CONTENT#", $admin_obj->folder_details($fields[2])); } elseif($fields[3] == "delete") { $admin_obj->delete_subfolder($fields[4], $fields[2]); } elseif($fields[3] == "delete_file") { $admin_obj->delete_file($fields[4], $fields[2]); } } elseif($fields[1] == "delete") { $admin_obj->delete_folder($fields[2]); } } elseif($fields[0] == "profile" && $_SESSION["loggedinlevel"] == 1) { $template->replacethis("#CONTENT#", $admin_obj->user($fields[1])); } elseif($fields[0] == "user" && $_SESSION["loggedinlevel"] == 1) { if(!isset($fields[1])) { $template->replacethis("#CONTENT#", $admin_obj->user_list()); } elseif($fields[1] == "delete") { $admin_obj->delete_user($fields[2]); } elseif($fields[1] == "new") { $admin_obj->new_user(); } } elseif($fields[0] == "search") { $template->replacethis("#CONTENT#", $admin_obj->search($fields[1])); } else { $template->replacethis("#CONTENT#", "Missing page!"); } if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] == 1) { if($_SESSION["loggedinlevel"] == 1) { $template->replacethis("#MENU#", '

'); } else { $template->replacethis("#MENU#", '

'); } } if(isset($_POST["login"])) { $db = mysql_query("SELECT * FROM User WHERE UserStatus = 1 AND UserName = '".$_POST["name"]."' AND UserPassword = '".md5($_POST["pwd"])."'")or die(mysql_error()); if(mysql_num_rows($db)==1) { $_SESSION["loggedin"] = 1; $_SESSION["loggedinid"] = mysql_result($db,0,"UserID"); $_SESSION["loggedinlevel"] = mysql_result($db,0,"UserLevel"); echo ""; } else { $template->replacethis("#MESSAGE#", ""); } } if(isset($_POST["folder"])) { if($_POST["folder"] == 0) { $admin_obj->insert_folder($_POST["folder_name"]); } else { $admin_obj->update_folder($_POST["folder_name"], $_POST["folder"]); } echo ""; } if(isset($_POST["subfolder"])) { if($_POST["subfolder"] == 0) { $admin_obj->insert_subfolder($_POST["sub_folder_name"], $_POST["folderid"]); } else { $admin_obj->update_subfolder($_POST["sub_folder_name"], $_POST["subfolder"]); } echo ""; } if(isset($_POST["fileid"])) { if($_POST["fileid"] == 0) { $admin_obj->upload_file($_POST["subfolderid"], $_POST["file_name"], $_POST["file_comment"]); } else { $admin_obj->update_file($_POST["subfolderid"], $_POST["file_name"], $_POST["file_comment"], $_POST["fileid"]); } echo ""; } if(isset($_POST["update_user"])) { $admin_obj->update_user($_POST["UserName"], $_POST["UserPassword"], $_POST["UserStudio"], $_POST["UserContact"], $_POST["UserTel"], $_POST["UserEmail"], $_POST["UserLevel"], $_POST["update_user"]); echo ""; } $template->replacethis("#MESSAGE#", ""); $template->replacethis("#MENU#", ""); $template->output(); $database->disconnect(); ?>