Membuat Majalah Online Dengan Menggunakan Bahasa Pemrograman PHP dan Database MySQL.

(1)

ABSTRAK

Perkembangan jaringan internet saat ini memberikan manfaat yang sangat

besar dalam banyak hal misalnya dalam mendapatkan informasi serta

memudahkan untuk berinteraksi dengan teman dan keluarga. Didukung pula

dengan kemudahan dalam mendapatkan koneksi internet ke rumah-rumah,

kantor-kantor serta banyaknya warnet (warung internet) yang bermunculan, maka

internet bukan lagi merupakan barang yang asing dan sulit untuk diperoleh.

Melihat semakin banyaknya kesibukan yang dimiliki masing-masing

individu serta keinginan untuk mendapatkan informasi secara cepat dan mudah,

maka dibutuhkan suatu media yang dapat memenuhi kebutuhan informasi tanpa

menyita banyak waktu. Solusi yang tepat untuk kebutuhan ini adalah dengan cara

membuat majalah yang dapat dibaca secara

online.

Dengan menggunakan majalah

online

, tidak perlu bersusah payah untuk pergi ke suatu tempat hanya untuk

mencari majalah saja. Selain itu, dapat memudahkan pencarian berita terdahulu

yang memakan waktu lama apabila harus mencarinya dalam tumpukan kertas.

Penggunaan majalah online juga dapat memudahkan penyimpanan data serta

menghemat ruang. Penyajian suatu artikel pada majalah secara

online

juga lebih

menarik karena adanya fitur-fitur yang tidak didapat pada majalah biasa. Untuk

membuat majalah online ini digunakan bahasa pemrograman PHP,

database

(2)

ABSTRACT

The development of internet network these days give a great benefit in

many things, such as in acquiring information and in making the interaction

between family and friends easier. Supported by the ease in gaining internet

connection into the houses, offices, and the emerging of “warnet” (warung

internet), internet is no longer become an unfamiliar thing which is hard to attain.

By the increase of busyness of each individual as well and the yearning in

acquiring information fast and easily, a media that can fulfill necessity of

information without consuming much time is needed. The right solution for this

necessity is through creating a magazine which can be read online. By using

online magazine, one does not have to give much effort to go to a place only to

search for a magazine. Online magazine can also simplify the searching of

previous news that is time consuming only to find it in a heap of papers. The use

of online magazine makes the data storage easier and can safe the space. The

presentation of an article in online magazine is more attractive since it contains

(3)

Penyusun

DAFTAR ISI

ABSTRAK ……….……...

i

ABSTRACT... ii

KATA PENGANTAR ………. iii

DAFTAR ISI ……… iv

DAFTAR GAMBAR ………... viii

DAFTAR TABEL ………...…. ix

DAFTAR SINGKATAN ………. x

BAB I PENDAHULUAN ……….. 1

I.1 Latar Belakang

………... ...

1

I.2.

Identifikasi

Masalah

………. ... ...

1

I.3. Tujuan Penulisan

………... 1

I.4 Pembatasan Masalah

………...…. 2

I.5 Sistematika Penulisan Laporan

………...… 2

BAB II TEORI PENUNJANG……… ...

3

II.1 Skrip HTML ... 3

II.1.1

Sintaks

Dasar

HTML

...…….... 3

II. 1.2 Tag HTML

... 4

III. 1.3 Tag HEAD

... 4

II.2 Database MySQL

... 6

II.2.1 Tabel

...

6

II.2.2

Query

... 6

II.3 Skrip PHP

... 7

II.3.1 Menggunakan PHP

... 8

II.3.2 Menampilkan data didalam program

...

8

(4)

II.3.4 Variabel dalam PHP

... 9

II.3.5

Statement

... 9

II.3.6 Fungsi

... 9

II.3.7

Regular Expression

... 10

BAB III PERANCANGAN

DATABASE

DAN PERANGKAT

LUNAK ...

11

III.3 Perancangan dan Realisasi

DataBase

... 11

III.3.1 Tabel Topics

... 11

III.1.2 Tabel Autonews

... 12

III.1.3 Tabel user

... 15

III.1.4

Tabel

Config

... 16

III.1.5

Tabel

download

III. 1.9 Tabel poll_data

... 22

III. 1.10 Tabel pollcomment

... 22

III.2 . Perancangan Perangkat Lunak

... 25

III.2.1.

Blok

Modul

... 26

III.2.2. Blok Tampilan Berita dan Komentar

... 32

III.2.3 Blok Survey

... 33

III.2.4 Blok Login

... 34

III.2.5 Blok Siapa yang Online

... 36

BAB IV PENGUJIAN PERANGKAT LUNAK ...

38

IV.1 Blok Modul

... 40

IV.1.1. Link Depan

... 40

IV.1.2. Link Berita Lama

... 40

IV.1.3. Link

Downloads

... 41

IV.1.4. Link

Search

... 42

(5)

IV.2 Blok Tampilan Berita dan Komentar

... 44

IV.2.1. Link Berita Selengkapnya

...

45

IV.2.2. Link Komentar

... 46

IV.3 Blok Survey

... 47

IV.4 Blok Login

... 48

IV.4.1 Login sebagai administrator

... 48

IV.4.2 Login sebagai user yang sudah mendaftar

... 57

IV.4.3. Link Daftar Baru

... 58

IV.4.4 Link lupa password

... 58

IV.5 Blok Siapa Yang Online

... 59

BAB V KESIMPULAN DAN SARAN ………... 60

V.1 Kesimpulan

... 60

V.2 Saran

... 60

DAFTAR PUSTAKA………... 61

(6)

DAFTAR GAMBAR

Gambar 3.1

Rancangan halaman utama web ... 25

Gambar 3.2

Flowchart keseluruhan kerja program ... 26

Gambar 3.3

Flowchart Link Depan ... 28

Gambar 3.4

Flowchart tampilan Berita Lama ... 28

Gambar 3.5

Flowchart Modul

Downloads

... 29

Gambar 3.6

Flowchart Modul

Search

... 30

Gambar 3.7

Flowchart Modul Topik ... 31

Gambar 3.8

Flowchart blok Tampilan berita dan Komentar ... 32

Gambar 3.9

Flowchart blok Survey ... 33

Gambar 3.10

Flowchart Blok Login / validasi password ... 36

Gambar 3.11

Flowchart Halaman Admin ... 37

Gambar 4.1

Menu tampilan halaman utama ... 39

Gambar 4.2

Tampilan blok modul ... 40

Gambar 4.3

Tampilan halaman link berita lama ... 40

Gambar 4.4

Tampilan halaman link downloads ... 41

Gambar 4.5

Tampilan halaman link

Search

... 42

Gambar 4.6

Tampilan halaman linkTopik ... 43

Gambar 4.7

Tampilan blok berita dan komentar ... 44

Gambar 4.8

Tampilan link Berita Selengkapnya ... 45

Gambar 4.9

Tampilan link Komentar ... 46

Gambar 4.10

Tampilan blok Nilai pada halaman link Komentar .. 46

Gambar 4.11

Tampilan blok Survey ... 47

Gambar 4.12

Tampilan blok Hasil

Polling

... 47

Gambar 4.13

Tamplian blok Modul ... 48

Gambar 4.14

Tampilan pengaturan halaman depan ... 48

Gambar 4.15

Tampilan gambar Topik ... 49

(7)

Gambar 4.17

Tampilan blok Tambah Berita Baru ... 51

Gambar 4.18

Tampilan form polling berita ... 52

Gambar 4.19

Tampilan link Berita ... 52

Gambar 4.20

Tampilan blok Tambah Kategori Downloads... 53

Gambar 4.21

Tampilan blok penambahan lik baru ... 54

Gambar 4.22

Tampilan link Administrasi Survey ... 55

Gambar 4.23

Tampilan link Edit User ... 56

Gambar 4.24

Tampilan halaman pengisian berita bagi user ... 57

Gambar 2.25

Tampilan link Daftar Baru ... 58

Gambar 4.26

Tampilan halaman Lupa Password ... 58

(8)

DAFTAR TABEL

Tabel 2.1

Atribut yang digunakan di dalam Tag META ... 5

Tabel 2.2

Tabel Mahasiswa

... 7

Tabel 2.3

Bentuk pembuka program PHP ... 8

Tabel 3.1

Rancangan field tabel topic ... 12

Tabel 3.2

Rancangan field tabel autonews ... 14

Tabel 3.3

Rancangan field tabel user ... 15

Tabel 3.4

Rancangan field tabel config ... 16

Tabel 3.5

Rancangan field tabel download categories ... 17

Tabel 3.6

Rancangan field tabel download_download ... 20

Tabel 3.7

Rancangan field tabel download_editorial ... 21

Tabel 3.9

Rancangan field tabel poll_data ... 22

(9)

DAFTAR SINGKATAN

1. HTML

:

Hyper Text Markup Language

(10)

LAMPIRAN-A

LISTING PROGRAM

/****************************************************************/

/* Index */

/****************************************************************/

<?php

require_once("mainfile.php");

$_SERVER['PHP_SELF'] = "modules.php";

$row = $db->sql_fetchrow($db->sql_query("SELECT main_module from ".$prefix."_main")); $name = $row['main_module'];

$home = 1;

if ($httpref==1) {

$referer = $_SERVER["HTTP_REFERER"]; $referer = check_html($referer, nohtml);

if ($referer=="" OR eregi("^unknown", $referer) OR

substr("$referer",0,strlen($nukeurl))==$nukeurl OR eregi("^bookmark",$referer)) { } else {

$result = $db->sql_query("INSERT INTO ".$prefix."_referer VALUES (NULL, '$referer')");

}

$numrows = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_referer")); if($numrows>=$httprefmax) {

$result2 = $db->sql_query("DELETE FROM ".$prefix."_referer"); }

}

if (!isset($mop)) { $mop="modload"; } if (!isset($mod_file)) { $mod_file="index"; } $name = trim($name);

$file = trim($file);

$mod_file = trim($mod_file); $mop = trim($mop);

if (ereg("\.\.",$name) || ereg("\.\.",$file) || ereg("\.\.",$mod_file) || ereg("\.\.",$mop)) { echo "You are so cool...";

} else {

$ThemeSel = get_theme();

if (file_exists("themes/$ThemeSel/module.php")) { include("themes/$ThemeSel/module.php");

if (is_active("$default_module") AND

file_exists("modules/$default_module/".$mod_file.".php")) { $name = $default_module;

} }

if (file_exists("themes/$ThemeSel/modules/$name/".$mod_file.".php")) { $modpath = "themes/$ThemeSel/";

}

(11)

if (file_exists($modpath)) { include($modpath); } else {

$index = 1;

include("header.php"); OpenTable();

if (is_admin($admin)) {

echo "<center><font class=\"\"><b>"._HOMEPROBLEM."</b></font><br><br>[ <a href=\"admin.php?op=modules\">"._ADDAHOME."</a> ]</center>";

} else {

echo "<center>"._HOMEPROBLEMUSER."</center>"; }

CloseTable(); include("footer.php"); }

}

?>

/****************************************************************/

/* Berita Lama */

/****************************************************************/

<?php

if (eregi("block-Berita lama.php", $_SERVER['PHP_SELF'])) { Header("Location: index.php");

die(); }

global $locale, $oldnum, $storynum, $storyhome, $cookie, $categories, $cat, $prefix, $multilingual, $currentlang, $db, $new_topic, $user_news;

if ($multilingual == 1) { if ($categories == 1) {

$querylang = "where catid='$cat' AND (alanguage='$currentlang' OR alanguage='')"; } else {

$querylang = "where (alanguage='$currentlang' OR alanguage='')"; if ($new_topic != 0) {

$querylang .= " AND topic='$new_topic'"; }

} } else {

if ($categories == 1) {

$querylang = "where catid='$cat'"; } else {

$querylang = ""; if ($new_topic != 0) {

$querylang = "WHERE topic='$new_topic'"; }

} }

(12)

$storynum = $cookie[3]; } else {

$storynum = $storyhome; }

$boxstuff = "<table border=\"0\" width=\"100%\">"; $boxTitle = _PASTARTICLES;

$result = $db->sql_query("SELECT sid, title, time, comments FROM ".$prefix."_stories $querylang ORDER BY time DESC LIMIT $storynum, $oldnum");

$vari = 0;

$r_options = "";

if (isset($cookie[4])) { $r_options .= "&mode=$cookie[4]"; } if (isset($cookie[5])) { $r_options .= "&order=$cookie[5]"; } if (isset($cookie[6])) { $r_options .= "&thold=$cookie[6]"; }

while ($row = $db->sql_fetchrow($result)) { $sid = intval($row['sid']);

$title = stripslashes($row['title']); $time = $row['time'];

$comments = $row['comments']; $see = 1;

setlocale(LC_TIME, $locale);

ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime2);

$datetime2 = strftime(""._DATESTRING2."",

mktime($datetime2[4],$datetime2[5],$datetime2[6],$datetime2[2],$datetime2[3],$datetime2[1])); $datetime2 = ucfirst($datetime2);

if ($articlecomm == 1) {

$comments = "($comments)"; } else {

$comments = ""; }

if($time2==$datetime2) {

$boxstuff .= "<tr><td valign=\"top\"><strong><big>·</big></strong></td><td> <a href=\"modules.php?name=News&file=article&sid=$sid$r_options\">$title</a> $comments</td></tr>\n";

} else { if($a=="") {

$boxstuff .= "<tr><td colspan=\"2\"><b>$datetime2</b></td></tr><tr><td valign=\"top\"><strong><big>·</big></strong></td><td> <a

href=\"modules.php?name=News&file=article&sid=$sid$r_options\">$title</a> $comments</td></tr>\n";

$time2 = $datetime2; $a = 1;

} else {

$boxstuff .= "<tr><td colspan=\"2\"><b>$datetime2</b></td></tr><tr><td valign=\"top\"><strong><big>·</big></strong></td><td> <a

href=\"modules.php?name=News&file=article&sid=$sid$r_options\">$title</a> $comments</td></tr>\n";

$time2 = $datetime2; }

} $vari++;

(13)

$storynum = $storyhome; }

$min = $oldnum + $storynum; $dummy = 1;

} }

if ($dummy == 1 AND is_active(Stories_Archive)) { $boxstuff .= "</table><br><a

href=\"modules.php?name=Stories_Archive\"><b>"._OLDERARTICLES."</b></a>\n"; } else {

$boxstuff .= "</table>"; }

if ($see == 1) {

$content = $boxstuff; }

?>

/****************************************************************/

/* Downloads */

/****************************************************************/

<?php

if (eregi("block-Top10_Downloads.php",$_SERVER['PHP_SELF']) { Header("Location: index.php");

die(); }

global $prefix, $db;

$a = 1;

$result = $db->sql_query("SELECT lid, title FROM ".$prefix."_downloads_downloads ORDER BY hits DESC LIMIT 0,10");

while ($row = $db->sql_fetchrow($result)) { $lid = intval($row['lid']);

$title = stripslashes($row['title']); $title2 = ereg_replace("_", " ", $title);

$content .= "<strong><big>·</big></strong> $a: <a

href=\"modules.php?name=Downloads&d_op=viewdownloaddetails&lid=$lid&titl e=$title\">$title2</a><br>";

$a++; }

(14)

/****************************************************************/

/* Search */

/****************************************************************/

<?php

if (!eregi("modules.php", $_SERVER['PHP_SELF'])) { die ("You can't access this file directly...");

}

$module_name = basename(dirname(__FILE__)); get_lang($module_name);

global $admin, $prefix, $db, $module_name, $articlecomm, $multilingual; if ($multilingual == 1) {

$queryalang = "AND (s.alanguage='$currentlang' OR s.alanguage='')"; /* stories */ $queryrlang = "AND rlanguage='$currentlang' "; /* reviews */

} else {

$queryalang = ""; $queryrlang = ""; $queryslang = ""; }

switch($op) {

case "comments": break;

default:

$ThemeSel = get_theme(); $offset=10;

if (!isset($min)) $min=0;

if (!isset($max)) $max=$min+$offset;

$query = stripslashes(check_html($query, nohtml)); $pagetitle = "- "._SEARCH.""; include("header.php");

$topic = intval($topic); if ($topic>0) {

$row = $db->sql_fetchrow($db->sql_query("SELECT topicimage, topictext from ".$prefix."_topics where topicid='$topic'"));

$topicimage = $row['topicimage']; $topictext = $row['topictext'];

if (file_exists("themes/$ThemeSel/images/topics/$topicimage")) {

$topicimage = "themes/$ThemeSel/images/topics/$topicimage"; } else {

$topicimage = "$tipath/$topicimage"; }

} else {

$topictext = ""._ALLTOPICS."";

if (file_exists("themes/$ThemeSel/images/topics/AllTopics.gif")) {

$topicimage = "themes/$ThemeSel/images/topics/AllTopics.gif"; } else {

(15)

}

if (file_exists("themes/$ThemeSel/images/topics/AllTopics.gif")) { $alltop = "themes/$ThemeSel/images/topics/AllTopics.gif";

} else {

$alltop = "$tipath/AllTopics.gif"; }

OpenTable();

if ($type == "users") { echo "<center><font

class=\"title\"><b>"._SEARCHUSERS."</b></font></center><br>"; } elseif ($type == "reviews") {

echo "<center><font

class=\"title\"><b>"._SEARCHREVIEWS."</b></font></center><br>"; } elseif ($type == "comments" AND isset($sid)) {

$res = $db->sql_query("select title from ".$prefix."_stories where sid='$sid'"); list($st_title) = $db->sql_fetchrow($res);

$instory = "AND sid='$sid'";

echo "<center><font class=\"title\"><b>"._SEARCHINSTORY." $st_title</b></font></center><br>";

} else {

echo "<center><font class=\"title\"><b>"._SEARCHIN." $topictext</b></font></center><br>";

}

echo "<table width=\"100%\" border=\"0\"><TR><TD>"; if (($type == "users") OR ($type == "reviews")) {

echo "<img src=\"$alltop\" align=\"right\" border=\"0\" alt=\"\">"; } else {

echo "<img src=\"$topicimage\" align=\"right\" border=\"0\" alt=\"$topictext\">";

}

echo "<form action=\"modules.php?name=$module_name\" method=\"POST\">"

."<input size=\"25\" type=\"text\" name=\"query\" value=\"$query\">  " ."<input type=\"submit\" value=\""._SEARCH."\"><br><br>";

if (isset($sid)) {

echo "<input type='hidden' name='sid' value='$sid'>"; }

echo "";

$toplist = $db->sql_query("SELECT topicid, topictext from ".$prefix."_topics order by topictext");

echo "<select name=\"topic\">";

echo "<option value=\"\">"._ALLTOPICS."</option>\n"; while($row2 = $db->sql_fetchrow($toplist)) {

$topicid = intval($row2['topicid']); $topics = $row2['topictext'];

if ($topicid==$topic) { $sel = "selected "; }

echo "<option $sel value=\"$topicid\">$topics</option>\n"; $sel = "";

}

echo "</select>"; /* Category Selection */

$category = intval($category);

echo " <select name=\"category\">"; echo "<option value=\"0\">"._ARTICLES."</option>\n";

(16)

while ($row3 = $db->sql_fetchrow($result3)) { $catid = intval($row3['catid']);

$title = $row3['title'];

if ($catid==$category) { $sel = "selected "; }

echo "<option $sel value=\"$catid\">$title</option>\n"; $sel = "";

}

echo "</select>"; /* Authors Selection */

$thing = $db->sql_query("SELECT aid from ".$prefix."_authors order by aid"); echo " <select name=\"author\">";

echo "<option value=\"\">"._ALLAUTHORS."</option>\n"; while($row4 = $db->sql_fetchrow($thing)) {

$authors = $row4['aid'];

if ($authors==$author) { $sel = "selected "; }

echo "<option value=\"$authors\">$authors</option>\n"; $sel = "";

}

echo "</select>"; /* Date Selection */ ?>

<option <?php echo $days == 0 ? "selected " : ""; ?> value="0"><?php echo _ALL ?></option>

<option <?php echo $days == 7 ? "selected " : ""; ?> value="7">1 <?php echo _WEEK ?></option>

<option <?php echo $days == 14 ? "selected " : ""; ?> value="14">2 <?php echo _WEEKS ?></option>

<option <?php echo $days == 30 ? "selected " : ""; ?> value="30">1 <?php echo _MONTH ?></option>

<option <?php echo $days == 60 ? "selected " : ""; ?> value="60">2 <?php echo _MONTHS ?></option>

<option <?php echo $days == 90 ? "selected " : ""; ?> value="90">3 <?php echo _MONTHS ?></option>

</select><br>

<?php

if (($type == "stories") OR ($type == "")) { $sel1 = "checked";

} elseif ($type == "comments") { $sel2 = "checked";

} elseif ($type == "users") { $sel3 = "checked";

} elseif ($type == "reviews") { $sel4 = "checked";

}

$num_rev = $db->sql_numrows($db->sql_query("SELECT * from ".$prefix."_reviews"));

echo ""._SEARCHON."";

echo "<input type=\"radio\" name=\"type\" value=\"stories\" $sel1> "._SSTORIES."";

if ($articlecomm == 1) {

echo "<input type=\"radio\" name=\"type\" value=\"comments\" $sel2> "._SCOMMENTS."";

}

echo "<input type=\"radio\" name=\"type\" value=\"users\" $sel3> "._SUSERS."";

(17)

echo "<input type=\"radio\" name=\"type\" value=\"reviews\" $sel4> "._REVIEWS."";

}

echo "</form></td></tr></table>"; $query = addslashes($query);

if ($type=="stories" OR !$type) {

if ($category > 0) {

$categ = "AND catid='$category' "; } elseif ($category == 0) {

$categ = ""; }

$q = "select s.sid, s.aid, s.informant, s.title, s.time, s.hometext, s.bodytext, a.url,

s.comments, s.topic from ".$prefix."_stories s, ".$prefix."_authors a where s.aid=a.aid $queryalang $categ";

if (isset($query)) $q .= "AND (s.title LIKE '%$query%' OR s.hometext LIKE '%$query%' OR s.bodytext LIKE '%$query%' OR s.notes LIKE '%$query%') "; if ($author != "") $q .= "AND s.aid='$author' ";

if ($topic != "") $q .= "AND s.topic='$topic' ";

if ($days != "" && $days!=0) $q .= "AND TO_DAYS(NOW()) - TO_DAYS(time) <= '$days' ";

$q .= " ORDER BY s.time DESC LIMIT $min,$offset"; $t = $topic;

$result5 = $db->sql_query($q); $nrows = $db->sql_numrows($result5); $x=0;

if ($query != "") {

echo "<br><hr noshade

size=\"1\"><center><b>"._SEARCHRESULTS."</b></center><br><br>";

echo "<table width=\"99%\" cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n"; if ($nrows>0) {

while($row5 = $db->sql_fetchrow($result5)) { $sid = intval($row5['sid']);

$aid = $row5['aid'];

$informant = $row5['informant']; $title = $row5['title'];

$time = $row5['time'];

$hometext = $row5['hometext']; $bodytext = $row5['bodytext']; $url = $row5['url'];

$comments = $row5['comments']; $topic = $row5['topic'];

$row6 = $db->sql_fetchrow($db->sql_query("SELECT topictext from ".$prefix."_topics where topicid='$topic'"));

$topictext = $row6['topictext'];

$furl = "modules.php?name=News&file=article&sid=$sid"; $datetime = formatTimestamp($time);

$query = stripslashes($query); if ($informant == "") {

$informant = $anonymous; } else {

$informant = "<a

href=\"modules.php?name=Your_Account&op=userinfo&username=$informant\">$inf ormant</a>";

}

(18)

if (eregi(quotemeta($query),$title)) { $a = 1;

}

$text = "$hometext$bodytext"; if (eregi(quotemeta($query),$text)) {

$a = 2; }

if (eregi(quotemeta($query),$text) AND eregi(quotemeta($query),$title)) {

$a = 3; }

if ($a == 1) {

$match = _MATCHTITLE;

} elseif ($a == 2) {

$match = _MATCHTEXT; } elseif ($a == 3) {

$match = _MATCHBOTH; }

if (!isset($a)) { $match = ""; } else {

$match = "$match<br>"; }

}

printf("<tr><td><img src=\"images/folders.gif\" border=\"0\"

alt=\"\"> <font class=\"option\"><a href=\"%s\"><b>%s</b></a></font><br><font class=\"content\">"._CONTRIBUTEDBY." $informant<br>"._POSTEDBY." <a

href=\"%s\">%s</a>",$furl,$title,$url,$aid,$informant); echo " "._ON." $datetime<br>"

."$match"

.""._TOPIC.": <a

href=\"modules.php?name=$module_name&query=&topic=$topic\">$topictext</a> "; if ($comments == 0) {

echo "("._NOCOMMENTS.")"; } elseif ($comments == 1) {

echo "($comments "._UCOMMENT.")"; } elseif ($comments >1) {

echo "($comments "._UCOMMENTS.")"; }

if (is_admin($admin)) { echo " [ <a

href=\"admin.php?op=EditStory&sid=$sid\">"._EDIT."</a> | <a href=\"admin.php?op=RemoveStory&sid=$sid\">"._DELETE."</a> ]";

}

echo "</font><br><br><br></td></tr>\n"; $x++;

}

echo "</table>";

} else {

echo "<tr><td><center><font

class=\"option\"><b>"._NOMATCHES."</b></font></center><br><br>"; echo "</td></tr></table>";

}

(19)

print "<br><br><center><a

href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$prev &query=$query&type=$type&category=$category\">";

print "<b>$min "._PREVMATCHES."</b></a></center>"; }

$next=$min+$offset; if ($x>=9) { print "<br><br><center><a

href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$max &query=$query&type=$type&category=$category\">";

print "<b>"._NEXTMATCHES."</b></a></center>"; }

}

} elseif ($type=="comments") { /*

$sid = intval($sid); if (isset($sid)) {

$row7 = $db->sql_fetchrow($db->sql_query("SELECT title from ".$prefix."_stories where sid='$sid'"));

$st_title = $row7['title']; $instory = "AND sid='$sid'"; } else {

$instory = ""; }

*/

$result8 = $db->sql_query("SELECT tid, sid, subject, date, name from

".$prefix."_comments where (subject like '%$query%' OR comment like '%$query%') $instory order by date DESC limit $min,$offset");

$nrows = $db->sql_numrows($result8); $x=0;

if ($query != "") {

size=\"1\"><center><b>"._SEARCHRESULTS."</b></center><br><br>"; echo "<table width=\"99%\" cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n";

if ($nrows>0) {

while($row8 = $db->sql_fetchrow($result8)) { $tid = intval($row8['tid']);

$sid = intval($row8['sid']); $subject = $row8['subject']; $date = $row8['date']; $name = $row8['name'];

$row_res = $db->sql_fetchrow($db->sql_query("SELECT title from ".$prefix."_stories where sid='$sid'"));

$title = $row_res['title'];

$reply = $db->sql_numrows($db->sql_query("SELECT * from ".$prefix."_comments where pid='$tid'"));

$furl = "modules.php?name=News&file=article&thold=-1&mode=flat&order=1&sid=$sid#$tid";

if(!$name) {

$name = "$anonymous"; } else {

$name = "<a

(20)

}

$datetime = formatTimestamp($date);

echo "<tr><td><img src=\"images/folders.gif\" border=\"0\"

alt=\"\"> <font class=\"option\"><a href=\"$furl\"><b>$subject</b></a></font><font class=\"content\"><br>"._POSTEDBY." $name"

." "._ON." $datetime<br>"

.""._ATTACHART.": $title<br>"; if ($reply == 1) {

echo "($reply "._SREPLY.")"; if (is_admin($admin)) {

echo " [ <a

href=\"admin.php?op=RemoveComment&tid=$tid&sid=$sid\">"._DELETE."</a> ]"; }

echo "<br><br><br></td></tr>\n"; } else {

echo "($reply "._SREPLIES.")"; if (is_admin($admin)) {

echo " [ <a

href=\"admin.php?op=RemoveComment&tid=$tid&sid=$sid\">"._DELETE."</a> ]"; }

echo "<br><br><br></td></tr>\n"; }

$x++; }

echo "</table>";

} else {

}

$prev=$min-$offset; if ($prev>=0) {

href=\"modules.php?name=$module_name&author=$author&topic=$topic&min=$ prev&query=$query&type=$type\">";

href=\"modules.php?name=$module_name&author=$author&topic=$topic&min=$ max&query=$query&type=$type\">";

}

} elseif ($type=="reviews") {

$res_n = $db->sql_query("SELECT id, title, text, reviewer, score from ".$prefix."_reviews where (title like '%$query%' OR text like '%$query%') $queryrlang order by date DESC limit $min,$offset");

$nrows = $db->sql_numrows($res_n); $x=0;

if ($query != "") {

(21)

echo "<table width=\"99%\" cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n";

if ($nrows>0) {

while($rown = $db->sql_fetchrow($res_n)) { $id = intval($rown['id']);

$title = $rown['title']; $text = $rown['text'];

$reviewer = $rown['reviewer']; $score = intval($rown['score']);

$furl =

"modules.php?name=Reviews&op=showcontent&id=$id";

$pages = count(explode( "", $text ));

echo "<tr><td><img src=\"images/folders.gif\" border=\"0\" alt=\"\"> <font class=\"option\"><a href=\"$furl\"><b>$title</b></a></font><br>"

."<font class=\"content\">"._POSTEDBY." $reviewer<br>" .""._REVIEWSCORE.": $score/10<br>";

if ($pages == 1) { echo "($pages "._PAGE.")"; } else {

echo "($pages "._PAGES.")"; }

href=\"modules.php?name=Reviews&op=mod_review&id=$id\">"._EDIT."</a> | <a href=\"modules.php?name=Reviews.php&op=del_review&id_del=$id\">"._DELETE."< /a> ]";

}

print "<br><br><br></font></td></tr>\n"; $x++;

}

echo "</table>";

} else {

}

href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$prev &query=$query&type=$type\">";

href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$max &query=$query&type=$type\">";

}

} elseif ($type=="users") {

(22)

$nrows = $db->sql_numrows($res_n3); $x=0;

if ($query != "") {

size=\"1\"><center><b>"._SEARCHRESULTS."</b></center><br><br>"; echo "<table width=\"99%\" cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n";

if ($nrows>0) {

while($rown3 = $db->sql_fetchrow($res_n3)) { $uid = intval($rown3['user_id']);

$uname = $rown3['username']; $name = $rown3['name'];

$furl =

"modules.php?name=Your_Account&op=userinfo&username=$uname"; if ($name=="") {

$name = ""._NONAME.""; }

echo "<tr><td><img src=\"images/folders.gif\" border=\"0\"

alt=\"\"> <font class=\"option\"><a href=\"$furl\"><b>$uname</b></a></font><font class=\"content\"> ($name)";

href=\"admin.php?chng_uid=$uid&op=modifyUser\">"._EDIT."</a> | <a href=\"admin.php?op=delUser&chng_uid=$uid\">"._DELETE."</a> ]";

}

echo "</font></td></tr>\n"; $x++;

}

echo "</table>";

} else {

}

href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$prev &query=$query&type=$type\">";

href=\"modules.php?name=$module_name&author=$author&topic=$t&min=$max &query=$query&type=$type\">";

} } CloseTable();

if (isset($query) AND $query != "") { echo "<br>";

(23)

$dcnt = $db->sql_numrows($db->sql_query("SELECT * from

".$prefix."_downloads_downloads WHERE title LIKE '%$query%' OR description LIKE '%$query%'"));

$mod1 = "<li> <a

href=\"modules.php?name=Downloads&d_op=search&query=$query\">"._DOWNLOA DS."</a> ($dcnt "._SEARCHRESULTS.")";

}

if (is_active("Web_Links")) {

$lcnt = $db->sql_numrows($db->sql_query("SELECT * from ".$prefix."_links_links WHERE title LIKE '%$query%' OR description LIKE '%$query%'"));

$mod2 = "<li> <a

href=\"modules.php?name=Web_Links&l_op=search&query=$query\">"._WEBLINKS ."</a> ($lcnt "._SEARCHRESULTS.")";

}

if (is_active("Encyclopedia")) {

$ecnt1 = $db->sql_query("SELECT eid from ".$prefix."_encyclopedia WHERE active='1'");

$ecnt = 0;

while($row_e = $db->sql_fetchrow($ecnt1)) { $eid = intval($row_e['eid']);

$ecnt2 = $db->sql_numrows($db->sql_query("select * from

".$prefix."_encyclopedia WHERE title LIKE '%$query%' OR description LIKE '%$query%' AND eid='$eid'"));

$ecnt3 = $db->sql_numrows($db->sql_query("select * from

".$prefix."_encyclopedia_text WHERE title LIKE '%$query%' OR text LIKE '%$query%' AND eid='$eid'"));

$ecnt = $ecnt+$ecnt2+$ecnt3; }

$mod3 = "<li> <a

href=\"modules.php?name=Encyclopedia&file=search&query=$query\">"._ENCYCLO PEDIA."</a> ($ecnt "._SEARCHRESULTS.")";

}

OpenTable();

echo "<font class=\"title\">"._FINDMORE."<br><br>" .""._DIDNOTFIND."</font><br><br>"

.""._SEARCH." \"<b>$query</b>\" "._ON.":<br><br>" ."<ul>"

."$mod1" ."$mod2" ."$mod3"

."<li> <a href=\"http://www.google.com/search?q=$query\" target=\"new\">Google</a>"

."<li> <a href=\"http://groups.google.com/groups?q=$query\" target=\"new\">Google Groups</a>"

."</ul>";

CloseTable(); }

include("footer.php"); break;

}

(24)

/****************************************************************/

/* Topic */

/****************************************************************/

<?php

if (!eregi("modules.php", $_SERVER['PHP_SELF'])) { die ("You can't access this file directly...");

}

$module_name = basename(dirname(__FILE__)); get_lang($module_name);

$pagetitle = "- "._ACTIVETOPICS.""; include("header.php");

global $prefix, $db;

$result = $db->sql_query("SELECT topicid, topicname, topicimage, topictext FROM ".$prefix."_topics ORDER BY topictext");

if ($db->sql_numrows($result) == 0) { include("header.php");

include("footer.php"); }

if ($db->sql_numrows($result) > 0) { $r_options = "";

if (isset($cookie[4])) { $r_options .= "&mode=$cookie[4]"; } if (isset($cookie[5])) { $r_options .= "&order=$cookie[5]"; } if (isset($cookie[6])) { $r_options .= "&thold=$cookie[6]"; } OpenTable();

echo "<center><font class=\"title\"><b>"._ACTIVETOPICS."</b></font><br>\n" ."<font class=\"content\">"._CLICK2LIST."</font><br><br>\n"

."<form action=\"modules.php?name=Search\" method=\"post\">" ."<input type=\"name\" name=\"query\" size=\"30\">  " ."<input type=\"submit\" value=\""._SEARCH."\">"

."</form></center><br><br>"; while ($row = $db->sql_fetchrow($result)) {

$topicid = intval($row['topicid']); $topicname = $row['topicname'];

$topicimage = $row['topicimage']; $topictext = $row['topictext'];

if (@file_exists("themes/$ThemeSel/images/topics/$topicimage")) { $t_image = "themes/$ThemeSel/images/topics/$topicimage"; } else {

$t_image = "$tipath$topicimage"; }

$res = $db->sql_query("SELECT counter FROM ".$prefix."_stories WHERE topic='$topicid'");

$numrows = $db->sql_numrows($res); $reads = 0;

while ($counting = $db->sql_fetchrow($res)) { $ccounter = $counting[counter];

$reads = $reads+$ccounter; }

title($topictext);

(25)

."<a href=\"modules.php?name=News&new_topic=$topicid\"><img src=\"$t_image\" border=\"0\" alt=\"$topictext\" title=\"$topictext\" hspace='5' vspace='5'></a><br><br>\n"

."<font class=\"content\">\n"

."<big><strong>&middot</strong></big> <b>"._TOPIC.":</b> $topictext<br>\n"

."<big><strong>&middot</strong></big> <b>"._TOTNEWS.":</b> $numrows<br>\n"

."<big><strong>&middot</strong></big> <b>"._TOTREADS.":</b> $reads</font>\n"

."</td>\n"

."<td valign='top'>";

$result2 = $db->sql_query("SELECT sid, catid, title FROM ".$prefix."_stories WHERE topic='$topicid' ORDER BY sid DESC LIMIT 0,10");

$num = $db->sql_numrows($result2); if ($num != 0) {

while ($row2 = $db->sql_fetchrow($result2)) { $sid = intval($row2['sid']); $catid = $row2['catid']; $title = $row2['title'];

$row3 = $db->sql_fetchrow($db->sql_query("SELECT title FROM ".$prefix."_stories_cat WHERE catid='$catid'"));

$rtitle = $row3['title']; if ($catid == 0) {

$cat_link = "";

} else {

$cat_link = "<a

href='modules.php?name=News&file=categories&op=newindex&catid=$catid'><b>$rtitle</b></a >: ";

}

echo "<img src='modules/$module_name/images/arrow.gif' border='0' alt='' title=''>  $cat_link<a

href='modules.php?name=News&file=article&sid=$sid$r_options'>$title</a><br>"; }

if ($num == 10) {

echo "<div align='right'><big><strong>&middot</strong></big> <a href='modules.php?name=News&new_topic=$topicid'><b>"._MORE."

--></b></a>  </div>"; }

} else {

echo "<i>"._NONEWSYET."</i>"; }

echo "</td></tr></table><br><br>"; }

}

CloseTable(); include("footer.php");

(26)

/****************************************************************/

/* Siapa yang online */

/****************************************************************/

<?php

if (eregi("block-siapa_yang_Online.php", $_SERVER['PHP_SELF'])) { Header("Location: index.php");

die(); }

global $user, $cookie, $prefix, $db, $user_prefix;

cookiedecode($user);

$ip = $_SERVER["REMOTE_ADDR"]; $uname = $cookie[1];

if (!isset($uname)) { $uname = "$ip"; $guest = 1; }

$guest_online_num = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_session WHERE guest='1'"));

$member_online_num = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_session WHERE guest='0'"));

$who_online_num = $guest_online_num + $member_online_num;

$who_online = "<center><font class=\"content\">"._CURRENTLY." $guest_online_num "._GUESTS." $member_online_num "._MEMBERS."<br>";

$content = "$who_online";

if (is_user($user)) {

if (is_active("Private_Messages")) {

$row = $db->sql_fetchrow($db->sql_query("SELECT user_id FROM ".$user_prefix."_users WHERE username='$uname'"));

$uid = intval($row['user_id']);

$newpm = $db->sql_numrows($db->sql_query("SELECT * FROM

".$prefix."_bbprivmsgs WHERE privmsgs_to_userid='$uid' AND (privmsgs_type='5' OR privmsgs_type='1')"));

} }

$row2 = $db->sql_fetchrow($db->sql_query("SELECT title FROM ".$prefix."_blocks WHERE bkey='online'"));

$title = $row2['title'];

$content .= "<br>"._YOUARELOGGED." <b>$uname</b>.<br>"; if (is_active("Private_Messages")) {

$row3 = $db->sql_fetchrow($db->sql_query("SELECT user_id FROM ".$user_prefix."_users WHERE username='$uname'"));

$uid = intval($row3['user_id']);

(27)

$content .= ""._YOUHAVE." <a

href=\"modules.php?name=Private_Messages\"><b>$numrow</b></a> "._PRIVATEMSG.""; }

$content .= "</font></center>"; } else {

$content .= "<br>"._YOUAREANON."</font></center>"; }

?>

/****************************************************************/

/* Survey */

/****************************************************************/

<?php

if (eregi("block-Survey.php", $_SERVER['PHP_SELF'])) { Header("Location: index.php");

die(); }

global $prefix, $multilingual, $currentlang, $db, $boxTitle, $content, $pollcomm, $user, $cookie;

if ($multilingual == 1) {

$querylang = "WHERE planguage='$currentlang' AND artid='0'"; } else {

$querylang = "WHERE artid='0'"; }

$row = $db->sql_fetchrow($db->sql_query("SELECT pollID FROM ".$prefix."_poll_desc $querylang ORDER BY pollID DESC LIMIT 1"));

$pollID = intval($row['pollID']); if ($pollID == 0 || $pollID == "") { $content = "";

} else {

if (!isset($url)) {

$url = sprintf("modules.php?name=Surveys&op=results&pollID=%d", $pollID);

}

$content .= "<form action=\"modules.php?name=Surveys\" method=\"post\">"; $content .= "<input type=\"hidden\" name=\"pollID\" value=\"".$pollID."\">"; $content .= "<input type=\"hidden\" name=\"forwarder\" value=\"".$url."\">"; $row2 = $db->sql_fetchrow($db->sql_query("SELECT pollTitle, voters FROM ".$prefix."_poll_desc WHERE pollID='$pollID'"));

$pollTitle = $row2['pollTitle']; $voters = intval($row2['voters']); $boxTitle = _SURVEY;

$content .= "<font class=\"content\"><b>$pollTitle</b></font><br><br>\n"; $content .= "<table border=\"0\" width=\"100%\">";

for($i = 1; $i <= 12; $i++) {

$row3 = $db->sql_fetchrow($db->sql_query("SELECT pollID, optionText, optionCount, voteID FROM ".$prefix."_poll_data WHERE (pollID='$pollID') AND (voteID='$i')"));

(28)

$optionText = $row3['optionText']; if ($optionText != "") {

$content .= "<tr><td valign=\"top\"><input type=\"radio\" name=\"voteID\" value=\"".$i."\"></td><td width=\"100%\"><font

class=\"content\">$optionText</font></td></tr>\n"; }

} }

$content .= "</table><br><center><font class=\"content\"><input type=\"submit\" value=\""._VOTE."\"></font><br>";

cookiedecode($user); }

for($i = 0; $i < 12; $i++) {

$row4 = $db->sql_fetchrow($db->sql_query("SELECT optionCount FROM ".$prefix."_poll_data WHERE (pollID='$pollID') AND (voteID='$i')"));

$optionCount = intval($row4['optionCount']); $sum = (int)$sum+$optionCount;

}

$content .= "<br><font class=\"content\"><a

href=\"modules.php?name=Surveys&op=results&pollID=$pollID&mode=$cookie[ 4]&order=$cookie[5]&thold=$cookie[6]\"><b>"._RESULTS."</b></a><br><a href=\"modules.php?name=Surveys\"><b>"._POLLS."</b></a><br>";

if ($pollcomm) {

$numcom = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_pollcomments WHERE pollID='$pollID'"));

$content .= "<br>"._VOTES.": <b>$sum</b> <br> "._PCOMMENTS." <b>$numcom</b>\n\n";

} else {

$content .= "<br>"._VOTES." <b>$sum</b>\n\n"; }

$content .= "</font></center></form>\n\n"; }

?>

/****************************************************************/

/* Login */

/****************************************************************/

<?php

if (eregi("block-Login.php", $_SERVER['PHP_SELF'])) { Header("Location: index.php");

die(); }

global $admin, $user, $sitekey, $gfx_chk;

(29)

$random_num = mt_rand(0, $maxran);

$content = "<form action=\"modules.php?name=Your_Account\" method=\"post\">"; $content .= "<center><font class=\"content\">"._NICKNAME."<br>";

$content .= "<input type=\"text\" name=\"username\" size=\"10\" maxlength=\"25\"><br>"; $content .= ""._PASSWORD."<br>";

$content .= "<input type=\"password\" name=\"user_password\" size=\"10\" maxlength=\"20\"><br>";

if (extension_loaded("gd") AND ($gfx_chk == 2 OR $gfx_chk == 4 OR $gfx_chk == 5 OR $gfx_chk == 7)) {

$content .= ""._SECURITYCODE.": <img

src='modules.php?name=Your_Account&op=gfx&random_num=$random_num' border='1' alt='"._SECURITYCODE."' title='"._SECURITYCODE."'><br>\n";

$content .= ""._TYPESECCODE."<br><input type=\"text\" NAME=\"gfx_check\" SIZE=\"7\" MAXLENGTH=\"6\">\n";

$content .= "<input type=\"hidden\" name=\"random_num\" value=\"$random_num\"><br>\n"; } else {

$content .= "<input type=\"hidden\" name=\"random_num\" value=\"$random_num\">"; $content .= "<input type=\"hidden\" name=\"gfx_check\" value=\"$code\">";

}

$content .= "<input type=\"hidden\" name=\"op\" value=\"login\">";

$content .= "<input type=\"submit\" value=\""._LOGIN."\"></font></center></form>"; $content .= "<center><font class=\"content\">"._ASREGISTERED."</font></center>";

if (is_admin($admin) AND is_user($user)) {

$content = "<center>"._ADMIN."<br>[ <a href=\"admin.php?op=logout\">"._LOGOUT."</a> ]</center>";

}

?>

/****************************************************************/

/* Admin */

/****************************************************************/

<?php

if(stristr($_SERVER["QUERY_STRING"],'AddAuthor') || stristr($_SERVER["QUERY_STRING"],'UpdateAuthor')) { die("Illegal Operation");

}

$checkurl = $_SERVER['REQUEST_URI'];

if ((preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) { echo "die";

exit; }

require_once("mainfile.php"); get_lang(admin);

function create_first($name, $url, $email, $pwd, $user_new) { global $prefix, $db, $user_prefix;

$first = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors")); if ($first == 0) {

(30)

$db->sql_query("INSERT INTO ".$prefix."_authors VALUES ('$name', '$the_adm', '$url', '$email', '$pwd', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '1', '')");

if ($user_new == 1) {

$user_regdate = date("M d, Y"); $user_avatar = "gallery/blank.gif"; $commentlimit = 4096;

if ($url == "http://") { $url = ""; }

$db->sql_query("INSERT INTO ".$user_prefix."_users (user_id, username, user_email, user_website, user_avatar, user_regdate, user_password, theme, commentmax, user_level, user_lang, user_dateformat) VALUES

(NULL,'$name','$email','$url','$user_avatar','$user_regdate','$pwd','$Default_Theme','$commentli mit', '2', 'english','D M d, Y g:i a')");

} login(); }

}

$the_first = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors")); if ($the_first == 0) {

if (!$name) {

include("header.php");

title("$sitename: "._ADMINISTRATION.""); OpenTable();

echo "<center><b>"._NOADMINYET."</b></center><br><br>" ."<form action=\"admin.php\" method=\"post\">"

."<table border=\"0\">"

."<tr><td><b>"._NICKNAME.":</b></td><td><input type=\"text\" name=\"name\" size=\"30\" maxlength=\"25\"></td></tr>"

."<tr><td><b>"._HOMEPAGE.":</b></td><td><input type=\"text\" name=\"url\" size=\"30\" maxlength=\"255\" value=\"http://\"></td></tr>"

."<tr><td><b>"._EMAIL.":</b></td><td><input type=\"text\" name=\"email\" size=\"30\" maxlength=\"255\"></td></tr>"

."<tr><td><b>"._PASSWORD.":</b></td><td><input type=\"password\" name=\"pwd\" size=\"11\" maxlength=\"10\"></td></tr>"

."<tr><td colspan=\"2\">"._CREATEUSERDATA." <input type=\"radio\" name=\"user_new\" value=\"1\" checked>"._YES."  <input type=\"radio\" name=\"user_new\" value=\"0\">"._NO."</td></tr>"

."<tr><td><input type=\"hidden\" name=\"fop\" value=\"create_first\">" ."<input type=\"submit\" value=\""._SUBMIT."\">"

."</td></tr></table></form>"; CloseTable();

include("footer.php"); }

switch($fop) {

case "create_first":

create_first($name, $url, $email, $pwd, $user_new); break;

} die(); }

require("auth.php");

(31)

/* Fungsi Login */

function login() { global $gfx_chk; include ("header.php");

mt_srand ((double)microtime()*1000000); $maxran = 1000000;

$random_num = mt_rand(0, $maxran); OpenTable();

echo "<center><font class=\"title\"><b>"._ADMINLOGIN."</b></font></center>"; CloseTable();

echo "<br>"; OpenTable();

echo "<form action=\"admin.php\" method=\"post\">" ."<table border=\"0\">"

."<tr><td>"._ADMINID."</td>"

."<td><input type=\"text\" NAME=\"aid\" SIZE=\"20\" MAXLENGTH=\"25\"></td></tr>"

."<tr><td>"._PASSWORD."</td>"

."<td><input type=\"password\" NAME=\"pwd\" SIZE=\"20\" MAXLENGTH=\"18\"></td></tr>";

if (extension_loaded("gd") AND ($gfx_chk == 1 OR $gfx_chk == 5 OR $gfx_chk == 6 OR $gfx_chk == 7)) {

echo "<tr><td colspan='2'>"._SECURITYCODE.": <img

src='admin.php?op=gfx&random_num=$random_num' border='1' alt='"._SECURITYCODE."' title='"._SECURITYCODE."'></td></tr>"

."<tr><td colspan='2'>"._TYPESECCODE.": <input type=\"text\" NAME=\"gfx_check\" SIZE=\"7\" MAXLENGTH=\"6\"></td></tr>"; }

echo "<tr><td>"

."<input type=\"hidden\" NAME=\"random_num\" value=\"$random_num\">" ."<input type=\"hidden\" NAME=\"op\" value=\"login\">"

."<input type=\"submit\" VALUE=\""._LOGIN."\">" ."</td></tr></table>"

."</form>"; CloseTable();

include ("footer.php"); }

function gfx($random_num) { global $prefix, $db; require("config.php"); $datekey = date("F j");

$rcode = hexdec(md5($_SERVER[HTTP_USER_AGENT] . $sitekey . $random_num . $datekey));

$code = substr($rcode, 2, 6);

$image = ImageCreateFromJPEG("images/admin/code_bg.jpg"); $text_color = ImageColorAllocate($image, 80, 80, 80);

Header("Content-type: image/jpeg");

ImageString ($image, 5, 12, 2, $code, $text_color); ImageJPEG($image, '', 75);

ImageDestroy($image); die();

}

(32)

$id = intval($id);

$db->sql_query("DELETE FROM ".$prefix."_reviews_add WHERE id = '$id'"); Header("Location: admin.php?op=reviews");

}

/* Fungsi Administration Menu */

function adminmenu($url, $title, $image) {

global $counter, $admingraphic, $Default_Theme; $ThemeSel = get_theme();

if (file_exists("themes/$ThemeSel/images/admin/$image")) { $image = "themes/$ThemeSel/images/admin/$image"; } else {

$image = "images/admin/$image"; }

if ($admingraphic == 1) {

$img = "<img src=\"$image\" border=\"0\" alt=\"$title\" title=\"$title\"></a><br>"; $close = "";

} else {

$img = ""; $close = "</a>"; }

echo "<td align=\"center\" valign=\"top\" width=\"16%\"><font class=\"content\"><a href=\"$url\">$img<b>$title</b>$close<br><br></font></td>";

if ($counter == 5) {

echo "</tr><tr>"; $counter = 0;

} else {

$counter++; }

}

function GraphicAdmin() {

global $aid, $admingraphic, $language, $admin, $prefix, $db;

$newsubs = $db->sql_numrows($db->sql_query("SELECT qid FROM ".$prefix."_queue")); $row = $db->sql_fetchrow($db->sql_query("SELECT

radminarticle,radmintopic,radminuser,radminsurvey,radminlink,radminfaq,radmindownload,radmi nreviews,radminnewsletter,radminforum,radmincontent,radminency,radminsuper FROM

".$prefix."_authors WHERE aid='$aid'")); $radminarticle = intval($row['radminarticle']); $radmintopic = intval($row['radmintopic']); $radminsurvey = intval($row['radminsurvey']); $radmindownload = intval($row['radmindownload']); $radmincontent = intval($row['radmincontent']); $radminency = intval($row['radminency']); $radminsuper = intval($row['radminsuper']); OpenTable();

echo "<center><a href=\"admin.php\"><font class='title'>"._ADMINMENU."</font></a>"; echo "<br><br>";

echo"<table border=\"0\" width=\"100%\" cellspacing=\"1\"><tr>"; $linksdir = dir("admin/links");

while($func=$linksdir->read()) { if(substr($func, 0, 6) == "links.") { $menulist .= "$func "; }

(33)

closedir($linksdir->handle);

$menulist = explode(" ", $menulist); sort($menulist);

for ($i=0; $i < sizeof($menulist); $i++) { if($menulist[$i]!="") {

$counter = 0;

include($linksdir->path."/$menulist[$i]"); }

}

adminmenu("admin.php?op=logout", ""._ADMINLOGOUT."", "logout.gif"); echo"</tr></table></center>";

CloseTable(); echo "<br>"; }

/* Fungsi Administration Main */

function adminMain() {

global $language, $admin, $aid, $prefix, $file, $db, $sitename, $user_prefix; include ("header.php");

$dummy = 0; $Today = getdate(); $month = $Today['month']; $mday = $Today['mday']; $year = $Today['year']; $pmonth = $Today['month']; $pmday = $Today['mday']; $pmday = $mday-1; $pyear = $Today['year'];

if ($pmonth=="January") { $pmonth=1; } else if ($pmonth=="February") { $pmonth=2; } else if ($pmonth=="March") { $pmonth=3; } else if ($pmonth=="April") { $pmonth=4; } else if ($pmonth=="May") { $pmonth=5; } else if ($pmonth=="June") { $pmonth=6; } else if ($pmonth=="July") { $pmonth=7; } else if ($pmonth=="August") { $pmonth=8; } else if ($pmonth=="September") { $pmonth=9; } else if ($pmonth=="October") { $pmonth=10; } else if ($pmonth=="November") { $pmonth=11; } else if ($pmonth=="December") { $pmonth=12; }; $test = mktime (0,0,0,$pmonth,$pmday,$pyear,1);

$curDate2 = "%".$month[0].$month[1].$month[2]."%".$mday."%".$year."%"; $preday = strftime ("%d",$test);

$premonth = strftime ("%B",$test); $preyear = strftime ("%Y",$test);

$curDateP = "%".$premonth[0].$premonth[1].$premonth[2]."%".$preday."%".$preyear."%"; GraphicAdmin();

$aid = substr("$aid", 0,25);

$row = $db->sql_fetchrow($db->sql_query("SELECT radminarticle, radminsuper, admlanguage FROM ".$prefix."_authors WHERE aid='$aid'"));

$radminarticle = intval($row['radminarticle']); $radminsuper = intval($row['radminsuper']); $admlanguage = $row['admlanguage']; if ($admlanguage != "" ) {

(34)

$queryalang = ""; }

$row2 = $db->sql_fetchrow($db->sql_query("SELECT main_module from ".$prefix."_main")); $main_module = $row2['main_module'];

OpenTable();

echo "<center><b>$sitename: "._DEFHOMEMODULE."</b><br><br>" .""._MODULEINHOME." <b>$main_module</b><br>[ <a href=\"admin.php?op=modules\">"._CHANGE."</a> ]</center>"; CloseTable();

$guest_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='1'"));

$member_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='0'"));

$who_online_num = $guest_online_num + $member_online_num;

$who_online = "<center><font class=\"option\">"._WHOSONLINE."</font><br><br><font class=\"content\">"._CURRENTLY." $guest_online_num "._GUESTS." $member_online_num "._MEMBERS."<br>";

$row3 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount from $user_prefix"._users." WHERE user_regdate LIKE '$curDate2'"));

$userCount = $row3['userCount'];

$row4 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount FROM $user_prefix"._users." WHERE user_regdate LIKE '$curDateP'"));

$userCount2 = $row4['userCount']; echo "<center>$who_online<br>"

.""._BTD.": <b>$userCount</b> - "._BYD.": <b>$userCount2</b></center>"; CloseTable();

echo "<center><b>"._AUTOMATEDARTICLES."</b></center><br>"; $count = 0;

$result5 = $db->sql_query("SELECT anid, aid, title, time, alanguage FROM ".$prefix."_autonews $queryalang ORDER BY time ASC");

while ($row5 = $db->sql_fetchrow($result5)) { $anid = intval($row5['anid']);

$aid = $row5['aid'];

$said = substr("$aid", 0,25); $title = $row5['title']; $time = $row5['time'];

$alanguage = $row5['alanguage']; if ($alanguage == "") {

$alanguage = ""._ALL.""; }

if ($anid != "") { if ($count == 0) {

echo "<table border=\"1\" width=\"100%\">";

$count = 1;

}

$time = ereg_replace(" ", "@", $time);

if (($radminarticle==1) OR ($radminsuper==1)) {

if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) { echo "<tr><td nowrap> (<a

href=\"admin.php?op=autoEdit&anid=$anid\">"._EDIT."</a>-<a

(35)

align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */

} else {

echo "<tr><td> ("._NOFUNCTIONS.") </td><td width=\"100%\"> $title </td><td

} } else {

echo "<tr><td width=\"100%\"> $title </td><td

} } }

if (($anid == "") AND ($count == 0)) {

echo "<center><i>"._NOAUTOARTICLES."</i></center>"; }

if ($count == 1) { echo "</table>"; }

CloseTable(); echo "<br>"; OpenTable();

echo "<center><b>"._LAST." 20 "._ARTICLES."</b></center><br>";

$result6 = $db->sql_query("SELECT sid, aid, title, time, topic, informant, alanguage FROM ".$prefix."_stories $queryalang ORDER BY time DESC LIMIT 0,20");

echo "<center><table border=\"1\" width=\"100%\" bgcolor=\"$bgcolor1\">"; while ($row6 = $db->sql_fetchrow($result6)) {

$sid = intval($row6['sid']); $aid = $row6['aid'];

$said = substr("$aid", 0,25); $title = $row6['title']; $time = $row6['time'];

$topic = $row6['topic']; $informant = $row6['informant'];

$row7 = $db->sql_fetchrow($db->sql_query("SELECT topicname FROM ".$prefix."_topics WHERE topicid='$topic'"));

$topicname = $row7['topicname']; if ($alanguage == "") {

$alanguage = ""._ALL.""; }

formatTimestamp($time);

echo "<tr><td align=\"right\"><b>$sid</b>" ."</td><td align=\"left\" width=\"100%\"><a

href=\"modules.php?name=News&file=article&sid=$sid\">$title</a>" ."</td><td align=\"center\">$alanguage"

."</td><td align=\"right\">$topicname"; if (($radminarticle==1) OR ($radminsuper==1)) {

if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) { echo "</td><td align=\"right\" nowrap>(<a

href=\"admin.php?op=EditStory&sid=$sid\">"._EDIT."</a>-<a href=\"admin.php?op=RemoveStory&sid=$sid\">"._DELETE."</a>)"

."</td></tr>"; } else {

(36)

."</td></tr>"; }

} else {

echo "</td></tr>"; }

}

echo "</table>";

if (($radminarticle==1) OR ($radminsuper==1)) { echo "<center>"

."<form action=\"admin.php\" method=\"post\">"

.""._STORYID.": <input type=\"text\" NAME=\"sid\" SIZE=\"10\">" ."<select name=\"op\">"

."<option value=\"EditStory\" SELECTED>"._EDIT."</option>" ."<option value=\"RemoveStory\">"._DELETE."</option>" ."</select>"

."<input type=\"submit\" value=\""._GO."\">" ."</form></center>";

}

CloseTable();

$row8 = $db->sql_fetchrow($db->sql_query("SELECT pollID, pollTitle FROM ".$prefix."_poll_desc WHERE artid='0' ORDER BY pollID DESC LIMIT 1")); $pollID = intval($row8['pollID']);

$pollTitle = $row8['pollTitle']; echo "<br>";

OpenTable();

echo "<center><b>"._CURRENTPOLL.":</b> $pollTitle [ <a

href=\"admin.php?op=polledit&pollID=$pollID\">"._EDIT."</a> | <a href=\"admin.php?op=create\">"._ADD."</a> ]</center>";

CloseTable();

include ("footer.php"); }

if($admintest) {

switch($op) {

case "do_gfx": do_gfx(); break;

case "deleteNotice": deleteNotice($id); break;

case "GraphicAdmin": GraphicAdmin();

break;

case "adminMain": adminMain(); break;

case "logout": setcookie("admin");

$admin = "";

(37)

echo "<center><font

class=\"title\"><b>"._YOUARELOGGEDOUT."</b></font></center>"; CloseTable();

include("footer.php"); break;

case "login"; unset($op);

default:

$casedir = dir("admin/case"); while($func=$casedir->read()) {

if(substr($func, 0, 5) == "case.") {

include($casedir->path."/$func"); }

}

closedir($casedir->handle); break;

}

} else {

switch($op) {

case "gfx":

gfx($random_num); break;

default: login(); break;

}

?>

/****************************************************************/

/* Modul */

/****************************************************************/

<?php

require_once("mainfile.php"); $module = 1;

$name = trim($name); if (isset($name)) {

if (eregi("http\:\/\/", $name)) {

die("Hi and Bye"); }

(38)

$user = addslashes($user);

$nukeuser = base64_decode($user);

$result = $db->sql_query("SELECT active, view FROM ".$prefix."_modules WHERE title='$name'");

$row = $db->sql_fetchrow($result); $mod_active = intval($row['active']); $view = intval($row['view']);

if (($mod_active == 1) OR ($mod_active == 0 AND is_admin($admin))) { if (!isset($mop)) { $mop="modload"; }

if (!isset($file)) { $file="index"; }

if (ereg("\.\.",$name) || ereg("\.\.",$file) || ereg("\.\.",$mop)) { echo "You are so cool...";

} else {

if (file_exists("themes/$ThemeSel/modules/$name/".$file.".php")) { $modpath = "themes/$ThemeSel/";

} else {

$modpath = ""; }

if ($view == 0) {

$modpath .= "modules/$name/".$file.".php"; if (file_exists($modpath)) {

include($modpath);

} else {

die ("Sorry, such file doesn't exist..."); }

} else if ($view == 1 AND is_user($user) OR is_group($user, $name) OR is_admin($admin)) {

$modpath .= "modules/$name/".$file.".php"; if (file_exists($modpath)) {

include($modpath);

} else {

die ("Sorry, such file doesn't exist..."); }

} elseif ($view == 1 AND !is_user($user) AND !is_admin($admin)) { $pagetitle = "- "._ACCESSDENIED.""; include("header.php");

title("$sitename: "._ACCESSDENIED.""); OpenTable();

echo "<center><b>"._RESTRICTEDAREA."</b><br>