ob_start("ob_gzhandler");
include("./includes/config.php");
include("./lang/arabic.php");
include("./includes/function.php");
include("./includes/online.php");
include("./includes/easytemplate.php");
include("./includes/inquiry.php");
$PhpGroup_style['def_style'] = "designs/$style";
$stylepath= $PhpGroup_style['def_style'];
$tpl = new EasyTemplate;
$tpl->Temp = $PhpGroup_style['def_style'];
$tpl->Cache = "easycache";
//get the can name in the right page
$selectc = @mysql_db_query("$dbName", "SELECT * FROM `cat` WHERE `cat_group` = '1' ORDER BY `cat_id` ASC ") ;
while ($s = @mysql_fetch_assoc($selectc)){
$cat[] = $s ;
}
@mysql_free_result($selectc);
//loginbox
loginbox( $login );
//get the last new poem
$selectnewdivan = mysql_db_query("$dbName", "SELECT * FROM `divan` WHERE `divan_group` = '1' ORDER BY `divan_id` DESC ") ;
while ($ndivan = @mysql_fetch_assoc($selectnewdivan)){
$nd[] = $ndivan ;
}
@mysql_free_result($selectnewdivan);
//statistics
$selectcount= mysql_db_query("$dbName", "SELECT * FROM cat;") ;
$totalcat = mysql_affected_rows();
@mysql_free_result($selectcount);
$selectcount= mysql_db_query("$dbName", "SELECT * FROM divan;") ;
$totaldivan = mysql_affected_rows();
@mysql_free_result($selectcount);
$selectcount= mysql_db_query("$dbName", "SELECT * FROM users;") ;
$totalusers = mysql_affected_rows();
@mysql_free_result($selectcount);
echo $tpl->display("headerinclude.html");
//header
echo $tpl->display("header.html");
//endheader
echo $tpl->display("bodyinclude.html");
if (($close) == ('yes')){
echo $tpl->display("message.html");
traidntright();
echo $tpl->display("footer.html");
exit();
}
//coment
$username = $_COOKIE[traidusername];
$password = $_COOKIE[traiduserpassword];
if(($username)==('')){
$message = "من فضلك قم بتسجيل الدخول أولاً";
echo $tpl->display("message.html");
echo $tpl->display("footer.html");
exit();
}else{
$getuser = mysql_db_query("$dbName", "SELECT * FROM `users` WHERE `user_name` = '$username' and `user_password` = '$password' ;") ;
$find = mysql_affected_rows();
if(($find)==('0')){
$message = "عفوا قم باعاده تسجيل الدخول";
@setcookie('traidusername',$username,time()-36000);
}else{
//start addpoem rules
$getcatid = $_GET[catid];
$cleanid = strip_tags($getcatid);
$cnumber = is_numeric($cleanid);
if(($cnumber)!=('1')){
$message = "عفوا لا تقم بتغير شيئ بعنوان المتصفح عد الي الخلف";
echo $tpl->display("message.html");
echo $tpl->display("footer.html");
exit();
}else{
$getcat = mysql_db_query("$dbName", "SELECT * FROM `cat` WHERE `cat_id` = '$cleanid'") ;
$issetat = mysql_affected_rows();
while ($cinfo = @mysql_fetch_array($getcat)){
$allowtoaddpoem = $cinfo[cat_user];
}
if (($issetat)==('0')){
$message = "عفوا القسم غير متوفر عد الي الخلف";
echo $tpl->display("message.html");
echo $tpl->display("footer.html");
exit();
}else{
if (($allowtoaddpoem)==('no')){
$message = "عفوا غير مسموح لك باضافة قصائد بهذا القسم";
echo $tpl->display("message.html");
traidntright();
echo $tpl->display("footer.html");
exit();
}else{
if(($_GET['do'])==('')){
echo $tpl->display("addpoem.html");
}elseif(($_GET['do'])==('preview')){
//this display after user send poem
$poemname = trim($_POST[poemname]);
$poemname = strip_tags($poemname);
$poemmessage = trim($_POST['message']);
$catid = trim($_POST['catid']);
$format = $_POST[format];
$sound = trim($_POST[sound]);
$sound = strip_tags($sound);
if(eregi(">",$poemmessage)){
die("عفوا غير مسموح باضافه اكواد");
}
if(eregi("script",$poemmessage)){
die("عفوا غير مسموح باضافه اكواد");
}
if(eregi("html",$poemmessage)){
die("عفوا غير مسموح باضافه اكواد");
}
function cheakpost ($poemname,$catid,$format){
if(($poemname)==('')){
$alert = "عفوا لم تقم بادخال اسم القصيدة"."
";
}
if(($catid)==('')){
$alert = $alert."عفوا هناك خطأ بتصنيف القصيدة"."
";
}
if(($format)==('')){
$alert = $alert."عفوا لم تقم باختيار نوع التنسيق"."
";
}
return($alert);
}
$cheak = cheakpost ($poemname,$catid,$format);
if(($cheak)!=('')){
$message = "$cheak";
echo $tpl->display("message.html");
}else{
$javacode = "";
$exp = $_SERVER['HTTP_USER_AGENT'];
$exp = explode("Firefox",$exp);
$exp = $exp[1];
if(($exp) == ('')){
$poemcode = "";
$poempreview = $poemmessage;
$poempreview = nl2br($poempreview);
$poempreview = "