'') { $urlExt = substr($arLang[count($arLang)-1], 0, 5); } if (! in_array($urlExt, $arOk) AND $url <> 'logout') { header("HTTP/1.0 404 Not Found"); include('templates/404.php'); exit; } if ($adresUrl <> strtolower($adresUrl)) { header("HTTP/1.0 404 Not Found"); header('Location: /' . strtolower($adresUrl) . '.html'); exit; } foreach($_GET AS $name => $value) { $_GET[preg_replace ('/<[^>]*>/', '', $name)] = preg_replace ('/<[^>]*>/', ' ', $value); } function randomkeys($length) { $pattern = "1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; $key = $pattern[rand(0,61)]; for($i=1;$i<$length;$i++) { $key .= $pattern[rand(0,61)]; } return $key; } $_SESSION['rand'] = substr(md5(randomkeys(10)), 0, 5); define('TEMPLATES', 'templates/'); require_once('admin/db.php'); $config = mysql_fetch_assoc(mysql_query('SELECT c.*, (conf_lang1_state + conf_lang2_state + conf_lang3_state + conf_lang4_state) AS ilosc_jezykow FROM ' .DEF_TAB_config. ' c WHERE conf_id = ' .DEF_cmsID )); $paramsAll = mysql_query('SELECT * FROM cms_config_params WHERE cpar_cms_id = ' .DEF_cmsID. ' ORDER BY cpar_nazwa'); while ($slowItem = mysql_fetch_assoc($paramsAll)) { $_PARAM[$slowItem['cpar_nazwa']] = $slowItem['cpar_wartosc']; } $aktDom = str_replace('www.', '', $_SERVER['HTTP_HOST']); if ($domRedirect =='' AND $config['conf_domain_main'] <> '' AND $aktDom <> $config['conf_domain_main']) { $domRedirect = $config['conf_domain_main']; } if ($domRedirect <> '') { header('Location: http://www.' .$domRedirect. $_SERVER['REQUEST_URI']); } define('PAGE_ID_MAIN', $config['conf_page_id_main']); if (isset($_GET['lang']) AND is_numeric($_GET['lang'])) { $_SESSION['langID'] = $_GET['lang']; } else { switch ($aktDom) { case $config['conf_lang1_domain']: $_SESSION['langID'] = 1; $blockLang = true; break; case $config['conf_lang2_domain']: $_SESSION['langID'] = 2; $blockLang = true; break; case $config['conf_lang3_domain']: $_SESSION['langID'] = 3; $blockLang = true; break; case $config['conf_lang4_domain']: $_SESSION['langID'] = 4; $blockLang = true; break; } if (! $_SESSION['langID'] > 0) { $_SESSION['langID'] = 1; } } require_once('_config.php'); require_once('functions8bs2.php'); if (isset($_GET['id'])) { $id = $_GET['id']; } elseif (isset($_POST['id'])) { $id = $_POST['id']; } else { $id = 0; } if ($_POST['page'] > 0) { $trescId = $_POST['page']; } if ($_POST['log_passwd'] <> '') { if ($_POST['log_passwd'] == $config['conf_haslo_do_stron']) { $_SESSION['logId'] = 18000; } else { $loginMSG = 'Błędne hasło.'; } } if ($url == 'logout') { unset($_SESSION['logId']); unset($_SESSION['logName']); $urlParam = false; } function makeAmount($prize) { $ret = str_replace('$', '', $prize); $ret = str_replace(' ', '', $ret); $ret = str_replace(',', '', $ret); $ret = str_replace('.', '', $ret); return $ret; } //print_r($_POST); if (array_key_exists('cf-turnstile-response', $_POST)) { $post = [ 'secret' => '0x4AAAAAABgcb8npWikg4OBZOgt8bF132So', 'response' => $_POST['cf-turnstile-response'] ]; $ch = curl_init(); // set URL and other appropriate options curl_setopt($ch, CURLOPT_URL, "https://challenges.cloudflare.com/turnstile/v0/siteverify"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post); // grab URL and pass it to the browser $response = curl_exec($ch); // close cURL resource, and free up system resources curl_close($ch); $tabResp = json_decode($response, true); if ($tabResp['success'] <> 1 AND count($tabResp['error-codes']) > 0) { $_POST['key1'] = 'BanByCloudFlare'; } } if ($_POST['fId'] == 'adv' AND $_POST['key1'] == '') { // formularz zamowienia $arPrizes = null; $allItems = mysql_query('SELECT wiersz_id, wiersz_nazwa, wiersz_kolumna1 FROM cms_tabele_wiersze WHERE wiersz_tab_id IN (13,14,15)'); while ($tmp = mysql_fetch_assoc($allItems)) { $arPrizes[$tmp['wiersz_id']] = makeAmount($tmp['wiersz_kolumna1']); } $payByTrade = 0; if ($_POST['PayByTrade'] <> '') { $payByTrade = 1; } mysql_query('INSERT INTO cms_orders(ord_ip, ord_date, ord_company, ord_name, ord_authorised, ord_contact, ord_address, ord_city, ord_email, ord_phone, ord_pay_by_trade) VALUES("' .getIP(). '", "' .$_POST['Date']. '", "' .$_POST['Company_name']. '", "' .$_POST['Listed_on_index']. '", "' .$_POST['Authorized_by']. '", "' .$_POST['Contact']. '", "' .$_POST['Address']. '", "' .$_POST['City_state_zip']. '", "' .$_POST['Email']. '", "' .$_POST['Phone']. '", ' .$payByTrade. ' )'); $insertId = mysql_insert_id(); $orderItems = $_POST['tab']; $total = 0; foreach ($orderItems AS $id => $item) { $total += $arPrizes[$id]; mysql_query('INSERT INTO cms_orders_items(item_ord_id, item_wiersz_id, item_nazwa, item_amount) VALUES(' .$insertId. ', ' .$id. ', "' .$item['name']. '", ' .$arPrizes[$id]. ' )'); } mysql_query('UPDATE cms_orders SET ord_amount = ' .$total. ' WHERE ord_id = ' .$insertId ); } if ($_POST['nlEmail'] <> '') { //$msg = 'Dziękujemy. Adres zapisany.'; mail($config['conf_mail_address'], 'subscribe ' . $_POST['nlEmail'], 'subscribe ' . $_POST['nlEmail'], "From: " .$_POST['nlEmail']. "\nContent-Type: text/plain; charset=utf-8"); try { //mysql_query('INSERT INTO cms_uzytkownicy(user_email, user_login_ip) VALUES("' .$_POST['nlEmail']. '", "' .getIP(). '")'); $confHash = substr(md5(randomkeys(11)), 0, 10); mysql_query('INSERT INTO _nl_emails(mail_email, mail_add_ip, mail_hash) VALUES("' .$_POST['nlEmail']. '", "' .getIP(). '", "' .$confHash. '")'); $confirmTxt = mysql_fetch_assoc(mysql_query('SELECT tresc_nazwa_lang1 AS subj, tresc_tresc_lang1 AS body FROM cms_tresci WHERE tresc_id = 12414')); $confTresc = str_replace('{{link}}', 'https://mensclaycourt.com/confirm.php?k=' .$confHash, $confirmTxt['body']); require_once('admin/tools/PHPMailer/class.phpmailer.php'); $mail = new PHPMailer(true); //defaults to using php "mail()"; the true param means it will throw exceptions on errors, which we need to catch try { $mail->SMTPDebug = 0; // enables SMTP debug information (for testing) // 1 = errors and messages // 2 = messages only $tematUTF = "=?UTF-8?B?".base64_encode($confirmTxt['subj'])."?="; $trescMaila = $confTresc; if ($config['conf_smtp_host'] <> '' AND $config['conf_smtp_port'] <> '' AND $config['conf_smtp_user'] <> '' AND $config['conf_smtp_password'] <> '') { $mail->IsSMTP(); // telling the class to use SMTP $mail->SMTPAuth = true; // enable SMTP authentication if ($config['conf_smtp_port'] == 465) { $mail->SMTPSecure = 'ssl'; } $mail->Host = $config['conf_smtp_host']; // sets the SMTP server $mail->Port = $config['conf_smtp_port']; // set the SMTP port for the GMAIL server $mail->Username = $config['conf_smtp_user']; // SMTP account username $mail->Password = $config['conf_smtp_password']; // SMTP account password $from = $config['conf_smtp_user']; } $mail->CharSet = 'utf-8'; $mail->AddAddress ( $_POST['nlEmail'] ); $mail->SetFrom ( $from ); $mail->MsgHTML ( $trescMaila ); $mail->Subject = $tematUTF; $mail->Send(); } catch (phpmailerException $e) { $errorMessage = $e->errorMessage(); //Pretty error messages from PHPMailer } catch (Exception $e) { $errorMessage = $e->getMessage(); //Boring error messages from anything else! } $adresUrl = 'confirmation-message-sent'; } catch (Exception $e) { $adresUrl = 'error-occured'; } } /* Najpierw trzeba sprawdzic jaki jest jezyk danej strony (tresc_adres...) a dopiero potem wyciagnac odpowiednia tresc tresc_tresc_lkang... */ if (! $_SESSION['userID'] > 0) { $trescWhere = ' AND tresc_pokazuj = 1 '; } if ($adresUrl <> '') { if (strpos($adresUrl, '?') > 0) { $adresUrl = substr($adresUrl, 0, strpos($adresUrl, '?')); } $adresUrl = rawurldecode( $adresUrl ); if ($blockLang) { $trescTmp = mysql_fetch_assoc(mysql_query('SELECT tresc_id, tresc_adres_lang1, tresc_adres_lang2, tresc_adres_lang3, tresc_adres_lang4 FROM ' .DEF_TAB_tresci. ' WHERE tresc_id > 0 AND tresc_cms_id = ' .DEF_cmsID . $trescWhere. ' AND tresc_adres_lang' .$_SESSION['langID']. ' = "' .$adresUrl. '" ' )); } else { $trescTmp = mysql_fetch_assoc(mysql_query('SELECT tresc_id, tresc_adres_lang1, tresc_adres_lang2, tresc_adres_lang3, tresc_adres_lang4 FROM ' .DEF_TAB_tresci. ' WHERE tresc_id > 0 AND tresc_cms_id = ' .DEF_cmsID . $trescWhere. ' AND (tresc_adres_lang1 = "' .$adresUrl. '" OR tresc_adres_lang2 = "' .$adresUrl. '" OR tresc_adres_lang3 = "' .$adresUrl. '" OR tresc_adres_lang4 = "' .$adresUrl. '") ' )); switch ($adresUrl) { case $trescTmp['tresc_adres_lang1']: $_SESSION['langID'] = 1; break; case $trescTmp['tresc_adres_lang2']: $_SESSION['langID'] = 2; break; case $trescTmp['tresc_adres_lang3']: $_SESSION['langID'] = 3; break; case $trescTmp['tresc_adres_lang4']: $_SESSION['langID'] = 4; break; } if (isset($_GET['lang']) AND is_numeric($_GET['lang'])) { $_SESSION['langID'] = $_GET['lang']; } } if ($trescTmp['tresc_id'] > 0) { $tresc = mysql_fetch_assoc(mysql_query('SELECT tresc_id, tresc_data_d, tresc_typ, tresc_typ_podstron, tresc_ma_foto, tresc_pokazuj_foto, tresc_ilosc_foto, tresc_ilosc_plikow, tresc_wyrozniona, tresc_tresc_lang6 AS cennik, tresc_class, tresc_na_haslo, tresc_gfx_prefix, tresc_gal_photos_per_row, tresc_galeria_id, tresc_galeria_kat_id, tresc_gal_index_on_one_page, tresc_pole1, tresc_pole2, tresc_jscode, tresc_kolejnosc, tresc_gal_id_slide, tresc_news_kat_id, tresc_form_id, tresc_menu_id, tresc_nazwa_lang' .$_SESSION['langID']. ' AS nazwa, tresc_nazwa_lang' .$_SESSION['langID']. ' AS nazwa1, tresc_tresc_lang' .$_SESSION['langID']. ' AS tresc, tresc_skrot_lang' .$_SESSION['langID']. ' AS skrot, tresc_title_lang' .$_SESSION['langID']. ' AS title, tresc_keywords_lang' .$_SESSION['langID']. ' AS keywords, tresc_description_lang' .$_SESSION['langID']. ' AS description, tresc_adres_lang1, tresc_adres_lang2, tresc_adres_lang3, tresc_adres_lang4 FROM ' .DEF_TAB_tresci. ' WHERE tresc_cms_id = ' .DEF_cmsID . $trescWhere. ' AND tresc_id = ' .$trescTmp['tresc_id'] )); } } elseif ($trescId > 0) { $tresc = mysql_fetch_assoc(mysql_query('SELECT tresc_id, tresc_data_d, tresc_typ, tresc_typ_podstron, tresc_ma_foto, tresc_ilosc_foto, tresc_ilosc_plikow, tresc_wyrozniona, tresc_class, tresc_gal_photos_per_row, tresc_galeria_id, tresc_galeria_kat_id, tresc_news_kat_id, tresc_form_id, tresc_menu_id, tresc_nazwa_lang' .$_SESSION['langID']. ' AS nazwa, tresc_tresc_lang' .$_SESSION['langID']. ' AS tresc, tresc_skrot_lang' .$_SESSION['langID']. ' AS skrot, tresc_title_lang' .$_SESSION['langID']. ' AS title, tresc_keywords_lang' .$_SESSION['langID']. ' AS keywords, tresc_description_lang' .$_SESSION['langID']. ' AS description FROM ' .DEF_TAB_tresci. ' WHERE tresc_cms_id = ' .DEF_cmsID. ' AND tresc_id = ' .$trescId . $trescWhere )); } elseif ($trescId < 0) { $tresc = mysql_fetch_assoc(mysql_query('SELECT tresc_id, tresc_data_d, tresc_typ, tresc_typ_podstron, tresc_ma_foto, tresc_ilosc_foto, tresc_ilosc_plikow, tresc_wyrozniona, tresc_class, tresc_gal_photos_per_row, tresc_galeria_id, tresc_galeria_kat_id, tresc_news_kat_id, tresc_form_id, tresc_menu_id, tresc_nazwa_lang' .$_SESSION['langID']. ' AS nazwa, tresc_tresc_lang' .$_SESSION['langID']. ' AS tresc, tresc_skrot_lang' .$_SESSION['langID']. ' AS skrot, tresc_title_lang' .$_SESSION['langID']. ' AS title, tresc_keywords_lang' .$_SESSION['langID']. ' AS keywords, tresc_description_lang' .$_SESSION['langID']. ' AS description FROM ' .DEF_TAB_tresci. ' WHERE tresc_cms_id = ' .DEF_cmsID. ' AND tresc_id = ' .$trescId . $trescWhere )); } /* if ($tresc['tresc'] == '') { $trescSub = mysql_fetch_assoc(mysql_query('SELECT tresc_id, tresc_typ, tresc_plik_video, tresc_class, tresc_galeria_id, tresc_galeria_kat_id, tresc_news_kat_id, tresc_menu_id, tresc_nazwa_lang' .$_SESSION['langID']. ' AS nazwa, tresc_tresc_lang' .$_SESSION['langID']. ' AS tresc, tresc_skrot_lang' .$_SESSION['langID']. ' AS skrot, tresc_title_lang' .$_SESSION['langID']. ' AS title, tresc_keywords_lang' .$_SESSION['langID']. ' AS keywords, tresc_description_lang' .$_SESSION['langID']. ' AS description FROM ' .DEF_TAB_tresci. ' WHERE tresc_pokazuj = 1 AND tresc_cms_id = ' .DEF_cmsID. ' AND tresc_menu_id = ' .$tresc['tresc_id']. ' ORDER BY tresc_kolejnosc LIMIT 1' )); if ($trescSub['tresc'] <> '') { $tresc = $trescSub; } } */ if ($tresc['tresc_id'] >0 AND strpos($_SERVER['REQUEST_URI'], 'lang=') !== false) { header('Location: /' .$tresc['tresc_adres_lang' . $_SESSION['langID']]. '.html',TRUE,301); exit; } $langAll = mysql_query('SELECT slow_kod, slow_wartosc_lang' .$_SESSION['langID']. ' AS slow_wartosc, slow_wartosc_lang8 FROM ' .DEF_TAB_slowniki. ' WHERE slow_typ = "LANG" AND slow_cms_id IN (1, ' .DEF_cmsID. ') ORDER BY slow_cms_id' ); while ($slowItem = mysql_fetch_assoc($langAll)) { $_LANG[$slowItem['slow_kod']] = $slowItem['slow_wartosc']; $_ISO[$slowItem['slow_kod']] = $slowItem['slow_wartosc_lang8']; } if ($_GET['showArch'] > 0 AND $_SESSION['userID'] > 0) { $trescArch = mysql_fetch_assoc(mysql_query('SELECT txtarch_skrot, txtarch_tresc, txtarch_data_utworzenia FROM ' .DEF_TAB_tresci_arch. ' WHERE txtarch_cms_id = ' .DEF_cmsID. ' AND txtarch_tresc_id = ' .$tresc['tresc_id']. ' AND txtarch_id = ' .$_GET['showArch'] )); $tresc['skrot'] = $trescArch['txtarch_skrot']; $tresc['tresc'] = $trescArch['txtarch_tresc']; $tresc['nazwa'] .= ' (wersja archiwalna z dnia: ' .$trescArch['txtarch_data_utworzenia'] .')'; } if ((! $tresc['tresc_id'] > 0) AND ($urlParam)) { header("HTTP/1.0 404 Not Found"); include('templates/404.php'); exit; } if ($newsKatIdParam > 0) { $newsKatId = $newsKatIdParam; } if ($tresc['tresc_id'] == $config['conf_page_id_main'] AND $config['conf_page_id_main'] > 0) { $tresc['tresc_typ'] = 'Q'; } if ($tresc['tresc_id'] == $config['conf_page_id_contact'] AND $config['conf_page_id_contact'] > 0) { $tresc['tresc_typ'] = 'K'; } if ($tresc['tresc_galeria_kat_id'] > 0) { $tresc['tresc_typ'] = 'G'; $galKatId = $tresc['tresc_galeria_kat_id']; } if ($tresc['tresc_news_kat_id'] > 0) { $tresc['tresc_typ'] = 'N'; $newsKatId = $tresc['tresc_news_kat_id']; $showMenuNews = true; } if (strlen($_GET['search']) > 0) { $tresc['tresc_typ'] = 'W'; $tresc['nazwa'] = 'Wyniki wyszukiwania'; } if ($_SESSION['userID'] > 0) { $bodyClassIns = ' adm'; } if ($tresc['tresc_id'] == $config['conf_page_id_contact'] AND $config['conf_page_id_contact'] > 0) { $bodyClass = 'class="sub kontaktowa lang' .$_SESSION['langID'] . $bodyClassIns. '"'; } else { $bodyClass = 'class="sub lang' .$_SESSION['langID']. ' ' .$tresc['tresc_class'] . $bodyClassIns. '"'; } if ($tresc['tresc_class'] <> '') { $htmlClass = 'class="' .$tresc['tresc_class']. '"'; } $nav = array(); $separator = null; $dummy = getMenuIds($tresc['tresc_id'], DEF_cmsID, $separator, $nav); $sciezka = array(); $rootId = null; foreach($nav AS $map) { $sciezka[] = $map['tresc_id']; } $rootId = $nav[count($nav)-2]['tresc_id']; $rootNazwa = $nav[count($nav)-2]['tresc_nazwa']; if ($tresc['tresc_id'] == 6968) { $tresc['tresc_typ'] = 'D'; } if ($tresc['tresc_menu_id'] == 6958) { $tresc['tresc_typ'] = 'PL'; } if ($tresc['tresc_id'] == 6955) { $tresc['tresc_typ'] = 'NL3'; } if ($tresc['tresc_id'] == 7189) { $tresc['tresc_typ'] = 'TIC'; } if ($tresc['tresc_id'] == 7159) { $tresc['tresc_typ'] = 'PP'; } if (in_array($tresc['tresc_menu_id'], array(6883, 6998, 6972))) { $toNews = true; } switch ($tresc['tresc_typ']) { case 'S': $main = 'page.php'; break; case 'N': $main = 'news.php'; break; case 'M': $main = 'mapa.php'; break; case 'G': $main = 'gallery.php'; $tresc = mysql_fetch_assoc(mysql_query('SELECT gal_id, gal_id AS tresc_galeria_id, gal_nazwa_lang' .$_SESSION['langID']. ' AS nazwa, gal_opis_lang' .$_SESSION['langID']. ' AS skrot FROM ' .DEF_TAB_galerie. ' WHERE gal_pokazuj = 1 AND gal_id = ' .$galId)); $tresc['tresc_typ'] = 'G'; break; case 'GT': $main = 'galleryTresci.php'; break; case 'W': $main = 'search.php'; break; case 'K': $main = 'kontakt.php'; break; case 'D': $main = 'draws.php'; break; case 'PP': $main = 'players.php'; break; case 'PL': $main = 'player.php'; break; case 'NL3': $main = 'newsList.php'; break; case 'TIC': $main = 'tickets.php'; break; default: $main = 'default.php'; $mainPage = true; $bodyClass = 'class="home lang' .$_SESSION['langID'] . $bodyClassIns. '"'; $tresc['tresc_id'] = $config['conf_page_id_main']; $tresc = mysql_fetch_assoc(mysql_query('SELECT tresc_id, tresc_typ, tresc_class, tresc_pole1, tresc_gfx_prefix, tresc_galeria_id, tresc_galeria_kat_id, tresc_gal_id_slide, tresc_news_kat_id, tresc_menu_id, tresc_nazwa_lang' .$_SESSION['langID']. ' AS nazwa, tresc_nazwa_lang' .$_SESSION['langID']. ' AS nazwa1, tresc_tresc_lang' .$_SESSION['langID']. ' AS tresc, tresc_skrot_lang' .$_SESSION['langID']. ' AS skrot, tresc_title_lang' .$_SESSION['langID']. ' AS title, tresc_keywords_lang' .$_SESSION['langID']. ' AS keywords, tresc_description_lang' .$_SESSION['langID']. ' AS description FROM ' .DEF_TAB_tresci. ' WHERE tresc_cms_id = ' .DEF_cmsID. ' AND tresc_id = ' .$config['conf_page_id_main'] )); $sub = null; if ($tresc['title'] == '') { $tresc['title'] = $config['conf_meta_title_lang' . $_SESSION['langID'] ]; } $tresc['tresc_ilosc_foto'] = 3000; $tresc['tresc_ilosc_plikow'] = 3000; } if ($config['conf_toplayer_show'] == 1) { if (($mainPage AND $config['conf_toplayer_show_always'] == 1) OR ($_SESSION['topLayer'] <> 1)) { $classAdv = ' reklama'; $showTopLayer = true; } } include(TEMPLATES . 'rama.php'); if ($_GET['co'] == 'to') { echo $main; } mysqli_close($conn); ?>