/************************************************************************/ /* FlatNuke - Flat Text Based Content Management System */ /* ============================================ */ /* */ /* Copyright (c) 2003-2004 by Simone Vellei */ /* http://flatnuke.sourceforge.net */ /* */ /* This program is free software. You can redistribute it and/or modify */ /* it under the terms of the GNU General Public License as published by */ /* the Free Software Foundation; either version 2 of the License. */ /************************************************************************/ include "header.php"; include_once "functions.php"; include_once "themes/$theme/theme.php"; $host = getparam("HTTP_HOST", PAR_SERVER, SAN_FLAT); $self = getparam("PHP_SELF", PAR_SERVER, SAN_FLAT); $url = "http://".$host.$self; $url = str_replace(basename($url),"",$url); // Security convertions $news = getparam("news",PAR_GET,SAN_FLAT); $mod = getparam("mod",PAR_GET,SAN_FLAT); $file = getparam("file",PAR_GET,SAN_FLAT); // no action for empty datas if( ($news == "") and ($mod == "")) die(_NONPUOI); // intercept possible directory changes if(stristr($mod,"..")) die(_NONPUOI); if(stristr($file,"..")) die(_NONPUOI); if(stristr($news,"..")) die(_NONPUOI); // print the news if($news!=""){ if(!file_exists("news/$news.xml")) { OpenTable(); print("
";
echo "$header $body"; echo " |
" ;
if($file=="") {
if(file_exists("sections/$mod/section.php"))
include("sections/$mod/section.php");
} else include("sections/$mod/$file");
/* Gestisce la galleria con gallery */
if(file_exists("sections/$mod/gallery")) {
echo " "; include("gallery/gallery.php"); } echo " |