_max_signin_attempt) if ((strtoupper($secur)!=strtoupper(capture_session('secur'))) || (capture_session('secur')=='')) send_message("invalid.secur"); update_session('secur',''); $name=capture_request('name'); if (!validate_request($name,'plain','1','255')) send_message("invalid.data"); $kindex=capture_request('kindex'); if (!validate_request($kindex,'number','1','255','1')) send_message("invalid.data"); $conn=mysqli_connect("localhost",_database_user,_database_password,_database_name); if (capture_session('message')==''){ $cdate=return_date('s') . '-' . return_time('s'); mysqli_query($conn,"insert into comment (des,name,cdate,news_index,kind) values ('$des','$name','$cdate','$kindex','0')"); send_message("comment.saved");} $result=mysqli_query($conn,"select name,lan from news where (kindex='$kindex')"); $i=0; $row=mysqli_fetch_row($result); $name=$row[$i++]; $lan=$row[$i++]; mysqli_free_result($result); mysqli_close($conn); header('location:' . _main_url . '/' . lan_code($lan) . '/' . $kindex . '/' . str_replace(" ","-",$name)); exit;} $kindex=capture_request('kindex'); if (!validate_request($kindex,'plain','1','255')) $kindex=''; $conn=mysqli_connect("localhost",_database_user,_database_password,_database_name); $result=mysqli_query($conn,"select kindex from news where (kindex='$kindex')"); $i=0; $row=mysqli_fetch_row($result); $kindex=$row[$i++]; mysqli_free_result($result); $show_related=true; if ($kindex==''){ $name=capture_request('name'); if (!validate_request($name,'plain','1','255')) $name=''; $name=str_replace('-',' ',$name); $show_related=false; $result=mysqli_query($conn,"select kindex from news where (name='$name')"); $i=0; $row=mysqli_fetch_row($result); $kindex=$row[$i++]; mysqli_free_result($result);} $result=mysqli_query($conn,"select name,d1,sublist_index,cdate,hash,des from news where (kindex='$kindex')"); $row=mysqli_fetch_row($result); $i=0; $website_name=$row[$i++]; $d1=$row[$i++]; $sublist_index=$row[$i++]; $cdate=$row[$i++]; $hs=$row[$i++]; $des=$row[$i++]; mysqli_free_result($result); $result=mysqli_query($conn,"select name from sublist where (kindex='$sublist_index')"); $row=mysqli_fetch_row($result); $i=0; $_section=$row[$i++]; mysqli_free_result($result); mysqli_close($conn); $_lan=capture_request('lan'); if ($cdate!='') $_date=str_replace("/",'-',str_replace('-','T',$cdate)); if ($d1!='') $_im=_main_url . '/im/news/' . $d1; $_desc=html2plain($des); for ($n=1; $n<=9; $n++){ $_desc=str_replace('image' . $n,'',$_desc); $_desc=str_replace('video' . $n,'',$_desc); $_desc=str_replace('audio' . $n,'',$_desc);} $_desc=str_replace("\n",' ',$_desc); $_desc=str_replace("\r",'',$_desc); $_desc=trim($_desc); $_desc=less_words($_desc,100); $canonical=_main_url . '/' . $_lan . '/' . $kindex; $main_index=$kindex; require(_main_dir . "/include/include.home.php"); mysqli_query($conn,"update news set visit=visit+1 where (kindex='$kindex')"); $result=mysqli_query($conn,"select embed,smalldes,d1,d2,d3,d4,d5,d6,d7,d8,d9 from news where (kindex='$kindex')"); $i=0; $row=mysqli_fetch_row($result); $embed=$row[$i++]; $smalldes=$row[$i++]; $embed=explode('**',$embed); for ($n=0; $n',$des); $des=str_replace('video' . $n,'',$des); $des=str_replace('audio' . $n,'',$des);} mysqli_free_result($result); $result=mysqli_query($conn,"select name from sublist where (kindex='$sublist_index')"); $i=0; $row=mysqli_fetch_row($result); $sublist_name=$row[$i++]; mysqli_free_result($result); $sublist_label=prin($_lan,'RELATED'); ?>
#

',$b) ?>
',$b) ?>
<? echo $website_name ?>
<? echo $website_name ?>
'') and (n.kindex<>'$main_index')) order by n.kindex desc limit 0,17"); while ($row=mysqli_fetch_array($result)){ $i=0; $name=$row[$i++]; $kindex=$row[$i++]; $d1=$row[$i++]; $h=$row[$i++]; $h=explode(',',$h); if ($h[1]!='') $h=$h[1]; else $h=$h[0]; ?>
<? echo $website_name ?>
'') and (n.kindex<>'$main_index')) order by n.kindex desc limit 0,17"; require(_main_dir . "/include/include.news.php") ?>