<?

require("admin/inc/dbConn.inc.php");

$_CFG['PATHS']['ROOT'] = '';

function IsAccessAllowed($pf)
{
	$s = pathinfo(realpath(preg_replace('/\?$/','', $pf)));
	if ($s['extension'] == 'php')
		return false;
	return true;
}

/*if ($_GET['c'])
{
	header("Pragma: no-cache");
	header("Cache-Control: no-cache");
	header("expires: 0");
}*/


//----------------------------------------------------
//	 s t y l e

if (($css = $_GET['css']).'		' != '		')
{

	$out = '';
	$sql = "SELECT st_array	FROM st_style";
	$r = mysql_query($sql);
	echo mysql_error();
	while(list($st_arr) = mysql_fetch_row($r))
	{
		$st_arr = unserialize(stripslashes($st_arr));
		if (is_array($st_arr))
			while(list($sn, $ss) = each($st_arr))
				$out .= $sn." { ".$ss."}\n";
	}
	
	header("Content-type: text/css");
	echo "/* styles */\n".$out;
	exit();
}


//----------------------------------------------------
//	 l a y o u t  s t y l e

if (isset($_GET['layout_css']) && (int)$_GET['layout_css'] > 0)
{
	$out	= '';
	$stl	= array();
	$styles	= array();
	$letter = array();

	$l_defs = $_CFG['LETTERS']['PADS'];

	$sql	= 'SELECT * FROM layout WHERE id = '.(int)$_GET['layout_css'];
	$res	= mysql_query($sql); echo mysql_error();
	$dt		= mysql_fetch_assoc($res);
	unset($dt['id'], $dt['name'], $dt['active'], $dt['modified'], $dt['modified_by'] );
	
	foreach ($l_defs as $l => $d_pad)
	{
		$st_name = 'ml_letter_'.$l;
		list($img_path, $img_file, $img_ext) = explode('@', $dt[$st_name]);
		if ($img_file == '')
		{
			$url = $_CFG['MAINPAGE_URL'].'img/letter_'.$l.'.gif';
			$pad = $d_pad;
		}
		else
		{
			$url = $_CFG['MAINPAGE_URL'].$img_path.$img_file;
			$pad = ($dt[$st_name.'_pad']) ? $dt[$st_name.'_pad'] :$d_pad;
		}
		$letter[] = "A#".$st_name." { background-image:url('".$url."'); padding-left:".$pad."px; }\n";			
	}
	
	$out .= "\n".implode('', $letter)."\n";


	foreach ($dt as $st_name => $st_val)
	{	
		if (preg_match('/^ml_/i', $st_name))
		{
			//list($img_path, $img_file, $img_ext) = explode('@', $st_val);
		}
		elseif (!preg_match('/weight$/i', $st_name))
		{
			$pos  = preg_replace('/(_bg_clr|_fnt_clr|_brd_clr|_bg_img)$/i', '', $st_name);
			$stl[$pos][] = str_replace($pos, '', $st_name);	
		}
	}

	
	foreach ($stl as $st_group => $st_vals)
	{
		$out .= ".ls_".$st_group." {\n";
		
		foreach ($st_vals as $stval)
		{	
			if ($stval == '_bg_clr')
				$out .= "    background-color:#".$dt[$st_group.$stval]." !important;\n";
			else if ($stval == '_fnt_clr')
				$out .= "    color:#".$dt[$st_group.$stval]." !important;\n";
			else if ($stval == '_brd_clr')
				$out .= "    border-color:#".$dt[$st_group.$stval]." !important;\n";
			else if ($stval == '_bg_img')
			{
				list($img_path, $img_file, $img_ext) = explode('@', $dt[$st_group.$stval]);
				$out .= "    background-image:url('".$_CFG['MAINPAGE_URL'].$img_path.$img_file."') !important;\n";
			}

			if ($st_group == 'hdr' && $stval == '_fnt_clr')
				$append_stl['.ls_'.$st_group.' A'][] = 'color:#'.$dt[$st_group.$stval].' !important;';
			
			if ($st_group == 'rbar_prod' && $stval == '_fnt_clr')
				$append_stl['.ls_'.$st_group.' A'][] = 'color:#'.$dt[$st_group.$stval].' !important;';
		}

		$out .= "}\n\n";
	}
	
	
	foreach ((array) $append_stl as $s_name => $s_vals)
		$out .= $s_name." {\n    ".implode("\n    ", $s_vals)."\n}\n\n";
	
	header("Content-type: text/css");
	echo "/* layout styles */\n".$out;
	exit;
}


//----------------------------------------------------
//	 p l i k i    z    r e p o z y t o r i u m

elseif (($fr = $_GET['fr']).'		' != '		')
{
	$fr = (int)$fr;
	$sql = "SELECT upl_file FROM file_repository WHERE id = '".$fr."';";
	$r = mysql_query($sql);
	$d = mysql_fetch_row($r);
	list($path, $name, $mime, $fname) = split('@', $d[0], 4);

	$pathname = $_CFG['PATHS']['ROOT'].$path.$name;
	$f = @fopen( $pathname,"r");
	if (!$f) exit('0'); 
	$len = filesize($pathname);

	$op = ($_GET['op'] == 1) ? 1 : 0;
	$disp = $_CFG['FILE_DOWN'][0][$op];

	header("Content-type: ".$mime );
	header("Content-Length: ".$len );
	header("Content-Disposition: ".$disp."; filename=\"".$fname."\"");
}

//----------------------------------------------------
//	 o b r a z k i     z     r e p o z y t o r i u m

elseif (($pr = $_GET['pr']).'		' != '		')
{
	
	$mimes = array( "image/gif" => 'gif', "image/jpeg" => 'jpg', "image/pjpeg" => "jpg" );
	$_MIMES = array_flip( $mimes );
	
	$pr = (int)$pr;

	$sql = "SELECT image FROM image_repository WHERE id = '".$pr."';";
	$d = mysql_fetch_row(mysql_query($sql));
	list($path, $file, $type) = split('@', $d[0], 3);
	
	$pathname = $_CFG['PATHS']['ROOT'].$path.$file;
	$f = @fopen( $pathname, "r");
	if (!$f) exit('0'); 
	$len = filesize($pathname);

	header("Content-type: ".$_MIMES[$type] );
	header("Content-Length: ".$len );
	header("Content-Disposition: inline; filename=\"".$fname."\"");
}


//----------------------------------------------------
//	 o b r a z k i     d o   l i s t y

elseif (($il = (int)$_GET['il']) > 0)
{
	
	$sql = "SELECT path FROM images WHERE id_image = '".$il."';";
	list($pathname) = mysql_fetch_row(mysql_query($sql));
	
	$pathname = $_CFG['PATHS']['ROOT'].$pathname;
	$f = @fopen( $pathname, "r");
	if (!$f) exit('0'); 
	$len = filesize($pathname);

	header("Content-Length: ".$len );
	header("Content-Disposition: inline; filename=\"".basename($pathname)."\"");
}

//----------------------------------------------------
//	 o b r a z k i   z   t e m p a

elseif (($t = (int)$_GET['t']) > 0)
{
	$pathname = $_CFG['PATHS']['ROOT'].$_CFG['PATHS']['TEMP'].$t;
	$f = @fopen( $pathname, "r");
	if (!$f) exit('0'); 
	$len = filesize($pathname);

	header("Content-Length: ".$len );
	header("Content-Disposition: inline; filename=\"".basename($pathname)."\"");
}

//----------------------------------------------------
//	 o b r a z k i   z  d o c _ e d y t o r a

else
{
	$pathname = $_GET['f'];

	if (IsAccessAllowed($pathname))	{
		$pathname = $_CFG['PATHS']['ROOT'].$pathname;
		$f = @fopen( $pathname,"r");
		if (!$f) exit('0'); 
		$len = filesize($pathname);
	} else
		exit('0');
	
	header("Content-Length: ".$len );
	header("Content-Disposition: inline; filename=\"".basename($pathname)."\"");
}

if ($f)
	fpassthru($f);
else
	echo "0";