<?
include("config/connection.php");
include("functions.php");
$scripttitle=getSetting("SCRIPTTITLE");
$ses_username=$HTTP_SESSION_VARS["ses_username"];
if(!isset($cmd))$cmd=1;
$file="";
switch($cmd)
{
	case 1:$file="mainpage.php";
				if(!empty($vote)&&(!empty($photoid)))
				{
						$id=$photoid;
						if(isset($ratingcookie))
					   {
						if(!(strpos($ratingcookie,"*$id*")===false))
						{
							$msg="You have already rated this!";
						}
					   }
					
						if(isset($vote))
						{
							if(isset($ratingcookie))
							{
								$ratingcookie=$ratingcookie."*$id*";
								setcookie("ratingcookie",$ratingcookie);
							}
							else
							{
								$ratingcookie="*$id*";
								setcookie("ratingcookie",$ratingcookie);
							}
							submitRating($id,$vote);
							$msg="Your rating has been submitted!";
						}
						$username="";

				}
				break;
	case 2:$file="signup.php";
			   if(isset($username))
			   {
			   		$validcode="";
			   		$sql="select * from recipesmembers where username='$username'";
					$res=mysql_query($sql);
					if(mysql_num_rows($res))
					{
						$err=true;
					}
					else
					{
						$act=getSetting("AUTOSIGNUP");
						if($act=="Y")
						{
							$active=1;
						}
						else 
						{
							$active=0;
							$validcode=generateCode();
						}
						$sql="insert into recipesmembers(username,password,email,age,gender,city,country,active,fname,lname,validcode,joindate) values('$username','$password','$email',$age,'$gender','$city','$country',$active,'$fname','$lname','$validcode',now())";
						$res=mysql_query($sql);
						$uniqid=mysql_insert_id();
						if($act=="Y")
						{
							$template=getTemplate("NEWMEMBER");
							$template=str_replace("%username%",$username,$template);
							$template=str_replace("%password%",$password,$template);							
							sendHTMLmail($adminemail,$email,"Welcome to $urldomain",$template);
							$newmember=true;
							$file="login.php";
						}
						else 
						{
							$template=getTemplate("EMAILVALIDATION");
							$template=str_replace("%username%",$username,$template);
							$template=str_replace("%password%",$password,$template);							
							$template=str_replace("%validcode%",$validcode,$template);														
							sendHTMLmail($adminemail,$email,"Validation Code from $urldomain",$template);
							$file="validcode.php";
						}
					}
			   }

				break;
	case 3:$file="login.php";
				 if(isset($username))
				 {
 	  							$sql="select password,active from recipesmembers where username='$username'";
								$result=mysql_query($sql);
								while($row=mysql_fetch_array($result))
								{
									$dbpass=$row[0];
									$active=$row[1];
								}
								if($dbpass==$password)
								{
								   if($active==2)
								   {
   									$error="wu";
									$file="login.php";
								   }
								   else if($active==0) 
								   {
   									$file="validcode.php";
								   }
								   else
								   {
										session_start();
										$ses_username=$username;
										session_register("ses_username");
										if(empty($repusername)&&empty($rphid))
										{
										$username="";
										$file="mainpage.php";
										}
										else if(!empty($rphid))
										{
											$phid=$rphid;
											$file="postcomment.php";
										}
									}
								}
								else
								{
									$error="wu";
									$file="login.php";
								}
				 }			 	
				break;
	case 4:$file="validcode.php";
				 if(isset($username))
				 {
 	  							$sql="select * from recipesmembers where username='$username' and password='$password' and validcode='$validcode'";
								$result=mysql_query($sql);
								if(mysql_num_rows($result))
								{
									$sql="update recipesmembers set active=1 where username='$username'";
									$updated=true;
									mysql_query($sql);
									session_start();
										$ses_username=$username;
										session_register("ses_username");
										$username="";
										$file="mainpage.php";
								}
								else
								{
									$error="wu";
								}
				 }			 	
				break;
		case 5:$file="editprofile.php";
				include("checksession.php");
				if(isset($email))
				{
					if($commentemail=="")$commentemail="N";
					if($messageemail=="")$messageemail="N";
					$sql="update recipesmembers set password='$password',email='$email',age=$age,gender='$gender',city='$city',country='$country',fname='$fname',lname='$lname' where username='$ses_username'";
					$updated=true;
					mysql_query($sql);
				}
				break;
		case 6:$file="viewrecipe.php";
				if(!empty($vote)&&(!empty($recid)))
				{
						$id=$recid;
						if(isset($ratingcookie))
					   {
						if(!(strpos($ratingcookie,"*$id*")===false))
						{
							$msg="You have already rated this!";
						}
					   }
					
						if(isset($vote))
						{
							if(isset($ratingcookie))
							{
								$ratingcookie=$ratingcookie."*$id*";
								setcookie("ratingcookie",$ratingcookie);
							}
							else
							{
								$ratingcookie="*$id*";
								setcookie("ratingcookie",$ratingcookie);
							}
							submitRating($id,$vote);
							$msg="Your rating has been submitted!";
						}
						$username="";

				}
		
				break;					
				
		case 7:
				$rsaveid=$phid;
				include("checksession.php");
				$sql="select * from recipesfavourites where recipeid=$phid and byusername='$ses_username'";
				$res=mysql_query($sql);
				if(!mysql_num_rows($res))
				{
					$sql="insert into recipesfavourites(recipeid,byusername) values($phid,'$ses_username')";
					$res=mysql_query($sql);
					$mheading="Recipe added";
					$mmessage="Recipe has been added to favourites!";
					$file="displaymessage.php";					
			   }
			   else
			   {
					$mheading="Recipe exists";
					$mmessage="Recipe already exists in your favourites!";
					$file="displaymessage.php";					
			   }
				break;					
				
		case 8:$file="recipebox.php";
				include("checksession.php");
				if(isset($rowcount))
				{
							for($i=0;$i<$rowcount;$i++)
							 { 
								if(isset($chk[$i]))
								 {
									$sql="delete from recipesfavourites where favouritesid=$chk[$i]";
									mysql_query($sql);	 	
								 }
							 }
				}
				break;
		case 9:$file="suggestrecipe.php";
				if(isset($title))
				{   $pic=$picture_name;
				      if($picture){
				     //echo $pic; echo "$picture**$instructions**$ingredients**$contributor**$title";     
					$sql="insert into recipesuggestions(instructions,ingredients,contributor,title,picture) values('$instructions','$ingredients','$contributor','$title','$pic')";
					$res=mysql_query($sql);
                     $uniqid=mysql_insert_id();
					 $file=$uniqid.$pic;
					 
							$ext=strchr($picture_name,".");
							$allowable=".jpg,.gif,.GIF,.JPG";
							$allowablearr=split(",",$allowable);
							if(in_array($ext,$allowablearr)){$allowedType=1;}
							else {
							echo "Format Not Supported!(only jpg and gif are allowed)";
							exit;
							}
												 
					copy($picture,"pics/$file"); }
					else { //echo "else";
					$sql="insert into recipesuggestions(instructions,ingredients,contributor,title) values('$instructions','$ingredients','$contributor','$title')";
					mysql_query($sql);

					}
					$mheading="Recipe Sent";
					$mmessage="Recipe has been sent and is waiting for approval!";
					$file="displaymessage.php";		
					}
				break;								
		case 11:$file="searchresults.php";
				break;					
		case 12:$file="postcomment.php";
				$rphid=$phid;
				include("checksession.php");
				if(isset($comment))
				{
					$approved=getSetting("APPROVECOMMENTS");
					$sql="insert into recipescomments(comment,recipeid,byusername,approved,postdate) values('$comment',$phid,'$ses_username','$approved',now())";
					$res=mysql_query($sql);
						$mheading="Comments saved";
						$mmessage="Your comments has been saved!";
						$file="displaymessage.php";					
				}
				break;
				case 13: $file="atozlisting.php";
				break;
				case 14: $file="randomrecipe.php";
				break;
				case 15: $file="recipeoftheday.php";
				break;					
		case 22:
				session_destroy();
				$ses_username="";
			$username="";
				$file="mainpage.php";
				break;
}
?>
<html>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">

<meta http-equiv="Content-Language" content="en-us">
<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<link rel="stylesheet" href="stylesheet.css" type="text/css">

<title><? echo $scripttitle;?></title>
</head>

<body leftmargin="0" rightmargin="0" bottommargin="0" topmargin="0" marginwidth="0" marginheight="0" >

<div align="left"> 
  <? include("header.php"); ?>
</div>

<div align="left"> 
  <table border="0" cellpadding="0" cellspacing="0" width="100%">
    <tr>
      <td width="25%" align="left" valign="top"> 
        <? include("sidelinks.php"); ?>
      </td>
      <td width="75%" align="left" valign="top"> 
        <? include($file); 
		?>
      </td>
    </tr>
  </table>
  <br>
</div>
<div align="left"> 
  <? include("footer.php"); ?>
</div>
																																																																																																																							                                                                                                            </body>

</html>
<? include("conclose.php"); ?>