[code]/* [INSTALL.PHP] */

<HTML>
<HEAD>
  <LINK rel="stylesheet" href="admin.css">
</HEAD>
<BODY>
  <TABLE class="body" align="center" cellpadding="0" cellspacing="0">
	<TR>
	  <TD class="out">
		<TABLE class="inner" cellpadding="0" cellspacing="0">
		  <TR>
			<TD class="lft_top">&nbsp;</TD>
		  </TR>
		  <TR>
			<TD class="lft_ctr">&nbsp;</TD>
		  </TR>
		  <TR>
			<TD class="lft_btm">&nbsp;</TD>
		  </TR>
		</TABLE>
	  </TD>
	  <TD class="ctr">
		<TABLE class="inner" cellpadding="0" cellspacing="0">
		  <TR>
		  	<TD colspan="5" class="ctr_top">&nbsp;</TD>
		  </TR>
		  <TR>
			<TD class="ctr_ctr" colspan="5">
			  <?
			  if(!$_POST['submit']) {
			  	?>
			  	<FORM method="post" action="install.php">
			  	  <TABLE style="width: 100%">
					<TR>
					  <TD style="text-align: right">Username:</TD>
					  <TD><INPUT type="text" name="username" maxlength="25"></TD>
					</TR>
					<TR>
					  <TD style="text-align: right">Password:</TD>
					  <TD><INPUT type="text" name="password" maxlength="25"></TD>
					</TR>
					<TR>
					  <TD style="text-align: right">Database:</TD>
					  <TD><INPUT type="text" name="database" maxlength="25"></TD>
					</TR>
			  	  </TABLE>
			  	</FORM>
			  	<?
			  } else {
				$handle = fopen("config.php","w");
				if(!$handle) {
					echo "Cannot open file";
				} else {
					$username  = $_POST['username'];
					$password  = $_POST['password'];
					$database  = $_POST['database'];
					$content   = "<?\n\$db_username = '".$username."';\n\$db_password = '".$password."';\n\$db_database = '".$database."';\n?>";
					if (fwrite($handle,$content) === FALSE) {
						echo "Cannot write to file";
						exit;
					}

					mysql_connect("localhost",$username,$password);
					mysql_select_db($database);

					mysql_query("
					CREATE TABLE `Ibook` (
					  `id` int(11) NOT NULL auto_increment,
					  `msg_author` varchar(50) NOT NULL default '',
					  `msg_date` varchar(13) NOT NULL default '',
					  `msg_time` varchar(8) NOT NULL default '',
					  `msg_text` text NOT NULL,
					  PRIMARY KEY  (`id`)
					) TYPE=MyISAM
					");

					mysql_query("
					CREATE TABLE `members_Ibook` (
					  `member_id` int(11) NOT NULL auto_increment,
					  `member_name` varchar(50) NOT NULL default '',
					  `member_password` varchar(32) NOT NULL default '',
					  `member_email` varchar(100) NOT NULL default '',
					  `member_pref` int(1) NOT NULL default '1',
					  `member_admin` int(1) NOT NULL default '0',
					  PRIMARY KEY  (`member_id`)
					) TYPE=MyISAM
					");
				}
				fclose($handle);
				refresh("index.php","The I-Book has succesfully being installed.<BR>You're being forwarded to your I-Book.<BR>PS: Don't forget to delete this file!");
			  }
			  ?>
			</TD>
		  </TR>
		  <TR>
			<TD class="ctr_btm_1">&nbsp;</TD>
			<TD class="ctr_btm_2">&nbsp;</TD>
			<TD class="ctr_btm_3" style="width: auto">Copyright I-Products 2004 ©</TD>
			<TD class="ctr_btm_4">&nbsp;</TD>
			<TD class="ctr_btm_5">&nbsp;</TD>
		  </TR>
		</TABLE>
	  </TD>
	  <TD class="out">
		<TABLE class="inner" cellpadding="0" cellspacing="0">
		  <TR>
			<TD class="rgt_top">&nbsp;</TD>
		  </TR>
		  <TR>
			<TD class="rgt_ctr">&nbsp;</TD>
		  </TR>
		  <TR>
			<TD class="rgt_btm">&nbsp;</TD>
		  </TR>
		</TABLE>
	  </TD>
	</TR>
  </TABLE>
</BODY>
</HTML>
<?
function refresh($url, $message) {
	?>
	<HEAD>
	  <META HTTP-EQUIV='Refresh' CONTENT='1 URL=<? echo $url; ?>'>
	</HEAD>
	<?
	echo $message;
}
?>

/* [INDEX.PHP] */

<?
session_start();

include("config.php");

mysql_connect("localhost", $db_username, $db_password);
mysql_select_db($db_database);

?>
<HTML>
<HEAD>
  <TITLE>I-Book V1.0</TITLE>
  <LINK rel="stylesheet" href="Ibook.css">
  <SCRIPT LANGUAGE="JavaScript">

	function changeValue(nwElement, value , textarea) {
		element = document.getElementById(nwElement);
		if(value != "URL*") {
			if(element.value == value) {
				nwValue = "/" + value;
				text    = "[" + value + "]";
			} else {
				nwValue = value;
				text    = "[/" + value + "]";
			}
		} else {
			if(element.value == value) {
				nwValue = "/" + value;
				text    = "[URL name=]";
			} else {
				nwValue = value;
				text    = "[/URL]";
			}
		}
		element.value = nwValue;
		insert(textarea, text);
	}

	function markSelection(txtObj) {
	  if(txtObj.createTextRange) {
 		txtObj.caretPos = document.selection.createRange().duplicate();
  		isSelected = true;
 	  }
 	}

 	function insert(txtName, string) {
	  if(checkBrowser()) {
	  	var txtObj = eval("document.forms[0]." + txtName);
	  	if(txtObj.createTextRange && txtObj.caretPos) {
  		  txtObj.caretPos.text = string;
 		  txtObj.focus();
 		}
 	  } else {
		textarea = document.getElementById(txtName);
		textarea.value = textarea.value.substring(0,textarea.selectionStart) + string + textarea.value.substring(textarea.selectionStart,textarea.value.length)
  	  }
  	}

 	function checkBrowser() {
       var ua = window.navigator.userAgent
       var msie = ua.indexOf( "MSIE " )

       if(msie > 0) {
          return true;
       } else {
          return false;
       }
	}

  </SCRIPT>
</HEAD>
<BODY>
  <TABLE class="body" align="center" cellspacing="0" cellpadding="0">
	<TR>
	  <TD class="top_1">Actions:</TD>
	  <TD class="top_2">&nbsp;</TD>
	  <TD class="top_3">
		<TABLE class="top" cellspacing="0" cellpadding="0">
		  <TR>
			<TD class="top_3_1">&nbsp;</TD>
		  </TR>
		  <TR>
			<TD class="top_3_2">&nbsp;</TD>
		  </TR>
		</TABLE>
	  </TD>
	</TR>
	<TR>
	  <TD class="cnt" colspan="3">
		<A href="?method=1"><IMG src="images_icon/post.png" border="0"></A>
		<A href="register.php"><IMG src="images_icon/register.png" border="0"></A>
		<A href="login.php"><IMG src="images_icon/login.png" border="0"></A>
	  </TD>
	</TR>
	<TR>
	  <TD class="btm" colspan="3">
		<?
		if($_SESSION['username']) {
		  echo '<A href="?method=2"><B class="link">[logout]</B></A>';
		}
		?>
	  </TD>
	</TR>
  </TABLE>
  <BR>
  <TABLE class="body" align="center" cellspacing="0" cellpadding="0">
	<TR>
	  <TD class="top_1">I-Book:</TD>
	  <TD class="top_2">&nbsp;</TD>
	  <TD class="top_3">
		<TABLE class="top" cellspacing="0" cellpadding="0">
		  <TR>
			<TD class="top_3_1">&nbsp;</TD>
		  </TR>
		  <TR>
			<TD class="top_3_2">&nbsp;</TD>
		  </TR>
		</TABLE>
	  </TD>
	</TR>
	<?

	switch($_GET['method']) {
	  case "1";
		addMsg();
		break;
	  case "2";
		logout();
		break;
	  case "3";
		editMsg();
		break;
	  case "4";
		delMsg();
		break;
	  case "5";
		makeAdmin();
		break;
	  case "6";
		decAdmin();
		break;
	  default;
		showMsg();
		break;
	}

	?>
	<TR>
	  <TD class="btm" colspan="3">&nbsp;</TD>
	</TR>
  </TABLE>
</BODY>
</HTML>
<?

function refresh($url, $message) {
  ?>
  <HEAD>
	<META HTTP-EQUIV="Refresh" CONTENT="1 URL=<? echo $url; ?>">
  </HEAD>
  <BODY>
	<TR>
	  <TD class="cnt" colspan="3"><? echo $message; ?></TD>
	</TR>
  </BODY>
  <?
}

function ubb($msg) {
  include("ubb-code.ubb");
  return $msg;
}

function isAdmin() {
  $username  = $_SESSION['username'];
  $sql_query = mysql_query("SELECT member_admin FROM members_Ibook WHERE member_name = '$username'");
  $fetch_mem = mysql_fetch_object($sql_query);
  $admin     = "$fetch_mem->member_admin";
  if($admin == 1 || $admin == 2) {
	return true;
  } else {
	return false;
  }
}

function isOwner() {
  $username  = $_SESSION['username'];
  $sql_query = mysql_query("SELECT member_admin FROM members_Ibook WHERE member_name = '$username'");
  $fetch_mem = mysql_fetch_object($sql_query);
  $admin     = "$fetch_mem->member_admin";
  if($admin == 2) {
	return true;
  } else {
	return false;
  }
}

function showMsg() {

  $sql_query = mysql_query("SELECT * FROM Ibook");
  $count_msg = mysql_num_rows($sql_query);

  if($count_msg < 1) {
	?>
	<TR>
	  <TD class="cnt_empty" colspan="3">No messages found.</TD>
	</TR>
	<?
  } else {

	$count_pages = ceil($count_msg / 10);

	if($_GET['page'] == "") {
	  $page = 1;
	} else {
	  $page = $_GET['page'];
	}

	$start_value = ($page * 10) - 10;

	$sql_query = mysql_query("SELECT * FROM Ibook ORDER BY id DESC LIMIT $start_value, 10");

	while($fetch_msg = mysql_fetch_object($sql_query)) {
	  $msg_id     = "$fetch_msg->id";
	  $msg_author = "$fetch_msg->msg_author";
	  $msg_date   = "$fetch_msg->msg_date";
	  $msg_time   = "$fetch_msg->msg_time";
	  $msg_text   = nl2br("$fetch_msg->msg_text");

	  $query        = mysql_query("SELECT member_email,member_pref,member_id,member_admin FROM members_Ibook WHERE member_name = '$msg_author'");
	  $fetch_author = mysql_fetch_object($query);

	  $author_id    = "$fetch_author->member_id";
	  $author_admin = "$fetch_author->member_admin";
	  $author_pref  = "$fetch_author->member_pref";
	  $author_email = "$fetch_author->member_email";

	  if($color == "" || $color == "#EFEFFF") {
		$color = "#FFFFFF";
	  } else {
		$color = "#EFEFFF";
	  }

	  ?>
	  <TR>
		<TD class="cnt" colspan="3">
		  <TABLE class="cnt" cellspacing="0" cellpadding="0">
			<TR>
			  <TD class="msg_top_1" style="background-color: <? echo $color; ?>">
				<?
				if($author_pref == 1) {
				  echo '<A href="mailto:'.$author_email.'">'.$msg_author.'</A>&nbsp;posted on '.$msg_date.' @ '.$msg_time.':';
				} else {
				  echo $msg_author."&nbsp;posted on ".$msg_date." @ ".$msg_time.":";
				}
				?>
			  </TD>
			  <TD class="msg_top_2" style="background-color: <? echo $color; ?>">
				<?
				if(isAdmin() && $author_admin != 1 && $author_admin != 2) {
				  echo '<A href="?method=5&id='.$author_id.'">[^]</A> ';
				} else if(isAdmin() && $author_admin == 1) {
 				  echo '<A href="?method=6&id='.$author_id.'">[V]</A> ';
				}
				if($msg_author == $_SESSION['username'] || isAdmin()) {
				  echo '<A href="?method=3&id='.$msg_id.'">[EDIT]</A> ';
				  echo '<A href="?method=4&id='.$msg_id.'">[X]</A>';
				} else {
				  echo '&nbsp;';
				}
				?>
			  </TD>
			</TR>
			<TR>
			  <TD class="msg_btm" style="background-color: <? echo $color; ?>" colspan="2"><? echo ubb($msg_text); ?></TD>
			</TR>
		  </TABLE>
		</TD>
	  </TR>
	  <?
	}
	?>
	<TR>
	  <TD class="cnt_btm" colspan="3">
		<?
		if($page != 1) {
		  echo '<A href="?page='.($page - 1).'"><</A>&nbsp;';
		} else {
		  echo '< ';
		}
		for($i = 1; $i < $count_pages + 1; $i++) {
		  if($i != $page) {
			echo '<A href="?page='.$i.'">'.$i.'</A>&nbsp;';
		  } else {
			echo $i.'&nbsp;';
		  }
		}
		if($page < $count_pages) {
		  echo '<A href="?page='.($page + 1).'">></A>&nbsp;';
		} else {
		  echo '>';
		}
	  ?>
	  </TD>
	</TR>
	<?

  }

}

function addMsg() {
  if(!$_POST['submit']) {
	?>
	  <FORM NAME="post" ACTION="?method=1" METHOD="POST">
		<TR>
		  <TD class="cnt" colspan="3">
			<TABLE class="cnt" cellspacing="0" cellpadding="0">
			  <TR>
				<TD style="width: 150px; text-align: right; padding: 3px 10px 3px 10px;">
				  UBB:
				</TD>
				<TD style="padding: 3px 10px 3px 10px;">
				  <INPUT style="width: 40px;" accesskey="b" id="B" title="[B]" type="button" class="button" value="B" onclick="changeValue('B', 'B', 'msg')">
				  <INPUT style="width: 40px;" accesskey="i" id="I" title="[I]" type="button" class="button" value="I" onclick="changeValue('I', 'I', 'msg')">
				  <INPUT style="width: 40px;" accesskey="u" id="U" title="[U]" type="button" class="button" value="U" onclick="changeValue('U', 'U', 'msg')">
				  <INPUT style="width: 40px;" accesskey="n" id="URL*" title="[URL name=]" type="button" class="button" value="URL*" onclick="changeValue('URL*', 'URL*', 'msg')">
				</TD>
			  </TR>
			  <TR>
				<TD style="width: 150px; text-align: right; padding: 3px 10px 3px 10px;">
				  Message:
				</TD>
				<TD style="padding: 3px 10px 3px 10px;">
				  <TEXTAREA id="msg" name="msg" cols="50" rows="6" onSelect="markSelection(this);" onClick="markSelection(this);" onKeyUp="markSelection(this);"></TEXTAREA>
				</TD>
			  </TR>
			  <TR>
				<TD style="width: 150px; text-align: right; padding: 3px 10px 3px 10px;">
				  Smiley's:
				</TD>
				<TD style="padding: 3px 10px 3px 10px;">
				  <A href="#" onclick="javascript:insert('msg', '(a)')"><img src="images_emo/angel.gif" border="0" align='absmiddle' title="(a)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(b)')"><img src="images_emo/balloon.gif" border="0" align='absmiddle' title="(b)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(c)')"><img src="images_emo/camera.gif" border="0" align='absmiddle' title="(c)"></A>
				  <A href="#" onclick="javascript:insert('msg', ':/(')"><img src="images_emo/cry.gif" border="0" align='absmiddle' title=":/("></A>
				  <A href="#" onclick="javascript:insert('msg', '(e)')"><img src="images_emo/email.gif" border="0" align='absmiddle' title="(e)"></A><BR>
				  <A href="#" onclick="javascript:insert('msg', ':$')"><img src="images_emo/embarrassed.gif" border="0" align='absmiddle' title=":$"></A>
				  <A href="#" onclick="javascript:insert('msg', ':)')"><img src="images_emo/happy.gif" border="0" align='absmiddle' title=":)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(h)')"><img src="images_emo/huh.gif" border="0" align='absmiddle' title="(h)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(ow)')"><img src="images_emo/hurt.gif" border="0" align='absmiddle' title="(ow)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(i)')"><img src="images_emo/idea.gif" border="0" align='absmiddle' title="(i)"></A><BR>
				  <A href="#" onclick="javascript:insert('msg', '(k)')"><img src="images_emo/kiss.gif" border="0" align='absmiddle' title="(k)"></A>
				  <A href="#" onclick="javascript:insert('msg', ':d')"><img src="images_emo/laugh.gif" border="0" align='absmiddle' title=":d"></A>
				  <A href="#" onclick="javascript:insert('msg', '(o)')"><img src="images_emo/ooh.gif" border="0" align='absmiddle' title="(o)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(p)')"><img src="images_emo/picasso.gif" border="0" align='absmiddle' title="(p)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(s)')"><img src="images_emo/shades.gif" border="0" align='absmiddle' title="(s)"></A><BR>
				  <A href="#" onclick="javascript:insert('msg', ';)')"><img src="images_emo/wink.gif" border="0" align='absmiddle' title=";)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(z)')"><img src="images_emo/sleep.gif" border="0" align='absmiddle' title="(z)"></A>
				  <A href="#" onclick="javascript:insert('msg', ':(')"><img src="images_emo/sad.gif" border="0" align='absmiddle' title=":("></A>
				  <A href="#" onclick="javascript:insert('msg', '(*)')"><img src="images_emo/star.gif" border="0" align='absmiddle' title="(*)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(w)')"><img src="images_emo/wow.gif" border="0" align='absmiddle' title="(w)"></A><BR>
				  <A href="#" onclick="javascript:insert('msg', '(bo)')"><img src='images_emo/bom.gif' border="0" align='absmiddle' title="(bo)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(g)')"><img src='images_emo/gun.gif' border="0" align='absmiddle' title="(g)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(j)')"><img src='images_emo/joint.gif' border="0" align='absmiddle' title="(j)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(t)')"><img src='images_emo/sick.gif' border="0" align='absmiddle' title="(t)"></A>
				  <A href="#" onclick="javascript:insert('msg', ':p')"><img src='images_emo/tongue.gif' border="0" align='absmiddle' title=":p"></A>
				</TD>
			  </TR>
			  <TR>
				<TD style="padding: 3px 10px 3px 10px; text-align: center;" colspan="2">
				  <INPUT type="submit" name="submit" value="submit">
				</TD>
			  </TR>
			</TABLE>
		  </TD>
		</TR>
	  </FORM>
	<?
  } else {
	  $message = htmlspecialchars($_POST['msg']);

	  if($message != "") {
		if($_SESSION['username']) {
			$author  = $_SESSION['username'];
		} else {
			$author  = "guest";
		}

		$date    = date("D. d.m.y");
		$time    = date("H:i:s");

		$sql_query = mysql_query("SELECT * FROM Ibook WHERE msg_text = '$message'");
		$count     = mysql_num_rows($sql_query);

		if($count < 1) {
		  mysql_query("INSERT INTO Ibook VALUES ('','$author','$date','$time','$message')");
		  refresh("index.php","The message is added to the I-book.<BR>One moment please..");
		} else {
		  refresh("index.php?method=1","The entered message has already been posted.<BR>One moment please..");
		}
	  } else {
		refresh("index.php?method=1","You didn't fill out the complete form.<BR>One moment please..");
	  }
  }
}

function logout() {
	session_destroy();
	refresh("index.php","Logging out..");
}

function editMsg() {
  if($_SESSION['username']) {
	if(!$_POST['submit']) {
	  $msg_id = $_GET['id'];

	  $sql_query = mysql_query("SELECT * FROM Ibook WHERE id = '$msg_id'");
	  $fetch_aut = mysql_fetch_object($sql_query);
	  $author    = "$fetch_aut->msg_author";

	  if(($author == $_SESSION['username'] && $author != "guest") || isAdmin()) {
		$msg_text = "$fetch_aut->msg_text";
		?>
		<FORM NAME="post" ACTION="?method=3" METHOD="POST">
		<TR>
		  <TD class="cnt" colspan="3">
			<TABLE class="cnt" cellspacing="0" cellpadding="0">
			  <TR>
				<TD style="width: 150px; text-align: right; padding: 3px 10px 3px 10px;">
				  UBB:
				</TD>
				<TD style="padding: 3px 10px 3px 10px;">
				  <INPUT style="width: 40px;" accesskey="b" id="B" title="[B]" type="button" class="button" value="B" onclick="changeValue('B', 'B', 'msg')">
				  <INPUT style="width: 40px;" accesskey="i" id="I" title="[I]" type="button" class="button" value="I" onclick="changeValue('I', 'I', 'msg')">
				  <INPUT style="width: 40px;" accesskey="u" id="U" title="[U]" type="button" class="button" value="U" onclick="changeValue('U', 'U', 'msg')">
				  <INPUT style="width: 40px;" accesskey="n" id="URL*" title="[URL name=]" type="button" class="button" value="URL*" onclick="changeValue('URL*', 'URL*', 'msg')">
				</TD>
			  </TR>
			  <TR>
				<TD style="width: 150px; text-align: right; padding: 3px 10px 3px 10px;">
				  Message:
				</TD>
				<TD style="padding: 3px 10px 3px 10px;">
				  <TEXTAREA id="msg" name="msg" cols="50" rows="6" onSelect="markSelection(this);" onClick="markSelection(this);" onKeyUp="markSelection(this);"><? echo $msg_text; ?></TEXTAREA>
				</TD>
			  </TR>
			  <TR>
				<TD style="width: 150px; text-align: right; padding: 3px 10px 3px 10px;">
				  Smiley's:
				</TD>
				<TD style="padding: 3px 10px 3px 10px;">
				  <A href="#" onclick="javascript:insert('msg', '(a)')"><img src="images_emo/angel.gif" border="0" align='absmiddle' title="(a)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(b)')"><img src="images_emo/balloon.gif" border="0" align='absmiddle' title="(b)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(c)')"><img src="images_emo/camera.gif" border="0" align='absmiddle' title="(c)"></A>
				  <A href="#" onclick="javascript:insert('msg', ':/(')"><img src="images_emo/cry.gif" border="0" align='absmiddle' title=":/("></A>
				  <A href="#" onclick="javascript:insert('msg', '(e)')"><img src="images_emo/email.gif" border="0" align='absmiddle' title="(e)"></A><BR>
				  <A href="#" onclick="javascript:insert('msg', ':$')"><img src="images_emo/embarrassed.gif" border="0" align='absmiddle' title=":$"></A>
				  <A href="#" onclick="javascript:insert('msg', ':)')"><img src="images_emo/happy.gif" border="0" align='absmiddle' title=":)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(h)')"><img src="images_emo/huh.gif" border="0" align='absmiddle' title="(h)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(ow)')"><img src="images_emo/hurt.gif" border="0" align='absmiddle' title="(ow)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(i)')"><img src="images_emo/idea.gif" border="0" align='absmiddle' title="(i)"></A><BR>
				  <A href="#" onclick="javascript:insert('msg', '(k)')"><img src="images_emo/kiss.gif" border="0" align='absmiddle' title="(k)"></A>
				  <A href="#" onclick="javascript:insert('msg', ':d')"><img src="images_emo/laugh.gif" border="0" align='absmiddle' title=":d"></A>
				  <A href="#" onclick="javascript:insert('msg', '(o)')"><img src="images_emo/ooh.gif" border="0" align='absmiddle' title="(o)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(p)')"><img src="images_emo/picasso.gif" border="0" align='absmiddle' title="(p)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(s)')"><img src="images_emo/shades.gif" border="0" align='absmiddle' title="(s)"></A><BR>
				  <A href="#" onclick="javascript:insert('msg', ';)')"><img src="images_emo/wink.gif" border="0" align='absmiddle' title=";)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(z)')"><img src="images_emo/sleep.gif" border="0" align='absmiddle' title="(z)"></A>
				  <A href="#" onclick="javascript:insert('msg', ':(')"><img src="images_emo/sad.gif" border="0" align='absmiddle' title=":("></A>
				  <A href="#" onclick="javascript:insert('msg', '(*)')"><img src="images_emo/star.gif" border="0" align='absmiddle' title="(*)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(w)')"><img src="images_emo/wow.gif" border="0" align='absmiddle' title="(w)"></A><BR>
				  <A href="#" onclick="javascript:insert('msg', '(bo)')"><img src='images_emo/bom.gif' border="0" align='absmiddle' title="(bo)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(g)')"><img src='images_emo/gun.gif' border="0" align='absmiddle' title="(g)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(j)')"><img src='images_emo/joint.gif' border="0" align='absmiddle' title="(j)"></A>
				  <A href="#" onclick="javascript:insert('msg', '(t)')"><img src='images_emo/sick.gif' border="0" align='absmiddle' title="(t)"></A>
				  <A href="#" onclick="javascript:insert('msg', ':p')"><img src='images_emo/tongue.gif' border="0" align='absmiddle' title=":p"></A>
				</TD>
			  </TR>
			  <TR>
				<TD style="padding: 3px 10px 3px 10px; text-align: center;" colspan="2">
				  <INPUT type="hidden" name="id" value="<? echo $msg_id; ?>">
				  <INPUT type="submit" name="submit" value="submit">
				</TD>
			  </TR>
			</TABLE>
		  </TD>
		</TR>
		</FORM>
		<?
	  } else {
		refresh("index.php","This message isn't posted by you.<BR>You can't edit this post.<BR>One moment please..");
	  }
	} else {
	  $message = htmlspecialchars($_POST['msg']);

	  if($message != "") {
		$msg_id = $_POST['id'];
		mysql_query("UPDATE Ibook SET msg_text = '$message' WHERE id = '$msg_id'");
		refresh("index.php","The message is altered.<BR>One moment please..");
	  } else {
		refresh("index.php?method=1","You didn't fill out the complete form.<BR>One moment please..");
	  }
	}
  } else {
	refresh("login.php","To post a message, you have to be logged in.<BR>One moment please..");
  }
}

function delMsg() {
  if($_SESSION['username']) {
	$msg_id = $_GET['id'];


	$sql_query = mysql_query("SELECT msg_author FROM Ibook WHERE id= '$msg_id'");
	$fetch_mem = mysql_fetch_object($sql_query);
	$author    = "$fetch_mem->msg_author";

	if($author == $_SESSION['username'] || isAdmin()) {
	  mysql_query("DELETE FROM Ibook WHERE id = '$msg_id' LIMIT 1");
	  refresh("index.php","The post is deleted.<BR>One moment please..");
	} else {
	  refresh("index.php","This message isn't posted by you.<BR>You can't delete this post.<BR>One moment please..");
	}
  } else {
	refresh("login.php","To edit a message of your own, you have to be logged in.<BR>One moment please..");
  }
}

function makeAdmin() {
  if($_SESSION['username']) {
	if(isAdmin()) {
	  $member_id = $_GET['id'];

	  mysql_query("UPDATE members_Ibook SET member_admin = 1 WHERE member_id = '$member_id'");
	  refresh("index.php","The user has been made an admin.<BR>One moment please..");
	} else {
	  refresh("index.php","You're not an administrator.<BR>One moment please..");
	}
  } else {
	refresh("login.php","You're not logged in correctly.<BR>Please try again..");
  }
}

function decAdmin() {
  if($_SESSION['username']) {
	if(isAdmin()) {
	  $member_id = $_GET['id'];

	  $sql_query = mysql_query("SELECT member_admin FROM members_Ibook WHERE member_id = '$member_id'");
	  $fetch_mem = mysql_fetch_object($sql_query);

	  $member_admin = "$fetch_mem->member_admin";

	  if($member_admin == 1) {
		mysql_query("UPDATE members_Ibook SET member_admin = 0 WHERE member_id = '$member_id'");
		refresh("index.php","The admin has been made an user.<BR>One moment please..");
	  } else if($member_admin == 2) {
		refresh("index.php","The user you were trying to decrease was the owner of this I-Book.<BR>Because of that, it is impossible to complete you're request.<BR>One moment please..");
	  } else {
		refresh("","The user you were trying to decrease was already a user.<BR>One moment please..");
	  }
	} else {
	  refresh("index.php","You're not an administrator.<BR>One moment please..");
	}
  } else {
	refresh("login.php","You're not logged in correctly.<BR>Please try again..");
  }
}
?>

/* [REGISTER] */

<?
session_start();

include("config.php");

mysql_connect("localhost", $db_username, $db_password);
mysql_select_db($db_database);

?>
<HTML>
<HEAD>
  <TITLE>I-Book V1.0</TITLE>
  <LINK rel="stylesheet" href="Ibook.css">
</HEAD>
<BODY>
  <TABLE class="body" align="center" cellspacing="0" cellpadding="0">
	<TR>
	  <TD class="top_1">Register:</TD>
	  <TD class="top_2">&nbsp;</TD>
	  <TD class="top_3">
		<TABLE class="top" cellspacing="0" cellpadding="0">
		  <TR>
			<TD class="top_3_1">&nbsp;</TD>
		  </TR>
		  <TR>
			<TD class="top_3_2">&nbsp;</TD>
		  </TR>
		</TABLE>
	  </TD>
	</TR>
	  <?
	  if(!$_SESSION['username']) {
		if(!$_POST['submit']) {
		  ?>
		  <FORM NAME="post" ACTION="" METHOD="POST">
			<TR>
			  <TD class="cnt" colspan="3">
				<TABLE class="cnt" cellspacing="0" cellpadding="0">
				  <TR>
					<TD style="width: 150px; text-align: right; padding: 3px 10px 3px 10px;">
					  Username:
					</TD>
					<TD style="padding: 3px 10px 3px 10px;">
					  <INPUT type="text" name="username" maxlength="50">
					</TD>
				  </TR>
				  <TR>
					<TD style="width: 150px; text-align: right; padding: 3px 10px 3px 10px;">
					  Password:
					</TD>
					<TD style="padding: 3px 10px 3px 10px;">
					  <INPUT type="password" name="password" maxlength="25">
					</TD>
				  </TR>
				  <TR>
					<TD style="width: 150px; text-align: right; padding: 3px 10px 3px 10px;">
					  Verification:
					</TD>
					<TD style="padding: 3px 10px 3px 10px;">
					  <INPUT type="password" name="verify" maxlength="25">
					</TD>
				  </TR>
				  <TR>
					<TD style="width: 150px; text-align: right; padding: 3px 10px 3px 10px;">
					  E-mail:
					</TD>
					<TD style="padding: 3px 10px 3px 10px;">
					  <INPUT type="text" name="email" maxlength="100">
					</TD>
				  </TR>
				  <TR>
					<TD style="width: 150px; text-align: right; padding: 3px 10px 3px 10px;">
					  Show E-mail:
					</TD>
					<TD style="padding: 3px 10px 3px 10px;">
					  <INPUT type="radio" name="show" value="0">No&nbsp;&nbsp;<INPUT type="radio" name="show" value="1" checked>Yes
					</TD>
				  </TR>
				  <TR>
					<TD style="padding: 3px 10px 3px 10px; text-align: center;" colspan="2">
					  <INPUT type="submit" name="submit" value="submit">
					</TD>
				  </TR>
				</TABLE>
			  </TD>
			</TR>
		  </FORM>
		  <?
		} else {
		  $username = htmlspecialchars($_POST['username']);
		  $password = md5($_POST['password']);
		  $verify   = md5($_POST['verify']);
		  $email    = $_POST['email'];
		  $show     = $_POST['show'];

		  if($username != "" && $password != "" && $verify != "" && $email != "" && $show != "") {

			$sql_query = mysql_query("SELECT * FROM members_Ibook WHERE member_name = '$username'");
			$count_mem = mysql_num_rows($sql_query);

			if($count_mem == 0 && $username != "guest") {
			  if($password == $verify) {
				if(checkEmail($email)) {
				  $sql_query = mysql_query("SELECT * FROM members_Ibook");
				  $count     = mysql_num_rows($sql_query);

				  if($count < 1) {
					mysql_query("INSERT INTO members_Ibook VALUES ('','$username','$password','$email','$show','2')");
				  } else {
					mysql_query("INSERT INTO members_Ibook VALUES ('','$username','$password','$email','$show','0')");
				  }

				  $_SESSION['username'] = $username;
				  refresh("index.php","You're succesfully registered.<BR>You're being forwarded to the I-Book.<BR>One moment please..");
				} else {
				  refresh("register.php","The entered e-mail address isn't valid.<BR>Please try again..");
				}
			  } else {
				refresh("register.php","The password didn't match the verification.<BR>Please try agian..");
			  }
			} else {
			  refresh("register.php","The name you entered already exists.<BR>Please try again..");
			}
		  } else {
			refresh("register.php","You didn't fill out the complete form.<BR>Please try again..");
		  }
		}
	  } else {
		refresh("index.php","You're already logged in.<BR>You're being forwarded to the I-Book.");
	  }
	  ?>
	<TR>
	  <TD class="btm" colspan="3">&nbsp;</TD>
	</TR>
  </TABLE>
</BODY>
<?

function refresh($url, $message) {
  ?>
  <HEAD>
	<META HTTP-EQUIV="Refresh" CONTENT="1 URL=<? echo $url; ?>">
  </HEAD>
  <BODY>
	<TR>
	  <TD class="cnt" colspan="3"><? echo $message; ?></TD>
	</TR>
  </BODY>
  <?
}

function checkEmail($email) {
	return ereg("[A-Za-z0-9_-]+([\.]{1}[A-Za-z0-9_-]+)*@[A-Za-z0-9-]+([\.]{1}[A-Za-z0-9-]+)+",$email);
}

?>

/* [LOGIN.PHP] */

<?
session_start();

include("config.php");

mysql_connect("localhost", $db_username, $db_password);
mysql_select_db($db_database);

?>
<HTML>
<HEAD>
  <TITLE>I-Book V1.0</TITLE>
  <LINK rel="stylesheet" href="Ibook.css">
</HEAD>
<BODY>
  <TABLE class="body" align="center" cellspacing="0" cellpadding="0">
	<TR>
	  <TD class="top_1">Login:</TD>
	  <TD class="top_2">&nbsp;</TD>
	  <TD class="top_3">
		<TABLE class="top" cellspacing="0" cellpadding="0">
		  <TR>
			<TD class="top_3_1">&nbsp;</TD>
		  </TR>
		  <TR>
			<TD class="top_3_2">&nbsp;</TD>
		  </TR>
		</TABLE>
	  </TD>
	</TR>
	  <?
	  if(!$_SESSION['username']) {
		if(!$_POST['submit']) {
		  ?>
		  <FORM NAME="post" ACTION="?method=1" METHOD="POST">
			<TR>
			  <TD class="cnt" colspan="3">
				<TABLE class="cnt" cellspacing="0" cellpadding="0">
				  <TR>
					<TD style="width: 150px; text-align: right; padding: 3px 10px 3px 10px;">
					  Username:
					</TD>
					<TD style="padding: 3px 10px 3px 10px;">
					  <INPUT type="text" name="username" maxlength="50">
					</TD>
				  </TR>
				  <TR>
					<TD style="width: 150px; text-align: right; padding: 3px 10px 3px 10px;">
					  Password
					</TD>
					<TD style="padding: 3px 10px 3px 10px;">
					  <INPUT type="password" name="password" maxlength="25">
					</TD>
				  </TR>
				  <TR>
					<TD style="padding: 3px 10px 3px 10px; text-align: center;" colspan="2">
					  <INPUT type="submit" name="submit" value="submit">
					</TD>
				  </TR>
				</TABLE>
			  </TD>
			</TR>
		  </FORM>
		  <?
		} else {
		  $username = $_POST['username'];

		  $sql_query = mysql_query("SELECT member_password FROM members_Ibook WHERE member_name = '$username'");
		  $count_mem = mysql_num_rows($sql_query);

		  if($count_mem != "" && $count_mem != 0) {
			$fetch_password = mysql_fetch_object($sql_query);
			$password = "$fetch_password->member_password";
			if($password == md5($_POST['password'])) {
			  $_SESSION['username'] = $username;
			  refresh("index.php","Login information correct.<BR>You're being forwarded to the I-Book.");
			} else {
			  refresh("login.php","Login information incorrect.<BR>Please try again..");
			}
		  } else {
			refresh("login.php","Login information incorrect.<BR>Please try again..");
		  }
		}
	  } else {
		refresh("index.php","You're already logged in.<BR>You're being forwarded to the I-Book.");
	  }
	  ?>
	<TR>
	  <TD class="btm" colspan="3">&nbsp;</TD>
	</TR>
  </TABLE>
</BODY>
<?

function refresh($url, $message) {
  ?>
  <HEAD>
	<META HTTP-EQUIV="Refresh" CONTENT="1 URL=<? echo $url; ?>">
  </HEAD>
  <BODY>
	<TR>
	  <TD class="cnt" colspan="3"><? echo $message; ?></TD>
	</TR>
  </BODY>
  <?
}

?>

/* [UBB-CODE.UBB] */

<?
// Smileys

$msg = str_replace("(a)", "<img src='images_emo/angel.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(A)", "<img src='images_emo/angel.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(b)", "<img src='images_emo/balloon.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(B)", "<img src='images_emo/balloon.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(c)", "<img src='images_emo/camera.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(C)", "<img src='images_emo/camera.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace(":/(", "<img src='images_emo/cry.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(e)", "<img src='images_emo/email.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(E)", "<img src='images_emo/email.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace(":$", "<img src='images_emo/embarrassed.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace(":)", "<img src='images_emo/happy.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(h)", "<img src='images_emo/huh.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(H)", "<img src='images_emo/huh.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(ow)", "<img src='images_emo/hurt.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(OW)", "<img src='images_emo/hurt.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(i)", "<img src='images_emo/idea.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(I)", "<img src='images_emo/idea.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(k)", "<img src='images_emo/kiss.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(K)", "<img src='images_emo/kiss.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace(":d", "<img src='images_emo/laugh.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace(":D", "<img src='images_emo/laugh.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(o)", "<img src='images_emo/ooh.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(O)", "<img src='images_emo/ooh.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(p)", "<img src='images_emo/picasso.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(P)", "<img src='images_emo/picasso.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(s)", "<img src='images_emo/shades.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(S)", "<img src='images_emo/shades.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace(";)", "<img src='images_emo/wink.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(z)", "<img src='images_emo/sleep.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(Z)", "<img src='images_emo/sleep.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace(":(", "<img src='images_emo/sad.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(*)", "<img src='images_emo/star.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(w)", "<img src='images_emo/wow.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(W)", "<img src='images_emo/wow.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(bo)", "<img src='images_emo/bom.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(BO)", "<img src='images_emo/bom.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(g)", "<img src='images_emo/gun.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(G)", "<img src='images_emo/gun.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(j)", "<img src='images_emo/joint.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(J)", "<img src='images_emo/joint.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(t)", "<img src='images_emo/sick.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace("(T)", "<img src='images_emo/sick.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace(":p", "<img src='images_emo/tongue.gif' align='absmiddle' border='0'>", $msg);
$msg = str_replace(":P", "<img src='images_emo/tongue.gif' align='absmiddle' border='0'>", $msg);

// UBB

$msg = preg_replace("/\[b\][\n\r]*(.*?)\[\/b\]/is",'<B>\\1</B>', $msg);
$msg = preg_replace("/\[B\][\n\r]*(.*?)\[\/B\]/is",'<B>\\1</B>', $msg);
$msg = preg_replace("/\[B\][\n\r]*(.*?)\[\/b\]/is",'<B>\\1</B>', $msg);
$msg = preg_replace("/\[b\][\n\r]*(.*?)\[\/B\]/is",'<B>\\1</B>', $msg);
	
$msg = preg_replace("/\[i\][\n\r]*(.*?)\[\/i\]/is",'<I>\\1</I>', $msg);
$msg = preg_replace("/\[I\][\n\r]*(.*?)\[\/I\]/is",'<I>\\1</I>', $msg);
$msg = preg_replace("/\[I\][\n\r]*(.*?)\[\/i\]/is",'<I>\\1</I>', $msg);
$msg = preg_replace("/\[i\][\n\r]*(.*?)\[\/I\]/is",'<I>\\1</I>', $msg);
	
$msg = preg_replace("/\[u\][\n\r]*(.*?)\[\/u\]/is",'<U>\\1</U>', $msg);
$msg = preg_replace("/\[U\][\n\r]*(.*?)\[\/U\]/is",'<U>\\1</U>', $msg);
$msg = preg_replace("/\[U\][\n\r]*(.*?)\[\/u\]/is",'<U>\\1</U>', $msg);
$msg = preg_replace("/\[u\][\n\r]*(.*?)\[\/U\]/is",'<U>\\1</U>', $msg);
	
$msg = preg_replace("/\[URL name=*(.*?)\][\n\r]*(.*?)\[\/URL\]/is",'<A href="\\2" target="_blank">\\1</A>', $msg);
$msg = preg_replace("/\[URL name=*(.*?)\][\n\r]*(.*?)\[\/url\]/is",'<A href="\\2" target="_blank">\\1</A>', $msg);
$msg = preg_replace("/\[url name=*(.*?)\][\n\r]*(.*?)\[\/URL\]/is",'<A href="\\2" target="_blank">\\1</A>', $msg);
$msg = preg_replace("/\[url name=*(.*?)\][\n\r]*(.*?)\[\/url\]/is",'<A href="\\2" target="_blank">\\1</A>', $msg);

?>
[/code]