top.location='$this_file?uid=$uid_enc&cid=$cid#frmForum'"); } else echo(""); } else echo(""); exit; } } else if (isset($_GET['action'])) { $action=secureinput($_GET['action']); if ($action=='hapus') { $cid=secureinput($_GET['cid']); $perintah="SELECT parent_cid FROM tm_content where cid=$cid"; $hasil=mysql_query($perintah);// OR die(mysql_error()); while ($row=mysql_fetch_array($hasil)) { $parent_cid=$row["parent_cid"]; } $perintah="SELECT judul FROM tm_content where cid=$parent_cid"; $hasil=mysql_query($perintah);// OR die(mysql_error()); while ($row=mysql_fetch_array($hasil)) { $judul_log=addslashes($row["judul"]); } if (isset($_GET['uid'])) $uid_log=dekripsi($_GET['uid']); $perintah="SELECT nama FROM tm_users where uid='$uid_log'"; $hasil=mysql_query($perintah);// OR die(mysql_error()); while ($row=mysql_fetch_array($hasil)) { $nama_log=$row["nama"]; } $perintah="insert into log_delete values('GALERI','Delete GALERI (DISKUSI): $judul_log','$nama_log',now())"; mysql_query($perintah);// or die (mysql_error()); $perintah="delete from tm_content where cid=$cid"; mysql_query($perintah);// or die (mysql_error()); } } $action=enkripsi($this_file); if (isset($_GET['uid'])) $uid=dekripsi($_GET['uid']); else $uid=dekripsi($_POST['uid']); // [2] Validasi GPCS variabel uid $uid = secureinput("$uid"); $is_login=islogin("$uid"); if ($is_login===1) { // [3] Detail data // [4] Start custom code $perintah="SELECT * FROM tm_users where uid='$uid'"; $hasil=mysql_query($perintah);// OR die(mysql_error()); while ($row=mysql_fetch_array($hasil)) { $no_id_tmp=$row["no_id"]; $level_tmp=$row["level"]; } // [4] End custom code // [5] Enkripsi semua variabel $uid=enkripsi("$uid"); } if (isset($_GET['action'])) $cid=$parent_cid; else $cid=lowsecure($_GET["cid"]); if (strlen($cid)==0) $cid=0; $perintah="select cid from tm_content where cid=parent_cid and cid=$cid"; $hasil=mysql_query($perintah);// OR die(mysql_error()); $n_data=mysql_numrows($hasil); if ($n_data==1) $perintah="select (select cid from tm_content where cid=parent_cid and jenis='GALERI' and cid < $cid order by cid desc limit 1) as cid_prev,(select cid from tm_content where jenis='GALERI' and cid=parent_cid and cid > $cid order by cid limit 1) as cid_next from tm_content where jenis='GALERI' and cid=$cid"; else { $perintah="select cid from tm_content where cid=parent_cid and jenis='GALERI' order by cid desc limit 1"; $hasil=mysql_query($perintah);// OR die(mysql_error()); while ($row=mysql_fetch_array($hasil)) { $cid=$row["cid"]; } $perintah="select (select cid from tm_content where cid=parent_cid and jenis='GALERI' and cid < $cid order by cid desc limit 1) as cid_prev,(select cid from tm_content where cid=parent_cid and jenis='GALERI' and cid > $cid order by cid limit 1) as cid_next from tm_content where jenis='GALERI' and cid=$cid"; } $hasil=mysql_query($perintah);// OR die(mysql_error()); while ($row=mysql_fetch_array($hasil)) { $cid_prev=$row["cid_prev"]; $cid_next=$row["cid_next"]; } if (strlen($cid_prev)==0) $cid_prev=0; if (strlen($cid_next)==0) $cid_next=0; $perintah="select * from tm_content where cid=parent_cid and cid=$cid"; $hasil=mysql_query($perintah);// OR die(mysql_error()); while ($row=mysql_fetch_array($hasil)) { $judul=$row["judul"]; $tgl_update=$row["tgl_update"]; $no_id=$row["no_id"]; } $perintah="select judul from tm_content where cid=$cid_prev"; $hasil=mysql_query($perintah);// OR die(mysql_error()); while ($row=mysql_fetch_array($hasil)) { $judul_prev=$row["judul"]; } $perintah="select judul from tm_content where cid=$cid_next"; $hasil=mysql_query($perintah);// OR die(mysql_error()); while ($row=mysql_fetch_array($hasil)) { $judul_next=$row["judul"]; } $this_info=$judul; $perintah="select rid,banner_url from tm_rekanan where banner_code='GALERI' and now() between banner_tgl_mulai and banner_tgl_selesai"; $hasil=mysql_query($perintah);// OR die(mysql_error()); while ($row=mysql_fetch_array($hasil)) { $rid=$row["rid"]; $banner_url=$row["banner_url"]; } if (strlen($rid)==0) { $img_url="_iklan/940x32.jpg"; $banner_url='_files/iklan.pdf'; } else $img_url="_iklan/rekanan$rid.jpg"; ?> | \n"); echo("if (isMobile()) document.location='http://m.picanto-indonesia.com/galeri.php?cid=$cid';\n"); echo(""); } if ($is_login===1) { echo("\n"); echo("\n"); } ?>