<?
define('ROOT_DIR', '/WWW/radiocent/radiocent.ru/www');
$cron=1;
include(ROOT_DIR.'/config.php');
include(ROOT_DIR.'/constants.php');
include(TEMPLATES_DIR.'/helpers.php');
include(CLASS_DIR.'/autoload.php');

Db_Mysql::init(MYSQL_HOST, MYSQL_LOGIN, MYSQL_PASSWORD, MYSQL_DB);

$mysqlClass = Db_Mysql::getInstance();
$mysqlClass -> query("SET NAMES UTF8");
$mysqlClass -> query('set character UTF8');

$actions = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH); 
$actions = explode("/", $actions);
$action = $actions[1];

/* temporary fix */
if ($actions[2]=='article') {
	$table = 'article';
	$subaction = @$actions[3];
}
else {
	$table = 'station';
	$subaction = @$actions[2];
}

	
if ($action=='comment') {
	$parent = intval($subaction);
	$ok = (@$_GET['ok']?1:0);
	
	switch ($table) {
		case 'article':
			$query = "SELECT id,title,title_id as title_index 
					  FROM article
					  WHERE id=".$parent." and status=1
					  ";
			break;
			
		case 'station':
			$query = "SELECT id,title,title_index 
					  FROM pls_radiocent 
					  WHERE id=".$parent." and status=1
					  ";
			break;
	}
			  
	$item = $mysqlClass -> query($query) 
			  -> fetchAssoc();
	//$latin = ($item['title_index']!=''?$item['title_index']:'');
	
	if (is_array($item)) {
		if ($item['title_index']!='') {
			Header("Location: http://www.radiocent.ru/".$table."/".$item['title_index']."/".($ok?'?ok=1':''));		
		}
		else {
			Header("Location: http://www.radiocent.ru/".$table."/".$item['id']."/".str2url($item['title'], 255)."/".($ok?'?ok=1':''));
		}
	}
	else echo "Not found";
	exit;
}

if ($action=='check' or $action=='add') {
	foreach($_POST as $name => $val)
	{
		$val = str_replace(" ", "+", $val);
		if ($name!='hash' && $name!='id') 
		{
			$out[$name] = mysql_escape_string(trim(iconv('windows-1251', 'utf-8',base64_man_decode($val))));
		}
		elseif ($name=='id')
		{
			$out[$name] = $_POST['id'];
		}
	}

	$ss = md5($out['id'].'forgetallthat');
	
	if ($action=='check' and $out['result']!=200) 
	{	
		$out_result = explode("|", $out['result']);
		$out['result'] = $out_result[0];
		$out['comment'] = $out_result[1];
	}
	elseif ($action=='add' and isset($out['genre']))
	{
		$out['result'] = 'add';
		$out['comment'] = $out['genre'];
	}
	
	if ( $_POST['hash'] == $ss) 
	{
		$result = $mysqlClass 
			-> query("insert into `check` values ('{$out['id']}', '{$out['name']}', '{$out['url']}', '{$out['result']}', '{$out['comment']}', '{$_SERVER['REMOTE_ADDR']}', '{$_SERVER['GEOIP_COUNTRY_CODE']}','".date("Y-m-d H:i:s")."');");
	}
	else {
		$result = $mysqlClass 
			-> query("insert into `check` values ('{$out['id']}', 'HASH ERROR|{$out['name']}', '{$out['url']}', '{$out['result']}', '{$out['comment']}', '{$_SERVER['REMOTE_ADDR']}', '{$_SERVER['GEOIP_COUNTRY_CODE']}','".date("Y-m-d H:i:s")."');");
	}
}	

$mysqlClass -> close();


/* func */	
	
function base64_man_decode($string)
{
	$table = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
	$i=0;
	while ($i<strlen($string))
	{
		$y=0;
		do {
			if ($string[$i+$y]=='=') $cpos[$y]=0;
			else {
				$cpos[$y]=strpos($table,$string[$i+$y]);
			}
			
			$y++;
		} while($y<4);

		$binbyte[0] = (($cpos[0] << 2) | ($cpos[1] >> 4));
		$binbyte[1] = (($cpos[1] << 4) | ($cpos[2] >> 2));
		$binbyte[2] = ((($cpos[2] & 0x03 )<< 6) | ($cpos[3] & 0x3f));
		
		
		$decbuf[$i - ($i / 4)] = $binbyte[0]; 
		$decbuf[$i - ($i / 4) + 1] = $binbyte[1];
		$decbuf[$i - ($i / 4) + 2] = $binbyte[2];

		$i+=4;
	}
	foreach ($decbuf as $n) @$decoded .= chr($n);
	return $decoded;
}	

?>