<?php
if (!isset($_GET['content']) || empty ($_GET['content'])) $_GET['content'] = '/startseite';

    if (strpos ($_GET['content'], '/logout/') !== false) {
        session_start();
        unset($_SESSION['admin']);
        header("Location: ".$_SERVER['PHP_SELF']);
        die();
    }
    if (isset ($_GET['content']) && !empty ($_GET['content'])) {
        if (strpos ($_GET['content'], '../') !== false) die ('Zugriffsverletzung !');
        if ($_GET['content'] [0] != '/') $_GET['content'] = '/' . $_GET['content'];
    }




    if (!file_exists('content' . $_GET['content'] . '.php')) $_GET['content'] = '/error/keine_seite';

    require ('../lib/extras.init.php');

    $shows = 0;
    if (!isset($_GET['content'])) $_GET['content'] = '/startseite';
    if (!file_exists('content'.$_GET['content'].'.php')) $_GET['content'] = '/error/keine_seite';
    if (!isset($_SESSION['admin']) || empty ($_SESSION['admin'])) $_SESSION['admin'] = '0';
    if(isset($_POST['check']) AND $_POST['check'] == "Login") {

        $sql = sql::$db->query("SELECT admin_name, admin_pass FROM "._VMS_."_seitenkonfig LIMIT 1");
        $page = $sql -> fetch();
                
        if($_POST['loginname'] == $page['admin_name'] AND $_POST['passwort'] == $page['admin_pass']) {
            $_SESSION['admin'] = 1;
            header("Location: ".$_SERVER['PHP_SELF']."?".$_SERVER['QUERY_STRING']);
        }
    }

?>

<!DOCTYPE html>
<html lang='de'>
    <head>
        <title>..:: Adminforce ::..</title>
        <meta charset="UTF-8">
        <meta name="generator" content="vms-script">
        <meta name="Author" content="Designerscripte.net">
        <meta name="Publisher" content="Designerscripte.net">
        <meta name="Keywords" content="vms,paid4,loginscript">
        <meta name="Description" content="Verdien was Du willst">
        <meta name="Robots" content="INDEX,FOLLOW">
        <link rel="stylesheet" href="../css/main.css" type="text/css">
    </head>

    <body>
    <noscript><div style="font: 10pt Arial; color: #ff0000; text-align: center;">Um <b>alle Funktionen des Adminforce</b> nutzen zu k&ouml;nnen, bitte <b>JavaScript aktivieren</b>!</div></noscript>
    <div id="wrapper">
        <header id="header_1">
            <div id="topbar">
                <div id="topbar_left">
                    <ul>
                        <li><a href="?content=/startseite">Startseite</a></li>
                        <?php if($_SESSION['admin'] == 1){?>
                            <li><a href="?content=/bilanzsystem">Bilanz</a></li>
                            <li><a href="?content=/usersystem/liste">Userliste</a></li>
                        <?php } ?>
                    </ul>
                </div>
                <div id="topbar_right">
                    <ul>
                        <li><a href="<?php echo $system['domain']; ?>">Userseite</a></li>

                    <?php if($_SESSION['admin'] != 1){?>
                    <li>
                        <form  method="post">
                            <input type="Text" class ="topbar_input" name="loginname" value="<?php echo $_POST['nickname'];?>" placeholder="Username">
                            <input type="Password" class ="topbar_input" name="passwort" value="" placeholder="Passwort">
                            <button type="submit" name="check" value="Login">Login</button>
                        </form>
                   </li>
                    <?php }else{ ?>
                        <li><a href="?content=/logout/">Logout</a></li>
                    <?php } ?>
                    </ul>
                </div>
            </div>
        </header>

        <br style="clear:both; font-size:0px;">
        <div id="content">
            <div id="left">
                <?php if($_SESSION['admin'] == 1) require_once('lib/menue_links.php');?>
            </div>
            <div id="middle">
                <?php if($_SESSION['admin'] == 1) require_once('content'.$_GET['content'].'.php'); ?>
            </div>
        </div>
    </div>
</body>
</html>