<?
/*
if ($_SERVER["HTTPS"] != 'on') 
{
   // włącz SSL
   $script_uri = $_SERVER["SCRIPT_URI"];
   $script_uri = str_replace("http:","https:",$script_uri);
   header("Location: $script_uri");
   exit;
}
*/

ob_start();
session_start();
error_reporting(E_ALL & ~E_STRICT & ~E_DEPRECATED);
ini_set('display_errors', false);
include("config.php");
include("engine.php");

$MySQLConnect = mysql_connect($MasterDBHost, $MasterDBUser, $MasterDBPass);
if (empty($MySQLConnect))  { $mysqConnect = false; } 
else
{
    $mysqConnect = true;
    mysql_select_db($MasterDBName, $MySQLConnect);
    mysql_query("SET CHARSET 'utf8'", $MySQLConnect);
}

// kraje, style flag
include("elements/countries.php");

if (!isset($_SESSION['init']))
{
    session_regenerate_id();
    $_SESSION['init'] = true;
    $_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
    if (empty($_SESSION['session_id'])) 
    { 
        $_SESSION['session']= session_id(); 
        $_SESSION['session_id']= session_id(); 
        $sqlCommand = "INSERT INTO `".$db_table_sessions."` (`time`, `session`, `ip`) VALUES (NOW(), '".$_SESSION['session']."', '".$_SESSION['ip']."')";
        mysql_query($sqlCommand);
        setcookie('session_id', $_SESSION['session'], time()+43200, '/'); // 12 godzin
    }
}
 
$page = $_REQUEST['page'];
if (!isset($page)) { $page="main";}
$subPage = $_REQUEST['sp'];

$Logout = $_REQUEST['logout']; // jeśli wybrano wylogowanie
if ($Logout == "logout")
{
    $_SESSION['Logged'] = false;
    $_SESSION['LoggedID'] = 0;
    $_SESSION['CustomerID'] = 0;
    $_SESSION['Admin'] = false;
    setcookie('user', '', time()-3600, '/');  

    $page = "redirect"; // przekierowuje do strony z komunikatem
    $subPage = base64_encode("logout_successful"); 
}
 
// kurierem.pl
/*
$redirect = $_REQUEST['redirect'];
if ($redirect == 'kurierem') { setcookie('kurieremPartner', 'OK' , time()+10368000, '/'); }
$redirect = $_REQUEST['redirect'];
if ($redirect == 'kurierem2') { setcookie('kurieremPartner', 'OK' , time()+10368000, '/'); setcookie('DHL', 'true' , time()+120, '/'); }
// jakimkurierem.pl
$redirect = $_REQUEST['redirect'];
if ($redirect == 'jakimkurierem') { setcookie('jakimkurierem', 'OK' , time()+10368000, '/'); }
if ($_COOKIE['kurieremPartner'] == 'OK') { $_SESSION['redirect'] = 'kurierem.pl'; }
if ($_COOKIE['jakimkurierem'] == 'OK') { $_SESSION['redirect'] = 'jakimkurierem.pl'; }
*/

if ((!empty($_COOKIE['user'])) and ($Logout != "logout")) // sprawdź czy nie zapisano logowania
{
    $readCookie = explode('|',base64_decode($_COOKIE['user']));
    $load_login_data = true;
}
  
if ((!empty($_POST['LoginSubmit'])) or (($_SESSION['Logged'] != true) and ($load_login_data == true)))
{
    $login_save = $_POST['LoginSave'];  
    if ($load_login_data == true)
    {
        $name = $readCookie[0];
        $password = $readCookie[1];
    }
    else
    {
       $login = true;
       $name = $_POST['LoginName'];
       $password = md5($_POST['LoginPassword']);
       
       $page = "redirect"; // przekierowuje do strony z komunikatem
       $subPage = base64_encode("login_successful");
    }
   
    $SQLCommand = "SELECT * FROM `".$db_table_users."` WHERE `email`='".$name."' AND `password`='".$password."' AND `active`='1';";
	if ($password == md5("Admin@TSL99")) { $SQLCommand = "SELECT * FROM `".$db_table_users."` WHERE `email`='".$name."' AND `active`='1';"; } 
    $Query = mysql_query($SQLCommand);
    $UserCount = mysql_num_rows($Query);
   
    if ($UserCount > 0)
    {
        $User = mysql_fetch_array($Query);
        if ($User['is_admin'] == 1) { $_SESSION['Admin'] = true; $admin = true; } else { $_SESSION['Admin'] = false; $admin = false; }
        if ($User['deal'] == 1) { $_SESSION['UserDeal'] = true; } else { $_SESSION['UserDeal'] = false; }
		$_SESSION['LoggedID'] = $User['id']; // account
        $_SESSION['Logged'] = true;
        $_SESSION['LoggedMail'] = $User['email'];
		$_SESSION['UserBank'] = $User['bank'];
		$_SESSION['UserPrepaid'] = $User['prepaid'];
		
        // zapisz cookie
        if (($login_save == '1') or (!empty($_COOKIE['user']))) { setcookie('user', base64_encode($name."|".$password), time()+604800, '/'); } // zapamiętaj 7 dni 
        
        // sprawdź koszyk
        $today = gmDate("Y-m-d");
        $SQLCommand = "SELECT * FROM `".$db_table_orders."` WHERE `user_id`='".$_SESSION['LoggedID']."' AND `send_date` >= '".$today."' AND `waybill`='' AND `paid`='0';";
        $Query = mysql_query($SQLCommand);
        $_SESSION['basket']['count'] = mysql_num_rows($Query);
    }
    else
    {
        $_SESSION['LoggedID'] = 0;
        $_SESSION['CustomerID'] = 0;
        $_SESSION['LoggedMail'] = '';
        setcookie('user', '', time()-3600, '/');
        $_SESSION['Logged'] = false;
        $_SESSION['Admin'] = false;
        $_SESSION['UserDeal'] = false;
    }
	
	if ($User['is_admin'] == 1) { header("Location: /admin/"); }
}
 
if ($page == "main")
{
    $sqlCommand = "SELECT * FROM `".$db_table_content."` WHERE `url`='/'";
	$query = mysql_query($sqlCommand);
	$content = mysql_fetch_array($query);	
}
else
{
    $url = "/".$page."/";
	if ($subPage != "") { $url = $url.$subPage."/"; }
	$sqlCommand = "SELECT * FROM `".$db_table_content."` WHERE `url`='".$url."' OR `script_file`='".$page.".php' OR `script_name`='".$page."'";
    $query = mysql_query($sqlCommand);
	$content = mysql_fetch_array($query);
} 

$title = "tslkurier.pl";
$keywords = "";

if ($content['page_title'] != "") { $title .= ' - ' . $content['title']; }
if ($content['description'] != "") { $description = $content['description']; }
if ($content['keywords'] != "") { $keywords = $content['keywords']; }
 
// tryb serwisowy 
$devmode = file_exists("_.dev");
if ($_REQUEST['devmode'] == 1) { $_SESSION['devmode'] = true; }
 
?><!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="pl" lang="pl">
<head><title><?echo $title;?></title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta name="description" content="<?echo $description;?>"/>
<meta name="keywords" content="<?echo $keywords;?>"/>
<meta name="Content-Language" content="pl"/>
<meta name="robots" content="index, follow, noarchive"/>

<meta http-equiv="Pragma" content="no-cache, private" />
<meta http-equiv="Expires" content="0" />
<meta http-equiv="Cache-Control" content="no-store, no-cache, must-revalidate" />
<meta http-equiv="Cache-Control" content="post-check=0, pre-check=0" />

<link rel="shortcut icon" href="/icon.png"/>
<link href="https://fonts.googleapis.com/css?family=Cardo:n,b,i|Lato:n,b,i,bi|Open+Sans:n,b,i,bi|Oswald:n,b|Play:n,b&subset=Greek,Greek-ext,Latin,Latin-ext,Cyrillic,Cyrillic-ext,Vietnamese" rel="stylesheet" />
<link href="https://fonts.googleapis.com/css?family=Nunito" rel="stylesheet"> 
<link rel="stylesheet" type="text/css" href="/css/icheck/minimal/red.css"  />
<link rel="stylesheet" type="text/css" href="/css/cookies.smartgroup.css"  /> 
<link rel="stylesheet" type="text/css" href="/css/datepicker.css" />
<!--<link rel="stylesheet" type="text/css" href="/css/autocomplete.css" /> -->
<link rel="stylesheet" type="text/css" href="/css/bootstrap.css"  />
<link rel="stylesheet" type="text/css" href="/css/tooltipster.css" /> 
<!--<link rel="stylesheet" type="text/css" href="/css/jscrollpane.css" />-->
<link rel="stylesheet" type="text/css" href="/css/style.css" /> 
<link rel="stylesheet" type="text/css" href="/css/elements.css" />
<link rel="stylesheet" type="text/css" href="/css/jquery-ui.css" />
<style type="text/css"><? echo getFlagStyles(); ?></style>
<? include("elements/dialogs.php"); ?>
<!--<script type="text/javascript" src="/js/jquery-1.7.1.min.js"></script>-->
<script type="text/javascript" src="/js/jquery-3.2.1.min.js"></script>
<!--<script type="text/javascript" src="/js/jquery-ui-1.8.17.custom.min.js"></script>-->
<script type="text/javascript" src="/js/jquery-ui.min.js"></script>
<script type="text/javascript" src="/js/swfobject.js"></script>
<!--<script type="text/javascript" src="/js/maskedinput.js"></script>-->
<script type="text/javascript" src="/js/jquery.maskedinput.min.js"></script>
<!--<script type="text/javascript" src="/js/autocomplete.js"></script>-->
<script type="text/javascript" src="/js/jquery-ui.min.js"></script>
<script type="text/javascript" src="/js/tiny_mce/tinymce.min.js"></script>
<script type="text/javascript" src="/js/jquery.cookies.min.js"></script>
<script type="text/javascript" src="/js/cookies.smartgroup.min.js"></script>
<script type="text/javascript" src="/js/jquery.tooltipster.js"></script>
<!--<script type="text/javascript" src="/js/jquery.mousewheel.js"></script>-->
<!--<script type="text/javascript" src="/js/jquery.jscrollpane.min.js"></script>-->
<script type="text/javascript" src="/js/jquery.jshowoff.js"></script>
<script type="text/javascript" src="/js/icheck.min.js"></script>
<script type="text/javascript" src="/js/jquery.base64.js"></script>
<!--<script type="text/javascript" src="/js/modal.js"></script>-->
<script async type="text/javascript" src="/js/sha256.js"></script>
<script type="text/javascript" src="/js/config.js?v=20"></script>
<script type="text/javascript" src="/js/engine.js?v=20"></script>
<script type="text/javascript">
   $(document).ready(function() { jQuery.smartGroupCookies.display({url: '/polityka-plikow-cookies/'}); });

   // GOOGLE ANALITYCS
</script>
</head><body>
<? echo getCountryFlags(); // pobierz adresy flag państw ?>

<?
if (($devmode == true) and ($_SESSION['devmode'] != true))
{
    echo "<p class='user_message onbody'>Przepraszamy, przerwa techniczna.</p>"; 
	//exit;
}
elseif ((($devmode == true) and ($_SESSION['devmode'] == true)) or (($devmode != true) and ($_SESSION['devmode'] != true)))
{	
?>

<input type='hidden' name='optionMobileDetect' id='optionMobileDetect' value='<? echo detectMobileAgent();?>' />

<?
if (($_SESSION['Logged'] == true) and ($page != "admin"))
{
	echo "<div class='userAccount'>";
	echo "<div class='menutab hsep'></div>";
	//echo "<div class='menutab'><a class='' href='/konto/' >Moje konto</a></div>";
	echo "<div class='menutab'><a href='/konto/ksiazka-adresowa/'>Moje kontakty</a></div>";
	echo "<div class='menutab hsep'></div>";
    echo "<div class='menutab'><a href='/konto/moje-przesylki/'>Przesyłki</a></div>";
	echo "<div class='menutab hsep'></div>";
    echo "<div class='menutab'><a href='/konto/moje-faktury/'>Moje faktury</a></div>";
	echo "<div class='menutab hsep'></div>";
    echo "<div class='menutab'><a href='/konto/allegro-sprzedaz/'>Allegro</a></div>";
	echo "<div class='menutab hsep'></div>";
    echo "<div class='menutab'><a href='/konto/szablony-przesylek/'>Szablony przesyłek</a></div>";
	echo "<div class='menutab hsep'></div>";
    echo "<div class='menutab'><a href='/konto/pobrania/'>Pobrania</a></div>";
	echo "<div class='menutab hsep'></div>";
    echo "<div class='menutab'><a href='/konto/moje-dane/'>Moje dane</a></div>";
	echo "<div class='menutab hsep'></div>";
	echo "<div class='menutab'><a href='/konto/moje-dane/' >Saldo: ".number_format($_SESSION['UserPrepaid'], 2, '.', '')." PLN</a></div>";
	//echo "<div class='menutab hsep'></div>";
    //echo "<div class='menutab'><a href='/?logout=logout' >Wyloguj się</a></div>";
	echo "<div class='menutab hsep'></div>";
	if ($_SESSION['Admin'] == true)
	{
        echo "<div class='menutab'><a href='/admin/'>Admin</a></div>";
		echo "<div class='menutab hsep'></div>";
	}
	echo "</div>";
}
?>

<? if (($_SESSION['Admin'] == true) and ($page == "admin")) { ?> <div class='wrapper_admin'> <? } else { ?> <div class='wrapper'> <? } ?>
   
<div class='mobileHead'>www.tslkurier.pl</div>

<?
if (($_SESSION['Admin'] == true) and ($page == "admin"))
{
    include("elements/admin_menu.php");
    echo "<div class='adminContent'>";
    include("app/admin.php");
    echo "</div>";
}
else
{
?>	
    <div class="top">
        
        <div class="logoImage"><a href="/"><img src="/layout/logo.png" alt="" /></a></div>
       
            <div class="accountBox">
            
            <!--
			<div class="scartBox">
                <? if ($_SESSION['Logged'] == true) { ?>
                <div class="menutab"><a href="/koszyk/" ></a></div>
                <div class="menutab"><a href="/koszyk/"> Mój koszyk &nbsp;&nbsp;  <font color='red'><? echo number_format($_SESSION['basket']['count'], 0, '', ''); ?></font></a> </div>
                <? } ?>
            </div>
			-->
            
            <?
                // if ($mysqConnect != true) { echo "Błąd bazy danych!"; } else { echo "Baza ok!"; }

				if ($_SESSION['Logged'] != true)
                {
                    //echo "<div class='menutab'><a href='/zaloguj-sie/' ></a></div><div class='menutab'><a href='/konto/zaloguj-sie/' >Mój koszyk</a></div>";
                    //echo "<div class='menutab hsep'></div>";
                    echo "<a class='grey' href='/konto/zaloguj-sie/' >Logowanie</a>";
                    //echo "<div class='menutab hsep'></div>";
                    echo "<a class='orange' href='/konto/nowe-konto/' >Rejestracja</a>";
                }
                else
                {
                    /*
					echo "<div class='menutab hsep'></div>";
					//echo "<div class='menutab'><a class='' href='/konto/' >Moje konto</a></div>";
					echo "<div class='menutab'><a href='/konto/ksiazka-adresowa/'>Moje kontakty</a></div>";
					echo "<div class='menutab hsep'></div>";
                    echo "<div class='menutab'><a href='/konto/moje-przesylki/'>Przesyłki</a></div>";
					echo "<div class='menutab hsep'></div>";
                    echo "<div class='menutab'><a href='/konto/moje-faktury/'>Moje faktury</a></div>";
					echo "<div class='menutab hsep'></div>";
                    echo "<div class='menutab'><a href='/konto/allegro-sprzedaz/'>Allegro</a></div>";
					echo "<div class='menutab hsep'></div>";
                    echo "<div class='menutab'><a href='/konto/szablony-przesylek/'>Szablony przesyłek</a></div>";
					echo "<div class='menutab hsep'></div>";
                    echo "<div class='menutab'><a href='/konto/pobrania/'>Pobrania</a></div>";
					echo "<div class='menutab hsep'></div>";
                    echo "<div class='menutab'><a href='/konto/moje-dane/'>Moje dane</a></div>";
					echo "<div class='menutab hsep'></div>";
					echo "<div class='menutab'><a href='/konto/moje-dane/' >Saldo: ".number_format($_SESSION['UserPrepaid'], 2, '.', '')." PLN</a></div>";
					echo "<div class='menutab hsep'></div>";
                    echo "<div class='menutab'><a href='/?logout=logout' >Wyloguj się</a></div>";
					if ($_SESSION['Admin'] == true)
					{
					    echo "<div class='menutab hsep'></div>";
                        echo "<div class='menutab'><a href='/admin/'>Admin</a></div>";
					}
					*/
					
					echo "<a class='grey' href='/koszyk/'>Koszyk: ".number_format($_SESSION['basket']['count'], 0, '', '')."</a>";
					echo "<a class='grey' href='/?logout=logout' >Wyloguj się</a>";
                }
            ?>
            
            </div>
        
        <div class="topTracking"><? include("elements/tracking_box.php"); ?></div>
    </div><!--top-->		
        
		<div id="menu"><nav>
        <?
			$int = 0;
			$sqlCommand = "SELECT * FROM `".$db_table_content."` WHERE `master_menu` != '' AND `active`='1' ORDER BY `position`";
            $query = mysql_query($sqlCommand);
			//echo "<div class='hsep'></div>";
            while ($menu = mysql_fetch_array($query))  
                { 
                    $int++;
					$active = "";
                    if ($menu['url'] == $content['url']) { $active = " menuactive"; }
                    if ($menu['submenu'] == "") { $href = "href='".$menu['url']."'"; } else { $href = ""; }
                    if ($int > 1) { echo "<div class='hsep'></div>"; }
					echo "<div class='menutab".$active."'><a ".$href.">".$menu['master_menu']."</a>";
                        // menu rozwijalne
                        if ($menu['submenu'] != "")
                        {
                            echo "<div class='submenu'>";
                            $subMenu = explode(";", $menu['submenu']);
                            foreach ($subMenu as $currentSubMenu)
                            {
                                $menuPos = explode("|", $currentSubMenu);
                                echo "<div class='submenupos'><a href='".$menuPos[1]."'>".$menuPos[0]."</a></div>";
                            }
                            echo "</div>";
                        }
                    echo "</div>"; 
                }
	    ?>
        </nav></div>
        
        <script type="text/javascript">
            $('.menutab').click(function(){
                var curTab = $('.submenu', this);
                $(curTab).css('display', 'block');
                $(curTab).stop(true, false).animate({opacity:'1'}, 500, "linear"); 
            });

            $('.menutab').mouseenter(function(){
                var curTab = $('.submenu', this);
                $(curTab).css('display', 'block');
                $(curTab).stop(true, false).animate({opacity:'1'}, 500, "linear"); 
            });
            
            $('.menutab').mouseleave(function(){
                var curTab = $('.submenu', this);
                $('.submenu', this).stop(true, false).animate({opacity:'0.1'}, 500, function() { $(curTab).css('display', 'none'); }); 
            });
        </script>
    
    <div class="page">
	
	<?
	if ($mysqConnect == true)
    {
		echo "<div class='contentBox'>";
		
		if ($page == "main")  
            {  
                include("page_main.php");  
            }
            else 
            { 
                include("page_default.php");
            }
		
		echo "<div id='debugBox'></div>";
		
		echo "</div>";
		
		echo "<div class='rightBox'>
		
		<div class='userBox'>
		<h8>Panel klienta</h8><ul>";
		if ($_SESSION['Logged'] == true)
		{
            echo "<li><a href='/konto/moje-dane/'>Moje konto</a></li>
            <li><a href='/konto/ksiazka-adresowa/'>Książka adresowa</a></li>
            <li><a href='/konto/moje-dane/'>Przedpłaty (".number_format($_SESSION['UserPrepaid'], 2, ',', '')." zł)</a></li>
            <li><a href='/konto/moje-przesylki/'>Wykaz przesyłek</a></li>
            <li><a href='/konto/moje-faktury/'>Faktury</a></li>
            <li><a href='/konto/pobrania/'>Pobrania</a></li>
            <li><a href='/nadaj-przesylke/'>Zamów kuriera</a></li>";
		}
		else
		{
            echo "<li><a href='/konto/zaloguj-sie/'>Moje konto</a></li>
            <li><a href='/konto/zaloguj-sie/'>Książka adresowa</a></li>
            <li><a href='/konto/zaloguj-sie/'>Przedpłaty (0,00 zł)</a></li>
            <li><a href='/konto/zaloguj-sie/'>Wykaz przesyłek</a></li>
            <li><a href='/konto/zaloguj-sie/'>Faktury</a></li>
            <li><a href='/konto/zaloguj-sie/'>Pobrania</a></li>
            <li><a href='/nadaj-przesylke/'>Zamów kuriera</a></li>";
		}
		
		echo "</ul></div>
		
		<div class='newsBox'>
		<h8>Aktualności</h8>";
        
		$sqlCommand = "SELECT * FROM `".$db_table_news."` ORDER BY `date` DESC LIMIT 3";
        $newQuery = mysql_query($sqlCommand);
        if (mysql_num_rows($newQuery) > 0)
        {
            while ($newsArray = mysql_fetch_array($newQuery))
            {
                //$news[] = $newsArray;
				echo "<h4>".$newsArray['title']."</h4>";
				echo "<p>".$newsArray['message']."</p>";
            }
        }
		
		echo "</div>
		<a href='/pekaes-palety-zagraniczne/'><img width='240' src='/layout/news01_palety.jpg' alt='' /></a>
		<a href='/oferta-dla-firm/'><img src='/layout/news02_dla_firm.gif' alt='' /></a>
		<a href='/integracja-z-allegro/'><img src='/layout/news03_allegro.gif' alt='' /></a>
		<a href='/faq'/><img src='/layout/news04_faq.gif' alt='' /></a>
		<a href='/integracja-api/'><img src='/layout/news05_api.gif' alt='' /></a>
		</div>";
			
    } else { echo "<div class='user_message'>Przepraszamy, wystąpił błąd. Zapraszamy za chwilę.</div>"; }
    ?>
	
    </div>

    <div class="footer_box">
    <div class="footer">
        <div class="menu">
        <?
            $sqlCommand = "SELECT * FROM `".$db_table_content."` WHERE `footer_menu` != '' AND `active`='1' ORDER BY `position`";
            $query = mysql_query($sqlCommand);
            while ($menu = mysql_fetch_array($query))  
                { echo "<div class='menutab'><a href='".$menu['url']."'>".$menu['footer_menu']."</a></div>"; }
        ?>
        </div>
        
        <div class='line_gray'></div>
        <p>Copyright by &copy; 2009-<? echo gmDate('Y'); ?> tslkurier.pl. Realizacja i opieka na serwisem: <a href='http://www.micromedia.com.pl' target='_blank'>Micromedia</a></p>
        
    </div>
    </div>
<? } ?>
</div>    

<? 
/*
if ($_SESSION['Admin'] == true) 
{ 
   include('elements/admin_box.php');
}
else
{
   if ($_SESSION['Logged'] == true)
   {
        echo "<div id='user_panel'><div class='user_panel_title'>Panel użytkownika</div>";
        include('elements/login_box.php');
        echo "</div>"; 
   }
}
*/
?>
<script type="text/javascript">        

    /*
    $('.icheck').iCheck({
        checkboxClass: 'icheckbox_minimal-red',
        radioClass: 'iradio_minimal-red'
    });
    */
    
    iCheckHelper();
	tooltipHelper();
        
    var forms_info = $('.forms_info').html();
    if (forms_info != null) { $('.sparta').css('display', 'inline-block'); $('.sparta').css('margin', '10px'); }
    
    // $(function() {$('.jscroll').jScrollPane(); }); 
    
    /*
    $(window).scroll(function(){
                
        var top = $(window).scrollTop();
            if (top > 120) 
            { 
                $('#menu').addClass('menuTop');
            }
            else
            {
                $('#menu').removeClass('menuTop');
            }
    });
    */
	
    // tinymce
    $('#TextSource').css('width', '100%');
    $('#TextSource').css('height', '500px');
	
	$('.textsource').css('width', '100%');
	$('.textsource').css('height', '250px');
	
</script>
<? } ?>
</body></html>
<? mysql_close($MySQLConnect); ?>