Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • osian/sucs-site
  • kais58/sucs-site
  • imranh/sucs-site
  • foshjedi2004/sucs-site
  • gigosaurus/sucs-site
  • matstn/sucs-site
  • ripp_/sucs-site
  • eggnog/sucs-site
  • sucssite/sucs-site
  • elbows/sucs-site
  • realitykiller/sucs-site
  • crox/sucs-site
  • vectre/sucs-site
  • welshbyte/sucs-site
  • paperclipman/sucs-site
15 results
Show changes
Hide whitespace changes
Inline Side-by-side
Showing
with 4003 additions and 2297 deletions
components/planet.php deleted 100644 → 0
View file @ 1047ded3
<?php
$smarty->assign("title", "Planet SUCS");
$smarty->assign("rss_url", "http://planet.sucs.org/rss20.xml");
$smarty->assign("atom_url", "http://planet.sucs.org/atom.xml");
// Read planet output from where (we hope) Planet wrote it
$body = file_get_contents($base."static/Community/Planet.txt");
$smarty->assign("body", $body);
?>
components/planetconfig.php deleted 100644 → 0
View file @ 1047ded3
<?php
// component to dynamically generate a configuration file for the Planet feed aggregator
global $base;
// where to put the generated config file?
$outputfile = $base."lib/venus/sucs/generatedconfig.ini";
// Where Planet should output its generated files to
$planetoutputdir = $base."htdocs/planet";
$sucsdbname = "sucs";
$hackergotchipath = "/var/www/sucssite/htdocs/pictures/people/";
// open connection to sucs database
$sucsDB = NewADOConnection('postgres8');
$sucsDB->Connect('dbname='.$sucsdbname.' user=apache');
$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC);
// fetch blogroll
$blogroll = $sucsDB->GetAll("SELECT username, blogfeed AS feeduri FROM members WHERE syndicateblog=TRUE");
// figure out whether each user has a hackergotchi picture
foreach($blogroll as &$blog) {
if (is_file($hackergotchipath.$blog['username'].".png")) {
$blog['hackergotchi'] = TRUE;
} else {
$blog['hackergotchi'] = FALSE;
}
}
$smarty->assign("blogroll", $blogroll);
$smarty->assign("planetoutputdir", $planetoutputdir);
$config = $smarty->fetch("planetconfig.tpl");
file_put_contents($outputfile, $config);
?>
components/planetposts.php deleted 100644 → 0
View file @ 1047ded3
<?php
// number of recent planet entries we want to return
$num_entries = 5;
unset($result);
$planetposts = array();
$xmldata = @file_get_contents("../htdocs/planet/atom.xml");
if (!$xmldata) {
trigger_error("No planet atom.xml data loaded", E_USER_WARNING);
return;
}
$simplexml = simplexml_load_string($xmldata);
$xml = $simplexml->children('http://www.w3.org/2005/Atom');
foreach ($xml->entry as $entry) {
$planetposts[] = array(
"post" => $entry->title,
"post_uri" => $entry->link->attributes()->href,
"user" => $entry->author->name,
"user_uri" => $entry->author->uri
);
}
$planetposts = array_slice($planetposts, 0, $num_entries);
$smarty->assign('planetposts', $planetposts);
$result = $smarty->fetch('planetposts.tpl');
?>
components/printer.graph.php
View file @ e9d41fb4
<? <?php
include("adodb/adodb.inc.php");
$sucsDB = NewADOConnection('postgres8');
$sucsDB->Connect('dbname=sucs user=apache');
$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC);
$res = $sucsDB->Execute("select username, sum(pages) as pages from printer where username != 'old' group by username order by sum(pages) desc"); $res = $sucsDB->Execute("select username, sum(pages) as pages from printer where username != 'old' group by username order by sum(pages) desc");
$num = $res->RecordCount(); $num = $res->RecordCount();
for ($i=0;$i<$num;$i++) { for ($i = 0; $i < $num; $i++) {
$row[$i] = $res->FetchRow(); $row[$i] = $res->FetchRow();
if ($i < 12) if ($i < 12) {
{ $item[] = $row[$i]['username'];
$item[]=$row[$i]['username']; $slice[] = $row[$i]['pages'];
$slice[]=$row[$i]['pages']; } else {
} $otherSize += $row[$i]['pages'];
else { }
$otherSize += $row[$i]['pages']; }
}
}
// $itemName[]="Other"; // $itemName[]="Other";
// $sliceSize[]=$otherSize; // $sliceSize[]=$otherSize;
$slice = array_merge(array($otherSize),$slice); $slice = array_merge(array($otherSize), $slice);
$item = array_merge(array("Other"), $item); $item = array_merge(array("Other"), $item);
/* echo "<pre>"; /* echo "<pre>";
print_r($slice); print_r($slice);
print_r($item);*/ print_r($item);*/
include("../../lib/pieChart.php"); include("../../lib/pieChart.php");
piechart("Top 12, Users of Printing", $slice, $item,0) piechart("Top 12, Users of Printing", $slice, $item, 0)
?> ?>
\ No newline at end of file
components/printer.php
View file @ e9d41fb4
...@@ -4,42 +4,39 @@ ...@@ -4,42 +4,39 @@
* Ported from old site by tswsl1989 * Ported from old site by tswsl1989
* *
*/ */
$max=10; //Set this to number of users to display in chart $max = 10; //Set this to number of users to display in chart
$timestamp = '2014-02-05 18:29:02+00'; //display printer stats since this time $timestamp = '2014-02-05 18:29:02+00'; //display printer stats since this time
$smarty->assign('title',"Printer Statistics"); $smarty->assign('title', "Printer Statistics");
$sucsDB = NewADOConnection('postgres8');
$sucsDB->Connect('dbname=sucs user=apache');
$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC);
// $out="<img src=\"/images/printer.graph.php\" alt=\"pie chart of top 12 printer users\"/>"; // $out="<img src=\"/images/printer.graph.php\" alt=\"pie chart of top 12 printer users\"/>";
$table="<table border=1 cellpadding=3>\n<tr>\n<th>Username</th>\n<th>Pages</th>\n<th>Projected Monthly Usage</th>\n<th>Printed This Month</th>\n<th>What it would cost in the library</th></tr>\n"; $table = "<table border=1 cellpadding=3>\n<tr>\n<th>Username</th>\n<th>Pages</th>\n<th>Projected Monthly Usage</th>\n<th>Printed This Month</th>\n<th>What it would cost in the library</th></tr>\n";
//pull in all the current users (ie not old) who have printed stuff //pull in all the current users (ie not old) who have printed stuff
$res = $sucsDB->Execute("select username, sum(pages) as pages from printer where username != 'old' AND start > '".$timestamp."' group by username order by sum(pages) desc"); $res = $sucsDB->Execute("select username, sum(pages) as pages from printer where username != 'old' AND start > '" . $timestamp . "' group by username order by sum(pages) desc");
$num = $res->RecordCount(); $num = $res->RecordCount();
//for each row stuff the infomation into an array, then free up the database resorces //for each row stuff the infomation into an array, then free up the database resorces
for ($i=0;$i<$num;$i++) { for ($i = 0; $i < $num; $i++) {
$data[$i] = $res->FetchRow(); $data[$i] = $res->FetchRow();
$data[$i]['month'] = 0; $data[$i]['month'] = 0;
} }
$res->Close(); $res->Close();
//get the second since epoch //get the second since epoch
$thisSecond = time(); $thisSecond = time();
//for each user who has printed stuff add the first printed time (since epoch) to the array //for each user who has printed stuff add the first printed time (since epoch) to the array
for ($i=0;$i<$num;$i++) { for ($i = 0; $i < $num; $i++) {
$res = $sucsDB->Execute("select date_part('epoch',start) as first from printer where username ='".$data[$i]['username']."' order by start asc limit 1;"); $res = $sucsDB->Execute("select date_part('epoch',start) as first from printer where username ='" . $data[$i]['username'] . "' order by start asc limit 1;");
$temp = $res->FetchRow(); $temp = $res->FetchRow();
$data[$i]['first'] = $temp['first']; $data[$i]['first'] = $temp['first'];
$res->Close(); $res->Close();
} }
$res = $sucsDB->Execute("select username, pages, start from printer where username != 'old'"); $res = $sucsDB->Execute("select username, pages, start from printer where username != 'old'");
$datesnum = $res->RecordCount();//for each row stuff the infomation into an array, then free up the database resorces $datesnum = $res->RecordCount();//for each row stuff the infomation into an array, then free up the database resorces
for ($i=0;$i<$datesnum;$i++) { for ($i = 0; $i < $datesnum; $i++) {
$dates[$i] = $res->FetchRow($res, $i); $dates[$i] = $res->FetchRow($res, $i);
} }
$res->Close(); $res->Close();
...@@ -47,50 +44,47 @@ $res->Close(); ...@@ -47,50 +44,47 @@ $res->Close();
// get the current month // get the current month
$theMonth = date("m"); $theMonth = date("m");
$theYear = date("Y"); $theYear = date("Y");
for ($i=0;$i<$datesnum;$i++) { for ($i = 0; $i < $datesnum; $i++) {
$userMonth = substr($dates[$i]['start'], 5, 2); $userMonth = substr($dates[$i]['start'], 5, 2);
$userYear = substr($dates[$i]['start'], 0, 4); $userYear = substr($dates[$i]['start'], 0, 4);
if (($userMonth == $theMonth) && ($userYear == $theYear)) { if (($userMonth == $theMonth) && ($userYear == $theYear)) {
for ($j=0;$j<$num;$j++) { for ($j = 0; $j < $num; $j++) {
if ($data[$j]['username'] == $dates[$i]['username']) { if ($data[$j]['username'] == $dates[$i]['username']) {
$data[$j]['month'] += $dates[$i]['pages']; $data[$j]['month'] += $dates[$i]['pages'];
} }
} }
} }
} }
//start the total counter //start the total counter
$total = 0; $total = 0;
//for each user.. print a row in the table //for each user.. print a row in the table
for ($i=0;$i<$num;$i++) { for ($i = 0; $i < $num; $i++) {
$table.="<tr align=\"center\">\n"; $table .= "<tr align=\"center\">\n";
$table.="<td>{$data[$i]['username']}</td>\n"; $table .= "<td>{$data[$i]['username']}</td>\n";
$table.="<td>{$data[$i]['pages']}</td>\n"; $table .= "<td>{$data[$i]['pages']}</td>\n";
//avg pages per month = seconds in a month / (now - first print) * pages //avg pages per month = seconds in a month / (now - first print) * pages
$crazyGuess = round((2629743.83/($thisSecond-$data[$i]['first']))*$data[$i]['pages']); $crazyGuess = round((2629743.83 / ($thisSecond - $data[$i]['first'])) * $data[$i]['pages']);
//if the user has only started printing in the last month its not sensible to give a guess of average useage //if the user has only started printing in the last month its not sensible to give a guess of average useage
if ($thisSecond-$data[$i]['first'] <= 2629743.83) { if ($thisSecond - $data[$i]['first'] <= 2629743.83) {
$table.="<td>Not enough data</td>\n"; $table .= "<td>Not enough data</td>\n";
} } //traffic lights for pinter useage, adjust values as required
//traffic lights for pinter useage, adjust values as required elseif ($crazyGuess <= 25) {
elseif($crazyGuess <= 25) { $table .= "<td BGCOLOR=\"Green\">" . $crazyGuess . "</td>\n";
$table.="<td BGCOLOR=\"Green\">".$crazyGuess."</td>\n"; } elseif ($crazyGuess <= 33) {
} $table .= "<td BGCOLOR=\"Orange\">" . $crazyGuess . "</td>\n";
elseif($crazyGuess <= 33) { } else {
$table.="<td BGCOLOR=\"Orange\">".$crazyGuess."</td>\n"; $table .= "<td BGCOLOR=\"Red\">" . $crazyGuess . "</td>\n";
} }
else{ if ($data[$i]['month'] >= 300) {
$table.="<td BGCOLOR=\"Red\">".$crazyGuess."</td>\n"; $table .= "<td BGCOLOR=\"Red\">{$data[$i]['month']}</td>\n";
} } else {
if ($data[$i]['month'] >= 300) { $table .= "<td>{$data[$i]['month']}</td>\n";
$table.="<td BGCOLOR=\"Red\">{$data[$i]['month']}</td>\n"; }
} else { $table .= "<td>" . sprintf("£ %01.2f", round(0.05 * $data[$i]['pages'], 2)) . "</td>\n";
$table.="<td>{$data[$i]['month']}</td>\n"; //add this users useage to the total
} $total += $data[$i]['pages'];
$table.="<td>".sprintf("£ %01.2f",round(0.05*$data[$i]['pages'],2))."</td>\n"; $table .= "</tr>\n";
//add this users useage to the total
$total += $data[$i]['pages'];
$table.="</tr>\n";
} }
//get the first print date //get the first print date
...@@ -104,16 +98,16 @@ $res->Close(); ...@@ -104,16 +98,16 @@ $res->Close();
//get the number of pages printed by "old" users and add it to the total //get the number of pages printed by "old" users and add it to the total
$res = $sucsDB->Execute("select sum(pages) as pages from printer where username = 'old' group by username order by sum(pages) desc"); $res = $sucsDB->Execute("select sum(pages) as pages from printer where username = 'old' group by username order by sum(pages) desc");
$old = $res->FetchRow(); $old = $res->FetchRow();
$old = $old[0]; $old = $old['pages'];
$res->Close(); $res->Close();
$total += $old; $total += $old;
//Output two lines at the bottem of the table, one for "old" users and the other for the total //Output two lines at the bottem of the table, one for "old" users and the other for the total
$table.="<tr align=\"center\">\n\t<th>Old Users</th>\n\t<th>$old</th>\n\t<th>n/a</th>\n</tr>"; $table .= "<tr align=\"center\">\n\t<th>Old Users</th>\n\t<th>$old</th>\n\t<th>n/a</th>\n</tr>";
$table.="<tr align=\"center\">\n\t<th>Total</th>\n\t<th>$total</th>\n\t<th>".round((2629743.83/($thisSecond-$date['first'][0]))*$total)."</th>\n</tr>"; $table .= "<tr align=\"center\">\n\t<th>Total</th>\n\t<th>$total</th>\n\t<th>" . round((2629743.83 / ($thisSecond - $date['first'][0])) * $total) . "</th>\n</tr>";
$table.="</table>\n"; $table .= "</table>\n";
//output the dates of the first and last prints recorded //output the dates of the first and last prints recorded
$out.="<script type=\"text/javascript\" src=\"https://www.google.com/jsapi\"></script> $out .= "<script type=\"text/javascript\" src=\"https://www.google.com/jsapi\"></script>
<script type=\"text/javascript\"> <script type=\"text/javascript\">
google.load(\"visualization\", \"1\", {packages:[\"corechart\"]}); google.load(\"visualization\", \"1\", {packages:[\"corechart\"]});
google.setOnLoadCallback(drawChart); google.setOnLoadCallback(drawChart);
...@@ -121,35 +115,35 @@ $out.="<script type=\"text/javascript\" src=\"https://www.google.com/jsapi\"></s ...@@ -121,35 +115,35 @@ $out.="<script type=\"text/javascript\" src=\"https://www.google.com/jsapi\"></s
var data = new google.visualization.DataTable(); var data = new google.visualization.DataTable();
data.addColumn('string', 'User'); data.addColumn('string', 'User');
data.addColumn('number', 'Pages Printed'); data.addColumn('number', 'Pages Printed');
data.addRows(".($max+2).");\n"; data.addRows(" . ($max + 2) . ");\n";
for( $i=0; $i<($max+1); $i++ ){ for ($i = 0; $i < ($max + 1); $i++) {
$out.="data.setValue(".($i).", 0, '".$data[$i]['username']."');\n"; $out .= "data.setValue(" . ($i) . ", 0, '" . $data[$i]['username'] . "');\n";
$out.="data.setValue(".($i).", 1,".$data[$i]['pages'].");\n"; $out .= "data.setValue(" . ($i) . ", 1," . $data[$i]['pages'] . ");\n";
} }
$others=0; $others = 0;
for ( $i=$max; $i<count($data); $i++ ) { for ($i = $max; $i < count($data); $i++) {
$others+=$data[$i]['pages']; $others += $data[$i]['pages'];
} }
$out.="data.setValue(".($max+1).", 0, 'Others');\ndata.setValue(".($max+1).",1, $others);\n"; $out .= "data.setValue(" . ($max + 1) . ", 0, 'Others');\ndata.setValue(" . ($max + 1) . ",1, $others);\n";
$out.="\t\tvar chart = new google.visualization.PieChart(document.getElementById('chart_div')); $out .= "\t\tvar chart = new google.visualization.PieChart(document.getElementById('chart_div'));
chart.draw(data, {width: 500, height: 360, backgroundColor: 'none', is3D: true, title: 'Printer Usage'}); chart.draw(data, {width: 500, height: 360, backgroundColor: 'none', is3D: true, title: 'Printer Usage'});
} }
</script>"; </script>";
$out.="<div id=\"chart_div\" style=\"background: none;\"></div>"; $out .= "<div id=\"chart_div\" style=\"background: none;\"></div>";
$out.="<p>First Data - ".$date['first'][weekday].", ".$date['first'][mday]." ".$date['first'][month]." ".$date['first'][year].", at ".sprintf("%02d:%02d:%02d",$date['first'][hours],$date['first'][minutes],$date['first'][seconds])."<br />"; $out .= "<p>First Data - " . $date['first'][weekday] . ", " . $date['first'][mday] . " " . $date['first'][month] . " " . $date['first'][year] . ", at " . sprintf("%02d:%02d:%02d", $date['first'][hours], $date['first'][minutes], $date['first'][seconds]) . "<br />";
$out.="Last Data - ".$date['last'][weekday].", ".$date['last'][mday]." ".$date['last'][month]." ".$date['last'][year].", at ".sprintf("%02d:%02d:%02d",$date['last'][hours],$date['last'][minutes],$date['last'][seconds])."</p>"; $out .= "Last Data - " . $date['last'][weekday] . ", " . $date['last'][mday] . " " . $date['last'][month] . " " . $date['last'][year] . ", at " . sprintf("%02d:%02d:%02d", $date['last'][hours], $date['last'][minutes], $date['last'][seconds]) . "</p>";
//do some silly maths to work out lots of silly things //do some silly maths to work out lots of silly things
$paperarea = round(0.21*0.297*$total,3); //area of paper $paperarea = round(0.21 * 0.297 * $total, 3); //area of paper
$paperweight = round($paperarea*.08, 3); //how much that would weigh $paperweight = round($paperarea * .08, 3); //how much that would weigh
$numtrees = round($paperweight/730.296, 6); //*very* roughly how many trees that would be $numtrees = round($paperweight / 730.296, 6); //*very* roughly how many trees that would be
$cost = sprintf("£%01.2f",round(0.05*$total,2)); $cost = sprintf("£%01.2f", round(0.05 * $total, 2));
$out.="<p>That's ".$paperarea."m<sup>2</sup> of paper, weighing ".$paperweight."kg!<br>\n"; $out .= "<p>That's " . $paperarea . "m<sup>2</sup> of paper, weighing " . $paperweight . "kg!<br>\n";
$out.="This is equivalent to approximately ".$numtrees." trees.<br>\n"; $out .= "This is equivalent to approximately " . $numtrees . " trees.<br>\n";
$out.="That would have cost our members a grand total of ".$cost." if it were printed in the library.. not bad for £5 each!"; $out .= "That would have cost our members a grand total of " . $cost . " if it were printed in the library.. not bad for £5 each!";
//done //done
$out.="<p>Note: The number of pages is the number spooled and may be more than the actual number printed</p>"; $out .= "<p>Note: The number of pages is the number spooled and may be more than the actual number printed</p>";
$out.=$table; $out .= $table;
$sucsDB->Close(); $sucsDB->Close();
$smarty->assign('body',$out); $smarty->assign('body', $out);
?> ?>
components/projects.php
View file @ e9d41fb4
...@@ -4,39 +4,39 @@ $dirlist = scandir("/var/projects/trac"); ...@@ -4,39 +4,39 @@ $dirlist = scandir("/var/projects/trac");
$projects = array(); $projects = array();
foreach ($dirlist as $file) { foreach ($dirlist as $file) {
if ($file[0]!=".") { if ($file[0] != ".") {
$object=array(); $object = array();
$object['filename'] = $file; $object['filename'] = $file;
$ini_array = array(); $ini_array = array();
$filepath = "/var/projects/trac/".$file."/conf/trac.ini"; $filepath = "/var/projects/trac/" . $file . "/conf/trac.ini";
// read trac.ini for this project // read trac.ini for this project
if (is_readable($filepath) && ($ini_data = file($filepath)) != FALSE) { if (is_readable($filepath) && ($ini_data = file($filepath)) != FALSE) {
$projectsection = FALSE; $projectsection = FALSE;
foreach ($ini_data as $ini_line) { foreach ($ini_data as $ini_line) {
if (trim($ini_line) == "[project]") { if (trim($ini_line) == "[project]") {
$projectsection = TRUE; $projectsection = TRUE;
} else if ($projectsection && (1 == preg_match("/^\[.*\]$/", trim($ini_line)))) { } else if ($projectsection && (1 == preg_match("/^\[.*\]$/", trim($ini_line)))) {
$projectsection = FALSE; $projectsection = FALSE;
} else if ($projectsection) { } else if ($projectsection) {
list($key, $value) = preg_split("/=/", $ini_line); list($key, $value) = preg_split("/=/", $ini_line);
$ini_array[trim($key)] = trim($value); $ini_array[trim($key)] = trim($value);
} }
} }
// only list projects whose trac.ini sets public = true // only list projects whose trac.ini sets public = true
if (isset($ini_array['public']) && ($ini_array['public'] == "true")) { if (isset($ini_array['public']) && ($ini_array['public'] == "true")) {
$object['name'] = $ini_array['name']; $object['name'] = $ini_array['name'];
if ($object['name']=="") $object['name'] = $file; if ($object['name'] == "") $object['name'] = $file;
$object['descr'] = $ini_array['descr']; $object['descr'] = $ini_array['descr'];
$projects[$file]=$object; $projects[$file] = $object;
} }
} }
} }
} }
$smarty->assign("projects", $projects); $smarty->assign("projects", $projects);
......
components/signup-admin.php
View file @ e9d41fb4
<?php <?php
// Config options // Config options
$permission="sucsstaff"; $permission = "sucsstaff";
// TODO: DEV: UNSTICK THIS BEFORE DEPLOY // TODO: DEV: UNSTICK THIS BEFORE DEPLOY
if (isset($session->groups[$permission])) { if (isset($session->groups[$permission])) {
$smarty->assign("staff",TRUE); $smarty->assign("staff", TRUE);
// connect to sucs database
$sucsDB = NewADOConnection('postgres8');
$sucsDB->Connect('dbname=sucs user=apache');
$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC);
//get unused signup slips
$query = "SELECT signup.id, signup.sid, member_type.typename, members.username, signup.card";
$query .= " FROM signup LEFT JOIN member_type ON signup.type = member_type.id LEFT JOIN members ON signup.issuedby=members.uid";
$query .= " WHERE";
$query .= " signup.activated is NULL";
$query .= " or signup.username is NULL";
$query .= " ORDER BY signup.id";
$query .= ";";
$data = $sucsDB->GetAll($query);
// process responces
if(isset($_POST['command'])){
if($_POST['command']=='update'){
$changed = 0;
$upquery = "UPDATE signup";
$upquery .= " SET sid = ?";
$upquery .= " WHERE id = ?";
$upquery .= ";";
foreach($data as $value){
if(array_key_exists('sid:'.$value['id'],$_POST) && $_POST['sid:'.$value['id']]!=$value['sid']){
$uparray = array($_POST['sid:'.$value['id']],$value['id']);
$sucsDB->query($upquery,$uparray);
$changed++;
}
}
message_flash($changed." record(s) updated");
//get unused signup slips
$query = "SELECT signup.id, signup.sid, member_type.typename, members.username, signup.card";
$query .= " FROM signup LEFT JOIN member_type ON signup.type = member_type.id LEFT JOIN members ON signup.issuedby=members.uid";
$query .= " WHERE";
$query .= " signup.activated is NULL";
$query .= " or signup.username is NULL";
$query .= " ORDER BY signup.id";
$query .= ";";
$data = $sucsDB->GetAll($query);
// process responces
if (isset($_POST['command'])) {
if ($_POST['command'] == 'update') {
$changed = 0;
$upquery = "UPDATE signup";
$upquery .= " SET sid = ?";
$upquery .= " WHERE id = ?";
$upquery .= ";";
foreach ($data as $value) {
if (array_key_exists('sid:' . $value['id'], $_POST) && $_POST['sid:' . $value['id']] != $value['sid']) {
$uparray = array($_POST['sid:' . $value['id']], $value['id']);
$sucsDB->query($upquery, $uparray);
$changed++;
} }
} }
$data = $sucsDB->GetAll($query); message_flash($changed . " record(s) updated");
//set smarty stuff
$smarty->assign("signups",$data); }
$smarty->assign("self",$baseurl.$path.$getout); }
$data = $sucsDB->GetAll($query);
//set smarty stuff
$smarty->assign("signups", $data);
$smarty->assign("self", $baseurl . $path . $getout);
} }
$body = $smarty->fetch("signup-admin.tpl"); $body = $smarty->fetch("signup-admin.tpl");
$smarty->assign('title', "Signup Slip Admin"); $smarty->assign('title', "Signup Slip Admin");
......
components/signup.php
View file @ e9d41fb4
...@@ -10,16 +10,16 @@ ...@@ -10,16 +10,16 @@
// ------------------------------------------------------------- // -------------------------------------------------------------
//$script_path="/home/member/eclipse/signuptests/"; //$script_path="/home/member/eclipse/signuptests/";
$script_path="sudo /usr/local/sbin/"; $script_path = "sudo /usr/local/sbin/";
// DEV: CHNAGE THIS FOR DEV MODE // DEV: CHNAGE THIS FOR DEV MODE
//$error_email="eclipse@sucs.org"; //$error_email="eclipse@sucs.org";
$error_email="admin@sucs.org"; $error_email = "admin@sucs.org";
$override_permission="sucsstaff"; $override_permission = "sucsstaff";
// is the validation (mostly) overridable // is the validation (mostly) overridable
$overridable=isset($session->groups[$override_permission]); $overridable = isset($session->groups[$override_permission]);
// ------------------------------------------------ // ------------------------------------------------
// DEV: UNCOMMENT THIS FOR DEV MODE // DEV: UNCOMMENT THIS FOR DEV MODE
...@@ -31,373 +31,340 @@ $overridable=isset($session->groups[$override_permission]); ...@@ -31,373 +31,340 @@ $overridable=isset($session->groups[$override_permission]);
$mode = 'login'; $mode = 'login';
//login //login
if(isset($_REQUEST['signupid'])&&isset($_REQUEST['signuppw'])){ if (isset($_REQUEST['signupid']) && isset($_REQUEST['signuppw'])) {
//set signup details //set signup details
$signupid = $_REQUEST['signupid']; $signupid = $_REQUEST['signupid'];
$signuppw = $_REQUEST['signuppw']; $signuppw = $_REQUEST['signuppw'];
// connect to sucs database
$sucsDB = NewADOConnection('postgres8');
//$sucsDB->debug = true;
// -------------------------------------------------
// DEV:SET THIS TO YOUR DATBASE FOR DEV MODE
// -------------------------------------------------
$sucsDB->Connect('dbname=sucs');
//$sucsDB->debug = true;
$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC);
// get row(s) // get row(s)
$query = "SELECT * FROM signup WHERE id=? AND password=?"; $query = "SELECT * FROM signup WHERE id=? AND password=?";
$array = array($signupid,$signuppw); $array = array($signupid, $signuppw);
$data = $sucsDB->GetAll($query,$array); $data = $sucsDB->GetAll($query, $array);
// if data was returned and it was exactly 1 row // if data was returned and it was exactly 1 row
if(is_array($data)&&sizeof($data)==1){ if (is_array($data) && sizeof($data) == 1) {
$row=$data[0]; $row = $data[0];
// if the id hasnt already been used // if the id hasnt already been used
if(!(isset($row[activated])&&isset($row[username]))){ if (!(isset($row[activated]) && isset($row[username]))) {
// pass on the id and passwd and id the validation is overridable // pass on the id and passwd and id the validation is overridable
$smarty->assign("signupid",$signupid); $smarty->assign("signupid", $signupid);
$smarty->assign("signuppw",$signuppw); $smarty->assign("signuppw", $signuppw);
$smarty->assign("overridable",$overridable); // pass on the student id if it exists
$smarty->assign("usertype",$row[type]); if (isset($_REQUEST['signupsid'])) {
// if accepting the form $smarty->assign("signupsid", $_REQUEST['signupsid']);
if(isset($_REQUEST['username']) && isset($_REQUEST['realname']) && isset($_REQUEST['email']) && isset($_REQUEST['phone'])){ }
require_once("../lib/validation.php"); $smarty->assign("overridable", $overridable);
$override = $overridable && (isset($_POST['override']) && $_POST['override']=="on"); $smarty->assign("usertype", $row[type]);
$valid=true; // if accepting the form
$errors=array(); if (isset($_REQUEST['username']) && isset($_REQUEST['realname']) && isset($_REQUEST['email']) && isset($_REQUEST['phone'])) {
$fields=array(); require_once("../lib/validation.php");
if(!validUsername($_REQUEST['username'])){ $override = $overridable && (isset($_POST['override']) && $_POST['override'] == "on");
$valid=false; $valid = true;
$errors['username']=$error; $errors = array();
} $fields = array();
$fields['username']=$_REQUEST['username']; if (!validUsername($_REQUEST['username'])) {
if(!(validSignupEmail($_REQUEST['email']) || $override)){ $valid = false;
$valid=false; $errors['username'] = $error;
$errors['email']=$error; }
} $fields['username'] = $_REQUEST['username'];
$fields['email']=$_REQUEST['email']; if (!(validSignupEmail($_REQUEST['email']) || $override)) {
if(!(validPhone($_REQUEST['phone']) || $override)){ $valid = false;
$valid=false; $errors['email'] = $error;
$errors['phone']=$error; }
} $fields['email'] = $_REQUEST['email'];
$fields['phone']=sanitizePhone($_REQUEST['phone']); if (!(validPhone($_REQUEST['phone']) || $override)) {
if($row[type]!=2){ $valid = false;
if(!(validAddress($_REQUEST['address']) || $override)){ $errors['phone'] = $error;
$valid=false; }
$errors['address']=$error; $fields['phone'] = sanitizePhone($_REQUEST['phone']);
} if ($row[type] != 2) {
$fields['address']=sanitizeAddress($_POST['address']); if (!(validAddress($_REQUEST['address']) || $override)) {
if(!validRealName($_REQUEST['realname'],$override)){ $valid = false;
$valid=false; $errors['address'] = $error;
$errors['realname']=$error; }
} $fields['address'] = sanitizeAddress($_POST['address']);
$fields['realname']=$_REQUEST['realname']; if (!validName($_REQUEST['realname'], $override)) {
} $valid = false;
else{ $errors['realname'] = $error;
if(!(validRealName($_REQUEST['contact'],false) || $override)){ }
$valid=false; $fields['realname'] = $_REQUEST['realname'];
$errors['contact']=$error; } else {
} if (!(validName($_REQUEST['contact'], false) || $override)) {
$fields['contact']=$_REQUEST['contact']; $valid = false;
if(!validSocName($_REQUEST['realname'], $override)){ $errors['contact'] = $error;
$valid=false; }
$errors['realname']=$error; $fields['contact'] = $_REQUEST['contact'];
} if (!validName($_REQUEST['realname'], $override)) {
$fields['realname']=$_REQUEST['realname']; $valid = false;
} $errors['realname'] = $error;
if($row[type]==1){ }
if(!validSID($_REQUEST['studentid'],$override)){ $fields['realname'] = $_REQUEST['realname'];
$valid=false; }
$errors['studentid']=$error; if ($row[type] == 1) {
} if (!validSID($_REQUEST['studentid'], $override)) {
$fields['studentid']=$_REQUEST['studentid']; $valid = false;
} $errors['studentid'] = $error;
}
if($valid){ $fields['studentid'] = $_REQUEST['studentid'];
// include membership adding functions }
require_once("../lib/member_functions.php");
$mode='result';
$failed=false;
// invalidate signup slip
$query = "UPDATE signup SET sid=?, username=?, activated=now() WHERE id=?";
unset($atribs); if ($valid) {
$atribs[0]=$fields['studentid']; // include membership adding functions
$atribs[1]=$fields['username']; require_once("../lib/member_functions.php");
$atribs[2]=$signupid; $mode = 'result';
$responce = $sucsDB->Execute($query,$atribs); $failed = false;
if(!$responce){
mail(
$error_email,
"Signup Error",
"Unable to invalidate signup slip: ".$signupid."\nAborting\nError message:\n".$sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$failed=true;
}
else{
// determine the uid range
if($row[type]==2){
$baseuid=8;
}
else{
$baseuid=29;
}
$minuid=$baseuid*1000;
$maxuid=$minuid+999;
//get the new uid
$uid=findUid($minuid,$maxuid);
// make a password
$password=make_password();
// make the ldif
$ldif=generateLdif($uid,$password,$row[type],$fields['realname'],$fields['username']);
// write ldif file
file_put_contents('/tmp/useradd.'.$fields['username'].'.ldif',$ldif);
exec(
$script_path.'useradd.apache '.
escapeshellarg($fields['username']).' '.
escapeshellarg($fields['studentid']).' '.
escapeshellarg($fields['email']).
' 2>&1',
$execoutputarr,
$execreturn
);
if($execreturn!=0){
$execoutputstr=implode("\n",$execoutputarr);
mail(
$error_email,
"Error creating user for signup id: ".$signupid,
$execoutputstr,
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$failed=true;
}
// DEV: STICK THIS FOR DEV
if(posix_getpwnam($fields['username'])){
$query="SELECT count(*) from members where username = ?";
$data = $sucsDB->GetAll($query,array($fields['username']));
if($data[0]['count']!=0){
mail(
$error_email,
"Signup Error",
"User ".$fields['username']." already exists in the databse, THIS SHOULD NEVER HAPPEN\n Love the signup system.\n\nP.S. the signup id is: ".$signupid,
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$failed=true;
}
else{
$query = "INSERT INTO members (";
$query .= "uid, username, realname, email, address, phone, sid, type, paid, lastedit, comments";
$query .= ") values (";
$query .= "?, ?, ?, ?";
// if its a soc then it has no address
if($row[type]!=2){
$query .= ", ?"; //address
}
else{
$query .= ", DEFAULT"; //address
}
$query .= ", ?"; //phone
// only student had a sid
if($row[type]==1){
$query .= ", ?"; //sid
}
else{
$query .= ", DEFAULT";
}
$query .= ", ?, ?, ?";
// socienty add a default comment
if($row[type]==2){
$query .= ", ?";// comment
}
else{
$query .= ", DEFAULT";
}
$query .= ");";
unset($atribs);
$atribs[]=$uid;
$atribs[]=$fields['username'];
$atribs[]=$fields['realname'];
$atribs[]=$fields['email'];
if($row[type]!=2){
$atribs[]=$fields['address'];
}
$atribs[]=$fields['phone'];
if($row[type]==1){
$atribs[]=$fields['studentid'];
}
$atribs[]=$row[type];
include_once("../lib/date.php");
$atribs[]=paidUntil(time());
$atribs[]=$uid;
if($row[type]==2){
$atribs[]="Contact name: ".$fields['contact'];
}
$responce = $sucsDB->Execute($query,$atribs);
// if somthing broke then email
if(!$responce){
mail(
$error_email,
"Signup Error",
"Database problems for signup id: ".$signupid."\nError message:\n".$sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$failed=true;
}
else{
// if door card is connected to the signup slip move it to its proper home
if($row[card] != ''){
$query="INSERT INTO doorcards (uid,cardnumber) VALUES (?, ?);";
unset($atribs);
$atribs[0]=$uid;
$atribs[1]=$row[card];
$responce=$sucsDB->Execute($query,$atribs);
if(!$responce){
mail(
$error_email,
"Signup Error",
"Failed to migrate card details for signup id: ".$signupid."\nError message:\n".$sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
}
}
$logsmessage = "New user '".$fields['username']."' has been created on SUCS\n"; // invalidate signup slip
$logsmessage .= "at: ".date("H:i ",time())." on ".date("l F jS Y", time())."\n"; $query = "UPDATE signup SET sid=?, username=?, activated=now() WHERE id=?";
$logsmessage .= "From: ".$_SERVER['REMOTE_ADDR']."\n";
$logsmessage .= "Using signup id: ".$signupid."\n";
if($override){
$logsmessage .= "User ".$session->username." overrode validation.\n";
}
$logsmessage .= "Love The Signup System";
// DEV: CHANGE THIS EMAIL ADDRESS
mail(
"logs@sucs.org",
"User '".$fields['username']."' Created on SUCS",
$logsmessage,
"From: \"SUCS Admin\" <admin@sucs.org>"
);
mail(
"treasurer@sucs.org",
"User '".$fields['username']."' Created on SUCS",
$logsmessage,
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$usermessage = "Welcome to the Swansea University Computer Society!\n\n";
$usermessage .= "Your account details are:\n\n";
$usermessage .= "Username: ".$fields['username']."\n";
$usermessage .= "Password: ".$password."\n\n";
$usermessage .= "Wondering what to do next? Check out our Getting Started page: http://sucs.org/Getting%20Started or go right ahead and post on our forum at http://sucs.org/Community/Forum or join in the discussion on our chat system, Milliways: http://sucs.org/Community/Milliways\n\n";
$usermessage .= "Our weekly social is held in the coffee end JC's at 1:00 PM every Wednesday\n\n";
$usermessage .= "Before you use the SUCS computers or the computer room, please make sure you are familiar with the conditions of use and room rules at http://sucs.org/About/Regulations\n\n";
$usermessage .= "If you require help using the system, introductory guides are available at http://sucs.org/Knowledge\n\n";
$usermessage .= "If you have any trouble using the system, reply to this e-mail describing the nature of the problem and we'll look into it.\n\n";
$usermessage .= "We hope you enjoy your SUCS membership.\n\n";
$usermessage .= "Regards,\n\n";
$usermessage .= "Swansea University Computer Society";
if($fields['email']!=''){
$user_email=$fields['email'];
}
elseif($fields['studentid']!=''){
$user_email=$fields['studentid']."@swan.ac.uk";
}
else{
$user_email=FALSE;
}
if($user_email){
mail(
$user_email,
"Your SUCS Account has been created!",
$usermessage,
"From: \"SUCS Admin\" <admin@sucs.org>"
);
}
}
}
}
//Wrong logic, only students have student email addresses ~imranh
if ($row['type']==1){
$addtolist ="".$fields['email']."\n".$fields['studentid']."@swan.ac.uk";
}else{
$addtolist="".$fields['email']."\n"; //Societies don't have student email addresses
}
file_put_contents('/tmp/listadd.'.$fields['username'],$addtolist);
unset($execoutputarr);
exec(
$script_path.'listadd.apache '.
escapeshellarg($fields['username']).' '.
escapeshellarg($row[type]).
' 2>&1',
$execoutputarr,
$ececreturn
);
if($execreturn!=0){
$execoutputstr=implode("\n",$execoutputarr);
unset($atribs);
$atribs[0] = $fields['studentid'];
$atribs[1] = $fields['username'];
$atribs[2] = $signupid;
$responce = $sucsDB->Execute($query, $atribs);
if (!$responce) {
mail(
$error_email,
"Signup Error",
"Unable to invalidate signup slip: " . $signupid . "\nAborting\nError message:\n" . $sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$failed = true;
} else {
//generate the new uid
$uid = generateUid();
// make a password
$password = make_password();
// make the ldif
$ldif = generateLdif($uid, $password, $row[type], $fields['realname'], $fields['username']);
// write ldif file
file_put_contents('/tmp/useradd.' . $fields['username'] . '.ldif', $ldif);
exec(
$script_path . 'useradd.apache ' .
escapeshellarg($fields['username']) . ' ' .
escapeshellarg($fields['studentid']) . ' ' .
escapeshellarg($fields['email']) .
' 2>&1',
$execoutputarr,
$execreturn
);
if ($execreturn != 0) {
$execoutputstr = implode("\n", $execoutputarr);
mail(
$error_email,
"Error creating user for signup id: " . $signupid,
$execoutputstr,
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$failed = true;
}
// DEV: STICK THIS FOR DEV
if (posix_getpwnam($fields['username'])) {
$query = "SELECT count(*) from members where username = ?";
$data = $sucsDB->GetAll($query, array($fields['username']));
if ($data[0]['count'] != 0) {
mail( mail(
$error_email, $error_email,
"Error adding user to mailing lists from signup id: ".$signupid, "Signup Error",
$execoutputstr, "User " . $fields['username'] . " already exists in the database, THIS SHOULD NEVER HAPPEN\n Love, the signup system.\n\nP.S. the signup id is: " . $signupid,
"From: \"SUCS Admin\" <admin@sucs.org>" "From: \"SUCS Admin\" <admin@sucs.org>"
); );
$failed=true; $failed = true;
} else {
$query = "INSERT INTO members (";
$query .= "uid, username, realname, email, address, phone, sid, type, paid, lastedit, comments";
$query .= ") values (";
$query .= "?, ?, ?, ?";
// if its a soc then it has no address
if ($row[type] != 2) {
$query .= ", ?"; //address
} else {
$query .= ", DEFAULT"; //address
}
$query .= ", ?"; //phone
// only student had a sid
if ($row[type] == 1) {
$query .= ", ?"; //sid
} else {
$query .= ", DEFAULT";
}
$query .= ", ?, ?, ?";
// socienty add a default comment
if ($row[type] == 2) {
$query .= ", ?";// comment
} else {
$query .= ", DEFAULT";
}
$query .= ");";
unset($atribs);
$atribs[] = $uid;
$atribs[] = $fields['username'];
$atribs[] = $fields['realname'];
$atribs[] = $fields['email'];
if ($row[type] != 2) {
$atribs[] = $fields['address'];
}
$atribs[] = $fields['phone'];
if ($row[type] == 1) {
$atribs[] = $fields['studentid'];
}
$atribs[] = $row[type];
include_once("../lib/date.php");
$atribs[] = paidUntil(time());
$atribs[] = $uid;
if ($row[type] == 2) {
$atribs[] = "Contact name: " . $fields['contact'];
}
$responce = $sucsDB->Execute($query, $atribs);
// if somthing broke then email
if (!$responce) {
mail(
$error_email,
"Signup Error",
"Database problems for signup id: " . $signupid . "\nError message:\n" . $sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$failed = true;
} else {
// if door card is connected to the signup slip move it to its proper home
if ($row[card] != '') {
$query = "INSERT INTO doorcards (uid,cardnumber) VALUES (?, ?);";
unset($atribs);
$atribs[0] = $uid;
$atribs[1] = $row[card];
$responce = $sucsDB->Execute($query, $atribs);
if (!$responce) {
mail(
$error_email,
"Signup Error",
"Failed to migrate card details for signup id: " . $signupid . "\nError message:\n" . $sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
}
}
$logsmessage = "New user '" . $fields['username'] . "' has been created on SUCS\n";
$logsmessage .= "at: " . date("H:i ", time()) . " on " . date("l F jS Y", time()) . "\n";
$logsmessage .= "From: " . $_SERVER['REMOTE_ADDR'] . "\n";
$logsmessage .= "Using signup id: " . $signupid . "\n";
if ($override) {
$logsmessage .= "User " . $session->username . " overrode validation.\n";
}
$logsmessage .= "Love, The Signup System";
// DEV: CHANGE THIS EMAIL ADDRESS
mail(
"logs@sucs.org,treasurer@sucs.org",
"User '" . $fields['username'] . "' Created on SUCS",
$logsmessage,
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$usermessage = "Welcome to the Swansea University Computer Society!\n\n";
$usermessage .= "Your account details are:\n\n";
$usermessage .= "Username: " . $fields['username'] . "\n";
$usermessage .= "Password: " . $password . "\n\n";
$usermessage .= "Wondering what to do next? Check out our Getting Started page: http://sucs.org/Getting%20Started or go right ahead and post on our forum at http://sucs.org/Community/Forum or join in the discussion on our chat system, Milliways: http://sucs.org/Community/Milliways\n\n";
$usermessage .= "Our weekly social is held in the coffee end JC's at 1:00 PM every Wednesday\n\n";
$usermessage .= "Before you use the SUCS computers or the computer room, please make sure you are familiar with the conditions of use and room rules at http://sucs.org/About/Regulations\n\n";
$usermessage .= "If you require help using the system, introductory guides are available at http://sucs.org/Knowledge\n\n";
$usermessage .= "If you have any trouble using the system, reply to this e-mail describing the nature of the problem and we'll look into it.\n\n";
$usermessage .= "We hope you enjoy your SUCS membership.\n\n";
$usermessage .= "Regards,\n\n";
$usermessage .= "Swansea University Computer Society";
if ($fields['email'] != '') {
$user_email = $fields['email'];
} elseif ($fields['studentid'] != '') {
$user_email = $fields['studentid'] . "@swan.ac.uk";
} else {
$user_email = FALSE;
}
if ($user_email) {
mail(
$user_email,
"Your SUCS Account has been created!",
$usermessage,
"From: \"SUCS Admin\" <admin@sucs.org>"
);
}
}
} }
}
//Wrong logic, only students have student email addresses ~imranh
if ($row['type'] == 1) {
$addtolist = "" . $fields['email'] . "\n" . $fields['studentid'] . "@swan.ac.uk";
} else {
$addtolist = "" . $fields['email'] . "\n"; //Societies don't have student email addresses
}
file_put_contents('/tmp/listadd.' . $fields['username'], $addtolist);
unset($execoutputarr);
exec(
$script_path . 'listadd.apache ' .
escapeshellarg($fields['username']) . ' ' .
escapeshellarg($row[type]) .
' 2>&1',
$execoutputarr,
$execreturn
);
if ($execreturn != 0) {
$execoutputstr = implode("\n", $execoutputarr);
} mail(
$smarty->assign("failed",$failed); $error_email,
if($failed){ "Error adding user to mailing lists from signup id: " . $signupid,
$errorreparray=$_POST; $execoutputstr . $execreturn,
unset($errorroparray[signuppw]); "From: \"SUCS Admin\" <admin@sucs.org>"
$errorreparray[uid]=$uid; );
$errorreport = "User input details:\n\n"; $failed = true;
foreach ($errorreparray as $key => $value){ }
$errorreport .= $key.": ".$value."\n"; exec($script_path . 'printeradd.apache ' . escapeshellarg($fields['username']));
} }
$errorreport .= "\nLove from the Signup System"; $smarty->assign("failed", $failed);
mail( if ($failed) {
$error_email, $errorreparray = $_POST;
"Signup system error report", unset($errorroparray[signuppw]);
$errorreport, $errorreparray[uid] = $uid;
"From: \"SUCS Admin\" <admin@sucs.org>" $errorreport = "User input details:\n\n";
); foreach ($errorreparray as $key => $value) {
} $errorreport .= $key . ": " . $value . "\n";
else{ }
$smarty->assign("username", $fields['username']); $errorreport .= "\nLove, the Signup System";
$smarty->assign("password", $password); mail(
$smarty->assign("email", $user_email); $error_email,
} "Signup system error report",
$errorreport,
"From: \"SUCS Admin\" <admin@sucs.org>"
);
} else {
$smarty->assign("username", $fields['username']);
$smarty->assign("password", $password);
$smarty->assign("email", $user_email);
}
} } else {
else{ //re-show form
//re-show form $script = "<script language='javascript' type='text/javascript' src='" . $baseurl . "/js/jquery.js'></script>\n";
$script = "<script language='javascript' type='text/javascript' src='".$baseurl."/js/jquery.js'></script>\n"; $script .= "<script language='javascript' type='text/javascript' src='$baseurl/js/signup.js'></script>\n";
$script .= "<script language='javascript' type='text/javascript' src='$baseurl/js/signup.js'></script>\n"; $smarty->assign("fields", $fields);
$smarty->assign("fields",$fields); $smarty->assign("errors", $errors);
$smarty->assign("errors",$errors); $smarty->append('extra_scripts', $script);
$smarty->append('extra_scripts', $script); $mode = 're-form';
$mode='re-form'; }
} } else {
} // display the form
else{ $script = "<script language='javascript' type='text/javascript' src='" . $baseurl . "/js/jquery.js'></script>\n";
// display the form $script .= "<script language='javascript' type='text/javascript' src='$baseurl/js/signup.js'></script>\n";
$script = "<script language='javascript' type='text/javascript' src='".$baseurl."/js/jquery.js'></script>\n"; $smarty->append('extra_scripts', $script);
$script .= "<script language='javascript' type='text/javascript' src='$baseurl/js/signup.js'></script>\n"; $mode = 'form';
$smarty->append('extra_scripts', $script); }
$mode='form'; } else trigger_error("Signup ID already used", E_USER_WARNING);
} } else trigger_error("Invalid ID or Password", E_USER_WARNING);
}
else trigger_error("Signup ID already used",E_USER_WARNING);
}
else trigger_error("Invalid ID or Password", E_USER_WARNING);
} }
//Set smarty Variables //Set smarty Variables
$smarty->assign("mode", $mode); $smarty->assign("mode", $mode);
$output = $smarty->fetch("signup.tpl"); $output = $smarty->fetch("signup.tpl");
$smarty->assign("title", "Sign Up"); $smarty->assign("title", "Sign Up");
$smarty->assign("body", $output); $smarty->assign("body", $output);
......
components/signupajax.php
View file @ e9d41fb4
<? <?php
require_once("../lib/validation.php"); require_once("../lib/validation.php");
// don't output the site template // don't output the site template
$no_template = TRUE; $no_template = TRUE;
header("Content-type: text/plain"); header("Content-type: text/plain");
if (isset($_GET['key'])){ if (isset($_GET['key'])) {
switch($_GET['key']){ switch ($_GET['key']) {
case "sid": case "sid":
$sid=$_GET['value']; $sid = $_GET['value'];
if(validSID($sid,false)){ if (validSID($sid, false)) {
echo "OK:".lookupSID($_GET['value']); echo "OK:" . lookupSID($_GET['value']);
} } else {
else{ echo "ERROR:" . $error;
echo "ERROR:".$error; }
} break;
break; case "postcode":
case "postcode": $postcode = validPostcode($_GET['value']);
$postcode=implode("", explode(" ", $_GET['value'])); if ($postcode != false) {
echo json_encode(lookup_postcode($postcode)); lookup_postcode($postcode);
break; }
case "username": break;
$username = $_GET['value']; case "username":
if(validUsername($username)){ $username = $_GET['value'];
echo "OK"; if (validUsername($username)) {
} echo "OK";
else{ } else {
echo $error; echo $error;
} }
break; break;
case "realname": case "realname":
$realname = $_GET['value']; $realname = $_GET['value'];
if(validRealName($realname,false)){ if (validName($realname, false)) {
echo "OK"; echo "OK";
} } else {
else{ echo $error;
echo $error; }
} break;
break; case "socname":
case "socname": $socname = $_GET['value'];
$socname = $_GET['value']; if (validName($socname, false)) {
if(validSocName($socname,false)){ echo "OK";
echo "OK"; } else {
} echo $error;
else{ }
echo $error; break;
}
break;
case "address": case "address":
$address = $_GET['value']; $address = $_GET['value'];
if(validAddress($address)){ if (validAddress($address)) {
echo "OK"; echo "OK";
} } else {
else{ echo $error;
echo $error; }
} break;
break;
case "email": case "email":
$email = $_GET['value']; $email = $_GET['value'];
if(validSignupEmail($email)){ if (validSignupEmail($email)) {
echo "OK"; echo "OK";
} } else {
else{ echo $error;
echo $error; }
} break;
break; case "phone":
case "phone": $phone = $_GET['value'];
$phone = $_GET['value']; if (validPhone($phone)) {
if(validPhone($phone)){ echo "OK";
echo "OK"; } else {
} echo $error;
else{ }
echo $error; break;
} }
break;
}
} }
?> ?>
components/societies.php
View file @ e9d41fb4
...@@ -10,24 +10,24 @@ $conn = ldap_connect(_LDAP_SERVER); ...@@ -10,24 +10,24 @@ $conn = ldap_connect(_LDAP_SERVER);
$search = ldap_search($conn, _BASE_DN, 'uid=*', array('uid', 'cn', 'homedirectory')); $search = ldap_search($conn, _BASE_DN, 'uid=*', array('uid', 'cn', 'homedirectory'));
// Sort By Username // Sort By Username
ldap_sort($conn, $search, 'uid'); ldap_sort($conn, $search, 'uid');
// Produce an array of usernames // Produce an array of usernames
$usernames = array(); $usernames = array();
$entryHandler = ldap_first_entry($conn, $search); $entryHandler = ldap_first_entry($conn, $search);
while($entryHandler) { while ($entryHandler) {
$username = ldap_get_values($conn, $entryHandler, 'uid'); $username = ldap_get_values($conn, $entryHandler, 'uid');
$fullname = ldap_get_values($conn, $entryHandler, 'cn'); $fullname = ldap_get_values($conn, $entryHandler, 'cn');
$homedir = ldap_get_values($conn, $entryHandler, 'homedirectory'); $homedir = ldap_get_values($conn, $entryHandler, 'homedirectory');
$homedir = $homedir[0]; $homedir = $homedir[0];
$homedirArray = explode('/', $homedir); $homedirArray = explode('/', $homedir);
if (($homedirArray[2]=="society") && file_exists( "$homedir/public_html")) { if (($homedirArray[2] == "society") && file_exists("$homedir/public_html")) {
$usernames[] = array( "username" => $username[0], "fullname" => $fullname[0]); $usernames[] = array("username" => $username[0], "fullname" => $fullname[0]);
} }
$entryHandler = ldap_next_entry($conn, $entryHandler); $entryHandler = ldap_next_entry($conn, $entryHandler);
} }
$smarty->assign("societies", $usernames); $smarty->assign("societies", $usernames);
......
components/static.php
View file @ e9d41fb4
...@@ -5,81 +5,81 @@ ...@@ -5,81 +5,81 @@
$permission = "html"; $permission = "html";
// Get the right filename... // Get the right filename...
$myfile = $base."static".$path.$language['file'].".txt"; $myfile = $base . "static" . $path . $language['file'] . ".txt";
$secondaryfile = $base."static".$path.$language['file']."-secondary.txt"; $secondaryfile = $base . "static" . $path . $language['file'] . "-secondary.txt";
if (!file_exists($myfile)) { if (!file_exists($myfile)) {
$myfile = $base."static$path.txt"; $myfile = $base . "static$path.txt";
$secondaryfile = $base."static$path-secondary.txt"; $secondaryfile = $base . "static$path-secondary.txt";
// If the file doesn't exist... // If the file doesn't exist...
if (!file_exists($myfile)) { if (!file_exists($myfile)) {
if (isset($session->groups[$permission]) && @$_REQUEST['action']=="create") { if (isset($session->groups[$permission]) && @$_REQUEST['action'] == "create") {
// ...and we have permission and have been asked to, create it // ...and we have permission and have been asked to, create it
$body = "foo"; $body = "foo";
} else { } else {
$redirect_path = $DB->GetOne("SELECT to_uri FROM redirect where from_uri=?", array("/".$pathlist[1])); $redirect_path = $DB->GetOne("SELECT to_uri FROM redirect where from_uri=?", array("/" . $pathlist[1]));
if (isset($_SERVER['HTTPS'])) $proto = "https://"; if (isset($_SERVER['HTTPS'])) $proto = "https://";
else $proto = "http://"; else $proto = "http://";
if ($redirect_path!="") { if ($redirect_path != "") {
$variables = ""; $variables = "";
for ($i=2;$i<count($pathlist);$i++) { for ($i = 2; $i < count($pathlist); $i++) {
$variables .= "/".$pathlist[$i]; $variables .= "/" . $pathlist[$i];
} }
$redirect_uri = $proto.$_SERVER['SERVER_NAME'].$redirect_path.$variables; $redirect_uri = $proto . $_SERVER['SERVER_NAME'] . $redirect_path . $variables;
if ($_SERVER['QUERY_STRING']!="") $redirect_uri.="?".$_SERVER['QUERY_STRING']; if ($_SERVER['QUERY_STRING'] != "") $redirect_uri .= "?" . $_SERVER['QUERY_STRING'];
header("HTTP/1.1 301 Moved Permanently"); header("HTTP/1.1 301 Moved Permanently");
header("Location: ".$redirect_uri); header("Location: " . $redirect_uri);
} else { } else {
// ...serve a 404 error // ...serve a 404 error
header("HTTP/1.1 404 Not Found"); header("HTTP/1.1 404 Not Found");
$body = @file_get_contents($base."static/404.txt"); $body = @file_get_contents($base . "static/404.txt");
$smarty->assign("pathlist", array("", "Error")); $smarty->assign("pathlist", array("", "Error"));
$title = "File not found"; $title = "File not found";
$smarty->assign("title", $title); $smarty->assign("title", $title);
$smarty->assign("body", $body); $smarty->assign("body", $body);
// Give those with permission the chance to create the page // Give those with permission the chance to create the page
if (isset($session->groups[$permission])) $smarty->assign("creatable", TRUE); if (isset($session->groups[$permission])) $smarty->assign("creatable", TRUE);
} }
return; return;
} }
} }
} }
// If we've got edit permission... // If we've got edit permission...
if (isset($session->groups[$permission])) { if (isset($session->groups[$permission])) {
switch (@$_REQUEST['action']) { switch (@$_REQUEST['action']) {
case "Save": case "Save":
// ...save the file // ...save the file
$savesuccess = @file_put_contents($myfile, $_REQUEST['body'], LOCK_EX); $savesuccess = @file_put_contents($myfile, $_REQUEST['body'], LOCK_EX);
if (!$savesuccess) trigger_error("Write failed", E_USER_ERROR); if (!$savesuccess) trigger_error("Write failed", E_USER_ERROR);
$id = $DB->GetOne("select id from static where path=?", array($path)); $id = $DB->GetOne("select id from static where path=?", array($path));
$record = array(); $record = array();
$record['summary'] = $_REQUEST['summary']; $record['summary'] = $_REQUEST['summary'];
$record['editor'] = $session->username; $record['editor'] = $session->username;
$record['path'] = $path; $record['path'] = $path;
if ($id>0) { if ($id > 0) {
$DB->AutoExecute("static", $record, 'UPDATE', "id = '".$id."'"); $DB->AutoExecute("static", $record, 'UPDATE', "id = '" . $id . "'");
} else { } else {
$DB->AutoExecute("static", $record, 'INSERT'); $DB->AutoExecute("static", $record, 'INSERT');
} }
// probably need some error-handling here... // probably need some error-handling here...
break; break;
case "Delete": case "Delete":
$deleted = unlink($myfile); $deleted = unlink($myfile);
break; break;
} }
} }
$title = end($pathlist); $title = end($pathlist);
if (file_exists($myfile)) { if (file_exists($myfile)) {
$body = file_get_contents($myfile); $body = file_get_contents($myfile);
$modified = date("r", filectime($myfile)); $modified = date("r", filectime($myfile));
$modifiedby = $DB->GetOne("select editor from static where path=?", array($path)); $modifiedby = $DB->GetOne("select editor from static where path=?", array($path));
} }
if (file_exists($secondaryfile)) { if (file_exists($secondaryfile)) {
$secondary = file_get_contents($secondaryfile); $secondary = file_get_contents($secondaryfile);
$smarty->assign("secondary", $secondary); $smarty->assign("secondary", $secondary);
} }
// include a widget for leaving feedback on this page if the user is logged in // include a widget for leaving feedback on this page if the user is logged in
...@@ -92,27 +92,27 @@ $smarty->assign("title", str_replace("_", " ", $title)); ...@@ -92,27 +92,27 @@ $smarty->assign("title", str_replace("_", " ", $title));
// Editing static pages - does the user have permission? // Editing static pages - does the user have permission?
if (isset($session->groups[$permission])) { if (isset($session->groups[$permission])) {
// display Edit link on page // display Edit link on page
$smarty->assign("editable", TRUE); $smarty->assign("editable", TRUE);
switch (@$_REQUEST['action']) { switch (@$_REQUEST['action']) {
// load the editing template // load the editing template
case "create": case "create":
if (!file_exists($myfile)) file_put_contents($myfile, "Page under construction\n", LOCK_EX); if (!file_exists($myfile)) file_put_contents($myfile, "Page under construction\n", LOCK_EX);
case "edit": case "edit":
$smarty->assign("editcontent", $body); $smarty->assign("editcontent", $body);
$record['summary'] = $DB->GetOne("select summary from static where path=?", array($path)); $record['summary'] = $DB->GetOne("select summary from static where path=?", array($path));
$smarty->assign("record", $record); $smarty->assign("record", $record);
$smarty->assign("action", "edit"); $smarty->assign("action", "edit");
$modified = NULL; $modified = NULL;
$body = $smarty->fetch('static_edit.tpl'); $body = $smarty->fetch('static_edit.tpl');
break; break;
case "delete-query": case "delete-query":
$body = $smarty->fetch('static_delete.tpl').$body; $body = $smarty->fetch('static_delete.tpl') . $body;
break; break;
case "Delete": case "Delete":
if ($deleted) $body = "File deleted"; if ($deleted) $body = "File deleted";
break; break;
} }
} }
$smarty->assign("body", $body); $smarty->assign("body", $body);
......
components/susignup-admin.php
View file @ e9d41fb4
<?PHP <?php
/***
* SU Signup admin
* Allows us to search the SU api for a given student number and checks if they're a SUCS member.
* If they are - allows account renewal
* If not - allows signup to be bootstrapped as per susignup component
***/
// gib errars plox
//error_reporting(E_ALL);
//ini_set('display_errors', 1);
// include functions and shit we need
include("../lib/member_functions.php"); include("../lib/member_functions.php");
include("../lib/date.php"); include("../lib/date.php");
include("../suapi.inc.php"); include("../lib/suapiv2.php");
//Restrict access to staff. //Restrict access to staff.
$permission="sucsstaff"; $permission = "sucsstaff";
$apibaseurl="https://$suapi_user:$suapi_pass@su-api.sucs.org/memberships/Membership.asmx";
// if they have the right privs then lets do shit
if (isset($session->groups[$permission])) { if (isset($session->groups[$permission])) {
//Setup smarty magic, step 1 //Setup smarty magic, step 1
$smarty->assign("staff", TRUE); $smarty->assign("staff", TRUE);
if(!isset($_REQUEST['mode'])) { // if no mode has been requested then show options
$mode = 'menu'; if (!isset($_REQUEST['mode'])) {
} else { $mode = 'menu';
$mode = urldecode($_REQUEST['mode']); } else {
} $mode = urldecode($_REQUEST['mode']);
}
//Set up SUCS DB Connection.
//Note that $DB is the generic sucssite connection // We have a mode, lets try and work out wtf they want to do
$sucsDB = NewADOConnection('postgres8'); // they have typed in a sid and want to bootstrap the signup processs
$sucsDB->Connect('dbname=sucs user=apache'); if ($mode == 'search') {
$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC); if (empty($_REQUEST['sid']) || empty($_REQUEST['snsubmit'])) {
$mode = 'error';
if ($mode == 'search') { $smarty->assign("error_text", "Invalid search request");
if (empty($_REQUEST['sid']) || empty($_REQUEST['snsubmit'])) { } else {
$mode = 'error'; $pres = preg_match("/^[0-9]{6}$/", $_REQUEST['sid'], $sid);
$smarty->assign("error_text", "Invalid search request"); if ($pres != 1) {
}else{ $mode = 'error';
$pres=preg_match("/^[0-9]{6}$/",$_REQUEST['sid'],$sid); $smarty->assign("error_text", "Search term doesn't look like a valid student ID");
if ($pres!=1) { } else {
$mode = 'error'; // they have given us a valid sid lets check to see if they have paid
$smarty->assign("error_text", "Search term doesn't look like a valid student ID"); $sid = $_REQUEST['sid'];
} else {
$url = "$apibaseurl/IsPersonMember?strCriteria=".$sid[0]."&GroupingId=6613"; // make sure the user/admin/exec isn't an idiot
$apiReq = curl_init(); // check if they are already signed up and tell them so
curl_setopt($apiReq, CURLOPT_URL, $url); $tmpresult = $sucsDB->Execute("SELECT * FROM members WHERE sid=?", array($_REQUEST['sid']));
curl_setopt($apiReq, CURLOPT_RETURNTRANSFER, TRUE); if ($tmpresult->fields["sid"] == $sid && $tmpresult->fields["paid"] == paidUntil(time())) {
// let them know they are already signed up and renewed
$apiResult = curl_exec($apiReq); $mode = 'error';
if ($apiResult === FALSE) { message_flash("You are a numpty and have already signed up and paid for this year.");
$mode = 'error'; // else if check to see if they have signedup and paid for the new year but haven't renewed
$smarty->assign("error_text", "An error occurred communicating with the SUSU API."); } else if ($tmpresult->fields["sid"] == $sid && $tmpresult->fields["paid"] != paidUntil(time())) {
}else { // renew them!
// Ostensibly we now have a valid search result from the SU - go to work $mode = 'error';
libxml_use_internal_errors(true); renew_membership($tmpresult->fields["username"]);
$xml=simplexml_load_string($apiResult); // let them know that their account has been renewed
if (!$xml||isset($xml->head->title)) { message_flash("Your SUCS account has been renewed.");
$mode='error'; } else {
$smarty->assign("error_text", "An error occurred communicating with the SUSU API"); if (check_su_sid($_REQUEST['sid'])) {
} else { // lets make them a signup slip
$ismember = $xml[0]; $pass = make_password();
if ($ismember=="true") { $query = "INSERT INTO signup (password,sid,issuedby) VALUES ( ?, ?, ?) RETURNING id";
//Yay, we have a student who has paid and needs to be signed up. $attribs[] = $pass;
//Check they don't have a signup slip already $attribs[] = $_REQUEST['sid'];
$query = "SELECT transactionid, signupid FROM transactions WHERE cardNumber = ?;"; $attribs[] = '99999'; //SUCS Magic internal use UID
$qres = $sucsDB->Execute($query, $sid);
$id = $sucsDB->Execute($query, $attribs);
if ($qres->RecordCount()==0) { $id = $id->fields['id'];
// No transaction, but might have unused signup slip. If so, retrieve values. if (!$id) {
$query = "SELECT id, username, password FROM signup WHERE sid=?;"; $mode = "error";
$qres = $sucsDB->Execute($query, array($sid[0])); $smarty->assign("error_text", "An error occurred generating a signup ID. Report the following message to the admins:<br /><pre>" . $sucsDB->ErrorMsg() . "</pre>");
if ($qres && $qres->RecordCount() > 0) { } else {
if ($qres->RecordCount() > 1) { $smarty->assign('slipid', $id);
$mode='error'; $smarty->assign('slippass', $pass);
$smarty->assign("error_text", "Student has multiple signup slips in the DB. Bork! Bork! Bork!"); $smarty->assign('sid', $_REQUEST['sid']);
} else if (!empty($qres->fields['username'])) { }
$mode='error'; } else {
$smarty->assign("error_text", "Student hasn't tried to use the SU signup component (No transaction in DB), but has a previously used Signup Slip with username ".$qres->fields['username'].".<br />Is this a renewal? If not, ask an admin to generate a new signup slip for this student"); $mode = 'error';
//TODO: Add option to generate new signup slip? $smarty->assign("error_text", "Student does not appear to have paid. Extract fees");
} else { }
$id = $qres->fields['id']; }
$pass = $qres->fields['password']; }
} }
} else { // mass renewals page
$pass = make_password(); } else if ($mode == 'renewals') {
$query = "INSERT INTO signup (password,sid,issuedby) VALUES ( ?, ?, ?) RETURNING id";
$attribs[]=addslashes($pass); $matches = array();
$attribs[]=$sid[0]; $others = 0;
$attribs[]='99999'; //SUCS Magic internal use UID $paidup = 0;
foreach ($just_members as $sumem) {
$id = $sucsDB->Execute($query,$attribs); $sucsmem = get_sucs_record($sumem['card_number']);
$id = $id->fields['id']; if ($sucsmem && $sucsmem['paid'] != paidUntil(time()) && $sucsmem['type'] == 1) {
if (!$id) { $matches[] = array($sumem['purchaser'], $sucsmem['realname'], $sumem['card_number'], $sucsmem['username'], $sucsmem['paid']);
$mode="error"; } else if ($sucsmem && $sucsmem['paid'] == paidUntil(time())) {
$smarty->assign("error_text", "An error occurred generating a signup ID. Report the following message to the admins:<br /><pre>".$sucsDB->ErrorMsg()."</pre>"); $others++;
} else { $paidup++;
$smarty->assign('slipid', $id); } else {
$smarty->assign('slippass', $pass); $others++;
$smarty->assign('sid', $sid[0]); }
} }
} $smarty->assign("matches", $matches);
} else { $smarty->assign("others", $others);
//Retrieve existing slip $smarty->assign("paidup", $paidup);
$id = $qres->fields['signupid']; $smarty->assign("pending", $others - $paidup);
$tid = $qres->fields['transactionid']; } else if ($mode == 'renewals2') {
if (empty($id)) { $failures = array();
$pass = make_password(); $successes = array();
$query = "INSERT INTO signup (password,sid,issuedby) VALUES ( ?, ?, ?) RETURNING id";
$attribs[]=addslashes($pass); if (empty($_REQUEST['renew'])) {
$attribs[]=$sid[0]; $mode = 'error';
$attribs[]='99999'; //SUCS Magic internal use UID $smarty->assign("error_text", "Can't renew an empty list!");
} else {
$qres = $sucsDB->Execute($query,$attribs); foreach ($_REQUEST['renew'] as $user) {
if (!$qres) { if (admin_renew_member($user, $session->username)) {
$mode="error"; $successes[] = $user;
$smarty->assign("error_text", "An error occurred generating a signup ID. Report the following message to the admins:<br /><pre>".$sucsDB->ErrorMsg()."</pre>"); } else {
} else { $failures[] = $user;
$id = $qres->fields['id']; }
$query = "UPDATE transactions SET signupid=? WHERE transactionid=?;"; }
$qres = $sucsDB->Execute($query, array($id, $tid)); $smarty->assign("attempt", count($_REQUEST['renew']));
$smarty->assign('slipid', $id); $smarty->assign("failures", count($failures));
$smarty->assign('slippass', $pass); $smarty->assign("failusers", $failures);
$smarty->assign('sid', $sid[0]); $smarty->assign("successes", count($successes));
} }
} else if ($mode == 'list') {
}else { $matches = array();
$query = "SELECT username, password FROM signup WHERE id=?;"; foreach ($just_members as $sumem) {
$qres = $sucsDB->Execute($query, array($id)); $sucsmem = get_sucs_record($sumem['card_number']);
if (!$qres) { if ($sucsmem) {
$mode="error"; $matches[] = array($sumem['purchaser'], $sucsmem['realname'], $sumem['card_number'], $sucsmem['username'], $sucsmem['paid']);
$smarty->assign("error_text", "The user appears to have generated a signup ID using the SU Signup system (Slip ID: ".$id."), but the password for that slip can't be retrieved.<br />Request assistance."); } else {
} else if ($qres->fields['username'] !== NULL) { $matches[] = array($sumem['purchaser'], "N/A", $sumem['card_number'], "N/A", "Not signed up");
$mode="error"; }
$smarty->assign("error_text", "This user appears to have completed signup, with username <strong>".$qres->fields['username']."</strong><br />Check that this user exists, and offer to reset their password if necessary."); }
} function sortbypaid($a, $b)
$pass = $qres->fields['password']; {
$smarty->assign('slipid', $id); //Lets us array sort by final column ('Paid')
$smarty->assign('slippass', $pass); return ($a[4] < $b[4]) ? -1 : 1;
$smarty->assign('sid', $sid[0]); }
}
} usort($matches, 'sortbypaid');
$smarty->assign("matches", $matches);
if(!$mode=='error') { }
//Right, this should be the point where we hand off to signup $smarty->assign('renewables', get_renewable_members());
$smarty->assign('slipid', $id);
$smarty->assign('slippass', $pass);
$smarty->assign('sid', $sid[0]);
}
}else{
$mode='error';
$smarty->assign("error_text", "Student does not appear to have paid. Extract fees");
}
}
}
}
}
} else if ($mode=="renew") {
if (empty($_REQUEST['member'])){
$mode='error';
$smarty->assign('error_text',"Can't renew a member without knowing their username!");
} else if (!isset($_REQUEST['renewconf'])) {
//Should be trying to renew $_REQUEST['member']
$username=urldecode($_REQUEST['member']);
$q = "SELECT username, typename, sid, paid, email FROM members, member_type WHERE username=?";
$res = $sucsDB->Execute($q,array($username));
if (!$res) {
$mode='error';
$smarty->assign('error_text', "A database error occurred while trying to retrieve member details");
} else if ($res->fields['paid'] == paidUntil(time())) {
$mode='error';
$smarty->assign('error_text', 'User appears to have been renewed already?');
} else {
$smarty->assign('renew_user', $username);
$smarty->assign('renew_paid', $res->fields['paid']);
$smarty->assign('renew_type', $res->fields['typename']);
$url = "$apibaseurl/IsPersonMember?strCriteria=".$res->fields['sid']."&GroupingId=6613";
$apiReq = curl_init();
curl_setopt($apiReq, CURLOPT_URL, $url);
curl_setopt($apiReq, CURLOPT_RETURNTRANSFER, TRUE);
$apiResult = curl_exec($apiReq);
libxml_use_internal_errors(true);
$xml=simplexml_load_string($apiResult);
if (!$xml || isset($xml->head->title)) {
$mode='error';
$smarty->assign("error_text", "An error occurred communicating with the SUSU API.");
} else {
$ismember = $xml[0];
$user = posix_getpwnam($session->username);
if ($ismember!="true") {
$mode='error';
$smarty->assign('error_text', 'Member does not appear to have paid via the SU system. Use the old renewals system if they have paid using some other method');;
} else {
if (renew_member($username, $user['uid'], $user['name'])) {
message_flash("Successfully renewed");
$mode='menu';
} else {
$mode='error';
$smarty->assign('error_text', 'An error occurred renewing account '.$username);
}
}
}
}
}
} else if ($mode == 'renewals') {
//Get list of members according to the SU
$url = "$apibaseurl/GetMemberListData?GroupingId=6613";
$apiReq = curl_init();
curl_setopt($apiReq, CURLOPT_URL, $url);
curl_setopt($apiReq, CURLOPT_RETURNTRANSFER, TRUE);
$apiResult = curl_exec($apiReq);
$sumembers = su_response_decode($apiResult);
if (!$sumembers) {
$mode ='error';
$smarty->assign("error_text", "An error occurred communicating with the SUSU API.");
} else {
$matches = array();
$others=0;
$paidup=0;
foreach ($sumembers as $sumem) {
$sucsmem = get_sucs_record($sumem['uni_card_number']);
if ($sucsmem && $sucsmem['paid'] != paidUntil(time()) && $sucsmem['type']==1) {
$matches[]=array($sumem['firstName']." ".$sumem['lastName'], $sucsmem['realname'], $sumem['uni_card_number'], $sucsmem['username'], $sucsmem['paid']);
} else if ($sucsmem && $sucsmem['paid'] == paidUntil(time())) {
$others++;
$paidup++;
} else {
$others++;
}
}
$smarty->assign("matches", $matches);
$smarty->assign("others", $others);
$smarty->assign("paidup", $paidup);
$smarty->assign("pending", $others - $paidup);
}
} else if ($mode == 'renewals2') {
$failures = array();
$successes = array();
if (empty($_REQUEST['renew'])) {
$mode='error';
$smarty->assign("error_text", "Can't renew an empty list!");
} else {
foreach($_REQUEST['renew'] as $user) {
$admin_user=posix_getpwnam($session->username);
if (renew_member($user, $admin_user['uid'], $admin_user['name'])) {
$successes[]=$user;
} else {
$failures[]=$user;
}
}
$smarty->assign("attempt", count($_REQUEST['renew']));
$smarty->assign("failures", count($failures));
$smarty->assign("failusers", $failures);
$smarty->assign("successes", count($successes));
}
} else if ($mode == 'list') {
//Get list of members according to the SU
$url="$apibaseurl/GetMemberListData?GroupingId=6613";
$apiReq = curl_init();
curl_setopt($apiReq, CURLOPT_URL, $url);
curl_setopt($apiReq, CURLOPT_RETURNTRANSFER, TRUE);
$apiResult = curl_exec($apiReq);
$sumembers = su_response_decode($apiResult);
if (!$sumembers) {
$mode='error';
$smarty->assign("error_text", "An error occurred communicating with the SUSU API.");
} else {
$matches = array();
foreach ($sumembers as $sumem) {
$sucsmem = get_sucs_record($sumem['uni_card_number']);
if ($sucsmem) {
$matches[]=array($sumem['firstName']." ".$sumem['lastName'], $sucsmem['realname'], $sumem['uni_card_number'], $sucsmem['username'], $sucsmem['paid']);
} else {
$matches[]=array($sumem['firstName']." ".$sumem['lastName'], "N/A", $sumem['uni_card_number'], "N/A", "Not signed up");
}
}
function sortbypaid($a, $b) {
//Lets us array sort by final column ('Paid')
return ($a[4] < $b[4]) ? -1 : 1;
}
usort($matches, 'sortbypaid');
$smarty->assign("matches", $matches);
}
}
$smarty->assign('renewables', get_renewable_members());
} }
...@@ -301,73 +150,46 @@ $body = $smarty->fetch("susignup-admin.tpl"); ...@@ -301,73 +150,46 @@ $body = $smarty->fetch("susignup-admin.tpl");
$smarty->assign('body', $body); $smarty->assign('body', $body);
$smarty->assign("extra_styles", array("$baseurl/css/susignup-admin.css")); $smarty->assign("extra_styles", array("$baseurl/css/susignup-admin.css"));
function su_response_decode($text) { function get_sucs_record($sid)
global $smarty; {
libxml_use_internal_errors(true); global $sucsDB;
$xml=simplexml_load_string($text);
if (!$xml || isset($xml->head->title)) {
return false;
} else {
return json_decode($xml[0],TRUE);
}
}
function get_sucs_record($sid) { $query = "SELECT * FROM members WHERE sid=?;";
global $sucsDB; $res = $sucsDB->Execute($query, array($sid));
if (!$res || $res->RecordCount() <> 1) {
$query = "SELECT * FROM members WHERE sid=?;"; return FALSE;
$res = $sucsDB->Execute($query, array($sid)); }
if (!$res || $res->RecordCount()<>1) { return $res->FetchRow();
return FALSE;
}
return $res->FetchRow();
} }
function get_renewable_members() { function get_renewable_members()
global $sucsDB; {
$q = "SELECT username, username||' ('||realname||')' AS display FROM members, member_type WHERE paid != ? AND type=1 AND type=member_type.id ORDER BY paid;"; global $sucsDB;
$r = $sucsDB->Execute($q, array(paidUntil(time()))); $q = "SELECT username, username||' ('||realname||')' AS display FROM members, member_type WHERE paid != ? AND type=1 AND type=member_type.id ORDER BY paid;";
if(!$r) { $r = $sucsDB->Execute($q, array(paidUntil(time())));
return FALSE; if (!$r) {
} return FALSE;
$retvals = array(); }
while ($rec=$r->FetchRow()) { $retvals = array();
$retvals[$rec['username']]=$rec['display']; while ($rec = $r->FetchRow()) {
} $retvals[$rec['username']] = $rec['display'];
return $retvals; }
return $retvals;
} }
function renew_member($renew_name, $admin_uid, $admin_name) { function admin_renew_member($renew_name, $admin_name)
global $sucsDB; {
global $sucsDB;
$q="UPDATE members SET paid=?, lastupdate=DEFAULT, lastedit=? WHERE username=?;"; renew_membership($renew_name);
$r=$sucsDB->Execute($q, array(paidUntil(time()), $admin_uid, $renew_name)); $q = "SELECT email, typename FROM members, member_type WHERE username=? AND type=member_type.id;";
if (!$r) { $r = $sucsDB->Execute($q, array($renew_name));
print $sucsDB->ErrorMsg(); $message = "Account Renewal notification\n\n";
return FALSE; $message .= "Account : " . $renew_name . "\n";
} else { $message .= "User Type : " . $r->fields['typename'] . "\n";
$q="SELECT email, typename FROM members, member_type WHERE username=? AND type=member_type.id;"; $message .= "Renewed by: " . $admin_name . "\n\n";
$r=$sucsDB->Execute($q, array($renew_name)); $message .= "**** Payment was made via the SU payments system ****\n";
$message .= "Regards\n The SU Renewals script";
$message = "Account Renewal notification\n\n"; mail("exec@sucs.org", "Account Renewal", $message);
$message .= "Account : ".$renew_name."\n"; return TRUE;
$message .= "User Type : ".$r->fields['typename']."\n";
$message .= "Renewed by: ".$admin_name."\n\n";
$message .= "**** Payment was made via the SU payments system ****\n";
$message .= "Regards\n The SU Renewals script";
mail("treasurer@sucs.org","Account Renewal",$message);
$message = "Your Swansea University Computer Society (SUCS) membership has been renewed\n\n";
$message .= "Username: ".$renew_name."\n";
$message .= "If you do not know or have forgotten your password, please email admin@sucs.org to arrange for it to be changed.\n\n";
$message .= "Regards\n The SUCS admin";
$header = "From: admin@sucs.org\r\n";
$header .= "Reply-To: admin@sucs.org";
// Personal account
mail($r->fields['email'],"SUCS account renewal",$message,$header);
// sucs account
mail($renew_name."@sucs.org","SUCS account renewal",$message,$header);
return TRUE;
}
} }
components/susignup.php
View file @ e9d41fb4
<?php <?php
//unique society identifier // gib errars plox
$GroupingID = "6613"; //error_reporting(E_ALL);
//ini_set('display_errors', 1);
// this is the php for sucs.org/susignup
// Include shit we need. like the renew_membership fucntion
include "../lib/member_functions.php"; include "../lib/member_functions.php";
include "../lib/date.php"; include "../lib/date.php";
include "../suapi.inc.php";
$error_email = "admin@sucs.org";
$mode = 'login';
//login
if(!empty($_REQUEST['sid'])&&!empty($_REQUEST['transactionID'])){
//set signup details
$sid = $_REQUEST['sid'];
$transactionID = $_REQUEST['transactionID'];
//set POST variables
$url = "https://$suapi_user:$suapi_pass@su-api.sucs.org/memberships/Membership.asmx/GetMemberByTransactionID";
$fields = array(
'transactionID'=>urlencode($transactionID),
'GroupingID'=>urlencode($GroupingID),
);
//url-ify the data for the POST
$field_string = "";
foreach($fields as $key=>$value) { $fields_string .= $key.'='.$value.'&'; }
rtrim($fields_string,'&');
//open connection
$ch = curl_init();
//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_POST,count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS,$fields_string);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,TRUE);
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
if(!$result){
$mode = "error";
$smarty->assign("error_text", "Invalid query returned");
} else {
libxml_use_internal_errors(true);
$xml=simplexml_load_string($result);
if (!$xml||isset($xml->head->title)) {
$mode='error';
$smarty->assign("error_text", "An error occurred communicating with the SUSU API");
} else{
$re1='.*?';
$re2='(\\{.*?\\})';
if ($c=preg_match_all ("/".$re1.$re2."/is", $result, $matches))
{
$json_string=$matches[1][0];
} else{
$mode = "error";
}
$array = json_decode($json_string,TRUE);
if($array['cardNumber'] == $sid && $sid != ""){
$mode = 'form';
// connect to sucs database
$sucsDB = NewADOConnection('postgres8');
// SET THIS FOR DEBUG MODE
// $sucsDB->debug = true;
// SET THIS TO YOUR DB FOR TESTING
$sucsDB->Connect('dbname=sucs user=apache');
$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC);
$fullName = $array['firstName']." ".$array['lastName'];
$query = "INSERT INTO transactions (transactionID,fullName,emailAddress,cardNumber,personID) values(?, ?, ?, ?, ?)";
$attribs[] = $transactionID;
$attribs[] = $fullName;
$attribs[] = $array['emailAddress'];
$attribs[] = $array['cardNumber'];
$attribs[] = $array['personID'];
$valid = true; // include the suapiv2 stuff like check_su_sid_and_trans()
if(!$sucsDB->Execute($query,$attribs)) { include "../lib/suapiv2.php";
// We did this because Adodb ErrorNo command is broken
$query = "SELECT * FROM transactions WHERE transactionID = ?";
unset($attribs);
$attribs[]=$transactionID;
if($sucsDB->Execute($query,$attribs)) {
$query = "SELECT * FROM transactions WHERE transactionID = ?";
$attribs= array();
$attribs[]=$transactionID;
$data = $sucsDB->GetAll($query,$attribs);
if(is_array($data)&&sizeof($data)==1&&$data[0]['signupid']==NULL){
// As it stands this shouldn't happen but if it does, no reason not to let them carry on
$valid = true;
} elseif(is_array($data)&&sizeof($data)==1&&$data[0]['signupid']!=NULL) {
$query = "SELECT * FROM signup WHERE sid = ?";
unset($attribs);
$attribs[]=$sid;
$data = $sucsDB->Execute($query, $attribs);
if(!$data) {
mail(
$error_email,
"SUSignup Error",
"An error occured in the susignup system at stage 0\n Love the signup system.\n\nP.S. The Error is:\n ".$sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$valid=false;
} else if($data->fields['username']!=NULL){
$smarty->assign("username", $data->fields['username']);
$mode='numpty2';
// This happens if they already ahve a SUCS account and are trying to create a new signupid
$valid = false;
} else {
$smarty->assign("id", $data->fields['id']);
$smarty->assign("pass", $data->fields['password']);
$mode='numpty';
// If this happens they tried to get a new signupid/pass after already getting one, and should get weekly reminders about it
$valid = false;
}
} else {
$mode="error";
mail(
$error_email,
"SUSignup Error",
"An error occured in the susignup system at stage 1\n Love the signup system.\n\nP.S. The Error is:\n ".$sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$valid = false; // since the rewrite by ~imranh this no longer sends out emails
} // feel free to add it
// Where do errors go?
} else { $error_email = "admin@sucs.org";
$mode="error";
mail(
$error_email,
"SUSignup Error",
"An error occured in the susignup system at stage 2\n Love the signup system.\n\nP.S. The Error is:\n ".$sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
$valid = false;
}
}
if($valid)
{
unset($attribs);
unset($query);
$query = "SELECT * FROM members WHERE sid = ?";
$attribs[] = $sid;
unset($data);
$data = $sucsDB->Execute($query, $attribs);
if (!$data) {
$mode = "error";
$smarty->assign("error_text", "Error in internal database check");
} elseif ($data->RecordCount()==1) {
$mode = "renew";
$q="UPDATE members SET paid=?, lastupdate=DEFAULT, lastedit=? WHERE username=?;";
$r=$sucsDB->Execute($q, array(paidUntil(time()), '99999', $data->fields['username']));
if (!$r) {
mail(
$error_email,
"SUSignup Error",
"An error occured in the susignup system at stage 2.5\n Love the signup system.\n\nP.S. The Error is:\n ".$sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
} else { // By default display a page asking for sid and transid
$q="SELECT email, typename FROM members, member_type WHERE username=? AND type=member_type.id;"; // this is called "login"
$r=$sucsDB->Execute($q, array($data->fields['username'])); $mode = 'login';
$message = "Account Renewal notification\n\n"; // if somone has post'd data to the page then do shit
$message .= "Account : ".$data->fields['username']."\n"; if (!empty($_REQUEST['sid']) && !empty($_REQUEST['transactionID'])) {
$message .= "User Type : ".$r->fields['typename']."\n";
$message .= "Renewed by: ".$data->fields['username'].".\n\n"; // stick the post'd data in a variable we can call easily
$message .= "**** Payment was made via the SU payments system ****\n"; $sid = $_REQUEST['sid'];
$message .= "Regards\n The SU Renewals script"; $transactionID = $_REQUEST['transactionID'];
mail("treasurer@sucs.org","Account Renewal",$message);
// check if the data posted is valid
$message = "Your Swansea University Computer Society (SUCS) membership has been renewed\n\n"; if (check_su_sid_and_trans($sid, $transactionID)) {
$message .= "Username: ".$renew_name."\n";
$message .= "If you do not know or have forgotten your password, please email admin@sucs.org to arrange for it to be changed.\n\n"; // probe the db for some info thatwe want to use in the if statements below
$message .= "Regards\n The SUCS admin"; $tmpresult = $sucsDB->Execute("SELECT * FROM members WHERE sid=?", array($sid));
$header = "From: admin@sucs.org\r\n"; $signuptmpresult = $sucsDB->Execute("SELECT * FROM signup WHERE sid=?", array($sid));
$header .= "Reply-To: admin@sucs.org";
// Personal account // check to see if they are already a valid and paid member
mail($r->fields['email'],"SUCS account renewal",$message,$header); if ($tmpresult->fields["sid"] == $sid && $tmpresult->fields["paid"] == paidUntil(time())) {
// sucs account // let them know they are already signed up and renewed
mail($data->fields['username']."@sucs.org","SUCS account renewal",$message,$header); message_flash("You are a numpty and have already signed up and paid for this year.");
unset($query); // else if check to see if they have signedup and paid for the new year but haven't renewed
unset($attribs); } else if ($tmpresult->fields["sid"] == $sid && $tmpresult->fields["paid"] != paidUntil(time())) {
$query = "UPDATE transactions set signupid=? WHERE transactionID=?"; // renew them!
$attribs[]="000"; renew_membership($tmpresult->fields["username"]);
$attribs[]=$transactionID; // let them know that their account has been renewed
$data = $sucsDB->Execute($query,$attribs); message_flash("Your SUCS account has been renewed.");
if (!$data) { // else if they aren't in the SUCS DB but have a signup slip, take them back to that part of signup
$mode="error"; } else if ($tmpresult->fields == false && $signuptmpresult->fields["sid"] == $sid && $signuptmpresult->fields["activated"] == NULL) {
mail( $mode = "form";
$error_email, $smarty->assign("id", $signuptmpresult->fields["id"]);
"SUSignup Error", $smarty->assign("pass", $signuptmpresult->fields["password"]);
"An error occured in the susignup system at stage 2.6\n Love the signup system.\n\nP.S. The Error is:\n ".$sucsDB->ErrorMsg(), $smarty->assign("sid", $signuptmpresult->fields["sid"]);
"From: \"SUCS Admin\" <admin@sucs.org>" // else if they aren't in the SUCS DB, then bootstrap signup process
); } else if ($tmpresult->fields == false) {
} $mode = "form";
} $pass = make_password();
} else { $iddata = $sucsDB->Execute("insert into signup (password,sid,issuedby) values( ?, ?, ?) returning id", array($pass, $sid, "99999"));
$pass = make_password(); $id = $iddata->fields['id'];
unset($query); $smarty->assign("id", $id);
$query = "insert into signup (password,sid,issuedby) values( ?, ?, ?) returning id"; $smarty->assign("pass", $pass);
unset($attribs); $smarty->assign("sid", $sid);
$attribs[]=addslashes($pass); } else {
$attribs[]=$array['cardNumber']; // they should never get here
$attribs[]='99999'; die("You'll see this if there has been a database error. Someone probably knows and is trying to fix it. Sorry.");
}
$iddata = $sucsDB->Execute($query,$attribs); } else {
$id = $iddata->fields['id']; trigger_error("That Student Number and Transaction ID combo are invalid.", E_USER_ERROR);
if (!$iddata) { }
$mode="error";
mail(
$error_email,
"SUSignup Error",
"An error occured in the susignup system at stage 3\n Love the signup system.\n\nP.S. The Error is:\n ".$sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
} else {
$query = "update transactions set signupid=? WHERE transactionID=?";
unset($attribs);
$attribs[]=$id;
$attribs[]=$transactionID;
if(!$sucsDB->Execute($query,$attribs)) {
$mode="error";
mail(
$error_email,
"SUSignup Error",
"An error occured in the susignup system at stage 4\n Love the signup system.\n\nP.S. The Error is:\n ".$sucsDB->ErrorMsg(),
"From: \"SUCS Admin\" <admin@sucs.org>"
);
print($sucsDB->ErrorMsg());
} else {
$smarty->assign("id", $id);
$smarty->assign("pass", $pass);
mail(
$array['emailAddress'].','.$sid.'@swansea.ac.uk',
"SUCS Signup Information",
"Thankyou for joining Swansea University Computer Society, your signup details are below;\nSignupID: $id\nSignup Password: $pass\nIf you have successfully completed signup immediately then you can disregard this message.\n\nSUCS Admin Team.",
"From: \"SUCS Admin\" <admin@sucs.org>"
);
}
}
}
}
}
}
}
} }
$smarty->assign("mode", $mode); $smarty->assign("mode", $mode);
$output = $smarty->fetch("susignup.tpl"); $output = $smarty->fetch("susignup.tpl");
......
components/uri.php
View file @ e9d41fb4
<?php <?php
$uritable="shorturi"; $uritable = "shorturi";
$chrs = array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S' ,'T', 'U', 'V', 'W', 'X', 'Y', 'Z'); $chrs = array('0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z');
$output = ""; $output = "";
function int_to_alph($int, $chrs) { function int_to_alph($int, $chrs)
$int = (int) $int; {
$base = (int) sizeof($chrs); $int = (int)$int;
$alph = ""; $base = (int)sizeof($chrs);
do { $alph = "";
$alph = $chrs[($int % $base)] . $alph; do {
} while($int = intval($int / $base)); $alph = $chrs[($int % $base)] . $alph;
return $alph; } while ($int = intval($int / $base));
return $alph;
} }
function alph_to_int($alph, $chrs) { function alph_to_int($alph, $chrs)
$base = sizeof($chrs); {
for($i = 0, $int = 0; $i < strlen($alph); $i++) { $base = sizeof($chrs);
$int += intval(array_search(substr($alph, strlen($alph) - $i - 1, 1), $chrs)) * pow($base, $i); for ($i = 0, $int = 0; $i < strlen($alph); $i++) {
} $int += intval(array_search(substr($alph, strlen($alph) - $i - 1, 1), $chrs)) * pow($base, $i);
return (int) $int; }
return (int)$int;
} }
if (isset($pathlist[3])) { if (isset($pathlist[3])) {
$url=$DB->GetOne("select url from $uritable where id='".alph_to_int($pathlist[3], $chrs)."'"); $url = $DB->GetOne("select url from $uritable where id='" . alph_to_int($pathlist[3], $chrs) . "'");
if ($url) { if ($url) {
header('Location: '.$url); header('Location: ' . $url);
} else { } else {
echo "URL not found"; echo "URL not found";
} }
} else { } else {
if ($session->loggedin) { if ($session->loggedin) {
if (@$_REQUEST['action']) { if (@$_REQUEST['action']) {
$shorturi=$DB->GetOne("select id from $uritable where url=?", array(@$_REQUEST['uri'])); $shorturi = $DB->GetOne("select id from $uritable where url=?", array(@$_REQUEST['uri']));
if (!$shorturi) { if (!$shorturi) {
$headers=get_headers($_REQUEST['uri'], 1); $headers = get_headers($_REQUEST['uri'], 1);
if ($headers) { if ($headers) {
if (preg_match("/ 4/", $headers[0])) { if (preg_match("/ 4/", $headers[0])) {
trigger_error("HTTP 4xx error detected - not creating ShortURI", E_USER_WARNING); trigger_error("HTTP 4xx error detected - not creating ShortURI", E_USER_WARNING);
} else { } else {
$record['url'] = @$_REQUEST['uri']; $record['url'] = @$_REQUEST['uri'];
$record['creator'] = $session->username; $record['creator'] = $session->username;
$record['created'] = "now"; $record['created'] = "now";
$DB->AutoExecute($uritable, $record, 'INSERT'); $DB->AutoExecute($uritable, $record, 'INSERT');
$shorturi=$DB->GetOne("select id from $uritable where url=?", array(@$_REQUEST['uri'])); $shorturi = $DB->GetOne("select id from $uritable where url=?", array(@$_REQUEST['uri']));
} }
} else { } else {
trigger_error("URI supplied is not valid", E_USER_WARNING); trigger_error("URI supplied is not valid", E_USER_WARNING);
} }
} }
if ($shorturi>0) $smarty->assign("uri", "http://".$_SERVER['SERVER_NAME']."/uri/".int_to_alph($shorturi, $chrs)); if ($shorturi > 0) $smarty->assign("uri", "http://" . $_SERVER['SERVER_NAME'] . "/uri/" . int_to_alph($shorturi, $chrs));
} }
} else { } else {
trigger_error("You are not logged in", E_USER_WARNING); trigger_error("You are not logged in", E_USER_WARNING);
} }
} }
$output = $smarty->fetch('uri.tpl'); $output = $smarty->fetch('uri.tpl');
......
database.sql
View file @ e9d41fb4
Source diff could not be displayed: it is too large. Options to address this: view the blob.
db_changes/sucssite-0.3.sql deleted 100644 → 0
View file @ 1047ded3
DELETE FROM session;
ALTER TABLE session DROP COLUMN time;
ALTER TABLE session ADD COLUMN logintime timestamp(0) without time zone;
ALTER TABLE session ADD COLUMN lastseen timestamp(0) without time zone;
DELETE FROM menu WHERE title='Bananas';
htdocs/3step.html 0 → 100644
View file @ e9d41fb4
<!DOCTYPE html>
<html lang="en">
<head>
<title>SUCS 3 Step Signup</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
<link rel="stylesheet" href="plaster-files/css/3step.css">
<script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js" integrity="sha384-UO2eT0CpHqdSJQ6hJty5KVphtPhzWj9WO1clHTMGa3JDZwrnQq4sF86dIHNDz0W1" crossorigin="anonymous"></script>
<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous"></script>
</head>
<body>
<div class="jumbotron jumbotron-fluid text-center">
<!--h1>Swansea University Computer Society</h1-->
<img src="https://sucs.org/~imranh/img/sucslogo_trans_white.png"/>
<!--p>1. Pay, 2. Create, 3. Enjoy</p-->
</div>
<div class="container text-center">
<div class="row d-flex justify-content-center">
<div class="col-8">
<div class="card mb-4">
<div class="card-body">
<h4 class="card-title">💳</h4>
<p class="card-text">1. Pay for membership</p>
<a href="https://sucs.org/join" target="_blank" rel="noopener noreferrer" class="btn btn-primary">Pay Online</a>
</div>
</div>
</div>
</div>
<div class="row d-flex justify-content-center">
<div class="col-8">
<div class="card mb-4">
<div class="card-body">
<h5 class="card-title">👤</h5>
<p class="card-text">2. Create your username</p>
<a href="https://sucs.org/susignup" target="_blank" rel="noopener noreferrer" class="btn btn-primary">Create Username</a>
</div>
</div>
</div>
</div>
<div class="row d-flex justify-content-center">
<div class="col-8">
<div class="card mb-4">
<div class="card-body">
<h5 class="card-title">💬</h5>
<p class="card-text">3. Join the conversation</p>
<a href="https://chat.sucs.org" target="_blank" rel="noopener noreferrer" class="btn btn-primary">Join Discord</a>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
\ No newline at end of file
htdocs/crossdomain.xml 0 → 100644
View file @ e9d41fb4
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="sucs.org" />
<allow-access-from domain="www.sucs.org" />
<allow-access-from domain="www.swansea-union.co.uk" />
<allow-access-from domain="swansea-union.co.uk" />
<allow-access-from domain="stream.sucs.org" />
<allow-access-from domain="www.fomore.com" />
</cross-domain-policy>
htdocs/css/blog.css
View file @ e9d41fb4
.archivelink { .archivelink {
text-align: right; text-align: right;
} }
ul.blognav { ul.blognav {
text-align: left; text-align: left;
float: left; float: left;
width: 100%; width: 100%;
list-style-type: none; list-style-type: none;
margin: 0; margin: 0;
padding: 0; padding: 0;
} }
li.prev { li.prev {
float: left; float: left;
} }
li.next { li.next {
float: right; float: right;
} }
.errorinfo { .errorinfo {
color: red; color: red;
} }
#spinner { #spinner {
visibility: hidden; visibility: hidden;
margin-left: 4px; margin-left: 4px;
margin-right: 4px; margin-right: 4px;
} }
htdocs/css/box.css
View file @ e9d41fb4
...@@ -2,95 +2,103 @@ ...@@ -2,95 +2,103 @@
================================================*/ ================================================*/
/* Default styling. Used when JavaScript is unsupported */ /* Default styling. Used when JavaScript is unsupported */
.cbb { .cbb {
padding: 5px 10px; padding: 5px 10px;
margin:1em 0; margin: 1em 0;
margin-left: 0.5em; margin-left: 0.5em;
margin-right: 0.5em; margin-right: 0.5em;
background:#e76808; background: #e76808;
font-size: 85%; font-size: 85%;
} }
.cbb h1 { .cbb h1 {
margin:0 -10px; margin: 0 -10px;
padding:0.3em 10px; padding: 0.3em 10px;
background:#efece6; background: #efece6;
font:bold 1.2em Arial, Helvetica, sans-serif; font: bold 1.2em Arial, Helvetica, sans-serif;
} }
div.cbb img.emblem, div.cb img.emblem { div.cbb img.emblem, div.cb img.emblem {
float: right; float: right;
position: relative; position: relative;
top: -1.5em; top: -1.5em;
} }
/* Insert the custom corners and borders for browsers with sufficient JavaScript support */ /* Insert the custom corners and borders for browsers with sufficient JavaScript support */
/* Two of the boxes are floated just for this demo. Adjust to your needs. */ /* Two of the boxes are floated just for this demo. Adjust to your needs. */
.cb { .cb {
margin:0.5em 0; margin: 0.5em 0;
font-size: 85%; font-size: 85%;
} }
.two { .two {
width:45%; width: 45%;
float:left; float: left;
} }
.three { .three {
width:45%; width: 45%;
float:right; float: right;
} }
/* Rules for the top corners and border */ /* Rules for the top corners and border */
.bt { .bt {
background:url('/images/box.png') no-repeat 100% 0; background: url('/images/box.png') no-repeat 100% 0;
margin:0 0 0 19px; margin: 0 0 0 19px;
height:18px; height: 18px;
} }
.bt div { .bt div {
height:18px; height: 18px;
width:19px; width: 19px;
position:relative; position: relative;
left:-19px; left: -19px;
background:url('/images/box.png') no-repeat 0 0; background: url('/images/box.png') no-repeat 0 0;
} }
/* Rules for the bottom corners and border */ /* Rules for the bottom corners and border */
.bb { .bb {
background:url('/images/box.png') no-repeat 100% 100%; background: url('/images/box.png') no-repeat 100% 100%;
margin:0 0 0 19px; margin: 0 0 0 19px;
height:18px; height: 18px;
} }
.bb div { .bb div {
height:18px; height: 18px;
width:19px; width: 19px;
position:relative; position: relative;
left:-19px; left: -19px;
background:url('/images/box.png') no-repeat 0 100%; background: url('/images/box.png') no-repeat 0 100%;
} }
/* Insert the left border */ /* Insert the left border */
.i1 { .i1 {
padding:0 0 0 12px; padding: 0 0 0 12px;
background:url('/images/borders.png') repeat-y 0 0; background: url('/images/borders.png') repeat-y 0 0;
height: 100%; height: 100%;
} }
/* Insert the right border */ /* Insert the right border */
.i2 { .i2 {
padding:0 12px 0 0; padding: 0 12px 0 0;
background:url('/images/borders.png') repeat-y 100% 0; background: url('/images/borders.png') repeat-y 100% 0;
} }
/* Wrapper for the content. Use it to set the background colour and insert some padding between the borders and the content. */ /* Wrapper for the content. Use it to set the background colour and insert some padding between the borders and the content. */
.i3 { .i3 {
background:#e76808; background: #e76808;
border:1px solid #e76808; border: 1px solid #e76808;
border-width:1px 0; border-width: 1px 0;
padding:0 10px; padding: 0 10px;
} }
.cbb h3, .cb h3 { .cbb h3, .cb h3 {
margin: 0; margin: 0;
color: #ffc62b; color: #ffc62b;
} }
.cbb p, .cb p, .cbb ul, .cb ul { .cbb p, .cb p, .cbb ul, .cb ul {
margin: 0; margin: 0;
} }
/* -------------------------------------------------- /* --------------------------------------------------
...@@ -98,15 +106,15 @@ div.cbb img.emblem, div.cb img.emblem { ...@@ -98,15 +106,15 @@ div.cbb img.emblem, div.cb img.emblem {
-------------------------------------------------- */ -------------------------------------------------- */
.cb a:link, .cbb a:link { .cb a:link, .cbb a:link {
color: #ffc62b; color: #ffc62b;
} }
.cb a:visited, .cbb a:visited { .cb a:visited, .cbb a:visited {
color: #a52f0f; color: #a52f0f;
} }
.cb a:active, .cbb a:active { .cb a:active, .cbb a:active {
color: #ffffff; color: #ffffff;
} }
.cb a:hover, .cbb a:hover { .cb a:hover, .cbb a:hover {
......