Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • osian/sucs-site
  • kais58/sucs-site
  • imranh/sucs-site
  • foshjedi2004/sucs-site
  • gigosaurus/sucs-site
  • matstn/sucs-site
  • ripp_/sucs-site
  • eggnog/sucs-site
  • sucssite/sucs-site
  • elbows/sucs-site
  • realitykiller/sucs-site
  • crox/sucs-site
  • vectre/sucs-site
  • welshbyte/sucs-site
  • paperclipman/sucs-site
15 results
Show changes
Hide whitespace changes
Inline Side-by-side
Showing
with 1718 additions and 1723 deletions
components/games.php
View file @ e9d41fb4
......@@ -9,5 +9,5 @@ $smarty->assign("title", "Games");
$smarty->assign("body", $output);
$output = file_get_contents("../static/fragments/Games-secondary.txt");
$smarty->assign("secondary",$output);
$smarty->assign("secondary", $output);
?>
components/id.php
View file @ e9d41fb4
<?
$out = exec("/usr/bin/id");
$smarty->assign("body",$out);
<?php
$out = exec("/usr/bin/id");
$smarty->assign("body", $out);
?>
components/junk.php
View file @ e9d41fb4
......@@ -4,196 +4,187 @@
$mode = "list";
$admin = false;
$admin_group="sucsstaff";
$admin_group = "sucsstaff";
// who's notified of items being requested?
$junk_contact="admin@sucs.org";
$junk_contact = "admin@sucs.org";
$admin = isset($session->groups[$admin_group]);
// If you're an admin and the path ends in Edit/ then a number put it into edit mode
// create canedit rules
$canedit=isset($pathlist[($component[depth]/2)+1]);
$canedit=$canedit && isset($pathlist[($component[depth]/2)+2]);
$canedit=$canedit && $pathlist[($component[depth]/2)+1]=='Edit';
$canedit=$canedit && is_numeric($pathlist[($component[depth]/2)+2]);
$canedit=$canedit && $admin;
$canedit = isset($pathlist[($component[depth] / 2) + 1]);
$canedit = $canedit && isset($pathlist[($component[depth] / 2) + 2]);
$canedit = $canedit && $pathlist[($component[depth] / 2) + 1] == 'Edit';
$canedit = $canedit && is_numeric($pathlist[($component[depth] / 2) + 2]);
$canedit = $canedit && $admin;
// Apply canedit rules
if ($canedit){
$id = $pathlist[($component[depth]/2)+2];
$items = $DB->GetAll("SELECT id, title, category, description, donated_by, status FROM inventory WHERE id=? AND requested_by IS NULL",$id);
if(sizeof($items) === 1){
$item = $items[0];
$smarty->assign("item", $item);
$mode = "edit";
}
if ($canedit) {
$id = $pathlist[($component[depth] / 2) + 2];
$items = $DB->GetAll("SELECT id, title, category, description, donated_by, status FROM inventory WHERE id=? AND requested_by IS NULL", $id);
if (sizeof($items) === 1) {
$item = $items[0];
$smarty->assign("item", $item);
$mode = "edit";
}
}
// If you're an admin and the path ends in Add put it into add mode
// create canadd rules
$canadd=isset($pathlist[($component[depth]/2)+1]);
$canadd=$canadd && $pathlist[($component[depth]/2)+1]=='Add';
$canadd=$canadd && $admin;
$canadd = isset($pathlist[($component[depth] / 2) + 1]);
$canadd = $canadd && $pathlist[($component[depth] / 2) + 1] == 'Add';
$canadd = $canadd && $admin;
// Apply canadd rules
if ($canadd){$mode = "add";}
if ($canadd) {
$mode = "add";
}
// Process actions before retrieving the data
// List request data
if ($session->loggedin && isset($_REQUEST['action'])) {
// Junk Requests
if ($_REQUEST['action'] == "Request") {
// Request Item if its available
$query = "UPDATE inventory SET requested_by=?, requested_on=now() WHERE id=? AND requested_by IS NULL";
$DB->Query($query, array($session->username, $_REQUEST['item']));
// mail someone so we know that this has been requested
$iteminfo = $DB->GetRow("SELECT title, description FROM inventory WHERE id=?", array($_REQUEST['item']));
$msgbody = "User {$session->username} has requested the junk item:\n\n";
$msgbody .= "{$iteminfo['title']}: {$iteminfo['description']}\n\n";
$msgbody .= "Please ensure this is taken away and never brought back.";
mail($junk_contact,"Junk item requested",$msgbody);
// Junk Requests
if ($_REQUEST['action'] == "Request") {
// Request Item if its available
$query = "UPDATE inventory SET requested_by=?, requested_on=now() WHERE id=? AND requested_by IS NULL";
$DB->Query($query, array($session->username, $_REQUEST['item']));
// mail someone so we know that this has been requested
$iteminfo = $DB->GetRow("SELECT title, description FROM inventory WHERE id=?", array($_REQUEST['item']));
$msgbody = "User {$session->username} has requested the junk item:\n\n";
$msgbody .= "{$iteminfo['title']}: {$iteminfo['description']}\n\n";
$msgbody .= "Please ensure this is taken away and never brought back.";
mail($junk_contact, "Junk item requested", $msgbody);
} elseif ($_REQUEST['action'] == "Un-Request") {
// Un-Request Item
if ($admin) {
// if you're admin just do it
$query = "UPDATE inventory SET requested_by=null, requested_on=null WHERE id=?";
$array = array($_REQUEST['item']);
} else {
// if not admin check if you requested it first
$query = "UPDATE inventory SET requested_by=null, requested_on=null WHERE id=? AND requested_by=?";
$array = array($_REQUEST['item'], $session->username);
}
$DB->Query($query, $array);
} elseif ($_REQUEST['action'] == "Take" && $admin) {
// Take item, if you're admin
$query = "UPDATE inventory SET taken_on=now() WHERE id=? AND requested_by IS NOT NULL";
$DB->Query($query, $_REQUEST['item']);
} elseif ($_REQUEST['action'] == "Remove" && $admin) {
// Remove item, if you're admin
$query = "DELETE FROM inventory WHERE id=?";
if ($DB->Query($query, $_REQUEST['item'])) {
message_flash("Item removed");
} else {
trigger_error("Failed to remove item");
}
elseif ($_REQUEST['action'] == "Un-Request") {
// Un-Request Item
if ($admin){
// if you're admin just do it
$query = "UPDATE inventory SET requested_by=null, requested_on=null WHERE id=?";
$array = array($_REQUEST['item']);
}
else{
// if not admin check if you requested it first
$query = "UPDATE inventory SET requested_by=null, requested_on=null WHERE id=? AND requested_by=?";
$array = array($_REQUEST['item'], $session->username);
}
$DB->Query($query, $array);
}
elseif ($_REQUEST['action'] == "Take" && $admin){
// Take item, if you're admin
$query = "UPDATE inventory SET taken_on=now() WHERE id=? AND requested_by IS NOT NULL";
$DB->Query($query, $_REQUEST['item']);
}
elseif ($_REQUEST['action'] == "Remove" && $admin){
// Remove item, if you're admin
$query = "DELETE FROM inventory WHERE id=?";
if ($DB->Query($query, $_REQUEST['item'])) {
message_flash("Item removed");
} else {
trigger_error("Failed to remove item");
}
}
elseif ($_REQUEST['action'] == "Not Junk" && $admin){
// Mark item as not junk if it's not been requested and you're admin
$query = "UPDATE inventory SET status='unknown' WHERE id=? AND requested_by IS NULL";
$DB->Query($query, $_REQUEST['item']);
}
elseif ($_REQUEST['action'] =="Junk" && $admin){
// Mark item as junk, if you're admin
$query = "UPDATE inventory SET status='junk' WHERE id=?";
$DB->Query($query, $_REQUEST['item']);
}
} elseif ($_REQUEST['action'] == "Not Junk" && $admin) {
// Mark item as not junk if it's not been requested and you're admin
$query = "UPDATE inventory SET status='unknown' WHERE id=? AND requested_by IS NULL";
$DB->Query($query, $_REQUEST['item']);
} elseif ($_REQUEST['action'] == "Junk" && $admin) {
// Mark item as junk, if you're admin
$query = "UPDATE inventory SET status='junk' WHERE id=?";
$DB->Query($query, $_REQUEST['item']);
}
}
// Update/Add item
if ($session->loggedin && $admin && (isset($_REQUEST['update']) || isset($_REQUEST['add']))) {
// try to guess which category field the user meant us to see
// ideally we'd use an html combo box, but since they don't exist...
if ($_REQUEST['categorymenu'] == "") {
$category = $_REQUEST['category'];
} else {
$category = $_REQUEST['categorymenu'];
}
// Update/Add item if title and category are filled in else error
if ($_REQUEST['title'] != "" && $category != "") {
// if the description is blank, return null
if ($_REQUEST['description'] == ""){
$description = null;
}
else{
$description = $_REQUEST['description'];
}
// if the donated_by is blank, return null
if ($_REQUEST['donated_by'] == ""){
$donated_by = null;
}
else{
$donated_by = $_REQUEST['donated_by'];
}
// run the query
if(isset($_REQUEST['update'])){
$query = "UPDATE inventory SET title=?, category=?, description=?, donated_by=?, status=? WHERE id=?";
$array = array($_REQUEST['title'], $category, $description, $donated_by, $_REQUEST['status'], $_REQUEST['id']);
if ($DB->Query($query, $array)) {
message_flash("Item Updated");
} else {
trigger_error("Item update failed :-(", E_USER_ERROR);
}
}
elseif(isset($_REQUEST['add'])){
$query = "INSERT INTO inventory (title, category, description, donated_by, status) VALUES (?, ?, ?, ?, ?)";
$array = array($_REQUEST['title'], $category, $description, $donated_by, $_REQUEST['status']);
if ($DB->Query($query, $array)) {
message_flash("Item Added");
} else {
trigger_error("Adding item failed :-( - ".$DB->ErrorMsg(), E_USER_ERROR);
}
}
}
else{
trigger_error("Required field(s) missing", E_USER_WARNING);
}
// try to guess which category field the user meant us to see
// ideally we'd use an html combo box, but since they don't exist...
if ($_REQUEST['categorymenu'] == "") {
$category = $_REQUEST['category'];
} else {
$category = $_REQUEST['categorymenu'];
}
// Update/Add item if title and category are filled in else error
if ($_REQUEST['title'] != "" && $category != "") {
// if the description is blank, return null
if ($_REQUEST['description'] == "") {
$description = null;
} else {
$description = $_REQUEST['description'];
}
// if the donated_by is blank, return null
if ($_REQUEST['donated_by'] == "") {
$donated_by = null;
} else {
$donated_by = $_REQUEST['donated_by'];
}
// run the query
if (isset($_REQUEST['update'])) {
$query = "UPDATE inventory SET title=?, category=?, description=?, donated_by=?, status=? WHERE id=?";
$array = array($_REQUEST['title'], $category, $description, $donated_by, $_REQUEST['status'], $_REQUEST['id']);
if ($DB->Query($query, $array)) {
message_flash("Item Updated");
} else {
trigger_error("Item update failed :-(", E_USER_ERROR);
}
} elseif (isset($_REQUEST['add'])) {
$query = "INSERT INTO inventory (title, category, description, donated_by, status) VALUES (?, ?, ?, ?, ?)";
$array = array($_REQUEST['title'], $category, $description, $donated_by, $_REQUEST['status']);
if ($DB->Query($query, $array)) {
message_flash("Item Added");
} else {
trigger_error("Adding item failed :-( - " . $DB->ErrorMsg(), E_USER_ERROR);
}
}
} else {
trigger_error("Required field(s) missing", E_USER_WARNING);
}
}
// Remove old taken junk
$DB->Query("DELETE FROM inventory WHERE (taken_on + interval'7 days') < now()");
if ($mode == 'list'){
// Get junk from database, and give admin the full list
if ($admin == true){
$junk = $DB->GetAll("SELECT * FROM inventory ORDER BY category, title, id");
}
else{
$junk = $DB->GetAll("SELECT * FROM inventory WHERE status = 'junk' ORDER BY category, title, id");
}
//
// Check there is some junk
if (sizeof($junk) < 1) {
$mode = "nojunk";
} else {
// group the junk by status then by category
foreach($junk as $junkitem) {
if ($junkitem['status'] != 'junk') {
$status = "unknown";
} else if ($junkitem['requested_by'] == null) {
$status = "available";
} else if ($junkitem['taken_on'] == null) {
$status = "requested";
} else {
$status = "taken";
}
$sortedjunk[$status][$junkitem['category']][] = $junkitem;
}
$smarty->assign("junk", $sortedjunk);
}
if ($mode == 'list') {
// Get junk from database, and give admin the full list
if ($admin == true) {
$junk = $DB->GetAll("SELECT * FROM inventory ORDER BY category, title, id");
} else {
$junk = $DB->GetAll("SELECT * FROM inventory WHERE status = 'junk' ORDER BY category, title, id");
}
//
// Check there is some junk
if (sizeof($junk) < 1) {
$mode = "nojunk";
} else {
// group the junk by status then by category
foreach ($junk as $junkitem) {
if ($junkitem['status'] != 'junk') {
$status = "unknown";
} else if ($junkitem['requested_by'] == null) {
$status = "available";
} else if ($junkitem['taken_on'] == null) {
$status = "requested";
} else {
$status = "taken";
}
$sortedjunk[$status][$junkitem['category']][] = $junkitem;
}
$smarty->assign("junk", $sortedjunk);
}
} else {
$categories = $DB->GetCol("SELECT DISTINCT category FROM inventory ORDER BY category ASC");
$smarty->assign("categories", $categories);
$categories = $DB->GetCol("SELECT DISTINCT category FROM inventory ORDER BY category ASC");
$smarty->assign("categories", $categories);
}
// Generate output
$smarty->assign("statuses",array("unknown", "in use", "wanted", "junk"));
$smarty->assign("statuses", array("unknown", "in use", "wanted", "junk"));
$smarty->assign("componentpath", $baseurl . $component[path]);
$smarty->assign("mode", $mode);
$smarty->assign("admin", $admin);
$output = $smarty->fetch("junk.tpl");
$output = $smarty->fetch("junk.tpl");
$smarty->assign("title", "Junk List");
$smarty->assign("body", $output);
......
components/library.php
View file @ e9d41fb4
......@@ -9,177 +9,178 @@ $librarian_mail = "librarian@sucs.org";
// don't try to convert existing html entities
// this could be broken out someplace else
function htmlentities2($myHTML) {
$translation_table=get_html_translation_table (HTML_ENTITIES,ENT_QUOTES);
$translation_table[chr(38)] = '&';
return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/","&amp;" , strtr($myHTML, $translation_table));
function htmlentities2($myHTML)
{
$translation_table = get_html_translation_table(HTML_ENTITIES, ENT_QUOTES);
$translation_table[chr(38)] = '&';
return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/", "&amp;", strtr($myHTML, $translation_table));
}
$library_index = array_search("Library", $pathlist);
if (isset($session->groups[$permission])) {
$smarty->assign("librarian", TRUE);
$smarty->assign("librarian", TRUE);
}
// Default to browsing, empty search box, generic title
$mode = "browse";
$search = "";
$smarty->assign("title","Library");
$smarty->assign("title", "Library");
$output2 = $smarty->fetch("library-search.tpl");
$smarty->assign("secondary", $output2);
if (isset($_REQUEST['search']) && (trim($_REQUEST['search']) != "")) {
// Pass the template some search results
$mode = "search";
} elseif (isset($pathlist[$library_index +1]) && ($pathlist[$library_index + 1] == "Tags")) {
if (isset($pathlist[$library_index + 2])) {
$tag = $pathlist[$library_index + 2];
// we're displaying books with a specific tag
//The following line doesn't do what I think you think it does.
//It will return a string if the tag exists, "1" and "0" when a tag doesn't exist
$categories = $DB->GetOne("SELECT count(name) FROM bookcategories WHERE name=?", array($tag));
//debug stuff, LOOK IT'S A STRING
//var_dump($categories);
//if ($categories['count'] == 1) {
//$categories is not an aray, it's a string, yeah i know == != good_programing
if ($categories == 1) {
$mode = "tagdisplay";
$query = "SELECT b.id, b.title FROM books AS b JOIN booktags AS bt ON b.id= bt.bookid";
$query .= " JOIN bookcategories AS bc ON bc.id = bt.tag WHERE bc.name=?";
$smarty->assign("results", $DB->GetAll($query, array($tag)));
} else {
// this tag doesn't exist...
$mode = "tagerror";
}
} else {
$mode = "taglist";
$smarty->assign("tags", $DB->GetAll("SELECT name FROM bookcategories"));
}
$mode = "search";
} elseif (isset($pathlist[$library_index + 1]) && ($pathlist[$library_index + 1] == "Tags")) {
if (isset($pathlist[$library_index + 2])) {
$tag = $pathlist[$library_index + 2];
// we're displaying books with a specific tag
//The following line doesn't do what I think you think it does.
//It will return a string if the tag exists, "1" and "0" when a tag doesn't exist
$categories = $DB->GetOne("SELECT count(name) FROM bookcategories WHERE name=?", array($tag));
//debug stuff, LOOK IT'S A STRING
//var_dump($categories);
//if ($categories['count'] == 1) {
//$categories is not an aray, it's a string, yeah i know == != good_programing
if ($categories == 1) {
$mode = "tagdisplay";
$query = "SELECT b.id, b.title FROM books AS b JOIN booktags AS bt ON b.id= bt.bookid";
$query .= " JOIN bookcategories AS bc ON bc.id = bt.tag WHERE bc.name=?";
$smarty->assign("results", $DB->GetAll($query, array($tag)));
} else {
// this tag doesn't exist...
$mode = "tagerror";
}
} else {
$mode = "taglist";
$smarty->assign("tags", $DB->GetAll("SELECT name FROM bookcategories"));
}
} elseif (isset($pathlist[$library_index + 1]) && is_numeric($pathlist[$library_index + 1])) {
// We're displaying a specific book
$mode = "display";
$checkout_request = false;
$book_index = intval($pathlist[$library_index + 1]);
if (isset($session->groups[$permission])) $smarty->assign('editable', true);
$mode = "display";
$checkout_request = false;
$book_index = intval($pathlist[$library_index + 1]);
if (isset($session->groups[$permission])) $smarty->assign('editable', true);
// Check this book actually exists
$loans = $DB->GetAll("SELECT onloan FROM books WHERE id=? LIMIT 1", array($book_index));
if (sizeof($loans) != 1) {
$mode = "bookerror";
} else {
// See if we're supposed to be loaning/returning/editing/saving this book
if ($session->loggedin && isset($_REQUEST['action'])) {
if ($_REQUEST['action'] == "loan") {
if (isset($session->groups[$permission])) {
// update DB
$query = "UPDATE books SET onloan='t', loandate=now(), loanwho=? WHERE id=?";
$DB->Query($query, array($_REQUEST['member'], $book_index));
} else {
// send mail to librarians
// do this in a moment when we have more details about the book
$checkout_request = true;
}
} elseif (($_REQUEST['action'] == "return") && isset($session->groups[$permission])) {
// update DB
$DB->Query("UPDATE books SET onloan='f', loandate=NULL WHERE id=?", array($book_index));
} elseif (($_REQUEST['action'] == "edit") && isset($session->groups[$permission])) {
// we're an editor and want to edit this book
$smarty->assign("editing", true);
} elseif (($_REQUEST['action'] == "save") && isset($session->groups[$permission])) {
// save edited book
$book['title'] = $_REQUEST['title'];
$book['author'] = $_REQUEST['author'];
$book['publisher'] = $_REQUEST['publisher'];
$book['description'] = $_REQUEST['description'];
if ($DB->AutoExecute('books', $book, 'UPDATE', "id=".$DB->qstr($book_index))) {
message_flash_postponed("Book Updated!");
//redirect to prevent form resubmission
header('HTTP/1.1 303 See Other');
header("Location: $baseurl$path");
} else {
trigger_error("Error updating book: ".$DB->ErrorMsg(), E_USER_WARNING);
}
}
}
$results = $DB->GetAll("SELECT * FROM books WHERE id=? LIMIT 1", array($book_index));
$book = $results[0];
if ($checkout_request) {
// someone wants to check out this book
$msgbody = "User {$session->username} would like to take out";
$msgbody .= " {$book['title']} by {$book['author']} from the library.\n\n";
$msgbody .= "Visit https://$preferred_hostname$path to process this request.";
mail($librarian_mail, "Book Request", $msgbody);
$smarty->assign("checkout_request", true);
}
// Clean up ready for output
$book['title'] = htmlentities2($book['title']);
$book['author'] = htmlentities2($book['author']);
$book['onloan'] = ($book['onloan'] == 't') ? true : false;
if (!isset($book['description'])) {
// no book description in the database, try using Amazon data
// Extract amazon data (maybe this should be stored in separate fields in the db?)
$simple_xml = simplexml_load_string($book['amazon_data']);
$book['description'] = @$simple_xml->Items->Item->EditorialReviews->EditorialReview->Content;
if (isset($book['description'])) {
// tidy description markup
$tidy_config['doctype'] = 'omit';
$tidy_config['output-xhtml'] = true;
$tidy_config['show-body-only'] = true;
$tidy_config['logical-emphasis'] = true;
$book['description'] = tidy_repair_string($book['description'], $tidy_config);
// update db so we don't have to do this next time
$DB->Execute("UPDATE books SET description=? WHERE id=?", array($book['description'],$book['id']));
}
}
$smarty->assign("book", $book);
// Add loan interface to sidebar if we're logged in
if ($session->loggedin) {
$members = new Members;
$smarty->assign("memberlist", $members->getMemberList());
$secondary = $smarty->get_template_vars("secondary");
$secondary .= $smarty->fetch('library-loan.tpl');
$smarty->assign("secondary", $secondary);
}
// Edit the path list to make the breadcrumbs tastier
$pathlist[$library_index + 1] = $results[0]['title'];
}
$loans = $DB->GetAll("SELECT onloan FROM books WHERE id=? LIMIT 1", array($book_index));
if (sizeof($loans) != 1) {
$mode = "bookerror";
} else {
// See if we're supposed to be loaning/returning/editing/saving this book
if ($session->loggedin && isset($_REQUEST['action'])) {
if ($_REQUEST['action'] == "loan") {
if (isset($session->groups[$permission])) {
// update DB
$query = "UPDATE books SET onloan='t', loandate=now(), loanwho=? WHERE id=?";
$DB->Query($query, array($_REQUEST['member'], $book_index));
} else {
// send mail to librarians
// do this in a moment when we have more details about the book
$checkout_request = true;
}
} elseif (($_REQUEST['action'] == "return") && isset($session->groups[$permission])) {
// update DB
$DB->Query("UPDATE books SET onloan='f', loandate=NULL WHERE id=?", array($book_index));
} elseif (($_REQUEST['action'] == "edit") && isset($session->groups[$permission])) {
// we're an editor and want to edit this book
$smarty->assign("editing", true);
} elseif (($_REQUEST['action'] == "save") && isset($session->groups[$permission])) {
// save edited book
$book['title'] = $_REQUEST['title'];
$book['author'] = $_REQUEST['author'];
$book['publisher'] = $_REQUEST['publisher'];
$book['description'] = $_REQUEST['description'];
if ($DB->AutoExecute('books', $book, 'UPDATE', "id=" . $DB->qstr($book_index))) {
message_flash_postponed("Book Updated!");
//redirect to prevent form resubmission
header('HTTP/1.1 303 See Other');
header("Location: $baseurl$path");
} else {
trigger_error("Error updating book: " . $DB->ErrorMsg(), E_USER_WARNING);
}
}
}
$results = $DB->GetAll("SELECT * FROM books WHERE id=? LIMIT 1", array($book_index));
$book = $results[0];
if ($checkout_request) {
// someone wants to check out this book
$msgbody = "User {$session->username} would like to take out";
$msgbody .= " {$book['title']} by {$book['author']} from the library.\n\n";
$msgbody .= "Visit https://$preferred_hostname$path to process this request.";
mail($librarian_mail, "Book Request", $msgbody);
$smarty->assign("checkout_request", true);
}
// Clean up ready for output
$book['title'] = htmlentities2($book['title']);
$book['author'] = htmlentities2($book['author']);
$book['onloan'] = ($book['onloan'] == 't') ? true : false;
if (!isset($book['description'])) {
// no book description in the database, try using Amazon data
// Extract amazon data (maybe this should be stored in separate fields in the db?)
$simple_xml = simplexml_load_string($book['amazon_data']);
$book['description'] = @$simple_xml->Items->Item->EditorialReviews->EditorialReview->Content;
if (isset($book['description'])) {
// tidy description markup
$tidy_config['doctype'] = 'omit';
$tidy_config['output-xhtml'] = true;
$tidy_config['show-body-only'] = true;
$tidy_config['logical-emphasis'] = true;
$book['description'] = tidy_repair_string($book['description'], $tidy_config);
// Commented out by ~imranh
// update db so we don't have to do this next time
//$DB->Execute("UPDATE books SET description=? WHERE id=?", array($book['description'],$book['id']));
}
}
$smarty->assign("book", $book);
// Add loan interface to sidebar if we're logged in
if ($session->loggedin) {
$members = new Members;
$smarty->assign("memberlist", $members->getMemberList());
$secondary = $smarty->getTemplateVars("secondary");
$secondary .= $smarty->fetch('library-loan.tpl');
$smarty->assign("secondary", $secondary);
}
// Edit the path list to make the breadcrumbs tastier
$pathlist[$library_index + 1] = $results[0]['title'];
}
} else {
//Nothing being requested, just find some random books to put on main page
$smarty->assign("tags", $DB->GetAll("SELECT name FROM bookcategories"));
$smarty->assign("randoms", $DB->GetAll("SELECT * FROM books WHERE image_url IS NOT NULL ORDER BY random() LIMIT 4"));
$smarty->assign("tags", $DB->GetAll("SELECT name FROM bookcategories"));
$smarty->assign("randoms", $DB->GetAll("SELECT * FROM books WHERE image_url IS NOT NULL ORDER BY random() LIMIT 4"));
}
if ($mode == "search") {
$search = $_REQUEST['search'];
$query = "SELECT id, title, onloan FROM books WHERE (title || ' ' || author || ' ' || keywords) ~* ? ORDER BY title ASC";
$results = $DB->GetAll($query,array($search));
foreach ($results as &$result) {
$result['title'] = htmlentities2($result['title']);
$result['onloan'] = ($result['onloan'] == 't') ? true : false;
}
$pathlist[] = "Search";
$smarty->assign("results", $results);
$search = $_REQUEST['search'];
$query = "SELECT id, title, onloan FROM books WHERE (title || ' ' || author || ' ' || keywords) ~* ? ORDER BY title ASC";
$results = $DB->GetAll($query, array($search));
foreach ($results as &$result) {
$result['title'] = htmlentities2($result['title']);
$result['onloan'] = ($result['onloan'] == 't') ? true : false;
}
$pathlist[] = "Search";
$smarty->assign("results", $results);
} elseif ($mode == "display") {
......@@ -189,6 +190,6 @@ $smarty->assign("mode", $mode);
$smarty->assign("search", $search);
$smarty->assign("pathlist", $pathlist);
$output = $smarty->fetch("library.tpl");
$smarty->assign("body",$output);
$smarty->assign("body", $output);
?>
components/libraryadmin.php
View file @ e9d41fb4
<?php
// you gotta be this high to enter
$permission="librarian";
$permission = "librarian";
//include ISBN validation library
require_once('../lib/Validate/ISPN.php');
$error = array();
function fetch_isbndb_data($isbn) {
function fetch_isbndb_data($isbn)
{
$url1 = "http://isbndb.com/api/books.xml?access_key=I6AH5WJI&index1=isbn&value1=";
$url1 = "http://isbndb.com/api/books.xml?access_key=I6AH5WJI&index1=isbn&value1=";
return file_get_contents($url1.$isbn);
return file_get_contents($url1 . $isbn);
}
function valid_isbn($isbn) {
function valid_isbn($isbn)
{
return Validate_ISPN::isbn($isbn);
return (new Validate_ISPN)->isbn($isbn);
}
if ($session->groups[$permission]) {
if ($_REQUEST['action'] == "search") {
$isbn = $_REQUEST['isbn'];
$isbn = str_replace(array('ISBN', '-', ' ', "\t", "\n"), '', $isbn);
if (valid_isbn($isbn)) {
$xmlresult = fetch_isbndb_data($isbn);
$simple_xml = simplexml_load_string($xmlresult);
$book['isbn'] = $isbn;
$book['title'] = $simple_xml->BookList->BookData->Title;
$book['author'] = $simple_xml->BookList->BookData->AuthorsText;
if (substr(trim($book['author']),-1)==',') {$book['author']=substr(trim($book['author']),0,-1);}
$book['publisher'] = $simple_xml->BookList->BookData->PublisherText;
$book['image_url'] = "";
$smarty->assign("book", $book);
} else {
// invalid isbn entered
trigger_error("invalid ISBN number entered", E_USER_WARNING);
}
} elseif ($_REQUEST['action'] == "add") {
$book = array();
$book['isbn'] = $_REQUEST['isbn'];
$book['title'] = $_REQUEST['title'];
$book['author'] = $_REQUEST['author'];
$book['publisher'] = $_REQUEST['publisher'];
$book['image_url'] = $_REQUEST['image_url'];
// Validate that we have enough info to add
if (($book['isbn'] != "") && (!valid_isbn($book['isbn']))) {
trigger_error("invalid ISBN", E_USER_WARNING);
} elseif (trim($book['title']) == "") {
trigger_error("you must supply a title", E_USER_WARNING);
} elseif (trim($book['author']) == "") {
trigger_error("you must supply an author");
} else {
$insertdata = array($book['title'], $book['author'], $book['publisher']);
if (valid_isbn($book['isbn'])) {
$book['amazon_data'] = fetch_isbndb_data($book['isbn']);
$newinsertdata = array($book['isbn'], $book['image_url'], $book['amazon_data']);
$insertdata = array_merge($insertdata, $newinsertdata);
$DB->Query("INSERT INTO books (title, author, publisher, isbn, image_url, amazon_data) VALUES (?,?,?,?,?,?)", $insertdata);
} else {
$DB->Query("INSERT INTO books (title, author, publisher) VALUES (?,?,?)", $insertdata);
}
}
}
$result = $smarty->fetch("library-addbook.tpl");
if ($_REQUEST['action'] == "search") {
$isbn = $_REQUEST['isbn'];
$isbn = str_replace(array('ISBN', '-', ' ', "\t", "\n"), '', $isbn);
if (valid_isbn($isbn)) {
$xmlresult = fetch_isbndb_data($isbn);
$simple_xml = simplexml_load_string($xmlresult);
$book['isbn'] = $isbn;
$book['title'] = $simple_xml->BookList->BookData->Title;
$book['author'] = $simple_xml->BookList->BookData->AuthorsText;
if (substr(trim($book['author']), -1) == ',') {
$book['author'] = substr(trim($book['author']), 0, -1);
}
$book['publisher'] = $simple_xml->BookList->BookData->PublisherText;
$book['image_url'] = "";
$smarty->assign("book", $book);
} else {
// invalid isbn entered
trigger_error("invalid ISBN number entered", E_USER_WARNING);
}
} elseif ($_REQUEST['action'] == "add") {
$book = array();
$book['isbn'] = $_REQUEST['isbn'];
$book['title'] = $_REQUEST['title'];
$book['author'] = $_REQUEST['author'];
$book['publisher'] = $_REQUEST['publisher'];
$book['image_url'] = $_REQUEST['image_url'];
// Validate that we have enough info to add
if (($book['isbn'] != "") && (!valid_isbn($book['isbn']))) {
trigger_error("invalid ISBN", E_USER_WARNING);
} elseif (trim($book['title']) == "") {
trigger_error("you must supply a title", E_USER_WARNING);
} elseif (trim($book['author']) == "") {
trigger_error("you must supply an author");
} else {
$insertdata = array($book['title'], $book['author'], $book['publisher']);
if (valid_isbn($book['isbn'])) {
$book['amazon_data'] = fetch_isbndb_data($book['isbn']);
$newinsertdata = array($book['isbn'], $book['image_url'], $book['amazon_data']);
$insertdata = array_merge($insertdata, $newinsertdata);
$DB->Query("INSERT INTO books (title, author, publisher, isbn, image_url, amazon_data) VALUES (?,?,?,?,?,?)", $insertdata);
} else {
$DB->Query("INSERT INTO books (title, author, publisher) VALUES (?,?,?)", $insertdata);
}
}
}
$result = $smarty->fetch("library-addbook.tpl");
}
$smarty->assign("title", "Library Admin");
......
components/members.php
View file @ e9d41fb4
......@@ -5,150 +5,152 @@ include_once("../lib/date.php");
$members = new Members;
if ($session->loggedin) {
$usernames = $members->getMemberList();
$smarty->assign('members', $usernames);
$sidebar = $smarty->fetch('members-search.tpl');
$smarty->assign('secondary', $sidebar);
// Show Searched for users depending on the method provided
$value = '';
$uid = false;
$pathCount = count($pathlist) -1;
if ( isset($_POST['search']) ) {
$value = $_POST['search'];
$uid = true;
$usernames = $members->memberSearch($value);
} else if ( isset($_POST['member']) ) {
$value = $_POST['member'];
$uid = true;
$usernames = $members->memberView($value);
} else if ( $component['path'] != $path ) {
$value = $pathlist[$pathCount];
$usernames = $members->memberView($value);
}
if (!empty($value) ) {
// Redirect if we have found a valid single user
if (count($usernames) == 1) {
$smarty->assign('who', $usernames[0]['uid']);
// Add banana widget to the sidebar
$usernames = $members->getMemberList();
$smarty->assign('members', $usernames);
$sidebar = $smarty->fetch('members-search.tpl');
$smarty->assign('secondary', $sidebar);
// Show Searched for users depending on the method provided
$value = '';
$uid = false;
$pathCount = count($pathlist) - 1;
if (isset($_POST['search'])) {
$value = $_POST['search'];
$uid = true;
$usernames = $members->memberSearch($value);
} else if (isset($_POST['member'])) {
$value = $_POST['member'];
$uid = true;
$usernames = $members->memberView($value);
} else if ($component['path'] != $path) {
$value = $pathlist[$pathCount];
$usernames = $members->memberView($value);
}
if (!empty($value)) {
// Redirect if we have found a valid single user
if (count($usernames) == 1) {
$smarty->assign('who', $usernames[0]['uid']);
// Add banana widget to the sidebar
$who = $usernames[0]['uid'];
include("../lib/banana-admin.php");
// Needs Redirection
if ($uid) {
header('Location: ' . $component['path'] . '/' . $usernames[0]['uid']);
} else {
// Pictures
if (file_exists('pictures/people/' . $usernames[0]['uid'] . '.png')) {
$usernames[0]['picture'] = '/pictures/people/' . $usernames[0]['uid'] . '.png';
}
// Account type
$homedir = explode('/', $usernames[0]['homedir']);
$usernames[0]['acctype'] = ucfirst($homedir[2]);
// Project
if (file_exists( $usernames[0]['homedir'] . '/.project')) {
$usernames[0]['project'] = file_get_contents($usernames[0]['homedir'] . '/.project');
}
// Plan
if (file_exists( $usernames[0]['homedir'] . '/.plan')) {
$usernames[0]['plan'] = file_get_contents($usernames[0]['homedir'] . '/.plan');
}
// Website
if ( file_exists( $usernames[0]['homedir'] . '/public_html')) {
$usernames[0]['website'] = true;
}
// Bananas stuff
$bananasql = "SELECT *, date_trunc('second', whn) FROM awards ";
$bananasql .= "WHERE username ~* ? ORDER BY WHN DESC";
$awards = $DB->GetAll($bananasql, array("^".$usernames[0]['uid']."$"));
// arrange by academic year, calculate sums as we go
foreach ($awards as $award) {
$acyear = academicYear(strtotime($award['whn']));
$awards_by_year[$acyear]['awards'][] = $award;
$awards_by_year[$acyear]['sum'] += $award['score'];
$bananasum += $award['score'];
}
$usernames[0]['awardsbyyear'] = &$awards_by_year;
$usernames[0]['bananascore'] = $bananasum;
}
}
$smarty->assign('results', $usernames);
} else {
// generate fun data to put on index page
// top 5
$stats['top'] = $DB->GetAll("SELECT username, sum(score) as sum FROM awards GROUP BY username ORDER BY sum DESC LIMIT 5");
// top 5 (this academic year)
$yeartop_sql = "SELECT username, sum(score) as sum FROM awards ";
$yeartop_sql .= "WHERE whn > date(?) GROUP BY username ORDER BY sum DESC LIMIT 5";
$stats['yeartop'] = $DB->GetAll($yeartop_sql, array(academicYear(time())."-09-01"));
// bottom 5
$stats['bottom'] = $DB->GetAll("SELECT username, sum(score) as sum FROM awards GROUP BY username ORDER BY sum ASC LIMIT 5");
// recent awards
// today's definition of "recent" is all awards within three days of the newest award and a minimum of five...
// if this seems like a dumb method then try something else :-)
$recentAwards_sql = "(SELECT * FROM awards WHERE whn > (SELECT whn - interval '3 days' FROM awards ORDER BY whn DESC LIMIT 1))";
$recentAwards_sql .= " UNION (SELECT * FROM awards ORDER BY whn DESC LIMIT 5) ORDER BY 4 DESC";
$stats['recent'] = $DB->GetAll($recentAwards_sql);
// retrieve the usernames for top stats, bottom stats, and all users - so we can filter out who's a user and who's not
foreach ($usernames as $i => $value) {
$realUsers[] = $usernames[$i]['uid'];
//Tell the banana library that we're dealing with a real member
$isnonmember = false;
include("../lib/banana-admin.php");
// Needs Redirection
if ($uid) {
header('Location: ' . $component['path'] . '/' . $usernames[0]['uid']);
} else {
// Pictures
if (file_exists('pictures/people/' . $usernames[0]['uid'] . '.png')) {
$usernames[0]['picture'] = '/pictures/people/' . $usernames[0]['uid'] . '.png';
}
foreach ($stats['yeartop'] as $i => $value) {
if (in_array(strtolower($stats['yeartop'][$i]['username']), $realUsers)) {
$stats['yeartop'][$i]['real'] = TRUE;
} else {
$stats['yeartop'][$i]['real'] = FALSE;
}
// Account type
$homedir = explode('/', $usernames[0]['homedir']);
$usernames[0]['acctype'] = ucfirst($homedir[2]);
// Project
if (file_exists($usernames[0]['homedir'] . '/.project') && ! is_link($usernames[0]['homedir'] . '/.project')) {
$usernames[0]['project'] = file_get_contents($usernames[0]['homedir'] . '/.project');
}
foreach ($stats['top'] as $i => $value) {
if (in_array(strtolower($stats['top'][$i]['username']), $realUsers)) {
$stats['top'][$i]['real'] = TRUE;
} else {
$stats['top'][$i]['real'] = FALSE;
}
// Plan
if (file_exists($usernames[0]['homedir'] . '/.plan') && ! is_link($usernames[0]['homedir'] . '/.plan')) {
$usernames[0]['plan'] = file_get_contents($usernames[0]['homedir'] . '/.plan');
}
foreach ($stats['bottom'] as $i => $value) {
if (in_array(strtolower($stats['bottom'][$i]['username']), $realUsers)) {
$stats['bottom'][$i]['real'] = TRUE;
} else {
$stats['bottom'][$i]['real'] = FALSE;
}
// Website
if (file_exists($usernames[0]['homedir'] . '/public_html')) {
$usernames[0]['website'] = true;
}
foreach ($stats['recent'] as $i => $value) {
if (in_array(strtolower($stats['recent'][$i]['username']), $realUsers)) {
$stats['recent'][$i]['real'] = TRUE;
} else {
$stats['recent'][$i]['real'] = FALSE;
}
// Bananas stuff
$bananasql = "SELECT *, date_trunc('second', whn) FROM awards ";
$bananasql .= "WHERE username ~* ? ORDER BY WHN DESC";
$awards = $DB->GetAll($bananasql, array("^" . $usernames[0]['uid'] . "$"));
// arrange by academic year, calculate sums as we go
foreach ($awards as $award) {
$acyear = academicYear(strtotime($award['whn']));
$awards_by_year[$acyear]['awards'][] = $award;
$awards_by_year[$acyear]['sum'] += $award['score'];
$bananasum += $award['score'];
}
$smarty->assign("stats", $stats);
$secondary = $smarty->get_template_vars("secondary");
$secondary .= $smarty->fetch("banana-leaders.tpl");
$smarty->assign("secondary", $secondary);
}
$usernames[0]['awardsbyyear'] = &$awards_by_year;
$usernames[0]['bananascore'] = $bananasum;
}
}
$smarty->assign('results', $usernames);
} else {
// generate fun data to put on index page
// top 5
$stats['top'] = $DB->GetAll("SELECT username, sum(score) as sum FROM awards GROUP BY username ORDER BY sum DESC LIMIT 5");
// top 5 (this academic year)
$yeartop_sql = "SELECT username, sum(score) as sum FROM awards ";
$yeartop_sql .= "WHERE whn > date(?) GROUP BY username ORDER BY sum DESC LIMIT 5";
$stats['yeartop'] = $DB->GetAll($yeartop_sql, array(academicYear(time()) . "-09-01"));
// bottom 5
// exclude sambws and frostys allways decresing banana that scres up the result
$stats['bottom'] = $DB->GetAll("SELECT username, sum(score) as sum FROM awards WHERE id!=685 and id!=393 GROUP BY username ORDER BY sum ASC LIMIT 5");
// recent awards
// today's definition of "recent" is all awards within three days of the newest award and a minimum of five...
// if this seems like a dumb method then try something else :-)
$recentAwards_sql = "(SELECT * FROM awards WHERE whn > (SELECT whn - interval '3 days' FROM awards ORDER BY whn DESC LIMIT 1))";
$recentAwards_sql .= " UNION (SELECT * FROM awards ORDER BY whn DESC LIMIT 5) ORDER BY 4 DESC";
$stats['recent'] = $DB->GetAll($recentAwards_sql);
// retrieve the usernames for top stats, bottom stats, and all users - so we can filter out who's a user and who's not
foreach ($usernames as $i => $value) {
$realUsers[] = $usernames[$i]['uid'];
}
foreach ($stats['yeartop'] as $i => $value) {
if (in_array(strtolower($stats['yeartop'][$i]['username']), $realUsers)) {
$stats['yeartop'][$i]['real'] = TRUE;
} else {
$stats['yeartop'][$i]['real'] = FALSE;
}
}
foreach ($stats['top'] as $i => $value) {
if (in_array(strtolower($stats['top'][$i]['username']), $realUsers)) {
$stats['top'][$i]['real'] = TRUE;
} else {
$stats['top'][$i]['real'] = FALSE;
}
}
foreach ($stats['bottom'] as $i => $value) {
if (in_array(strtolower($stats['bottom'][$i]['username']), $realUsers)) {
$stats['bottom'][$i]['real'] = TRUE;
} else {
$stats['bottom'][$i]['real'] = FALSE;
}
}
foreach ($stats['recent'] as $i => $value) {
if (in_array(strtolower($stats['recent'][$i]['username']), $realUsers)) {
$stats['recent'][$i]['real'] = TRUE;
} else {
$stats['recent'][$i]['real'] = FALSE;
}
}
$smarty->assign("stats", $stats);
$secondary = $smarty->getTemplateVars("secondary");
$secondary .= $smarty->fetch("banana-leaders.tpl");
$smarty->assign("secondary", $secondary);
}
} else {
// not logged in. Show a list of members with websites
$usernames = $members->getMemberList();
foreach ($usernames as $user) {
if ( file_exists( $user['homedir'] . '/public_html')) {
$public_usernames[] = $user;
}
}
$smarty->assign("public_members", $public_usernames);
// not logged in. Show a list of members with websites
$usernames = $members->getMemberList();
foreach ($usernames as $user) {
if (file_exists($user['homedir'] . '/public_html')) {
$public_usernames[] = $user;
}
}
$smarty->assign("public_members", $public_usernames);
}
$smarty->assign('url', $component['path']);
$smarty->assign('extra_styles', "/css/members.css");
$result = $smarty->fetch('members.tpl');
......
components/membershiprenew.php
View file @ e9d41fb4
<?php
include_once("../lib/date.php");
// Config options
$inform="treasurer@sucs.org";
$permission="sucsstaff";
$inform = "treasurer@sucs.org";
$permission = "sucsstaff";
// Enable and disable database updating
$enable=TRUE;
$enable = TRUE;
// Set next payment date
$paydate = paidUntil(time());
......@@ -12,141 +12,131 @@ $paydate = paidUntil(time());
// Only staff can use this page
if (isset($session->groups[$permission])) {
$smarty->assign("staff", TRUE);
// connect to sucs database
$sucsDB = NewADOConnection('postgres8');
$sucsDB->Connect('dbname=sucs user=apache');
$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC);
// $sucsDB->debug = true;
// handle updates
if(isset($_POST['uid']) && isset($_POST['lastupdate'])){
// handle updates
if (isset($_POST['uid']) && isset($_POST['lastupdate'])) {
// Check data hasn't changed and that nothing is broked
$query = "SELECT * FROM members WHERE uid=? AND lastupdate=?";
$array = array($_POST['uid'], $_POST['lastupdate']);
$data = $sucsDB->GetAll($query,$array);
$data = $sucsDB->GetAll($query, $array);
// If there is only one record then everything is fine
if(sizeof($data)==1){
if (sizeof($data) == 1) {
// get info on currently logged in user
$user = posix_getpwnam($session->username);
// Update record
$record = $data[0];
$query = "UPDATE members";
$query .= " SET paid = ?, lastupdate = DEFAULT, lastedit = ?";
$query .= " WHERE uid = ?";
$array = array($paydate,$user['uid'],$_POST['uid']);
if($enable){
$sucsDB->query($query,$array);
$query .= " SET paid = ?, lastupdate = DEFAULT, lastedit = ?";
$query .= " WHERE uid = ?";
$array = array($paydate, $user['uid'], $_POST['uid']);
if ($enable) {
$sucsDB->query($query, $array);
}
// emailing contact (tresurer)
$message = "Account renewal notification\n\n";
$message .= "Account : ".$record['username']."\n";
$message .= "User Type : ".$record['type']."\n";
$message .= "Renewed by: ".$user['name']."\n\n";
$message .= "Regards\n eclipse's script";
mail($inform,"Account Renewal",$message);
// emailing user
$message = "Your Swansea University Computer Society (SUCS) membership has been renewed\n\n";
$message .= "Username: ".$record['username']."\n";
$message .= "If you do not know or have forgotten your password, please email admin@sucs.org to arrange for it to be changed.\n\n";
$message .= "Regards\n The SUCS admin";
$header = "From: admin@sucs.org\r\n";
$header .= "Reply-To: admin@sucs.org";
// Personal account
mail($record['email'],"SUCS account renewal",$message,$header);
// sucs account
mail($record['username']."@sucs.org","SUCS account renewal",$message,$header);
message_flash("Renewed account for: ".htmlentities($record['username']));
}
else{
trigger_error("Number of recored returned: ".sizeof($data).". Expected: 1.", E_USER_ERROR);
$message = "Account renewal notification\n\n";
$message .= "Account : " . $record['username'] . "\n";
$message .= "User Type : " . $record['type'] . "\n";
$message .= "Renewed by: " . $user['name'] . "\n\n";
$message .= "Regards\n eclipse's script";
mail($inform, "Account Renewal", $message);
// emailing user
$message = "Your Swansea University Computer Society (SUCS) membership has been renewed\n\n";
$message .= "Username: " . $record['username'] . "\n";
$message .= "If you do not know or have forgotten your password, please email admin@sucs.org to arrange for it to be changed.\n\n";
$message .= "Regards\n The SUCS admin";
$header = "From: admin@sucs.org\r\n";
$header .= "Reply-To: admin@sucs.org";
// Personal account
mail($record['email'], "SUCS account renewal", $message, $header);
// sucs account
mail($record['username'] . "@sucs.org", "SUCS account renewal", $message, $header);
message_flash("Renewed account for: " . htmlentities($record['username']));
} else {
trigger_error("Number of recored returned: " . sizeof($data) . ". Expected: 1.", E_USER_ERROR);
}
}
// if sort is specified in GET
if(isset($_GET["sort"])){
$sortoptions = array("username","sid","realname");
if (isset($_GET["sort"])) {
$sortoptions = array("username", "sid", "realname");
// and is a valid option
if(in_array($_GET["sort"],$sortoptions,TRUE)){
if (in_array($_GET["sort"], $sortoptions, TRUE)) {
// use it
$sort=$_GET["sort"];
$sort = $_GET["sort"];
} // else use username
else {
$sort = 'username';
}
// else use username
else{
$sort='username';
}
$getsort=$sort;
}
//else use username
else{
$sort='username';
$getsort = $sort;
} //else use username
else {
$sort = 'username';
}
//Get members details
$query = "SELECT * FROM members, member_type";
$query .= " WHERE paid != ?";
$query .= " AND (type = 1 OR type = 2 OR type = 5)";
$query .= " AND type=member_type.id";
$query .= " ORDER BY paid,type,".$sort;
$array = array($paydate);
$data = $sucsDB->GetAll($query, $array);
$query .= " WHERE paid != ?";
$query .= " AND (type = 1 OR type = 2 OR type = 5)";
$query .= " AND type=member_type.id";
$query .= " ORDER BY paid,type," . $sort;
$array = array($paydate);
$data = $sucsDB->GetAll($query, $array);
$smarty->assign("members", $data);
// set refresh rate
$autorefresh=$_GET["autorefresh"];
// if autorefresh is not 'n'
if($autorefresh!="n"){
$autorefresh = $_GET["autorefresh"];
// if autorefresh is not 'n'
if ($autorefresh != "n") {
// and is a decimal value
if(ctype_digit($autorefresh)){
// use it
$refreshval=$autorefresh;
if (ctype_digit($autorefresh)) {
// use it
$refreshval = $autorefresh;
// set passthrough
$getrefresh=$refreshval;
}
else{
// If no valid value assigned, default to OFF
$refreshval="n";
}
$optrefresh=$refreshval;
$smarty->assign("refresh", $refreshval);
}
else{
$getrefresh = $refreshval;
} else {
// If no valid value assigned, default to OFF
$refreshval = "n";
}
$optrefresh = $refreshval;
$smarty->assign("refresh", $refreshval);
} else {
// set passthrough
$getrefresh='n';
$optrefresh='n';
$getrefresh = 'n';
$optrefresh = 'n';
}
// compile passthrough url
// sort
if(isset($getsort)){
$getout="?sort=".$getsort;
if (isset($getsort)) {
$getout = "?sort=" . $getsort;
}
// autorefresh
if(isset($getrefresh)){
if(isset($getout)){
$getout .= "&amp;autorefresh=".$getrefresh;
}
else{
$getout = "?autorefresh=".$getrefresh;
if (isset($getrefresh)) {
if (isset($getout)) {
$getout .= "&amp;autorefresh=" . $getrefresh;
} else {
$getout = "?autorefresh=" . $getrefresh;
}
}
// set smarty variables
$smarty->assign("self",$baseurl.$path.$getout);
$smarty->assign("optionrefresh",$optrefresh);
$smarty->assign("optionsort",$sort);
$smarty->assign("paydate",$paydate);
$smarty->assign("self", $baseurl . $path . $getout);
$smarty->assign("optionrefresh", $optrefresh);
$smarty->assign("optionsort", $sort);
$smarty->assign("paydate", $paydate);
}
$side = $smarty->fetch('membershiprenew-options.tpl');
$body = $smarty->fetch('membershiprenew.tpl');
$smarty->assign('secondary',$side);
$smarty->assign('secondary', $side);
$smarty->assign('title', "Renew Membership");
$smarty->assign('body', $body);
?>
components/menu.php
View file @ e9d41fb4
<?php
function getPageID($name) {
global $DB;
$query=$DB->GetRow("select id from menu where title='".$name."'");
return (int)@$query['id'];
function getPageID($name)
{
global $DB;
$query = $DB->GetRow("select id from menu where title='" . $name . "'");
return (int)@$query['id'];
}
function translate($word) {
global $language, $DB;
function translate($word)
{
global $language, $DB;
if ($language['code']!="en") {
$query=$DB->GetRow("select title, title".$language['db']." from menu where title='".$word."'");
if ($query['title'.$language['db']]!="") return $query['title'.$language['db']];
else return $query['title'];
} else return $word;
if ($language['code'] != "en") {
$query = $DB->GetRow("select title, title" . $language['db'] . " from menu where title='" . $word . "'");
if ($query['title' . $language['db']] != "") return $query['title' . $language['db']];
else return $query['title'];
} else return $word;
}
function parseMenu($res) {
global $language;
function parseMenu($res)
{
global $language;
$menu = array();
$menu = array();
foreach ($res as $row) {
if ($language['code']!="en") {
if ($row['title'.$language['db']]!="") $title=$row['title'.$language['db']];
else $title=$row['title'];
$menu[$title] = $row['target'];
} else {
$menu[$row['title']] = $row['target'];
}
}
foreach ($res as $row) {
if ($language['code'] != "en") {
if ($row['title' . $language['db']] != "") $title = $row['title' . $language['db']];
else $title = $row['title'];
$menu[$title] = $row['target'];
} else {
$menu[$row['title']] = $row['target'];
}
}
return $menu;
return $menu;
}
if (isset($pathlist[1]))
$pagename = $pathlist[1]; else $pagename = "";
$pagename = $pathlist[1]; else $pagename = "";
// Menu stuff
$smarty->assign("select",$pagename);
$smarty->assign("select", $pagename);
if (isset($pathlist[2]))
$smarty->assign("subselect",$pathlist[2]);
$smarty->assign("subselect", $pathlist[2]);
else
$smarty->assign("subselect",$pagename);
$smarty->assign("subselect", $pagename);
$query = "select * from menu where parent is NULL and (permission is NULL";
$query = "select * from menu where parent is NULL and (permission is NULL";
// Temporary - all members should be members of the "users" group but aren't
if ($session->loggedin) $query .= " or permission='users'";
foreach ($session->groups as $group => $value) {
$query .= " or permission='$group'";
$query .= " or permission='$group'";
}
$query .= ") order by menuorder";
......@@ -62,7 +65,7 @@ $menu = parseMenu($res);
// this needs to choose the actual current one
// subpages/submenu items can have permissions attached to them as well!
$query2 = "select * from menu where parent=";
$query2 = "select * from menu where parent=";
$query2 .= "'";
$query2 .= getPageID($pagename);
$query2 .= "'";
......@@ -71,16 +74,16 @@ $query2 .= " and (permission is NULL";
if ($session->loggedin) $query2 .= " or permission='users'";
foreach ($session->groups as $group => $value) {
$query2 .= " or permission='$group'";
}
$query2 .= " or permission='$group'";
}
$query2 .= ") order by menuorder";
$res2 = $DB->GetAll($query2);
if (count($res2)>0) {
$submenu = parseMenu($res2);
$menu[translate($pagename)] = $submenu;
if (count($res2) > 0) {
$submenu = parseMenu($res2);
$menu[translate($pagename)] = $submenu;
}
$smarty->assign("menu",$menu);
$smarty->assign("menu", $menu);
?>
components/milliways.php
View file @ e9d41fb4
<?php
function parseIdleTime($idletime) {
$idlearray = preg_split("/[hms]/",$idletime);
if (strstr($idletime,'h')) {
$hours = $idlearray[0];
$minutes = $idlearray[1];
$seconds = 0;
} elseif (strstr($idletime,'m')) {
$hours = 0;
$minutes = $idlearray[0];
$seconds = $idlearray[1];
} else {
$hours = 0;
$minutes = 0;
$seconds = $idlearray[0];
}
return (intval($hours * 3600)) + (intval($minutes) * 60) + intval($seconds);
function parseIdleTime($idletime)
{
$idlearray = preg_split("/[hms]/", $idletime);
if (strstr($idletime, 'h')) {
$hours = $idlearray[0];
$minutes = $idlearray[1];
$seconds = 0;
} elseif (strstr($idletime, 'm')) {
$hours = 0;
$minutes = $idlearray[0];
$seconds = $idlearray[1];
} else {
$hours = 0;
$minutes = 0;
$seconds = $idlearray[0];
}
return (intval($hours * 3600)) + (intval($minutes) * 60) + intval($seconds);
}
function compare_idletime($a, $b) {
return strnatcmp($a['idleseconds'], $b['idleseconds']);
function compare_idletime($a, $b)
{
return strnatcmp($a['idleseconds'], $b['idleseconds']);
}
$mwpath = array_search("Milliways", $pathlist);
$newpath = $baseurl;
for($i=0;$i<=$mwpath;$i++) {
if ($i!=0) $newpath .= "/";
$newpath .= $pathlist[$i];
for ($i = 0; $i <= $mwpath; $i++) {
if ($i != 0) $newpath .= "/";
$newpath .= $pathlist[$i];
}
$smarty->assign("mwpath", $newpath);
$cal = cal_info(CAL_JULIAN);
if (strtolower($pathlist[$mwpath+1]) == "uri") {
$latest = FALSE;
$today = FALSE;
unset($search);
if (isset($pathlist[$mwpath+2])) {
if ($pathlist[$mwpath+2] == "search" && isset($pathlist[$mwpath+3])) {
$search = $pathlist[$mwpath+3];
} else {
$today = strtotime($pathlist[$mwpath+2]);
}
}
if ($today === FALSE && !isset($search)) {
$today = time();
$latest = TRUE;
}
$smarty->assign("extra_scripts", array(
'<meta name="ROBOTS" content="NOINDEX" />',
'<meta name="ROBOTS" content="NOFOLLOW" />'));
$mwdb = new PDO('sqlite:/var/lib/mw/mwuri.db');
$res = $mwdb->prepare("select distinct strftime('%Y',added) from mwuri");
$res->execute();
$yearlist = $res->fetchAll(PDO::FETCH_COLUMN,0);
$smarty->assign("yearlist",$yearlist);
$res= $mwdb->prepare("select distinct strftime('%m',added) from mwuri where strftime('%Y',added) = ?");
$res->execute(array(date("Y",$today)));
$mlist = $res->fetchAll(PDO::FETCH_COLUMN,0);
$monthlist = array();
foreach( $mlist as $m) {
$monthlist[$m] = $cal['abbrevmonths'][(int)$m];
}
$smarty->assign("monthlist",$monthlist);
$res= $mwdb->prepare("select distinct strftime('%d',added) from mwuri where strftime('%Y-%m',added) = ?");
$res->execute(array(date("Y-m",$today)));
$daylist = $res->fetchAll(PDO::FETCH_COLUMN,0);
$smarty->assign("daylist",$daylist);
if ($today === FALSE && isset($search)) {
// do a search
$res = $mwdb->prepare("select *, time(added,'localtime') as hour, date(added,'localtime') as day from mwuri where title like ? or url like ? order by added desc");
$term = "%".$search."%";
$res->execute(array($term,$term));
$data = $res->fetchAll(PDO::FETCH_ASSOC);
} else {
//standard date based lookup
$res = $mwdb->prepare("select *, time(added,'localtime') as hour, date(added,'localtime') as day from mwuri where date(added,'localtime')=? order by added desc");
$res->execute(array(date("Y-m-d",$today)));
$data = $res->fetchAll(PDO::FETCH_ASSOC);
if ($latest && count($data == 0)) {
$day = end($yearlist)."-".end($monthlist)."-".end($daylist);
$today = strtotime($day);
$res->execute(array(date("Y-m-d",$today)));
$data = $res->fetchAll(PDO::FETCH_ASSOC);
}
}
foreach($data as $k => $row)
{
if ($row['tags']) {
$json = json_decode($row['tags'], TRUE);
if (is_array($json))
$data[$k]['taglist'] = $json[0]['top_tags'];
}
}
$smarty->assign("urilist", $data);
$smarty->assign("thisyear", date("Y",$today));
$smarty->assign("thismonth", date("m",$today));
$smarty->assign("thisday", date("d",$today));
$output = $smarty->fetch($base."templates/milliways_uri.tpl");
$smarty->assign("title", "Milliways URI");
$smarty->assign("body", $output);
$smarty->assign("extra_styles", "/css/milliways.css");
$smarty->assign("refresh", 120);
return;
if (strtolower($pathlist[$mwpath + 1]) == "uri") {
$latest = FALSE;
$today = FALSE;
unset($search);
if (isset($pathlist[$mwpath + 2])) {
if ($pathlist[$mwpath + 2] == "search" && isset($pathlist[$mwpath + 3])) {
$search = $pathlist[$mwpath + 3];
} else {
$today = strtotime($pathlist[$mwpath + 2]);
}
}
if ($today === FALSE && !isset($search)) {
$today = time();
$latest = TRUE;
}
$smarty->assign("extra_scripts", array(
'<meta name="ROBOTS" content="NOINDEX" />',
'<meta name="ROBOTS" content="NOFOLLOW" />'));
$mwdb = new PDO('sqlite:/var/lib/mw/mwuri.db');
$res = $mwdb->prepare("select distinct strftime('%Y',added) from mwuri");
$res->execute();
$yearlist = $res->fetchAll(PDO::FETCH_COLUMN, 0);
$smarty->assign("yearlist", $yearlist);
$res = $mwdb->prepare("select distinct strftime('%m',added) from mwuri where strftime('%Y',added) = ?");
$res->execute(array(date("Y", $today)));
$mlist = $res->fetchAll(PDO::FETCH_COLUMN, 0);
$monthlist = array();
foreach ($mlist as $m) {
$monthlist[$m] = $cal['abbrevmonths'][(int)$m];
}
$smarty->assign("monthlist", $monthlist);
$res = $mwdb->prepare("select distinct strftime('%d',added) from mwuri where strftime('%Y-%m',added) = ?");
$res->execute(array(date("Y-m", $today)));
$daylist = $res->fetchAll(PDO::FETCH_COLUMN, 0);
$smarty->assign("daylist", $daylist);
if ($today === FALSE && isset($search)) {
// do a search
$res = $mwdb->prepare("select *, time(added,'localtime') as hour, date(added,'localtime') as day from mwuri where title like ? or url like ? order by added desc");
$term = "%" . $search . "%";
$res->execute(array($term, $term));
$data = $res->fetchAll(PDO::FETCH_ASSOC);
} else {
//standard date based lookup
$res = $mwdb->prepare("select *, time(added,'localtime') as hour, date(added,'localtime') as day from mwuri where date(added,'localtime')=? order by added desc");
$res->execute(array(date("Y-m-d", $today)));
$data = $res->fetchAll(PDO::FETCH_ASSOC);
if ($latest && count($data == 0)) {
$day = end($yearlist) . "-" . end($monthlist) . "-" . end($daylist);
$today = strtotime($day);
$res->execute(array(date("Y-m-d", $today)));
$data = $res->fetchAll(PDO::FETCH_ASSOC);
}
}
foreach ($data as $k => $row) {
if ($row['tags']) {
$json = json_decode($row['tags'], TRUE);
if (is_array($json))
$data[$k]['taglist'] = $json[0]['top_tags'];
}
}
$smarty->assign("urilist", $data);
$smarty->assign("thisyear", date("Y", $today));
$smarty->assign("thismonth", date("m", $today));
$smarty->assign("thisday", date("d", $today));
$output = $smarty->fetch($base . "templates/milliways_uri.tpl");
$smarty->assign("title", "Milliways URI");
$smarty->assign("body", $output);
$smarty->assign("extra_styles", "/css/milliways.css");
$smarty->assign("refresh", 120);
return;
}
if (strtolower($pathlist[$mwpath+1]) == "status") {
$today = FALSE;
$wantuser = FALSE;
if (isset($pathlist[$mwpath+2])) {
if ($pathlist[$mwpath+2] == "user" && isset($pathlist[$mwpath+3]))
$wantuser = $pathlist[$mwpath+3];
else
$today = strtotime($pathlist[$mwpath+2]);
}
if ($today === FALSE)
$today = time();
$smarty->assign("extra_scripts", array(
'<meta name="ROBOTS" content="NOINDEX" />',
'<meta name="ROBOTS" content="NOFOLLOW" />'));
$mwdb = new PDO('sqlite:/var/lib/mw/mwuri.db');
if ($wantuser !== FALSE) {
$res = $mwdb->prepare("select *, time(added,'localtime') as hour, date(added,'localtime') as day from mwdoing where user=? order by added desc");
$res->execute(array($wantuser));
} else {
$res = $mwdb->prepare("select *, time(added,'localtime') as hour, date(added,'localtime') as day from mwdoing where strftime('%Y-%m',added,'localtime')=? order by added desc");
$res->execute(array(date("Y-m",$today)));
}
//$res = $mwdb->prepare("select *, time(added,'localtime') as hour, date(added,'localtime') as day from mwdoing where date(added,'localtime')=? order by added desc");
//$res->execute(array(date("Y-m-d",$today)));
$data = $res->fetchAll(PDO::FETCH_ASSOC);
$smarty->assign("statuslist", $data);
$res = $mwdb->prepare("select distinct strftime('%Y',added) from mwdoing");
$res->execute();
$yearlist = $res->fetchAll(PDO::FETCH_COLUMN,0);
$smarty->assign("yearlist",$yearlist);
$res= $mwdb->prepare("select distinct strftime('%m',added) from mwdoing where strftime('%Y',added) = ?");
$res->execute(array(date("Y",$today)));
$mlist = $res->fetchAll(PDO::FETCH_COLUMN,0);
$monthlist = array();
foreach( $mlist as $m) {
$monthlist[$m] = $cal['abbrevmonths'][(int)$m];
}
$smarty->assign("monthlist",$monthlist);
$res= $mwdb->prepare("select distinct strftime('%d',added) from mwdoing where strftime('%Y-%m',added) = ?");
$res->execute(array(date("Y-m",$today)));
$daylist = $res->fetchAll(PDO::FETCH_COLUMN,0);
$smarty->assign("daylist",$daylist);
$smarty->assign("thisyear", date("Y",$today));
$smarty->assign("thismonth", date("m",$today));
$smarty->assign("thisday", date("d",$today));
$output = $smarty->fetch($base."templates/milliways_status.tpl");
$smarty->assign("title", "Milliways Status");
$smarty->assign("body", $output);
$smarty->assign("extra_styles", "/css/milliways.css");
$smarty->assign("refresh", 120);
return;
if (strtolower($pathlist[$mwpath + 1]) == "status") {
$today = FALSE;
$wantuser = FALSE;
if (isset($pathlist[$mwpath + 2])) {
if ($pathlist[$mwpath + 2] == "user" && isset($pathlist[$mwpath + 3]))
$wantuser = $pathlist[$mwpath + 3];
else
$today = strtotime($pathlist[$mwpath + 2]);
}
if ($today === FALSE)
$today = time();
$smarty->assign("extra_scripts", array(
'<meta name="ROBOTS" content="NOINDEX" />',
'<meta name="ROBOTS" content="NOFOLLOW" />'));
$mwdb = new PDO('sqlite:/var/lib/mw/mwuri.db');
if ($wantuser !== FALSE) {
$res = $mwdb->prepare("select *, time(added,'localtime') as hour, date(added,'localtime') as day from mwdoing where user=? order by added desc");
$res->execute(array($wantuser));
} else {
$res = $mwdb->prepare("select *, time(added,'localtime') as hour, date(added,'localtime') as day from mwdoing where strftime('%Y-%m',added,'localtime')=? order by added desc");
$res->execute(array(date("Y-m", $today)));
}
//$res = $mwdb->prepare("select *, time(added,'localtime') as hour, date(added,'localtime') as day from mwdoing where date(added,'localtime')=? order by added desc");
//$res->execute(array(date("Y-m-d",$today)));
$data = $res->fetchAll(PDO::FETCH_ASSOC);
$smarty->assign("statuslist", $data);
$res = $mwdb->prepare("select distinct strftime('%Y',added) from mwdoing");
$res->execute();
$yearlist = $res->fetchAll(PDO::FETCH_COLUMN, 0);
$smarty->assign("yearlist", $yearlist);
$res = $mwdb->prepare("select distinct strftime('%m',added) from mwdoing where strftime('%Y',added) = ?");
$res->execute(array(date("Y", $today)));
$mlist = $res->fetchAll(PDO::FETCH_COLUMN, 0);
$monthlist = array();
foreach ($mlist as $m) {
$monthlist[$m] = $cal['abbrevmonths'][(int)$m];
}
$smarty->assign("monthlist", $monthlist);
$res = $mwdb->prepare("select distinct strftime('%d',added) from mwdoing where strftime('%Y-%m',added) = ?");
$res->execute(array(date("Y-m", $today)));
$daylist = $res->fetchAll(PDO::FETCH_COLUMN, 0);
$smarty->assign("daylist", $daylist);
$smarty->assign("thisyear", date("Y", $today));
$smarty->assign("thismonth", date("m", $today));
$smarty->assign("thisday", date("d", $today));
$output = $smarty->fetch($base . "templates/milliways_status.tpl");
$smarty->assign("title", "Milliways Status");
$smarty->assign("body", $output);
$smarty->assign("extra_styles", "/css/milliways.css");
$smarty->assign("refresh", 120);
return;
}
if (strtolower($pathlist[$mwpath+1]) == "tag") {
$smarty->assign("extra_scripts", array(
'<meta name="ROBOTS" content="NOINDEX" />',
'<meta name="ROBOTS" content="NOFOLLOW" />'));
$mwdb = new PDO('sqlite:/var/lib/mw/mwuri.db');
if (isset($pathlist[$mwpath+2])) {
$res = $mwdb->prepare("select *, date(added) as day, substr(tag,2) as name from mwtag where tag=? order by added desc");
$res->execute(array('#'.$pathlist[$mwpath+2]));
$data = $res->fetchAll(PDO::FETCH_ASSOC);
$smarty->assign("taglist", $data);
$output = $smarty->fetch($base."templates/milliways_tag.tpl");
} else {
$res = $mwdb->prepare("select distinct tag, substr(tag,2) as name, count(tag) as count from mwtag group by tag order by count(tag) desc limit 20");
$res->execute();
$data = $res->fetchAll(PDO::FETCH_ASSOC);
$smarty->assign("toplist", $data);
$res = $mwdb->prepare("select distinct tag, substr(tag,2) as name, count(tag) as count, max(added) as dated, date(max(added)) as day from mwtag group by tag order by max(added) desc limit 20");
$res->execute();
$data = $res->fetchAll(PDO::FETCH_ASSOC);
$smarty->assign("latestlist", $data);
$output = $smarty->fetch($base."templates/milliways_taglist.tpl");
}
$smarty->assign("title", "Milliways Tags");
$smarty->assign("body", $output);
$smarty->assign("extra_styles", "/css/milliways.css");
$smarty->assign("refresh", 120);
return;
if (strtolower($pathlist[$mwpath + 1]) == "tag") {
$smarty->assign("extra_scripts", array(
'<meta name="ROBOTS" content="NOINDEX" />',
'<meta name="ROBOTS" content="NOFOLLOW" />'));
$mwdb = new PDO('sqlite:/var/lib/mw/mwuri.db');
if (isset($pathlist[$mwpath + 2])) {
$res = $mwdb->prepare("select *, date(added) as day, substr(tag,2) as name from mwtag where tag=? order by added desc");
$res->execute(array('#' . $pathlist[$mwpath + 2]));
$data = $res->fetchAll(PDO::FETCH_ASSOC);
$smarty->assign("taglist", $data);
$output = $smarty->fetch($base . "templates/milliways_tag.tpl");
} else {
$res = $mwdb->prepare("select distinct tag, substr(tag,2) as name, count(tag) as count from mwtag group by tag order by count(tag) desc limit 20");
$res->execute();
$data = $res->fetchAll(PDO::FETCH_ASSOC);
$smarty->assign("toplist", $data);
$res = $mwdb->prepare("select distinct tag, substr(tag,2) as name, count(tag) as count, max(added) as dated, date(max(added)) as day from mwtag group by tag order by max(added) desc limit 20");
$res->execute();
$data = $res->fetchAll(PDO::FETCH_ASSOC);
$smarty->assign("latestlist", $data);
$output = $smarty->fetch($base . "templates/milliways_taglist.tpl");
}
$smarty->assign("title", "Milliways Tags");
$smarty->assign("body", $output);
$smarty->assign("extra_styles", "/css/milliways.css");
$smarty->assign("refresh", 120);
return;
}
exec("/usr/bin/mw -who", $wholist, $ret);
......@@ -214,18 +215,18 @@ $people = array();
$idlers = array();
foreach ($wholist as $person) {
$pid = strtok($person, " ");
if ($pid == "" || $pid == "Name" || substr($pid,0,5)=="-----") continue;
if ($pid == "" || $pid == "Name" || substr($pid, 0, 5) == "-----") continue;
$person = array(
"username" => trim(substr($person, 1, 16)),
"idle" => trim(substr($person, 18, 6)),
"idleseconds" => parseIdleTime(trim(substr($person, 18, 6))),
"what" => substr($person,25));
if ($person['idleseconds'] > 10800) {
$idlers[] = $person;
} else {
$people[] = $person;
}
"username" => trim(substr($person, 1, 16)),
"idle" => trim(substr($person, 18, 6)),
"idleseconds" => parseIdleTime(trim(substr($person, 18, 6))),
"what" => substr($person, 25));
if ($person['idleseconds'] > 10800) {
$idlers[] = $person;
} else {
$people[] = $person;
}
}
usort($people, 'compare_idletime');
......@@ -238,9 +239,9 @@ $mwdb = new PDO('sqlite:/var/lib/mw/mwuri.db');
$res = $mwdb->prepare("select *, time(added,'localtime') as hour, date(added,'localtime') as day from mwuri order by added desc limit 5");
$res->execute();
$urilist = $res->fetchAll(PDO::FETCH_ASSOC);
foreach ($urilist as $k=>$v) {
if ($v['title'] == "") $urilist[$k]['title']=$v['url'];
$urilist[$k]['title']=filter_var(trim($urilist[$k]['title']),FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_STRIP_LOW);
foreach ($urilist as $k => $v) {
if ($v['title'] == "") $urilist[$k]['title'] = $v['url'];
$urilist[$k]['title'] = filter_var(trim($urilist[$k]['title']), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_STRIP_LOW);
}
$smarty->assign("urilist", $urilist);
......@@ -249,11 +250,11 @@ $res->execute();
$taglist = $res->fetchAll(PDO::FETCH_ASSOC);
$smarty->assign("taglist", $taglist);
$smarty->assign("people",$people);
$smarty->assign("idlers",$idlers);
$output = $smarty->fetch($base."templates/milliways.tpl");
$smarty->assign("people", $people);
$smarty->assign("idlers", $idlers);
$output = $smarty->fetch($base . "templates/milliways.tpl");
$smarty->assign("title", "Milliways");
$smarty->assign("body", file_get_contents($base."static/fragments/Milliways.txt"));
$smarty->assign("body", file_get_contents($base . "static/fragments/Milliways.txt"));
$smarty->assign("secondary", $output);
$smarty->assign("refresh", 120);
?>
components/motd.php
View file @ e9d41fb4
<?php
$motd_file = "/etc/motd";
function decode_entities($text, $quote_style = ENT_COMPAT) {
if (function_exists('html_entity_decode')) {
$text = html_entity_decode($text, $quote_style, 'ISO-8859-1'); // NOTE: UTF-8 does not work!
}
else {
$trans_tbl = get_html_translation_table(HTML_ENTITIES, $quote_style);
$trans_tbl = array_flip($trans_tbl);
$text = strtr($text, $trans_tbl);
}
$text = preg_replace('~&ndash\;~i', '-', $text);
$text = preg_replace('~&#x([0-9a-f]+);~ei', 'chr(hexdec("\\1"))', $text);
$text = preg_replace('~&#([0-9]+);~e', 'chr("\\1")', $text);
return $text;
function decode_entities($text, $quote_style = ENT_COMPAT)
{
$text = html_entity_decode($text, $quote_style, 'ISO-8859-1'); // NOTE: UTF-8 does not work!
$text = preg_replace('~&ndash\;~i', '-', $text);
$text = preg_replace_callback('~&#x([0-9a-f]+);~i',
function ($matches) {
foreach ($matches as $match) {
return chr(hexdec($match));
}
},
$text);
$text = preg_replace_callback('~&#([0-9]+);~',
function ($matches) {
foreach ($matches as $match) {
return chr($match);
}
},
$text);
return $text;
}
//function to count and collect hyperlinks
$links_count = 0;
function linkcounter($uri) {
global $links_count, $uris;
$uris[++$links_count] = $uri;
return $links_count;
function linkcounter($uri)
{
global $links_count, $uris;
$uris[++$links_count] = $uri;
return $links_count;
}
$poemmode = 0;
$news = $DB->GetAll("SELECT * FROM news WHERE sticky=true AND expiry > now() ORDER BY date DESC");
if (count($news)<3) {
$news = $DB->GetAll("(SELECT * FROM news WHERE sticky=false AND expiry > now() ORDER by date DESC LIMIT ".(3-count($news)).") UNION SELECT * FROM news WHERE sticky=true AND expiry > now() ORDER BY date DESC");
if (count($news) < 3) {
$news = $DB->GetAll("(SELECT * FROM news WHERE sticky=false AND expiry > now() ORDER by date DESC LIMIT " . (3 - count($news)) . ") UNION SELECT * FROM news WHERE sticky=true AND expiry > now() ORDER BY date DESC");
}
if (count($news)<1) {
if (count($news) < 1) {
$news = $DB->GetAll("SELECT * FROM poems ORDER BY RANDOM() LIMIT 1");
$poemmode = 1;
}
$motd = "----------------------------- MESSAGE OF THE DAY ------------------------------\n\n";
for ($i=count($news)-1;$i>-1;$i--) {
$nitem = str_replace("\n", "", $news[$i]);
$nitem = str_replace("\r", "", $nitem);
$motd .= " ".$nitem['title']."\n";
$body = str_replace("</p>", "\n\n ", $nitem['body']);
$body = str_replace("<br />", "\n ", $body);
$body = str_replace("<li>", " * ", $body);
$body = str_replace("</li>", "\n ", $body);
$body = str_replace("&nbsp;", " ", $body);
$body = str_replace("&hellip;", "...", $body);
$body = str_replace("&apos;", "'", $body);
for ($i = count($news) - 1; $i > -1; $i--) {
$nitem = str_replace("\n", "", $news[$i]);
$nitem = str_replace("\r", "", $nitem);
$motd .= " " . $nitem['title'] . "\n";
$body = str_replace("</p>", "\n\n ", $nitem['body']);
$body = str_replace("<br />", "\n ", $body);
$body = str_replace("<li>", " * ", $body);
$body = str_replace("</li>", "\n ", $body);
$body = str_replace("&nbsp;", " ", $body);
$body = str_replace("&hellip;", "...", $body);
$body = str_replace("&apos;", "'", $body);
// remove hyperlinks, collect to display later
$body = preg_replace(":<a href=['\"](.+?)['\"].*?>(.*?)</a>:e", "'\\2['.linkcounter('\\1').']'", $body);
$body = strip_tags($body);
$body = decode_entities($body);
$body = wordwrap($body, 75, "\n ", 1);
$body = rtrim($body);
$motd .=" ".$body."\n";
if (isset($uris)) {
$footer = "----\n";
foreach ($uris as $urinum => $uri) {
$footer .= " [$urinum]: $uri\n";
//remove uri from list so it won't show up on the next post
unset($uris[$urinum]);
}
$motd .= " ".$footer;
}
$motd .= str_pad($nitem['author'], 78, " ", STR_PAD_LEFT)."\n";
$body = preg_replace_callback(":<a href=['\"](.+?)['\"].*?>(.*?)</a>:",
function ($matches) {
$i = linkcounter($matches[1]);
return $matches[0]."[".$i."]";
},
$body);
$body = strip_tags($body);
$body = decode_entities($body);
$body = wordwrap($body, 75, "\n ", 1);
$body = rtrim($body);
$motd .= " " . $body . "\n";
if (isset($uris)) {
$footer = "----\n";
foreach ($uris as $urinum => $uri) {
$footer .= " [$urinum]: $uri\n";
//remove uri from list so it won't show up on the next post
unset($uris[$urinum]);
}
$motd .= " " . $footer;
}
$motd .= str_pad($nitem['author'], 78, " ", STR_PAD_LEFT) . "\n";
if ($poemmode == 1 && $nitem['submitter'] != '') {
$motd .= str_pad("Submitted by ".$nitem['submitter'], 78, " ", STR_PAD_LEFT)."\n";
}
$motd .= "\n";
if ($poemmode == 1 && $nitem['submitter'] != '') {
$motd .= str_pad("Submitted by " . $nitem['submitter'], 78, " ", STR_PAD_LEFT) . "\n";
}
$motd .= "\n";
}
$motd .= "---------------------------- [ http://sucs.org/ ] -----------------------------\n";
//print($motd);
//if (time()-filemtime($motd_file) < 86000 && $poemmode == 1) { //86000 to allow a little slack depending on when cron runs
// print "MOTD too recent to replace with a poem!\n";
// print "MOTD too recent to replace with a poem!\n";
//} else {
file_put_contents($motd_file, $motd);
file_put_contents($motd_file, $motd);
//}
?>
?>
\ No newline at end of file
components/motd_wrapper.php
View file @ e9d41fb4
<?PHP
require("/var/www/sucssite/htdocs/settings.php");
require("/usr/share/php/adodb/adodb.inc.php");
$dbname = 'sucssite';
$dbuser = 'apache';
$dbuser = 'sucs_site_user';
$DB = NewADOConnection('postgres8');
$DB->Connect('dbname='.$dbname.' user='.$dbuser);
$DB = NewADOConnection('postgres9');
$DB->Connect('dbname=' . $dbname . ' user=' . $dbuser);
$DB->SetCharSet('utf8');
$DB->SetFetchMode(ADODB_FETCH_ASSOC);
include($base."components/motd.php");
include($base . "components/motd.php");
components/mw.php
View file @ e9d41fb4
<?
<?php
// guard against corrupt folder data
define("TOOBIG",102400);
define("TOOBIG", 102400);
function load_folders()
{
$f = fopen("/var/lib/mw/folders.bb", "r");
$folders = array();
while (!feof($f) && $fol=fread($f,64)) {
$data = unpack("Cstatus/A11name/A31topic/Cspare/Lfirst/Llast", $fol);
cleanup($data['name']);
cleanup($data['topic']);
if ($data['status'] & 0x01 && !($data['status']&0x20)) $folders[$data['name']] = $data;
}
fclose($f);
return $folders;
$f = fopen("/var/lib/mw/folders.bb", "r");
$folders = array();
while (!feof($f) && $fol = fread($f, 64)) {
$data = unpack("Cstatus/A11name/A31topic/Cspare/Lfirst/Llast", $fol);
cleanup($data['name']);
cleanup($data['topic']);
if ($data['status'] & 0x01 && !($data['status'] & 0x20)) $folders[$data['name']] = $data;
}
fclose($f);
return $folders;
}
function cleanup(&$foo)
{
$i=0;
$new = "";
while ($i < strlen($foo)) {
if ( ord($foo[$i]) == 0) break;
if (ctype_print($foo[$i]))
$new .= $foo[$i];
$i++;
}
$i = 0;
$new = "";
while ($i < strlen($foo)) {
if (ord($foo[$i]) == 0) break;
if (ctype_print($foo[$i]))
$new .= $foo[$i];
$i++;
}
// $foo = htmlentities($new);
$foo = $new;
$foo = $new;
}
function load_index($folname, $getbody=FALSE)
function load_index($folname, $getbody = FALSE)
{
$index = array();
$f = @fopen("/var/lib/mw/$folname.i", "r");
$body = @fopen("/var/lib/mw/$folname.t", "r");
if ($f === FALSE || $body === FALSE) return array();
while (!feof($f) && $fol=fread($f,128)) {
$data = unpack("Lref/Ldate/A17from/A41to/A41subject/c1spare/Ldatafield/Lsize/Cstatus/a3spare/Lreplyto/C4spare", $fol);
cleanup($data['subject']);
cleanup($data['to']);
cleanup($data['from']);
// not deleted, has data, and want it, so load the body
if (!( $data['status'] & 0x02)) {
if ($getbody && $data['size']>0 && $data['size'] < TOOBIG) {
fseek($body, $data['datafield']);
//$data['body'] = htmlentities(fread($body, $data['size']));
$data['body'] = fread($body, $data['size']);
}
$index[ $data['ref'] ] = $data;
}
}
fclose($f);
return $index;
$index = array();
$f = @fopen("/var/lib/mw/$folname.i", "r");
$body = @fopen("/var/lib/mw/$folname.t", "r");
if ($f === FALSE || $body === FALSE) return array();
while (!feof($f) && $fol = fread($f, 128)) {
$data = unpack("Lref/Ldate/A17from/A41to/A41subject/c1spare/Ldatafield/Lsize/Cstatus/a3spare/Lreplyto/C4spare", $fol);
cleanup($data['subject']);
cleanup($data['to']);
cleanup($data['from']);
// not deleted, has data, and want it, so load the body
if (!($data['status'] & 0x02)) {
if ($getbody && $data['size'] > 0 && $data['size'] < TOOBIG) {
fseek($body, $data['datafield']);
//$data['body'] = htmlentities(fread($body, $data['size']));
$data['body'] = fread($body, $data['size']);
}
$index[$data['ref']] = $data;
}
}
fclose($f);
return $index;
}
// Count how many articles are replies to this one
function count_sub(&$haystack, $ref)
{
$count = 0;
foreach($haystack as $k => $v)
{
if ($v['replyto'] == $ref) {
$count++;
$count += count_sub($haystack, $v['ref']);
}
}
return $count;
$count = 0;
foreach ($haystack as $k => $v) {
if ($v['replyto'] == $ref) {
$count++;
$count += count_sub($haystack, $v['ref']);
}
}
return $count;
}
function fetch_sub(&$all, $ref)
{
$sub = array();
foreach($all as $k => $v) {
if ($v['replyto'] == $ref) {
$sub[$k] = $v;
$sub = array_merge($sub, fetch_sub($all, $v['ref']));
}
}
return $sub;
$sub = array();
foreach ($all as $k => $v) {
if ($v['replyto'] == $ref) {
$sub[$k] = $v;
$sub = array_merge($sub, fetch_sub($all, $v['ref']));
}
}
return $sub;
}
function post_article($folder, $user, $replyto)
{
$folder = escapeshellarg($folder);
$f = popen("/usr/bin/mw -f $folder $user $replyto","w");
$to = strip_tags($_POST['to']);
$subject = strip_tags($_POST['subject']);
$body = strip_tags( $_POST['body']);
$to = preg_replace('/[^[:alnum:][:punct:][:space:]]*/','',trim($to));
$subject = preg_replace('/[^[:alnum:][:punct:][:space:]]*/','',trim($subject));
$body = preg_replace("/\n\\.\n","\n .\n/",$body);
$deb = fopen("/tmp/mwdebug.txt","w");
fwrite($deb, "folder: '$folder'\n");
fwrite($deb, "user: '$user'\n");
fwrite($deb, "replyto: '$replyto'\n");
fwrite($deb, "to: '$to'\n"); // Send to
fwrite($deb, "sub: '$subject'\n"); // subject
fwrite($deb,"body:\n$body\n.\n"); // end post
if ($replyto == 0) {
fwrite($f, "$to\n"); // Send to
fwrite($f, "$subject\n"); // subject
fwrite($f,"$body\n.\n"); // end post
} else {
fwrite($f, "$subject\n"); // subject
fwrite($f, "$to\n"); // send to
fwrite($f,"$body\n.\n"); // end post
}
$ret = pclose($f);
fwrite($deb, "Exit = ".($ret/256)."\n");
fclose($deb);
$folder = escapeshellarg($folder);
$f = popen("/usr/bin/mw -f $folder $user $replyto", "w");
$to = strip_tags($_POST['to']);
$subject = strip_tags($_POST['subject']);
$body = strip_tags($_POST['body']);
$to = preg_replace('/[^[:alnum:][:punct:][:space:]]*/', '', trim($to));
$subject = preg_replace('/[^[:alnum:][:punct:][:space:]]*/', '', trim($subject));
$body = preg_replace("/\n\\.\n", "\n .\n/", $body);
$deb = fopen("/tmp/mwdebug.txt", "w");
fwrite($deb, "folder: '$folder'\n");
fwrite($deb, "user: '$user'\n");
fwrite($deb, "replyto: '$replyto'\n");
fwrite($deb, "to: '$to'\n"); // Send to
fwrite($deb, "sub: '$subject'\n"); // subject
fwrite($deb, "body:\n$body\n.\n"); // end post
if ($replyto == 0) {
fwrite($f, "$to\n"); // Send to
fwrite($f, "$subject\n"); // subject
fwrite($f, "$body\n.\n"); // end post
} else {
fwrite($f, "$subject\n"); // subject
fwrite($f, "$to\n"); // send to
fwrite($f, "$body\n.\n"); // end post
}
$ret = pclose($f);
fwrite($deb, "Exit = " . ($ret / 256) . "\n");
fclose($deb);
}
if (!$session->loggedin) {
$smarty->assign("title", "Milliways");
$smarty->assign("body", "Sorry, you must be logged in for this feature");
return;
$smarty->assign("title", "Milliways");
$smarty->assign("body", "Sorry, you must be logged in for this feature");
return;
}
$folders = load_folders();
$smarty->assign_by_ref("folders", $folders);
$smarty->assignByRef("folders", $folders);
$smarty->assign("extra_styles", array("/css/forum/SUCS.css"));
unset($mode);
$last = end($pathlist);
if ($last == "new" || $last == "reply") {
$mode = $last;
array_pop($pathlist);
$path = implode("/",$pathlist);
/* $smarty->assign("extra_scripts", array(
'<script language="javascript" type="text/javascript" src="/js/tinymce/jscripts/tiny_mce/tiny_mce.js"></script>',
'<script language="javascript" type="text/javascript" src="/js/tiny_mce.js"></script>'
));
*/
$mode = $last;
array_pop($pathlist);
$path = implode("/", $pathlist);
/* $smarty->assign("extra_scripts", array(
'<script language="javascript" type="text/javascript" src="/js/tinymce/jscripts/tiny_mce/tiny_mce.js"></script>',
'<script language="javascript" type="text/javascript" src="/js/tiny_mce.js"></script>'
));
*/
}
if ($last == "post") {
$mode = $last;
array_pop($pathlist);
$path = implode("/",$pathlist);
$mode = $last;
array_pop($pathlist);
$path = implode("/", $pathlist);
}
$smarty->assign("mode",$mode);
$smarty->assign("mode", $mode);
$shortpathlist = $pathlist;
array_pop($shortpathlist);
$shortpath = implode("/",$shortpathlist);
$smarty->assign("shortpath",$shortpath);
$shortpath = implode("/", $shortpathlist);
$smarty->assign("shortpath", $shortpath);
if (isset($pathlist[3])) {
$name = $pathlist[3];
if (isset($folders[$name])) {
$smarty->assign("folder", $folders[$name]['name']);
$all = load_index($name, TRUE);
// One specific article was mentioned
if (isset($pathlist[4])) {
$artno = (int)$pathlist[4];
if (isset($all[$artno])) {
if ($mode == "post") {
post_article($name, $session->username, $artno);
$all = load_index($name, TRUE);
}
$smarty->assign("title", "Milliways");
$smarty->assign_by_ref("message", $all[$artno]);
$sub = fetch_sub($all, $all[$artno]['ref']);
$smarty->assign_by_ref("articles", $sub);
$smarty->assign("howmany",count($sub));
$output = $smarty->fetch($base."templates/mw-article.tpl");
}
} else {
if ($mode == "post") {
post_article($name, $session->username, 0);
$all = load_index($name, TRUE);
}
// list all the articles in this folder
$top = array();
foreach ($all as $k => $v) {
if ($v['replyto'] == 0 ) {
$v['suball'] = fetch_sub($all,$v['ref']);
$v['sub'] = count($v['suball']);
$l = end($v['suball']);
$v['lastpost'] = $l['date'];
$v['lastfrom'] = $l['from'];
$top[$k]=$v;
}
}
$top = array_reverse($top);
$smarty->assign("title", htmlentities("Milliways - Folder $name"));
$smarty->assign_by_ref("articles", $top);
$output = $smarty->fetch($base."templates/mw-list.tpl");
}
} else {
$output = "Error, no such folder $name";
}
$smarty->assign("body", $output);
$name = $pathlist[3];
if (isset($folders[$name])) {
$smarty->assign("folder", $folders[$name]['name']);
$all = load_index($name, TRUE);
// One specific article was mentioned
if (isset($pathlist[4])) {
$artno = (int)$pathlist[4];
if (isset($all[$artno])) {
if ($mode == "post") {
post_article($name, $session->username, $artno);
$all = load_index($name, TRUE);
}
$smarty->assign("title", "Milliways");
$smarty->assign_by_ref("message", $all[$artno]);
$sub = fetch_sub($all, $all[$artno]['ref']);
$smarty->assign_by_ref("articles", $sub);
$smarty->assign("howmany", count($sub));
$output = $smarty->fetch($base . "templates/mw-article.tpl");
}
} else {
if ($mode == "post") {
post_article($name, $session->username, 0);
$all = load_index($name, TRUE);
}
// list all the articles in this folder
$top = array();
foreach ($all as $k => $v) {
if ($v['replyto'] == 0) {
$v['suball'] = fetch_sub($all, $v['ref']);
$v['sub'] = count($v['suball']);
$l = end($v['suball']);
$v['lastpost'] = $l['date'];
$v['lastfrom'] = $l['from'];
$top[$k] = $v;
}
}
$top = array_reverse($top);
$smarty->assign("title", htmlentities("Milliways - Folder $name"));
$smarty->assign_by_ref("articles", $top);
$output = $smarty->fetch($base . "templates/mw-list.tpl");
}
} else {
$output = "Error, no such folder $name";
}
$smarty->assign("body", $output);
} else {
// List all the folders
foreach($folders as $k => $v) {
$list = load_index($v['name']);
$topics = 0;
foreach ($list as $art) if ($art['replyto'] == 0) $topics++;
$folders[$k]['topics'] = $topics;
$lastone = end($list);
$folders[$k]['lastpost'] = $lastone['date'];
}
$smarty->assign("title", "Milliways - Topic List");
$output = $smarty->fetch($base."templates/mw-folders.tpl");
$smarty->assign("body", $output);
// List all the folders
foreach ($folders as $k => $v) {
$list = load_index($v['name']);
$topics = 0;
foreach ($list as $art) if ($art['replyto'] == 0) $topics++;
$folders[$k]['topics'] = $topics;
$lastone = end($list);
$folders[$k]['lastpost'] = $lastone['date'];
}
$smarty->assign("title", "Milliways - Topic List");
$output = $smarty->fetch($base . "templates/mw-folders.tpl");
$smarty->assign("body", $output);
}
?>
components/news.php
View file @ e9d41fb4
<?php
// Ensure we have a trailing slash so that relative links within the page work
if ($_SERVER['PATH_INFO']=="/News") header("Location: ".$baseurl."/News/");
if ($_SERVER['PATH_INFO'] == "/News") header("Location: " . $baseurl . "/News/");
// A user must be in the staff group in order to edit content in this component
$permission = "sucsstaff";
......@@ -8,39 +8,39 @@ $newstable = "news";
if (isset($session->groups[$permission])) {
// display Edit links on page
$smarty->assign("editable", TRUE);
switch (@$_REQUEST['action']) {
case "Save":
$record['title'] = $_REQUEST['edittitle'];
$record['body'] = $_REQUEST['body'];
if (isset($_REQUEST['sticky']))
$record['sticky'] = 't';
else
$record['sticky'] = 'f';
if ($_REQUEST['id']=="*") {
$record['author'] = $session->username;
$record['date'] = "now";
$DB->AutoExecute($newstable, $record, 'INSERT');
} else {
$DB->AutoExecute($newstable, $record, 'UPDATE', "id=".$DB->qstr($_REQUEST['id']));
}
include("motd.php");
break;
case "Delete":
$deleted = $DB->Execute("DELETE FROM $newstable WHERE id=?", array($_REQUEST['id']));
include("motd.php");
break;
case "Expire":
$expired = $DB->Execute("UPDATE $newstable SET expiry=now() WHERE id=?", array($_REQUEST['id']));
include("motd.php");
break;
}
$smarty->assign("editable", TRUE);
switch (@$_REQUEST['action']) {
case "Save":
$record['title'] = $_REQUEST['edittitle'];
$record['body'] = $_REQUEST['body'];
if (isset($_REQUEST['sticky']))
$record['sticky'] = 't';
else
$record['sticky'] = 'f';
if ($_REQUEST['id'] == "*") {
$record['author'] = $session->username;
$record['date'] = "now";
$DB->AutoExecute($newstable, $record, 'INSERT');
} else {
$DB->AutoExecute($newstable, $record, 'UPDATE', "id=" . $DB->qstr($_REQUEST['id']));
}
include("motd.php");
break;
case "Delete":
$deleted = $DB->Execute("DELETE FROM $newstable WHERE id=?", array($_REQUEST['id']));
include("motd.php");
break;
case "Expire":
$expired = $DB->Execute("UPDATE $newstable SET expiry=now() WHERE id=?", array($_REQUEST['id']));
include("motd.php");
break;
}
}
$query = "SELECT *, date_part('epoch', expiry) AS expirytime FROM news";
if (@$pathlist[2]!="") $query .= " WHERE title=".$DB->qstr($pathlist[2]);
if (@$pathlist[2] != "") $query .= " WHERE title=" . $DB->qstr($pathlist[2]);
$query .= " ORDER BY date DESC";
$smarty->assign("news", $DB->GetArray($query));
......@@ -50,25 +50,25 @@ $smarty->assign("title", "News");
if (isset($session->groups[$permission])) {
// Perform any requested actions
switch (@$_REQUEST['action']) {
case "create":
$news = array(array("id" => "*"));
$smarty->assign("news", $news);
case "edit":
$output = $smarty->fetch("news_edit.tpl");
$smarty->assign("action", "edit");
$smarty->assign("title", "Edit News");
break;
case "delete-query":
$output = $smarty->fetch('news_delete.tpl').$output;
break;
case "expire-query":
$output = $smarty->fetch('news_expire.tpl').$output;
break;
case "Delete":
if ($deleted) $output = "News item deleted";
break;
}
switch (@$_REQUEST['action']) {
case "create":
$news = array(array("id" => "*"));
$smarty->assign("news", $news);
case "edit":
$output = $smarty->fetch("news_edit.tpl");
$smarty->assign("action", "edit");
$smarty->assign("title", "Edit News");
break;
case "delete-query":
$output = $smarty->fetch('news_delete.tpl') . $output;
break;
case "expire-query":
$output = $smarty->fetch('news_expire.tpl') . $output;
break;
case "Delete":
if ($deleted) $output = "News item deleted";
break;
}
}
$smarty->assign("body", $output);
......
components/options.php
View file @ e9d41fb4
......@@ -5,210 +5,220 @@ require_once("../lib/validation.php");
require_once("Net/MAC.php");
include_once("../lib/date.php");
// password hash, renewal functions
include_once("../lib/member_functions.php");
// Some Constants
// These could possibly be moved somewhere saner?
define('GUESTNET_LOW','137.44.10.130'); // These could possibly be a set of ranges or a subnet which might be saner?
define('GUESTNET_HIGH','137.44.10.134'); // These could possibly be a set of ranges or a subnet which might be saner?
$sucsdbname = 'sucs'; // This was stored in config, I just don't have it here in the test
define('GUESTNET_LOW', '137.44.10.130'); // These could possibly be a set of ranges or a subnet which might be saner?
define('GUESTNET_HIGH', '137.44.10.134'); // These could possibly be a set of ranges or a subnet which might be saner?
// Helper Functions
// Could these be moved to some kind of library?
// Set next payment date
$paydate = "Sept. ".(academicYear(time())+1);
$paydate = "Sept. " . (academicYear(time()) + 1);
// function to change a user's password
function changePassword ($oldpass, $newpass1, $newpass2) {
global $session;
if ($newpass1 !== $newpass2) {
// new passwords do not match!
trigger_error("New passwords do not match", E_USER_WARNING);
return FALSE;
}
$reason = weakPassword($newpass1);
if ($reason !== FALSE) {
trigger_error("New password is weak: $reason", E_USER_WARNING);
return FALSE;
}
if (!($ldap = @ldap_connect("ldap://localhost"))) {
trigger_error("LDAP connect failed", E_USER_ERROR);
return FALSE;
}
if (!($ldapbind = ldap_bind($ldap, "uid=".$session->username.",ou=People,dc=sucs,dc=org",$oldpass))) {
trigger_error("Existing password incorrect", E_USER_WARNING);
ldap_close($ldap);
return FALSE;
}
// if everything looks OK, attempt to make the change
$success = ldap_mod_replace ($ldap, "uid=".$session->username.",ou=People,dc=sucs,dc=org",
array('userpassword' => "{SHA}".base64_encode(pack("H*", sha1($newpass1)))));
ldap_close($ldap);
return $success;
function changePassword($oldpass, $newpass1, $newpass2)
{
global $session;
if ($newpass1 !== $newpass2) {
// new passwords do not match!
trigger_error("New passwords do not match", E_USER_WARNING);
return FALSE;
}
$reason = weakPassword($newpass1);
if ($reason !== FALSE) {
trigger_error("New password is weak: $reason", E_USER_WARNING);
return FALSE;
}
if (!($ldap = @ldap_connect("ldap://localhost"))) {
trigger_error("LDAP connect failed", E_USER_ERROR);
return FALSE;
}
if (!($ldapbind = ldap_bind($ldap, "uid=" . $session->username . ",ou=People,dc=sucs,dc=org", $oldpass))) {
trigger_error("Existing password incorrect", E_USER_WARNING);
ldap_close($ldap);
return FALSE;
}
// if everything looks OK, attempt to make the change
$success = ldap_mod_replace($ldap, "uid=" . $session->username . ",ou=People,dc=sucs,dc=org",
array('userpassword' => "{CRYPT}" . cryptPassword($newpass1)));
ldap_close($ldap);
return $success;
}
// function to update contact details
function changeContactDetails($address, $phone, $externalEmail) {
global $sucsDB, $session, $error;
// Do some kind of checking here
// Check valid email (do we have a function for this?
if (!validEmail($externalEmail))
return FALSE; // Valid Email handles errors itself
// Check valid phone number (do we have a function for this?)
if (empty($phone) || (strlen($phone) < 6)) {
trigger_error("You must have a contact phone number!", E_USER_WARNING);
return FALSE;
}
// Update
if ($sucsDB->Execute('UPDATE members SET address = ?,phone = ?, email = ?, lastupdate = now(), lastedit = uid WHERE username = ?',
array($address, $phone, $externalEmail, $session->username)) === FALSE) {
trigger_error("There was an error updating your contact details. Please contact admin.", E_USER_ERROR);
return FALSE;
}
return TRUE;
function changeContactDetails($address, $phone, $externalEmail)
{
global $sucsDB, $session, $error;
// Do some kind of checking here
// Check valid email (do we have a function for this?
if (!validEmail($externalEmail))
return FALSE; // Valid Email handles errors itself
// Check valid phone number (do we have a function for this?)
if (empty($phone) || (strlen($phone) < 6)) {
trigger_error("You must have a contact phone number!", E_USER_WARNING);
return FALSE;
}
// Update
if ($sucsDB->Execute('UPDATE members SET address = ?,phone = ?, email = ?, lastupdate = now(), lastedit = uid WHERE username = ?',
array($address, $phone, $externalEmail, $session->username)) === FALSE
) {
trigger_error("There was an error updating your contact details. Please contact admin.", E_USER_ERROR);
return FALSE;
}
return TRUE;
}
function changeGuestnetDetails($wiredMAC) {
global $sucsDB, $session, $error;
// Get UID as we don't have it yet
if(($uid = $sucsDB->GetOne("SELECt uid FROM members WHERE username = ?", array($session->username))) === FALSE) {
trigger_error("There was an error updating your GuestNET MAC Address. Please contact admin. (UID)", E_USER_ERROR);
return FALSE;
}
// Replace the guestnet record with the one with the new mac
if (!$sucsDB->Replace('guestnet', array('mac' => "'$wiredMAC'", 'uid' => $uid), 'uid')) {
trigger_error("There was an error updating your GuestNET MAC Address. Please contact admin. (QUERY)", E_USER_ERROR);
return FALSE;
}
exec('/usr/local/bin/update-dhcpd', $placeholder, $returnVar);
if ($returnVar == 0) {
return TRUE;
// $message[] = 'GuestNet MAC Address updated. Please wait a minute or two for the changes to take effect.';
} else {
trigger_error("There was an error updating your GuestNet Mac Address. Please contact admin. (RETURNVAR)", E_USER_ERROR);
return FALSE;
}
function changeGuestnetDetails($wiredMAC)
{
global $sucsDB, $session, $error;
// Get UID as we don't have it yet
if (($uid = $sucsDB->GetOne("SELECt uid FROM members WHERE username = ?", array($session->username))) === FALSE) {
trigger_error("There was an error updating your GuestNET MAC Address. Please contact admin. (UID)", E_USER_ERROR);
return FALSE;
}
// Replace the guestnet record with the one with the new mac
if (!$sucsDB->Replace('guestnet', array('mac' => "'$wiredMAC'", 'uid' => $uid), 'uid')) {
trigger_error("There was an error updating your GuestNET MAC Address. Please contact admin. (QUERY)", E_USER_ERROR);
return FALSE;
}
exec('/usr/local/bin/update-dhcpd', $placeholder, $returnVar);
if ($returnVar == 0) {
return TRUE;
// $message[] = 'GuestNet MAC Address updated. Please wait a minute or two for the changes to take effect.';
} else {
trigger_error("There was an error updating your GuestNet Mac Address. Please contact admin. (RETURNVAR)", E_USER_ERROR);
return FALSE;
}
}
// Checks whether the given string mac address is valid
function isValidMACAddr($mac) {
function isValidMACAddr($mac)
{
if (Net_MAC::check($mac)) {
return TRUE;
}else{
} else {
return FALSE;
}
}
// Returns the users GuestNet MAC Address if they have one and false otherwise
function getGuestNetMAC() {
$ip = trim($_SERVER['REMOTE_ADDR']);
// Sanity Check ip?
// Check we are in the correct ip range (unregistered GuestNET addresses)
if (ip2long($ip) && (ip2long($ip) >= ip2long(GUESTNET_LOW)) && (ip2long($ip) <= ip2long(GUESTNET_HIGH))) {
exec("sudo /usr/local/sbin/gw-copy-arp.sh", $placeholder, $returnVar);
if ($returnVar == 0) {
$arpLines = file('/tmp/gwarp');
foreach ($arpLines as $arpLine) {
$arpFields = preg_split('/[\s\t\n]+/', $arpLine);
if ($arpFields[0] == $ip) {
// Perhaps do some checking on the mac here?
if (isValidMACAddr($arpFields[3]))
return $arpFields[3];
else
break;
}
}
}
// We didn't find their mac address :\
trigger_error("There was an error finding your MAC Address. Please contact admin.", E_USER_ERROR);
return FALSE;
} else {
return FALSE;
}
function getGuestNetMAC()
{
$ip = trim($_SERVER['REMOTE_ADDR']);
// Sanity Check ip?
// Check we are in the correct ip range (unregistered GuestNET addresses)
if (ip2long($ip) && (ip2long($ip) >= ip2long(GUESTNET_LOW)) && (ip2long($ip) <= ip2long(GUESTNET_HIGH))) {
exec("sudo /usr/local/sbin/gw-copy-arp.sh", $placeholder, $returnVar);
if ($returnVar == 0) {
$arpLines = file('/tmp/gwarp');
foreach ($arpLines as $arpLine) {
$arpFields = preg_split('/[\s\t\n]+/', $arpLine);
if ($arpFields[0] == $ip) {
// Perhaps do some checking on the mac here?
if (isValidMACAddr($arpFields[3]))
return $arpFields[3];
else
break;
}
}
}
// We didn't find their mac address :\
trigger_error("There was an error finding your MAC Address. Please contact admin.", E_USER_ERROR);
return FALSE;
} else {
return FALSE;
}
}
// Delete the user's hackergotchi file cause they've decided they're too embarrassed by it
function clearHackergotchi() {
global $session;
$imagefilepath = hackergotchiPath($session->username);
if (unlink(realpath($imagefilepath))) {
return true;
} else {
trigger_error("Unable to remove hackergotchi file", E_USER_ERROR);
return false;
}
function clearHackergotchi()
{
global $session;
$imagefilepath = hackergotchiPath($session->username);
if (unlink(realpath($imagefilepath))) {
return true;
} else {
trigger_error("Unable to remove hackergotchi file", E_USER_ERROR);
return false;
}
}
// construct the filesystem path to a user's hackergotchi picture
function hackergotchiPath($username) {
global $base;
$path = $base."htdocs/pictures/people/".$username.".png";
return $path;
function hackergotchiPath($username)
{
global $base;
$path = $base . "htdocs/pictures/people/" . $username . ".png";
return $path;
}
// Takes an entry from $_FILES and makes this the new hackergotchi
function updateHackergotchi($fileDetails) {
global $session;
if ( ((list($width, $height, $type, $attr) = @getimagesize($fileDetails['tmp_name'])) !== false)) {
if ($type != IMAGETYPE_PNG) {
trigger_error("Uploaded hackergotchi is not in PNG format. Please convert your image to PNG and try again.", E_USER_ERROR);
return FALSE;
} else if (($width > 128) || ($height > 128)) {
trigger_error("Uploaded hackergotchi is too large. Hackergotchis must be 128x128 pixels or smaller.", E_USER_ERROR);
return FALSE;
}
$imagefilepath = hackergotchiPath($session->username);
// Move uploaded hackergotchi into place
if( move_uploaded_file($fileDetails['tmp_name'], $imagefilepath) && chmod($imagefilepath, 0644) ) {
return TRUE;
}
}
// We should have returned True by now
trigger_error("There was an error updating your hackergotchi. Please contact admin.", E_USER_ERROR);
return FALSE;
function updateHackergotchi($fileDetails)
{
global $session;
if (((list($width, $height, $type, $attr) = @getimagesize($fileDetails['tmp_name'])) !== false)) {
if ($type != IMAGETYPE_PNG) {
trigger_error("Uploaded hackergotchi is not in PNG format. Please convert your image to PNG and try again.", E_USER_ERROR);
return FALSE;
} else if (($width > 128) || ($height > 128)) {
trigger_error("Uploaded hackergotchi is too large. Hackergotchis must be 128x128 pixels or smaller.", E_USER_ERROR);
return FALSE;
}
$imagefilepath = hackergotchiPath($session->username);
// Move uploaded hackergotchi into place
if (move_uploaded_file($fileDetails['tmp_name'], $imagefilepath) && chmod($imagefilepath, 0644)) {
return TRUE;
}
}
// We should have returned True by now
trigger_error("There was an error updating your hackergotchi. Please contact admin.", E_USER_ERROR);
return FALSE;
}
function updateRenew() {
global $sucsDB, $session, $error;
global $paydate;
if (!isset($_REQUEST['userid']) || !isset($_REQUEST['supass'])) {
trigger_error("Invalid renewal info", E_USER_ERROR);
return FALSE;
}
$userid = (int)$_REQUEST['userid'];
$pass = $_REQUEST['supass'];
$member = $sucsDB->GetRow("select * from members left join member_type on members.type=member_type.id where username='".$session->username."'");
$signup = $sucsDB->GetRow("select * from signup where id=?", array($userid));
if (!is_array($signup) || count($signup) < 1) {
trigger_error("Invalid renewal info", E_USER_ERROR);
return FALSE;
}
if ($signup['password'] != $pass) {
trigger_error("Invalid renewal info", E_USER_ERROR);
return FALSE;
}
if ($signup['activated'] != NULL) {
trigger_error("Signup slip already used", E_USER_ERROR);
return FALSE;
}
$sucsDB->Execute("update members set paid=?, lastupdate=DEFAULT, lastedit=uid where uid=?", array($paydate, $member['uid']));
$sucsDB->Execute("update signup set activated=NOW(), username=? where id=?", array($member['username'], $signup['id']));
return TRUE;
function updateRenew()
{
global $sucsDB, $session, $error;
global $paydate;
if (!isset($_REQUEST['userid']) || !isset($_REQUEST['supass'])) {
trigger_error("Invalid renewal info", E_USER_ERROR);
return FALSE;
}
$userid = (int)$_REQUEST['userid'];
$pass = $_REQUEST['supass'];
$member = $sucsDB->GetRow("select * from members left join member_type on members.type=member_type.id where username='" . $session->username . "'");
$signup = $sucsDB->GetRow("select * from signup where id=?", array($userid));
if (!is_array($signup) || count($signup) < 1) {
trigger_error("Invalid renewal info", E_USER_ERROR);
return FALSE;
}
if ($signup['password'] != $pass) {
trigger_error("Invalid renewal info", E_USER_ERROR);
return FALSE;
}
if ($signup['activated'] != NULL) {
trigger_error("Signup slip already used", E_USER_ERROR);
return FALSE;
}
renew_membership($member['username']);
$sucsDB->Execute("update signup set activated=NOW(), username=? where id=?", array($member['username'], $signup['id']));
return TRUE;
}
// Template Setup
......@@ -217,74 +227,71 @@ $smarty->assign('session', $session);
if ($session->loggedin === TRUE) {
$sucsDB = NewADOConnection('postgres8');
$sucsDB->Connect('dbname='.$sucsdbname.' user=apache');
$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC);
// $sucsDB->debug = true;
$newGuestNetMAC = getGuestNetMAC();
// Handle Postbacks
if (isset($_POST['action'])) {
switch($_POST['action']) {
case 'changepass' :
if (changePassword($_POST['oldpass'], $_POST['newpass1'], $_POST['newpass2'])) {
message_flash('Password changed.');
} else {
// Should we log something here for bug trcaking use?
trigger_error("Password change failed.", E_USER_WARNING);
}
break;
case 'changecontact' :
if(changeContactDetails($_POST['address'], $_POST['phone'], $_POST['email'])) {
message_flash('Contact Details Updated.');
}
break;
case 'changeguestnet' :
if(changeGuestNetDetails($newGuestNetMAC)) {
message_flash('GuestNet Details Updated!');
}
break;
case 'updatehackergotchi' :
if (updateHackergotchi($_FILES['hackergotchi'])) {
message_flash('Hackergotchi Updated');
}
break;
case 'clearhackergotchi' :
if (clearHackergotchi()) {
message_flash('Hackergotchi Cleared');
}
break;
case 'renew' :
if (updateRenew()) {
message_flash('Account renewed');
}
break;
}
}
// Display Details
// Some checking could be done here to ensure we have a members record. Ideally we should
// be able to assume this though if they are logged in.
if (is_file($base."htdocs/pictures/people/".$session->username.".png")) $smarty->assign('hackergotchi', TRUE);
$member = $sucsDB->GetRow("select * from members left join member_type on members.type=member_type.id where username='".$session->username."'");
$smarty->assign('paydate', $paydate);
if(($currentGuestNetMAC = $sucsDB->GetOne('SELECT * FROM guestnet WHERE uid=?', array((int)$member['uid']))) !== FALSE) {
$smarty->assign('currentGuestNetMAC', $currentGuestNetMAC);
} else {
$smarty->assign('currentGuestNetMAC', '');
}
if (($newGuestNetMAC !== false) && ($newGuestNetMAC != $currentGuestNetMAC)) {
$smarty->assign('newGuestNetMAC', $newGuestNetMAC);
}
$smarty->assign('member', $member);
$newGuestNetMAC = getGuestNetMAC();
// Handle Postbacks
if (isset($_POST['action'])) {
switch ($_POST['action']) {
case 'changepass' :
if (changePassword($_POST['oldpass'], $_POST['newpass1'], $_POST['newpass2'])) {
message_flash('Password changed.');
} else {
// Should we log something here for bug trcaking use?
trigger_error("Password change failed.", E_USER_WARNING);
}
break;
case 'changecontact' :
if (changeContactDetails($_POST['address'], $_POST['phone'], $_POST['email'])) {
message_flash('Contact Details Updated.');
}
break;
case 'changeguestnet' :
if (changeGuestNetDetails($newGuestNetMAC)) {
message_flash('GuestNet Details Updated!');
}
break;
case 'updatehackergotchi' :
if (updateHackergotchi($_FILES['hackergotchi'])) {
message_flash('Hackergotchi Updated');
}
break;
case 'clearhackergotchi' :
if (clearHackergotchi()) {
message_flash('Hackergotchi Cleared');
}
break;
case 'renew' :
if (updateRenew()) {
message_flash('Account renewed');
}
break;
}
}
// Display Details
// Some checking could be done here to ensure we have a members record. Ideally we should
// be able to assume this though if they are logged in.
if (is_file($base . "htdocs/pictures/people/" . $session->username . ".png")) $smarty->assign('hackergotchi', TRUE);
$member = $sucsDB->GetRow("select * from members left join member_type on members.type=member_type.id where username='" . $session->username . "'");
$smarty->assign('paydate', $paydate);
if (($currentGuestNetMAC = $sucsDB->GetOne('SELECT * FROM guestnet WHERE uid=?', array((int)$member['uid']))) !== FALSE) {
$smarty->assign('currentGuestNetMAC', $currentGuestNetMAC);
} else {
$smarty->assign('currentGuestNetMAC', '');
}
if (($newGuestNetMAC !== false) && ($newGuestNetMAC != $currentGuestNetMAC)) {
$smarty->assign('newGuestNetMAC', $newGuestNetMAC);
}
$smarty->assign('member', $member);
}
......
components/pagemap.php
View file @ e9d41fb4
<?php
$permission="html";
$permission = "html";
// Only html group members can use this page - horrible emergency bodge
if (isset($session->groups[$permission])) {
......@@ -10,28 +10,28 @@ if (isset($session->groups[$permission])) {
unset($output);
if (@$pathlist[3] == "Edit") {
if (isset($_REQUEST['mapid'])) {
$id = (int)$_REQUEST['mapid'];
$res = $DB->GetAll("SELECT * FROM pagemap where id=?", array($id));
if ($res && count($res) > 0) {
$smarty->assign("oldmap",$res[0]);
$output = $smarty->fetch($base."templates/pagemap_edit.tpl");
} else {
header("Location: /Admin/Pagemap");
exit;
}
} else {
header("Location: /Admin/Pagemap");
exit;
}
}
if (isset($_REQUEST['mapid'])) {
$id = (int)$_REQUEST['mapid'];
$res = $DB->GetAll("SELECT * FROM pagemap where id=?", array($id));
if ($res && count($res) > 0) {
$smarty->assign("oldmap", $res[0]);
$output = $smarty->fetch($base . "templates/pagemap_edit.tpl");
} else {
header("Location: /Admin/Pagemap");
exit;
}
} else {
header("Location: /Admin/Pagemap");
exit;
}
}
}
if (!isset($output)) {
$smarty->assign("map",$DB->GetAll("SELECT * FROM pagemap ORDER BY depth, path"));
$output = $smarty->fetch($base."templates/pagemap.tpl");
$smarty->assign("map", $DB->GetAll("SELECT * FROM pagemap ORDER BY depth, path"));
$output = $smarty->fetch($base . "templates/pagemap.tpl");
}
$smarty->assign("title", "Page Map");
$smarty->assign("body", $output);
......
components/pastebin.php
View file @ e9d41fb4
......@@ -2,63 +2,63 @@
/**
* Notes :
* % Need to either a) install Text_Highlighter as a PEAR module properly or b) alter it so
* that it can be included properly without having a Text/ directory at the same level
* % Need to either a) install Text_Highlighter as a PEAR module properly or b) alter it so
* that it can be included properly without having a Text/ directory at the same level
* as the index file.
* % Needs some form of cron job or similar to remove old entries
* * This would seem preferable to running a delete query every page view
* * The retain_until field is there and set by the script so
* the framework is there for removal.
* * Rather than using a cron job this could be done using a simple timestamp stored in a php
* file which could be included (ie $timestamp = X, then include that and
* if($timestamp >= now()) { delete query }
* % Preventing XSS in User input needed
* * Should be handled by any User Auth
* % Needs Checking for Aeternus-Brand Stupidity
* * This would seem preferable to running a delete query every page view
* * The retain_until field is there and set by the script so
* the framework is there for removal.
* * Rather than using a cron job this could be done using a simple timestamp stored in a php
* file which could be included (ie $timestamp = X, then include that and
* if($timestamp >= now()) { delete query }
* % Preventing XSS in User input needed
* * Should be handled by any User Auth
* % Needs Checking for Aeternus-Brand Stupidity
* Fixed :
* % Problem with strtotime() not parsing PostGres timestamps
* set field type to timestamp(0) to remove fractional seconds
* % Added User Authentication using pwauth
* * Could still do with session handling
* % Frosty mentioned it wasn't using a monospace font
* * Simply made all text within the .hl-main block use the
* Courier New Monospace font
* * Could possibly offer the user more customisation in terms of
* how they want things displayed (necessary??)
* % Problem with strtotime() not parsing PostGres timestamps
* set field type to timestamp(0) to remove fractional seconds
* % Added User Authentication using pwauth
* * Could still do with session handling
* % Frosty mentioned it wasn't using a monospace font
* * Simply made all text within the .hl-main block use the
* Courier New Monospace font
* * Could possibly offer the user more customisation in terms of
* how they want things displayed (necessary??)
*/
// Debugging
error_reporting(E_ALL);
//error_reporting(E_ALL);
// Config
define('_LIST_LIMIT', 15);
// Defined so we can customise them to whatever we like
define('_BASE_PATH', 'https://'.$_SERVER['SERVER_NAME'].'/');
define('_BASE_PATH', 'https://' . $_SERVER['SERVER_NAME'] . '/');
define('_SCRIPT_NAME', 'PasteBin/');
define('_TABLE_NAME', 'pastebin');
$smarty->assign('urifragment', '/Tools/PasteBin/');
$pburi = 'https://'.$_SERVER['SERVER_NAME'].$baseurl;
$smarty->assign('uri', $pburi.'/pb/');
$pburi = 'https://' . $_SERVER['SERVER_NAME'] . $baseurl;
$smarty->assign('uri', $pburi . '/pb/');
// Init
$id = '';
if (is_numeric($pathlist[count($pathlist) - 1])) {
//$id = substr($_SERVER['PATH_INFO'],1);
//$id = preg_match('/[0-9]+/', $id)?$id:'';
$i = count($pathlist)-1;
$id = $pathlist[$i];
$id = preg_match('/[0-9]+/', $id)?$id:'';
} else if (is_numeric($pathlist[count($pathlist) - 2]) && (strtolower($pathlist[count($pathlist) - 1]) == 'plain') ) {
// Plain text
$no_template = true;
$id = $pathlist[count($pathlist) - 2];
$id = preg_match('/[0-9]+/', $id)?$id:'';
$code = $DB->GetOne('SELECT code FROM ' . _TABLE_NAME . ' WHERE id = ?', array($id));
header('Content-Type: text/plain');
print html_entity_decode($code, ENT_QUOTES,'UTF-8');
return; // Finish processing in this file
//$id = substr($_SERVER['PATH_INFO'],1);
//$id = preg_match('/[0-9]+/', $id)?$id:'';
$i = count($pathlist) - 1;
$id = $pathlist[$i];
$id = preg_match('/[0-9]+/', $id) ? $id : '';
} else if (is_numeric($pathlist[count($pathlist) - 2]) && (strtolower($pathlist[count($pathlist) - 1]) == 'plain')) {
// Plain text
$no_template = true;
$id = $pathlist[count($pathlist) - 2];
$id = preg_match('/[0-9]+/', $id) ? $id : '';
$code = $DB->GetOne('SELECT code FROM ' . _TABLE_NAME . ' WHERE id = ?', array($id));
header('Content-Type: text/plain');
print html_entity_decode($code, ENT_QUOTES, 'UTF-8');
return; // Finish processing in this file
}
$code = '';
$pblang = '';
......@@ -75,53 +75,48 @@ require_once '../lib/ArrayRenderer.php';
// Grabbed from blog.lib.php
// Returns a textual diff between two time stamps
function timeDiff($first, $second=0)
function timeDiff($first, $second = 0)
{
if($second == 0) {
$second = time();
}
$diff = max($first, $second) - min($first, $second);
if($diff>604800) {
$ret = round($diff/604800);
return $ret.(($ret>1)? _(" weeks") : _(" week"));
}
elseif($diff>86400) {
$ret = round($diff/86400);
return $ret.(($ret>1)? _(" days") : _(" day"));
}
elseif($diff>3600) {
$ret = round($diff/3600);
return $ret.(($ret>1)? _(" hours") : _(" hour"));
}
elseif($diff>60) {
$ret = round($diff/60);
return $ret.(($ret>1)? _(" minutes") : _(" minute"));
}
elseif($diff>0) {
return $diff.(($diff>1)? _(" seconds") : _(" second"));
}
else {
return "no time";
}
if ($second == 0) {
$second = time();
}
$diff = max($first, $second) - min($first, $second);
if ($diff > 604800) {
$ret = round($diff / 604800);
return $ret . (($ret > 1) ? _(" weeks") : _(" week"));
} elseif ($diff > 86400) {
$ret = round($diff / 86400);
return $ret . (($ret > 1) ? _(" days") : _(" day"));
} elseif ($diff > 3600) {
$ret = round($diff / 3600);
return $ret . (($ret > 1) ? _(" hours") : _(" hour"));
} elseif ($diff > 60) {
$ret = round($diff / 60);
return $ret . (($ret > 1) ? _(" minutes") : _(" minute"));
} elseif ($diff > 0) {
return $diff . (($diff > 1) ? _(" seconds") : _(" second"));
} else {
return "no time";
}
}
// Languages
$LANGUAGES = array (
'PHP' => 'PHP',
'CPP' => 'C/C++',
'DIFF' => 'Diff',
'DTD' => 'DTD',
'HTML' => 'HTML',
'JAVA' => 'Java',
'JAVASCRIPT' => 'Javascript',
'MYSQL' => 'MySQL',
'PERL' => 'Perl',
'PYTHON' => 'Python',
'RUBY' => 'Ruby',
'SQL' => 'SQL',
'XML' => 'XML'
$LANGUAGES = array(
'PHP' => 'PHP',
'CPP' => 'C/C++',
'DIFF' => 'Diff',
'DTD' => 'DTD',
'HTML' => 'HTML',
'JAVA' => 'Java',
'JAVASCRIPT' => 'Javascript',
'MYSQL' => 'MySQL',
'PERL' => 'Perl',
'PYTHON' => 'Python',
'RUBY' => 'Ruby',
'SQL' => 'SQL',
'XML' => 'XML'
);
// Remove Old Pastebin Entries
......@@ -132,108 +127,111 @@ $DB->Execute('DELETE FROM ' . _TABLE_NAME . ' WHERE retain_til < now()');
//removeMagicQuotes($_POST);
if (isset($_POST['code'])) {
$code = htmlentities($_POST['code'], ENT_QUOTES,'UTF-8');
if ( isset($_POST['language']) && isset($_POST['retain'])) {
// Add
$pblang = strtoupper($_POST['language']);
if (!isset($LANGUAGES[ $pblang ])) {
$pblang = 'NONE';
}
switch($_POST['retain'][0]) {
case 'month' :
$retain = 2592000;
$retainTil = date('Y/m/d H:i:s', time() + $retain);break;
case 'week' :
$retain = 604800;
$retainTil = date('Y/m/d H:i:s', time() + $retain);break;
case 'forever' :
$retain = null;
$retainTil = null;break;
case 'day' :
default :
$retain = 86400;
$retainTil = date('Y/m/d H:i:s', time() + $retain);
}
if (trim($code) == '') {
trigger_error('No Code Given', E_USER_NOTICE);
} else if (!$session->loggedin) {
trigger_error('You must be logged in to use this service.', E_USER_NOTICE);
} else {
// Additional user validation needed here
//$retainTil = date('Y/m/d H:i:s', time() + $retain);
$id = $DB->GetOne("SELECT nextval('pastebin_id_seq'::regclass)");
$DB->Execute(
'INSERT INTO ' . _TABLE_NAME . ' ( id, code, username, retain_til, language) ' .
'VALUES (?, ?, ?, ?, ?)',
array( $id, $code, $session->username, $retainTil, $pblang));
//bump user to uri of newly pasted item
header('Status: 303 See Other');
header("Location: $pburi/Tools/PasteBin/$id");
$userInfo = 'Created By ' . $session->username . ' at ' . date('Y/m/d H:i');
$smarty->assign('id', $id);
$smarty->assign('userInfo', $userInfo);
$smarty->assign('code', $code);
}
}
$code = htmlentities($_POST['code'], ENT_QUOTES, 'UTF-8');
if (isset($_POST['language']) && isset($_POST['retain'])) {
// Add
$pblang = strtoupper($_POST['language']);
if (!isset($LANGUAGES[$pblang])) {
$pblang = 'NONE';
}
switch ($_POST['retain'][0]) {
case 'month' :
$retain = 2592000;
$retainTil = date('Y/m/d H:i:s', time() + $retain);
break;
case 'week' :
$retain = 604800;
$retainTil = date('Y/m/d H:i:s', time() + $retain);
break;
case 'forever' :
$retain = null;
$retainTil = null;
break;
case 'day' :
default :
$retain = 86400;
$retainTil = date('Y/m/d H:i:s', time() + $retain);
}
if (trim($code) == '') {
trigger_error('No Code Given', E_USER_NOTICE);
} else if (!$session->loggedin) {
trigger_error('You must be logged in to use this service.', E_USER_NOTICE);
} else {
// Additional user validation needed here
//$retainTil = date('Y/m/d H:i:s', time() + $retain);
$id = $DB->GetOne("SELECT nextval('pastebin_id_seq'::regclass)");
$DB->Execute(
'INSERT INTO ' . _TABLE_NAME . ' ( id, code, username, retain_til, language) ' .
'VALUES (?, ?, ?, ?, ?)',
array($id, $code, $session->username, $retainTil, $pblang));
//bump user to uri of newly pasted item
header('Status: 303 See Other');
header("Location: $pburi/Tools/PasteBin/$id");
$userInfo = 'Created By ' . $session->username . ' at ' . date('Y/m/d H:i');
$smarty->assign('id', $id);
$smarty->assign('userInfo', $userInfo);
$smarty->assign('code', $code);
}
}
}
// List All Entries in order.
$pasteList = $DB->GetAll(
'SELECT id, username AS name, created AS time_diff FROM ' . _TABLE_NAME . ' ORDER BY created DESC LIMIT ' . _LIST_LIMIT );
for($i=0;$i< count($pasteList);$i++) {
$pasteList[$i]['time_diff'] = timeDiff(strtotime($pasteList[$i]['time_diff']));
$pasteList = $DB->GetAll(
'SELECT id, username AS name, created AS time_diff FROM ' . _TABLE_NAME . ' ORDER BY created DESC LIMIT ' . _LIST_LIMIT);
for ($i = 0; $i < count($pasteList); $i++) {
$pasteList[$i]['time_diff'] = timeDiff(strtotime($pasteList[$i]['time_diff']));
}
$smarty->assign('pasteList', $pasteList);
// Check for either display or form input
if (!empty($id) || !empty($code)) {
// Form
if (empty($code)) {
$result = $DB->GetRow('SELECT * FROM ' . _TABLE_NAME . ' WHERE id = ?', array($id));
//$query = db_query('SELECT * FROM ' . _TABLE_NAME . ' WHERE id = \'' . $id . '\'');
if (!empty($result) ) {
//$result = db_getrow($query);
$code = $result['code'];
$userInfo = 'Created By ' . $result['username'] . ' at ' . date('Y/m/d H:i', strtotime($result['created']));
$pblang = $result['language'];
// Smarty
$smarty->assign('id', $id);
$smarty->assign('code', $code);
$smarty->assign('userInfo', $userInfo);
} else {
// Error
trigger_error('Error - Code Piece not found for id - ' . $id, E_USER_WARNING);
}
}
// Check there hasn't been an error
// Code should have been set in the if statement above, this can not become
// an else
if (!empty($code)) {
// Highlight the code
if ($pblang == 'NONE') {
$pblang = 'HTML';
}
$renderer = new Text_Highlighter_Renderer_Array_dez();
$tmpobj = new Text_Highlighter;
$hl =& $tmpobj->factory($pblang);
$hl->setRenderer($renderer);
// Have to decode again here for the highlighting
// It might be a little better if we kept the unencoded version from above
$highlightedCode = $hl->highlight(html_entity_decode($code, ENT_QUOTES,'UTF-8'));
$smarty->assign('highlightedCode', $highlightedCode);
}
// Form
if (empty($code)) {
$result = $DB->GetRow('SELECT * FROM ' . _TABLE_NAME . ' WHERE id = ?', array($id));
//$query = db_query('SELECT * FROM ' . _TABLE_NAME . ' WHERE id = \'' . $id . '\'');
if (!empty($result)) {
//$result = db_getrow($query);
$code = $result['code'];
$userInfo = 'Created By ' . $result['username'] . ' at ' . date('Y/m/d H:i', strtotime($result['created']));
$pblang = $result['language'];
// Smarty
$smarty->assign('id', $id);
$smarty->assign('code', $code);
$smarty->assign('userInfo', $userInfo);
} else {
// Error
trigger_error('Error - Code Piece not found for id - ' . $id, E_USER_WARNING);
}
}
// Check there hasn't been an error
// Code should have been set in the if statement above, this can not become
// an else
if (!empty($code)) {
// Highlight the code
if ($pblang == 'NONE') {
$pblang = 'HTML';
}
$renderer = new Text_Highlighter_Renderer_Array_dez();
$tmpobj = new Text_Highlighter;
$hl =& $tmpobj->factory($pblang);
$hl->setRenderer($renderer);
// Have to decode again here for the highlighting
// It might be a little better if we kept the unencoded version from above
$highlightedCode = $hl->highlight(html_entity_decode($code, ENT_QUOTES, 'UTF-8'));
$smarty->assign('highlightedCode', $highlightedCode);
}
}
// Sort Out Languages
if(!empty($pblang) && $pblang != 'NONE') {
$smarty->assign('selectedLanguage', array('key' => $pblang, 'lang' => $LANGUAGES[$pblang]));
unset($LANGUAGES[$pblang]);
if (!empty($pblang) && $pblang != 'NONE') {
$smarty->assign('selectedLanguage', array('key' => $pblang, 'lang' => $LANGUAGES[$pblang]));
unset($LANGUAGES[$pblang]);
}
$smarty->assign('pasteLanguages', $LANGUAGES);
......@@ -243,5 +241,5 @@ $result = $smarty->fetch('pastebin.tpl');
$sidebar = $smarty->fetch('pastebin-sidebar.tpl');
$smarty->assign('title', 'PasteBin');
$smarty->assign('body', $result);
$smarty->assign('secondary',$sidebar);
$smarty->assign('secondary', $sidebar);
?>
components/printer.graph.php
View file @ e9d41fb4
<?
include("adodb/adodb.inc.php");
$sucsDB = NewADOConnection('postgres8');
$sucsDB->Connect('dbname=sucs user=apache');
$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC);
<?php
$res = $sucsDB->Execute("select username, sum(pages) as pages from printer where username != 'old' group by username order by sum(pages) desc");
$num = $res->RecordCount();
for ($i=0;$i<$num;$i++) {
$row[$i] = $res->FetchRow();
if ($i < 12)
{
$item[]=$row[$i]['username'];
$slice[]=$row[$i]['pages'];
}
else {
$otherSize += $row[$i]['pages'];
}
}
for ($i = 0; $i < $num; $i++) {
$row[$i] = $res->FetchRow();
if ($i < 12) {
$item[] = $row[$i]['username'];
$slice[] = $row[$i]['pages'];
} else {
$otherSize += $row[$i]['pages'];
}
}
// $itemName[]="Other";
// $sliceSize[]=$otherSize;
$slice = array_merge(array($otherSize),$slice);
$item = array_merge(array("Other"), $item);
$slice = array_merge(array($otherSize), $slice);
$item = array_merge(array("Other"), $item);
/* echo "<pre>";
print_r($slice);
print_r($item);*/
include("../../lib/pieChart.php");
piechart("Top 12, Users of Printing", $slice, $item,0)
?>
include("../../lib/pieChart.php");
piechart("Top 12, Users of Printing", $slice, $item, 0)
?>
\ No newline at end of file
components/printer.php
View file @ e9d41fb4
......@@ -4,42 +4,39 @@
* Ported from old site by tswsl1989
*
*/
$max=10; //Set this to number of users to display in chart
$max = 10; //Set this to number of users to display in chart
$timestamp = '2014-02-05 18:29:02+00'; //display printer stats since this time
$smarty->assign('title',"Printer Statistics");
$sucsDB = NewADOConnection('postgres8');
$sucsDB->Connect('dbname=sucs user=apache');
$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC);
$smarty->assign('title', "Printer Statistics");
// $out="<img src=\"/images/printer.graph.php\" alt=\"pie chart of top 12 printer users\"/>";
$table="<table border=1 cellpadding=3>\n<tr>\n<th>Username</th>\n<th>Pages</th>\n<th>Projected Monthly Usage</th>\n<th>Printed This Month</th>\n<th>What it would cost in the library</th></tr>\n";
$table = "<table border=1 cellpadding=3>\n<tr>\n<th>Username</th>\n<th>Pages</th>\n<th>Projected Monthly Usage</th>\n<th>Printed This Month</th>\n<th>What it would cost in the library</th></tr>\n";
//pull in all the current users (ie not old) who have printed stuff
$res = $sucsDB->Execute("select username, sum(pages) as pages from printer where username != 'old' AND start > '".$timestamp."' group by username order by sum(pages) desc");
$res = $sucsDB->Execute("select username, sum(pages) as pages from printer where username != 'old' AND start > '" . $timestamp . "' group by username order by sum(pages) desc");
$num = $res->RecordCount();
//for each row stuff the infomation into an array, then free up the database resorces
for ($i=0;$i<$num;$i++) {
$data[$i] = $res->FetchRow();
$data[$i]['month'] = 0;
for ($i = 0; $i < $num; $i++) {
$data[$i] = $res->FetchRow();
$data[$i]['month'] = 0;
}
$res->Close();
//get the second since epoch
$thisSecond = time();
//for each user who has printed stuff add the first printed time (since epoch) to the array
for ($i=0;$i<$num;$i++) {
$res = $sucsDB->Execute("select date_part('epoch',start) as first from printer where username ='".$data[$i]['username']."' order by start asc limit 1;");
$temp = $res->FetchRow();
$data[$i]['first'] = $temp['first'];
$res->Close();
for ($i = 0; $i < $num; $i++) {
$res = $sucsDB->Execute("select date_part('epoch',start) as first from printer where username ='" . $data[$i]['username'] . "' order by start asc limit 1;");
$temp = $res->FetchRow();
$data[$i]['first'] = $temp['first'];
$res->Close();
}
$res = $sucsDB->Execute("select username, pages, start from printer where username != 'old'");
$datesnum = $res->RecordCount();//for each row stuff the infomation into an array, then free up the database resorces
for ($i=0;$i<$datesnum;$i++) {
$dates[$i] = $res->FetchRow($res, $i);
for ($i = 0; $i < $datesnum; $i++) {
$dates[$i] = $res->FetchRow($res, $i);
}
$res->Close();
......@@ -47,50 +44,47 @@ $res->Close();
// get the current month
$theMonth = date("m");
$theYear = date("Y");
for ($i=0;$i<$datesnum;$i++) {
$userMonth = substr($dates[$i]['start'], 5, 2);
$userYear = substr($dates[$i]['start'], 0, 4);
if (($userMonth == $theMonth) && ($userYear == $theYear)) {
for ($j=0;$j<$num;$j++) {
if ($data[$j]['username'] == $dates[$i]['username']) {
$data[$j]['month'] += $dates[$i]['pages'];
}
}
}
for ($i = 0; $i < $datesnum; $i++) {
$userMonth = substr($dates[$i]['start'], 5, 2);
$userYear = substr($dates[$i]['start'], 0, 4);
if (($userMonth == $theMonth) && ($userYear == $theYear)) {
for ($j = 0; $j < $num; $j++) {
if ($data[$j]['username'] == $dates[$i]['username']) {
$data[$j]['month'] += $dates[$i]['pages'];
}
}
}
}
//start the total counter
$total = 0;
//for each user.. print a row in the table
for ($i=0;$i<$num;$i++) {
$table.="<tr align=\"center\">\n";
$table.="<td>{$data[$i]['username']}</td>\n";
$table.="<td>{$data[$i]['pages']}</td>\n";
//avg pages per month = seconds in a month / (now - first print) * pages
$crazyGuess = round((2629743.83/($thisSecond-$data[$i]['first']))*$data[$i]['pages']);
//if the user has only started printing in the last month its not sensible to give a guess of average useage
if ($thisSecond-$data[$i]['first'] <= 2629743.83) {
$table.="<td>Not enough data</td>\n";
}
//traffic lights for pinter useage, adjust values as required
elseif($crazyGuess <= 25) {
$table.="<td BGCOLOR=\"Green\">".$crazyGuess."</td>\n";
}
elseif($crazyGuess <= 33) {
$table.="<td BGCOLOR=\"Orange\">".$crazyGuess."</td>\n";
}
else{
$table.="<td BGCOLOR=\"Red\">".$crazyGuess."</td>\n";
}
if ($data[$i]['month'] >= 300) {
$table.="<td BGCOLOR=\"Red\">{$data[$i]['month']}</td>\n";
} else {
$table.="<td>{$data[$i]['month']}</td>\n";
}
$table.="<td>".sprintf("£ %01.2f",round(0.05*$data[$i]['pages'],2))."</td>\n";
//add this users useage to the total
$total += $data[$i]['pages'];
$table.="</tr>\n";
for ($i = 0; $i < $num; $i++) {
$table .= "<tr align=\"center\">\n";
$table .= "<td>{$data[$i]['username']}</td>\n";
$table .= "<td>{$data[$i]['pages']}</td>\n";
//avg pages per month = seconds in a month / (now - first print) * pages
$crazyGuess = round((2629743.83 / ($thisSecond - $data[$i]['first'])) * $data[$i]['pages']);
//if the user has only started printing in the last month its not sensible to give a guess of average useage
if ($thisSecond - $data[$i]['first'] <= 2629743.83) {
$table .= "<td>Not enough data</td>\n";
} //traffic lights for pinter useage, adjust values as required
elseif ($crazyGuess <= 25) {
$table .= "<td BGCOLOR=\"Green\">" . $crazyGuess . "</td>\n";
} elseif ($crazyGuess <= 33) {
$table .= "<td BGCOLOR=\"Orange\">" . $crazyGuess . "</td>\n";
} else {
$table .= "<td BGCOLOR=\"Red\">" . $crazyGuess . "</td>\n";
}
if ($data[$i]['month'] >= 300) {
$table .= "<td BGCOLOR=\"Red\">{$data[$i]['month']}</td>\n";
} else {
$table .= "<td>{$data[$i]['month']}</td>\n";
}
$table .= "<td>" . sprintf("£ %01.2f", round(0.05 * $data[$i]['pages'], 2)) . "</td>\n";
//add this users useage to the total
$total += $data[$i]['pages'];
$table .= "</tr>\n";
}
//get the first print date
......@@ -104,16 +98,16 @@ $res->Close();
//get the number of pages printed by "old" users and add it to the total
$res = $sucsDB->Execute("select sum(pages) as pages from printer where username = 'old' group by username order by sum(pages) desc");
$old = $res->FetchRow();
$old = $old[0];
$old = $old['pages'];
$res->Close();
$total += $old;
//Output two lines at the bottem of the table, one for "old" users and the other for the total
$table.="<tr align=\"center\">\n\t<th>Old Users</th>\n\t<th>$old</th>\n\t<th>n/a</th>\n</tr>";
$table.="<tr align=\"center\">\n\t<th>Total</th>\n\t<th>$total</th>\n\t<th>".round((2629743.83/($thisSecond-$date['first'][0]))*$total)."</th>\n</tr>";
$table.="</table>\n";
$table .= "<tr align=\"center\">\n\t<th>Old Users</th>\n\t<th>$old</th>\n\t<th>n/a</th>\n</tr>";
$table .= "<tr align=\"center\">\n\t<th>Total</th>\n\t<th>$total</th>\n\t<th>" . round((2629743.83 / ($thisSecond - $date['first'][0])) * $total) . "</th>\n</tr>";
$table .= "</table>\n";
//output the dates of the first and last prints recorded
$out.="<script type=\"text/javascript\" src=\"https://www.google.com/jsapi\"></script>
$out .= "<script type=\"text/javascript\" src=\"https://www.google.com/jsapi\"></script>
<script type=\"text/javascript\">
google.load(\"visualization\", \"1\", {packages:[\"corechart\"]});
google.setOnLoadCallback(drawChart);
......@@ -121,35 +115,35 @@ $out.="<script type=\"text/javascript\" src=\"https://www.google.com/jsapi\"></s
var data = new google.visualization.DataTable();
data.addColumn('string', 'User');
data.addColumn('number', 'Pages Printed');
data.addRows(".($max+2).");\n";
for( $i=0; $i<($max+1); $i++ ){
$out.="data.setValue(".($i).", 0, '".$data[$i]['username']."');\n";
$out.="data.setValue(".($i).", 1,".$data[$i]['pages'].");\n";
data.addRows(" . ($max + 2) . ");\n";
for ($i = 0; $i < ($max + 1); $i++) {
$out .= "data.setValue(" . ($i) . ", 0, '" . $data[$i]['username'] . "');\n";
$out .= "data.setValue(" . ($i) . ", 1," . $data[$i]['pages'] . ");\n";
}
$others=0;
for ( $i=$max; $i<count($data); $i++ ) {
$others+=$data[$i]['pages'];
$others = 0;
for ($i = $max; $i < count($data); $i++) {
$others += $data[$i]['pages'];
}
$out.="data.setValue(".($max+1).", 0, 'Others');\ndata.setValue(".($max+1).",1, $others);\n";
$out.="\t\tvar chart = new google.visualization.PieChart(document.getElementById('chart_div'));
$out .= "data.setValue(" . ($max + 1) . ", 0, 'Others');\ndata.setValue(" . ($max + 1) . ",1, $others);\n";
$out .= "\t\tvar chart = new google.visualization.PieChart(document.getElementById('chart_div'));
chart.draw(data, {width: 500, height: 360, backgroundColor: 'none', is3D: true, title: 'Printer Usage'});
}
</script>";
$out.="<div id=\"chart_div\" style=\"background: none;\"></div>";
$out.="<p>First Data - ".$date['first'][weekday].", ".$date['first'][mday]." ".$date['first'][month]." ".$date['first'][year].", at ".sprintf("%02d:%02d:%02d",$date['first'][hours],$date['first'][minutes],$date['first'][seconds])."<br />";
$out.="Last Data - ".$date['last'][weekday].", ".$date['last'][mday]." ".$date['last'][month]." ".$date['last'][year].", at ".sprintf("%02d:%02d:%02d",$date['last'][hours],$date['last'][minutes],$date['last'][seconds])."</p>";
$out .= "<div id=\"chart_div\" style=\"background: none;\"></div>";
$out .= "<p>First Data - " . $date['first'][weekday] . ", " . $date['first'][mday] . " " . $date['first'][month] . " " . $date['first'][year] . ", at " . sprintf("%02d:%02d:%02d", $date['first'][hours], $date['first'][minutes], $date['first'][seconds]) . "<br />";
$out .= "Last Data - " . $date['last'][weekday] . ", " . $date['last'][mday] . " " . $date['last'][month] . " " . $date['last'][year] . ", at " . sprintf("%02d:%02d:%02d", $date['last'][hours], $date['last'][minutes], $date['last'][seconds]) . "</p>";
//do some silly maths to work out lots of silly things
$paperarea = round(0.21*0.297*$total,3); //area of paper
$paperweight = round($paperarea*.08, 3); //how much that would weigh
$numtrees = round($paperweight/730.296, 6); //*very* roughly how many trees that would be
$cost = sprintf("£%01.2f",round(0.05*$total,2));
$out.="<p>That's ".$paperarea."m<sup>2</sup> of paper, weighing ".$paperweight."kg!<br>\n";
$out.="This is equivalent to approximately ".$numtrees." trees.<br>\n";
$out.="That would have cost our members a grand total of ".$cost." if it were printed in the library.. not bad for £5 each!";
$paperarea = round(0.21 * 0.297 * $total, 3); //area of paper
$paperweight = round($paperarea * .08, 3); //how much that would weigh
$numtrees = round($paperweight / 730.296, 6); //*very* roughly how many trees that would be
$cost = sprintf("£%01.2f", round(0.05 * $total, 2));
$out .= "<p>That's " . $paperarea . "m<sup>2</sup> of paper, weighing " . $paperweight . "kg!<br>\n";
$out .= "This is equivalent to approximately " . $numtrees . " trees.<br>\n";
$out .= "That would have cost our members a grand total of " . $cost . " if it were printed in the library.. not bad for £5 each!";
//done
$out.="<p>Note: The number of pages is the number spooled and may be more than the actual number printed</p>";
$out.=$table;
$out .= "<p>Note: The number of pages is the number spooled and may be more than the actual number printed</p>";
$out .= $table;
$sucsDB->Close();
$smarty->assign('body',$out);
$smarty->assign('body', $out);
?>
components/projects.php
View file @ e9d41fb4
......@@ -4,39 +4,39 @@ $dirlist = scandir("/var/projects/trac");
$projects = array();
foreach ($dirlist as $file) {
if ($file[0]!=".") {
$object=array();
$object['filename'] = $file;
$ini_array = array();
$filepath = "/var/projects/trac/".$file."/conf/trac.ini";
// read trac.ini for this project
if (is_readable($filepath) && ($ini_data = file($filepath)) != FALSE) {
$projectsection = FALSE;
foreach ($ini_data as $ini_line) {
if (trim($ini_line) == "[project]") {
$projectsection = TRUE;
} else if ($projectsection && (1 == preg_match("/^\[.*\]$/", trim($ini_line)))) {
$projectsection = FALSE;
} else if ($projectsection) {
list($key, $value) = preg_split("/=/", $ini_line);
$ini_array[trim($key)] = trim($value);
}
}
// only list projects whose trac.ini sets public = true
if (isset($ini_array['public']) && ($ini_array['public'] == "true")) {
$object['name'] = $ini_array['name'];
if ($object['name']=="") $object['name'] = $file;
$object['descr'] = $ini_array['descr'];
$projects[$file]=$object;
}
}
}
if ($file[0] != ".") {
$object = array();
$object['filename'] = $file;
$ini_array = array();
$filepath = "/var/projects/trac/" . $file . "/conf/trac.ini";
// read trac.ini for this project
if (is_readable($filepath) && ($ini_data = file($filepath)) != FALSE) {
$projectsection = FALSE;
foreach ($ini_data as $ini_line) {
if (trim($ini_line) == "[project]") {
$projectsection = TRUE;
} else if ($projectsection && (1 == preg_match("/^\[.*\]$/", trim($ini_line)))) {
$projectsection = FALSE;
} else if ($projectsection) {
list($key, $value) = preg_split("/=/", $ini_line);
$ini_array[trim($key)] = trim($value);
}
}
// only list projects whose trac.ini sets public = true
if (isset($ini_array['public']) && ($ini_array['public'] == "true")) {
$object['name'] = $ini_array['name'];
if ($object['name'] == "") $object['name'] = $file;
$object['descr'] = $ini_array['descr'];
$projects[$file] = $object;
}
}
}
}
$smarty->assign("projects", $projects);
......
components/signup-admin.php
View file @ e9d41fb4
<?php
// Config options
$permission="sucsstaff";
$permission = "sucsstaff";
// TODO: DEV: UNSTICK THIS BEFORE DEPLOY
if (isset($session->groups[$permission])) {
$smarty->assign("staff",TRUE);
// connect to sucs database
$sucsDB = NewADOConnection('postgres8');
$sucsDB->Connect('dbname=sucs user=apache');
$sucsDB->SetFetchMode(ADODB_FETCH_ASSOC);
//get unused signup slips
$query = "SELECT signup.id, signup.sid, member_type.typename, members.username, signup.card";
$query .= " FROM signup LEFT JOIN member_type ON signup.type = member_type.id LEFT JOIN members ON signup.issuedby=members.uid";
$query .= " WHERE";
$query .= " signup.activated is NULL";
$query .= " or signup.username is NULL";
$query .= " ORDER BY signup.id";
$query .= ";";
$data = $sucsDB->GetAll($query);
// process responces
if(isset($_POST['command'])){
if($_POST['command']=='update'){
$changed = 0;
$upquery = "UPDATE signup";
$upquery .= " SET sid = ?";
$upquery .= " WHERE id = ?";
$upquery .= ";";
foreach($data as $value){
if(array_key_exists('sid:'.$value['id'],$_POST) && $_POST['sid:'.$value['id']]!=$value['sid']){
$uparray = array($_POST['sid:'.$value['id']],$value['id']);
$sucsDB->query($upquery,$uparray);
$changed++;
}
}
message_flash($changed." record(s) updated");
$smarty->assign("staff", TRUE);
//get unused signup slips
$query = "SELECT signup.id, signup.sid, member_type.typename, members.username, signup.card";
$query .= " FROM signup LEFT JOIN member_type ON signup.type = member_type.id LEFT JOIN members ON signup.issuedby=members.uid";
$query .= " WHERE";
$query .= " signup.activated is NULL";
$query .= " or signup.username is NULL";
$query .= " ORDER BY signup.id";
$query .= ";";
$data = $sucsDB->GetAll($query);
// process responces
if (isset($_POST['command'])) {
if ($_POST['command'] == 'update') {
$changed = 0;
$upquery = "UPDATE signup";
$upquery .= " SET sid = ?";
$upquery .= " WHERE id = ?";
$upquery .= ";";
foreach ($data as $value) {
if (array_key_exists('sid:' . $value['id'], $_POST) && $_POST['sid:' . $value['id']] != $value['sid']) {
$uparray = array($_POST['sid:' . $value['id']], $value['id']);
$sucsDB->query($upquery, $uparray);
$changed++;
}
}
$data = $sucsDB->GetAll($query);
//set smarty stuff
$smarty->assign("signups",$data);
$smarty->assign("self",$baseurl.$path.$getout);
}
message_flash($changed . " record(s) updated");
}
}
$data = $sucsDB->GetAll($query);
//set smarty stuff
$smarty->assign("signups", $data);
$smarty->assign("self", $baseurl . $path . $getout);
}
$body = $smarty->fetch("signup-admin.tpl");
$smarty->assign('title', "Signup Slip Admin");
......