Mercurial > hg > fapweb
annotate admajax.php @ 214:36423e8ab765
Improve input validation.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Sun, 17 Nov 2013 22:01:40 +0200 |
parents | 4cee86b4e0b7 |
children | bfd480370a70 |
rev | line source |
---|---|
0 | 1 <? |
56 | 2 // |
136
aeebfedb5709
Add some copyright headers.
Matti Hamalainen <ccr@tnsp.org>
parents:
133
diff
changeset
|
3 // FAPWeb Simple Demoparty System |
aeebfedb5709
Add some copyright headers.
Matti Hamalainen <ccr@tnsp.org>
parents:
133
diff
changeset
|
4 // Party administration page AJAX backend module |
aeebfedb5709
Add some copyright headers.
Matti Hamalainen <ccr@tnsp.org>
parents:
133
diff
changeset
|
5 // (C) Copyright 2012-2013 Tecnic Software productions (TNSP) |
56 | 6 // |
59
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
7 $sessionType = "admin"; |
175
8df523e6326a
User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents:
169
diff
changeset
|
8 require_once "mconfig.inc.php"; |
8df523e6326a
User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents:
169
diff
changeset
|
9 require_once "msite.inc.php"; |
8df523e6326a
User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents:
169
diff
changeset
|
10 require_once "msession.inc.php"; |
0 | 11 |
214 | 12 |
13 function stCheckRequestCompoData($full) | |
14 { | |
15 if (!stChkRequestItem("name", $fake, | |
16 array(CHK_ISGT, VT_STR, 0, "Compo name too short"), | |
17 array(CHK_ISLT, VT_STR, SET_LEN_COMPO_NAME, "Compo name too long.")) || | |
18 !stChkRequestItem("description", $fake, | |
19 array(CHK_ISGT, VT_STR, 10, "Compo description too short"), | |
20 array(CHK_ISLT, VT_STR, SET_LEN_COMPO_DESC, "Compo description too long."))) | |
21 return FALSE; | |
22 | |
23 if (!$full) | |
24 return TRUE; | |
25 | |
26 return | |
27 stChkRequestItem("visible", $fake, | |
28 array(CHK_TYPE, VT_BOOL, "Invalid data.") | |
29 ) && | |
30 stChkRequestItem("voting", $fake, | |
31 array(CHK_TYPE, VT_BOOL, "Invalid data.") | |
32 ) && | |
33 stChkRequestItem("showAuthors", $fake, | |
34 array(CHK_TYPE, VT_BOOL, "Invalid data.") | |
35 ); | |
36 } | |
37 | |
38 | |
39 function stCheckRequestEntryData(&$compo_id) | |
40 { | |
41 return | |
42 stChkRequestItem("name", $fake, | |
43 array(CHK_ISGT, VT_STR, 0, "Entry name too short."), | |
44 array(CHK_ISLT, VT_STR, SET_LEN_ENTRY_NAME, "Entry name too long.") | |
45 ) && | |
46 stChkRequestItem("author", $fake, | |
47 array(CHK_ISGT, VT_STR, 0, "Author name not set."), | |
48 array(CHK_ISLT, VT_STR, SET_LEN_ENTRY_AUTHOR, "Entry author too long.") | |
49 ) && | |
50 stChkRequestItem("filename", $fake, | |
51 array(CHK_TYPE, VT_TEXT, "Invalid data."), | |
52 array(CHK_ISLT, VT_STR, SET_LEN_ENTRY_FILENAME, "Entry filename too long.") | |
53 ) && | |
54 stChkRequestItem("info", $fake, | |
55 array(CHK_TYPE, VT_TEXT, "Invalid data."), | |
56 array(CHK_ISLT, VT_STR, SET_LEN_INFO, "Entry info too long.") | |
57 ) && | |
58 stChkRequestItem("compo_id", $compo_id, | |
59 array(CHK_TYPE, VT_INT, "Invalid compo ID.") | |
60 ); | |
61 } | |
62 | |
63 | |
64 function stCheckRequestNewsData() | |
65 { | |
66 return | |
67 stChkRequestItem("text", $fake, | |
68 array(CHK_ISGT, VT_STR, 0, "News text too short."), | |
69 array(CHK_ISLT, VT_STR, SET_LEN_NEWS_TEXT, "News text too long.") | |
70 ) && | |
71 stChkRequestItem("author", $fake, | |
72 array(CHK_ISGT, VT_STR, 0, "News author name too short."), | |
73 array(CHK_ISLT, VT_STR, SET_LEN_NEWS_AUTHOR, "News author name too long.") | |
74 ) && | |
75 stChkRequestItem("title", $fake, | |
76 array(CHK_ISGT, VT_STR, 0, "News title too short."), | |
77 array(CHK_ISLT, VT_STR, SET_LEN_NEWS_TITLE, "News title too long.") | |
78 ); | |
79 } | |
80 | |
81 | |
82 function stGetSaveButton() | |
83 { | |
84 return "<input type=\"submit\" value=\" Save \" />\n"; | |
85 } | |
86 | |
87 | |
88 // | |
0 | 89 // Check if we are allowed to execute |
214 | 90 // |
5
76c3b89d7b11
Improve voting, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
3
diff
changeset
|
91 if (!stCheckHTTPS() || !stAdmSessionAuth()) |
0 | 92 { |
59
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
93 stSetupCacheControl(); |
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
94 |
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
95 stSessionEnd(SESS_ADMIN); |
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
96 |
123
5837b9333964
Add new "about" page, and setting for default page.
Matti Hamalainen <ccr@tnsp.org>
parents:
116
diff
changeset
|
97 header("Location: ".stGetSetting("defaultPage")); |
0 | 98 exit; |
99 } | |
100 | |
214 | 101 |
102 // | |
103 // Initialize | |
104 // | |
8
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
105 stSetupCacheControl(); |
0 | 106 |
107 if (!stConnectSQLDB()) | |
108 die("Could not connect to SQL database."); | |
109 | |
8
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
110 stReloadSettings(); |
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
111 |
0 | 112 |
208
8985d2bdb29b
More work on error handling etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
207
diff
changeset
|
113 $type = stGetRequestItem("type", ""); |
8985d2bdb29b
More work on error handling etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
207
diff
changeset
|
114 switch (stGetRequestItem("action", "")) |
0 | 115 { |
116 case "dump": | |
53
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
117 // |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
118 // Perform generic data dump |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
119 // |
66
230aacc22cb4
Move some functions to site lib.
Matti Hamalainen <ccr@tnsp.org>
parents:
61
diff
changeset
|
120 if (($res = stExecSQLCond( |
208
8985d2bdb29b
More work on error handling etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
207
diff
changeset
|
121 "SELECT * FROM attendees WHERE email NOT NULL AND email != '' ORDER BY regtime DESC")) !== FALSE) |
0 | 122 { |
208
8985d2bdb29b
More work on error handling etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
207
diff
changeset
|
123 stSetStatus(200, "Dump OK."); |
0 | 124 $out1 = array(); |
125 $out2 = array(); | |
126 | |
127 foreach ($res as $item) | |
128 { | |
133 | 129 $out1[] = chentities($item["name"])." <".chentities($item["email"]).">"; |
130 $out2[] = chentities($item["email"]); | |
0 | 131 } |
132 | |
133 echo "<br /><hr />". | |
134 implode(", ", $out1)."<br /><hr /><br />". | |
135 implode("<br />", $out1)."<br /><hr /><br />". | |
136 implode(", ", $out2)."<br /><hr /><br />". | |
137 implode("<br />", $out2)."<br /><hr />"; | |
138 | |
139 } | |
140 break; | |
141 | |
142 case "get": | |
53
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
143 // |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
144 // Get specific data |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
145 // |
0 | 146 switch ($type) |
147 { | |
148 case "news": | |
149 $sql = "SELECT * FROM news ORDER BY utime DESC"; | |
150 break; | |
151 | |
152 case "attendees": | |
153 $sql = "SELECT * FROM attendees ORDER BY regtime DESC"; | |
154 break; | |
155 | |
205
77d33161f8be
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
204
diff
changeset
|
156 case "attendee": |
77d33161f8be
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
204
diff
changeset
|
157 $res = stFetchSQL(stPrepareSQL("SELECT * FROM attendees WHERE id=%D", "id")); |
77d33161f8be
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
204
diff
changeset
|
158 if ($res !== FALSE) |
77d33161f8be
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
204
diff
changeset
|
159 stPrintAttendee($res, -1, FALSE, TRUE, stGetRequestItem("edit", FALSE)); |
77d33161f8be
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
204
diff
changeset
|
160 break; |
77d33161f8be
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
204
diff
changeset
|
161 |
105
a85f258f6beb
Move some things around and modularize the code.
Matti Hamalainen <ccr@tnsp.org>
parents:
90
diff
changeset
|
162 case "voters": |
116
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
163 $sqlJoins = ""; |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
164 switch (stGetSetting("voteKeyMode")) |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
165 { |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
166 case VOTE_FREELY: |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
167 break; |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
168 |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
169 case VOTE_ACTIVATE: |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
170 break; |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
171 |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
172 case VOTE_ASSIGN: |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
173 $sqlJoins = "LEFT JOIN attendees ON votekeys.voter_id=attendees.id "; |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
174 break; |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
175 } |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
176 $sql = "SELECT * FROM votekeys ".$sqlJoins."ORDER BY votekeys.id ASC"; |
105
a85f258f6beb
Move some things around and modularize the code.
Matti Hamalainen <ccr@tnsp.org>
parents:
90
diff
changeset
|
177 break; |
a85f258f6beb
Move some things around and modularize the code.
Matti Hamalainen <ccr@tnsp.org>
parents:
90
diff
changeset
|
178 |
0 | 179 case "compos": |
180 $sql = "SELECT * FROM compos ORDER BY id DESC"; | |
181 break; | |
8
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
182 |
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
183 case "settings": |
14
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
184 $prefix = "st"; |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
185 |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
186 echo |
16 | 187 "<h1>Site settings</h1>\n". |
201
a4be19c4d99d
Modularize admin pages tab system.
Matti Hamalainen <ccr@tnsp.org>
parents:
198
diff
changeset
|
188 "<form method=\"post\" action=\"\" onsubmit=\"return updateSettings()\">\n". |
14
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
189 "<table>\n"; |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
190 foreach (stExecSQL("SELECT * FROM settings WHERE vtype<>".VT_TEXT) as $item) |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
191 { |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
192 echo |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
193 " <tr>\n". |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
194 " <td>"; |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
195 $id = $item["key"]; |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
196 switch ($item["vtype"]) |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
197 { |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
198 case VT_INT: |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
199 echo stGetFormTextInput(10, 10, "", $id, $prefix, $item["vint"]); |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
200 break; |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
201 case VT_STR: |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
202 echo stGetFormTextInput(40, 128, "", $id, $prefix, $item["vstr"]); |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
203 break; |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
204 case VT_BOOL: |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
205 echo stGetFormCheckBoxInput("", $id, $prefix, $item["vint"], ""); |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
206 break; |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
207 } |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
208 echo "</td>\n". |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
209 " <td>".$item["desc"]."</td>\n". |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
210 " </tr>\n"; |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
211 } |
214 | 212 echo "</table>\n".stGetSaveButton(); |
14
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
213 |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
214 foreach (stExecSQL("SELECT * FROM settings WHERE vtype=".VT_TEXT) as $item) |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
215 { |
214 | 216 echo |
217 "<h2>".chentities($item["desc"])."</h2>\n". | |
218 stGetFormTextArea(10, 60, "", $item["key"], $prefix, $item["vtext"]). | |
219 "\n<br />\n". | |
220 stGetSaveButton(); | |
14
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
221 } |
201
a4be19c4d99d
Modularize admin pages tab system.
Matti Hamalainen <ccr@tnsp.org>
parents:
198
diff
changeset
|
222 echo "</form>\n"; |
8
4c5f651aa107
Migrate certain settings to SQL database, cleanups, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
5
diff
changeset
|
223 break; |
0 | 224 |
225 case "entries": | |
24
5bc8bd5c7ecc
Make voting toggle for individual compos.
Matti Hamalainen <ccr@tnsp.org>
parents:
20
diff
changeset
|
226 stGetCompoList(FALSE, FALSE); |
0 | 227 |
228 foreach ($compos as $id => $compo) | |
229 { | |
230 echo | |
231 "<form>\n". | |
232 " <table class=\"misc\">\n". | |
233 " <tr>\n". | |
59
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
234 " <th colspan=\"5\">#".$id." - ".chentities($compo["name"])."</th>\n". |
0 | 235 " </tr>\n". |
236 " <tr>\n". | |
113
671330b7f5d1
Add "show_id" to compo entries, to designate the position they were shown at
Matti Hamalainen <ccr@tnsp.org>
parents:
112
diff
changeset
|
237 " <th style=\"width:4%;\">ID#</th>\n". |
671330b7f5d1
Add "show_id" to compo entries, to designate the position they were shown at
Matti Hamalainen <ccr@tnsp.org>
parents:
112
diff
changeset
|
238 " <th style=\"width:4%;\">S#</th>\n". |
0 | 239 " <th>Title</th>\n". |
29 | 240 " <th>Author(s)</th>\n". |
59
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
241 " <th>Filename</th>\n". |
0 | 242 " <th>Actions</th>\n". |
243 " </tr>\n"; | |
244 | |
245 $prefix = "en"; | |
246 foreach ($compo["entries"] as $eid => $entry) | |
247 { | |
248 echo | |
249 " <tr id=\"entry".$eid."\">\n". | |
113
671330b7f5d1
Add "show_id" to compo entries, to designate the position they were shown at
Matti Hamalainen <ccr@tnsp.org>
parents:
112
diff
changeset
|
250 " <td>".$eid."</td>\n". |
671330b7f5d1
Add "show_id" to compo entries, to designate the position they were shown at
Matti Hamalainen <ccr@tnsp.org>
parents:
112
diff
changeset
|
251 " <td>".($entry["show_id"] > 0 ? $entry["show_id"] : "-")."</td>\n". |
59
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
252 " <td>".stGetFormTextInput(30, 64, "name", $eid, "en", $entry["name"])."</td>\n". |
29 | 253 " <td>".stGetFormTextInput(30, 64, "author", $eid, "en", $entry["author"])."</td>\n". |
59
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
254 " <td>".stGetFormTextInput(20, 64, "filename", $eid, "en", $entry["filename"])."</td>\n". |
0 | 255 " <td>". |
113
671330b7f5d1
Add "show_id" to compo entries, to designate the position they were shown at
Matti Hamalainen <ccr@tnsp.org>
parents:
112
diff
changeset
|
256 stGetFormButtonInput("delete", $eid, $prefix, " Del ", "deleteEntry(".$eid.")"). |
671330b7f5d1
Add "show_id" to compo entries, to designate the position they were shown at
Matti Hamalainen <ccr@tnsp.org>
parents:
112
diff
changeset
|
257 stGetFormTextInput(3, 3, "compo_id", $eid, "en", $id). |
59
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
258 stGetFormButtonInput("update", $eid, $prefix, " Upd ", "updateEntry(".$eid.")"). |
0 | 259 "</td>\n". |
260 " </tr>\n"; | |
261 } | |
59
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
262 |
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
263 $prefix = "ne"; |
0 | 264 echo |
59
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
265 " <tr>\n". |
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
266 " <td></td>\n". |
113
671330b7f5d1
Add "show_id" to compo entries, to designate the position they were shown at
Matti Hamalainen <ccr@tnsp.org>
parents:
112
diff
changeset
|
267 " <td></td>\n". |
59
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
268 " <td>".stGetFormTextInput(30, 64, "name", $id, "ne", "")."</td>\n". |
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
269 " <td>".stGetFormTextInput(30, 64, "author", $id, "ne", "")."</td>\n". |
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
270 " <td>".stGetFormTextInput(20, 64, "filename", $id, "ne", "")."</td>\n". |
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
271 " <td>".stGetFormButtonInput("add", $id, $prefix, " Add new ", "addEntry(".$id.")")."</td>\n". |
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
272 " </tr>\n". |
0 | 273 " </table>\n". |
274 "</form>\n"; | |
275 } | |
276 break; | |
277 } | |
278 | |
56 | 279 // |
280 // Perform query if we need to, output results | |
281 // | |
208
8985d2bdb29b
More work on error handling etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
207
diff
changeset
|
282 if (isset($sql) && ($res = stExecSQLCond($sql)) !== FALSE) |
0 | 283 { |
284 if ($type == "news") | |
285 { | |
201
a4be19c4d99d
Modularize admin pages tab system.
Matti Hamalainen <ccr@tnsp.org>
parents:
198
diff
changeset
|
286 echo |
a4be19c4d99d
Modularize admin pages tab system.
Matti Hamalainen <ccr@tnsp.org>
parents:
198
diff
changeset
|
287 "<form method=\"post\" action=\"\" onsubmit=\"return addNews()\">\n". |
207
e31c42a9b574
Slowly work on input validation.
Matti Hamalainen <ccr@tnsp.org>
parents:
205
diff
changeset
|
288 " ".stGetFormTextInput(40, SET_LEN_NEWS_TITLE, "", "nntitle", "", "")."<br />\n". |
204 | 289 " ".stGetFormTextArea(5, 60, "", "nntext", "", "")."<br />\n". |
207
e31c42a9b574
Slowly work on input validation.
Matti Hamalainen <ccr@tnsp.org>
parents:
205
diff
changeset
|
290 " ".stGetFormTextInput(20, SET_LEN_NEWS_AUTHOR, "", "nnauthor", "", "orgaz")."\n". |
204 | 291 " ".stGetFormSubmitInput("nnadd", "Add post")."\n". |
292 " ".stGetFormButtonInput("", "", "", "Clear", "this.form.reset()")."\n". | |
201
a4be19c4d99d
Modularize admin pages tab system.
Matti Hamalainen <ccr@tnsp.org>
parents:
198
diff
changeset
|
293 "</form>\n". |
a4be19c4d99d
Modularize admin pages tab system.
Matti Hamalainen <ccr@tnsp.org>
parents:
198
diff
changeset
|
294 "<hr />\n"; |
a4be19c4d99d
Modularize admin pages tab system.
Matti Hamalainen <ccr@tnsp.org>
parents:
198
diff
changeset
|
295 |
0 | 296 foreach ($res as $item) |
297 { | |
298 $id = $item["id"]; | |
299 stPrintNewsItem($item, | |
300 "<br />". | |
301 " <button class=\"button\" id=\"ndel".$id. | |
302 "\" type=\"button\" onclick=\"deleteNews(".$id. | |
303 ")\">Delete</button>\n" | |
304 ); | |
305 } | |
306 } | |
307 else | |
308 if ($type == "attendees") | |
309 { | |
90 | 310 // For adding a new one |
61
e85ed35585fc
Work on attendee editing, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
59
diff
changeset
|
311 $prefix = "ne"; |
e85ed35585fc
Work on attendee editing, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
59
diff
changeset
|
312 echo |
e85ed35585fc
Work on attendee editing, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
59
diff
changeset
|
313 "<table>\n". |
e85ed35585fc
Work on attendee editing, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
59
diff
changeset
|
314 " <tr>\n". |
e85ed35585fc
Work on attendee editing, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
59
diff
changeset
|
315 " <th>Name</th>\n". |
e85ed35585fc
Work on attendee editing, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
59
diff
changeset
|
316 " <th>Groups</th>\n". |
82
a071dacdcfc5
Change order of table fields.
Matti Hamalainen <ccr@tnsp.org>
parents:
75
diff
changeset
|
317 " <th>Oneliner</th>\n". |
61
e85ed35585fc
Work on attendee editing, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
59
diff
changeset
|
318 " <th>E-mail</th>\n". |
e85ed35585fc
Work on attendee editing, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
59
diff
changeset
|
319 " <th>Actions</th>\n". |
e85ed35585fc
Work on attendee editing, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
59
diff
changeset
|
320 " </tr>\n". |
e85ed35585fc
Work on attendee editing, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
59
diff
changeset
|
321 " <tr>\n". |
207
e31c42a9b574
Slowly work on input validation.
Matti Hamalainen <ccr@tnsp.org>
parents:
205
diff
changeset
|
322 " <td>".stGetFormTextInput(20, SET_LEN_USERNAME, "name", "x", $prefix, "")."</td>\n". |
e31c42a9b574
Slowly work on input validation.
Matti Hamalainen <ccr@tnsp.org>
parents:
205
diff
changeset
|
323 " <td>".stGetFormTextInput(20, SET_LEN_GROUPS, "groups", "x", $prefix, "")."</td>\n". |
e31c42a9b574
Slowly work on input validation.
Matti Hamalainen <ccr@tnsp.org>
parents:
205
diff
changeset
|
324 " <td>".stGetFormTextInput(30, SET_LEN_ONELINER, "oneliner", "x", $prefix, "")."</td>\n". |
e31c42a9b574
Slowly work on input validation.
Matti Hamalainen <ccr@tnsp.org>
parents:
205
diff
changeset
|
325 " <td>".stGetFormTextInput(20, SET_LEN_EMAIL, "email", "x", $prefix, "")."</td>\n". |
61
e85ed35585fc
Work on attendee editing, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
59
diff
changeset
|
326 " <td>".stGetFormButtonInput("add", "", $prefix, " Add new ", "addAttendee()")."</td>\n". |
e85ed35585fc
Work on attendee editing, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
59
diff
changeset
|
327 " </tr>\n". |
169
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
328 "</table>\n". |
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
329 "<hr />\n"; |
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
330 |
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
331 // List of attendees |
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
332 echo |
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
333 "<table class=\"attendees\">\n". |
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
334 " <tr>\n". |
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
335 " <th class=\"name\">Name</th>\n". |
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
336 " <th class=\"groups\">Groups</th>\n". |
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
337 " <th class=\"regtime\">Registered</th>\n". |
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
338 " <th class=\"oneliner\">Oneliner</th>\n". |
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
339 " <th class=\"email\">E-mail</th>\n". |
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
340 " <th>Actions</th>\n". |
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
341 " </tr>\n"; |
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
342 |
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
343 $row = 0; |
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
344 foreach ($res as $item) |
205
77d33161f8be
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
204
diff
changeset
|
345 { |
77d33161f8be
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
204
diff
changeset
|
346 stPrintAttendee($item, $row++, TRUE, TRUE, FALSE); |
77d33161f8be
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
204
diff
changeset
|
347 } |
169
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
348 |
8db98399bb38
Put the "new attendee" form above the current attendees in admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
136
diff
changeset
|
349 echo |
61
e85ed35585fc
Work on attendee editing, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
59
diff
changeset
|
350 "</table>\n"; |
0 | 351 } |
352 else | |
116
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
353 if ($type == "voters") |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
354 { |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
355 switch (stGetSetting("voteKeyMode")) |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
356 { |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
357 case VOTE_FREELY: |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
358 break; |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
359 |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
360 case VOTE_ACTIVATE: |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
361 break; |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
362 |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
363 case VOTE_ASSIGN: |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
364 break; |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
365 } |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
366 // List of votekeys |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
367 echo |
212 | 368 "<p><a href=\"print.php\">Printable key list</a></p>\n". |
116
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
369 "<table class=\"attendees\">\n". |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
370 " <tr>\n". |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
371 " <th class=\"name\">Name</th>\n". |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
372 " <th class=\"groups\">Groups</th>\n". |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
373 " <th class=\"email\">E-mail</th>\n". |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
374 " <th class=\"\">Key</th>\n". |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
375 " </tr>\n"; |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
376 $row = 0; |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
377 |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
378 echo |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
379 "</table>\n"; |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
380 } |
a95facb41c86
Some preliminary work on the votekey administration backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
113
diff
changeset
|
381 else |
0 | 382 if ($type == "compos") |
383 { | |
201
a4be19c4d99d
Modularize admin pages tab system.
Matti Hamalainen <ccr@tnsp.org>
parents:
198
diff
changeset
|
384 echo |
a4be19c4d99d
Modularize admin pages tab system.
Matti Hamalainen <ccr@tnsp.org>
parents:
198
diff
changeset
|
385 "<form method=\"post\" action=\"\" onsubmit=\"return addCompo()\">\n". |
207
e31c42a9b574
Slowly work on input validation.
Matti Hamalainen <ccr@tnsp.org>
parents:
205
diff
changeset
|
386 " ".stGetFormTextInput(64, SET_LEN_COMPO_NAME, "", "ncname", "", "")."<br />\n". |
203 | 387 " ".stGetFormTextArea(5, 60, "", "ncdescription", "", "")."<br />\n". |
388 " ".stGetFormSubmitInput("nccompo", "Add compo")."\n". | |
389 " ".stGetFormButtonInput("", "", "", "Clear", "this.form.reset()")."\n". | |
201
a4be19c4d99d
Modularize admin pages tab system.
Matti Hamalainen <ccr@tnsp.org>
parents:
198
diff
changeset
|
390 "</form>\n". |
a4be19c4d99d
Modularize admin pages tab system.
Matti Hamalainen <ccr@tnsp.org>
parents:
198
diff
changeset
|
391 "<hr />\n"; |
a4be19c4d99d
Modularize admin pages tab system.
Matti Hamalainen <ccr@tnsp.org>
parents:
198
diff
changeset
|
392 |
0 | 393 foreach ($res as $item) |
394 { | |
395 $id = $item["id"]; | |
396 $prefix = "co"; | |
397 echo | |
203 | 398 "<div id=\"compo".$id."\">\n". |
208
8985d2bdb29b
More work on error handling etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
207
diff
changeset
|
399 " <h2>#".$id." - ".chentities($item["name"])."</h2>\n". |
8985d2bdb29b
More work on error handling etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
207
diff
changeset
|
400 " ".stGetFormTextInput(40, SET_LEN_COMPO_NAME, "name", $id, $prefix, $item["name"])."\n". |
8985d2bdb29b
More work on error handling etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
207
diff
changeset
|
401 " ".stGetFormCheckBoxInput("visible", $id, $prefix, $item["visible"], "Visible")."\n". |
8985d2bdb29b
More work on error handling etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
207
diff
changeset
|
402 " ".stGetFormCheckBoxInput("showAuthors", $id, $prefix, $item["showAuthors"], "Show authors")."\n". |
8985d2bdb29b
More work on error handling etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
207
diff
changeset
|
403 " ".stGetFormCheckBoxInput("voting", $id, $prefix, $item["voting"], "Enable voting")."<br />\n". |
8985d2bdb29b
More work on error handling etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
207
diff
changeset
|
404 " ".stGetFormTextArea(5, 60, "description", $id, $prefix, $item["description"])."\n<br />\n". |
8985d2bdb29b
More work on error handling etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
207
diff
changeset
|
405 " ".stGetFormButtonInput("update", $id, $prefix, "Update", "updateCompo(".$id.")")."\n". |
203 | 406 "</div>\n". |
407 "<hr />\n"; | |
0 | 408 } |
409 } | |
410 } | |
411 break; | |
412 | |
413 case "delete": | |
53
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
414 // |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
415 // Delete entry |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
416 // |
208
8985d2bdb29b
More work on error handling etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
207
diff
changeset
|
417 if (stChkRequestItem("id", $id, array(CHK_TYPE, VT_INT, "Invalid data."))) |
0 | 418 { |
419 if ($type == "news") | |
53
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
420 { |
0 | 421 $sql = stPrepareSQL("DELETE FROM news WHERE id=%d AND persist=0", $id); |
66
230aacc22cb4
Move some functions to site lib.
Matti Hamalainen <ccr@tnsp.org>
parents:
61
diff
changeset
|
422 stExecSQLCond($sql, "OK, news item ".$id." deleted."); |
53
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
423 } |
0 | 424 else |
425 if ($type == "attendees") | |
53
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
426 { |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
427 // Attendees require some more work |
0 | 428 $sql = stPrepareSQL("DELETE FROM attendees WHERE id=%d", $id); |
66
230aacc22cb4
Move some functions to site lib.
Matti Hamalainen <ccr@tnsp.org>
parents:
61
diff
changeset
|
429 stExecSQLCond($sql, "OK, attendee ".$id." deleted."); |
53
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
430 |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
431 $sql = stPrepareSQL("DELETE FROM votes WHERE voter_id=%d", $id); |
66
230aacc22cb4
Move some functions to site lib.
Matti Hamalainen <ccr@tnsp.org>
parents:
61
diff
changeset
|
432 stExecSQLCond($sql, "OK, attendee ".$id." votes deleted."); |
53
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
433 } |
0 | 434 else |
435 if ($type == "entries") | |
53
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
436 { |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
437 // .. as do compo entries |
0 | 438 $sql = stPrepareSQL("DELETE FROM entries WHERE id=%d", $id); |
66
230aacc22cb4
Move some functions to site lib.
Matti Hamalainen <ccr@tnsp.org>
parents:
61
diff
changeset
|
439 stExecSQLCond($sql, "OK, entry ".$id." deleted."); |
0 | 440 |
53
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
441 $sql = stPrepareSQL("DELETE FROM votes WHERE entry_id=%d", $id); |
66
230aacc22cb4
Move some functions to site lib.
Matti Hamalainen <ccr@tnsp.org>
parents:
61
diff
changeset
|
442 stExecSQLCond($sql, "OK, entry ".$id." votes deleted."); |
53
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
443 } |
0 | 444 } |
445 break; | |
446 | |
447 case "add": | |
53
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
448 // |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
449 // Add new entry |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
450 // |
214 | 451 if ($type == "news" && stCheckRequestNewsData()) |
0 | 452 { |
453 $sql = stPrepareSQL( | |
454 "INSERT INTO news (utime,title,text,author) VALUES (%d,%S,%Q,%S)", | |
455 time(), "title", "text", "author"); | |
456 | |
66
230aacc22cb4
Move some functions to site lib.
Matti Hamalainen <ccr@tnsp.org>
parents:
61
diff
changeset
|
457 stExecSQLCond($sql, "OK, news item added."); |
0 | 458 } |
459 else | |
214 | 460 if ($type == "compo" && stCheckRequestCompoData(FALSE)) |
0 | 461 { |
462 $sql = stPrepareSQL( | |
55
4fac95384753
Make visibility of entry authors per compo.
Matti Hamalainen <ccr@tnsp.org>
parents:
53
diff
changeset
|
463 "INSERT INTO compos (name,description,visible,voting,showAuthors) VALUES (%S,%Q,0,0,0)", |
26
7be3f8cf1f7a
Lots of cleanups, preparing for adding entry submission support.
Matti Hamalainen <ccr@tnsp.org>
parents:
24
diff
changeset
|
464 "name", "description"); |
0 | 465 |
66
230aacc22cb4
Move some functions to site lib.
Matti Hamalainen <ccr@tnsp.org>
parents:
61
diff
changeset
|
466 stExecSQLCond($sql, "OK, compo added."); |
0 | 467 } |
468 else | |
207
e31c42a9b574
Slowly work on input validation.
Matti Hamalainen <ccr@tnsp.org>
parents:
205
diff
changeset
|
469 if ($type == "attendees" && stCheckRequestUserData(TRUE)) |
53
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
470 { |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
471 $sql = stPrepareSQL( |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
472 "INSERT INTO attendees (regtime,name,groups,oneliner,email) VALUES (%d,%S,%S,%S,%S)", |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
473 time(), "name", "groups", "oneliner", "email"); |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
474 |
66
230aacc22cb4
Move some functions to site lib.
Matti Hamalainen <ccr@tnsp.org>
parents:
61
diff
changeset
|
475 stExecSQLCond($sql, "OK, attendee added."); |
53
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
476 } |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
477 else |
214 | 478 if ($type == "entry" && stCheckRequestEntryData($fake)) |
59
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
479 { |
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
480 $sql = stPrepareSQL( |
214 | 481 "INSERT INTO entries (name,author,compo_id,filename,info) VALUES (%S,%S,%D,%S,%S)", |
482 "name", "author", "compo_id", "filename", "info"); | |
59
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
483 |
66
230aacc22cb4
Move some functions to site lib.
Matti Hamalainen <ccr@tnsp.org>
parents:
61
diff
changeset
|
484 stExecSQLCond($sql, "OK, entry added."); |
59
e5e38ed4e837
Work on compo entry addition and editing.
Matti Hamalainen <ccr@tnsp.org>
parents:
57
diff
changeset
|
485 } |
0 | 486 break; |
487 | |
488 case "update": | |
53
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
489 // |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
490 // Update existing entry |
71256605546b
More work on admin interface.
Matti Hamalainen <ccr@tnsp.org>
parents:
52
diff
changeset
|
491 // |
14
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
492 if ($type == "settings") |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
493 { |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
494 foreach (stExecSQL("SELECT * FROM settings") as $item) |
198
96ab189e5c03
Add some new helper functions and use them.
Matti Hamalainen <ccr@tnsp.org>
parents:
175
diff
changeset
|
495 if (($val = stGetRequestItem($item["key"], FALSE)) !== FALSE) |
14
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
496 { |
198
96ab189e5c03
Add some new helper functions and use them.
Matti Hamalainen <ccr@tnsp.org>
parents:
175
diff
changeset
|
497 $sql = "UPDATE settings SET ".stGetSettingSQL($item, $val)." WHERE key=".$db->quote($item["key"]); |
66
230aacc22cb4
Move some functions to site lib.
Matti Hamalainen <ccr@tnsp.org>
parents:
61
diff
changeset
|
498 stExecSQLCond($sql, "OK, setting updated."); |
14
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
499 } |
e36c4d2b09c4
Fix settings to work, clean up the code, etc.
Matti Hamalainen <ccr@tnsp.org>
parents:
8
diff
changeset
|
500 } |
209 | 501 if (stChkRequestItem("id", $id, array(CHK_TYPE, VT_INT, "Invalid data."))) |
502 { | |
503 if ($type == "attendees" && stCheckRequestUserData(TRUE)) | |
504 { | |
505 $sql = stPrepareSQLUpdate("attendees", | |
506 "WHERE id=".intval(stGetRequestItem("id")), | |
507 array( | |
508 "name" => "S", | |
509 "groups" => "S", | |
510 "email" => "S", | |
511 "oneliner" => "S", | |
512 )); | |
513 | |
514 stExecSQLCond($sql, "OK, attendee updated."); | |
515 } | |
516 else | |
214 | 517 if ($type == "news" && stCheckRequestNewsData()) |
209 | 518 { |
519 $sql = stPrepareSQLUpdate("news", | |
520 "WHERE id=".intval(stGetRequestItem("id")), | |
521 array( | |
522 "title" => "S", | |
523 "text" => "Q", | |
524 "author" => "S" | |
525 )); | |
526 | |
527 stExecSQLCond($sql, "OK, news item updated."); | |
528 } | |
529 else | |
214 | 530 if ($type == "compo" && stCheckRequestCompoData(TRUE)) |
209 | 531 { |
532 $sql = stPrepareSQLUpdate("compos", | |
533 "WHERE id=".intval(stGetRequestItem("id")), | |
534 array( | |
535 "name" => "S", | |
536 "description" => "Q", | |
537 "visible" => "B", | |
538 "voting" => "B", | |
539 "showAuthors" => "B", | |
540 )); | |
541 | |
542 stExecSQLCond($sql, "OK, compo updated."); | |
543 } | |
544 else | |
214 | 545 if ($type == "entry" && stCheckRequestEntryData($compo_id)) |
209 | 546 { |
214 | 547 if (stFetchSQLColumn("SELECT id FROM compos WHERE id=".$compo_id) === FALSE) |
209 | 548 { |
214 | 549 stError("No such compo ID."); |
209 | 550 } |
551 else | |
552 { | |
553 $sql = stPrepareSQLUpdate("entries", | |
554 "WHERE id=".intval(stGetRequestItem("id")), | |
555 array( | |
556 "name" => "S", | |
557 "author" => "S", | |
558 "filename" => "S", | |
214 | 559 "info" => "S", |
209 | 560 "compo_id" => "D", |
561 )); | |
562 | |
563 stExecSQLCond($sql, "OK, entry updated."); | |
564 } | |
565 } | |
566 } | |
0 | 567 break; |
568 | |
569 default: | |
66
230aacc22cb4
Move some functions to site lib.
Matti Hamalainen <ccr@tnsp.org>
parents:
61
diff
changeset
|
570 stSetStatus(404, "Not Found"); |
0 | 571 break; |
572 } | |
573 | |
211
5bae42020034
Factorize some code into msitegen.
Matti Hamalainen <ccr@tnsp.org>
parents:
210
diff
changeset
|
574 stDumpAJAXStatusErrors(); |
0 | 575 ?> |