Mercurial > hg > fapweb
annotate usrajax.php @ 1096:bbc0a3d0b51e
Major renaming / refactor of site messages. Some that were previously
modifiable from admin interface are now "hardcoded" in the configuration
file. Having these settings made modifiable from there made no sense
and just took space in the UI.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Fri, 27 Jan 2017 22:15:06 +0200 |
parents | 95b74632cfe2 |
children | 0a2117349f46 |
rev | line source |
---|---|
1069
5f92fa5e683a
Refactor how the "AJAX" stuff works.
Matti Hamalainen <ccr@tnsp.org>
parents:
1001
diff
changeset
|
1 <?php |
93 | 2 // |
571
ce11ea112a65
Change the header blurb a bit.
Matti Hamalainen <ccr@tnsp.org>
parents:
565
diff
changeset
|
3 // FAPWeb - Simple Web-based Demoparty Management System |
155
5b92f130ba87
Add copyright header blurbs.
Matti Hamalainen <ccr@tnsp.org>
parents:
153
diff
changeset
|
4 // User actions page AJAX backend module |
1072 | 5 // (C) Copyright 2012-2017 Tecnic Software productions (TNSP) |
93 | 6 // |
7 $sessionType = "user"; | |
175
8df523e6326a
User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents:
165
diff
changeset
|
8 require_once "mconfig.inc.php"; |
8df523e6326a
User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents:
165
diff
changeset
|
9 require_once "msite.inc.php"; |
8df523e6326a
User require_once instead of require.
Matti Hamalainen <ccr@tnsp.org>
parents:
165
diff
changeset
|
10 require_once "msession.inc.php"; |
93 | 11 |
161 | 12 // |
316 | 13 // Update one vote (prevalidated) |
161 | 14 // |
316 | 15 function stUpdateVote($key_id, $entry_id, $vote) |
93 | 16 { |
161 | 17 // Check if the vote already exists |
316 | 18 $sql = stPrepareSQL("SELECT id FROM votes WHERE key_id=%d AND entry_id=%d", |
19 $key_id, $entry_id); | |
93 | 20 |
21 if (($res = stFetchSQLColumn($sql)) === false) | |
22 { | |
161 | 23 // Didn't exist, insert it |
93 | 24 $sql = stPrepareSQL( |
762
539bfbdd43ec
Add timestamps to votes, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
739
diff
changeset
|
25 "INSERT INTO votes (key_id,entry_id,value,utime) VALUES (%d,%d,%d,%d)", |
539bfbdd43ec
Add timestamps to votes, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
739
diff
changeset
|
26 $key_id, $entry_id, $vote, time()); |
93 | 27 } |
28 else | |
29 { | |
161 | 30 // Existed, thusly update |
775
62a98cb255f7
Oops, 100L .. a remnant of SQL code change experiment. Fixed.
Matti Hamalainen <ccr@tnsp.org>
parents:
762
diff
changeset
|
31 $sql = stPrepareSQL( |
762
539bfbdd43ec
Add timestamps to votes, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
739
diff
changeset
|
32 "UPDATE votes SET value=%d,utime=%d WHERE key_id=%d AND entry_id=%d", |
539bfbdd43ec
Add timestamps to votes, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
739
diff
changeset
|
33 $vote, time(), $key_id, $entry_id); |
93 | 34 } |
35 | |
225 | 36 return stExecSQL($sql); |
93 | 37 } |
38 | |
39 | |
739 | 40 function stCheckVoteValue($id, &$value) |
41 { | |
42 return | |
43 stChkRequestItem($id, $value, | |
44 array(CHK_TYPE, VT_INT, "Invalid entry vote value data."), | |
45 array(CHK_RANGE, VT_INT, array(stGetSetting("voteMin"), stGetSetting("voteMax")), "Invalid vote value, not in range.")); | |
46 } | |
47 | |
48 | |
165 | 49 // |
50 // Initialize | |
51 // | |
360
2af8458058ab
Implement CSRF token checks.
Matti Hamalainen <ccr@tnsp.org>
parents:
332
diff
changeset
|
52 if (!stUserSessionAuth() || !stCSRFCheck()) |
93 | 53 { |
54 stSetupCacheControl(); | |
55 | |
56 stSessionEnd(SESS_USER); | |
57 | |
789
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
58 switch (stGetRequestItem("action")) |
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
59 { |
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
60 case "submit": |
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
61 header("Location: ".stGetRequestItem("onerror", stGetSetting("defaultPage"))); |
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
62 break; |
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
63 |
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
64 default: |
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
65 stError("You are not authenticated currently. Try to login again."); |
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
66 stSetStatus(902, "Not authenticated."); |
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
67 stDumpAJAXStatusErrors(FALSE); |
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
68 break; |
24bbd1f89794
Add few new settings, bump database version.
Matti Hamalainen <ccr@tnsp.org>
parents:
787
diff
changeset
|
69 } |
93 | 70 exit; |
71 } | |
72 | |
544 | 73 ob_start(); |
74 | |
93 | 75 stSetupCacheControl(); |
76 | |
77 if (!stConnectSQLDB()) | |
78 die("Could not connect to SQL database."); | |
79 | |
80 stReloadSettings(); | |
81 | |
1092
95b74632cfe2
Rename votekeys table to userkeys, and all related variables and settings.
Matti Hamalainen <ccr@tnsp.org>
parents:
1087
diff
changeset
|
82 $userKeyId = stGetSessionItem("key_id"); |
93 | 83 |
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
84 // |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
85 // Check vote key validity |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
86 // |
1092
95b74632cfe2
Rename votekeys table to userkeys, and all related variables and settings.
Matti Hamalainen <ccr@tnsp.org>
parents:
1087
diff
changeset
|
87 $sql = stPrepareSQL("SELECT * FROM userkeys WHERE id=%d", $userKeyId); |
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
88 if (($key = stFetchSQL($sql)) === false) |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
89 { |
1092
95b74632cfe2
Rename votekeys table to userkeys, and all related variables and settings.
Matti Hamalainen <ccr@tnsp.org>
parents:
1087
diff
changeset
|
90 stError("Userkey does not exist."); |
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
91 } |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
92 else |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
93 { |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
94 // Validate login based on current vote key mode |
1092
95b74632cfe2
Rename votekeys table to userkeys, and all related variables and settings.
Matti Hamalainen <ccr@tnsp.org>
parents:
1087
diff
changeset
|
95 switch (stGetSetting("userKeyMode")) |
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
96 { |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
97 case VOTE_ACTIVATE: |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
98 if ($key["active"] == 0) |
1092
95b74632cfe2
Rename votekeys table to userkeys, and all related variables and settings.
Matti Hamalainen <ccr@tnsp.org>
parents:
1087
diff
changeset
|
99 stError("Userkey is not active."); |
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
100 break; |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
101 |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
102 case VOTE_ASSIGN: |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
103 $sql = stPrepareSQL("SELECT id FROM attendees WHERE key_id=%d", $key["id"]); |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
104 if (stFetchSQL($sql) === false) |
1092
95b74632cfe2
Rename votekeys table to userkeys, and all related variables and settings.
Matti Hamalainen <ccr@tnsp.org>
parents:
1087
diff
changeset
|
105 stError("Userkey is not assigned to any user."); |
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
106 break; |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
107 } |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
108 } |
310
8098b5b80f8c
We won't be checking key validity while session is in progress, thus get rid
Matti Hamalainen <ccr@tnsp.org>
parents:
294
diff
changeset
|
109 |
161 | 110 // |
111 // Handle the request | |
112 // | |
216 | 113 switch (stGetRequestItem("action")) |
93 | 114 { |
115 case "set": | |
116 // | |
153
aecf145e7c70
Some work on the voting backend.
Matti Hamalainen <ccr@tnsp.org>
parents:
123
diff
changeset
|
117 // Set vote, if voting is enabled |
93 | 118 // |
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
119 $ajax = TRUE; |
245
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
120 if (!stChkSetting("allowVoting")) |
294 | 121 stError("Voting is not enabled."); |
245
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
122 else |
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
123 if (stChkRequestItem("entry_id", $entry_id, |
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
124 array(CHK_TYPE, VT_INT, "Invalid data.")) && |
739 | 125 stCheckVoteValue("vote", $vote)) |
93 | 126 { |
316 | 127 // Check if the entry_id is actually valid |
580
3929a5a87815
Use the new transaction functions here as well.
Matti Hamalainen <ccr@tnsp.org>
parents:
571
diff
changeset
|
128 stDBBeginTransaction(); |
316 | 129 $sql = stPrepareSQL("SELECT * FROM entries WHERE id=%d", $entry_id); |
130 if (($entry = stFetchSQL($sql)) !== false) | |
131 { | |
132 // Check if the compo is valid for the entry | |
133 $sql = stPrepareSQL("SELECT * FROM compos WHERE id=%d", $entry["compo_id"]); | |
134 if (($compo = stFetchSQL($sql)) !== false && $compo["voting"] != 0) | |
1092
95b74632cfe2
Rename votekeys table to userkeys, and all related variables and settings.
Matti Hamalainen <ccr@tnsp.org>
parents:
1087
diff
changeset
|
135 stUpdateVote($userKeyId, $entry_id, $vote); |
316 | 136 } |
580
3929a5a87815
Use the new transaction functions here as well.
Matti Hamalainen <ccr@tnsp.org>
parents:
571
diff
changeset
|
137 stDBCommitTransaction(); |
93 | 138 } |
245
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
139 break; |
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
140 |
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
141 case "submit": |
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
142 // |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
143 // Submit all votes, if voting is enabled |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
144 // |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
145 $ajax = FALSE; |
245
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
146 if (!stChkSetting("allowVoting")) |
294 | 147 stError("Voting is not enabled."); |
93 | 148 else |
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
149 foreach (stExecSQL("SELECT * FROM compos WHERE visible<>0 AND voting<>0") as $compo) |
245
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
150 { |
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
151 stDBBeginTransaction(); |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
152 foreach (stExecSQL("SELECT * FROM entries WHERE compo_id=".$compo["id"]) as $entry) |
316 | 153 { |
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
154 if (stCheckVoteValue("ventry".$entry["id"], $value)) |
316 | 155 { |
1092
95b74632cfe2
Rename votekeys table to userkeys, and all related variables and settings.
Matti Hamalainen <ccr@tnsp.org>
parents:
1087
diff
changeset
|
156 if (!stUpdateVote($userKeyId, $entry["id"], $value)) |
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
157 stError("Could not set vote for compo #".$compo["id"].", entry #".$entry["id"]); |
316 | 158 } |
159 } | |
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
160 stDBCommitTransaction(); |
245
bb96aef874a9
Work on the voting backend code.
Matti Hamalainen <ccr@tnsp.org>
parents:
225
diff
changeset
|
161 } |
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
162 stSetSessionItem("mode", "done"); |
93 | 163 break; |
164 | |
165 default: | |
787 | 166 stSetStatus(902, "Operation not supported."); |
93 | 167 break; |
168 } | |
169 | |
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
170 |
544 | 171 if ($errorSet) |
172 { | |
173 ob_clean(); | |
1087
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
174 stSetSessionItem("mode", "error"); |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
175 stSetSessionItem("error", $errorMsgs); |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
176 } |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
177 |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
178 if ($ajax) |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
179 { |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
180 if ($errorSet) |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
181 stDumpAJAXStatusErrors(); |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
182 } |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
183 else |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
184 { |
4c76b4994414
Somewhat refactor usrajax and voting.
Matti Hamalainen <ccr@tnsp.org>
parents:
1072
diff
changeset
|
185 header("Location: ".stGetRequestItem("goto", "vote")); |
544 | 186 } |
187 | |
188 ob_end_flush(); | |
93 | 189 ?> |