Mercurial > hg > fapweb
diff msite.inc.php @ 0:8019b357cc03
Initial import.
| author | Matti Hamalainen <ccr@tnsp.org> |
|---|---|
| date | Tue, 04 Dec 2012 19:07:18 +0200 |
| parents | |
| children | 76c3b89d7b11 |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/msite.inc.php Tue Dec 04 19:07:18 2012 +0200 @@ -0,0 +1,465 @@ +<? +// +// Nothing to touch after this, mostly +// +$errorSet = FALSE; +$errorMsg = ""; + +function stError($msg) +{ + global $errorSet, $errorMsg; + $errorSet = TRUE; + $errorMsg .= "<li>".$msg."</li>\n"; +} + + +function stCheckHTTPS() +{ + return isset($_SERVER["HTTPS"]) && ($_SERVER["HTTPS"] != "" && $_SERVER["HTTPS"] != "off"); +} + + +function stAuthSession() +{ + if (@session_start() === TRUE && isset($_SESSION["admpass"]) && + $_SESSION["admpass"] == stGetSetting("admpass", FALSE)) + { + // Check for session expiration + if (!isset($_SESSION["expires"]) || $_SESSION["expires"] < time()) + return FALSE; + + // Add more time to expiration + $_SESSION["expires"] = time() + stGetSetting("admtimeout", 5 * 60); + return TRUE; + } + else + return FALSE; +} + + +function stStartSession() +{ + if (@session_start() === TRUE) + { + $_SESSION["admpass"] = stGetSetting("admpass", FALSE); + $_SESSION["expires"] = time() + stGetSetting("admtimeout", 5 * 60); + return TRUE; + } + else + return FALSE; +} + + +function stEndSession() +{ + $ok = stAuthSession(); + $_SESSION = array(); + if (ini_get("session.use_cookies")) + { + $params = session_get_cookie_params(); + setcookie(session_name(), "", time() - 242000, + $params["path"], $params["domain"], + $params["secure"], $params["httponly"] + ); + } + @session_destroy(); + return $ok; +} + + +function stGetSetting($name, $default) +{ + global $siteSettings; + if (isset($siteSettings[$name])) + return $siteSettings[$name]; + else + return $default; +} + + +function stChkSetting($name) +{ + global $siteSettings; + return isset($siteSettings[$name]) && $siteSettings[$name]; +} + + +function stSpecURL($id) +{ + global $specURLs; + if (isset($specURLs[$id])) + return "<a href=\"".$specURLs[$id][0]."\">".$specURLs[$id][1]."</a>"; + else + return ""; +} + + +function stPrintSpecURL($id) +{ + echo stSpecURL($id); +} + + +function dhentities($str) +{ + return str_replace(array("<",">"), array("<", ">"), htmlentities($str, ENT_NOQUOTES, "UTF-8")); +} + + +function chentities($str) +{ + return htmlentities($str, ENT_NOQUOTES, "UTF-8"); +} + + +function stGetFormCheckBoxInput($name, $id, $prefix, $checked, $label, $extra = "") +{ + return + "<input ".$extra." type=\"checkbox\" id=\"".$prefix.$name.$id."\" ". + "name=\"".$prefix.$name.$id."\" ".($checked ? "checked=\"checked\" " : "")." />". + "<label for=\"".$prefix.$name.$id."\">".$label."</label>"; +} + + +function stGetFormButtonInput($name, $id, $prefix, $label, $onclick = "") +{ + return + "<input type=\"button\" id=\"".$prefix.$name.$id."\" ". + "name=\"".$name."\" value=\"".$label."\" ". + ($onclick != "" ? "onClick=\"".$onclick."\"" : "")." />"; +} + + +function stGetFormTextArea($rows, $cols, $name, $id, $prefix, $value, $extra = "") +{ + return + "<textarea ".$extra." id=\"".$prefix.$name.$id."\" ". + "name=\"".$name."\" rows=\"".$rows."\" cols=\"".$cols."\">". + (isset($value) ? chentities($value) : ""). + "</textarea>"; +} + + +function stGetFormTextInput($size, $len, $name, $id, $prefix, $value, $extra = "") +{ + return + "<input ".$extra." type=\"text\" id=\"".$prefix.$name.$id."\" ". + "name=\"".$name."\" size=\"".$size."\" maxlength=\"".$len."\"". + (isset($value) ? " value=\"".chentities($value)."\"" : ""). + " />"; +} + + +function stGetFormPasswordInput($name, $id, $prefix) +{ + return + "<input type=\"password\" id=\"".$prefix.$name.$id. + "\" name=\"".$name."\" />"; +} + + +function stGetFormHiddenInput($name, $value) +{ + return "<input type=\"hidden\" name=\"".$name."\" value=\"".chentities($value)."\" />"; +} + + +function stGetTDEditTextItem($edit, $size, $len, $name, $id, $prefix, $value, $extra = "") +{ + return + "<td class=\"".$name."\">". + ($edit ? stGetFormTextInput($size, $len, $name, $id, $prefix, $value, $extra) : chentities($value)). + "</td>"; +} + + +function stPrintFormTextInput($text1, $text2, $size, $len, $name, $extra="") +{ + echo " <tr><th>".chentities($text1)."</th><td>". + stGetFormTextInput($size, $len, $name, "", "", $_REQUEST[$name], $extra). + "</td><td>".chentities($text2)."</td></tr>\n"; +} + + +function stPrintFormHiddenInput($name, $value) +{ + echo " ".stGetFormHiddenInput($name, $value)."\n"; +} + + +function stPrintAttendee($item, $row, $edit, $eclass = "") +{ + $id = $item["id"]; + $prefix = "at"; + echo " ". + "<tr class=\"".($row % 2 == 1 ? "rodd" : "reven").$eclass."\" id=\"attendee".$id."\">". + stGetTDEditTextItem(FALSE, 20, 40, "name", $id, $prefix, $item["name"]). + stGetTDEditTextItem(FALSE, 20, 40, "groups", $id, $prefix, $item["groups"]). + "<td class=\"regtime\">".date("d M Y / H:i", $item["regtime"])."</td>". + stGetTDEditTextItem($edit, 30, 64, "oneliner", $id, $prefix, $item["oneliner"], "autocomplete=\"off\""); + + if ($edit) + { + echo + stGetTDEditTextItem($edit, 20, 40, "email", $id, $prefix, $item["email"], "autocomplete=\"off\""). + "<td>". + "<button class=\"button\" id=\"atupd".$id."\" type=\"button\" onclick=\"updateAttendee(".$id.")\">Update</button>". + "<button class=\"button\" id=\"atdel".$id."\" type=\"button\" onclick=\"deleteAttendee(".$id.")\">Delete</button>". + "</td>"; + } + + echo "</tr>\n"; +} + + +function stPrintNewsItem($item, $edit = "") +{ + echo + "<div class=\"newsitem\" id=\"news".$item["id"]."\">\n". + " <h2>".chentities($item["title"])."</h2>\n". + " <div class=\"text\">".dhentities($item["text"])."</div>\n". + " <div class=\"sig\">-- ".chentities($item["author"])."<br />". + date("d M Y / H:i", $item["utime"]). + $edit."</div>\n". + "</div>\n"; +} + + +function stChkDataItem($name) +{ + return !isset($_REQUEST[$name]) || strlen(trim($_REQUEST[$name])) < 1; +} + + +function stChkRequestItem($name) +{ + return isset($_REQUEST[$name]); +} + + +function stGetRequestItem($name, $default = "") +{ + return isset($_REQUEST[$name]) ? trim($_REQUEST[$name]) : $default; +} + + +function stGetDRequestItem($name, $default = "") +{ + return trim(urldecode(stGetRequestItem($name, $default))); +} + + +function stLogSQLError($sql) +{ + global $db; + error_log("SQL error ".implode("; ", $db->errorInfo())." in statement \"".$sql."\""); +} + + +function stConnectSQLDB() +{ + global $db; + try { + $db = new PDO("sqlite:".stGetSetting("dbfilename", FALSE)); + } + catch (PDOException $e) { + error_log("Could not connect to SQL database: ".$e->getMessage()."."); + return FALSE; + } + return TRUE; +} + + +function stGetSQLParam($type, $value) +{ + global $db; + switch ($type) + { + case "d": + return intval($value); + + case "s": + return $db->quote($value); + + case "D": + return intval(stGetRequestItem($value)); + + case "S": + return $db->quote(stGetDRequestItem($value)); + + case "Q": + return $db->quote(stripslashes(stGetDRequestItem($value))); + + case "B": + return intval(stGetRequestItem($value)) ? 1 : 0; + } +} + + +function stPrepareSQL() +{ + $argc = func_num_args(); + $argv = func_get_args(); + if ($argc < 1) + { + error_log("Invalid stPrepareSQL() call, no arguments!"); + return FALSE; + } + + $fmt = $argv[0]; + $len = strlen($fmt); + $sql = ""; + $argn = 1; + $pos = 0; + while ($pos < $len) + { + if ($fmt[$pos] == "%") + { + if ($argn < $argc) + $sql .= stGetSQLParam($fmt[++$pos], $argv[$argn++]); + else + { + error_log("Invalid SQL statement format string '".$fmt. + "', not enough parameters specified (".$argn." of ".$argc.")"); + return FALSE; + } + } + else + $sql .= $fmt[$pos]; + $pos++; + } + + return $sql; +} + + +function stPrepareSQLUpdate($table, $cond, $pairs) +{ + $sql = array(); + foreach ($pairs as $name => $attr) + { + $sql[] = $name."=".stGetSQLParam($attr, $name); + } + return + "UPDATE ".$table." SET ".implode(",", $sql). + ($cond != "" ? " ".$cond : ""); +} + + +function stExecSQL($sql) +{ + global $db; + if (($res = $db->query($sql)) !== FALSE) + return $res; + else + { + stLogSQLError($sql); + stError("Oh noes! SQL error #23!"); + return FALSE; + } +} + + +function stFetchSQL($sql) +{ + global $db; + if (($res = $db->query($sql)) !== FALSE) + { + return $res->fetch(); + } + else + { + stLogSQLError($sql); + stError("Oh noes! SQL error #31!"); + return FALSE; + } +} + + +function stFetchSQLColumn($sql, $column = 0) +{ + global $db; + if (($res = $db->query($sql)) !== FALSE) + { + return $res->fetchColumn($column); + } + else + { + stLogSQLError($sql); + stError("Oh noes! SQL error #81!"); + return FALSE; + } +} + + +function stGetCompoList($all) +{ + global $compos; + + // Get entries and competitions into an array structure + $sql = "SELECT * FROM compos ".($all ? "" :"WHERE enabled<>0 ")."ORDER BY name DESC"; + foreach (stExecSQL($sql) as $compo) + { + $id = $compo["id"]; + + $compos[$compo["id"]] = array( + "name" => $compo["name"], + "entries" => array() + ); + + $sql = stPrepareSQL("SELECT * FROM entries WHERE compo_id=%d", $id); + foreach (stExecSQL($sql) as $entry) + { + $compos[$id]["entries"][$entry["id"]] = $entry; + } + } +} + + +function stConvSwitchMode(&$str, &$mode, $newMode) +{ + if ($newMode != $mode) + { + if ($mode != "") + $str .= "\n</".$mode.">\n"; + + $mode = $newMode; + + if ($mode != "") + $str .= "<".$mode.">\n"; + } +} + + +function stConvertCompoDesc($desc) +{ + global $stDescConversion; + $str = ""; + $mode = ""; + + foreach (explode("\n", $desc) as $line) + { + if (preg_match("/^\s*\s*\*(.+)$/", $line, $m)) + { + stConvSwitchMode($str, $mode, "ol"); + $str .= "<li>".$m[1]."</li>\n"; + } + else + if (preg_match("/^\s*-\s*(.+)$/", $line, $m)) + { + stConvSwitchMode($str, $mode, "ul"); + $str .= "<li>".$m[1]."</li>\n"; + } + else + { + stConvSwitchMode($str, $mode, "p"); + $str .= $line; + } + } + + stConvSwitchMode($str, $mode, ""); + + return $str; +} + +?> \ No newline at end of file