Mercurial > hg > fapweb
view msitegen.inc.php @ 472:1eabbd70cd25
Add skipping button.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Fri, 06 Dec 2013 22:28:23 +0200 |
parents | 4ce10edceedf |
children | 86ee2b42a995 |
line wrap: on
line source
<? // // FAPWeb Simple Demoparty System // Generic and miscellaneous site support code // (C) Copyright 2012-2013 Tecnic Software productions (TNSP) // // Globals and definitions $errorSet = FALSE; $errorMsgs = array(); $statusSet = 0; $statusMsg = ""; // Value types define("VT_STR", 1); define("VT_INT", 2); define("VT_BOOL", 3); define("VT_TEXT", 4); // Validation check types define("CHK_TYPE", 1); define("CHK_ISLT", 2); define("CHK_ISGT", 3); define("CHK_ISEQ", 4); define("CHK_GTEQ", 5); define("CHK_LTEQ", 6); define("CHK_RANGE", 7); define("CHK_CUSTOM", 8); function stDebug($msg) { if (stGetSetting("debug")) error_log($msg); } function stError($msg) { global $errorSet, $errorMsgs; $errorSet = TRUE; $errorMsgs[] = $msg; } function stSetStatus($status, $msg) { global $statusSet, $statusMsg; $statusMsg = $msg; $statusSet = $status; } function stDumpAJAXStatusErrors() { global $errorSet, $errorMsgs, $statusSet, $statusMsg; if ($errorSet && !$statusSet) stSetStatus(902, "Error"); if ($statusSet) { header("HTTP/1.0 ".$statusSet." ".$statusMsg); header("Status: ".$statusSet." ".$statusMsg); } if ($errorSet) { echo "<h1>Following errors occured</h1>\n". "<ul>\n"; foreach ($errorMsgs as $msg) echo " <li>".chentities($msg)."</li>\n"; echo "</ul>\n"; } } function stCheckHTTPS() { return isset($_SERVER["HTTPS"]) && ($_SERVER["HTTPS"] != "" && $_SERVER["HTTPS"] != "off"); } function stSetupCacheControl() { header("Cache-Control: must-revalidate, no-store, private"); header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past } function stGetSQLSettingData($item) { switch ($item["vtype"]) { case VT_INT: return intval($item["vint"]); case VT_BOOL: return intval($item["vint"]) ? true : false; case VT_STR: return $item["vstr"]; case VT_TEXT: return $item["vtext"]; } } function stGetSettingSQL($item, $val) { global $db; switch ($item["vtype"]) { case VT_INT: return "vint=".intval($val); break; case VT_BOOL: return "vint=".($val ? "1" : "0"); break; case VT_STR: return "vstr=".$db->quote($val); break; case VT_TEXT: return "vtext=".$db->quote($val); break; default: return FALSE; } } function stReloadSettings() { global $siteSettings; if (($res = stExecSQL("SELECT * FROM settings")) !== FALSE) { foreach ($res as $item) $siteSettings[$item["key"]] = stGetSQLSettingData($item); } else die("Error fetching site settings."); } function stGetSetting($name) { global $siteSettings; if (isset($siteSettings[$name])) return $siteSettings[$name]; else { error_log("No config value for '".$name."'"); die("No config value for '".$name."'.\n"); } } function stChkSetting($name) { global $siteSettings; return isset($siteSettings[$name]) && $siteSettings[$name]; } function dhentities($str) { return str_replace(array("<",">"), array("<", ">"), htmlentities($str, ENT_NOQUOTES, "UTF-8")); } function chentities($str) { return htmlentities($str, ENT_NOQUOTES, "UTF-8"); } function ihentities($str) { return htmlentities($str, ENT_QUOTES, "UTF-8"); } function stGetIDName($name, $id, $prefix = "") { return ($id != "" ? "id=\"".$prefix.$name.$id."\" " : ""). ($name != "" ? "name=\"".$prefix.$name.$id."\" " : ""); } function stGetFormCheckBoxInput($name, $id, $prefix, $checked, $label, $extra = "") { return "<input ".$extra." type=\"checkbox\" ".stGetIDName($name, $id, $prefix). ($checked ? "checked=\"checked\" " : "")." />". ($label != "" ? "<label for=\"".$prefix.$name.$id."\">".$label."</label>" : ""); } function stGetFormRadioButtonInput($name, $id, $prefix, $value, $checked, $label, $extra = "") { return "<input ".$extra." type=\"radio\" ".stGetIDName($name, $id, $prefix). ($checked ? "checked=\"checked\" " : "")." value=\"".$value."\" />". ($label != "" ? "<label for=\"".$prefix.$name.$id."\">".$label."</label>" : ""); } function stGetFormButtonInput($name, $id, $prefix, $label, $onclick = "") { return "<input type=\"button\" ".stGetIDName($name, $id, $prefix). "value=\" ".ihentities($label)." \" ". ($onclick != "" ? "onClick=\"".$onclick."\"" : "")." />"; } function stGetFormTextArea($rows, $cols, $name, $id, $prefix, $value, $extra = "") { return "<textarea ".$extra." ".stGetIDName($name, $id, $prefix). "rows=\"".$rows."\" cols=\"".$cols."\">". (isset($value) ? ihentities($value) : ""). "</textarea>"; } function stGetFormTextInput($size, $len, $name, $id, $prefix, $value, $extra = "") { return "<input ".$extra." type=\"text\" ".stGetIDName($name, $id, $prefix). "size=\"".$size."\" maxlength=\"".$len."\"". (isset($value) ? " value=\"".ihentities($value)."\"" : ""). " />"; } function stGetFormPasswordInput($name, $id, $prefix, $extra = "") { return "<input type=\"password\" ".stGetIDName($name, $id, $prefix)." ".$extra." />"; } function stGetFormSubmitInput($name, $label, $onclick = "") { return "<input type=\"submit\" name=\"".$name. "\" value=\" ".ihentities($label)." \" ". ($onclick != "" ? "onClick=\"".$onclick."\"" : "")." />"; } function stGetFormHiddenInput($name, $value) { return "<input type=\"hidden\" name=\"".$name. "\" value=\"".ihentities($value)."\" />"; } function stGetFormStart($name, $action = "", $method = "post") { $str = "<form name=\"".$name."\" action=\"". ($action != "" ? $action : $name). "\" method=\"".$method."\">\n"; if (($csrfID = stGetSessionItem("csrfID", FALSE)) !== FALSE) $str .= stGetFormHiddenInput("csrfID", $csrfID)."\n"; return $str; } function stGetTDEditTextItem($edit, $size, $len, $name, $id, $prefix, $value, $extra = "") { return "<td class=\"".$name."\">". ($edit ? stGetFormTextInput($size, $len, $name, $id, $prefix, $value, $extra) : chentities($value)). "</td>"; } function stPrintFormTextInput($text1, $text2, $size, $len, $name, $extra="") { echo " <tr><th>".chentities($text1)."</th><td>". stGetFormTextInput($size, $len, $name, "", "", stGetRequestItem($name), $extra). "</td><td>".chentities($text2)."</td></tr>\n"; } function stPrintFormHiddenInput($name, $value) { echo " ".stGetFormHiddenInput($name, $value)."\n"; } function stErrorStrF($msg, $data) { stError($msg); return FALSE; } // // Check and validate one item from $_REQUEST[], based on // list of validation conditions. For example: // // stChkRequestItem("name", FALSE, // array(CHK_ISGT, VT_STR, 0, "Handle / name not given."), // array(CHK_ISGT, VT_STR, 3, "Handle / name too short, should be 3 characters or more."), // array(CHK_LTEQ, VT_STR, SET_LEN_USERNAME, "Handle / name is too long, should be less than ".SET_LEN_USERNAME." characters."), // array(CHK_RANGE, VT_STR, array(3, SET_LEN_USERNAME), "Ulululu!"), // ^- ranges specified as array of MIN and MAX values (inclusive) // // array(CHK_CUSTOM, VT_STR, function($value) { return FALSE; }, "Error! Error!"), // ^- can be any callable/anonymous function etc. // ... // function stChkRequestDataItem($type, $value, $cmp) { switch ($type) { case CHK_ISLT : return $value < $cmp; case CHK_ISGT : return $value > $cmp; case CHK_ISEQ : return $value == $cmp; case CHK_LTEQ : return $value <= $cmp; case CHK_GTEQ : return $value >= $cmp; case CHK_RANGE: if (!is_array($cmp)) return FALSE; else return ($value >= $cmp[0] && $value <= $cmp[1]); break; default: return FALSE; } } function stChkRequestItem($name, &$sdata) { if (stGetSetting("debug")) { if (!isset($_REQUEST[$name])) return stErrorStrF("Required data item '".$name."' not set.", $name); $data = trim($_REQUEST[$name]); } else { if (!isset($_POST[$name])) return stErrorStrF("Required data item '".$name."' not set.", $name); $data = trim($_POST[$name]); } $slen = strlen($data); // Go through list of validation checks $argc = func_num_args(); $argv = func_get_args(); for ($argn = 2; $argn < $argc; $argn++) { // Act according to check type $check = $argv[$argn]; switch ($check[0]) { case CHK_TYPE: // Check type of the data switch ($check[1]) { case VT_STR: if ($slen == 0) return stErrorStrF($check[2], $data); break; case VT_INT: case VT_BOOL: if ($slen == 0 || !is_numeric($data)) return stErrorStrF($check[2], $data); break; } break; case CHK_ISLT: case CHK_ISGT: case CHK_ISEQ: case CHK_GTEQ: case CHK_LTEQ: case CHK_RANGE: // Check length or value of the data switch ($check[1]) { case VT_STR: case VT_TEXT: // Strings get their length checked if (!stChkRequestDataItem($check[0], $slen, $check[2])) return stErrorStrF($check[3], $data); break; case VT_INT: case VT_BOOL: // Integer values checked against .. value if (!stChkRequestDataItem($check[0], intval($data), $check[2])) return stErrorStrF($check[3], $data); break; } break; case CHK_CUSTOM: // Call a custom function (or closure) $func = $check[1]; if (!is_callable($func) || !$func($data)) return stErrorStrF($check[2], $data); break; } } if ($sdata !== FALSE) $sdata = $data; return TRUE; } function stGetRequestItem($name, $default = "", $allowGet = FALSE) { if ($allowGet || stGetSetting("debug")) return isset($_REQUEST[$name]) ? trim($_REQUEST[$name]) : $default; else return isset($_POST[$name]) ? trim($_POST[$name]) : $default; } function stGetDRequestItem($name, $default = "") { return trim(urldecode(stGetRequestItem($name, $default))); } function stLogSQLError($sql) { global $db; error_log("SQL error ".implode("; ", $db->errorInfo())." in statement \"".$sql."\""); } function stConnectSQLDB() { global $db; try { $db = new PDO(stGetSetting("sqlDB")); } catch (PDOException $e) { error_log("Could not connect to SQL database: ".$e->getMessage()."."); return FALSE; } return TRUE; } function stGetSQLParam($type, $value) { global $db; switch ($type) { case "d": return intval($value); case "s": return $db->quote($value); case "b": return intval($value) ? 1 : 0; case "D": return intval(stGetRequestItem($value)); case "S": return $db->quote(stGetRequestItem($value)); case "Q": return $db->quote(stGetRequestItem($value)); case "B": return intval(stGetRequestItem($value)) ? 1 : 0; } } function stPrepareSQL() { $argc = func_num_args(); $argv = func_get_args(); if ($argc < 1) { error_log("Invalid stPrepareSQL() call, no arguments!"); return FALSE; } $fmt = $argv[0]; $len = strlen($fmt); $sql = ""; $argn = 1; $pos = 0; while ($pos < $len) { if ($fmt[$pos] == "%") { if ($argn < $argc) $sql .= stGetSQLParam($fmt[++$pos], $argv[$argn++]); else { error_log("Invalid SQL statement format string '".$fmt. "', not enough parameters specified (".$argn." of ".$argc.")"); return FALSE; } } else $sql .= $fmt[$pos]; $pos++; } return $sql; } function stPrepareSQLUpdate($table, $cond, $pairs) { $sql = array(); foreach ($pairs as $name => $attr) { $sql[] = $name."=".stGetSQLParam($attr, $name); } return "UPDATE ".$table." SET ".implode(",", $sql). ($cond != "" ? " ".$cond : ""); } function stExecSQL($sql) { global $db; if (($res = $db->query($sql)) !== FALSE) return $res; else { stLogSQLError($sql); stError("Oh noes! SQL error #23!"); return FALSE; } } function stFetchSQL($sql) { global $db; if (($res = $db->query($sql)) !== FALSE) { return $res->fetch(); } else { stLogSQLError($sql); stError("Oh noes! SQL error #31!"); return FALSE; } } function stFetchSQLColumn($sql, $column = 0) { global $db; if (($res = $db->query($sql)) !== FALSE) { return $res->fetchColumn($column); } else { stLogSQLError($sql); stError("Oh noes! SQL error #81!"); return FALSE; } } function stExecSQLCond($sql, $msg = FALSE) { if (($res = stExecSQL($sql)) !== FALSE) { if ($msg !== FALSE) stSetStatus(200, $msg); return $res; } else { stSetStatus(902, "Error in SQL execution."); return FALSE; } } function stStrChop($str, $len) { if (strlen($str) > $len) $s = substr($str, 0, $len - 3)."..."; else $s = $str; return sprintf("%-".$len."s", $s); } function cmLocaleInit() { global $pageCharset; if (!isset($pageCharset)) $pageCharset = "UTF-8"; mb_internal_encoding($pageCharset); $tmp = "en_US.".strtolower(str_replace("-", "", $pageCharset)); setlocale(LC_ALL, $tmp); } function cmPrintCSSLine($uri, $media = "") { echo " <link rel=\"stylesheet\" href=\"".$uri. "\" type=\"text/css\" ".($media != "" ? "media=\"".$media."\"": "")." />\n"; } function cmPrintPageHeader($pageTitle, $pageExtra = "", $useContents = TRUE) { global $pageCSS, $pageCharset, $pageAuthor, $pageCSSData, $pageUrchin; echo "<!DOCTYPE html>\n". "<html>\n". "<head>\n". " <meta charset=\"".$pageCharset."\">\n". " <meta http-equiv=\"Content-type\" content=\"text/html;charset=".$pageCharset."\">\n". " <title>".strip_tags($pageTitle)."</title>\n". $pageExtra; if (is_array($pageCSS)) { foreach ($pageCSS as $uri => $media) cmPrintCSSLine($uri, $media); } else { cmPrintCSSLine($pageCSS); } echo "</head>\n". "<body>\n"; if (isset($pageUrchin)) require_once $pageUrchin; echo "<div id=\"messageBox\"></div>\n"; if ($useContents) echo "<div id=\"contents\">\n"; } function cmPrintPageFooter($useContents = TRUE) { if ($useContents) echo "</div>\n"; echo "</body>\n</html>\n"; } function cmQM($msg) { global $pageTranslations, $pageLang; if (isset($pageTranslations[$msg]) && isset($pageTranslations[$msg][$pageLang])) $str = $pageTranslations[$msg][$pageLang]; else $str = $msg; foreach (func_get_args() as $argn => $argv) $str = preg_replace("/\%".$argn."/", $argv, $str); return $str; } ?>