Mercurial > hg > fapweb

<?
//
// FAPWeb Simple Demoparty System
// Generic and miscellaneous site support code
// (C) Copyright 2012-2013 Tecnic Software productions (TNSP)
//
require_once "msitegen.inc.php";

// Define modes of party information display system
define("SMODE_ROTATE", 1);
define("SMODE_COMPO", 2);


// Define sizes of database fields, see createdb.php
// and also the places where input is validated.
define("SET_LEN_USERNAME", 32);
define("SET_LEN_GROUPS", 64);
define("SET_LEN_ONELINER", 64);
define("SET_LEN_EMAIL", 80);

define("SET_LEN_NEWS_TITLE", 128);
define("SET_LEN_NEWS_TEXT", 4096);
define("SET_LEN_NEWS_AUTHOR", 64);

define("SET_LEN_COMPO_NAME", 128);
define("SET_LEN_COMPO_DESC", 4096);

define("SET_LEN_ENTRY_NAME", 64);
define("SET_LEN_ENTRY_AUTHOR", 64);
define("SET_LEN_ENTRY_FILENAME", 256);
define("SET_LEN_ENTRY_INFO", 256);


//
// Different voting modes
//
define("VOTE_FREELY", 0);
define("VOTE_ACTIVATE", 1);
define("VOTE_ASSIGN", 2);

$voteModeData = array(
  VOTE_FREELY => array("Freeform voting",
    "Vote keys are not tied to attendees, and do not need to be activated.".
    "Take one printed key slip, give it to attendee."
    ),
  VOTE_ACTIVATE => array("Key activation",
    "Vote keys are not tied to attendees, but require manual activation. ".
    "Take one printed key slip, find it by the index number in the list below, set to activated. ".
    "Give key slip to attendee."
    ),
  VOTE_ASSIGN => array("Assigned keys",
    "Votekeys are tied to attendees, activated by assigning the key to attendee. "
    ),
);


function stReloadDisplayVars()
{
  global $displayVars, $displayVarsChanged;

  $displayVars = array();
  $displayVarsChanged = array();

  if (($res = stExecSQL("SELECT * FROM displayVars")) !== FALSE)
  {
    foreach ($res as $row)
    {
      switch ($row["vtype"])
      {
        case VT_INT:  $val = intval($row["vint"]); break;
        case VT_BOOL: $val = intval($row["vint"]) ? true : false; break;
        case VT_STR:  $val = $row["vstr"]; break;
        case VT_TEXT: $val = $row["vtext"]; break;
      }
      $displayVars[$row["key"]] = $val;
    }
  }
}


function stSaveDisplayVars()
{
  global $db, $displayVars, $displayVarsChanged;

  foreach (stExecSQL("SELECT * FROM displayVars") as $item)
  if (isset($displayVarsChanged[$item["key"]]))
  {
    $val = $displayVars[$item["key"]];
    switch ($item["vtype"])
    {
      case VT_INT:  $vsql = stPrepareSQL("vint=%d", $val); break;
      case VT_BOOL: $vsql = stPrepareSQL("vint=%d", $val ? 1 : 0); break;
      case VT_STR:  $vsql = stPrepareSQL("vstr=%s", $val); break;
      case VT_TEXT: $vsql = stPrepareSQL("vtext=%s", $val); break;
    }

    $sql = "UPDATE displayVars SET ".$vsql." WHERE key=".$db->quote($item["key"]);
    stExecSQL($sql);
  }
}


function stGetDisplayVar($name)
{
  global $displayVars;
  if (isset($displayVars[$name]))
    return $displayVars[$name];
  else
    die("No display var for '".$name."'.\n");
}


function stSetDisplayVar($name, $value)
{
  global $displayVars, $displayVarsChanged;
  if (isset($displayVars[$name]))
  {
    $displayVars[$name] = $value;
    $displayVarsChanged[$name] = true;
  }
  else
    die("No display var for '".$name."'.\n");
}


function stPrintAttendee($item, $row, $tr, $full, $edit, $eclass = "")
{
  $id = $item["id"];
  $prefix = "at";

  if ($tr)
  {
    echo
      "  <tr class=\"".($row % 2 == 1 ? "rodd" : "reven").$eclass.
      "\" id=\"attendee".$id."\" ".($full ? "onClick=\"activateAttendee(".$id.")\"" : "").">";
  }

  echo
    stGetTDEditTextItem($edit, 20, SET_LEN_USERNAME, "name", $id, $prefix, $item["name"]).
    stGetTDEditTextItem($edit, 20, SET_LEN_GROUPS, "groups", $id, $prefix, $item["groups"]).
    "<td class=\"regtime\">".date("d.m. H:i", $item["regtime"])."</td>".
    stGetTDEditTextItem($edit, 30, SET_LEN_ONELINER, "oneliner", $id, $prefix, $item["oneliner"], "autocomplete=\"off\"");

  if ($full)
  {
    echo
      stGetTDEditTextItem($edit, 20, SET_LEN_EMAIL, "email", $id, $prefix, $item["email"], "autocomplete=\"off\"");

    if ($edit)
    {
      echo
        "<td>".
        "<button class=\"button\" id=\"atupd".$id."\" type=\"button\" onclick=\"updateAttendee(".$id.")\"> Upd </button>".
        "<button class=\"button\" id=\"atdel".$id."\" type=\"button\" onclick=\"deleteAttendee(".$id.")\"> Del </button>".
        "</td>";
    }
    else
      echo "<td></td>";
  }

  if ($tr)
  echo "</tr>\n";
}


function stPrintNewsItem($item)
{
  echo
  "<div class=\"newsitem\" id=\"news".$item["id"]."\">\n".
  "  <h2>".chentities($item["title"])."</h2>\n".
  "  <div class=\"text\">".dhentities($item["text"])."</div>\n".
  "  <div class=\"sig\">-- ".chentities($item["author"])."<br />".
  date("d M Y / H:i", $item["utime"])."</div>\n".
  "</div>\n";
}


function stGenerateUserKey()
{
  global $db;
  $keyChars = "abdefghjkmnpqrstwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789";

  while (TRUE)
  {
    // Generate one randomized keycode
    $key = "";
    for ($n = 0; $n < stGetSetting("userKeyLength"); $n++)
      $key .= $keyChars[rand() % strlen($keyChars)];

    // Check if it already exists, to avoid duplicates
    // We need custom query code here, because stFetchSQLColumn()
    // won't work due to it returning FALSE in error cases.
    $sql = stPrepareSQL("SELECT * FROM votekeys WHERE key=%s", $key);
    if (($res = @$db->query($sql)) !== FALSE)
    {
      // Did we get results?
      if ($res->fetchColumn() === FALSE)
      {
        // Nope, return key
        return $key;
      }
    }
    else
    {
      stLogSQLError($sql);
      return FALSE;
    }
  }
}


function stCheckRegistrationAvailable()
{
  global $maxAttendeesHard, $maxAttendeesSoft, $numAttendees;

  $maxAttendeesHard = stGetSetting("maxAttendeesHard");
  $maxAttendeesSoft = stGetSetting("maxAttendeesSoft");
  if (($numAttendees = stFetchSQLColumn("SELECT COUNT(*) FROM attendees")) === FALSE)
    $numAttendees = 0;

  return stChkSetting("allowRegister") && ($maxAttendeesHard <= 0 || $numAttendees < $maxAttendeesHard);
}


function stValidateRequestUserData($admin)
{
  if (!stChkRequestItem("name", $fake,
    array(CHK_ISGT, VT_STR, 0, "Handle / name not given."),
    array(CHK_LTEQ, VT_STR, SET_LEN_USERNAME, "Handle / name is too long, should be less than ".SET_LEN_USERNAME." characters.")
    )) return FALSE;

  if (!stChkRequestItem("groups", $fake,
    array(CHK_LTEQ, VT_STR, SET_LEN_GROUPS, "Groups are too long, should be less than ".SET_LEN_GROUPS." characters.")
    )) return FALSE;

  if (!stChkRequestItem("oneliner", $fake,
    array(CHK_LTEQ, VT_STR, SET_LEN_ONELINER, "Oneliner is too long, should be less than ".SET_LEN_ONELINER." characters.")
    )) return FALSE;

  $email = stGetRequestItem("email");
  if (!$admin && stGetSetting("requireEMail") && strlen($email) < 4)
  {
    stError("E-mail address not given, or it is too short.");
    return FALSE;
  }

  if (strlen($email) > 0 && (strpos($email, "@") === FALSE || strpos($email, ".") === FALSE))
  {
    stError("E-mail address not in proper format.");
    return FALSE;
  }

  if (strlen($email) > SET_LEN_EMAIL)
  {
    stError("E-mail address too long, max ".SET_LEN_EMAIL." characters.");
    return FALSE;
  }

  return TRUE;
}


?>
author	Matti Hamalainen <ccr@tnsp.org>
date	Sun, 24 Nov 2013 18:42:13 +0200
parents	b9a40d930bb6
children	50e52dc43916