Mercurial > hg > fapweb
view msitegen.inc.php @ 208:8985d2bdb29b
More work on error handling etc.
author | Matti Hamalainen <ccr@tnsp.org> |
---|---|
date | Sun, 17 Nov 2013 20:04:50 +0200 |
parents | 96ab189e5c03 |
children | cafc05949a19 |
line wrap: on
line source
<? // // FAPWeb Simple Demoparty System // Generic and miscellaneous site support code // (C) Copyright 2012-2013 Tecnic Software productions (TNSP) // // Globals and definitions $errorSet = FALSE; $errorMsg = ""; $statusSet = 0; $statusMsg = ""; // Value types define("VT_STR", 1); define("VT_INT", 2); define("VT_BOOL", 3); define("VT_TEXT", 4); // Validation check types define("CHK_TYPE", 1); define("CHK_ISLT", 2); define("CHK_ISGT", 3); define("CHK_ISEQ", 4); define("CHK_CUSTOM", 5); function stDebug($msg) { if (stGetSetting("debug")) error_log($msg); } function stError($msg) { global $errorSet, $errorMsg; $errorSet = TRUE; $errorMsg .= "<li>".$msg."</li>\n"; } function stSetStatus($status, $msg) { global $statusSet, $statusMsg; $statusMsg = $msg; $statusSet = $status; } function stCheckHTTPS() { return isset($_SERVER["HTTPS"]) && ($_SERVER["HTTPS"] != "" && $_SERVER["HTTPS"] != "off"); } function stSetupCacheControl() { header("Cache-Control: must-revalidate, no-store, private"); header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past } function stGetSQLSettingData($item) { switch ($item["vtype"]) { case VT_INT: return intval($item["vint"]); case VT_BOOL: return intval($item["vint"]) ? true : false; case VT_STR: return $item["vstr"]; case VT_TEXT: return $item["vtext"]; } } function stGetSettingSQL($item, $val) { global $db; switch ($item["vtype"]) { case VT_INT: return "vint=".intval($val); break; case VT_BOOL: return "vint=".($val ? "1" : "0"); break; case VT_STR: return "vstr=".$db->quote($val); break; case VT_TEXT: return "vtext=".$db->quote($val); break; default: return FALSE; } } function stReloadSettings() { global $siteSettings; if (($res = stExecSQL("SELECT * FROM settings")) !== FALSE) { foreach ($res as $item) $siteSettings[$item["key"]] = stGetSQLSettingData($item); } else die("Error fetching site settings."); } function stGetSetting($name) { global $siteSettings; if (isset($siteSettings[$name])) return $siteSettings[$name]; else die("No config value for '".$name."'.\n"); } function stChkSetting($name) { global $siteSettings; return isset($siteSettings[$name]) && $siteSettings[$name]; } function dhentities($str) { return str_replace(array("<",">"), array("<", ">"), htmlentities($str, ENT_NOQUOTES, "UTF-8")); } function chentities($str) { return htmlentities($str, ENT_NOQUOTES, "UTF-8"); } function stGetIDName($name, $id, $prefix = "") { return ($id != "" ? "id=\"".$prefix.$name.$id."\" " : ""). ($name != "" ? "name=\"".$prefix.$name.$id."\" " : ""); } function stGetFormCheckBoxInput($name, $id, $prefix, $checked, $label, $extra = "") { return "<input ".$extra." type=\"checkbox\" ".stGetIDName($name, $id, $prefix). ($checked ? "checked=\"checked\" " : "")." />". ($label != "" ? "<label for=\"".$name."\">".$label."</label>" : ""); } function stGetFormRadioButtonInput($name, $id, $prefix, $value, $checked, $label, $extra = "") { return "<input ".$extra." type=\"radio\" ".stGetIDName($name, $id, $prefix). ($checked ? "checked=\"checked\" " : "")." value=\"".$value."\" />". ($label != "" ? "<label for=\"".$name."\">".$label."</label>" : ""); } function stGetFormButtonInput($name, $id, $prefix, $label, $onclick = "") { return "<input type=\"button\" ".stGetIDName($name, $id, $prefix). "value=\" ".chentities($label)." \" ". ($onclick != "" ? "onClick=\"".$onclick."\"" : "")." />"; } function stGetFormTextArea($rows, $cols, $name, $id, $prefix, $value, $extra = "") { return "<textarea ".$extra." ".stGetIDName($name, $id, $prefix). "rows=\"".$rows."\" cols=\"".$cols."\">". (isset($value) ? chentities($value) : ""). "</textarea>"; } function stGetFormTextInput($size, $len, $name, $id, $prefix, $value, $extra = "") { return "<input ".$extra." type=\"text\" ".stGetIDName($name, $id, $prefix). "size=\"".$size."\" maxlength=\"".$len."\"". (isset($value) ? " value=\"".chentities($value)."\"" : ""). " />"; } function stGetFormPasswordInput($name, $id, $prefix) { return "<input type=\"password\" ".stGetIDName($name, $id, $prefix)." />"; } function stGetFormSubmitInput($name, $label, $onclick = "") { return "<input type=\"submit\" name=\"".$name. "\" value=\" ".chentities($label)." \" ". ($onclick != "" ? "onClick=\"".$onclick."\"" : "")." />"; } function stGetFormHiddenInput($name, $value) { return "<input type=\"hidden\" name=\"".$name. "\" value=\"".chentities($value)."\" />"; } function stGetFormStart($name, $action = "", $method = "post") { return "<form name=\"".$name."\" action=\"". ($action != "" ? $action : $name). "\" method=\"".$method."\">\n"; } function stGetTDEditTextItem($edit, $size, $len, $name, $id, $prefix, $value, $extra = "") { return "<td class=\"".$name."\">". ($edit ? stGetFormTextInput($size, $len, $name, $id, $prefix, $value, $extra) : chentities($value)). "</td>"; } function stPrintFormTextInput($text1, $text2, $size, $len, $name, $extra="") { echo " <tr><th>".chentities($text1)."</th><td>". stGetFormTextInput($size, $len, $name, "", "", stGetRequestItem($name), $extra). "</td><td>".chentities($text2)."</td></tr>\n"; } function stPrintFormHiddenInput($name, $value) { echo " ".stGetFormHiddenInput($name, $value)."\n"; } function stErrorStrF($msg, $data) { stError($msg); return FALSE; } // // Check and validate one item from $_REQUEST[], based on // list of validation conditions. For example: // // stChkRequestItem("name", FALSE, // array(CHK_ISGT, VT_STR, 0, "Handle / name not given."), // array(CHK_ISGT, VT_STR, 3, "Handle / name too short, should be 3 characters or more."), // array(CHK_ISLT, VT_STR, SET_LEN_USERNAME, "Handle / name is too long, should be less than ".SET_LEN_USERNAME." characters.")); // function stChkRequestItem($name, &$sdata) { if (!isset($_REQUEST[$name])) return stErrorStrF("Required data item '".$name."' not set.", $name); $data = trim($_REQUEST[$name]); $slen = strlen($data); if ($sdata !== FALSE) $sdata = $data; // Go through list of validation checks $argc = func_num_args(); $argv = func_get_args(); for ($argn = 2; $argn < $argc; $argn++) { // Act according to check type $check = $argv[$argn]; switch ($check[0]) { case CHK_TYPE: // Check type of the data switch ($check[1]) { case VT_STR: if ($slen == 0) return stErrorStrF($check[2], $data); break; case VT_INT: case VT_BOOL: if ($slen == 0 || !is_numeric($data)) return stErrorStrF($check[2], $data); break; } break; case CHK_ISLT: case CHK_ISGT: case CHK_ISEQ: // Check length or value of the data switch ($check[1]) { case VT_STR: case VT_TEXT: // Strings get their length checked if (($check[0] == CHK_ISLT && $slen >= $check[2]) || ($check[0] == CHK_ISGT && $slen <= $check[2]) || ($check[0] == CHK_ISEQ && $slen != $check[2])) return stErrorStrF($check[3], $data); break; case VT_INT: case VT_BOOL: // Integer values checked against .. value $sval = to_int($data); if (($check[0] == CHK_ISLT && $sval >= $check[2]) || ($check[0] == CHK_ISGT && $sval <= $check[2]) || ($check[0] == CHK_ISEQ && $sval != $check[2])) return stErrorStrF($check[3], $data); break; } break; case CHK_CUSTOM: // Call a custom function (or closure) $func = $check[1]; if (!is_callable($func) || !$func($data)) return stErrorStrF($check[2], $data); break; } } return TRUE; } function stGetRequestItem($name, $default = "") { return isset($_REQUEST[$name]) ? trim($_REQUEST[$name]) : $default; } function stGetDRequestItem($name, $default = "") { return trim(urldecode(stGetRequestItem($name, $default))); } function stLogSQLError($sql) { global $db; error_log("SQL error ".implode("; ", $db->errorInfo())." in statement \"".$sql."\""); } function stConnectSQLDB() { global $db; try { $db = new PDO(stGetSetting("sqlDB")); } catch (PDOException $e) { error_log("Could not connect to SQL database: ".$e->getMessage()."."); return FALSE; } return TRUE; } function stGetSQLParam($type, $value) { global $db; switch ($type) { case "d": return intval($value); case "s": return $db->quote($value); case "b": return intval($value) ? 1 : 0; case "D": return intval(stGetRequestItem($value)); case "S": return $db->quote(stGetDRequestItem($value)); case "Q": return $db->quote(stripslashes(stGetDRequestItem($value))); case "B": return intval(stGetRequestItem($value)) ? 1 : 0; } } function stPrepareSQL() { $argc = func_num_args(); $argv = func_get_args(); if ($argc < 1) { error_log("Invalid stPrepareSQL() call, no arguments!"); return FALSE; } $fmt = $argv[0]; $len = strlen($fmt); $sql = ""; $argn = 1; $pos = 0; while ($pos < $len) { if ($fmt[$pos] == "%") { if ($argn < $argc) $sql .= stGetSQLParam($fmt[++$pos], $argv[$argn++]); else { error_log("Invalid SQL statement format string '".$fmt. "', not enough parameters specified (".$argn." of ".$argc.")"); return FALSE; } } else $sql .= $fmt[$pos]; $pos++; } return $sql; } function stPrepareSQLUpdate($table, $cond, $pairs) { $sql = array(); foreach ($pairs as $name => $attr) { $sql[] = $name."=".stGetSQLParam($attr, $name); } return "UPDATE ".$table." SET ".implode(",", $sql). ($cond != "" ? " ".$cond : ""); } function stExecSQL($sql) { global $db; if (($res = $db->query($sql)) !== FALSE) return $res; else { stLogSQLError($sql); stError("Oh noes! SQL error #23!"); return FALSE; } } function stFetchSQL($sql) { global $db; if (($res = $db->query($sql)) !== FALSE) { return $res->fetch(); } else { stLogSQLError($sql); stError("Oh noes! SQL error #31!"); return FALSE; } } function stFetchSQLColumn($sql, $column = 0) { global $db; if (($res = $db->query($sql)) !== FALSE) { return $res->fetchColumn($column); } else { stLogSQLError($sql); stError("Oh noes! SQL error #81!"); return FALSE; } } function stExecSQLCond($sql, $msg = FALSE) { if (($res = stExecSQL($sql)) !== FALSE) { if ($msg !== FALSE) stSetStatus(200, $msg); return $res; } else { stSetStatus(902, "Error in SQL execution."); return FALSE; } } function stStrChop($str, $len) { if (strlen($str) > $len) $s = substr($str, 0, $len - 3)."..."; else $s = $str; return sprintf("%-".$len."s", $s); } function cmLocaleInit() { global $pageCharset; if (!isset($pageCharset)) $pageCharset = "UTF-8"; mb_internal_encoding($pageCharset); $tmp = "en_US.".strtolower(str_replace("-", "", $pageCharset)); setlocale(LC_ALL, $tmp); } function cmPrintCSSLine($uri, $media = "") { echo " <link rel=\"stylesheet\" href=\"".$uri. "\" type=\"text/css\" ".($media != "" ? "media=\"".$media."\"": "")." />\n"; } function cmPrintPageHeader($pageTitle, $pageExtra = "", $useContents = TRUE) { global $pageCSS, $pageCharset, $pageAuthor, $pageCSSData, $pageUrchin; echo "<html>\n". "<head>\n". " <meta charset=\"".$pageCharset."\">\n". " <title>".strip_tags($pageTitle)."</title>\n"; if (is_array($pageCSS)) { foreach ($pageCSS as $uri => $media) cmPrintCSSLine($uri, $media); } else { cmPrintCSSLine($pageCSS); } echo $pageExtra."\n". "</head>\n". "<body>\n"; if (isset($pageUrchin)) require_once $pageUrchin; else require_once "urchin.inc.php"; if ($useContents) echo "<div id=\"contents\">\n"; } function cmPrintPageFooter($useContents = TRUE) { if ($useContents) echo "</div>\n"; echo "</body>\n</html>\n"; } function cmQM($msg) { global $pageTranslations, $pageLang; if (isset($pageTranslations[$msg]) && isset($pageTranslations[$msg][$pageLang])) $str = $pageTranslations[$msg][$pageLang]; else $str = $msg; foreach (func_get_args() as $argn => $argv) $str = preg_replace("/\%".$argn."/", $argv, $str); return $str; } ?>