Mercurial > hg > fapweb

<?
//
// FAPWeb Simple Demoparty System
// Generic and miscellaneous site support code
// (C) Copyright 2012-2013 Tecnic Software productions (TNSP)
//
require_once "msitegen.inc.php";

// Define modes of party information display system
define("SMODE_ROTATE", 1);
define("SMODE_COMPO", 2);


// Define sizes of database fields, see createdb.php
// and also the places where input is validated.
define("SET_LEN_USERNAME", 32);
define("SET_LEN_GROUPS", 64);
define("SET_LEN_ONELINER", 64);
define("SET_LEN_EMAIL", 80);

define("SET_LEN_NEWS_TITLE", 128);
define("SET_LEN_NEWS_TEXT", 4096);
define("SET_LEN_NEWS_AUTHOR", 64);

define("SET_LEN_COMPO_NAME", 128);
define("SET_LEN_COMPO_DESC", 4096);

define("SET_LEN_ENTRY_NAME", 64);
define("SET_LEN_ENTRY_AUTHOR", 64);
define("SET_LEN_ENTRY_FILENAME", 256);
define("SET_LEN_ENTRY_INFO", 256);


//
// Different voting modes
//
// VOTE_FREELY - Vote keys are not tied to attendees, and do not need to be activated
define("VOTE_FREELY", 0);

// VOTE_ACTIVATE - Vote keys are not tied to attendees, but require manual activation.
define("VOTE_ACTIVATE", 1);

// VOTE_ASSIGN - Keys are tied to attendees, activated by assigning the key to attendee.
define("VOTE_ASSIGN", 2);


function stReloadDisplayVars()
{
  global $displayVars, $displayVarsChanged;

  $displayVars = array();
  $displayVarsChanged = array();

  if (($res = stExecSQL("SELECT * FROM displayVars")) !== FALSE)
  {
    foreach ($res as $row)
    {
      switch ($row["vtype"])
      {
        case VT_INT:  $val = intval($row["vint"]); break;
        case VT_BOOL: $val = intval($row["vint"]) ? true : false; break;
        case VT_STR:  $val = $row["vstr"]; break;
        case VT_TEXT: $val = $row["vtext"]; break;
      }
      $displayVars[$row["key"]] = $val;
    }
  }
}


function stSaveDisplayVars()
{
  global $db, $displayVars, $displayVarsChanged;

  foreach (stExecSQL("SELECT * FROM displayVars") as $item)
  if (isset($displayVarsChanged[$item["key"]]))
  {
    $val = $displayVars[$item["key"]];
    switch ($item["vtype"])
    {
      case VT_INT:  $vsql = stPrepareSQL("vint=%d", $val); break;
      case VT_BOOL: $vsql = stPrepareSQL("vint=%d", $val ? 1 : 0); break;
      case VT_STR:  $vsql = stPrepareSQL("vstr=%s", $val); break;
      case VT_TEXT: $vsql = stPrepareSQL("vtext=%s", $val); break;
    }

    $sql = "UPDATE displayVars SET ".$vsql." WHERE key=".$db->quote($item["key"]);
    stExecSQL($sql);
  }
}


function stGetDisplayVar($name)
{
  global $displayVars;
  if (isset($displayVars[$name]))
    return $displayVars[$name];
  else
    die("No display var for '".$name."'.\n");
}


function stSetDisplayVar($name, $value)
{
  global $displayVars, $displayVarsChanged;
  if (isset($displayVars[$name]))
  {
    $displayVars[$name] = $value;
    $displayVarsChanged[$name] = true;
  }
  else
    die("No display var for '".$name."'.\n");
}


function stPrintAttendee($item, $row, $tr, $full, $edit, $eclass = "")
{
  $id = $item["id"];
  $prefix = "at";

  if ($tr)
  {
    echo
      "  <tr class=\"".($row % 2 == 1 ? "rodd" : "reven").$eclass.
      "\" id=\"attendee".$id."\" ".($full ? "onClick=\"activateAttendee(".$id.")\"" : "").">";
  }

  echo
    stGetTDEditTextItem($edit, 20, SET_LEN_USERNAME, "name", $id, $prefix, $item["name"]).
    stGetTDEditTextItem($edit, 20, SET_LEN_GROUPS, "groups", $id, $prefix, $item["groups"]).
    "<td class=\"regtime\">".date("d.m. H:i", $item["regtime"])."</td>".
    stGetTDEditTextItem($edit, 30, SET_LEN_ONELINER, "oneliner", $id, $prefix, $item["oneliner"], "autocomplete=\"off\"");

  if ($full)
  {
    echo
      stGetTDEditTextItem($edit, 20, SET_LEN_EMAIL, "email", $id, $prefix, $item["email"], "autocomplete=\"off\"");

    if ($edit)
    {
      echo
        "<td>".
        "<button class=\"button\" id=\"atupd".$id."\" type=\"button\" onclick=\"updateAttendee(".$id.")\"> Upd </button>".
        "<button class=\"button\" id=\"atdel".$id."\" type=\"button\" onclick=\"deleteAttendee(".$id.")\"> Del </button>".
        "</td>";
    }
    else
      echo "<td></td>";
  }

  if ($tr)
  echo "</tr>\n";
}


function stPrintNewsItem($item, $edit = "")
{
  echo
  "<div class=\"newsitem\" id=\"news".$item["id"]."\">\n".
  "  <h2>".chentities($item["title"])."</h2>\n".
  "  <div class=\"text\">".dhentities($item["text"])."</div>\n".
  "  <div class=\"sig\">-- ".chentities($item["author"])."<br />".
    date("d M Y / H:i", $item["utime"]).
    $edit."</div>\n".
  "</div>\n";
}


function stGetCompoList($fvisible, $fvoting = FALSE)
{
  global $compos;

  // Get entries and competitions into an array structure
  $sql = "SELECT * FROM compos";
  if ($fvisible || $fvoting)
  {
    $sql .= " WHERE ".implode(" AND ", array($fvisible ? "visible<>0" : "", $fvoting ? "voting<>0" : ""));
  }

  // Get the data
  foreach (stExecSQL($sql) as $compo)
  {
    $id = $compo["id"];

    $compos[$compo["id"]] = array(
      "name" => $compo["name"],
      "showAuthors" => $compo["showAuthors"],
      "entries" => array()
    );

    $sql = stPrepareSQL("SELECT * FROM entries WHERE compo_id=%d", $id);
    foreach (stExecSQL($sql) as $entry)
    {
      $compos[$id]["entries"][$entry["id"]] = $entry;
    }
  }
}


function stGenerateUserKey()
{
  global $db;
  $keyChars = "abdefghjkmnpqrstwxyzABCDEFGHJKLMNPQRSTUVWXYZ23456789";

  while (TRUE)
  {
    // Generate one randomized keycode
    $key = "";
    for ($n = 0; $n < stGetSetting("userKeyLength"); $n++)
      $key .= $keyChars[rand() % strlen($keyChars)];

    // Check if it already exists, to avoid duplicates
    // We need custom query code here, because stFetchSQLColumn()
    // won't work due to it returning FALSE in error cases.
    $sql = stPrepareSQL("SELECT * FROM votekeys WHERE key=%s", $key);
    if (($res = @$db->query($sql)) !== FALSE)
    {
      // Did we get results?
      if ($res->fetchColumn() === FALSE)
      {
        // Nope, return key
        return $key;
      }
    }
    else
    {
      stLogSQLError($sql);
      return FALSE;
    }
  }
}


function stCheckRegistrationAvailable()
{
  global $maxAttendeesHard, $maxAttendeesSoft, $numAttendees;

  $maxAttendeesHard = stGetSetting("maxAttendeesHard");
  $maxAttendeesSoft = stGetSetting("maxAttendeesSoft");
  if (($numAttendees = stFetchSQLColumn("SELECT COUNT(*) FROM attendees")) === FALSE)
    $numAttendees = 0;

  return stChkSetting("allowRegister") && ($maxAttendeesHard <= 0 || $numAttendees < $maxAttendeesHard);
}


function stCheckRequestUserData($admin)
{
  if (!stChkRequestItem("name", $fake,
    array(CHK_ISGT, VT_STR, 0, "Handle / name not given."),
    array(CHK_ISLT, VT_STR, SET_LEN_USERNAME, "Handle / name is too long, should be less than ".SET_LEN_USERNAME." characters.")
    )) return FALSE;

  if (!stChkRequestItem("groups", $fake,
    array(CHK_ISLT, VT_STR, SET_LEN_GROUPS, "Groups are too long, should be less than ".SET_LEN_GROUPS." characters.")
    )) return FALSE;

  if (!stChkRequestItem("oneliner", $fake,
    array(CHK_ISLT, VT_STR, SET_LEN_ONELINER, "Oneliner is too long, should be less than ".SET_LEN_ONELINER." characters.")
    )) return FALSE;

  $email = stGetRequestItem("email");
  if (!$admin && stGetSetting("requireEMail") && strlen($email) < 4)
  {
    stError("E-mail address not given, or it is too short.");
    return FALSE;
  }

  if (strlen($email) > 0 && (strpos($email, "@") === FALSE || strpos($email, ".") === FALSE))
  {
    stError("E-mail address not in proper format.");
    return FALSE;
  }

  if (strlen($email) > SET_LEN_EMAIL)
  {
    stError("E-mail address too long, max ".SET_LEN_EMAIL." characters.");
    return FALSE;
  }

  return TRUE;
}


?>
author	Matti Hamalainen <ccr@tnsp.org>
date	Sun, 17 Nov 2013 19:26:46 +0200
parents	77d33161f8be
children	b236b4d8d7a9