# HG changeset patch # User Matti Hamalainen # Date 1354640838 -7200 # Node ID 8019b357cc03074348e07d41136481a9cfd9c2a7 Initial import. diff -r 000000000000 -r 8019b357cc03 admin.inc.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/admin.inc.php Tue Dec 04 19:07:18 2012 +0200 @@ -0,0 +1,452 @@ +Oh noes, admin configuration not done!\n". + "

Better go and prod that, so you get to use the fine admin interface.

\n"; + $authState = "error"; +} +else +if (stAuthSession()) +{ + $authState = "ok"; +} +else +{ + // Perform authentication if we are not in session already + echo "

Party admin login

\n". + "

Please use illegal telepathy over HTTP to provide a password to enter the party administration systembolaget.

\n". + "
\n". + stGetFormHiddenInput("mode", "check")."\n". + stGetFormHiddenInput("goto", $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"])."\n". + stGetFormPasswordInput("admpass", "pass", "")."\n". + " \n". + "
\n"; + + $authState = "login"; +} + +if ($authState == "ok") +{ +?> + + +
+- +
+ +
+
+ + + +
+ +
+
+
+ + + +
+ +
+ +
+
+
+ + + +
+
+
+
+ + + +
+
+
+
+ + + +
+ +
+
+
+ + +
+ +
+
+
+
+ + + +
+
+
+
+ + + +
+

+Key entries can only be generated via the shell-utility 'keygen'. +

+
+
+
+ + + + + \ No newline at end of file diff -r 000000000000 -r 8019b357cc03 ajax.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/ajax.php Tue Dec 04 19:07:18 2012 +0200 @@ -0,0 +1,358 @@ +
". + implode(", ", $out1)."

". + implode("
", $out1)."

". + implode(", ", $out2)."

". + implode("
", $out2)."
"; + + } + break; + + case "get": + switch ($type) + { + case "news": + $sql = "SELECT * FROM news ORDER BY utime DESC"; + break; + + case "attendees": + $sql = "SELECT * FROM attendees ORDER BY regtime DESC"; + break; + + case "compos": + $sql = "SELECT * FROM compos ORDER BY id DESC"; + break; + + case "entries": + stGetCompoList(TRUE); + + foreach ($compos as $id => $compo) + { + echo + "
\n". + " \n". + " \n". + " \n". + " \n". + " \n". + " \n". + " \n". + " \n". + " \n"; + + $prefix = "en"; + foreach ($compo["entries"] as $eid => $entry) + { + echo + " \n". + " \n". + " \n". + " \n". + " \n"; + } + $prefix = "ne"; + echo + " \n". + " \n". + " \n". + " \n". + " \n". + "
".chentities($compo["name"])."
TitleAuthorActions
".stGetFormTextInput(40, 64, "name", $eid, "en", $entry["name"])."".stGetFormTextInput(40, 64, "author", $eid, "en", $entry["author"])."". + stGetFormButtonInput("update", $eid, $prefix, " Update ", "updateEntry(".$eid.")"). + stGetFormButtonInput("delete", $eid, $prefix, " Delete ", "deleteEntry(".$eid.")"). + "
".stGetFormTextInput(40, 64, "name", $id, "ne", "")."".stGetFormTextInput(40, 64, "author", $id, "ne", "")."".stGetFormButtonInput("add", $id, $prefix, " Add new ", "addEntry(".$id.")")."
\n". + "
\n"; + } + break; + + case "voters": + $sql = "SELECT * FROM voters ORDER BY id ASC"; + } + + if (isset($sql) && ($res = execSQLCond($sql, "")) !== FALSE) + { + if ($type == "news") + { + foreach ($res as $item) + { + $id = $item["id"]; + stPrintNewsItem($item, + "
". + " \n" + ); + } + } + else + if ($type == "attendees") + { + echo + "\n". + " \n". + " \n". + " \n". + " \n". + " \n". + " \n". + " \n". + " \n"; + $row = 0; + foreach ($res as $item) + stPrintAttendee($item, $row++, TRUE); + echo "
NameGroup(s)RegisteredOnelinerE-mailActions
\n"; + } + else + if ($type == "compos") + { + foreach ($res as $item) + { + $id = $item["id"]; + $prefix = "co"; + echo + "
\n". + "

#".$id." - ".chentities($item["name"])."

\n". + stGetFormTextInput(40, 64, "name", $id, $prefix, $item["name"])."\n". + stGetFormCheckBoxInput("enabled", $id, $prefix, $item["enabled"], "Enabled")."
\n". + stGetFormTextArea(5, 60, "description", $id, $prefix, $item["description"])."\n
\n". + stGetFormButtonInput("update", $id, $prefix, " Update ", "updateCompo(".$id.")")."\n". + "
\n". + "
\n"; + } + } + else + if ($type == "voters") + { + echo + "\n". + " \n". + " \n". + " \n". + " \n". + " \n". + " \n"; + $row = 0; + foreach ($res as $item) + { + $id = $item["id"]; + $prefix = "vo"; + echo + " \n". + " \n". + " \n". + " \n". + " \n". + " \n". + " \n"; + $row++; + } + echo "
#Vote keyNameActive
".sprintf("%04d", $id)."".chentities($item["key"])."".stGetFormTextInput(40, 64, "name", $id, $prefix, $item["name"], + "onBlur=\"updateVoter(".$id.")\" autocomplete=\"off\"")."".stGetFormCheckBoxInput("enabled", $id, $prefix, $item["enabled"], "Active", + "onClick=\"updateVoter(".$id.")\"")."
\n"; + } + } + break; + + case "delete": + if (stChkRequestItem("id")) + { + $id = intval(stGetRequestItem("id")); + + if ($type == "news") + $sql = stPrepareSQL("DELETE FROM news WHERE id=%d AND persist=0", $id); + else + if ($type == "attendees") + $sql = stPrepareSQL("DELETE FROM attendees WHERE id=%d", $id); + else + if ($type == "entries") + $sql = stPrepareSQL("DELETE FROM entries WHERE id=%d", $id); + + execSQLCond($sql, "OK, ".$type." item ".$id." deleted."); + } + else + setStatus(901, "No ID specified."); + break; + + case "add": + if ($type == "news" && stChkRequestItem("text") && stChkRequestItem("author") && stChkRequestItem("title")) + { + $sql = stPrepareSQL( + "INSERT INTO news (utime,title,text,author) VALUES (%d,%S,%Q,%S)", + time(), "title", "text", "author"); + + execSQLCond($sql, "OK, news item added."); + } + else + if ($type == "compo" && stChkRequestItem("name") && stChkRequestItem("description")) + { + $sql = stPrepareSQL( + "INSERT INTO compos (name,description,enabled) VALUES (%S,%Q,0)", + "name", "description", 0); + + execSQLCond($sql, "OK, compo added."); + } + else + if ($type == "entry" && stChkRequestItem("name") && stChkRequestItem("author") && stChkRequestItem("compo_id")) + { + $sql = stPrepareSQL( + "INSERT INTO entries (name,author,compo_id) VALUES (%S,%Q,%D)", + "name", "author", "compo_id"); + + execSQLCond($sql, "OK, entry added."); + } + else + setStatus(902, "No data."); + break; + + case "update": + if ($type == "attendees" && stChkRequestItem("id") && + stChkRequestItem("email") && stChkRequestItem("oneliner")) + { + $sql = stPrepareSQLUpdate("attendees", + "WHERE id=".intval(stGetRequestItem("id")), + array( + "email" => "S", + "oneliner" => "S", + )); + + execSQLCond($sql, "OK, attendee updated."); + } + else + if ($type == "news" && stChkRequestItem("id") && + stChkRequestItem("text") && stChkRequestItem("author") && + stChkRequestItem("title")) + { + $sql = stPrepareSQLUpdate("news", + "WHERE id=".intval(stGetRequestItem("id")), + array( + "title" => "S", + "text" => "Q", + "author" => "S" + )); + + execSQLCond($sql, "OK, news item updated."); + } + else + if ($type == "compo" && stChkRequestItem("id") && + stChkRequestItem("name") && stChkRequestItem("description") && + stChkRequestItem("enabled")) + { + $sql = stPrepareSQLUpdate("compos", + "WHERE id=".intval(stGetRequestItem("id")), + array( + "name" => "S", + "description" => "Q", + "enabled" => "B", + )); + + execSQLCond($sql, "OK, compo updated."); + } + else + if ($type == "voter" && stChkRequestItem("id") && + stChkRequestItem("name") && stChkRequestItem("enabled")) + { + $sql = stPrepareSQLUpdate("voters", + "WHERE id=".intval(stGetRequestItem("id")), + array( + "name" => "S", + "enabled" => "B", + )); + + execSQLCond($sql, "OK, voter updated."); + } + else + if ($type == "entry" && stChkRequestItem("id") && + stChkRequestItem("compo_id") && stChkRequestItem("name") && + stChkRequestItem("author")) + { + $sql = stPrepareSQLUpdate("entries", + "WHERE id=".intval(stGetRequestItem("id"). + " AND compo_id=".intval(stGetRequestItem("compo_id"))), + array( + "name" => "S", + "author" => "S", + )); + + execSQLCond($sql, "OK, voter updated."); + } + else + setStatus(902, "No data."); + break; + + default: + setStatus(404, "Not Found"); + break; +} + +?> \ No newline at end of file diff -r 000000000000 -r 8019b357cc03 attendees.inc.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/attendees.inc.php Tue Dec 04 19:07:18 2012 +0200 @@ -0,0 +1,41 @@ + +
+To register, use this form. +
+Current attendees\n"; +$maxAttendees = stGetSetting("maxAttendees", 20); +$numAttendees = 0; +if (($res = $db->query("SELECT COUNT(*) FROM attendees")) !== FALSE) + $numAttendees = $res->fetchColumn(); + +echo "

Total of ".$numAttendees. + " people registered to attend (". + $maxAttendees." max).

\n"; + +?> + + + + + + + + $maxAttendees) ? " overbooked" : ""); + $index--; + } +} +?> +
NameGroup(s)RegisteredOneliner
diff -r 000000000000 -r 8019b357cc03 compos.inc.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/compos.inc.php Tue Dec 04 19:07:18 2012 +0200 @@ -0,0 +1,31 @@ +

General

+

+YOU MUST HAVE AT LEAST ONE ENTRY TO COMPETITIONS IF YOU COME TO THE PARTY. +

+ +

+If there are enough entries, then AGA/OCS/ECS demos will be run in separate compos. +
+Remote entries are welcome! +

+ +

+The compo machine will be an A1200 with an 060/50 and lots of +RAM. An A500 1.3 512k/512k will also be available if your +prod is not AGA compatible. +

+ +

Compos

+0 ORDER BY id ASC")) !== FALSE) +{ + foreach ($res as $item) + { + echo + "
\n". + "

".chentities($item["name"])."

\n". + stConvertCompoDesc($item["description"]). + "
\n"; + } +} +?> diff -r 000000000000 -r 8019b357cc03 event.inc.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/event.inc.php Tue Dec 04 19:07:18 2012 +0200 @@ -0,0 +1,25 @@ +

Event program & schedule

+ + +

Friday 30.11.

+ + +

Saturday 1.12.

+ + +Competition schedule and voting deadline will depend on number of entries. + +

Sunday 2.12.

+ diff -r 000000000000 -r 8019b357cc03 example.sqlite3 Binary file example.sqlite3 has changed diff -r 000000000000 -r 8019b357cc03 img/2012.png Binary file img/2012.png has changed diff -r 000000000000 -r 8019b357cc03 img/compo_screen_1024x768.png Binary file img/compo_screen_1024x768.png has changed diff -r 000000000000 -r 8019b357cc03 img/compo_screen_640x480.png Binary file img/compo_screen_640x480.png has changed diff -r 000000000000 -r 8019b357cc03 img/fap.png Binary file img/fap.png has changed diff -r 000000000000 -r 8019b357cc03 img/fapsm.png Binary file img/fapsm.png has changed diff -r 000000000000 -r 8019b357cc03 img/kallo.png Binary file img/kallo.png has changed diff -r 000000000000 -r 8019b357cc03 img/kulli.png Binary file img/kulli.png has changed diff -r 000000000000 -r 8019b357cc03 img/pillu.png Binary file img/pillu.png has changed diff -r 000000000000 -r 8019b357cc03 img/runkkari.png Binary file img/runkkari.png has changed diff -r 000000000000 -r 8019b357cc03 img/runkkari2.png Binary file img/runkkari2.png has changed diff -r 000000000000 -r 8019b357cc03 index.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/index.php Tue Dec 04 19:07:18 2012 +0200 @@ -0,0 +1,60 @@ +"); + +if (!stConnectSQLDB()) +{ + printPageFooter(); + exit; +} + +?> +
+ + +
+ +
+
+ +
+
+ \ No newline at end of file diff -r 000000000000 -r 8019b357cc03 keygen.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/keygen.php Tue Dec 04 19:07:18 2012 +0200 @@ -0,0 +1,139 @@ +#!/usr/bin/php +errorInfo())." in statement \"".$sql."\"\n"; + exit; +} + +if ($argc < 2) +{ + echo "Usage: ".$argv[0]." [args]\n". + "Where mode is one of following:\n". + "\n". + " generate <#> Generate # MORE vote keys. If previously\n". + " generated keys exist, # keys will be added.\n". + "\n". + " print [all] Print list of list of UNactive keys\n". + " (unless 'all' option is specified)\n". + "\n"; + exit; +} + +if (!stConnectSQLDB()) + die("Could not connect to SQL database.\n"); + +switch (substr(garg(1), 0, 2)) +{ + case "ge": + // Check arguments for sanity + if (($num = garg(2)) === FALSE) + { + echo "No number of keys specified.\n"; + exit; + } + + if ($num < 1 || $num > 1000) + { + echo "Invalid number of keys.\n"; + exit; + } + + echo "Generating keys .."; + for ($i = 0; $i < $num; ) + { + echo "."; + + // Generate one keycode + $key = ""; + for ($n = 0; $n < stGetSetting("votekeylen", 8); $n++) + $key .= $keyChars[rand() % strlen($keyChars)]; + + // Check if it already exists, to avoid duplicates + $sql = stPrepareSQL("SELECT * FROM voters WHERE key=%s", $key); + if (($res = @$db->query($sql)) !== FALSE) + { + if ($res->fetchColumn() === FALSE) + { + // Nope, add into database + $sql = stPrepareSQL( + "INSERT INTO voters (key,name,enabled) VALUES (%s,'',0)", + $key); + + if (($res = $db->query($sql)) === FALSE) + gSQLError($sql); + + $i++; + } + } + else + { + gSQLError($sql); + } + } + echo "\nGenerated ".$i." new keys.\n"; + break; + + case "pr": + // Print keys + $all = garg(2) == "all"; + $sql = "SELECT * FROM voters ".($all ? "" : "WHERE enabled=0 ")."ORDER BY id ASC"; + if (($res = @$db->query($sql)) !== FALSE) + { + $rows = 0; + $nitem = 0; + $total = 0; + + foreach ($res as $item) + { + $total++; + printf("%s%04d - %8s", + $item["enabled"] ? "*" : " ", + $item["id"], $item["key"]); + + if (++$nitem >= $maxItems) + { + $nitem = 0; + echo "\n"; + + if (++$rows % $maxRows == 0) + echo "\f\n"; + } + else + echo " | "; + } + + if ($nitem > 0) + echo "\n"; + + echo "Total of ".$total." ".($all ? "keys (all printed)" : "unactive keys")."\n"; + } + else + { + gSQLError($sql); + } + break; + + default: + echo "Unknown operating mode '".garg(1)."'.\n"; + break; +} + +?> \ No newline at end of file diff -r 000000000000 -r 8019b357cc03 login.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/login.php Tue Dec 04 19:07:18 2012 +0200 @@ -0,0 +1,10 @@ + \ No newline at end of file diff -r 000000000000 -r 8019b357cc03 logout.inc.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/logout.inc.php Tue Dec 04 19:07:18 2012 +0200 @@ -0,0 +1,11 @@ +Logged out\n". + "

Have a nice day.

\n"; +} +else +{ + header("Location: admin"); +} +?> \ No newline at end of file diff -r 000000000000 -r 8019b357cc03 mconfig.inc.php.example --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mconfig.inc.php.example Tue Dec 04 19:07:18 2012 +0200 @@ -0,0 +1,31 @@ + false, + "allowVoting" => TRUE, + "showResults" => TRUE, + "showAuthors" => TRUE, + "maxAttendees" => 60, + + "admpass" => "supreme", + "dbfilename" => "fap.sqlite3", + + "votekeylen" => 8, +); + + +$securePages = array( + "/fap2012/admin" => true, + "/fap2012/register" => true, + "/fap2012/vote" => false, +); + +$pageTitle = "Finnish Amiga Party 2012"; +$pageCharset = "utf-8"; +$pageCSS = "fap.css"; + +$specURLs = array( + "irc" => array("irc://#fap2012@ircnet", "#fap2012 @ IRCNet"), +); + +?> \ No newline at end of file diff -r 000000000000 -r 8019b357cc03 msite.inc.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/msite.inc.php Tue Dec 04 19:07:18 2012 +0200 @@ -0,0 +1,465 @@ +".$msg."\n"; +} + + +function stCheckHTTPS() +{ + return isset($_SERVER["HTTPS"]) && ($_SERVER["HTTPS"] != "" && $_SERVER["HTTPS"] != "off"); +} + + +function stAuthSession() +{ + if (@session_start() === TRUE && isset($_SESSION["admpass"]) && + $_SESSION["admpass"] == stGetSetting("admpass", FALSE)) + { + // Check for session expiration + if (!isset($_SESSION["expires"]) || $_SESSION["expires"] < time()) + return FALSE; + + // Add more time to expiration + $_SESSION["expires"] = time() + stGetSetting("admtimeout", 5 * 60); + return TRUE; + } + else + return FALSE; +} + + +function stStartSession() +{ + if (@session_start() === TRUE) + { + $_SESSION["admpass"] = stGetSetting("admpass", FALSE); + $_SESSION["expires"] = time() + stGetSetting("admtimeout", 5 * 60); + return TRUE; + } + else + return FALSE; +} + + +function stEndSession() +{ + $ok = stAuthSession(); + $_SESSION = array(); + if (ini_get("session.use_cookies")) + { + $params = session_get_cookie_params(); + setcookie(session_name(), "", time() - 242000, + $params["path"], $params["domain"], + $params["secure"], $params["httponly"] + ); + } + @session_destroy(); + return $ok; +} + + +function stGetSetting($name, $default) +{ + global $siteSettings; + if (isset($siteSettings[$name])) + return $siteSettings[$name]; + else + return $default; +} + + +function stChkSetting($name) +{ + global $siteSettings; + return isset($siteSettings[$name]) && $siteSettings[$name]; +} + + +function stSpecURL($id) +{ + global $specURLs; + if (isset($specURLs[$id])) + return "".$specURLs[$id][1].""; + else + return ""; +} + + +function stPrintSpecURL($id) +{ + echo stSpecURL($id); +} + + +function dhentities($str) +{ + return str_replace(array("<",">"), array("<", ">"), htmlentities($str, ENT_NOQUOTES, "UTF-8")); +} + + +function chentities($str) +{ + return htmlentities($str, ENT_NOQUOTES, "UTF-8"); +} + + +function stGetFormCheckBoxInput($name, $id, $prefix, $checked, $label, $extra = "") +{ + return + "". + ""; +} + + +function stGetFormButtonInput($name, $id, $prefix, $label, $onclick = "") +{ + return + ""; +} + + +function stGetFormTextArea($rows, $cols, $name, $id, $prefix, $value, $extra = "") +{ + return + ""; +} + + +function stGetFormTextInput($size, $len, $name, $id, $prefix, $value, $extra = "") +{ + return + ""; +} + + +function stGetFormPasswordInput($name, $id, $prefix) +{ + return + ""; +} + + +function stGetFormHiddenInput($name, $value) +{ + return ""; +} + + +function stGetTDEditTextItem($edit, $size, $len, $name, $id, $prefix, $value, $extra = "") +{ + return + "". + ($edit ? stGetFormTextInput($size, $len, $name, $id, $prefix, $value, $extra) : chentities($value)). + ""; +} + + +function stPrintFormTextInput($text1, $text2, $size, $len, $name, $extra="") +{ + echo " ".chentities($text1)."". + stGetFormTextInput($size, $len, $name, "", "", $_REQUEST[$name], $extra). + "".chentities($text2)."\n"; +} + + +function stPrintFormHiddenInput($name, $value) +{ + echo " ".stGetFormHiddenInput($name, $value)."\n"; +} + + +function stPrintAttendee($item, $row, $edit, $eclass = "") +{ + $id = $item["id"]; + $prefix = "at"; + echo " ". + "". + stGetTDEditTextItem(FALSE, 20, 40, "name", $id, $prefix, $item["name"]). + stGetTDEditTextItem(FALSE, 20, 40, "groups", $id, $prefix, $item["groups"]). + "".date("d M Y / H:i", $item["regtime"])."". + stGetTDEditTextItem($edit, 30, 64, "oneliner", $id, $prefix, $item["oneliner"], "autocomplete=\"off\""); + + if ($edit) + { + echo + stGetTDEditTextItem($edit, 20, 40, "email", $id, $prefix, $item["email"], "autocomplete=\"off\""). + "". + "". + "". + ""; + } + + echo "\n"; +} + + +function stPrintNewsItem($item, $edit = "") +{ + echo + "
\n". + "

".chentities($item["title"])."

\n". + "
".dhentities($item["text"])."
\n". + "
-- ".chentities($item["author"])."
". + date("d M Y / H:i", $item["utime"]). + $edit."
\n". + "
\n"; +} + + +function stChkDataItem($name) +{ + return !isset($_REQUEST[$name]) || strlen(trim($_REQUEST[$name])) < 1; +} + + +function stChkRequestItem($name) +{ + return isset($_REQUEST[$name]); +} + + +function stGetRequestItem($name, $default = "") +{ + return isset($_REQUEST[$name]) ? trim($_REQUEST[$name]) : $default; +} + + +function stGetDRequestItem($name, $default = "") +{ + return trim(urldecode(stGetRequestItem($name, $default))); +} + + +function stLogSQLError($sql) +{ + global $db; + error_log("SQL error ".implode("; ", $db->errorInfo())." in statement \"".$sql."\""); +} + + +function stConnectSQLDB() +{ + global $db; + try { + $db = new PDO("sqlite:".stGetSetting("dbfilename", FALSE)); + } + catch (PDOException $e) { + error_log("Could not connect to SQL database: ".$e->getMessage()."."); + return FALSE; + } + return TRUE; +} + + +function stGetSQLParam($type, $value) +{ + global $db; + switch ($type) + { + case "d": + return intval($value); + + case "s": + return $db->quote($value); + + case "D": + return intval(stGetRequestItem($value)); + + case "S": + return $db->quote(stGetDRequestItem($value)); + + case "Q": + return $db->quote(stripslashes(stGetDRequestItem($value))); + + case "B": + return intval(stGetRequestItem($value)) ? 1 : 0; + } +} + + +function stPrepareSQL() +{ + $argc = func_num_args(); + $argv = func_get_args(); + if ($argc < 1) + { + error_log("Invalid stPrepareSQL() call, no arguments!"); + return FALSE; + } + + $fmt = $argv[0]; + $len = strlen($fmt); + $sql = ""; + $argn = 1; + $pos = 0; + while ($pos < $len) + { + if ($fmt[$pos] == "%") + { + if ($argn < $argc) + $sql .= stGetSQLParam($fmt[++$pos], $argv[$argn++]); + else + { + error_log("Invalid SQL statement format string '".$fmt. + "', not enough parameters specified (".$argn." of ".$argc.")"); + return FALSE; + } + } + else + $sql .= $fmt[$pos]; + $pos++; + } + + return $sql; +} + + +function stPrepareSQLUpdate($table, $cond, $pairs) +{ + $sql = array(); + foreach ($pairs as $name => $attr) + { + $sql[] = $name."=".stGetSQLParam($attr, $name); + } + return + "UPDATE ".$table." SET ".implode(",", $sql). + ($cond != "" ? " ".$cond : ""); +} + + +function stExecSQL($sql) +{ + global $db; + if (($res = $db->query($sql)) !== FALSE) + return $res; + else + { + stLogSQLError($sql); + stError("Oh noes! SQL error #23!"); + return FALSE; + } +} + + +function stFetchSQL($sql) +{ + global $db; + if (($res = $db->query($sql)) !== FALSE) + { + return $res->fetch(); + } + else + { + stLogSQLError($sql); + stError("Oh noes! SQL error #31!"); + return FALSE; + } +} + + +function stFetchSQLColumn($sql, $column = 0) +{ + global $db; + if (($res = $db->query($sql)) !== FALSE) + { + return $res->fetchColumn($column); + } + else + { + stLogSQLError($sql); + stError("Oh noes! SQL error #81!"); + return FALSE; + } +} + + +function stGetCompoList($all) +{ + global $compos; + + // Get entries and competitions into an array structure + $sql = "SELECT * FROM compos ".($all ? "" :"WHERE enabled<>0 ")."ORDER BY name DESC"; + foreach (stExecSQL($sql) as $compo) + { + $id = $compo["id"]; + + $compos[$compo["id"]] = array( + "name" => $compo["name"], + "entries" => array() + ); + + $sql = stPrepareSQL("SELECT * FROM entries WHERE compo_id=%d", $id); + foreach (stExecSQL($sql) as $entry) + { + $compos[$id]["entries"][$entry["id"]] = $entry; + } + } +} + + +function stConvSwitchMode(&$str, &$mode, $newMode) +{ + if ($newMode != $mode) + { + if ($mode != "") + $str .= "\n\n"; + + $mode = $newMode; + + if ($mode != "") + $str .= "<".$mode.">\n"; + } +} + + +function stConvertCompoDesc($desc) +{ + global $stDescConversion; + $str = ""; + $mode = ""; + + foreach (explode("\n", $desc) as $line) + { + if (preg_match("/^\s*\s*\*(.+)$/", $line, $m)) + { + stConvSwitchMode($str, $mode, "ol"); + $str .= "
  • ".$m[1]."
    • \n"; + } + else + if (preg_match("/^\s*-\s*(.+)$/", $line, $m)) + { + stConvSwitchMode($str, $mode, "ul"); + $str .= "
  • ".$m[1]."
    • \n"; + } + else + { + stConvSwitchMode($str, $mode, "p"); + $str .= $line; + } + } + + stConvSwitchMode($str, $mode, ""); + + return $str; +} + +?> \ No newline at end of file diff -r 000000000000 -r 8019b357cc03 news.inc.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/news.inc.php Tue Dec 04 19:07:18 2012 +0200 @@ -0,0 +1,24 @@ +
    +FAP + +

    +Pure Amiga demoscene party, all traditional Amiga compos and purely Amiga-oriented program. +
    + +YOU MUST HAVE AT LEAST ONE ENTRY TO COMPETITIONS IF YOU COME TO THE PARTY. + +

    +
    + diff -r 000000000000 -r 8019b357cc03 register.inc.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/register.inc.php Tue Dec 04 19:07:18 2012 +0200 @@ -0,0 +1,176 @@ +\n". + " \n"; + + stPrintFormHiddenInput("mode", $mode); + + foreach (array("name", "groups", "email", "oneliner", "hash", "botcheck") as $name) + stPrintFormHiddenInput($name, stGetRequestItem($name)); + + echo "\n"; +} + + +function intValueToHash($val) +{ + global $botCheckIDs; + $str = ""; + do + { + $str = $botCheckIDs[$val & 31].$str; + $val >>= 5; + } + while ($val > 0); + return $str; +} + + +function intHashToValue($hash) +{ + global $botCheckIDs; + for ($val = 0, $i = 0; $i < strlen($hash); $i++) + { + $val *= 32; + $n = strpos($botCheckIDs, $hash[$i]); + if ($n !== FALSE) + $val += $n; + else + return -2; + } + return $val; +} + + +function splitHash($hash) +{ + global $botCheckOPs; + return preg_split("/([".$botCheckOPs."])/", $hash, -1, PREG_SPLIT_DELIM_CAPTURE); +} + + +function hashToCheckStr($hash) +{ + global $botCheckOPs, $botCheckROPs; + $out = ""; + + foreach (splitHash($hash) as $val) + { + $i = strpos($botCheckOPs, $val); + if ($i !== FALSE) + $out .= " ".$botCheckROPs[$i]." "; + else + $out .= intHashToValue($val); + } + return $out; +} + + +function hashToAnswer($hash) +{ + eval("\$res = ".hashToCheckStr($hash).";"); + return $res; +} + +// Check if registration is enabled +if (!stChkSetting("allowRegister")) +{ +?> +

    Sorry, registration disabled!

    +

    +Registration to the event is not available at this time. +

    + +

    Registration

    + +
    + + + + + +
    +
    +

    +Only your handle and the answer to the botcheck are strictly required. If you plan on joining the IRC channel +() or staying up to date by other means, +e-mail is not required either. +

    + +Following errors occured:

    \n". + "\n"; + stPrintFormData("Go back"); + } + else + { + $sql = stPrepareSQL( + "INSERT INTO attendees (regtime,name,groups,oneliner,email) VALUES (%d,%S,%S,%S,%S)", + time(), "name", "groups", "oneliner", "email"); + + if (stExecSQL($sql) !== FALSE) + { + echo "

    Registration successful

    \n"; + echo "

    Now go make a demo about it!

    \n"; + if (stChkDataItem("email")) + { + echo "

    By the way ...

    ". + "

    As you did not specify an e-mail contact address, you'll have to get updates ". + "and information about the location (if you don't already know it) by ". + "some other means (".stSpecURL("irc").", for example.)

    "; + } + } + else + { + echo "

    An error occured.

    \n"; + echo "

    Oh noes! SQL error happenstance!

    "; + } + } +} +?> \ No newline at end of file diff -r 000000000000 -r 8019b357cc03 results.inc.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/results.inc.php Tue Dec 04 19:07:18 2012 +0200 @@ -0,0 +1,37 @@ +Results\n"; + +if (($res = stExecSQL("SELECT * FROM compos ORDER BY name DESC")) !== FALSE) +foreach ($res as $compo) +{ + $sql = + "SELECT DISTINCT SUM(votes.value) AS votesum,entries.*,votes.* ". + "FROM entries LEFT JOIN votes ON entries.id=votes.entry_id ". + "WHERE entries.compo_id=".$compo["id"]." ORDER BY ". + ($showResults ? "entries.id" : "votesum")." ASC"; + + echo "

    ".$compo["name"]."

    \n". + "\n". + " \n". + " \n". + " \n". + " \n". + " \n". + " \n"; + + $index = 1; + if (($fres = stExecSQL($sql)) !== FALSE) + foreach ($fres as $entry) + { + echo + "". + "". + "". + "". + "". + "\n"; + } + + echo "
    #PointsNameAuthor
    ".($showResults ? "#".$index : "")."".($showResults ? $entry["votesum"] : "?")."".chentities($entry["name"])."".($showAuthors ? chentities($entry["author"]) : "-")."
    \n"; +} +?> \ No newline at end of file diff -r 000000000000 -r 8019b357cc03 vote.inc.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/vote.inc.php Tue Dec 04 19:07:18 2012 +0200 @@ -0,0 +1,183 @@ +\n". + " \n"; + + stPrintFormHiddenInput("mode", $mode); + stPrintFormHiddenInput("key", stGetRequestItem("key")); + + foreach ($compos as $id => $compo) + { + foreach ($compo["entries"] as $eid => $entry) + { + stPrintFormHiddenInput("entry".$eid, stGetRequestItem("entry".$eid)); + } + } + + echo "\n"; +} + + +// Check if voting is enabled +if (!stChkSetting("allowVoting")) +{ +?> +

    Sorry, voting disabled!

    +

    +Voting functionality not available at this time. +

    + +

    Way Too Simple Vote System

    + +
    + + +\n"; + +foreach ($compos as $id => $compo) +if (count($compo["entries"]) > 0) +{ + echo + "
    \n". + " \n". + " \n". + " \n". + " \n". + " \n". + " \n"; + + foreach ($compo["entries"] as $eid => $entry) + { + echo + " \n". + " \n". + " \n". + " \n". + " \n"; + } + echo + "
    ".chentities($compo["name"])."
    TitleAuthorActions
    ".$entry["name"]."".$entry["author"]."\n"; + + for ($i = stGetSetting("voteMin", -2); $i <= stGetSetting("voteMax", 2); $i++) + { + $name = "entry".$eid; + $checked = stChkRequestItem($name) ? stGetRequestItem($name) : 0; + echo + " \n"; + } + + echo + "
    \n"; +} +?> +
    +
    +0", + "key"); + + if (($voter = stFetchSQL($sql)) === FALSE) + stError("Vote key does not exist, perhaps you typed it incorrectly?"); + } + + // Check the submitted vote values + foreach ($compos as $id => $compo) + if (count($compo["entries"]) > 0) + { + foreach ($compo["entries"] as $eid => $entry) + { + $vote = stGetRequestItem("entry".$eid); + if ($vote < stGetSetting("voteMin", -2) || $vote > stGetSetting("voteMax", 2)) + { + stError("One or more vote value was out of bounds. Trying to cheat, eh?"); + break; + } + } + } + + // Ookkay... + if ($errorSet) + { + echo "

    Following errors occured:

    \n". + "\n"; + stPrintFormData("Go back"); + } + else + { + foreach ($compos as $id => $compo) + if (count($compo["entries"]) > 0) + { + foreach ($compo["entries"] as $eid => $entry) + { + $vote = stGetRequestItem("entry".$eid); + $sql = stPrepareSQL("SELECT id FROM votes WHERE voter_id=%d AND entry_id=%d", + $voter["id"], $eid); + + if (stFetchSQLColumn($sql) === false) + { + $sql = stPrepareSQL( + "INSERT INTO votes (voter_id,entry_id,value) VALUES (%d,%d,%d)", + $voter["id"], $eid, $vote); + + if (stExecSQL($sql) === false) + break; + } + else + { + $sql = stPrepareSQL( + "UPDATE votes SET value=%d WHERE voter_id=%d AND entry_id=%d", + $vote, $voter["id"], $eid); + + if (stExecSQL($sql) === false) + break; + } + } + } + + if ($errorSet) + { + echo "

    An error occured.

    \n"; + echo "

    Following errors occured:

    \n". + "\n"; + stPrintFormData("Go back"); + } + else + { + echo "

    Voting successful

    \n"; + echo "

    Now go FAP some more! Or whatever.

    \n"; + } + } +} +?> \ No newline at end of file