Mercurial > hg > fapweb

changeset 27:b27204653615

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Work on adding support for entry submission.
author Matti Hamalainen <ccr@tnsp.org>
date Sat, 08 Dec 2012 06:49:53 +0200
parents 7be3f8cf1f7a
children bf567e6402bf
files createdb.php entry.inc.php submit.php vote.inc.php
diffstat 4 files changed, 96 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/createdb.php	Sat Dec 08 04:57:32 2012 +0200
+++ b/createdb.php	Sat Dec 08 06:49:53 2012 +0200
@@ -13,11 +13,13 @@
 
   "voteTimeout"      => array(VT_INT, 120, "Vote page timeout (minutes)"),
   "admTimeout"       => array(VT_INT, 15, "Administration interface timeout (minutes)"),
+
   "showAdmin"        => array(VT_BOOL, false, "Show administration interface link on the menu"),
-
   "showAttendees"    => array(VT_BOOL, false, "Show attendees list"),
   "allowRegister"    => array(VT_BOOL, false, "Enable event registration"),
-  "allowVoting"      => array(VT_BOOL, false, "Enable voting"),
+  "allowSubmit"      => array(VT_BOOL, false, "Enable compo entry submission"),
+  "allowVoting"      => array(VT_BOOL, false, "Enable voting (individual compos must be enabled as well)"),
+
   "showResults"      => array(VT_BOOL, false, "Enable results page"),
   "showResAuthors"   => array(VT_BOOL, false, "Show entry authors on results page"),
   "showVoteAuthors"  => array(VT_BOOL, false, "Show entry authors on voting page"),
@@ -210,11 +212,25 @@
 
 echo "Using database spec '".$spec."'.\n";
 
-switch (stCArg(1))
+switch (stCArgLC(1))
 {
   case "new":
     if (stCreateTables())
       stAddSettings();
+    
+    if (substr($spec, 0, 7) == "sqlite:")
+    {
+      $filename = substr($spec, 7);
+      echo "NOTICE! It seems you have SQLite database in use, changing permission ".
+      "of the target file '".$filename."' to 0600, for security. You may have to ".
+      "loosen up that for the things to actually work, but be careful. Having your ".
+      "database world-readable in the web is NOT good.\n";
+
+      if (chmod($filename, 0600) === FALSE)
+      {
+        echo "ERROR! Could not set permissions!\n";
+      }
+    }
     break;
 
   case "reset":
@@ -224,6 +240,10 @@
     if (stCreateOneTable("settings", $sqlTables["settings"]))
       stAddSettings();
     break;
+
+  default:
+    echo "ERROR! Invalid operation mode '".stCArg(1)."'.\n";
+    break;
 }
 
 ?>
\ No newline at end of file
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/entry.inc.php	Sat Dec 08 06:49:53 2012 +0200
@@ -0,0 +1,66 @@
+<?
+// Check if voting is enabled
+if (!stChkSetting("allowSubmit"))
+{
+  echo
+  "<h1>Sorry, entry submission disabled!</h1>\n".
+  "<p>Compo entry submission not available at this time.</p>\n";
+}
+else
+{
+  stUserSessionAuth();
+  $mode = stGetSessionItem("status", 0);
+  
+  if ($mode < 0)
+  {
+    echo "<h1>Oh noes, an error!</h1>\n".
+    "<ul>\n".stGetSessionItem("message", "")."</ul>\n".
+    stGetFormStart("entry").
+    "  ".stGetFormHiddenInput("goto", "entry")."\n".
+    "  ".stGetFormSubmitInput("back", "Go back")."\n".
+    "</form>\n";
+    stSetSessionStatus(0);
+  }
+  else
+  if ($mode == 0)
+  {
+    echo
+    "<h1>Compo submission system</h1>\n".
+    stGetFormStart("entry", "submit.php").
+    " ".stGetFormHiddenInput("mode", "key")."\n".
+    " ".stGetFormHiddenInput("goto", "entry")."\n".
+    " <div class=\"votectrl\">\n".
+    "  Enter your user key:\n".
+    "  ".stGetFormTextInput(30, 30, "key", "", "", stGetSessionItem("key"), "autocomplete=\"off\"")."\n".
+    "  ".stGetFormSubmitInput("login", "Login")."\n".
+    " </div>\n".
+    "</form>\n";
+  }
+  else
+  if ($mode == 1)
+  {
+    echo
+    "<h1>Compo submission system</h1>\n".
+    stGetFormStart("entry", "submit.php").
+    " ".stGetFormHiddenInput("mode", "entry")."\n".
+    " ".stGetFormHiddenInput("goto", "entry")."\n".
+    " ".stGetFormHiddenInput("key", stGetSessionItem("key"))."\n";
+
+    foreach (stExecSQL("SELECT id,name FROM compos WHERE visible<>0") as $entry)
+    {
+      print_r($entry);
+    }
+
+    echo
+    " <div class=\"votectrl\">".stGetFormSubmitInput("entry", "Submit votes!")."</div>\n".
+    "</form>\n";
+  }
+  else
+  if ($mode == 2)
+  {
+    echo "<h1>Yay, you submitted some entries!</h1>\n".
+    "<p>Now go FAP some more! And make wait for voting.</p>";
+    stSessionEnd(TRUE);
+  }
+}
+?>
\ No newline at end of file
--- a/submit.php	Sat Dec 08 04:57:32 2012 +0200
+++ b/submit.php	Sat Dec 08 06:49:53 2012 +0200
@@ -4,7 +4,11 @@
 
 stSetupCacheControl();
 
-$sessionDestPage = stGetRequestItem("goto");
+$sessionDestPage = stGetRequestItem("goto", FALSE);
+if ($sessionDestPage === FALSE ||
+  $sessionDestPage == "" ||
+  strpos($sessionDestPage, "submit.php") !== FALSE)
+  exit;
 
 // Initiate SQL database connection
 if (!stConnectSQLDB())
@@ -37,7 +41,7 @@
   if (stChkDataItem("key") ||
     strlen(stGetRequestItem("key")) != stGetSetting("userKeyLength"))
   {
-    stError("Invalid or empty vote key, please check.");
+    stError("Invalid or empty user key, please check.");
   }
   else
   {
--- a/vote.inc.php	Sat Dec 08 04:57:32 2012 +0200
+++ b/vote.inc.php	Sat Dec 08 06:49:53 2012 +0200
@@ -30,7 +30,7 @@
     " ".stGetFormHiddenInput("mode", "key")."\n".
     " ".stGetFormHiddenInput("goto", "vote")."\n".
     " <div class=\"votectrl\">\n".
-    "  Enter your vote key:\n".
+    "  Enter your user key:\n".
     "  ".stGetFormTextInput(30, 30, "key", "", "", stGetSessionItem("key"), "autocomplete=\"off\"")."\n".
     "  ".stGetFormSubmitInput("login", "Login")."\n".
     " </div>\n".