public function test()
{
pr(App::themePath('purple'));
pr(App::path('Model'));
debug(App::paths());
pr(App::path('Component', 'DebugKit'));
debug(env('document_root'));
debug(h('fengjie ; fengjie '));
LogError('fengjie');
pr(array('fengjie', 'fengjie'));
debug(h('fengjie ; fengjie '));
pr(YEAR);
pr(HOUR);
}
/**
* Query the data source.
* <p>This class makes no assumption about the content of the query
* object, but the behavior of the resulting Cursor object should be
* consistent between data source implementations.
* @param mixed $query Some sort of query that will be understood by
* the implemented data source.
* @return Cursor The result of the query, FALSE otherwise (though this
* is unlikely to occur because of the fatal error event when a query
* fails).
*/
function &query($query)
{
if (!($rv =& parent::query($query))) {
$result = mysql_query($query, $this->myLink);
if ($result) {
$rv = new MySQLCursor($result, $this);
} else {
LogError("MySQL query failed: \n" . $query . "\n" . mysql_error());
LogFatal("MySQL query failed");
$rv = FALSE;
}
}
return $rv;
}
/**
* Query the data source.
* <p>This class makes no assumption about the content of the query
* object, but the behavior of the resulting Cursor object should be
* consistent between data source implementations.
* @param mixed $query Some sort of query that will be understood by
* the implemented data source.
* @return Cursor The result of the query, FALSE if the query failed.
*/
function &query($query)
{
if ($this->isConnected) {
if (IsLogEnabled('DEBUG')) {
LogDebug("querying for: \n" . print_r($query, TRUE), $this);
}
$rv = FALSE;
return $rv;
} else {
if (IsLogEnabled('ERROR')) {
LogError("Cannot run query: \n" . print_r($query, TRUE) . "\ndata source is not connected: " . print_r($this, TRUE));
}
LogFatal("Error running query.");
}
}
function ErrorHandler($errno, $errstr, $errfile, $errline, $errcontext)
{
LogError(debug_backtrace());
/*
echo 'Into '.__FUNCTION__.'() at line '.__LINE__.
"\n\n---ERRNO---\n". print_r( $errno, true).
"\n\n---ERRSTR---\n". print_r( $errstr, true).
"\n\n---ERRFILE---\n". print_r( $errfile, true).
"\n\n---ERRLINE---\n". print_r( $errline, true).
"\n\n---ERRCONTEXT---\n".print_r( $errcontext, true).
"\n\nBacktrace of errorHandler()\n".
print_r( debug_backtrace(), true);
*/
return true;
}
function encryptData($text, $key, $compress = true)
{
if (!function_exists('mcrypt_get_iv_size')) {
MSGError("Encryption error -- mcrypt not installed -- contact an admin (" . getFunctionName() . ")");
LogError("Encryption error -- mcrypt not installed -- contact an admin (" . getFunctionName() . ")");
return "";
}
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$key = myhash($key . "123456789012345678901234567890");
// . myhash($key);
$grade = '##';
if ($compress) {
$text = zipstr($text);
$grade = '@#';
}
$crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, substr(pack("H*", $key), 0, 32), $text . myshorthash($text) . $grade, MCRYPT_MODE_CBC, $iv);
return base64_encode($crypttext . $iv);
}
/**
* Log an error message.
* @param string $message The message.
*/
function error($message)
{
LogError($message, $this);
}
$sql .= "WHERE plPlayerID = {$admin_player_id}";
//Run UPDATE query
if (ba_db_query($link, $sql)) {
//Query should affect exactly one row. Log a warning if it affected more
if (ba_db_affected_rows($link) > 1) {
LogWarning("More than one row updated during admin OOC update (admin_edit_ooc.php). Player ID: {$admin_player_id}");
}
//Do not redirect if there are any warnings (required fields not filled in, etc)
if ($sWarn == '') {
//Make up URL & redirect
$sURL = fnSystemURL() . "admin_viewdetails.php?pid={$admin_player_id}&green=" . urlencode("OOC details updated");
header("Location: {$sURL}");
}
} else {
$sWarn = "There was a problem updating the OOC details";
LogError("Error updating OOC information (admin_edit_ooc.php). Player ID: {$admin_player_id}");
}
}
//Get existing details if there are any
$sql = "SELECT plFirstName, " . "plSurname, " . "AES_DECRYPT(pleAddress1, '{$key}') AS dAddress1, " . "AES_DECRYPT(pleAddress2, '{$key}') AS dAddress2, " . "AES_DECRYPT(pleAddress3, '{$key}') AS dAddress3, " . "AES_DECRYPT(pleAddress4, '{$key}') AS dAddress4, " . "AES_DECRYPT(plePostcode, '{$key}') AS dPostcode, " . "AES_DECRYPT(pleTelephone, '{$key}') AS dTelephone, " . "AES_DECRYPT(pleMobile, '{$key}') AS dMobile, " . "plEmail, " . "plDOB, " . "AES_DECRYPT(pleMedicalInfo, '{$key}') AS dMedicalInfo, " . "plEmergencyName, " . "AES_DECRYPT(pleEmergencyNumber, '{$key}') AS dEmergencyNumber, " . "plEmergencyRelationship, " . "plCarRegistration, " . "plDietary, " . "plNotes, " . "plAdminNotes, " . "plEventPackByPost, " . "plRefNumber, " . "plMarshal " . "FROM {$db_prefix}players WHERE plPlayerID = {$admin_player_id}";
$result = ba_db_query($link, $sql);
$playerrow = ba_db_fetch_assoc($result);
include '../inc/inc_head_html.php';
include '../inc/inc_js_forms.php';
?>
<h1><?php
echo TITLE;
?>
- Admin OOC Edit</h1>
function error($msg)
{
LogError($msg);
}
function DBGetFullProblemData($contestnumber, $freeproblems = false)
{
$c = DBConnect();
DBExec($c, "begin work", "GetFullProblemData");
$r = DBExec($c, "select p.problemnumber as number, p.problemname as name, p.problemfullname as fullname, " . "p.problembasefilename as basefilename, p.fake as fake, " . "p.problemcolor as color, p.problemcolorname as colorname, " . "p.probleminputfilename as inputfilename, p.probleminputfile as inputoid, p.probleminputfilehash as inputhash " . " from problemtable as p " . "where p.contestnumber={$contestnumber} order by p.problemnumber", "DBGetFullProblemData(get problem)");
// and p.problemfullname !~ '(DEL)'
$n = DBnlines($r);
if ($n == 0) {
LOGLevel("No problems defined in the database ({$contestnumber})", 1);
}
$cf = globalconf();
$a = array();
$ds = DIRECTORY_SEPARATOR;
if ($ds == "") {
$ds = "/";
}
for ($i = 0; $i < $n; $i++) {
$a[$i] = array_merge(array(), DBRow($r, $i));
if (strpos($a[$i]['fullname'], '(DEL)') !== false) {
continue;
}
$nn = $a[$i]['number'];
$ptmp = $_SESSION["locr"] . $ds . "private" . $ds . "problemtmp" . $ds . "contest" . $contestnumber . "-problem" . $nn;
$ck = myshorthash('');
if (is_readable($ptmp . ".hash")) {
$ck = trim(file_get_contents($ptmp . ".hash"));
}
if ($ck != $a[$i]['inputhash']) {
@unlink($ptmp . ".name");
@unlink($ptmp . ".hash");
$a[$i]['basefilename'] = '';
$a[$i]['descfilename'] = '';
$a[$i]['fullname'] = '';
}
if ($freeproblems && $a[$i]['fake'] != 't') {
if (is_readable($ptmp . ".name")) {
$a[$i]['descfilename'] = trim(file_get_contents($ptmp . ".name"));
if ($a[$i]['descfilename'] != '') {
$a[$i]['descoid'] = -1;
}
} else {
@unlink($ptmp . ".name");
@unlink($ptmp . ".hash");
$randnum = session_id() . "_" . rand();
$dir = $ptmp . '-' . $randnum;
@mkdir($dir, 0770, true);
$failed = 0;
if (($ret = DB_lo_export($contestnumber, $c, $a[$i]["inputoid"], $dir . $ds . "tmp.zip")) === false) {
LogError("FreeProblems: Unable to read problem package from database (problem={$nn}, contest={$contestnumber})");
$failed = 1;
}
if (!$failed) {
$zip = new ZipArchive();
if ($zip->open($dir . $ds . "tmp.zip") === true) {
$zip->extractTo($dir);
$zip->close();
if (($info = @parse_ini_file($dir . $ds . "description" . $ds . 'problem.info')) === false) {
$failed = 2;
}
if (!$failed) {
$descfile = '';
if (isset($info['descfile'])) {
$descfile = trim(sanitizeText($info['descfile']));
}
$basename = trim(sanitizeText($info['basename']));
$fullname = trim(sanitizeText($info['fullname']));
if ($basename == '' || $fullname == '') {
$failed = 3;
}
}
} else {
$failed = 4;
}
if (!$failed) {
@mkdir($ptmp);
if ($descfile != '') {
if (file_put_contents($ptmp . $ds . $descfile, encryptData(file_get_contents($dir . $ds . "description" . $ds . $descfile), $cf['key']), LOCK_EX) === FALSE) {
$failed = 5;
}
if (!$failed) {
file_put_contents($ptmp . ".name", $ptmp . $ds . $descfile);
file_put_contents($ptmp . ".hash", $a[$i]['inputhash']);
if (is_readable($ptmp . ".name")) {
$a[$i]['descfilename'] = trim(file_get_contents($ptmp . ".name"));
if ($a[$i]['descfilename'] != '') {
$a[$i]['descoid'] = -1;
}
}
}
} else {
@unlink($ptmp . ".name");
@unlink($ptmp . ".hash");
}
if (!$failed) {
DBExec($c, "update problemtable set problemfullname='{$fullname}', problembasefilename='{$basename}' where problemnumber={$nn} and contestnumber={$contestnumber}", "DBGetFullProblemData(free problem)");
$a[$i]['basefilename'] = $basename;
$a[$i]['fullname'] = $fullname;
}
}
}
if ($failed) {
$a[$i]['basefilename'] = '';
$a[$i]['descfilename'] = '';
@unlink($ptmp . ".name");
@unlink($ptmp . ".hash");
DBExec($c, "update problemtable set problemfullname='', problembasefilename='' where problemnumber={$nn} and contestnumber={$contestnumber}", "DBGetFullProblemData(unfree problem)");
if ($failed != 4) {
LogError("Failed to unzip problem package (failcode={$failed}, problem={$nn}, contest={$contestnumber})");
if ($failed == 1) {
$a[$i]['fullname'] = '(ERROR READING FROM DATABASE, OR DIRECTORY PERMISSION PROBLEM)';
} else {
$a[$i]['fullname'] = '(PROBLEM PACKAGE SEEMS INVALID)';
}
} else {
if ($ret == 1) {
$a[$i]['fullname'] = '(PROBABLY ENCRYPTED FILE)';
}
if ($ret == 2) {
$a[$i]['fullname'] = '(FILE IS NOT A ZIP)';
}
}
}
cleardir($dir, false, true);
}
}
}
DBExec($c, "commit", "GetFullProblemData");
return $a;
}
function WriteFragment($download, &$opt)
{
$this->frags[$download['id']] = $download;
$available = count($this->frags);
for ($i = 0; $i < $available; $i++) {
if (isset($this->frags[$this->lastFrag + 1])) {
$frag = $this->frags[$this->lastFrag + 1];
if ($frag['response'] !== false) {
LogDebug("Writing fragment " . $frag['id'] . " to flv file");
if (!isset($opt['file'])) {
$opt['debug'] = false;
if ($this->play) {
$outFile = STDOUT;
} else {
if ($this->outFile) {
if ($opt['filesize']) {
$outFile = JoinUrl($this->outDir, $this->outFile . '-' . $this->fileCount++ . ".flv");
} else {
$outFile = JoinUrl($this->outDir, $this->outFile . ".flv");
}
} else {
if ($opt['filesize']) {
$outFile = JoinUrl($this->outDir, $this->baseFilename . '-' . $this->fileCount++ . ".flv");
} else {
$outFile = JoinUrl($this->outDir, $this->baseFilename . ".flv");
}
}
}
$this->InitDecoder();
$this->DecodeFragment($frag['response'], $frag['id'], $opt);
$opt['file'] = WriteFlvFile($outFile, $this->audio, $this->video);
if ($this->metadata) {
WriteMetadata($this, $opt['file']);
}
$opt['debug'] = $this->debug;
$this->InitDecoder();
}
$flvData = $this->DecodeFragment($frag['response'], $frag['id'], $opt);
if (strlen($flvData)) {
$status = fwrite($opt['file'], $flvData, strlen($flvData));
if (!$status) {
LogError("Failed to write flv data");
}
if (!$this->play) {
$this->filesize = ftell($opt['file']) / (1024 * 1024);
}
}
$this->lastFrag = $frag['id'];
} else {
$this->lastFrag += 1;
LogDebug("Skipping failed fragment " . $this->lastFrag);
}
unset($this->frags[$this->lastFrag]);
} else {
break;
}
if ($opt['tDuration'] and $opt['duration'] + $this->duration >= $opt['tDuration']) {
LogInfo("");
LogInfo($opt['duration'] + $this->duration . " seconds of content has been recorded successfully.", true);
return STOP_PROCESSING;
}
if ($opt['filesize'] and $this->filesize >= $opt['filesize']) {
$this->filesize = 0;
$opt['duration'] += $this->duration;
fclose($opt['file']);
unset($opt['file']);
}
}
if (!count($this->frags)) {
unset($this->frags);
}
return true;
}
$sql_select = "SELECT plFirstName, plSurname, plEmail FROM {$db_prefix}players WHERE plPlayerID = " . $item_number;
$result = ba_db_query($link, $sql_select);
$row = ba_db_fetch_assoc($result);
//Send e-mail
$sBody = "Your payment for the upcoming event has been received.\n";
if (PAYPAL_AUTO_MARK_PAID) {
$sBody .= "You are now fully booked.\n\n";
} else {
$sBody .= "You will be fully booked once your booking has been confirmed by a system administrator.\n\n";
}
$sBody .= "Thank you.\n\n";
$sBody .= "Player ID: " . PID_PREFIX . sprintf('%03s', $iPlayerID) . "\n";
$sBody .= "OOC Name: " . $row['plFirstName'] . " " . $row['plSurname'];
if ($bEmailPaymentReceived) {
mail($row['plEmail'], SYSTEM_NAME . ' - payment received', $sBody, "From:" . SYSTEM_NAME . " <" . EVENT_CONTACT_MAIL . ">");
}
//Clear any payment requests for this booking
$sql = "delete from {$db_prefix}paymentrequests where prBookingID = " . $custom;
$result = ba_db_query($link, $sql);
}
} else {
if (strcmp($res, "INVALID") == 0) {
// log for manual investigation
LogError("There was a problem with PayPal payment - PayPal returned 'INVALID' when verifying payment.\n" . "Item name; '{$item_name}'");
fnMailer("There was a problem with PayPal payment - PayPal returned 'INVALID' when verifying payment." . "Payment will have to be manually processed.\n" . "Item name; '{$item_name}'", True);
}
}
}
fclose($fp);
}
include 'inc/inc_foot.php';
function ForwardData(&$pcGPS, $ExtraModuleData)
{
//In this function we extract and forward the information we want from the
//module data.
//Notice @ usage in this function to avoid HTML error/warning output
//because any text output will be sent to the module that called the script
//and will not appear on screen in a browser.
//Do *NOT* abort the script or generate output
//(e.g. exit/die/echo/print/PHP-errors/...) because then the module will
//not receive a proper response.
//Also do *NOT* make the module wait too long either for a response,
//because that too will make it time-out waiting and will retry sending the
//same data (possibly over and over) again.
//Assuming that you only want to forward position information from the
//module, you need check the Switch value (CGPS:GetSwitch() function) to
//determine if the received data actually contains position information.
//In this example we simply use the CanGet...() functions of the CGPS class
//to determine which information is available.
//Then we forward the extracted data if available or the text that you put
//in the $NotAvailable variable below instead.
$NotAvailable = "";
//### NOTE/CHANGE ### An empty string should be sufficient, but can be anything that the receiving side likes.
global $ForwardHost, $ForwardScript, $ForwardPort, $ForwardAcknowledgeResponse;
$ProcessedDataParts = 0;
//Create a variable starting at value 0 that we increase per processed data part
for (; $ProcessedDataParts < $pcGPS->GetDataPartCount(); $ProcessedDataParts++) {
//Select next data part in the class if the module combined multiple transmissions.
if (!$pcGPS->SelectDataPart($ProcessedDataParts) || !$pcGPS->IsValid()) {
LogError($pcGPS->GetLastError() . '. Data string: ' . $pcGPS->GetHttpData());
continue;
}
//Now extract those items from the received module data with the CGPS
//class that you want to forward.
//When the CanGet...() function returns false, the variable is filled
//with "NotAvailable" that you have set above.
//Otherwise, the variable is filled with the result of the same
//Get...() function of the same type.
//See CGPS class API documentation for detailed information about the
//information that is returned by the Get...() functions that are used
//above.
//You might see functions that return information that you want to
//forward too.
//This can be easily done by adding some extra items to the extraction
//part below.
$Imei = $pcGPS->GetImei();
//Unique serial number which you can use to identify the module.
$DateTime = $pcGPS->GetUtcTimeMySQL();
//UTC date/time as yyyymmddhhmmss text.
$Switch = $pcGPS->GetSwitch();
//The Switch value that tells which info is available.
$Latitude = $pcGPS->CanGetLatLong() ? $pcGPS->GetLatitudeFloat() : $NotAvailable;
//Latitude position as floating point coordinate.
$Longitude = $pcGPS->CanGetLatLong() ? $pcGPS->GetLongitudeFloat() : $NotAvailable;
//Longitude position as floating point coordinate.
$Heading = $pcGPS->CanGetHeading() ? $pcGPS->GetHeading() : $NotAvailable;
//Heading direction in degrees.
$Speed = $pcGPS->CanGetSpeed() ? $pcGPS->GetSpeedKPH() : $NotAvailable;
//Speed in kilometers per hour.
$IO = $pcGPS->CanGetIO() ? $pcGPS->GetIO() : $NotAvailable;
//Status of the digital IO lines.
//When needed, the module includes extra data with a transmission.
//This example already forwards this extra module data together with
//your preferred extractions above via an HTTP POST below.
//But if the receiver of the forwarded data does not support HTTP POST
//or you need something dedicated, you could save this extra module
//data to a disk file and forward the name of that file instead.
//Here is an example that shows you how to write the extra module data
//that are JPEG photos to disk.
/***** Begin of example to save extra module data directly to a file *****
$JpegPhoto=$NotAvailable; //Same system as used above.
if(($pcGPS->GetSwitch()==SV_Photo) || ($pcGPS->GetSwitch()==SV_PhotoGps)) //SV_Photo or SV_PhotoGps type Switch?
{
//Received JPEG picture data as extra module data, so create disk file name "<Module IMEI number> <Date/Time>.jpg" and write the extra module data in it.
$FileName=$pcGPS->GetImei()." ".$pcGPS->GetUtcTimeMySQL().".jpg"; //Construct the file name.
if($hFile=@fopen($FileName, 'wb')) //Create a new file with this name.
{
if(@fwrite($hFile, $ExtraModuleData)==strlen($ExtraModuleData)) //Write extra module data into the created file.
$JpegPhoto=$FileName; //Success, so change "NotAvailable" into the disk file name.
else LogError("Error writing to picture file '$FileName' (are server settings properly set to allow this script to write to files?)");
@fclose($hFile); //Close the file.
} else LogError("Error creating picture file '$FileName' (are server settings properly set to allow this script to create files?)");
}
***** End of example to save extra module data directly to a file *****/
//Now we combine all module data extracted above together in a HTTP URL
//compatible way.
//The variable $HttpData will be filled with something like:
// "Imei=123456789012345&DateTime=...&Switch=...&Latitude=........."
//Even the original module data string is included in this example as
//"Data=...", so you can store it too.
//If you later decide that you need extra info from old receptions, you
//still have all the data.
$HttpData = 'Imei=' . urlencode($Imei) . '&DateTime=' . urlencode($DateTime) . '&Switch=' . urlencode($Switch) . '&Latitude=' . urlencode($Latitude) . '&Longitude=' . urlencode($Longitude) . '&Heading=' . urlencode($Heading) . '&Speed=' . urlencode($Speed) . '&IO=' . urlencode($IO) . '&Data=' . $pcGPS->GetHttpData();
//Now forward the extracted information and if extra module data was
//received, include that too.
//On the receiving side, the type of extra data in the HTTP POST
//(if any), can be determined from the Switch value.
//With a Switch value of SV_Photo or SV_PhotoGps for example, the extra
//binary data is a photo in JPEG format.
//Notice the @ usage below to suppress error/warning output in case any
//occurs because the module would receive it.
$Response = '';
//This variable will be filled with the response to the data that we forward
if ($hSocket = @fsockopen($ForwardHost, $ForwardPort, $errno, $errstr, 5)) {
//Construct standard HTTP POST command that contains the binary
//data that we received from the module (e.g. data block or photo)
//and all items that you have put in the $HttpData variable above.
$Post = "POST {$ForwardScript}{$HttpData} HTTP/1.0\r\n" . "Host: {$ForwardHost}:{$ForwardPort}\r\n" . "Content-Type: application/octet-stream\r\n" . "Content-Length: " . strlen($ExtraModuleData) . "\r\n\r\n" . $ExtraModuleData;
if (@fwrite($hSocket, $Post) == strlen($Post)) {
while (!feof($hSocket)) {
$Response .= @fread($hSocket, 1024);
}
//Read full response from the receiver
} else {
LogError("Unable to transmit a full HTTP POST to forward the data. The receiving party allows a connection, but the receiving program/script does not (exist?)");
}
//Write to error log
@fclose($hSocket);
} else {
LogError($errstr);
}
//Write the error about not being able to connect to the error log.
if (!strlen($Response)) {
break;
}
//Stop forwarding data until the module tries to send it again.
//Now check the response from the receiver of the HTTP POST above to
//see if it contains the data that you defined for
//$ForwardAcknowledgeResponse above in its response to signal a
//successful reception.
//This response is expected to be returned immediately, because when
//the combined time for all data parts that are forwarded take too
//long, the module will time-out waiting for his acknowledge too and
//will send a new transmission resending the same data again.
if (strpos($Response, $ForwardAcknowledgeResponse) === false) {
//The response to the forwarded data does not contain the positive
//acknowledge.
//So we stop processing and forwarding further data parts, so
//we don't acknowledge them to the module and that will make it
//resend the same data again.
LogError('The response that was received in answer to the forwarded data does not contain the expected positive acknowledge string' . PHP_EOL . '--- Forward transmission: ' . $ForwardScript . $HttpData . PHP_EOL . '--- Expected positive acknowledge string: ' . $ForwardAcknowledgeResponse . PHP_EOL . '--- Received response:' . PHP_EOL . $Response);
break;
//break the your processing loop
}
}
return $ProcessedDataParts;
//Return the number processed data parts
}
/**
* Get a configuration object.
* @param mixed $initialConfig The external configuration object or array to
* use for setting up initial values. May be an existing Configuration
* object, in which case no other is constructed.
*/
function &GetConfigurationRef(&$initialConfig)
{
global $GETCONFIGURATION_HELPER;
if (is_a($initialConfig, "AtsumiObject")) {
$chelp = $initialConfig;
} else {
$GETCONFIGURATION_HELPER->setref($initialConfig);
$chelp = $GETCONFIGURATION_HELPER;
}
if ($chelp->has('configuration-class')) {
$configclass = $chelp->get('configuration-class');
} else {
$configclass = 'Configuration';
}
if (!class_exists($configclass)) {
if (IsLogEnabled('ERROR')) {
LogError("Configuration class {$configclass} is not defined:\n" . print_r($initialConfig, TRUE));
}
LogFatal("Invalid configuration");
$rv = FALSE;
return $rv;
} else {
if (is_a($initialConfig, $configclass)) {
$rv =& $initialConfig;
} elseif (is_a($initialConfig, 'Configuration')) {
$ic =& $initialConfig->get();
$rv = new $configclass($ic);
} else {
$rv = new $configclass($initialConfig);
}
if (!is_a($rv, 'Configuration')) {
if (IsLogEnabled('ERROR')) {
LogError("{$configclass} is not a Configuration subclass:\n" . print_r($initialConfig, TRUE));
}
LogFatal("Invalid configuration");
$rv = FALSE;
}
return $rv;
}
}
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
////////////////////////////////////////////////////////////////////////////////
// Last modified 05/aug/2012 by cassio@ime.usp.br
require 'header.php';
if (($ct = DBContestInfo($_SESSION["usertable"]["contestnumber"])) == null) {
ForceLoad("{$loc}/index.php");
}
if (isset($_GET["delete"]) && is_numeric($_GET["delete"])) {
$param["number"] = $_GET["delete"];
if (!DBDeleteAnswer($_SESSION["usertable"]["contestnumber"], $param)) {
MSGError('Error deleting answer');
LogError('Error deleting answer');
}
ForceLoad("answer.php");
}
if (isset($_POST["Submit3"]) && isset($_POST["answernumber"]) && is_numeric($_POST["answernumber"]) && isset($_POST["answername"]) && $_POST["answername"] != "" && isset($_POST["answeryes"])) {
if ($_POST["confirmation"] == "confirm") {
$param["number"] = $_POST["answernumber"];
$param["name"] = $_POST["answername"];
$param["yes"] = $_POST["answeryes"];
DBNewAnswer($_SESSION["usertable"]["contestnumber"], $param);
}
ForceLoad("answer.php");
}
?>
<br>
<script language="javascript">
/**
* Remove an object.
* @param ChunsuObject $removeme The object to remove.
* @param DataSource $source The data source to remove the object from.
* @return bool TRUE is successful, FALSE otherwise.
*/
function remove(&$removeme, $source)
{
parent::remove($removeme, $source);
$gen = new SQLGenerator($removeme->getCore());
$removequeries = $gen->delete($this->config);
foreach ($removequeries as $rq) {
$cursor =& $source->query($rq);
$rv = $cursor->getNext();
if (!$rv) {
LogError("remove query failed! removing " . print_r($removeme, TRUE));
return FALSE;
}
}
$rv = $cursor->getNext();
if (!$rv) {
LogError("Remove failed! Removing " . print_r($removeme, TRUE));
return FALSE;
}
if ($rows = $cursor->get('affected-rows') > 1) {
LogWarning("{$rows} records deleted removing " . print_r($removeme, TRUE));
}
$removeme->is_new = $removeme->config->get('create-on-save');
return TRUE;
}
//ba_db_query ($link, $sql);
//Send e-mail
$sBody = "Your OOC details have been entered at " . SYSTEM_NAME . ".\n\n" . "Player ID: " . PID_PREFIX . sprintf('%03s', $PLAYER_ID) . "\n" . "OOC Name: " . $_POST['txtFirstName'] . " " . $_POST['txtSurname'] . "\n\n" . fnSystemURL();
if ($bEmailOOCChange) {
$sql = "Select plEmail FROM {$db_prefix}players WHERE plPlayerID = {$PLAYER_ID}";
$result = ba_db_query($link, $sql);
$playerrow = ba_db_fetch_assoc($result);
mail($playerrow['plEmail'], SYSTEM_NAME . ' - OOC details', $sBody, "From:" . SYSTEM_NAME . " <" . EVENT_CONTACT_MAIL . ">");
}
//Make up URL & redirect to index.php with message
$sURL = fnSystemURL() . 'start.php?green=' . urlencode('Your OOC details have been updated');
header("Location: {$sURL}");
}
} else {
$sWarn = "There was a problem updating your OOC details";
LogError("Error updating OOC information. Player ID: {$PLAYER_ID}\nSQL: {$sql}");
}
}
//Get existing details if there are any
$sql = "SELECT plFirstName, " . "plSurname, " . "AES_DECRYPT(pleAddress1, '{$key}') AS dAddress1, " . "AES_DECRYPT(pleAddress2, '{$key}') AS dAddress2, " . "AES_DECRYPT(pleAddress3, '{$key}') AS dAddress3, " . "AES_DECRYPT(pleAddress4, '{$key}') AS dAddress4, " . "AES_DECRYPT(plePostcode, '{$key}') AS dPostcode, " . "AES_DECRYPT(pleTelephone, '{$key}') AS dTelephone, " . "AES_DECRYPT(pleMobile, '{$key}') AS dMobile, " . "plEmail, " . "plDOB, " . "AES_DECRYPT(pleMedicalInfo, '{$key}') AS dMedicalInfo, " . "plEmergencyName, " . "AES_DECRYPT(pleEmergencyNumber, '{$key}') AS dEmergencyNumber, " . "plEmergencyRelationship, " . "plCarRegistration, " . "plDietary, " . "plEventPackByPost, " . "plRefNumber, " . "plMarshal, ";
//if (AUTO_ASSIGN_BUNKS == False)
// $sql .= "plBunkRequested, ";
$sql .= "plNotes " . "FROM {$db_prefix}players WHERE plPlayerID = {$PLAYER_ID}";
$result = ba_db_query($link, $sql);
$playerrow = ba_db_fetch_assoc($result);
include 'inc/inc_head_html.php';
include 'inc/inc_js_forms.php';
?>
<h1><?php
echo TITLE;
}
//Deals with whether this is a queued booking or not
$pid = $PLAYER_ID;
$queuebooking = 0;
$dbprefix = DB_PREFIX;
if (USE_QUEUE > 0) {
$sql = "SELECT chFaction, plBookAs FROM {$dbprefix}characters, {$dbprefix}players WHERE plPlayerID = {$pid} AND chPlayerID = {$pid}";
$result = ba_db_query($link, $sql);
$row = ba_db_fetch_assoc($result);
if ($row['plBookAs'] == 'Player' && $row['chFaction'] != DEFAULT_FACTION) {
$queuebooking = 1;
}
}
$sql = "UPDATE {$db_prefix}bookings SET bkInQueue = {$queuebooking} WHERE bkPlayerID = {$pid}";
if (!ba_db_query($link, $sql)) {
LogError("Error updating queue type of booking.\nPlayer ID: {$PLAYER_ID}");
}
//Get user's e-mail address
$result = ba_db_query($link, "SELECT plFirstName, plSurname, plEmail FROM {$db_prefix}players WHERE plPlayerID = {$PLAYER_ID}");
$row = ba_db_fetch_assoc($result);
$email = $row['plEmail'];
//Set up e-mail body
$sBody = "Your IC details have been confirmed at " . SYSTEM_NAME . ". " . "Both IC and OOC details must be confirmed before you can finalise your booking.\n\n" . "Player ID: " . PID_PREFIX . sprintf('%03s', $PLAYER_ID) . "\n" . "OOC Name: " . $row['plFirstName'] . " " . $row['plSurname'] . "\n\n" . fnSystemURL();
//Send e-mail
if ($bEmailICChange) {
mail($email, SYSTEM_NAME . ' - IC details', $sBody, "From:" . SYSTEM_NAME . " <" . EVENT_CONTACT_MAIL . ">");
}
//Make up URL & redirect
$sURL = fnSystemURL() . 'start.php?green=' . urlencode('Your IC details have been confirmed');
header("Location: {$sURL}");
}
/**
* メールを直送信
*
* @return bool 成功 or 失敗
*/
public function sendMailDirect()
{
// 埋め込みタグ変換:定型文の埋め込みタグを変換して、メール生文にする
$this->mailAssignTag->assignTagReplace();
$this->body = $this->mailAssignTag->fixedPhraseBody;
$this->subject = $this->mailAssignTag->fixedPhraseSubject;
if ($this->body == '') {
$logMessage = 'Mail body is empty.';
LogError($logMessage . ' [' . __METHOD__ . '] ' . __FILE__ . ' (line ' . __LINE__ . ')');
return false;
}
// メール本文の共通ヘッダー文、署名追加
$this->body = $this->mailAssignTag->addHeaderAndSignature($this->body);
// 改行対応
$this->brReplace();
parent::subject($this->subject);
$messages = parent::send($this->body);
return $messages;
}
function HandleError($message)
{
echo "ERROR:" . $message;
LogError("ERROR: " . $message);
}
require '../inc/inc_root.php';
include '../inc/inc_head_html.php';
$db_prefix = DB_PREFIX;
if ($_GET['action'] != '' && CheckReferrer('root_admins.php')) {
if ($_GET['action'] == 'revoke') {
$sAccess = '';
} elseif ($_GET['action'] == 'add') {
$sAccess = 'admin';
}
//Cast the player ID to an integer, since it should be an integer anyway
$id = (int) $_GET['id'];
$sql = "UPDATE {$db_prefix}players SET plAccess = '{$sAccess}' WHERE plPlayerID = {$id}";
//LogWarn ($sql);
if (ba_db_query($link, $sql) == False) {
$sWarn = "Error making user (ID {$id}) an administrator";
LogError($sWarn);
}
}
?>
<script src="../inc/sorttable.js" type="text/javascript"></script>
<h1><?php
echo TITLE;
?>
- Administrators</h1>
<p>
<a href = 'admin.php'>Admin</a>
</p>
<?php
function ValidateTeam($Team, $Levels)
{
// Получаем список записей результатов из TeamLevels
foreach ($Levels['level_id'] as $n => $level_id) {
$sql = "select * from TeamLevels where level_id = {$level_id} and team_id = {$Team['team_id']} and teamlevel_hide = 0";
$Result = MySqlQuery($sql);
if (mysql_num_rows($Result) > 1) {
die('Несколько записей на один этап для команды ' . $Team['team_id']);
}
$Row = mysql_fetch_assoc($Result);
if ($Row) {
$TeamLevels[$n] = $Row;
}
mysql_free_result($Result);
}
// Проверяем все этапы, о которых есть записи в таблицах
$team_result = 0;
$team_progress = 0;
$finished = 1;
if (isset($TeamLevels)) {
foreach ($TeamLevels as $n => $teamlevel) {
$begtime = strtotime($teamlevel['teamlevel_begtime']);
$endtime = strtotime($teamlevel['teamlevel_endtime']);
// проверяем абсолютную корректность времени старта и финиша
if ($begtime && ($begtime < $Levels['level_begtime'][$n] || $begtime > $Levels['level_maxbegtime'][$n])) {
return LogError($teamlevel['teamlevel_id'], 1);
}
if (!$begtime && $Levels['level_starttype'][$n] == 1) {
return LogError($teamlevel['teamlevel_id'], 2);
}
if ($begtime && ($Levels['level_starttype'][$n] == 2 || $Levels['level_starttype'][$n] == 3)) {
return LogError($teamlevel['teamlevel_id'], 3);
}
if ($endtime && ($endtime < $Levels['level_minendtime'][$n] || $endtime > $Levels['level_endtime'][$n])) {
return LogError($teamlevel['teamlevel_id'], 4);
}
// вычисляем время старта, если он общий или в момент финиша на пред.этапе
if ($Levels['level_starttype'][$n] == 2) {
$begtime = $Levels['level_begtime'][$n];
}
if ($Levels['level_starttype'][$n] == 3 && isset($TeamLevels[$n - 1])) {
$begtime = strtotime($TeamLevels[$n - 1]['teamlevel_endtime']);
}
// сравниваем время старта и финиша
if ($begtime && $endtime && $begtime >= $endtime) {
return LogError($teamlevel['teamlevel_id'], 5);
}
if ($begtime && $endtime && $endtime - $begtime < 3 * 3600) {
return LogError($teamlevel['teamlevel_id'], -1);
}
/* if ($begtime && $endtime && (($endtime - $begtime) > 23*3600)) return(LogError($teamlevel['teamlevel_id'], -2)); */
// проверяем корректность прогресса на дистанции
if ($teamlevel['teamlevel_begtime'] && $teamlevel['teamlevel_progress'] == 0) {
return LogError($teamlevel['teamlevel_id'], 6);
}
if ($endtime && $teamlevel['teamlevel_progress'] != 2) {
return LogError($teamlevel['teamlevel_id'], 7);
}
if (!$endtime && $teamlevel['teamlevel_progress'] == 2) {
return LogError($teamlevel['teamlevel_id'], 8);
}
// проверяем наличие времени финиша и списка КП у финишировавшей команды
if ($teamlevel['teamlevel_endtime'] == "" && !(strpos($teamlevel['teamlevel_points'], "1") === false)) {
return LogError($teamlevel['teamlevel_id'], 12);
}
if ($teamlevel['teamlevel_endtime'] != "" && $teamlevel['teamlevel_points'] == "") {
return LogError($teamlevel['teamlevel_id'], 13);
}
// проверяем длину списка КП и пересчитываем штраф
$level_pointpenalties = explode(',', $Levels['level_pointpenalties'][$n]);
$level_discountpoints = explode(',', $Levels['level_discountpoints'][$n]);
if ($teamlevel['teamlevel_points'] == "") {
unset($teamlevel_points);
foreach ($level_pointpenalties as $penalty) {
$teamlevel_points[] = "0";
}
} else {
$teamlevel_points = explode(',', $teamlevel['teamlevel_points']);
}
if (count($teamlevel_points) != count($level_pointpenalties)) {
return LogError($teamlevel['teamlevel_id'], 9);
}
$teamlevel_penalty = 0;
$teamlevel_selectpenalty = 0;
foreach ($teamlevel_points as $npoint => $point) {
if (empty($level_pointpenalties[$npoint])) {
$NowLevelPointPenalty = 0;
} else {
$NowLevelPointPenalty = (int) $level_pointpenalties[$npoint];
}
if ($point == "0" && $NowLevelPointPenalty > 0 || $point == "1" && $NowLevelPointPenalty < 0) {
if (!empty($level_discountpoints[$npoint])) {
$teamlevel_selectpenalty += $NowLevelPointPenalty;
} else {
$teamlevel_penalty += $NowLevelPointPenalty;
}
}
}
if ($Levels['level_discount'][$n]) {
$teamlevel_selectpenalty -= $Levels['level_discount'][$n];
if ($teamlevel_selectpenalty < 0) {
$teamlevel_selectpenalty = 0;
}
}
$teamlevel_penalty += $teamlevel_selectpenalty;
if ($teamlevel_penalty != $teamlevel['teamlevel_penalty']) {
return LogError($teamlevel['teamlevel_id'], 10);
}
// пока считаем, что ошибок на этапе нет
LogError($teamlevel['teamlevel_id'], 0);
// добавляем результаты этапа к общему результату
if ($begtime && $endtime) {
$team_result += ($endtime - $begtime) / 60;
}
$team_result += $teamlevel_penalty;
$team_progress += (int) $teamlevel['teamlevel_progress'];
if ($teamlevel['teamlevel_progress'] != 2) {
$finished = 0;
}
}
}
// Считаем, что на отсутствующие в базе записи о прохождении этапов команда не выходила
foreach ($Levels['level_id'] as $n => $level_id) {
if (!isset($TeamLevels[$n])) {
$TeamLevels[$n]['teamlevel_progress'] = 0;
$finished = 0;
}
}
// Смотрим, чтобы после схода команда опять не появлялась на дистанции
foreach ($TeamLevels as $n => $teamlevel) {
if ($n > 1) {
if ($teamlevel['teamlevel_progress'] > $TeamLevels[$n - 1]['teamlevel_progress']) {
return LogError($teamlevel['teamlevel_id'], 11);
}
if ($teamlevel['teamlevel_progress'] == 1 && $TeamLevels[$n - 1]['teamlevel_progress'] == 1) {
return LogError($teamlevel['teamlevel_id'], 11);
}
}
}
// Сверяем итоговые прогресс и результат команды
if (!$finished) {
$team_result = "";
} else {
$team_result = sprintf("%d:%02d:00", $team_result / 60, $team_result % 60);
}
if ($team_result != $Team['team_result']) {
echo "Ошибка подсчета итогового времени у команды {$Team['team_id']}: правильное={$team_result}, в базе={$Team['team_result']}<br/>";
}
if ($team_progress != $Team['team_progress']) {
echo "Ошибка подсчета степени продвижения по дистанции у команды {$Team['team_id']}: правильное={$team_result}, в базе={$Team['team_result']}<br/>";
}
// Ошибок в результатах команды не обнаружено
return 0;
}
$updateQuery .= "cnEVENT_CONTACT_NAME = '" . ba_db_real_escape_string($link, $_POST['txtEVENT_CONTACT_NAME']) . "', ";
$updateQuery .= "cnEVENT_CONTACT_MAIL = '" . ba_db_real_escape_string($link, $_POST['txtEVENT_CONTACT_MAIL']) . "', ";
$updateQuery .= "cnTECH_CONTACT_NAME = '" . ba_db_real_escape_string($link, $_POST['txtTECH_CONTACT_NAME']) . "', ";
$updateQuery .= "cnTECH_CONTACT_MAIL = '" . ba_db_real_escape_string($link, $_POST['txtTECH_CONTACT_MAIL']) . "', ";
$updateQuery .= "cnTITLE = '" . ba_db_real_escape_string($link, $_POST['txtTITLE']) . "', ";
$updateQuery .= "cnSYSTEM_NAME = '" . ba_db_real_escape_string($link, $_POST['txtSYSTEM_NAME']) . "', ";
$updateQuery .= "cnMIN_PASS_LEN = " . ba_db_real_escape_string($link, (int) $_POST['txtMIN_PASS_LEN']) . ", ";
$updateQuery .= "cnSEND_PASSWORD = "******"SELECT plEmail FROM {$db_prefix}players WHERE plPlayerID = " . ROOT_USER_ID;
$result = ba_db_query($link, $sql);
$row = ba_db_fetch_assoc($result);
$root_email = $row['plEmail'];
if (!ba_db_query($link, $updateQuery)) {
$sWarn = "There was a problem updating the config details";
LogError("There was a problem updating the config details. Admin ID: {$PLAYER_ID}");
//E-mail root
$subject = SYSTEM_NAME . " - Error updating config details";
$body = "Someone tried to change the config details, but an error was encountered. See the log for more details";
mail($root_email, $subject, $body, "From:" . SYSTEM_NAME . " <" . EVENT_CONTACT_MAIL . ">");
} else {
$sMessage = "The config settings have been successfully updated.";
//E-mail root
$subject = SYSTEM_NAME . " - Config details updated";
$body = "The config details have been changed";
mail($root_email, $subject, $body, "From:" . SYSTEM_NAME . " <" . EVENT_CONTACT_MAIL . ">");
}
} elseif ($_POST['btnSubmit'] != '' && $_POST['txtKey'] != CRYPT_KEY) {
$sWarn = "The value given for CRYPT_KEY was wrong. Settings not updated";
}
//Get config information from database
if ($UseOldSalt == 1) {
$sPass = sha1($_POST['txtPassword'] . PW_SALT);
$sql = "UPDATE {$db_prefix}players SET plPassword = '******', plOldSalt = 0 " . "WHERE plEmail LIKE '" . ba_db_real_escape_string($link, $sEmail) . "'";
if (ba_db_query($link, $sql) == False) {
LogError("Player logged in using old password salt. Unable to update plPassword and plOldSalt.\nSQL:\n{$sql}");
}
}
//Store player ID & login time in cookies
$row = ba_db_fetch_assoc($result);
$sErr = '';
//Get values to store in cookies & sessions table
$iPlayerID = $row['plPlayerID'];
//Record login date
$sql = "UPDATE {$db_prefix}players SET plLastLogin = '******'Y-m-d') . "' WHERE plPlayerID = {$iPlayerID}";
if (ba_db_query($link, $sql) == False) {
LogError("Unable to record login date for user ID {$iPlayerID}.\nSQL:\n{$sql}");
}
//Random string is appended to login time (down to microsecond), then combined string is hashed.
//Hash is stored in sessions table and in cookie
$sLoginTime = sha1(microtime() . RandomString(10, 20));
$iLastAccess = time();
//Set cookies
if (setcookie('BA_PlayerID', $iPlayerID) === False) {
$sErr = "<br>\nYou must have cookies enabled to login";
}
if (setcookie('BA_LoginTime', $sLoginTime) === False) {
$sErr = "<br>\nYou must have cookies enabled to login";
}
if ($sErr == '') {
//Cookies set OK. Reset login counter
$sql = "UPDATE {$db_prefix}players SET plLoginCounter = 0 WHERE plPlayerID = {$iPlayerID}";
/**
* test LogError()
*
* @return void
*/
public function testLogError()
{
@unlink(LOGS . 'error.log');
// disable stderr output for this test
if (CakeLog::stream('stderr')) {
CakeLog::disable('stderr');
}
LogError('Testing LogError() basic function');
LogError("Testing with\nmulti-line\nstring");
if (CakeLog::stream('stderr')) {
CakeLog::enable('stderr');
}
$result = file_get_contents(LOGS . 'error.log');
$this->assertRegExp('/Error: Testing LogError\\(\\) basic function/', $result);
$this->assertNotRegExp("/Error: Testing with\nmulti-line\nstring/", $result);
$this->assertRegExp('/Error: Testing with multi-line string/', $result);
}
function ItemChildParent( $itemid=0 )
{
global $db;
if ( $itemid == 0 )
{
$items[] = 0;//parent
$items[] = 0;//child
return $items;
}
$query = "select ParentItemID, ItemID from itmParentLink where ( ParentItemID = ".$itemid." || ItemID = ".$itemid." )";
if ( !$result = $db->sql_query( $query ) )
{
LogError( 16147, $query ."<br>".$db->sql_error() );
return 0;
}
if ( $db->sql_numrows( $result ) == 0 )
{
$items[] = 0;//parent
$items[] = 0;//child
}
else
{
$row = $db->sql_fetchrow( $result );
$items[] = $row[ "ParentItemID" ];
$items[] = $row[ "ItemID" ];
}
return $items;
}
//OSPs list: Delete existing rows from ospstaken, then run INSERT queries
$sql = "DELETE FROM {$db_prefix}ospstaken WHERE otPlayerID = {$PLAYER_ID}";
if (!ba_db_query($link, $sql)) {
$sWarn = "There was a problem updating your IC details";
LogError("Error deleting existing OSPs from ospstaken table during update of IC information. Player ID: {$PLAYER_ID}");
} else {
$os = array();
foreach ($_POST as $key => $value) {
if (substr($key, 0, 6) == "hospID") {
$sql = "INSERT INTO {$db_prefix}ospstaken (otPlayerID, otOspID, otAdditionalText) VALUES ({$PLAYER_ID}, '" . ba_db_real_escape_string($link, $value) . "', '" . ba_db_real_escape_string($link, $_POST["ospAdditionalText{$value}"]) . "')";
if ($sql != '' && !in_array($value, $os)) {
$os[] = $value;
//Run the INSERT query
if (!ba_db_query($link, $sql)) {
$sWarn = "There was a problem updating the IC details";
LogError("Error inserting osps taken (ic_form.php). Player ID: {$PLAYER_ID}");
}
}
}
}
}
$sNonCriticalWarn = IC_Check_NonCritical();
$sWarn .= $sNameWarn . $sSkillWarn . $sNonCriticalWarn;
if ($sWarn != '') {
$sWarn = "The following problems were found:<br>\n" . $sWarn;
}
//Do not redirect if there are any warnings (required fields not filled in, etc)
if ($sWarn == '') {
//Get user's e-mail address
$result = ba_db_query($link, "SELECT plFirstName, plSurname, plEmail FROM {$db_prefix}players WHERE plPlayerID = {$PLAYER_ID}");
$row = ba_db_fetch_assoc($result);
/**
* Query the user input. Recognizes this minimal SQL statement form:
*
* select key1,key2,key3,etc
* from assoc_array
* where id_key = value
*
* TODO: Currently does not recognize update, insert, or delete queries
* though a short leap of logic could imagine that update and insert
* queries might thunk HTML output for displaying/editing a persistent
* object. I'm not sure that logic can leap so far as to delete a an
* object from the user.
*
* @param string $query An SQL select statment of the format noted
* above.
* @return Cursor The result of the query, FALSE otherwise (though this
* is unlikely to occur because of the fatal error event when a query
* fails).
*/
function &query($query)
{
if (!($rv =& parent::query($query))) {
$parts = array();
if (eregi("select(.*)from(.*)where(.*)", $query, $parts)) {
$fields = array();
$table = trim($parts[2]);
$where = trim($parts[3]);
$wparts = array();
if (eregi("(.*)=(.*)", $where, $wparts)) {
#LogDebug( $wparts );
$idfield = ExtractFieldAlias($table, $wparts[1]);
$idmatch = trim($wparts[2]);
$tmp = array();
if (ereg("^\\'(.*)\\'\$", $idmatch, $tmp)) {
$idmatch = $tmp[1];
}
} elseif (eregi("(.*) is null", $where, $wparts)) {
$idfield = ExtractFieldAlias($table, $wparts[1]);
$idmatch = NULL;
} else {
LogError("Invalid user input where clause: {$query}");
LogFatal("Invalid user input where clause");
}
$gotid = FALSE;
foreach (split(',', $parts[1]) as $field) {
$alias = ExtractFieldAlias($table, $field);
if ($idfield == $alias) {
$gotid = TRUE;
}
$fields[] = $alias;
}
} else {
LogError("Invalid user input query: {$query}");
LogFatal("Invalid user input query");
}
$rv = array();
if (array_key_exists($table, $_REQUEST) && is_array($tin = $_REQUEST[$table])) {
#LogDebug( "--$idfield--" );
#LogDebug( $tin );
if (array_key_exists($idfield, $tin)) {
if ($rec = ExtractRecordFromRequest($table, $idfield, $idmatch, $fields, $tin)) {
$rv[] = $rec;
}
} else {
foreach ($tin as $trow) {
if ($rec = ExtractRecordFromRequest($table, $idfield, $idmatch, $fields, $trow)) {
$rv[] = $rec;
}
}
}
} else {
if ($rec = ExtractRecordFromRequest($table, $idfield, $idmatch, $fields, $_REQUEST)) {
$rv[] = $rec;
}
}
}
$r = new ArrayCursor(&$rv, &$this);
#LogDebug($r);
return $r;
}
//Query should affect exactly one row. Log a warning if it affected more
if (ba_db_affected_rows($link) > 1) {
LogWarning("More than one row updated during password reset (admin_pw_reset.php). Player ID: {$admin_player_id}");
}
//Get user's e-mail address
$result = ba_db_query($link, "SELECT plEmail FROM {$db_prefix}players WHERE plPlayerID = {$admin_player_id}");
$row = ba_db_fetch_assoc($result);
$sEmail = $row['plEmail'];
if (SEND_PASSWORD) {
//E-mail user with new password
$sBody = "Your password for " . SYSTEM_NAME . " has been changed. " . "Your new details are below:\n\n" . "E-mail: {$sEmail}\nPassword: {$_POST[txtPassword1]}\n" . "Player ID: " . PID_PREFIX . sprintf('%03s', $admin_player_id) . "\n" . "OOC Name: " . $row['plFirstName'] . " " . $row['plSurname'] . "\n\n" . fnSystemURL();
mail($sEmail, SYSTEM_NAME . ' - password change', $sBody, "From:" . SYSTEM_NAME . " <" . EVENT_CONTACT_MAIL . ">");
}
} else {
$sWarn = "There was a problem resetting the password<br>\n";
LogError("Error updating OOC information (admin_pw_reset.php). Player ID: {$admin_player_id}");
}
//Redirect to start page
$sURL = fnSystemURL() . '../start.php?green=' . urlencode('Password has been reset, and account enabled, for player ID ' . PID_PREFIX . sprintf('%03s', $admin_player_id));
if (SEND_PASSWORD) {
$sURL .= '. The new password has been e-mailed to the player';
}
header("Location: {$sURL}");
}
}
include '../inc/inc_head_html.php';
?>
<h1><?php
echo TITLE;
?>
/**
* test LogError()
*
* @access public
* @return void
*/
function testLogError()
{
@unlink(LOGS . 'error.log');
LogError('Testing LogError() basic function');
LogError("Testing with\nmulti-line\nstring");
$result = file_get_contents(LOGS . 'error.log');
$this->assertPattern('/Error: Testing LogError\\(\\) basic function/', $result);
$this->assertNoPattern("/Error: Testing with\nmulti-line\nstring/", $result);
$this->assertPattern('/Error: Testing with multi-line string/', $result);
}
function ba_db_log_error($sErr)
{
$sErr .= "\nFile name: {$_SERVER['SCRIPT_FILENAME']}";
$sErr .= "\nPlayer ID: {$PLAYER_ID}";
LogError($sErr);
}