/**
* takes a bunch of class info and makes sure that it's in the classes & ugroups
* tables in the database.
* @return int The user group ID, either added or fetched from existing row.
*/
function synchronizeClassDB($department, $number, $section, $semester, $year)
{
$class = $department . $number . $section . "-" . $semester . $year;
$ugroup_id = db_get_value("ugroup", "ugroup_id", "ugroup_name='" . addslashes($class) . "'");
$classinfo = db_get_line("class", "\n\t\t\t\tclass_department='" . addslashes($department) . "' AND\n\t\t\t\tclass_number='" . addslashes($number) . "' AND\n\t\t\t\tclass_section='" . addslashes($section) . "' AND\n\t\t\t\tclass_semester='" . addslashes($semester) . "' AND\n\t\t\t\tclass_year='20" . addslashes($year) . "'");
if (!$ugroup_id) {
$query = "\n\t\t\tINSERT INTO\n\t\t\t\tugroup\n\t\t\tSET\n\t\t\t\tugroup_name = '" . addslashes($class) . "',\n\t\t\t\tugroup_type = 'class'\n\t\t";
db_query($query);
$ugroup_id = lastid();
}
if (!$classinfo) {
$query = "\n\t\t\tINSERT INTO\n\t\t\t\tclass\n\t\t\tSET\n\t\t\t\tclass_external_id='" . addslashes($class) . "',\n\t\t\t\tclass_department='" . addslashes($department) . "',\n\t\t\t\tclass_number='" . addslashes($number) . "',\n\t\t\t\tclass_section='" . addslashes($section) . "',\n\t\t\t\tclass_semester='" . addslashes($semester) . "',\n\t\t\t\tclass_year='20" . addslashes($year) . "'',\n\t\t\t\tclass_name='',\n\t\t\t\tFK_owner=NULL,\n\t\t\t\tFK_ugroup='" . addslashes($ugroup_id) . "'\n\t\t";
db_query($query);
}
return $ugroup_id;
}
function serverCopySite($orig, $dest)
{
$sections = decode_array(db_get_value("sites", "sections", "name='{$orig}'"));
$nsections = array();
foreach ($sections as $s) {
$sa = db_get_line("sections", "id={$s}");
$squery = "insert into sections set addedby='" . addslashes($_SESSION['auser']) . "', addedtimestamp=NOW()";
$squery .= ",title='{$sa['title']}', active={$sa['active']}, type='{$sa['type']}', url='{$sa['url']}'";
$pages = decode_array($sa[pages]);
$npages = array();
foreach ($pages as $p) {
$pa = db_get_line("pages", "id={$p}");
$pquery = "insert into pages set addedby='" . addslashes($_SESSION['auser']) . "', addedtimestamp=NOW()";
$pquery .= ",ediscussion=1,archiveby='{$pa['archiveby']}',url='{$pa['url']}',type='{$pa['type']}',title='{$pa['title']}', showcreator={$pa['showcreator']}, showdate={$pa['showdate']}, locked={$pa['locked']}, active={$pa['active']}";
$stories = decode_array($pa[stories]);
$nstories = array();
foreach ($stories as $st) {
$sta = db_get_line("stories", "id={$st}");
$stquery = "insert into stories set addedby='" . addslashes($_SESSION['auser']) . "', addedtimestamp=NOW()";
$stquery .= ",type='{$sta['type']}',texttype='{$sta['texttype']}',category='{$sta['category']}',title='{$sta['title']}', discuss={$sta['discuss']}, discusspermissions='{$sta['discusspermissions']}', shorttext='{$sta['shorttext']}', longertext='{$sta['longertext']}', locked={$sta['locked']}, url='{$sa['url']}'";
db_query($stquery);
// print "$stquery<br />";
$nstories[] = lastid();
}
$stories = encode_array($nstories);
$pquery .= ",stories='{$stories}'";
db_query($pquery);
$npages[] = lastid();
// print "$pquery<br />";
}
$pages = encode_array($npages);
$squery .= ",pages='{$pages}'";
db_query($squery);
$nsections[] = lastid();
// print "$squery<br />";
}
$sections = encode_array($nsections);
$query = "update sites set sections='{$sections}' where name='{$dest}'";
db_query($query);
// print "$query<br />";
}
$user_email = db_get_value("user", "user_email", "user_uname='" . addslashes($user_uname) . "'");
print " " . $user_email . "";
print "</author>\n";
print "\t\t\t<comments>";
print $link . $sectionlink . $pagelink . $storylink;
print "</comments>\n";
$description = $a["discussion_content"];
$description = convertTagsToInteralLinks($_REQUEST[site], $description);
$description = str_replace("\n", "", $description);
$description = str_replace("\r", "", $description);
$description = htmlspecialchars(urldecode($description), ENT_QUOTES, 'utf-8');
print "<description>";
print $description;
print "</description>\n";
//if ($a["FK_media"]) {
$b = db_get_line("media INNER JOIN slot ON media.FK_site=slot.FK_site", "media_id='" . addslashes($a["FK_media"]) . "'");
$filename = $b[media_tag];
$filename = rawurlencode($filename);
if (ereg("\\.mp3\$", $filename)) {
$type = "audio/mpeg";
} else {
$type = "unknown";
}
/* print $filename; */
$dir = $b[slot_name];
$size = $b[media_size];
$fileurl = "{$uploadurl}/{$dir}/{$filename}";
$filepath = "{$uploaddir}/{$dir}/{$filename}";
$filesize = $size;
print "<enclosure url='{$fileurl}' length='{$filesize}' type='{$type}' />\n";
//}
print "</a>";
}
// foreach($editors as $user) {
for ($i = 0; $i < 3; $i++) {
print "<td class='td{$color}' align='center'" . ($i == 0 ? " style='border-left: 2px solid #fff;'" : "") . ">";
print $pa[type] != 'url' && $pp[$user][$i] ? "X" : " ";
print "</td>";
}
// }
print "</tr>";
$color = 1 - $color;
$stories = decode_array($pa['stories']);
$j = 1;
foreach ($stories as $s) {
print "<tr>";
$sa = db_get_line("stories", "id='" . addslashes($s) . "'");
$sp = decode_array($sa[permissions]);
print "<td class='td{$color}' style='padding-left: 40px'>";
/*if ($sa[type]=='story')*/
print "<a href='#' onClick{$nl}='opener.window.location=\"index.php?{$sid}&action=viewsite&site={$site}§ion={$sec}&page={$p}\"'>";
print "{$j}. {$sa['title']}";
/*if ($sa[type]=='story')*/
print "</a>";
// print "<br /><pre>";print_r($sp);print "</pre>";
print "</td>";
// foreach($editors as $user) {
print "<td class='td{$color}' align='center'" . (1 ? " style='border-left: 2px solid #fff;'" : "") . ">n/a</td>";
for ($i = 1; $i < 3; $i++) {
print "<td class='td{$color}' align='center'" . ($i == 0 ? " style='border-left: 2px solid #fff;'" : "") . ">";
print $sa[type] != 'url' && $sp[$user][$i] ? "X" : " ";
print "</td>";
$obj =& new course();
$obj->fetchCourseID($_REQUEST['id']);
$obj->external_id = $_REQUEST['external_id'];
$obj->department = $_REQUEST['department'];
$obj->number = $_REQUEST['number'];
$obj->section = $_REQUEST['section'];
$obj->semester = $_REQUEST['semester'];
$obj->year = $_REQUEST['year'];
$obj->name = $_REQUEST['name'];
$obj->owner = $owner_id;
// $obj->ugroup = $ugroup_id;
// $obj->classgroup = $_REQUEST['classgroup'];
$obj->updateDB();
$query = "\n\t\t\t\tUPDATE\n\t\t\t\t\tugroup\n\t\t\t\tSET\n\t\t\t\t\tugroup_name='" . generateCodeFromData($_REQUEST['department'], $_REQUEST['number'], $_REQUEST['section'], $_REQUEST['semester'], $_REQUEST['year']) . "'\n\t\t\t\tWHERE\n\t\t\t\t\tugroup_id='" . addslashes($obj->ugroup) . "'\n\t\t\t";
db_query($query);
if ($owner_id && !db_get_line("ugroup_user", "FK_user='******' AND FK_ugroup = '" . addslashes($obj->ugroup) . "'")) {
$query = "\n\t\t\t\t\tINSERT INTO\n\t\t\t\t\t\tugroup_user\n\t\t\t\t\tSET\n\t\t\t\t\t\tFK_ugroup = '" . addslashes($obj->ugroup) . "',\n\t\t\t\t\t\tFK_user = '******'\n\t\t\t\t";
db_query($query);
}
$message = "Class '" . generateCodeFromData($_REQUEST['department'], $_REQUEST['number'], $_REQUEST['section'], $_REQUEST['semester'], $_REQUEST['year']) . "' updated successfully.";
unset($_REQUEST['external_id'], $_REQUEST['name'], $_REQUEST['department'], $_REQUEST['number'], $_REQUEST['section'], $_REQUEST['semester'], $_REQUEST['year'], $_REQUEST['owner'], $_REQUEST['ugroup']);
}
}
}
/* if ($curraction == 'resetpw') { */
/* $id = $_REQUEST['id']; */
/* if ($id > 0) { */
/* $obj = &new user(); */
/* $obj->fetchUserID($id); */
/* $obj->randpass(5,3); */
/* $obj->updateDB(); */
<?php
/* $Id$ */
print "<p style='margin: 10px; padding: 5px; font-size: smaller;'>";
$mediaRow = db_get_line("media INNER JOIN slot ON media.FK_site=slot.FK_site", "media_id='" . addslashes($o->getField("longertext")) . "'");
printCitation($mediaRow);
print "</p>";
$st = $o->getField("shorttext");
$st = convertTagsToInteralLinks($site, $st);
if ($o->getField("texttype") == 'text') {
print nl2br($st);
} else {
print $st;
}
print "<p>";
printDownloadLink($mediaRow);
print "</p>";
function handlearchive($stories, $pa)
{
global $startday, $startmonth, $startyear, $endday, $endmonth, $endyear, $usestart, $useend, $months;
global $usesearch;
global $site, $section, $page;
$newstories = array();
if (!$usesearch) {
$endyear = date("Y");
$endmonth = date("n");
$endday = date("j");
}
printc("<div>");
// printc("<b>Search:</b> ");
printc("Display content in date rage: ");
printc("<form action='{$PHP_SELF}?{$sid}&action=site&site={$site}&section={$section}&page={$page}' method='post'>");
printc("<input type='hidden' name='usesearch' value='1' />");
printc("<select name='startday'>");
for ($i = 1; $i <= 31; $i++) {
printc("<option" . ($startday == $i ? " selected" : "") . ">{$i}\n");
}
printc("</select>\n");
printc("<select name='startmonth'>");
for ($i = 0; $i < 12; $i++) {
printc("<option value=" . ($i + 1) . ($startmonth == $i + 1 ? " selected" : "") . ">{$months[$i]}\n");
}
printc("</select>\n<select name='startyear'>");
$curryear = date("Y");
for ($i = $curryear - 10; $i <= $curryear; $i++) {
printc("<option" . ($startyear == $i ? " selected" : "") . ">{$i}\n");
}
printc("</select>");
// printc("<br />");
printc(" to <select name='endday'>");
for ($i = 1; $i <= 31; $i++) {
printc("<option" . ($endday == $i ? " selected" : "") . ">{$i}\n");
}
printc("</select>\n");
printc("<select name='endmonth'>");
for ($i = 0; $i < 12; $i++) {
printc("<option value=" . ($i + 1) . ($endmonth == $i + 1 ? " selected" : "") . ">{$months[$i]}\n");
}
printc("</select>\n<select name='endyear'>");
for ($i = $curryear; $i <= $curryear + 5; $i++) {
printc("<option" . ($endyear == $i ? " selected" : "") . ">{$i}\n");
}
printc("</select>");
printc(" <input type='submit' class='button' value='go' />");
printc("</form></div>");
$start = mktime(1, 1, 1, $startmonth, $startday, $startyear);
$end = mktime(1, 1, 1, $endmonth, $endday, $endyear);
if ($pa == 'week') {
if (!$usesearch) {
$start = mktime(0, 0, 0, date("n"), date('j') - 7, date('Y'));
$end = time();
}
}
if ($pa == 'month') {
if (!$usesearch) {
$start = mktime(0, 0, 0, date("n") - 1, date('j'), date("Y"));
$end = time();
}
}
if ($pa == 'year') {
if (!$usesearch) {
$start = mktime(0, 0, 0, date("n"), date('j'), date("Y") - 1);
$end = time();
}
}
$txtstart = date("n/j/y", $start);
$txtend = date("n/j/y", $end);
foreach ($stories as $s) {
$a = db_get_line("stories", "id='" . addslashes($s) . "'");
$added = $a[addedtimestamp];
ereg("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{2}):([0-9]{2}):([0-9]{2})", $added, $regs);
$year = (int) $regs[1];
$month = (int) $regs[2];
$day = (int) $regs[3];
$t = mktime(0, 0, 0, $month, $day, $year);
// $week = date("W",$t-(date("w",$t)*86400));
//
// if ($startyear == $year && $startweek == $week)
// $newstories[] = $s;
// if ((!$usestart || $start < $t) && (!$useend || $t < $end)) {
if ($start < $t && $t < $end || false) {
$newstories[$s] = $t;
}
}
// print_r($newstories);
arsort($newstories, SORT_NUMERIC);
// print_r($newstories);
$newstories = array_keys($newstories);
printc("<b>Content ranging from {$txtstart} to {$txtend}.</b><br /><br />");
return $newstories;
}
<?php
/* $Id$ */
include "objects/objects.inc.php";
$content = '';
ob_start();
session_start();
// include all necessary files
include "includes.inc.php";
//if ($_SESSION['ltype'] != 'admin') exit;
db_connect($dbhost, $dbuser, $dbpass, $dbdb);
$siteinfo = db_get_line("site INNER JOIN slot on site_id = FK_site", "slot_name='" . addslashes($site) . "'");
$site_type = $siteinfo[type];
if ($_REQUEST[site_type] == "class") {
//print "<div align='center'>Students in $site</div>";
}
if ($_REQUEST[clear]) {
$type = "";
$user = "";
$site = "";
$title = "";
} else {
$type = $_REQUEST[type];
$user = $_REQUEST[user];
$site = $_REQUEST[site];
$title = $_REQUEST[title];
}
if (!isset($order)) {
$order = "fname asc";
}
$order = addslashes($order);
function getuserclasses($user, $time = "all")
{
$user = strtolower($user);
global $cfg;
$ldap_user = $cfg[ldap_voadmin_user_dn];
$ldap_pass = $cfg[ldap_voadmin_pass];
$classes = array();
if (!$user) {
return $classes;
}
$c = ldap_connect($cfg[ldap_server]);
$r = @ldap_bind($c, $ldap_user, $ldap_pass);
if ($r && true) {
// connected & logged in
$return = array($cfg[ldap_username_attribute], $cfg[ldap_fullname_attribute], $cfg[ldap_email_attribute], $cfg[ldap_group_attribute]);
$userSearchDN = ($cfg[ldap_user_dn] ? $cfg[ldap_user_dn] . "," : "") . $cfg[ldap_base_dn];
$searchFilter = "(" . $cfg[ldap_username_attribute] . "=" . $user . ")";
$sr = ldap_search($c, $userSearchDN, $searchFilter, $return);
$res = ldap_get_entries($c, $sr);
if ($res['count']) {
$res[0] = array_change_key_case($res[0], CASE_LOWER);
// print "<pre>";print_r($res);print"</pre>";
$num = ldap_count_entries($c, $sr);
// print "num: $num<br />";
ldap_close($c);
if ($num) {
for ($i = 0; $i < $res[0][strtolower($cfg[ldap_group_attribute])]['count']; $i++) {
$f = $res[0][strtolower($cfg[ldap_group_attribute])][$i];
// print "$f<br />";
$parts = explode(",", $f);
foreach ($parts as $p) {
if (eregi($cfg[ldap_groupname_attribute] . "=([a-zA-Z]{0,4})([0-9]{1,4})([a-zA-Z]{0,1})-([a-zA-Z]{1,})([0-9]{2})", $p, $r)) {
// print "goood!";
$semester = currentsemester();
/* print "<pre>"; */
/* print_r($r); */
/* print "</pre>"; */
$class = $r[1] . $r[2] . $r[3] . "-" . $r[4] . $r[5];
/******************************************************************************
* update the classes table with the ldap information
******************************************************************************/
$sem = $r[4];
$year = $r[5];
$user_id = db_get_value("user", "user_id", "user_uname = '" . addslashes($user) . "'");
$ugroup_id = db_get_value("ugroup", "ugroup_id", "ugroup_name='" . addslashes($class) . "'");
$classinfo = db_get_line("class", "\n\t\t\t\t\t\t\t\t\t\tclass_department='" . addslashes($r[1]) . "' AND\n\t\t\t\t\t\t\t\t\t\tclass_number='" . addslashes($r[2]) . "' AND\n\t\t\t\t\t\t\t\t\t\tclass_section='" . addslashes($r[3]) . "' AND\n\t\t\t\t\t\t\t\t\t\tclass_semester='" . addslashes($sem) . "' AND\n\t\t\t\t\t\t\t\t\t\tclass_year='20" . addslashes($r[5]) . "'");
if (!$ugroup_id) {
$query = "\n\t\t\t\t\t\t\t\t\tINSERT INTO\n\t\t\t\t\t\t\t\t\t\tugroup\n\t\t\t\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t\t\t\tugroup_name = '" . addslashes($class) . "',\n\t\t\t\t\t\t\t\t\t\tugroup_type = 'class'\n\t\t\t\t\t\t\t\t";
db_query($query);
$ugroup_id = lastid();
}
if (!$classinfo) {
$query = "\n\t\t\t\t\t\t\t\t\tINSERT INTO\n\t\t\t\t\t\t\t\t\t\tclass\n\t\t\t\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t\t\t\tclass_external_id='" . addslashes($class) . "',\n\t\t\t\t\t\t\t\t\t\tclass_department='" . addslashes($r[1]) . "',\n\t\t\t\t\t\t\t\t\t\tclass_number='" . addslashes($r[2]) . "',\n\t\t\t\t\t\t\t\t\t\tclass_section='" . addslashes($r[3]) . "',\n\t\t\t\t\t\t\t\t\t\tclass_semester='" . addslashes($sem) . "',\n\t\t\t\t\t\t\t\t\t\tclass_year='20" . addslashes($r[5]) . "',\n\t\t\t\t\t\t\t\t\t\tclass_name='',\n\t\t\t\t\t\t\t\t\t\tFK_owner=NULL,\n\t\t\t\t\t\t\t\t\t\tFK_ugroup='" . addslashes($ugroup_id) . "'\n\t\t\t\t\t\t\t\t";
db_query($query);
}
$ugroup_userinfo = db_get_line("ugroup_user", "FK_ugroup='" . addslashes($ugroup_id) . "' AND FK_user='******'");
if (!$ugroup_userinfo) {
$query = "\n\t\t\t\t\t\t\t\t\tINSERT INTO\n\t\t\t\t\t\t\t\t\t\tugroup_user\n\t\t\t\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t\t\t\tFK_ugroup = '" . addslashes($ugroup_id) . "',\n\t\t\t\t\t\t\t\t\t\tFK_user = '******'\n\t\t\t\t\t\t\t\t";
db_query($query);
}
/******************************************************************************
* end update
******************************************************************************/
if ($time == "now" && isSemesterNow($r[4], $r[5])) {
$classes[$class] = array("code" => "{$r['1']}{$r['2']}", "sect" => $r[3], "sem" => $r[4], "year" => $r[5]);
} else {
if ($time == "past" && isSemesterPast($r[4], $r[5])) {
$classes[$r[1] . $r[2] . $r[3] . "-" . $r[4] . $r[5]] = array("code" => "{$r['1']}{$r['2']}", "sect" => $r[3], "sem" => $r[4], "year" => $r[5]);
} else {
if ($time == "future" && isSemesterFuture($r[4], $r[5])) {
$classes[$r[1] . $r[2] . $r[3] . "-" . $r[4] . $r[5]] = array("code" => "{$r['1']}{$r['2']}", "sect" => $r[3], "sem" => $r[4], "year" => $r[5]);
} else {
if ($time == "all") {
$classes[$r[1] . $r[2] . $r[3] . "-" . $r[4] . $r[5]] = array("code" => "{$r['1']}{$r['2']}", "sect" => $r[3], "sem" => $r[4], "year" => $r[5]);
}
}
}
}
/******************************************************************************
* if not a class group then get group name and add to ugroup table
******************************************************************************/
} else {
if (eregi('^' . $cfg[ldap_groupname_attribute] . '=(.+)$', $p, $matches)) {
$group_name = $matches[1];
$user_id = db_get_value("user", "user_id", "user_uname = '" . addslashes($user) . "'");
$ugroup_id = db_get_value("ugroup", "ugroup_id", "ugroup_name='" . addslashes($group_name) . "'");
/******************************************************************************
* insert group_name into ugroup table with group if not already in table
******************************************************************************/
if (!$ugroup_id) {
$query = "\n\t\t\t\t\t\t\t\t\tINSERT INTO\n\t\t\t\t\t\t\t\t\t\tugroup\n\t\t\t\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t\t\t\tugroup_name = '" . addslashes($group_name) . "',\n\t\t\t\t\t\t\t\t\t\tugroup_type = 'other'\n\t\t\t\t\t\t\t\t";
//printpre($query);
db_query($query);
$ugroup_id = lastid();
}
/******************************************************************************
* if user not part of group then add to ugroup_user table
******************************************************************************/
$ugroup_userinfo = db_get_line("ugroup_user", "FK_ugroup='" . addslashes($ugroup_id) . "' AND FK_user='******'");
if (!$ugroup_userinfo) {
$query = "\n\t\t\t\t\t\t\t\t\tINSERT INTO\n\t\t\t\t\t\t\t\t\t\tugroup_user\n\t\t\t\t\t\t\t\t\tSET\n\t\t\t\t\t\t\t\t\t\tFK_ugroup = '" . addslashes($ugroup_id) . "',\n\t\t\t\t\t\t\t\t\t\tFK_user = '******'\n\t\t\t\t\t\t\t\t";
//printpre($query);
db_query($query);
}
/******************************************************************************
* get other members of this ugroup and add to ugroup_user table
* (this may not be necessary since users will be added when they log in...)
******************************************************************************/
}
}
}
}
}
}
}
// add in the DB classes
$query = "\n\t\tSELECT\n\t\t\tclass_department,\n\t\t\tclass_number,\n\t\t\tclass_section,\n\t\t\tclass_semester,\n\t\t\tclass_year\n\t\tFROM\n\t\t\tuser\n\t\t\t\tINNER JOIN\n\t\t\tugroup_user\n\t\t\t\tON\n\t\t\tuser_id = FK_user\n\t\t\t\tINNER JOIN\n\t\t\tclass\n\t\t\t\tON\n\t\t\tclass.FK_ugroup = ugroup_user.FK_ugroup\n\t\tWHERE\n\t\t\tuser_uname = '" . addslashes($user) . "'\n\t";
$semester = currentsemester();
$r = db_query($query);
while ($a = db_fetch_assoc($r)) {
$class_code = generateCodeFromData($a[class_department], $a[class_number], $a[class_section], $a[class_semester], $a[class_year]);
if (!$classes[$class_code]) {
if ($time == "now" && isSemesterNow($a[class_semester], $a[class_year])) {
$classes[$class_code] = array("code" => "{$class_code}", "sect" => $a[class_section], "sem" => $a[class_semester], "year" => $a[class_year]);
} else {
if ($time == "past" && isSemesterPast($a[class_semester], $a[class_year])) {
$classes[$class_code] = array("code" => "{$class_code}", "sect" => $a[class_section], "sem" => $a[class_semester], "year" => $a[class_year]);
} else {
if ($time == "future" && isSemesterFuture($a[class_semester], $a[class_year])) {
$classes[$class_code] = array("code" => "{$class_code}", "sect" => $a[class_section], "sem" => $a[class_semester], "year" => $a[class_year]);
} else {
if ($time == "all") {
$classes[$class_code] = array("code" => "{$class_code}", "sect" => $a[class_section], "sem" => $a[class_semester], "year" => $a[class_year]);
}
}
}
}
}
}
return $classes;
}