function member_csv($conditions)
{
# FIXME No support for conditions right now
global $SEMESTER, $CHOIR, $USER;
if (!isOfficer($USER)) {
die("Access denied");
}
$cols = array("firstName", "prefName", "lastName", "email", "phone", "section", "location", "major", "hometown", "section");
if ($conditions != '()') {
$conditions = ' and ' . $conditions;
}
$sql = "SELECT `member`.`lastName`, `member`.`firstName`, `member`.`prefName`, `member`.`email`, `member`.`phone`, `member`.`location`, `member`.`major`, `member`.`hometown`, `sectionType`.`name` as `section` FROM `member`, `activeSemester`, `sectionType` where `member`.`email` = `activeSemester`.`member` and `activeSemester`.`semester` = '{$SEMESTER}' and `activeSemester`.`choir` = '{$CHOIR}' and `sectionType`.`id` = `activeSemester`.`section` ORDER BY `member`.`lastName` asc, `member`.`firstName` asc";
$members = mysql_query($sql);
$ret = '"' . join('","', $cols) . "\"<br>";
while ($row = mysql_fetch_array($members)) {
$vals = array();
foreach ($cols as $col) {
array_push($vals, addslashes($row[$col]));
}
$ret .= '"' . join('","', $vals) . "\"<br>";
}
return $ret;
}
function actionOptions($userEmail)
{
$officerOptions = '';
if (isOfficer($userEmail)) {
$officerOptions .= '
<li><a href="#addAnnouncement">Make an Announcement</a></li>';
}
if (hasPosition($userEmail, "Treasurer") || isUber($userEmail)) {
$officerOptions .= '
<li><a href="#money">Add Transactions</a></li>';
}
if (isUber($userEmail)) {
$officerOptions .= '
<li><a href="#absenceRequest">Absence Requests</a></li>
<li><a href="#ties">Ties</a></li>
<li><a href="#semester">Edit Semester</a></li>
<li><a href="#officers">Edit Officers</a></li>
<li><a href="#doclinks">Edit Document Links</a></li>
<li><a href="#dues">Edit Dues</a></li>
<li><a href="#timeMachine">Past Semesters</a></li>';
}
echo $officerOptions;
}
div#tabbox
{
padding: 10px;
}
button.action
{
margin-right: 10px;
}
</style>
<?php
require_once 'functions.php';
if (!$USER) {
die("You must be logged in to view member profiles.");
}
$officer = isOfficer($USER);
$uber = isUber($USER);
$email = mysql_real_escape_string($_GET['person']);
$query = mysql_query("select `email` from `member` where `email` = '{$email}'");
if (mysql_num_rows($query) == 0) {
die("No such user");
}
function basic_info($person)
{
global $officer, $uber;
$member = mysql_fetch_array(mysql_query("select * from `member` where `email` = '{$person}'"));
$about = getMemberAttribute('about', $person);
if ($about == '') {
$about = "I don't have a quote";
}
$html .= "<img class='profile' src='" . profilePic($person) . "'>";
<?php
require_once 'functions.php';
if (!$USER || !isOfficer($USER)) {
die("DENIED");
}
$name = mysql_real_escape_string($_POST['name']);
$sql = "DELETE FROM `semester` WHERE `semester`='{$name}' LIMIT 1";
if (mysql_query($sql)) {
echo "<br><h3>Removal Results</h3><br>{$name} was removed from the database.<br>";
} else {
echo "<br><h3>Removal Results</h3><br>Something went wrong.<br>";
}
function todoBlock($userEmail, $form, $list)
{
$html = '';
if ($form) {
if (isOfficer($userEmail)) {
$html .= "<p>\n\t\t\t\tNames: <input id='multiTodo'>\n\t\t\t\tTodo: <br /><input id='todoText'>\n\t\t\t\t<br /><button class='btn' id='multiTodoButton'>Add Todo</button>\n\t\t\t</p>";
} else {
$html .= "<p>\n\t\t\t\t<input id='newTodo'>\n\t\t\t\t<button class='btn' id='newTodoButton'>Add Todo</button>\n\t\t\t</p>";
}
}
if ($list) {
$html .= "<div id='todos'>";
//$sql = "SELECT * FROM `todoMembers` where memberID='$userEmail' ORDER BY todoID ASC;";
$sql = "select todo.id, todo.text from `todo`, `todoMembers` where todo.id = todoMembers.todoID and todo.completed = '0' and todoMembers.memberID = '{$userEmail}' order by todo.id asc";
$todos = mysql_query($sql);
while ($row = mysql_fetch_array($todos, MYSQL_ASSOC)) {
$id = $row['id'];
//$row['todoID'];
$text = $row['text'];
//$text['text'];
$html .= "<div class='block'><label class='checkbox'><input type='checkbox' id='{$id}'> {$text}</label></div>";
}
$html .= "</div>";
}
return $html;
}
$required[] = "choir";
}
if ($user == $email) {
$required[] = "registration";
}
if (isset($_POST["onCampus"])) {
$_POST["onCampus"] = 1;
} else {
$_POST["onCampus"] = 0;
}
foreach ($required as $field) {
if (!isset($_POST[$field]) || $_POST[$field] == "") {
die("Missing value for property \"{$field}\".");
}
}
if (!isOfficer($user)) {
foreach ($restricted as $field) {
if (isset($_POST[$field])) {
die("Permission denied to set property \"{$field}\".");
}
}
}
$newemail = mysql_real_escape_string($_POST["email"]);
$validEmail = "/^([a-zA-Z0-9])+([a-zA-Z0-9\\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\\._-]+)+\$/";
if (!preg_match($validEmail, $_POST["email"])) {
die("Invalid email");
}
$oldsect = 0;
$newsect = mysql_real_escape_string($_POST["section"]);
if ($user) {
$query = mysql_query("select `section` from `activeSemester` where `member` = '{$newemail}' and `semester` = '{$SEMESTER}' and `choir` = '{$CHOIR}'");
$result = mysql_query($sql);
//echo $sql;
//echo $result;
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$html .= "<div class='carpool block' id='" . $row['carpoolID'] . "'>";
$driver = $row['driver'];
//$shouldAttend='';
//$isConfirmed ='';
//$passengerSpots=0;
$emails = prefFullNameFromEmail($driver) . ' <' . $driver . '>';
$shouldAttend = shouldAttend($driver, $eventNo) == true ? '<span class="label label-info">should</span>' : '<span class="label label-important">shouldn\'t</span>';
$isConfirmed = isConfirmed($driver, $eventNo) == true ? '<span class="label label-info">confirmed</span>' : '<span class="label label-warning">unconfirmed</span>';
$passengerSpots = passengerSpots($driver) !== "0" ? "<span class='badge badge-info'>" . passengerSpots($driver) . "</span>" : "";
$livesAt = "<span class='label'>" . livesAt($driver) . "</span>";
$phoneNumber = "<a href='tel:" . phoneNumber($driver) . "'>" . phoneNumber($driver) . "</a>";
if (isOfficer($USER)) {
$html .= "<div class='driver block'><div class='person' id='" . $driver . "'><table>\n\t\t<tr>\n\t\t\t<td class='carpoolLives'>" . $livesAt . "</td>\n\t\t\t<td class='carpoolName'><a href='#profile:{$driver}'>" . prefFullNameFromEmail($driver) . "</a></td>\n\t\t\t<td class='carpoolSpots'>" . $passengerSpots . "</td>\n\t\t\t<td class='carpoolShould'>" . $phoneNumber . "</td>\n\t\t\t<td class='carpoolConfirmed'>" . $isConfirmed . "</td>\n\t\t</tr>\n\t\t</table></div></div>";
} else {
$html .= "\n\t\t\t<tr>\n\t\t\t\t<td class='carpoolLives'>" . $livesAt . "</td>\n\t\t\t\t<td class='carpoolName'>" . prefFullNameFromEmail($driver) . "</td>\n\t\t\t\t<td class='carpoolSpots'>" . $passengerSpots . "</td>\n\t\t\t\t<td class='carpoolShould'>" . $phoneNumber . "</td>\n\t\t\t\t<td class='carpoolConfirmed'>" . $isConfirmed . "</td>\n\t\t\t</tr>\n\t\t\t</table></div></div>\n\t\t\t";
}
//$passengers = array();
$carpoolDetails = getCarpoolDetails($row['carpoolID']);
$html .= "<div class='passengers block'>";
while ($passenger = mysql_fetch_array($carpoolDetails)) {
//$passengers[] = $passenger['memberID'];
if ($passenger['memberID'] !== $driver) {
//$shouldAttend='';
//$isConfirmed ='';
//$passengerSpots=0;
$emails .= ', ' . prefFullNameFromEmail($passenger['memberID']) . ' <' . $passenger['memberID'] . '>';
if (shouldAttend($passenger['memberID'], $eventNo)) {
$sql = "SELECT * FROM `carpool` WHERE eventNo={$eventNo};";
$result = mysql_query($sql);
//echo $sql;
//echo $result;
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$html .= "<div class='carpool block' id='" . $row['carpoolID'] . "'>";
$driver = $row['driver'];
//$shouldAttend='';
//$isConfirmed ='';
//$passengerSpots=0;
$shouldAttend = shouldAttend($driver, $eventNo) == true ? '<span class="label label-info">should</span>' : '<span class="label label-important">shouldn\'t</span>';
$isConfirmed = isConfirmed($driver, $eventNo) == true ? '<span class="label label-info">confirmed</span>' : '<span class="label label-warning">unconfirmed</span>';
$passengerSpots = passengerSpots($driver) !== "0" ? "<span class='badge badge-info'>" . passengerSpots($driver) . "</span>" : "";
$livesAt = "<span class='label'>" . livesAt($driver) . "</span>";
$phoneNumber = "<a href='tel:" . phoneNumber($driver) . "'>" . phoneNumber($driver) . "</a>";
if (isOfficer($userEmail)) {
$html .= "<div class='driver block'><div class='person' id='" . $driver . "'><table>\n\t\t<tr>\n\t\t\t<td class='carpoolLives'>" . $livesAt . "</td>\n\t\t\t<td class='carpoolName'><a href='mailto:{$driver}'>" . prefFullNameFromEmail($driver) . "</a></td>\n\t\t\t<td class='carpoolSpots'>" . $passengerSpots . "</td>\n\t\t\t<td class='carpoolShould'>" . $phoneNumber . "</td>\n\t\t\t<td class='carpoolConfirmed'>" . $isConfirmed . "</td>\n\t\t</tr>\n\t\t</table></div></div>";
} else {
$html .= "\n\t\t\t<tr>\n\t\t\t\t<td class='carpoolLives'>" . $livesAt . "</td>\n\t\t\t\t<td class='carpoolName'>" . prefFullNameFromEmail($driver) . "</td>\n\t\t\t\t<td class='carpoolSpots'>" . $passengerSpots . "</td>\n\t\t\t\t<td class='carpoolShould'>" . $phoneNumber . "</td>\n\t\t\t\t<td class='carpoolConfirmed'>" . $isConfirmed . "</td>\n\t\t\t</tr>\n\t\t\t</table></div></div>\n\t\t\t";
}
//$passengers = array();
$carpoolDetails = getCarpoolDetails($row['carpoolID']);
$html .= "<div class='passengers block'>";
while ($passenger = mysql_fetch_array($carpoolDetails)) {
//$passengers[] = $passenger['memberID'];
if ($passenger['memberID'] !== $driver) {
//$shouldAttend='';
//$isConfirmed ='';
//$passengerSpots=0;
$shouldAttend = shouldAttend($passenger['memberID'], $eventNo) == true ? '<span class="label label-info">should</span>' : '<span class="label label-important">shouldn\'t</span>';
$isConfirmed = isConfirmed($passenger['memberID'], $eventNo) == true ? '<span class="label label-info">confirmed</span>' : '<span class="label label-warning">unconfirmed</span>';
$users = explode(',', $userlist);
$query = "insert into `todo` (text, completed) values(\"{$msg}\", 0)";
if (mysql_query($query)) {
echo "OK";
} else {
exit(1);
}
//max(id) should be different --TH
/*$query = "select max(id) where `text` = \"$msg\" and `completed` = 0";
$results = mysql_query($query);
if (mysql_query($query)) echo "OK";
else exit(1);
$res_arr = mysql_fetch_array($results);
$id = $res_arr['id'];
*/
$id = mysql_insert_id();
if (!isOfficer($USER)) {
foreach ($users as $user) {
}
}
foreach ($users as $user) {
$query = "insert into `todoMembers` (memberID, todoID) values(\"{$user}\", \"{$id}\")";
echo $user;
echo $id;
echo $query;
if (mysql_query($query)) {
echo "OK";
} else {
exit(1);
}
}
<div class="span3 block" id=repertoire_list><?php
require_once 'functions.php';
if (!$CHOIR) {
die("Not logged in");
}
# FIXME
$results = mysql_query("select `id`, `title` from `song` where `current` = 1 and `choir` = '{$CHOIR}' order by `title` asc");
if (!$results) {
die("Database query failed.");
}
if ($USER && isOfficer($USER)) {
echo "<div style=\"padding-top: 5px\"><button class=btn style=\"padding: 5px; width: 100%\" id=repertoire_add>Add Song...</button></div>";
}
echo "<style>td.repertoire_head { font-size: 12pt; font-weight: bold; }</style>";
echo "<table class=\"table\" id=repertoire_table>";
if (mysql_num_rows($results)) {
echo "<tr><td class=repertoire_head>Current Repertoire</td></tr>";
}
while ($result = mysql_fetch_array($results)) {
echo "<tr><td id=\"row_{$result['0']}\" class=repertoire_row>{$result['1']}</td></tr>";
}
if (mysql_num_rows($results)) {
echo "<tr><td class=repertoire_head>Other Repertoire</td></tr>";
}
$results = mysql_query("select `id`, `title` from `song` where `current` = 0 and `choir` = '{$CHOIR}' order by `title` asc");
if (!$results) {
die("Database query failed.");
}
while ($result = mysql_fetch_array($results)) {
echo "<tr><td id=\"row_{$result['0']}\" class=repertoire_row>{$result['1']}</td></tr>";
}
function rosterPropList($type)
{
global $USER;
$officer = isOfficer($USER);
$uber = isUber($USER);
$cols = array("#" => 10, "Name" => 260, "Section" => 80, "Contact" => 180, "Location" => 200);
if ($officer) {
$cols["Enrollment"] = 40;
}
if ($uber || hasPosition($USER, "Treasurer")) {
$cols["Balance"] = 60;
$cols["Dues"] = 60;
$cols["Tie"] = 40;
}
if ($uber) {
$cols["Gigs"] = 40;
$cols["Score"] = 60;
}
if ($type == 'print') {
unset($cols["Contact"]);
unset($cols["Location"]);
unset($cols["Balance"]);
}
return $cols;
}
function announcements($userEmail)
{
global $CHOIR;
$html = "<p class='lead'>Announcements <small>–Obviously each thing is the most important thing.</small></p>";
//announcement block
//Show only announcements less than a month old and unarchived
$sql = "SELECT * FROM `announcement` WHERE date_add(timePosted, INTERVAL 1 MONTH) > now() and `choir` = '{$CHOIR}' AND `archived`=0 ORDER BY `timePosted` DESC LIMIT 0, 3";
$result = mysql_query($sql);
while ($announcement = mysql_fetch_array($result)) {
$timestamp = strtotime($announcement['timePosted']);
$dayPosted = date('M j, Y', $timestamp);
$timePosted = date('g:i a', $timestamp);
$op = $announcement['memberID'];
$mid = $announcement['announcementNo'];
$name = prefNameFromEmail($op);
if (isOfficer($userEmail)) {
$html .= "<div class='block' id='announce" . $mid . "'><p><b>{$dayPosted} {$timePosted}</b><i class='icon-remove archiveButton' onclick='archiveAnnouncement(" . $mid . ")' style='float: right'></i><br />" . $announcement['announcement'] . "<br /><small style='color:grey'>—{$name}</small></p></div>";
} else {
$html .= "<div class='block'><p><b>{$dayPosted} {$timePosted}</b><br />" . $announcement['announcement'] . "<br /><small style='color:grey'>—{$name}</small></p></div>";
}
}
$html .= "<button type='button' id='allAnnounceButton' class='btn' href='#annoucnements'>See All Announcements</button>";
return $html;
}
<td><span class="eventDetailsValue">' . $gigDetails['contactPhone'] . '</span></td>
</tr>
<tr>
<td class="eventDetialsKey">Price:</td>
<td><span class="eventDetailsValue">' . $gigDetails['price'] . '</span></td>
</tr>
</table>
</div>
';
}
$html = $html . '
<table class="table no-highlight">
<tr>
<td colspan="2"><div class="btn" id="attendingButton">see who\'s attending</div></td>
</tr>
<tr>
<td colspan="2"><div class="btn" id="carpoolsButton">carpools</div></td>
</tr>
';
if (isOfficer($userEmail) || positionFromEmail($userEmail) == 'Section Leader' && getEventType($eventDetails['type']) == "Sectional") {
$html = $html . '
<tr>
<td><div class="btn" id="attendanceButton" onclick="updateEventAttendance(\'' . $eventNo . '\');">update attendance</div></td>
</tr>
<tr>
<td id="editButtonTd"><div class="btn" id="editButton">edit details</div></td>
</tr>
';
}
$html = $html . '</table>';
echo $html;
<?php
require_once 'functions.php';
$id = mysql_real_escape_string($_POST['id']);
$type = $_POST['type'];
//if (! $USER) die("You must be logged in to view minutes.");
if (isset($type)) {
if ($type == "name") {
$res = mysql_fetch_array(mysql_query("select `name` from `minutes` where `id` = '{$id}'"));
echo $res[0];
} else {
die("Unknown type");
}
exit(0);
}
$query = "select count(`public`) as `n` from `minutes` where `id` = '{$id}'";
$result = mysql_fetch_array(mysql_query($query));
if ($result['n'] == 0) {
die("The minutes you requested do not exist.");
} else {
if ($result['n'] > 1) {
die("Ambiguous request.");
}
}
if (isOfficer($USER) && !isset($_POST['public'])) {
$query = "select `private` from `minutes` where `id` = '{$id}'";
} else {
$query = "select `public` from `minutes` where `id` = '{$id}'";
}
$result = mysql_fetch_array(mysql_query($query));
echo $result[0];
<?php
require_once 'functions.php';
if (!isset($USER) || !isOfficer($USER)) {
die("ACCESS_DENIED");
}
$action = $_POST['action'];
if ($action == 'gigcheck') {
$sql = "update `variables` set `gigCheck` = " . ($_POST['value'] == '0' ? '0' : '1');
if (!mysql_query($sql)) {
die(mysql_error());
}
echo "OK";
} else {
if ($action == 'gigreq') {
$num = mysql_real_escape_string($_POST['value']);
if (!isset($num)) {
die("MISSING_PARAM");
}
//if (! mysql_query("update `variables` set `gigRequirement` = '$num'")) die(mysql_error());
if (!mysql_query("update `semester` set `gigreq` = '{$num}' where `semester` = '{$SEMESTER}'")) {
die(mysql_error());
}
echo "OK";
} else {
die("BAD_ACTION");
}
}
?>
