function set_from_post()
{
if (get_magic_quotes_gpc()) {
// Values in $_POST come with backslashes added.
// We want the fields of $this to be unescaped strings,
// so we strip the slashes.
$_POST = array_map('stripslashes', $_POST);
}
$errors = '';
if (isset($_POST['projectid'])) {
$projectid = validate_projectID('projectid', @$_POST['projectid']);
$this->projectid = $projectid;
$ucep_result = user_can_edit_project($this->projectid);
if ($ucep_result == PROJECT_DOES_NOT_EXIST) {
return _("parameter 'projectid' is invalid: no such project") . ": '{$this->projectid}'";
} else {
if ($ucep_result == USER_CANNOT_EDIT_PROJECT) {
return _("You are not authorized to manage this project.") . ": '{$this->projectid}'";
} else {
if ($ucep_result == USER_CAN_EDIT_PROJECT) {
// fine
} else {
return _("unexpected return value from user_can_edit_project") . ": '{$ucep_result}'";
}
}
}
} else {
if (isset($_POST['clone_projectid'])) {
// we're creating a clone
$clone_projectid = validate_projectID('clone_projectid', @$_POST['clone_projectid']);
$this->clone_projectid = $clone_projectid;
}
}
$this->nameofwork = @$_POST['nameofwork'];
// we're using preg_match as this field will be space-normalised later
if (preg_match('/^\\s*$/', $this->nameofwork)) {
$errors .= "Name of work is required.<br>";
}
$this->authorsname = @$_POST['authorsname'];
if (preg_match('/^\\s*$/', $this->authorsname)) {
$errors .= "Author is required.<br>";
}
if (user_is_a_sitemanager()) {
$this->projectmanager = @$_POST['username'];
if ($this->projectmanager == '') {
$errors .= _("Project manager is required.") . "<br>";
} else {
$errors .= check_user_exists($this->projectmanager, 'Project manager');
}
if (empty($errors) && !that_user_is_PM($this->projectmanager)) {
$errors .= sprintf(_("%s is not a PM."), $this->projectmanager) . "<br>";
}
} else {
$this->projectmanager = '';
}
$pri_language = @$_POST['pri_language'];
if ($pri_language == '') {
$errors .= _("Primary Language is required.") . "<br>";
}
$sec_language = @$_POST['sec_language'];
$this->language = $sec_language != '' ? "{$pri_language} with {$sec_language}" : $pri_language;
$this->genre = @$_POST['genre'];
if ($this->genre == '') {
$errors .= _("Genre is required.") . "<br>";
}
$this->image_source = @$_POST['image_source'];
if ($this->image_source == '') {
$errors .= _("Image Source is required. If the one you want isn't in list, you can propose to add it.") . "<br>";
$this->image_source = '_internal';
}
/*
else
{
if ($this->image_source == 'OTHER')
{
if (empty($_POST['imso_other']))
{
$errors .= "When Image Source is OTHER, details must be supplied.<br>";
}
else
{
$imso_other = $_POST['imso_other'];
$this->image_source = "O:".$imso_other;
}
}
}
*/
$this->special_code = @$_POST['special_code'];
if ($this->special_code != '') {
if (startswith($this->special_code, 'Birthday') || startswith($this->special_code, 'Otherday')) {
if (empty($_POST['bdayday']) or empty($_POST['bdaymonth'])) {
$errors .= _("Month and Day are required for Birthday or Otherday Specials.") . "<br>";
} else {
$bdaymonth = $_POST['bdaymonth'];
$bdayday = $_POST['bdayday'];
if (!checkdate($bdaymonth, $bdayday, 2000)) {
$errors .= _("Invalid date supplied for Birthday or Otherday Special.") . "<br>";
} else {
if (strlen($this->special_code) == 8) {
$this->special_code .= " " . $bdaymonth . $bdayday;
}
}
}
}
}
$this->checkedoutby = @$_POST['checkedoutby'];
// if it's an existing project, we want to know its state
if (isset($this->projectid)) {
// Somewhat kludgey to have to do this query here.
$res = mysql_query("\n SELECT state, checkedoutby, username\n FROM projects\n WHERE projectid='{$this->projectid}'\n ") or die(mysql_error());
list($state, $PPer, $PM) = mysql_fetch_row($res);
$this->state = $state;
// don't allow an empty PPer/PPVer if the project is checked out
if (($this->state == PROJ_POST_FIRST_CHECKED_OUT || $this->state == PROJ_POST_SECOND_CHECKED_OUT) && $this->checkedoutby == '') {
$errors .= _("This project is checked out: you must specify a PPer/PPVer");
$this->checkedoutby = $PPer;
}
if ($this->projectmanager == '') {
$this->projectmanager = $PM;
}
} else {
$this->state = '';
}
if ($this->checkedoutby != '') {
// make sure the named PPer/PPVer actually exists
$errors .= check_user_exists($this->checkedoutby, 'PPer/PPVer');
}
$this->image_preparer = @$_POST['image_preparer'];
if ($this->image_preparer != '') {
$errors .= check_user_exists($this->image_preparer, 'Image Preparer');
}
$this->text_preparer = @$_POST['text_preparer'];
if ($this->text_preparer != '') {
$errors .= check_user_exists($this->text_preparer, 'Text Preparer');
}
$this->posted = @$_POST['posted'];
$this->postednum = @$_POST['postednum'];
if ($this->posted) {
// We are in the process of marking this project as posted.
if ($this->postednum == '') {
$errors .= _("Posted Number is required.") . "<br>";
} else {
if (!preg_match('/^[1-9][0-9]*$/', $this->postednum)) {
$errors .= sprintf(_("Posted Number \"%s\" is not of the correct format."), $this->postednum) . "<br>";
// You'll sometimes see PG etext numbers with a 'C' appended.
// The 'C' is not part of the etext number
// (e.g., it does not appear in PG's RDF catalog),
// rather it's a bit of information about the identified text,
// namely that it's still under (US) copyright.
// Anyhow, the 'C' should not be included here.
}
}
}
$this->scannercredit = @$_POST['scannercredit'];
$this->comments = @$_POST['comments'];
$this->clearance = @$_POST['clearance'];
$this->difficulty_level = @$_POST['difficulty_level'];
$this->up_projectid = intval(@$_POST['up_projectid']);
$this->original_marc_array_encd = @$_POST['rec'];
$this->extra_credits = @$_POST['extra_credits'];
$this->deletion_reason = @$_POST['deletion_reason'];
if ($this->difficulty_level == '') {
global $pguser;
$this->difficulty_level = $pguser == "BEGIN" ? "beginner" : "average";
}
return $errors;
}
function set_from_post()
{
if (get_magic_quotes_gpc()) {
// Values in $_POST come with backslashes added.
// We want the fields of $this to be unescaped strings,
// so we strip the slashes.
$_POST = array_map('stripslashes', $_POST);
}
if (isset($_POST['projectid'])) {
$this->projectid = validate_projectID('projectid', @$_POST['projectid']);
$ucep_result = user_can_edit_project($this->projectid);
if ($ucep_result == PROJECT_DOES_NOT_EXIST) {
return array(_("parameter 'projectid' is invalid: no such project") . ": '{$this->projectid}'");
} else {
if ($ucep_result == USER_CANNOT_EDIT_PROJECT) {
return array(_("You are not authorized to manage this project.") . ": '{$this->projectid}'");
} else {
if ($ucep_result == USER_CAN_EDIT_PROJECT) {
// fine
} else {
return array(_("unexpected return value from user_can_edit_project") . ": '{$ucep_result}'");
}
}
}
}
$this->projectid = validate_projectID('projectid', @$_POST['projectid']);
$this->good_words = @$_POST['good_words'];
$this->bad_words = @$_POST['bad_words'];
$this->gwl_timestamp = get_integer_param($_POST, 'gwl_timestamp', null, null, null);
$this->bwl_timestamp = get_integer_param($_POST, 'bwl_timestamp', null, null, null);
return array();
}
foreach (explode(',', @$_GET['projects']) as $projectid) {
$projectids[] = validate_projectID('projects', $projectid);
}
echo "<pre>\n";
echo sprintf(_("Moving projects from '%1\$s' to '%2\$s'..."), $curr_state, $new_state);
echo "\n\n";
foreach ($projectids as $projectid) {
echo "\n";
echo "{$projectid} ...\n";
try {
$project = new Project($projectid);
} catch (NonexistentProjectException $exception) {
echo " " . _("does not exist.") . "\n";
continue;
}
$result = user_can_edit_project($projectid);
if ($result == USER_CANNOT_EDIT_PROJECT) {
echo " " . _("You are not authorize to manage this project.") . "\n";
continue;
}
if ($project->state != $curr_state) {
// TRANSLATORS: %1$s is a project name, %2$s and %3$s are project states
echo " " . sprintf(_('%1$s is no longer in %2$s. Now in %3$s.'), $project->nameofwork, $curr_state, $project->state) . "\n";
continue;
}
$error_msg = project_transition($projectid, $new_state, $pguser);
if ($error_msg) {
echo " {$project->nameofwork}\n";
echo " {$error_msg}\n";
continue;
}
include_once $relPath . 'stages.inc';
include_once $relPath . 'forum_interface.inc';
include_once $relPath . 'project_edit.inc';
include_once $relPath . 'misc.inc';
// attr_safe(), html_safe()
include_once 'page_table.inc';
// page_state_is_a_bad_state()
require_login();
$projectid = validate_projectID('projectid', @$_REQUEST['projectid']);
$image = validate_page_image_filename('image', @$_REQUEST['image']);
$modify = array_get($_REQUEST, 'modify', '');
$cancel = array_get($_POST, 'cancel', '');
$prev_text = array_get($_POST, 'prev_text', NULL);
$prevtext_column = array_get($_POST, 'prevtext_column', NULL);
$resolution = array_get($_POST, 'resolution', NULL);
if (user_can_edit_project($projectid) != USER_CAN_EDIT_PROJECT) {
die("You are not authorized to manage this project.");
}
// If the user hit a cancel button, return them to the starting form
if ($cancel) {
$modify = '';
}
if (!$resolution) {
//Find out information about the bad page report
$result = mysql_query("SELECT * FROM {$projectid} WHERE image='{$image}'");
$page = mysql_fetch_assoc($result);
$state = $page['state'];
$b_User = $page['b_user'];
$b_Code = $page['b_code'];
$project = new Project($projectid);
$round = get_Round_for_page_state($state);
