<?php
namespace bmtmgr;
require_once dirname(__DIR__) . '/src/common.php';
utils\csrf_protect();
$u = user\check_current();
$u->require_perm('admin');
utils\require_get_params(['club_id', 'season_id']);
utils\require_post_params(['firstname', 'lastname', 'gender']);
$season = Season::by_id($_GET['season_id']);
$club = User::by_id($_GET['club_id']);
$name = \sprintf('%s, %s', $_POST['lastname'], $_POST['firstname']);
$textid = \str_replace(' ', '_', $club->name . '-' . $_POST['firstname'] . ' ' . $_POST['lastname']);
try {
$player = Player::create($season->id, $club->id, $textid, $name, $_POST['gender']);
$player->save();
} catch (utils\DuplicateEntryException $e) {
render_ajax_error(sprintf('Ein Spieler mit der Id "%s" existiert bereits', $textid));
exit;
}
render_ajax('season/' . $season->id . '/club/' . $club->id . '/', ['player' => $player]);
<?php
namespace bmtmgr;
require_once dirname(__DIR__) . '/src/common.php';
utils\csrf_protect();
$u = user\check_current();
$u->require_perm('admin');
utils\require_post_params(['name']);
$textid = \preg_replace('/[^a-z]+/', '', strtolower($_POST['name']));
assert(\preg_match('/^[a-z]+$/', $textid));
try {
$club = User::create($textid, $_POST['name'], null);
$club->save();
} catch (utils\DuplicateEntryException $e) {
render_ajax_error('Der Verein "' . $_POST['name'] . '" existiert bereits');
exit;
}
render_ajax('club/' . $club->id . '/', ['club' => $club]);
<?php
namespace bmtmgr;
require_once dirname(__DIR__) . '/src/common.php';
require_once dirname(__DIR__) . '/src/sftp.php';
utils\csrf_protect();
$u = user\check_current();
$u->require_perm('admin');
utils\require_get_params(['tournament_id']);
utils\require_post_params(['type']);
$publication_type = $_POST['type'];
$tournament = Tournament::by_id($_GET['tournament_id']);
$season = $tournament->get_season();
switch ($publication_type) {
case 'sftp':
utils\require_post_params(['server', 'port', 'username', 'path']);
$publication = sftp\SFTPPublication::sftp_create($tournament, $_POST['server'], \intval($_POST['port']), $_POST['path'], $_POST['username']);
$publication->save();
render_ajax('publication/' . $publication->id . '/', ['publication' => $publication]);
break;
default:
throw new \Exception('Invalid publication type');
}
<?php
namespace bmtmgr;
require_once dirname(__DIR__) . '/src/common.php';
utils\csrf_protect();
$u = user\check_current();
$u->require_perm('admin');
utils\require_get_params(['player_id']);
$player = Player::by_id($_GET['player_id']);
utils\require_post_params(['email']);
$player->email = $_POST['email'];
$player->save();
render_ajax('player/' . $player->id . '/', ['player' => $player]);
<?php
namespace bmtmgr;
require_once dirname(__DIR__) . '/src/common.php';
utils\csrf_protect();
$u = user\check_current();
$u->require_perm('admin');
utils\require_post_params(['name', 'season_id']);
$season = Season::by_id($_POST['season_id']);
try {
$tournament = Tournament::create($season, $_POST['name']);
$tournament->save();
} catch (utils\DuplicateEntryException $e) {
render_ajax_error('Ein Turnier mit dem Namen "' . $_POST['name'] . '" existiert bereits');
exit;
}
render_ajax('t/' . $tournament->id . '/', ['season' => $season, 'tournament' => $tournament]);
<?php
namespace bmtmgr;
require_once dirname(__DIR__) . '/src/common.php';
require_once dirname(__DIR__) . '/src/import.php';
utils\csrf_protect();
$u = user\check_current();
$u->require_perm('admin');
utils\require_get_params(['tournament_id']);
utils\require_post_params(['text']);
$tournament = Tournament::by_id($_GET['tournament_id']);
$season = $tournament->get_season();
$text = \trim($_POST['text']);
$autocreate = \array_key_exists('autocreate', $_POST);
Model::beginTransaction();
list($new_entries, $unmatched_lines) = \bmtmgr\import\import_text($tournament, $text, $autocreate);
Model::commit();
render('entry_import_result', ['user' => $u, 'breadcrumbs' => [['name' => 'Ligen', 'path' => 'season/'], ['name' => $season->name, 'path' => 'season/' . $season->id . '/'], ['name' => $tournament->name, 'path' => 't/' . $tournament->id . '/'], ['name' => 'Importieren', 'path' => 't/' . $tournament->id . '/dialog_import']], 'season' => $season, 'tournament' => $tournament, 'new_entries' => $new_entries, 'unmatched_lines' => $unmatched_lines, 'autocreate' => $autocreate]);
<?php
namespace bmtmgr;
require_once dirname(__DIR__) . '/src/common.php';
$u = user\check_current();
$u->require_perm('admin');
utils\csrf_protect();
utils\require_post_params(['tournament_url']);
if (!\preg_match('#^(https?://.*?/)[a-z]+(\\.aspx.*)$#', $_POST['tournament_url'], $m)) {
render_ajax_error('Entschuldigung, die turnier-URL "' . $_POST['tournament_url'] . '" kann leider nicht bearbeitet werden.');
exit;
}
$base_url = $m[1];
$clubs_url = $base_url . 'clubs' . $m[2];
$clubs_content = \file_get_contents($clubs_url);
if (!preg_match('#<div id="divTournamentHeader" class="header">\\s*<div class="title"><h3>(.*)</h3>#', $clubs_content, $m)) {
throw new \Exception('Cannot find season name');
}
$name = \html_entity_decode($m[1], ENT_QUOTES | ENT_HTML5, 'utf-8');
Model::beginTransaction();
$season = Season::fetch_optional('WHERE name=?', [$name]);
if (!$season) {
$season = Season::create($name, false, $_POST['tournament_url']);
$season->save();
}
$players = [];
if (!\preg_match_all('#<td><a href="club\\.aspx(?P<club_path>\\?id=[^"]+)&club=(?P<club_num>[0-9]+)">(?P<name>[^<]+)</a></td><td class="right">(?P<id>[0-9-]+)</td>#', $clubs_content, $matches, PREG_SET_ORDER)) {
throw new \Exception('Cannot find any club entries!');
}
foreach ($matches as $m) {
<?php
namespace bmtmgr;
require_once dirname(__DIR__) . '/src/common.php';
utils\csrf_protect();
$u = user\check_current();
$u->require_perm('admin');
utils\require_get_params(['discipline_id']);
utils\require_post_params(['note', 'capacity']);
$discipline = Discipline::by_id($_GET['discipline_id']);
$discipline->capacity = $_POST['capacity'] !== '' ? \intval($_POST['capacity']) : null;
$discipline->note = $_POST['note'];
$discipline->save();
render_ajax('d/' . $discipline->id . '/', ['discipline' => $discipline]);
<?php
namespace bmtmgr;
require_once dirname(__DIR__) . '/src/common.php';
require_once dirname(__DIR__) . '/src/utils.php';
require_once dirname(__DIR__) . '/src/email.php';
utils\csrf_protect();
utils\require_post_params(array('user'));
$u = User::find_by_input($_POST['user']);
if (!$u) {
header('HTTP/1.1 404 Not Found');
render('error', array('title' => 'Benutzer nicht gefunden', 'msg' => 'Benutzer "' . $_POST['user'] . '" konnte nicht gefunden werden.'));
exit;
}
$s = $GLOBALS['db']->prepare('
INSERT INTO login_email_token (token, user_id, request_time, expiry_time, metadata_json) VALUES(?, ?, ?, ?, ?)');
$ip = $_SERVER['REMOTE_ADDR'];
$metadata = array('ip' => $ip, 'ua' => $_SERVER['HTTP_USER_AGENT']);
$token = utils\gen_token();
$request_time = time();
$expire_time = $request_time + config\get('email_token_timeout', 24 * 60 * 60);
$s->execute(array($token, $u->id, $request_time, $expire_time, json_encode($metadata)));
$login_url = \bmtmgr\utils\absolute_url() . 'login?t=' . $token;
$m = \bmtmgr\email\send($u->email, 'mails/token_request', array('name' => $u->name, 'email' => $u->email, 'token' => $token, 'until' => $request_time, 'login_url' => $login_url, 'ip' => $ip));
render('token_requested', array('sent_emails' => array($m), 'name' => $u->name, 'email' => $u->email, 'until' => $request_time, 'token_length' => strlen($token), 'ip' => $ip));
