/**
* Initializes the database link $_db with its variables
*
* Creates a new mysqli object and stores that database link for use in the
* other static methods of the class.
*
* @param string $db_URL the string of the database's URL to connect to
* @param string $db_username the string of the database username
* @param string $db_password the string of the database password
* @param string $db_name the string of the database name to connect to
* @param string $db_salt the string of the salt used for encryption
*
* @return void
* @throws die kills the page if we cannot connect. Why bother continuing?
*
* @access public
* @static
*/
public static function initialize($db_URL, $db_username, $db_password, $db_name, $db_salt)
{
self::$_db = new mysqli($db_URL, $db_username, $db_password, $db_name);
if (self::$_db->connect_errno > 0) {
die('Unable to connect to database [' . self::$_db->connect_error . ']');
}
self::$_salt = $db_salt;
}
<?php
require 'settings.ini';
require 'CourseRoadDB.php';
if (!__DEV__) {
error_reporting(0);
}
CourseRoadDB::initialize($db_URL, $db_username, $db_password, $db_name, $db_salt);
unset($db_URL, $db_username, $db_password, $db_name, $db_salt);
session_start();
if (isset($_POST['deleteRoad'])) {
requireCSRF();
requirePostDataFields('hash');
$hash = $_POST['hash'];
if (!$loggedin) {
dieJSON(array('error' => true, 'errorDesc' => 'Not logged in', 'hash' => $oldhash));
}
if ($athena !== hashOwner($hash) && $hash !== 'null') {
dieJSON(array('error' => true, 'errorDesc' => 'Bad owner or hash', 'hash' => $oldhash));
}
if ($hash !== 'null') {
CourseRoadDB::deleteRoad($hash, $athena);
}
dieJSON(array('success' => true, 'hash' => $hash));
}
// When the user saves changes to their user prefs, we update their prefs if
// they're logged in and redisplay the userprefs HTML.
if (isset($_POST['viewUserSettings'])) {
requireCSRF();
$_SESSION['user']['class_year'] = intval($_POST['class_year']);
$_SESSION['user']['view_req_lines'] = $_POST['toggle_view_req_lines'] === '1' ? 1 : 0;
$_SESSION['user']['autocomplete'] = $_POST['toggle_autocomplete'] === '1' ? 1 : 0;
$_SESSION['user']['edited'] = $loggedin ? 0 : 1;
if ($loggedin) {
CourseRoadDB::updateUserPrefs($athena, $_SESSION['user']);
}
dieJSON(array('success' => true, 'html' => makeUserSettingsHTML()));
}
if (__DEV__ && isset($_GET['dev'])) {
dieJSON(array('debug' => true, '$_POST' => @$_POST, '$_SESSION' => @$_SESSION, '$_SERVER' => @$_SERVER));
}
}
// The cert is valid and the user is trying to log in, so extract their athena
$athena = strstr($_SERVER['SSL_CLIENT_S_DN_Email'], '@', true);
// Assert the existence of the user session prefs
if (!isset($_SESSION['user'])) {
$_SESSION['user'] = getDefaultUserPrefs();
}
// Try to determine the user's class year from LDAP data
if (!CourseRoadDB::userExists($athena)) {
$ldap_data = fetchDataFromLDAP($athena);
$cur_year = @$ldap_data['mitDirStudentYear'] ?: 1;
$_SESSION['user']['class_year'] = getCurrentAcademicYear() + 4 - $cur_year;
$_SESSION['user']['edited'] = true;
}
// Create a row for the user (default values are chosen for class_year et al)
CourseRoadDB::addUser($athena);
if ($_SESSION['user']['edited']) {
CourseRoadDB::updateUserPrefs($athena, $_SESSION['user']);
}
// We've attempted auth
$_SESSION['triedcert'] = true;
$_SESSION['athena'] = $athena;
$_SESSION['saveas'] = $_SESSION['crhash'] . '';
// If we're also trying to Save with Log In, then update the hash and copy
// the old row.
if (isset($_SESSION['trycert'])) {
$_SESSION['trycert'] = false;
$_SESSION['saveas'] = defaultOwnedHashName($_SESSION['athena']);
CourseRoadDB::copyRoad($_SESSION['crhash'], $_SESSION['saveas'], $athena);
}
redirectHash($_SESSION['saveas']);
* By: Danny Ben-David (dannybd@mit.edu)
*/
require 'functions.php';
// Beginnings of an external API hook. From a comma-separated list of classes,
// a year value and a term, this will drop a set of classes into CourseRoad, to
// be saved by the user.
if (isset($_GET['addclasses'])) {
if (!isset($_GET['year'])) {
$_GET['year'] = false;
}
if (!isset($_GET['term'])) {
$_GET['term'] = 1;
}
// SESSION.add_new_term holds onto the new term's data
$_SESSION['add_new_term'] = array('year' => $_GET['year'], 'term' => $_GET['term'], 'classes' => explode(',', $_GET['addclasses']));
if (!(isset($_GET['hash']) && CourseRoadDB::hashExists($_GET['hash']))) {
$_GET['hash'] = '';
}
}
// Record failed login attempts (when user denies login after pressing Login)
if (isset($_GET['triedlogin'])) {
$_SESSION['triedcert'] = true;
redirectHash($_SESSION['crhash']);
}
// A visible "?hash=" in the URL is unwanted, so we redirect to remove it,
// but first store the hash to make loading faster.
if (isset($_GET['hash'])) {
redirectHash(urldecode($_GET['hash']));
}
// Store that we've been to index.php.
$_SESSION['wenttoindex'] = true;
function importUserPrefs($athena)
{
// If logged in, repopulate the user prefs with their real values.
$userprefs = CourseRoadDB::getUserPrefs($athena);
foreach ($userprefs as $pref_key => $pref_value) {
$_SESSION['user'][$pref_key] = $pref_value;
}
}
<?php
error_reporting(E_ALL);
header("Content-type: text/javascript;");
if (isset($_GET['date'])) {
die(date("d-M-Y", time() - 10 * 86400));
}
require 'connect.php';
if (!__DEV__) {
header('Location: ./index.php');
die;
}
// DEV ONLY
$db = CourseRoadDB::getDB();
$filename = '../../../cron_scripts/output.html';
$file = file_get_contents($filename);
if (isset($_GET['verbose'])) {
echo preg_replace("/\\s*[\r\n]\\s*/", '', $file);
}
$test_mode = isset($_GET['test']);
if ($test_mode) {
echo "Running in TEST mode:\n\n";
}
preg_match_all("/<td[^>]*>\n(.*?)\n<\\/td>/s", $file, $matches);
$matches = $matches[1];
if (!count($matches)) {
file_put_contents($filename, '');
die("No matches/changes\n");
}
$headers = explode(',', 'Academic Year,Subject Id,Subject Code,Subject Number,Source Subject Id,' . 'Print Subject Id,Is Printed In Bulletin,Department Code,Department Name,' . 'Effective Term Code,Subject Short Title,Subject Title,Is Variable Units,' . 'Lecture Units,Lab Units,Preparation Units,Total Units,Design Units,' . 'Grade Type,Grade Type Desc,Grade Rule,Grade Rule Desc,Hgn Code,Hgn Desc,' . 'Hgn Except,Gir Attribute,Gir Attribute Desc,Comm Req Attribute,' . 'Comm Req Attribute Desc,Tuition Attribute,Tuition Attribute Desc,' . 'Write Req Attribute,Write Req Attribute Desc,Supervisor Attribute,' . 'Supervisor Attribute Desc,Prerequisites,Subject Description,' . 'Joint Subjects,School Wide Electives,Meets With Subjects,' . 'Equivalent Subjects,Is Offered This Year,Is Offered Fall Term,' . 'Is Offered Iap,Is Offered Spring Term,Is Offered Summer Term,' . 'Fall Instructors,Spring Instructors,Status Change,Last Activity Date,' . 'Warehouse Load Date,Master Subject Id,Hass Attribute,Hass Attribute Desc,' . 'Term Duration,Global Regions,Global Countries,On Line Page Number');
foreach ($headers as &$header) {