public static function renderEnd($printErrors = true) { if ($printErrors && Error::hasErrors()) { Error::printErrors(); } echo self::getHtmlEnd(); }
function add($postArray) { $db = new db(); include_class('venues'); $e = new Error(); $name = $db->sanitize_to_db($postArray['name']); $dt = $db->sanitize_to_db($postArray['date']); $date = date("Y-m-d", strtotime($dt)); if ($postArray['time']) { $time = $db->sanitize_to_db($postArray['time']); $time = "'" . date("H:i:s", strtotime($time)) . "'"; } else { $time = "null"; } if ($postArray['cost'] != "") { $cost = $db->sanitize_to_db($postArray['cost']); $cost = "'{$cost}'"; } else { $cost = "null"; } $is_all_ages = $postArray['is_all_ages'] == '1' ? 1 : 0; $other_bands = $db->sanitize_to_db($postArray['other_bands']); $notes = $db->sanitize_to_db($postArray['notes']); if (User::isAdmin()) { $uo = User::get($postArray['user_id']); if (db::isError($uo)) { $e->add($uo); } else { if (!$uo->isAdmin() && $uo->isBandMember()) { $e->add("Invalid user. User must be a band member or an administrator."); } } } else { $uo = User::getCurrent(); } if ($postArray['venue_id'] != '0') { $ve = Venue::get($postArray['venue_id']); } if (db::isError($ve)) { $e->add($ve); } if ($e->hasErrors()) { return $e; } $user_id = $uo->getID(); $venue_id = $db->sanitize_to_db($postArray['venue_id']); if (!$name) { $name = is_object($ve) && !db::isError($ve) ? $db->sanitize_to_db($ve->getName()) : "(untitled show)"; } $r = mysql_query("insert into Shows (name, venue_id, date, time, user_id, cost, is_all_ages, other_bands, notes, is_active) values ('{$name}', '{$venue_id}', '{$date}', {$time}, {$user_id}, {$cost}, {$is_all_ages}, '{$other_bands}', '{$notes}'," . DEFAULT_ACTIVE . ")"); if ($r) { return Show::get(mysql_insert_id()); } else { return Error::MySQL(); } }
function update($postArray) { $db = new db(); $e = new Error(); if (User::isAdmin()) { $password = $db->sanitize_to_db($postArray['password']); $confirmPassword = $db->sanitize_to_db($postArray['password_confirm']); $passwordHash = null; if ($password != null && $password != "") { // something has been entered for password if ($password == $confirmPassword) { if (strlen($password) > 4) { $passwordHash = md5($password); } else { $e->add("A user password must be at least 5 characters."); } } else { $e->add("The two passwords do not match."); } } $firstname = $db->sanitize_to_db($postArray['firstname']); if (!$firstname) { $e->add("A user entry must contain a first name."); } $lastname = $db->sanitize_to_db($postArray['lastname']); $email = $db->sanitize_to_db($postArray['email']); $_dt = strtotime($db->sanitize_to_db($postArray['birthdate'])); $birthdate = date('Y-m-d', $_dt); $validAccess = array("USER", "ADMIN"); $level = !in_array($postArray['level'], $validAccess) ? "USER" : $postArray['level']; if ($e->hasErrors()) { return $e; } else { // first we update the users record $passwordQuery = $passwordHash != null ? "password = '******'," : ""; $result = @mysql_query("update Users set {$passwordQuery} lastname='{$lastname}', firstname='{$firstname}', birthdate='{$birthdate}', email='{$email}', level = '{$level}' where ID = {$this->ID}"); if (!$result) { $e->add(mysql_error()); } if ($e->hasErrors()) { return $e; } else { return true; } } } else { $e->add("You may not edit this user's information."); return $e; } }
function update($postArray) { $db = new db(); $e = new Error(); if (User::isAdmin()) { $genreID = $db->sanitize_to_db($postArray['genreID']); if (!$this->isValidGenreID($postArray['genreID'])) { $e->add("Invalid genre specified"); } $name = $db->sanitize_to_db($postArray['name']); if ($name == '' || $name == null) { $e->add("You must specify a name for your band."); } $managerName = $db->sanitize_to_db($postArray['managerName']); $address1 = $db->sanitize_to_db($postArray['address1']); $address2 = $db->sanitize_to_db($postArray['address2']); $city = $db->sanitize_to_db($postArray['city']); $stateProvince = $db->sanitize_to_db($postArray['stateProvince']); if ($stateProvince == "??") { $stateProvince = $db->sanitize_to_db($postArray['stateProvinceOther']); } $postalCode = $db->sanitize_to_db($postArray['postalCode']); $bio = $db->sanitize_to_db($postArray['bio']); $miscellaneous = $db->sanitize_to_db($postArray['miscellaneous']); $country = $db->sanitize_to_db($postArray['country']); $defaultStateProvince = $db->sanitize_to_db($postArray['defaultStateProvince']); if ($defaultStateProvince == "??") { $defaultStateProvince = $db->sanitize_to_db($postArray['defaultStateProvince']); } $defaultCountry = $db->sanitize_to_db($postArray['defaultCountry']); $defaultCity = $db->sanitize_to_db($postArray['defaultCity']); $description = $db->sanitize_to_db($postArray['description']); if ($e->hasErrors()) { return $e; } $q = "delete from Band_Information"; $r = mysql_query($q); if (!$r) { return Error::MySQL(); } $q = "insert into Band_Information (name, managerName, address1, address2, city, stateProvince, postalCode, bio, miscellaneous, country, defaultStateProvince, defaultCountry, defaultCity, genreID, description) "; $q .= "values ('{$name}', '{$managerName}', '{$address1}', '{$address2}', '{$city}', '{$stateProvince}', '{$postalCode}', '{$bio}', '{$miscellaneous}', '{$country}', '{$defaultStateProvince}', '{$defaultCountry}', '{$defaultCity}', '{$genreID}', '{$description}')"; $r = mysql_query($q); // ping auditionrocks.com // aborted attempt at creating an audition directory /* include_class('xmlrpc'); $xc = new xmlrpc_client("/ping/", "www.auditionrocks.com"); $message = new xmlrpcmsg("audition.pingBack", array( new xmlrpcval($_SERVER["HTTP_HOST"] . SITE_WEB_DIRECTORY, "string"), new xmlrpcval($name, "string"), new xmlrpcval($bio, "string"), new xmlrpcval($genreID, "int"), new xmlrpcval($city, "string"), new xmlrpcval($stateProvince, "string"), new xmlrpcval($postalCode, "string"), new xmlrpcval($country, "string")) ); $response = $xc->send($message, 5, "POST"); */ if ($r) { return true; } else { return Error::create("An unexplained error occurred when trying to update your information."); } } }
function update($postArray) { $db = new db(); $e = new Error(); $firstname = $db->sanitize_to_db($postArray['firstname']); if (!$firstname) { $e->add("A guest performer entry must contain a first name."); } $lastname = $db->sanitize_to_db($postArray['lastname']); $function = $db->sanitize_to_db($postArray['function']); if (!$function) { $e->add("A guest performer must serve a function."); } $description = $db->sanitize_to_db($postArray['description']); $website = $db->sanitize_to_db($postArray['website']); if ($e->hasErrors()) { return $e; } if (User::isAdmin()) { $r = @mysql_query("update Band_Guest_Performers set firstname='{$firstname}', lastname='{$lastname}', function='{$function}', description='{$description}', website='{$website}' where ID = {$this->ID}"); if (!$r) { return Error::MySQL(); } else { return $this; } } else { return Error::create("Only an administrator may update guest performers."); } }
function delete() { $e = new Error(); if (User::isAdmin()) { $q = "select ID from DarkRoom_Media_to_Areas where area_id = {$this->ID}"; $r = mysql_query($q); if ($r) { while ($row = mysql_fetch_assoc($r)) { $mi = MediaInstance::get($row['ID']); if (!db::isError($mi)) { $res = $mi->delete(); if (db::isError($res)) { $e->add($res); } } else { $e->add($mi); } } if (!$e->hasErrors()) { // first, we update all the areas that were directly underneath this error to have the parent id of this area's parent $q = "update DarkRoom_Areas set parent_id = {$this->parent_id} where parent_id = {$this->ID}"; $r = mysql_query($q); if ($r) { $q = "delete from DarkRoom_Media_to_Areas where area_id = {$this->ID}"; $r1 = mysql_query($q); $q = "delete from DarkRoom_Areas where ID = {$this->ID}"; $r2 = mysql_query($q); if ($r1 && $r2) { return true; } else { $e->add(mysql_error()); return $e; } } else { $e->add(mysql_error()); return $e; } } } else { $e->add(mysql_error()); return $e; } } else { $e->add('Only an administrator may delete areas.'); return $e; } }
User::protect(); $section = 'admin_streaming_audio'; include_class('config'); $conf = new Config(); if ($_GET['task'] == 'update') { $args = array("streamingAudioFilesPath", "streamingAudioServerURL"); $r1 = $conf->update('streamingAudioFilesPath', $_POST['streamingAudioFilesPath']); $r2 = $conf->update('streamingAudioServerURL', $_POST['streamingAudioServerURL']); $er = new Error(); if (db::isError($r1)) { $er->add($r1); } if (db::isError($r2)) { $er->add($r2); } if (!$er->hasErrors()) { header('Location: admin_streaming_audio.php'); exit; } } $page_title = 'Streaming Audio Setup'; include 'layout/header.php'; ?> <div id="breadcrumb"> <a href="index.php">Audition ></a> <a href="admin.php">Administer Audition ></a> Streaming Audio Setup </div> <?php $u = User::getCurrent(); if (!$u->isAdmin()) { Error::outputDialog('Return to Main Menu', 'index.php', 'Only an administrator may access administrator options.');
function update($postArray) { $db = new db(); $e = new Error(); if ($this->canEdit()) { $password = $db->sanitize_to_db($postArray['password']); $confirmPassword = $db->sanitize_to_db($postArray['password_confirm']); $passwordHash = null; if ($password != null && $password != "") { // something has been entered for password if ($password == $confirmPassword) { if (strlen($password) > 4) { $passwordHash = md5($password); } else { $e->add("A user password must be at least 5 characters."); } } else { $e->add("The two passwords do not match."); } } $firstname = $db->sanitize_to_db($postArray['firstname']); if (!$firstname) { $e->add("A band member entry must contain a first name."); } $lastname = $db->sanitize_to_db($postArray['lastname']); $role = $db->sanitize_to_db($postArray['role']); if (!$role) { $e->add("A band member entry must contain a role."); } $email = $db->sanitize_to_db($postArray['email']); $_dt = strtotime($db->sanitize_to_db($postArray['birthdate'])); $birthdate = date('Y-m-d', $_dt); $equipment = $db->sanitize_to_db($postArray['equipment']); $influences = $db->sanitize_to_db($postArray['influences']); $bio = $db->sanitize_to_db($postArray['bio']); if ($e->hasErrors()) { return $e; } else { // first we update the users record $passwordQuery = $passwordHash != null ? "password = '******'," : ""; $result = @mysql_query("update Users set {$passwordQuery} lastname='{$lastname}', firstname='{$firstname}', birthdate='{$birthdate}', email='{$email}' where ID = {$this->user_id}"); if (!$result) { $e->add(mysql_error()); } $result2 = mysql_query("update Band_Members set role='{$role}', equipment='{$equipment}', influences='{$influences}', bio='{$bio}' where ID = " . $this->ID); if (!$result2) { $e->add(mysql_error()); } if ($e->hasErrors()) { return $e; } else { return true; } } } else { $e->add("You may not edit this band member's information."); return $e; } }
<?php define('AUDITION_INSTALLING', true); include '../base.php'; $e = new Error(); $page_title = 'Install Audition'; if ($_POST['submit']) { if (!trim($_POST['dbServer'])) { $e->add("You must specify a valid database server. 'localhost' (no quotes) is typically the most often supplied."); } if (!trim($_POST['dbName'])) { $e->add("You must specify a valid database."); } if (!$e->hasErrors()) { // attempt to connect to the database $res = db::connect($_POST['dbServer'], $_POST['dbUser'], $_POST['dbPassword'], $_POST['dbName']); if (db::isError($res)) { $e->add("There was an error connecting to the database specified: " . $res->get()); } } if (!trim($_POST['username'])) { $e->add("Please specify an admin username."); } if (!trim($_POST['password'])) { $e->add("Please specify an admin password."); } if (trim($_POST['password']) != trim($_POST['passwordConfirm'])) { $e->add("Your two passwords do not match."); } if (!trim($_POST['email'])) { $e->add("Please specify an email address.");