function pick_id($seq)
{
    // FIXME: check $seq
    $result = sql_do('SELECT nextval(\'' . $seq . '\')');
    if ($result->numRows() != 1) {
        append_error('Unable to fetch a fresh ID.');
        return 0;
    }
    return $result->fetchOne();
}
Example #2
0
function myExceptionHandler($exception)
{
    append_error('Uncaught exception: ' . $exception->getMessage() . '<br/>');
    //$exception->getTraceAsString());
}
Example #3
0
function api_login($username, $password)
{
    global $db, $dom, $root, $board_url, $phpEx, $option, $user, $auth;
    $login = $auth->login($username, $password, false, 0, 0);
    switch ($login['status']) {
        case LOGIN_ERROR_PASSWORD:
            append_error('login', 'Incorrect password');
            return;
        case LOGIN_ERROR_USERNAME:
            append_error('login', 'No such user');
            return;
        case LOGIN_ERROR_ATTEMPTS:
            append_error('login', 'Exceeded login attempt limit');
            return;
        case LOGIN_SUCCESS:
            api_get_userinfo($user->data['user_id']);
            return;
        default:
            append_error('login', 'Login error code: ' . $login['status']);
            return;
    }
}
            append_error('Month cannot be empty');
        }
        if (empty($_GET['day'])) {
            append_error('Day cannot be empty');
        }
        if (!errors() && mktime(0, 0, 0, $_GET['month'], $_GET['day'], $_GET['year']) > time() - 10000) {
            append_error('Date should not be in the future');
        }
        #blabla
        if (!errors()) {
            // do the job
            // recuperer l'idRel fraichement créé
            http_redir('/project/view.php?id_rel=FIXME');
        }
    } else {
        append_error('Malformed form, please use the correct html page');
    }
}
?>
<h1>Add a new release to the project 'GraphTool'</h1>

<?php 
flush_errors();
?>

<form>
<table>
<tr><th>Version name</th><td><input type="text" name="version" value="<?php 
echo isset($_GET['version']) ? $_GET['version'] : "";
?>
"/></td></tr>
Example #5
0
            $mobile_value = "";
        }
        // verify not empty and not used mobile number
        if ($mobile_value && mobile_not_used($mobile_value)) {
            $secret_code = safe_rand(100000, 999999);
            $_SESSION['mobile_value'] = $mobile_value;
            $_SESSION['mobile_code'] = $secret_code;
            // accept any +380 mobile w/o sms test
            if (!empty($settings['disable_sms_test'])) {
                set_test_passed('mobile');
                redirect('step4.php');
            }
            send_mobile_code($mobile_value, $secret_code);
            $mobile_code = "";
        } else {
            append_error("Цей номер телефону неможливо використати.");
            $mobile_value = "";
        }
    }
} else {
    /**
     * get mobile number from session if present
     */
    if (isset($_SESSION['mobile_value'])) {
        $mobile_value = $_SESSION['mobile_value'];
    }
}
if ($mobile_value) {
    $mobile_readonly = ' readonly="readonly"';
}
require get_template('step3');
    echo '<a href="' . REMOTE_PATH . '/user/index.php">Back to user configuration</a> || <a href="' . REMOTE_PATH . '/index.php">Back home</a>';
    exit;
}
// permission du visiteur sur le projet
/*
if ($_SESSION['id'] != 34567) {
	append_error('Can\'t modify project: permission denied');
	http_redir('/project/view_project.php?idPrj=456789');
} */
flush_errors();
if (isset($_GET['action']) && $_GET['action'] == "Apply") {
    if (!isset($_GET['description']) || !isset($_GET['homepage']) || !isset($_GET['screenshot']) || !isset($_GET['download'])) {
        append_error('Invalid arguments');
    } else {
        if (empty($_GET['homepage'])) {
            append_error('Warning: Homepage is mandatory!');
            http_redir('/project/modify_project.php?idPrj=456789');
        } else {
            // do the job: modify the data
            http_redir('/project/view_project.php?idPrj=456789');
        }
    }
} else {
    if (isset($_GET['action']) && $_GET['action'] == "Add an admin for this project") {
        ?>

<h1>Project Administration: GraphTool (<?php 
        echo $_GET['idPrj'];
        ?>
)</h1>
Example #7
0
require_once 'igoan/Category.class.php';
// permission de l'user (admin global)
$me = user_get_by_id($_SESSION['id']);
if (!$me || !$me->is_global_admin()) {
    append_error_exit('Permission denied: global admin flag required');
}
/* ajout d'une categorie */
if (isset($_GET['action']) && $_GET['action'] == "Ajouter" && isset($_GET['index']) && isset($_GET['nom'])) {
    append_error("inserting category " . $_GET['nom'] . " (" . $_GET['index'] . ')');
    if (category_new($_GET['index'], $_GET['nom']) == -1) {
        append_error('Error: parent category is full');
    }
}
/* suppression d'une categorie */
if (isset($_GET['action']) && $_GET['action'] == "Effacer" && isset($_GET['idCat'])) {
    append_error("deleting category " . $_GET['idCat']);
    $cat = category_get_by_id($_GET['idCat']);
    if ($cat) {
        $cat->delete();
    }
}
/* recuperation de la liste */
$all_cats = category_list_all();
$select = "<select name='idCat'>\n";
$select2 = "<select name='index'>\n";
for ($i = 0; $i < count($all_cats); $i++) {
    $select .= "<option value='" . $all_cats[$i][0] . "'>" . $all_cats[$i][1] . " " . $all_cats[$i][2] . "</option>\n";
    $select2 .= "<option value='" . $all_cats[$i][1] . "'>" . $all_cats[$i][1] . " " . $all_cats[$i][2] . "</option>\n";
}
?>
<h2>Gestion des catégories</h2>
Example #8
0
        http_redir('/index.php');
    }
    $my_branch_id = $my_prj->get_default_branch();
    if ($my_branch_id) {
        $my_branch = branch_get_by_id($my_branch_id);
    }
    // c'est possible qu'il n'y ait pas de branche :(
    if ($my_branch) {
        $my_rel_id = $my_branch->get_last_release();
        if ($my_rel_id) {
            $my_rel = release_get_by_id($my_rel_id);
        }
    }
    $request = $my_prj;
} else {
    append_error('No project requested.');
    http_redir('/index.php');
}
// is the visitor an admin/maintainer ?
$isadmin = $me && $my_prj->is_admin($me->get_id_user());
$ismaint = $isadmin || $me && $my_branch->is_maintainer($me->get_id_user());
// the branches and releases to show
$releases = $my_branch ? $my_branch->list_releases() : 0;
$branches = $my_prj->list_branches();
//($my_branch && !$isadmin) ? $my_branch->get_id_branch() : -1);
// processing datas to be shown
// PAGE TITLE
$d_full_title = $my_prj->get_name_prj();
if ($my_rel) {
    $d_full_title .= ' - ' . $my_rel->get_name_rel();
}
Example #9
0
require_once 'igoan/License.class.php';
// permission de l'user (admin global)
$me = user_get_by_id($_SESSION['id']);
if (!$me || !$me->is_global_admin()) {
    append_error_exit('Permission denied: global admin flag required');
}
/* ajout */
if (isset($_GET['action']) && $_GET['action'] == "Ajouter" && isset($_GET['nom']) && isset($_GET['url'])) {
    append_error('inserting license: ' . $_GET['nom']);
    if (license_new($_GET['nom'], $_GET['url']) == -1) {
        append_error('error');
    }
}
/* suppression */
if (isset($_GET['action']) && $_GET['action'] == "Effacer" && isset($_GET['idLic'])) {
    append_error('deleting license: ' . $_GET['idLic']);
    $lic = license_get_by_id($_GET['idLic']);
    $lic->delete();
}
/* recuperation de la liste */
$list = license_list();
$select = "<select name='idLic'>\n";
while (list(, $tuple) = each($list)) {
    $select .= "<option value='" . $tuple[0] . "'>" . $tuple[0] . " " . $tuple[1] . " (" . $tuple[2] . ")</option>\n";
}
?>
<h2>Gestion des licences</h2>

<?php 
flush_errors();
?>
Example #10
0
if (!$id_prj) {
    append_error_exit('You have to specify a project.');
}
$prj = project_get_by_id($id_prj);
if (!$prj) {
    append_error_exit('Invalid project number #' . $id_prj . '.');
}
if (!$prj->is_admin($me->get_id_user())) {
    append_error_exit('Sorry, you are not an admin for this project.');
}
// ADDING A BRANCH
if (!empty($_GET['name_branch'])) {
    $id_branch = branch_new($_GET['name_branch'], $prj->get_id_prj());
    $branch = branch_get_by_id($id_branch);
    if (!$branch) {
        append_error('Unable to create a new branch');
    }
    if (!errors()) {
        http_redir('/project/view.php?id_branch=' . $branch->get_id_branch());
    }
}
?>



<?php 
// OUTPUT
header_box("Igoan :: Adding a new branch to a project");
flush_errors();
?>
<div id="main">
Example #11
0
  Email: ' . $_GET['email'] . '

Your automatically generated password is \'' . $new->get_passwd() . '\'.
You have to login with your newly created account on the Igoan website
(http://www.igoan.org/user/login.php) and change your password to
activate your account.
Then you will be able to register new projects on our databases.

Best regards,
The Igoan Team.
', 'From: Igoan Registration Process <register@igoan.org>');
            } else {
                append_error('Unable to fetch new user informations');
            }
        } else {
            append_error('Unable to create new user');
        }
    }
}
header_box('Igoan :: New User');
?>
<div id="main">
<?php 
if (!errors() and isset($login)) {
    ?>
	<h2>Registration submitted</h2>
	<div class="abstract">
		<p>
			A mail has been sent to <em><?php 
    echo $_GET['email'];
    ?>
Example #12
0
require_once 'igoan/Project.class.php';
require_once 'igoan/Branch.class.php';
require_once 'igoan/Release.class.php';
if (isset($_GET['id'])) {
    $requested = user_get_by_id($_GET['id']);
    if (!$requested) {
        append_error("Error: unknow user id ({$_GET['id']})");
    }
} else {
    if ($_SESSION['id']) {
        $requested = user_get_by_id($_SESSION['id']);
        if (!$requested) {
            append_error("Error: unknow user id ({$_SESSION['id']})");
        }
    } else {
        append_error('Error: no user id given');
    }
}
if (errors()) {
    flush_errors_exit();
}
// MISC
$d_misc = '';
$igoan_admin = '';
$valid_account = '';
if ($requested->is_global_admin()) {
    $igoan_admin = '<li>This user is an igoan admin. </li>';
}
if (!$requested->get_valid_user()) {
    $valid_account = '<li>This user hasn\'t activated his account yet. </li>';
}
Example #13
0
}
/**
 * Handle form data
 */
if ($_POST) {
    $ukr_citizen = post_arg('ukr_citizen');
    $personal_data = post_arg('personal_data');
    $captcha_res = captcha_verify();
    $current_date = date('Y-m-d H:i:s');
    if (!$ukr_citizen) {
        append_error("Не підтверджена згода з правилами голосування.");
    }
    if (!$personal_data) {
        append_error("Немає згоди на обробку персональних даних.");
    }
    if (!$captcha_res) {
        append_error("Не пройдено тест на роботів!");
    }
    if ($current_date < $settings['open_elections_time']) {
        append_error("Вибори ще не розпочались.");
    }
    if ($current_date > $settings['close_elections_time']) {
        append_error("Вибори вже закінчились.");
    }
    if (empty($_ERRORS) && $ukr_citizen && $personal_data && $captcha_res) {
        init_user_session();
        set_test_passed('captcha');
        redirect('step2.php');
    }
}
require get_template('step1');
        $prj = project_get_by_id($id_prj);
        if (!$prj) {
            sql_do('ROLLBACK');
            append_error('Unable to retrieve the created project, please contact the administrator.');
        }
    }
    // on place un admin/owner
    if (!errors()) {
        $prj->add_admin($me->get_id_user(), 1);
    }
    // on crée une branche ...
    if (!errors()) {
        $id_branch = branch_new('main', $prj->get_id_prj());
        if (!$id_branch) {
            sql_do('ROLLBACK');
            append_error('Unable to create the default branch, please contact the administrator.');
        }
    }
    // ... par défaut
    if (!errors()) {
        $prj->set_default_branch($id_branch);
        $prj->write();
    }
    if (!errors()) {
        sql_do('COMMIT');
        http_redir('/project/view.php?id_prj=' . $id_prj);
    } else {
        sql_do('ROLLBACK');
    }
}
header_box("Igoan :: Adding a new project");
Example #15
0
# Igoan is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Igoan; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
// existence de la release
if (!isset($_GET['idRel']) || $_GET['idRel'] != 123460) {
    append_error_exit('Bad Release ID');
}
if (isset($_GET['confirm']) && $_GET['confirm'] == 'Yes') {
    // do the job
    append_error('Release successfully deleted');
    http_redir('/project/view_project.php?idPrj=456789');
}
?>

<h1>Release Deletion</h1>

Do you really want to delete this release 'GraphTool' version 'graphtool-0.2-pre1' ?
<form>
	<input type="submit" name="confirm" value="Yes" />
	<input type="hidden" name="idRel" value="123460" /></form>
<form action="/project/view_release.php">
	<input type="submit" value="No" />
	<input type="hidden" name="idRel" value="123460" /></form>
	
<br /><br/><hr />
Example #16
0
function user_new_pseudo($name, $email)
{
    $result = sql_do('SELECT id_user FROM ' . DB_PREF . '_users WHERE mail=\'' . $email . '\'');
    if ($result->numRows()) {
        append_error("This email address is already registered. Please choose another.");
        return 0;
    }
    try {
        $result = sql_do('INSERT INTO ' . DB_PREF . '_users (name_user,mail,date_user,valid_user) VALUES (\'' . str($name) . '\',\'' . str($email) . '\',\'' . date('Y-m-d H:i:s') . '\',0)');
    } catch (DatabaseException $e) {
        //append_error("Unknown error executing [$sql].");
        return 0;
    }
    return sql_last_id();
}
Example #17
0
        // some checks before send code
        if (strlen($email_value) < 6) {
            $email_value = "";
        }
        if (strpbrk($email_value, " ,;'\"\t\n") !== false) {
            $email_value = "";
        }
        // verify not empty and not used email then send code
        if ($email_value && email_not_used($email_value)) {
            $secret_code = safe_rand(100000, 999999);
            $_SESSION['email_value'] = $email_value;
            $_SESSION['email_code'] = $secret_code;
            send_email_code($email_value, $secret_code);
            $email_code = "";
        } else {
            append_error("Цю адресу неможливо використати.");
            $email_value = "";
        }
    }
} else {
    /**
     * get code from query string if present
     */
    if (isset($_SESSION['email_value'])) {
        $email_value = $_SESSION['email_value'];
    }
    if (isset($_GET['code'])) {
        $email_code = $_GET['code'];
    }
}
if ($email_value) {
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Igoan; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
// est-ce que la release existe ?
if (!isset($_GET['idRel']) || $_GET['idRel'] != '123460') {
    append_error('No release specified or release unknown');
    flush_errors_exit();
}
// l'user concerné est-il admin du projet ?
if ($_SESSION['id'] != 34567) {
    append_error('Can\'t modify project: permission denied');
    http_redir('/project/view_release.php?idRel=123460');
}
if (isset($_GET['action']) && $_GET['action'] == 'Apply') {
    // do the job
    http_redir('/project/view_release.php?idRel=123460');
}
?>

<h1>Change release information</h1>

<form>
<table>
<tr><th>idRel</th><td>34567</td></tr>
<tr><th>Version</th><td><input type="text" name="version" value="graphtool-0.2pre1" /></td></tr>
<tr><th>Date</th><td>
Example #19
0
require_once 'igoan/Platform.class.php';
// permission de l'user (admin global)
$me = user_get_by_id($_SESSION['id']);
if (!$me || !$me->is_global_admin()) {
    append_error_exit('Permission denied: global admin flag required');
}
/* ajout */
if (isset($_GET['action']) && $_GET['action'] == "Ajouter" && isset($_GET['nom'])) {
    append_error('inserting platform: ' . $_GET['nom']);
    if (platform_new($_GET['nom']) == -1) {
        append_error('error');
    }
}
/* suppression */
if (isset($_GET['action']) && $_GET['action'] == "Effacer" && isset($_GET['idPf'])) {
    append_error('deleting platform: ' . $_GET['idPf']);
    $pf = platform_get_by_id($_GET['idPf']);
    $pf->delete();
}
/* recuperation de la liste */
$list = platform_list();
$select = "<select name='idPf'>\n";
while (list(, $tuple) = each($list)) {
    $select .= "<option value='" . $tuple[0] . "'>" . $tuple[0] . " " . $tuple[1] . "</option>\n";
}
?>
<h2>Gestion des plateformes</h2>

<?php 
flush_errors();
?>
function project_new($name_prj, $shortname, $description, $homepage)
{
    $result = sql_do('SELECT id_prj FROM projects WHERE shortname=\'' . str($shortname) . '\'');
    if ($result->numRows()) {
        append_error("Shortname '{$shortname}' already taken.");
        return 0;
    }
    $id_prj = pick_id('projects_id_prj_seq');
    try {
        $result = sql_do('INSERT INTO projects (id_prj,name_prj,shortname,desc_prj,url_prj,date_prj,valid_prj) VALUES (\'' . int($id_prj) . '\',\'' . str($name_prj) . '\',\'' . str($shortname) . '\',\'' . str($description) . '\',\'' . str($homepage) . '\',\'' . date('Y-m-d H:i:s') . '\',0)');
    } catch (DatabaseException $e) {
        return 0;
    }
    return $id_prj;
}
Example #21
0
# the Free Software Foundation in the version 2 of the License.
#
# Igoan is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Igoan; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
require_once 'igoan/User.class.php';
if (isset($_GET['login']) && isset($_GET['passwd'])) {
    $me = user_get_by_password($_GET['login'], $_GET['passwd']);
    if (!$me) {
        append_error('Login incorrect.');
    } else {
        $_SESSION['id'] = $me->get_id_user();
    }
    if (!errors()) {
        http_redir(empty($_GET['referer']) ? '/index.php' : $_GET['referer']);
    }
}
header_box('Igoan :: Login');
?>

<div id="main">
	<form class="admin" action="login.php">
	<?php 
flush_errors();
?>
Example #22
0
require_once 'igoan/Language.class.php';
// permission de l'user (admin global)
$me = user_get_by_id($_SESSION['id']);
if (!$me || !$me->is_global_admin()) {
    append_error_exit('Permission denied: global admin flag required');
}
/* ajout */
if (isset($_GET['action']) && $_GET['action'] == "Ajouter" && isset($_GET['nom'])) {
    append_error('inserting language: ' . $_GET['nom']);
    if (language_new($_GET['nom']) == -1) {
        append_error('error');
    }
}
/* suppression */
if (isset($_GET['action']) && $_GET['action'] == "Effacer" && isset($_GET['idLang'])) {
    append_error('deleting language: ' . $_GET['idLang']);
    $lang = language_get_by_id($_GET['idLang']);
    $lang->delete();
}
/* recuperation de la liste */
$list = language_list();
$select = "<select name='idLang'>\n";
while (list(, $tuple) = each($list)) {
    $select .= "<option value='" . $tuple[0] . "'>" . $tuple[0] . " " . $tuple[1] . "</option>\n";
}
?>
<h2>Gestion des langages de prog</h2>

<?php 
flush_errors();
?>
Example #23
0
<?php

require "system/__init__.php";
require_test_pass('captcha', 'step1.php');
require_test_pass('email', 'step2.php');
require_test_pass('mobile', 'step3.php');
next_if_test_pass('vote', 'step5.php');
/**
 * Handle form data
 */
if ($_POST) {
    $keys = array();
    if (is_array($_POST['id'])) {
        $keys = array_keys($_POST['id']);
    }
    if ($keys) {
        $keys = filter_candidates($keys);
    }
    if (count($keys) < 1) {
        append_error("Ви не обрали жодного кандидата.");
    } elseif (count($keys) > get_selected_limit()) {
        append_error("Ви обрали більше ніж дозволено кандидатів.");
    } else {
        if (safe_save_vote($keys)) {
            set_test_passed('vote');
            redirect('step5.php');
        }
    }
}
require get_template('step4');
Example #24
0
#
require_once 'igoan/User.class.php';
if (isset($_GET['action']) && $_GET['action'] == 'Change Password' && isset($_GET['oldpass']) && isset($_GET['passwd1']) && isset($_GET['passwd2'])) {
    $me = user_get_by_id($_SESSION['id']);
    if (!$me) {
        append_error_exit('User ID incorrect.');
    }
    // check the old password
    if ($_GET['oldpass'] != $me->get_passwd()) {
        append_error('Wrong old password.');
    } else {
        if ($_GET['passwd1'] != $_GET['passwd2']) {
            append_error('Passwords mismatch');
        } else {
            if (empty($_GET['passwd1'])) {
                append_error('Aha. Yes of course ...');
            }
        }
    }
    if (errors()) {
        flush_errors();
    } else {
        // do the job
        $me->set_passwd($_GET['passwd1']);
        $me->write();
        http_redir('/user/view.php');
    }
}
?>
<h1>Changing your user password</h1>
<form>
Example #25
0
                }
            } else {
                if (isset($_GET['name']) && isset($_GET['email'])) {
                    if (empty($_GET['name'])) {
                        append_error('The name is mandatory.');
                    }
                    if (empty($_GET['email'])) {
                        append_error('The e-mail address is mandatory.');
                    }
                    if (!errors()) {
                        $user_id = user_new_pseudo($_GET['name'], $_GET['email']);
                    }
                    if (!errors()) {
                        $user = user_get_by_id($user_id);
                        if (!$user) {
                            append_error('Unable to create the pseudo-user ' . $_GET['name']);
                        }
                    }
                    if (!errors()) {
                        $rel->add_author($user->get_id());
                        http_redir('/project/view.php?id_rel=' . $rel->get_id_rel());
                    }
                }
            }
        } else {
            append_error_exit('No action specified.');
        }
    }
}
?>
Example #26
0
function user_new_pseudo($name, $email)
{
    $result = sql_do("SELECT id_user FROM users WHERE mail='{$email}'");
    if ($result->numRows()) {
        append_error("This email address is already registered. Please choose another.");
        return 0;
    }
    $id_user = pick_id('users_id_user_seq');
    try {
        $result = sql_do('INSERT INTO users (id_user,name_user,mail,date_user,valid_user) VALUES (\'' . int($id_user) . '\',\'' . str($name) . '\',\'' . str($email) . '\',\'' . date('Y-m-d H:i:s') . '\',0)');
    } catch (DatabaseException $e) {
        //append_error("Unknown error executing [$sql].");
        return 0;
    }
    return $id_user;
}
Example #27
0
/**
 * save vote using database abstraction layer api
 */
function save_vote_database($table = "ballot_box")
{
    $db = db_connect();
    $row = array();
    $row['ip_addr'] = $_SESSION['ip_addr'];
    $row['email'] = $_SESSION['email_value'];
    $row['mobile'] = $_SESSION['mobile_value'];
    $row['choice'] = implode(',', $_SESSION['vote_keys']);
    if (db_row_exists($db, 'email', $row['email'])) {
        append_error("Такий e-mail вже проголосував.");
    }
    if (db_row_exists($db, 'mobile', $row['mobile'])) {
        append_error("Такий мобільний вже проголосував.");
    }
    if (db_insert_row($db, $row, $ballot_id) == false) {
        append_error("Запис голосу не вдався.");
    }
    $_SESSION['ballot_id'] = $ballot_id;
}