} } $audit_changes = array(); if ($user->id == NULL) { $new = aval($_POST, "login"); $orig = $user->login; if ($new != $orig) { $msg = sprintf("login = <%s>", $new); if ($orig != NULL && $orig != "") { $msg .= sprintf(" (was <%s>)", $orig); } array_push($audit_changes, $msg); $user->login = $new; } } $role_array = aval($_POST, "roles", array()); $new = array(); $curruser = get_user(); foreach ($role_array as $role) { if (!can_give_role($curruser, $role)) { $msg = "Attempt to give unpermitted role by {$curruser->login} to {$user->login}; role {$role}"; audit("invalid role", $msg); error_log($msg); continue; } $new[] = $role; } $orig = $user->roles; if ($new != $orig) { array_push($audit_changes, sprintf("Roles = <%s>", implode(", ", $new))); $user->roles = $new;
<?php require_once __DIR__ . "/includes/root.php"; must_allow("modify titles"); $all = aval($_GET, "all", 0); audit("title-rescan", "A rescan operation was kicked off (\$all = {$all})"); $titles = Title::all(); foreach ($titles as $title) { if ($all == "1" || !$title->validlccn) { $title->setup_marc_data(); $title->save(); } } $renderer->variable("titles", $titles); $renderer->flash_success("Rescan complete"); header("Location: title-list.php");
<?php require_once __DIR__ . "/includes/root.php"; must_allow("list titles"); $titles = Title::find_current(); $page_title = "Newspaper List"; // Hidden query param to allow viewing historic titles if (aval($_GET, "historic", 0) == 1) { $renderer->variable("historic", true); $titles = Title::find_historic(); $page_title = "Historic Newspaper List"; } $renderer->variable("titles", $titles); $renderer->variable("title", $page_title); $renderer->render("title-list");
function showdesc($id, $root = '') { if (!$id) { return 'Error: No ID provided.'; } if ($id == 'NOID') { $id = ''; } global $wz_research, $wz_weapons, $wz_templates, $wz_functions, $wz_bodies, $wz_propulsions, $wz_structures, $upgrades, $dt, $wz_rids, $subclasses; $out = '<p>' . iconimg($id, 'r') . '<span class="price">$' . min(intval($wz_research[$id]['price'] / 32), 450) . '</span> <span class="smallgrey indent">' . aval(array_keys($wz_rids, $id), 0) . '</span></p>'; $out .= '<p>' . ($wz_research[$id]['major'] ? '<span class="small">[<strong>Major research</strong>]</span>' : '<span class="small">[Minor research]</span>') . '</p>'; if ($wz_research[$id]['desc']) { $out .= '<blockquote><em>' . implode('<br />', $wz_research[$id]['desc']) . '</em></blockquote>'; } if (count($wz_research[$id]['result'])) { $out .= "<ul class=\"b\">\n"; foreach ($wz_research[$id]['result'] as $result) { if ($result[0] == 'function') { $funcs = $wz_functions[$result[1]]; foreach ($funcs['funcs'] as $func) { if ($func['subclass'] && $func['type'] == 'weaponrof') { $out .= '<li>Upgrades ' . $subclasses[$func['subclass']] . ' rate of fire to ' . round(10000 / (100 - $func['amt']), 0) . '%</li>'; } else { if ($func['subclass']) { $out .= '<li>Upgrades ' . $subclasses[$func['subclass']] . ' ' . $dt[$func['type']] . ' to ' . ($func['amt'] + 100) . '%</li>'; } else { if (isset($upgrades[$func['type']])) { $out .= '<li>Upgrades ' . $upgrades[$func['type']] . ' to ' . ($func['amt'] + 100) . '%</li>'; } else { $out .= '<li>Unknown upgrade: ' . $func['type'] . '</li>'; } } } } } else { if ($result[0] == 'weapon' && $result[1] == 'autorepair') { $out .= '<li>Enables auto-repair</li>'; } else { if ($result[0] == 'weapon') { $out .= '<li>Gives new turret: <a href="' . $root . 'w/' . $result[1] . '">' . $wz_weapons[$result[1]]['name'] . '</a></li>'; } else { if ($result[0] == 'cyborg') { $out .= '<li>Gives new cyborg: <a href="' . $root . 'c/' . $result[1] . '">' . $wz_templates[$result[1]]['name'] . '</a></li>'; } else { if ($result[0] == 'rplcweapon') { $out .= '<li>Automatically replaces: <a href="' . $root . 'w/' . $result[1] . '">' . $wz_weapons[$result[1]]['name'] . '</a></li>'; } else { if ($result[0] == 'redweapon') { $out .= '<li>Makes turret obsolete: <a href="' . $root . 'w/' . $result[1] . '">' . $wz_weapons[$result[1]]['name'] . '</a></li>'; } else { if ($result[0] == 'redstructure') { $out .= '<li>Makes structure obsolete: ' . $wz_structures[$result[1]]['name'] . '</li>'; } else { if ($result[0] == 'struct') { $out .= '<li>Gives new structure: ' . $wz_structures[$result[1]]['name'] . '</li>'; } else { if ($result[0] == 'body') { $out .= '<li>Gives new body: ' . $wz_bodies[$result[1]]['name'] . '</li>'; } else { if ($result[0] == 'propulsion') { $out .= '<li>Gives new propulsion: ' . $wz_propulsions[$result[1]]['name'] . '</li>'; } else { $out .= '<li>Unknown result: ' . $result[0] . '</li>'; } } } } } } } } } } } $out .= "</ul>\n"; } if ($wz_research[$id]['prereqs'][0] == $id) { $out .= '<p class="small"><em>Automatic</em> – This does not need to be researched; it has already been researched in every game.</p>'; } if (substr($wz_research[$wz_research[$id]['prereqs'][0]]['name'], 0, 4) === 'CAM1') { $out .= '<p class="small"><em>Base</em> – This does not have any prerequisites, and can be researched at the beginning of any game.</p>'; } return $out; }
/** * Gets the file hash from a PDF, first checking for a precomputed hash in the * metadata, then falling back to the actual sha256 hash */ function pdf_hash($pdffile) { // Check for embedded metadata $cmd = sprintf('exiftool -json -ImageDescription %s', escapeshellarg($pdffile)); $lines = array(); exec($cmd, $lines); $output = json_decode(implode("\n", $lines), TRUE); $hash = trim(aval($output[0], "ImageDescription"), ""); if ($hash != "") { return $hash; } // No metadata - grab the sha256 hash of the file return hash_file("sha256", $pdffile); }
<?php require_once __DIR__ . "/includes/root.php"; must_allow("review issues"); $issue = new Issue(Issue::LOCTYPE_AWAITING_REVIEW, $_POST["rp"]); if ($issue == NULL) { $renderer->flash_alert("Cannot find issue to reject - has it already been approved or rejected?"); header("Location: issues-list.php"); } $reason = aval($_POST, "reason", ""); if ($reason == "") { $renderer->variable("title", "Rejecting \"{$issue->label()}\""); $renderer->variable("issue", $issue); $renderer->render("issues-review-reject-reason"); } else { audit("reject issue", sprintf("Issue in '%s' rejected from review queue: %s", $issue->relative_path, $reason)); $issue->remove_from_review_queue($reason); $renderer->flash_success("Issue rejected and returned to pending list"); header("Location: issues-list.php"); }
<?php // This is an AJAX handler! It should not render anything through twig, and // instead just render the new page labels on success, or report failure via // HTTP status codes require_once __DIR__ . "/includes/root.php"; // This renders a page, but at least spits out a valid status code.... must_allow("modify issues"); $issue = new Issue(Issue::LOCTYPE_PENDING, $_REQUEST["rp"]); if ($issue == NULL) { header("HTTP/1.0 404 Not Found"); exit; } $page = aval($_POST, "page"); $label = aval($_POST, "label"); if ($page == NULL || $label == NULL) { header("HTTP/1.0 400 Bad Request"); exit; } $issue->meta->page_labels[$page] = $label; $issue->write_metadata(); echo json_encode($issue->meta->page_labels);
/** * Central handler for "flash" data - small cookies meant to persist from one * request to the next, but no further. If the value is set ($text isn't * NULL), the cookie is set and nothing is returned. If the value is request * instead, the cookie is destroyed and its value returned. */ public function _flash($flash, $text = NULL) { $key = "flash{$flash}"; if ($text) { setcookie($key, $text, 0, "/"); return; } $val = aval($_COOKIE, $key); setcookie($key, "deleted", time() - 3600, "/"); return $val; }