require_once 'admin/CONFIG.php';
?>
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
<p class="col-xs-12 col-md-3 col-lg-2 col-xl-1">
Contact email:
<br/>
<span class="text-muted small">Please solve the CAPTCHA to see the contact email</span>
</p>
<div class="g-recaptcha col-xs-12 col-md-9 col-lg-10 col-xl-11" data-sitekey="<?php echo $recaptcha_public_key;
?>" data-callback="renderEmail"></div>
</div>
</div>
<div class="needs-auth col-xs-12" id="auth-block">
<?php
$limitedProject = array();
$cleanCarto = deEscape($project['carto_id']);
$carto = json_decode($cleanCarto, true);
# TODO RECONSTRUCT LIMITED MULTIBOUNDS HERE
$multiBounds = $carto["bounding_polygon"]["multibounds"];
$north = -90;
$south = 90;
$west = 180;
$east = -180;
foreach($multiBounds as $polygon) {
foreach($polygon as $point) {
if($point["lat"] > $north) $north = $point["lat"];
if($point["lng"] > $east) $east = $point["lng"];
if($point["lng"] < $west) $west = $point["lng"];
if($point["lat"] < $south) $south = $point["lat"];
}
}
// }
// $data['execution_time'] = elapsed();
// header('Cache-Control: no-cache, must-revalidate');
// header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
// header('Content-type: application/json');
// $json = json_encode($data, JSON_FORCE_OBJECT); # | JSON_UNESCAPED_UNICODE
// $replace_array = array('"','"');
// print str_replace($replace_array, '\\"', $json);
// exit();
// }
# parse_str($_SERVER['QUERY_STRING'],$_POST);
$do = isset($_REQUEST['action']) ? strtolower($_REQUEST['action']) : null;
try {
$test = decode64($_REQUEST["test"]);
$test_sanitized = $db->sanitize($test);
$test_desanitized = deEscape($test_sanitized);
$testArr = array("encoded" => $_REQUEST["test"], "decoded" => $test, "written" => $test_sanitized, "read_back" => $test_desanitized);
} catch (Exception $e) {
$testArr = array();
}
switch ($do) {
case 'upload':
# Set access-control header
header('Access-Control-Allow-Origin: amphibiandisease.org');
case 'fetch':
doCartoSqlApiPush($_REQUEST);
break;
case 'validate':
doAWebValidate($_REQUEST);
break;
case 'is_human':
function listProjects($unauthenticated = true)
{
/***
* List accessible projects to the user.
*
* @param bool $unauthenticated -> Check for authorized projects
* to the user if false. Default true.
***/
global $db, $login_status;
$query = 'SELECT `project_id`,`project_title`, `carto_id`, `author_data` FROM ' . $db->getTable() . ' WHERE `public` IS TRUE';
$l = $db->openDB();
$r = mysqli_query($l, $query);
$authorizedProjects = array();
$editableProjects = array();
$authoredProjects = array();
$publicProjects = array();
$queries = array();
$queries[] = $query;
$checkedPermissions = array();
$cartoTableList = array();
while ($row = mysqli_fetch_row($r)) {
$authorizedProjects[$row[0]] = $row[1];
$publicProjects[] = $row[0];
try {
$cartoJson = json_decode(deEscape($row[2]), true);
$authorJson = json_decode(deEscape($row[3]), true);
$cartoTable = $cartoJson["table"];
$creation = $authorJson["entry_date"];
$cartoTableList[$row[0]] = array("table" => $cartoTable, "creation" => $creation);
} catch (Exception $e) {
}
}
if (!$unauthenticated) {
try {
$uid = $login_status['detail']['uid'];
} catch (Exception $e) {
$queries[] = 'UNAUTHORIZED';
}
if (!empty($uid)) {
$query = 'SELECT `project_id`,`project_title`,`author`, `carto_id`, `author_data` FROM `' . $db->getTable() . "` WHERE (`access_data` LIKE '%" . $uid . "%' OR `author`='{$uid}')";
$queries[] = $query;
$r = mysqli_query($l, $query);
while ($row = mysqli_fetch_row($r)) {
$pid = $row[0];
if (empty($pid)) {
continue;
}
# All results here are authorized projects
$authorizedProjects[$pid] = $row[1];
try {
$cartoJson = json_decode(deEscape($row[3]), true);
$authorJson = json_decode(deEscape($row[4]), true);
$cartoTable = $cartoJson["table"];
$creation = $authorJson["entry_date"];
$cartoTableList[$row[0]] = array("table" => $cartoTable, "creation" => $creation);
} catch (Exception $e) {
}
if ($row[2] == $uid) {
$authoredProjects[] = $pid;
$editableProjects[] = $pid;
} else {
# Check permissions
$access = checkProjectIdAuthorized($pid);
$accessCopy = $access;
unset($accessCopy["detail"]);
$checkedPermissions[$pid] = $accessCopy;
$isEditor = $access["detailed_authorization"]["can_edit"];
$isViewer = $access["detailed_authorization"]["can_view"];
if ($isEditor === true) {
$editableProjects[] = $pid;
}
}
}
}
}
$result = array('status' => true, 'projects' => $authorizedProjects, 'public_projects' => $publicProjects, 'authored_projects' => $authoredProjects, 'editable_projects' => $editableProjects, 'check_authentication' => !$unauthenticated, "carto_table_map" => $cartoTableList);
return $result;
}
