function add_teacher_POST()
{
$name = _post('name');
$gender = _post('gender');
$description = _post('description');
if ($name && $gender) {
$teacher = Teacher::create(compact('name', 'gender', 'description'));
redirect('teacher/' . $teacher->id);
} else {
show_form();
}
}
function add_course_POST()
{
$name = _post('name');
$teacher = _post('teacher');
$description = _post('description');
if ($name && $teacher) {
$course = Course::create(compact('name', 'teacher', 'description'));
redirect('course/' . $course->id);
} else {
show_form();
}
}
function mode_show()
{
//書き込みフォームを表示
show_form();
//データの書き込み
$log = load_date();
//ログを表示
echo "<ul>";
foreach ($log as $i) {
$name = htmlspecialchars($i["name"]);
$body = htmlspecialchars($i["body"]);
echo "<li><b style='color:red;'>{$name}</b>:{$body}</li>\n";
}
echo "</ul>";
}
function process_form()
{
//print results
$nbr1 = intval($_POST['nbr1']);
$nbr2 = intval($_POST['nbr2']);
$operator = $_POST['operator'];
if ($operator == 'A') {
$result = $nbr1 + $nbr2;
} elseif ($operator == 'S') {
$result = $nbr1 - $nbr2;
} elseif ($operator == 'M') {
$result = $nbr1 * $nbr2;
} else {
$result = $nbr1 / $nbr2;
}
print 'Result: ' . $result;
//show form again for another round!
show_form();
}
function adminForgot($title)
{
if (check_login()) {
header("location:./?sub");
} else {
include 'config/db.php';
include 'config/settings.php';
include 'config/globals.php';
$dbname = $branchyear . '_Users';
$table = $branchyear . '_Students';
$table1 = $branchyear . '_Admins';
//if(!mysql_select_db($dbname)) die(mysql_error());
echo "<!DOCTYPE html>\n<html>\n";
display_headers($title);
echo "\n<body>";
menu1("adminforgot.php", "Forgot Password", "unlock");
show_form();
}
}
function process_form()
{
// Connect to database
require_once "_dbConfig.php";
// Save data from the submitted variables as shorter variables
$firstname = cleanText($_POST['firstname']);
$lastname = cleanText($_POST['lastname']);
// Insert all the data from above into the table in the database
$sql = "INSERT INTO users (firstname, lastname) VALUES ('{$firstname}', '{$lastname}')";
$result = mysql_query($sql);
// If it worked, say so...
if ($result) {
$message = "Successfully inserted";
} else {
$message = "There was an error";
}
// If the form was submitted with a PDF, just show a clean confirmation page. Otherwise, show page with message
if ($_POST['submitted'] == "pdf") {
echo $message . "! Thanks!";
} else {
show_form($message);
}
}
function do_add_page()
{
if ($_POST['xsrf_token'] != $_SESSION['xsrf_token']) {
trigger_error('XSRF code incorrect', E_USER_ERROR);
}
$name = $_POST['name'];
$content = $_POST['content'];
if ($name == '') {
show_form('Please choose a name for the page');
}
if (strlen($name) > 25) {
show_form('The page name may not be longer than 25 characters');
}
if (strlen($content) > 20000) {
show_form('The content may not be longer than 20,000 characters');
}
// ** VALIDATION COMPLETE ** \\
$row = DB::queryFirstRow('SELECT MIN(order_num - 1) AS new_order FROM pages');
$new_order = $row['new_order'];
DB::queryRaw('INSERT INTO pages (name, content, order_num) VALUES ("' . mysqli_real_escape_string(DB::get(), $name) . '", "' . mysqli_real_escape_string(DB::get(), $content) . '", "' . mysqli_real_escape_string(DB::get(), $new_order) . '")');
$row = DB::queryFirstRow('SELECT page_id FROM pages WHERE order_num="' . mysqli_real_escape_string(DB::get(), $new_order) . '"');
header('Location: View?ID=' . $row['page_id']);
}
function do_edit_page()
{
if ((int) $_GET['ID'] == -1) {
trigger_error('Cannot edit Registration page', E_USER_ERROR);
}
if ($_POST['xsrf_token'] != $_SESSION['xsrf_token']) {
trigger_error('XSRF code incorrect', E_USER_ERROR);
}
$name = $_POST['name'];
$content = $_POST['content'];
if ($name == '') {
show_form('Please choose a name for the page');
}
if (strlen($name) > 25) {
show_form('The page name may not be longer than 25 characters');
}
str_replace($content, "{INDIVCOST}", map_value());
if (strlen($content) > 20000) {
show_form('The content may not be longer than 20,000 characters');
}
// ** VALIDATION COMPLETE ** \\
DB::queryRaw('UPDATE pages SET name="' . mysqli_real_escape_string(DB::get(), $name) . '", content="' . mysqli_real_escape_string(DB::get(), $content) . '" WHERE page_id="' . mysqli_real_escape_string(DB::get(), $_GET['ID']) . '" LIMIT 1');
header('Location: View?ID=' . $_GET['ID']);
}
function main()
{
show_header();
show_form();
show_footer();
}
$dbhost = $_config['db'][1]['dbhost'];
$dbname = $_config['db'][1]['dbname'];
$dbpw = $_config['db'][1]['dbpw'];
$dbuser = $_config['db'][1]['dbuser'];
$tablepre = $_config['db'][1]['tablepre'];
$db->connect($dbhost, $dbuser, $dbpw, $dbname, DBCHARSET);
$db->query("REPLACE INTO {$tablepre}user (uid, username,nickname, password, adminid, groupid, email, regdate,salt,authstr) VALUES ('{$uid}', '{$username}', '{$nickname}','{$password}', '1', '1', '{$email}', '" . time() . "','{$salt}','');");
$query = $db->query("SELECT COUNT(*) FROM {$tablepre}user");
$totalmembers = $db->result($query, 0);
$userstats = array('totalmembers' => $totalmembers, 'newsetuser' => $username);
$ctype = 1;
$data = addslashes(serialize($userstats));
$db->query("REPLACE INTO {$tablepre}syscache (cname, ctype, dateline, data) VALUES ('userstats', '{$ctype}', '" . time() . "', '{$data}')");
header("location: index.php?step=5");
}
show_form($form_admin_init_items, $error_msg);
} elseif ($method == 'ext_info') {
@touch($lockfile);
@unlink(ROOT_PATH . './install/index.php');
show_header();
echo '<iframe src="../misc.php?mod=syscache" style="display:none;"></iframe>';
echo '<h3>恭喜!安装成功</h3>';
echo '<h4 class="red">为了安全起见,请手工删除"./install/index.php"文件</h4>';
echo '<div style="text-align:right;width:80%;padding-top:50px;"><a href="' . $bbserver . '" class="button" ><input type="button" value="进入桌面"></a></div>';
show_footer();
} elseif ($method == 'install_check') {
if (file_exists($lockfile)) {
show_msg('installstate_succ');
} else {
show_msg('lock_file_not_touch', $lockfile, 0);
}
function do_showdelete()
{
global $curr_abspath, $curr_relpath, $hce_curr_displaypath;
$page_title = sprintf(_("Delete an item from folder %s"), $hce_curr_displaypath);
output_header($page_title);
echo "<h1>{$page_title}</h1>\n";
$item_name = @$_POST['item_name'];
confirm_is_local('FD', $item_name);
$item_path = "{$curr_abspath}/{$item_name}";
// Set up the appropriate descriptor string for the requested delete
if (is_file($item_path)) {
$question_template = _("Are you sure you want to delete the file %s?");
} else {
if (is_dir($item_path)) {
$question_template = _("Are you sure you want to delete the folder %s?");
} else {
// Shouldn't happen
fatal_error(_("Unable to determine status of delete request."));
}
}
$form_content = "<p style='margin-top: 0em;'>";
$form_content .= _("<b>Warning:</b> Deletion is permanent and cannot be undone.") . " ";
$form_content .= _("This script does not check that folders are empty.</p>");
$form_content .= "<p><b>" . sprintf($question_template, "<input type='text' name='del_file' size='50' maxsize='50' value='" . attr_safe($item_name) . "' READONLY>") . "</b></p>";
show_form('delete', $curr_relpath, $form_content, _("Delete"));
show_return_link();
}
function process_form()
{
// INITIAL DATA FETCHING
global $name, $email, $cell, $yog, $mailings;
// so that the show_form function can use these values later
$name = htmlentities(ucwords(trim(strtolower($_POST['name']), ' \\-\'')));
foreach (array('-', '\'') as $delimiter) {
if (strpos($name, $delimiter) !== false) {
$name = implode($delimiter, array_map('ucfirst', explode($delimiter, $name)));
}
}
// forces characters after spaces, hyphens and apostrophes to be capitalized
$name = preg_replace('/[\\s\']*\\-+[\\s\']*/', '-', $name);
// removes hyphens not between two characters
$name = preg_replace('/[\\s\\-]*\'+[\\s\\-]*/', '\'', $name);
// removes apostrophes not between two characters
$name = preg_replace('/\\s+/', ' ', $name);
// removes multiple consecutive spaces
$name = preg_replace('/\\-+/', '-', $name);
// removes multiple consecutive hyphens
$name = preg_replace('/\'+/', '\'', $name);
// removes multiple consecutive apostrophes
$email = htmlentities(strtolower($_POST['email']));
$cell = htmlentities($_POST['cell']);
$yog = $_POST['yog'];
$pass = $_POST['pass1'];
$mailings = '0';
if ($_POST['mailings'] == 'Yes') {
$mailings = '1';
}
// CHECK THAT THE NAME IS VALID
if (($name = sanitize_username($name)) === false) {
alert('Your name must have only letters, hyphens, apostrophes, and spaces, and be between 3 and 30 characters long', -1);
show_form();
return;
}
if (strpos($name, ' ') == false) {
alert('Please enter both your first <span class="i">and</span> last name', -1);
show_form();
return;
}
// CHECK THAT THE EMAIL ADDRESS IS VALID
if (!val('e', $email)) {
alert('That\'s not a valid email address', -1);
show_form();
return;
}
// CHECK AND FORMAT CELL PHONE NUMBER
if ($cell != '' && ($cell = format_phone_number($cell)) === false) {
//Validate the format of the cell phone number (if it's not left blank)
alert('That\'s not a valid cell phone number', -1);
show_form();
return;
}
// CHECK THAT THE YOG IS VALID
$grade = intval(getGradeFromYOG($yog));
if ($grade < 9 || $grade > 12) {
alert('That is not a valid YOG (' . $grade . 'you have to be in high school)', -1);
show_form();
return;
}
// CHECK THAT THE PASSWORDS MATCH, MEET MINIMUM LENGTH
if ($pass != $_POST['pass2']) {
alert('The passwords that you entered do not match', -1);
show_form();
return;
}
if (strlen($pass) < 6) {
alert('Please choose a password that has at least 6 characters', -1);
show_form();
return;
}
// CHECK THAT THEY ENTERED THE RECAPTCHA CORRECTLY
// CURRENTLY BROKEN: NEED TO UPDATE RECAPTCHA
/*
$recaptcha_msg = validate_recaptcha();
if ($recaptcha_msg !== true) {
alert($recaptcha_msg, -1);
show_form();
return;
}
*/
// CHECK THAT AN ACCOUNT WITH THAT EMAIL DOES NOT ALREADY EXIST
// this is done *after* checking the reCaptcha to prevent bots from harvesting our email
// addresses via a brute-force attack.
if (DBExt::queryCount('users', 'LOWER(email)=LOWER(%s)', $email) != 0) {
alert('An account with that email address already exists', -1);
show_form();
return;
}
// CHECK THAT AN ACCOUNT WITH THE SAME NAME IN THE SAME GRADE DOES NOT EXIST
// - with the exception that if it's permissions = 'E', they probably mistyped their email and are redoing it.
if (DBExt::queryCount('users', 'LOWER(name)=%s AND yog=%i AND permissions!="E"', strtolower($name), $yog) != 0) {
alert('An account in your grade with that name already exists', -1);
show_form();
return;
}
// ** All information has been validated at this point **
$verification_code = generate_code(5);
// for verifying ownership of the email address
// Check if email address has been pre-approved
if (isset($_SESSION['PREAPPROVED']) && $email === $_SESSION['PREAPPROVED']) {
$approved = '1';
// skip Captain approval
$verification_code = '1';
// skip email verification (already done)
} else {
$approved = '0';
}
// Create database entry
$passhash = hash_pass($email, $pass);
if ($cell == '') {
$cell = 'None';
} else {
$cell = preg_replace('#[^\\d]#', '', $_POST['cell']);
}
// remove non-numbers from cell phone # again
DB::insert('users', array('name' => $name, 'email' => $email, 'passhash' => $passhash, 'cell' => $cell, 'yog' => $yog, 'mailings' => $mailings, 'approved' => $approved, 'email_verification' => $verification_code, 'registration_ip' => htmlentities(strtolower($_SERVER['REMOTE_ADDR']))));
set_login_data(DB::insertId());
// LOG THEM IN
// For pre-approved members:
if ($approved == '1') {
global $WEBMASTER_EMAIL;
$to = array($email => $name);
$subject = 'Account Created';
$body = <<<HEREDOC
Welcome to the LHS Math Club website, {$name}!
Your account has been created. If you have any questions about the site, please email
the webmaster at {$WEBMASTER_EMAIL}
HEREDOC;
send_email($to, $subject, $body, $WEBMASTER_EMAIL);
$_SESSION['HOME_welcome'] = 'Welcome to the LHS Math Club website, ' . $name . '!';
header('Location: Home');
}
$_SESSION['ACCOUNT_do_send_verification_email'] = true;
header('Location: Verify_Email');
}
$totalmembers = $db->result($query, 0);
$userstats = array('totalmembers' => $totalmembers, 'newsetuser' => $username);
$ctype = 1;
$data = addslashes(serialize($userstats));
$db->query("REPLACE INTO {$tablepre}common_syscache (cname, ctype, dateline, data) VALUES ('userstats', '{$ctype}', '" . time() . "', '{$data}')");
touch($lockfile);
VIEW_OFF && show_msg('initdbresult_succ');
if (!VIEW_OFF) {
echo '<script type="text/javascript">function setlaststep() {document.getElementById("laststep").disabled=false;window.location=\'index.php?method=ext_info\';}</script><script type="text/javascript">setTimeout(function(){window.location=\'index.php?method=ext_info\'}, 30000);</script><iframe src="../misc.php?mod=initsys" style="display:none;" onload="setlaststep()"></iframe>' . "\r\n";
show_footer();
}
}
if (VIEW_OFF) {
show_msg('missing_parameter', '', 0);
} else {
show_form($form_db_init_items, $error_msg);
}
} elseif ($method == 'ext_info') {
@touch($lockfile);
if (VIEW_OFF) {
show_msg('ext_info_succ');
} else {
show_header();
echo '</div><div class="main" style="margin-top: -123px;"><ul style="line-height: 200%; margin-left: 30px;">';
echo '<li><a href="../">' . lang('install_succeed') . '</a><br>';
echo '<script>setTimeout(function(){window.location=\'../\'}, 2000);</script>' . lang('auto_redirect') . '</li>';
echo '</ul></div>';
show_footer();
}
} elseif ($method == 'install_check') {
if (file_exists($lockfile)) {
$reputationid = 0;
$time_offset = 0;
$a = explode(",", gmdate("Y,n,j,G,i,s", time() + $time_offset));
$now_date = array('year' => $a[0], 'mon' => $a[1], 'mday' => $a[2], 'hours' => $a[3], 'minutes' => $a[4], 'seconds' => $a[5]);
switch ($input['mode']) {
case 'modify':
show_level();
break;
case 'add':
show_form('new');
break;
case 'doadd':
do_update('new');
break;
case 'edit':
show_form('edit');
break;
case 'doedit':
do_update('edit');
break;
case 'doupdate':
do_update();
break;
case 'dodelete':
do_delete();
break;
case 'list':
view_list();
break;
case 'dolist':
do_list();
if (!in_rops()) {
echo "<td><input class=\"btn btn-default\" type=submit name=submit value=Update></td>";
} else {
echo "<td> </td>";
}
echo "</tr></form>";
}
end_table();
// Entry form to create a new application
//
if (in_rops()) {
return;
}
echo "<P>\n <h2>Add an application</h2>\n To add an application enter the short name and description\n ('user friendly name') below. You can then edit the\n application when it appears in the table above.\n <p>\n <form action={$action_url} method=POST>\n ";
start_table("align='center' ");
table_header("Name", "Description", " ");
echo "<TR>\n <TD> <input type='text' size='12' name='add_name' value=''></TD>\n <TD> <input type='text' size='35' name='add_user_friendly_name' value=''></TD>\n <TD align='center' >\n <input type='submit' name='add_app' value='Add Application'></TD>\n </TR>\n";
end_table();
echo "</form><p>\n";
}
admin_page_head("Manage applications");
$all = get_int('all', true);
if (post_str('add_app', true)) {
add_app();
} else {
if (post_str('submit', true)) {
do_updates();
}
}
show_form($all);
admin_page_tail();
$msg_class = 'error';
} else {
$msg = $FUNCS->t('reset_req_email_confirm');
$showonlymsg = 1;
}
} elseif (isset($_GET['act'][0]) && $_GET['act'] == 'reset') {
$rs = reset_password();
if ($FUNCS->is_error($rs)) {
$msg = $rs->err_msg;
$msg_class = 'error';
} else {
$msg = $FUNCS->t('reset_email_confirm');
}
$showonlymsg = 1;
}
show_form($msg, $msg_class, $showonlymsg);
////////////////////////////////////////////////////////////////////////////
function request_confirmation()
{
global $FUNCS, $DB, $AUTH;
$val = $FUNCS->cleanXSS(trim($_POST['k_user_name']));
if ($val && is_string($val)) {
$user = $AUTH->reset_key($val);
if ($FUNCS->is_error($user)) {
return $user;
}
// Send confirmation email to the user
$name = $user->name;
$to = $user->email;
$key = $user->password_reset_key;
$hash = $AUTH->get_hash($name, $key, time() + 86400);
<?php
// +-------------------------------------------------+
// © 2002-2004 PMB Services / www.sigb.net pmb@sigb.net et contributeurs (voir www.sigb.net)
// +-------------------------------------------------+
// $Id: ajax_liste_lecture.inc.php,v 1.7 2015-04-03 11:16:27 jpermanne Exp $
if (stristr($_SERVER['REQUEST_URI'], ".inc.php")) {
die("no access");
}
require_once $include_path . "/mail.inc.php";
switch ($quoifaire) {
case 'show_form':
show_form($id);
break;
case 'send_demande':
send_demande($id);
break;
case 'show_refus_form':
show_refus_form();
break;
case 'delete_empr':
delete_empr($id, $empr);
break;
}
/**
* Formulaire de saisie pour l'envoi d'une demande
*/
function show_form($id)
{
global $dbh, $msg, $charset;
$req = "select id_empr from empr where empr_login='******'user_code'] . "'";
echo "<br><br><input type=submit value=OK>";
admin_page_tail();
}
function show_form($appid)
{
admin_page_head("Show FLOPS distribution");
echo "\n <form method=get action=job_times.php>\n <input type=hidden name=appid value={$appid}>\n ";
start_table();
row2("App version:", version_select($appid));
row2("Resolution:<br><span class=note>(if you see only one bar, use a smaller value)</span>", "<input name=quantum value=1e12>");
row2("Sample size (# of jobs):", "<input name=nresults value=1000>");
row2("", "<input type=submit name=submit value=OK>");
end_table();
echo "\n </form>\n ";
admin_page_tail();
}
if (get_str('submit', true) == 'OK') {
set_time_limit(0);
$appid = get_int('appid');
$app_version_id = get_int('app_version_id');
$quantum = (double) get_str('quantum');
$nresults = get_int('nresults');
analyze($appid, $app_version_id, $nresults);
} else {
$appid = get_int('appid', true);
if ($appid) {
show_form($appid);
} else {
show_app_select();
}
}
<?php
require "settings.php";
if (isset($_REQUEST["key"])) {
switch ($_REQUEST["key"]) {
case "confirm":
$OUTPUT = generate_form();
break;
default:
$OUTPUT = show_form();
}
} else {
$OUTPUT = show_form();
}
//require ("template.php");
require "tmpl-print.php";
function show_form()
{
db_connect();
#get the db stuff ...
$display = "\n\t\t<form action='" . SELF . "' method='POST'>\n\t\t<table " . TMPL_tblDflts . " border='1' width='900'>\n\t\t\t<tr>\n\t\t\t\t<td rowspan='2'>IMAGE</td>\n\t\t\t\t<td>Transaction Year (CCYY)</td>\n\t\t\t\t<td colspan='2'><input type='text' size='5' maxlength='4' name='input_transaction_year' value='{$input_transaction_year}'>\n\t\t\t\tEMPLOYER RECONCILIATION DECLARATION IMAGE</td>\n\t\t\t\t<td align='right'>EMP501 IMAGE</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<---IMAGE--->\n\t\t\t\t<td>PAYE Ref No.</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_refno' value='{$input_paye_refno}'></td>\n\t\t\t\t<td>SDL Ref No.</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_sdl_refno' value='{$input_sdl_refno}'></td>\n\t\t\t\t<td>UIF Ref No.</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_uif_refno' value='{$input_uif_refno}'></td>\n\t\t\t</tr>\n\t\t</table>\n\t\t<br>\n\t\t<table " . TMPL_tblDflts . " border='1' width='900'>\n\t\t\t<tr>\n\t\t\t\t<td width='10%'>Trading Name</td>\n\t\t\t\t<td><input type='text' size='46' maxlength='45' name='input_tradingname' value='{$input_tradingname}'></td>\n\t\t\t</tr>\n\t\t</table>\n\t\t<br>\n\t\t<table " . TMPL_tblDflts . " border='1' width='900'>\n\t\t\t<tr>\n\t\t\t\t<td width='150' bgcolor='#8389ff' align='center'><b>Summary of Employer Liability</b></td>\n\t\t\t\t<td width='100' bgcolor='#8389ff' align='center'><b>PAYE</b></td>\n\t\t\t\t<td width='100' bgcolor='#8389ff' align='center'><b>SDL</b></td>\n\t\t\t\t<td width='100' bgcolor='#8389ff' align='center'><b>UIF</b></td>\n\t\t\t\t<td width='130' bgcolor='#8389ff' align='center'><b>Total Monthly Liability</b></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td bgcolor='#8389ff' align='center'><b>Total Payments</b></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>March</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_march' value='{$input_paye_march}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_march' value='{$input_sdl_march}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_march' value='{$input_uif_march}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_march' value='{$input_liability_march}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_march' value='{$input_payments_march}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>April</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_april' value='{$input_paye_april}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_april' value='{$input_sdl_april}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_april' value='{$input_uif_april}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_april' value='{$input_liability_april}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_april' value='{$input_payments_april}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>May</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_may' value='{$input_paye_may}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_may' value='{$input_sdl_may}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_may' value='{$input_uif_may}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_may' value='{$input_liability_may}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_may' value='{$input_payments_may}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>June</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_june' value='{$input_paye_june}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_june' value='{$input_sdl_june}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_june' value='{$input_uif_june}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_june' value='{$input_liability_june}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_june' value='{$input_payments_june}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>July</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_july' value='{$input_paye_july}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_july' value='{$input_sdl_july}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_july' value='{$input_uif_july}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_july' value='{$input_liability_july}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_july' value='{$input_payments_july}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>August</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_august' value='{$input_paye_august}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_august' value='{$input_sdl_august}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_august' value='{$input_uif_august}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_august' value='{$input_liability_august}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_august' value='{$input_payments_august}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>September</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_september' value='{$input_paye_september}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_september' value='{$input_sdl_september}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_september' value='{$input_uif_september}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_september' value='{$input_liability_september}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_september' value='{$input_payments_september}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>October</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_october' value='{$input_paye_october}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_october' value='{$input_sdl_october}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_october' value='{$input_uif_october}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_october' value='{$input_liability_october}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_october' value='{$input_payments_october}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>November</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_november' value='{$input_paye_november}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_november' value='{$input_sdl_november}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_november' value='{$input_uif_november}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_november' value='{$input_liability_november}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_november' value='{$input_payments_november}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>December</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_december' value='{$input_paye_december}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_december' value='{$input_sdl_december}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_december' value='{$input_uif_december}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_december' value='{$input_liability_december}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_december' value='{$input_payments_december}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>January</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_january' value='{$input_paye_january}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_january' value='{$input_sdl_january}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_january' value='{$input_uif_january}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_january' value='{$input_liability_january}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_january' value='{$input_payments_january}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>February</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_february' value='{$input_paye_february}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_sdl_february' value='{$input_sdl_february}'></td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='input_uif_february' value='{$input_uif_february}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_february' value='{$input_liability_february}'></td>\n\t\t\t\t<td width='50'> </td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_february' value='{$input_payments_february}'></td>\n\t\t\t</tr>\n\t\t</table>\n\t\t<table " . TMPL_tblDflts . " border='1' width='900'>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>Annual Total</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_paye_annual_total' value='{$input_paye_annual_total}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_sdl_annual_total' value='{$input_sdl_annual_total}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_uif_annual_total' value='{$input_uif_annual_total}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_liability_annual_total' value='{$input_liability_annual_total}'></td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_payments_annual_total' value='{$input_payments_annual_total}'></td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>Difference - Liability & Certificate Totals</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_difference' value='{$input_difference}'></td>\n\t\t\t\t<td>INPUT 2</td>\n\t\t\t\t<td>INPUT 3</td>\n\t\t\t\t<td>INPUT 4</td>\n\t\t\t\t<---NOTHING HERE--->\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>Total Value of Tax Certificates</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_total_value_tax' value='{$input_total_value_tax}'></td>\n\t\t\t\t<td>INPUT 2</td>\n\t\t\t\t<td>INPUT 3</td>\n\t\t\t\t<td bgcolor='#8389ff' align='center'>DECLARED LIABILITY</td>\n\t\t\t\t<td bgcolor='#8389ff' align='center'>DUE BY/TO YOU</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>Total Value of Electronic Tax Certificates</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_total_value_electronic' value='{$input_total_value_electronic}'></td>\n\t\t\t\t<td colspan='2'>SOME MISC TEXT</td>\n\t\t\t\t<td>INPUT</td>\n\t\t\t\t<td>INPUT</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>Total Value of Manual Tax Certificates</td>\n\t\t\t\t<td><input type='text' size='11' maxlength='10' name='input_total_value_manual' value='{$input_total_value_manual}'></td>\n\t\t\t\t<td rowspan='2' colspan='2'>TEXTBOX</td>\n\t\t\t\t<td rowspan='2'>DECLARATION</td>\n\t\t\t\t<td rowspan='2'>DECLARATION TEXT</td>\n\t\t\t</tr>\n\t\t\t<tr>\n\t\t\t\t<td width='150'>Date (CCYYMMDD)</td>\n\t\t\t\t<td><input type='text' size='9' maxlength='8' name='' value=''></td>\n\t\t\t</tr>\n\t\t</table>\n\t\t</form>";
return $display;
}
function generate_form()
{
}
function show_showform()
{
global $vars;
$qm = get_qm();
$vars['page'] = $vars['refer'];
$body = ini_get('file_uploads') ? show_form($vars['page']) : 'file_uploads disabled.';
return array('msg' => $qm->m['plg_attach']['upload'], 'body' => $body);
}
$message = new AlertText("A plan with the username {$username} already exists, meaning this token has been used. If you are the owner of that email, your password was given to you when you first clicked the link. If you've lost the password, or for anything else, <a href=\"mailto:{$admin_email}\">Email us</a>.", 'Plan exists');
$thispage->append($message);
$thispage->append(show_form());
} else {
$results = insert_user($username, '', $year, $email, $type);
$password = $results[0];
$message = new InfoText("Your account has been created! Your username is {$username} and your initial password is {$password}." . ' Go <a href="http://www.grinnellplans.com/">Here</a> to test them out.', 'Plan Created');
$thispage->append($message);
$message = "A new plan has been created with \nusername: {$username}\nGrad Year: {$year}\n{$username} self-identifies as {$type}.";
send_mail($admin_email, "Plan Created: {$username}", $message);
$message = "Your account has been created! Your username is {$username} and your initial password is {$password}. Go to http://www.grinnellplans.com/ to get started.\n";
send_mail($email, "Plan Created", $message);
}
}
} else {
$thispage->append(show_form());
}
}
interface_disp_page($thispage);
db_disconnect($dbh);
/*
?>
<script>
<!--
document.getElementById('year').style.display = 'none';
document.getElementById('other').style.display = 'none';
recount_chars();
function recount_chars() {
document.getElementById("char_count").innerHTML = document.signup.other.value.length;
} else {
show_msg(translate('An error has occurred while trying to reset your password.', sz_config('language')));
if (reportError('Unable to reset password for' . $_POST['email'])) {
show_msg(translate('The website developers have been notified and you will be contacted shortly.', sz_config('language')));
} else {
reportErrorManually('33215');
}
}
} else {
show_form('passreset', translate('Please enter your own email address.', sz_config('language')));
}
} else {
show_form('passreset', translate('You have entered an invalid email address. Please try again.', sz_config('language')));
}
} else {
show_form('passreset', '');
}
}
break;
default:
if ($nrgic == 'showregmsg') {
show_msg(translate('Your request has been forwarded. We will notify you as soon as you can register again.', sz_config('language')));
}
show_page('index');
break;
}
//BEGIN FUNCTIONS
function blankRegForm($msg)
{
$newuser = array();
$newuser['username'] = '';
function show_page($cur_page, $dbc)
{
switch ($cur_page) {
case '/limbo_landing.php':
# Store current page as number, to send in GET request for quick link item details, the current page will determine what content to filter and which 'go back' to display
$p = 0;
# Define query for the homepage records - return the 6 most recent items
$query = 'SELECT stuff.id, stuff.create_date, stuff.description, stuff.status, stuff.image_url, locations.name
FROM stuff, locations
WHERE stuff.location_id = locations.id
ORDER BY stuff.update_date DESC LIMIT 6';
# Store the query results in $results
$results = mysqli_query($dbc, $query);
check_results($results);
# Show results
# But...wait until we know the query succeed before
# rendering the table start.
if ($results) {
# Display homepage banner
echo '<section id="banner">
<header>
<h2>Welcome to Limbo</h2>
<p>The Ultimate Lost & Found System</p>
</header>
</section>';
# Diplay intro/info and get started/learn more buttons
# Set up the modal dialog for Get Started, along with javascript to enable actions/button events
echo '<section id="intro" class="container">';
echo '<div class="row">
<div class="4u 12u(mobile)">
<section class="first">
<i class="icon featured fa-cog"></i>
<header>
<h2>Find Your Lost Items</h2>
</header>
<p>Lost something? Let Limbo find your item for you.</p>
</section>
</div>
<div class="4u 12u(mobile)">
<section class="middle">
<i class="icon featured alt fa-flash"></i>
<header>
<h2>Quick & Easy</h2>
</header>
<p>Limbo is a lightweight, user-friendly system, so that you can focus on finding or reporting items as quickly as possible.</p>
</section>
</div>
<div class="4u 12u(mobile)">
<section class="last">
<i class="icon featured alt2 fa-star"></i>
<header>
<h2>Security & Privacy</h2>
</header>
<p>We incorporate several filters to keep your item details secure, so that you can have a peace of mind.</p>
</section>
</div>
</div>
<footer>
<ul class="actions">
<li><input class="button big" type="button" id="getstartedbtn" value="Get Started"></li>
<li><a href="faq.php" class="button alt big">Learn More</a></li>
</ul>
<dialog style="width:25%; height:60%;" id="getstartedDialog">
<form action="' . $_SERVER['PHP_SELF'] . '" method="post">
<section class="box">
<section>
<p><h3>Did you lose an Item?</h3>
<a style="font-size:20px;" href="lost.php">Lost Items</a><br>
<a style="font-size:20px;" href="lost-1.php">Report Lost Item</a><p>
<br>
<p><h3>Did you find an Item?</h3>
<a style="font-size:20px;" href="found.php">Found Items</a><br>
<a style="font-size:20px;" href="found-1.php">Report found Item</a><p>
</section>
<menu>
<button id="cancelDialogGS" type="reset">Cancel</button>
</menu>
</section>
</form>
</dialog>
<script>
(function() {
var Item = document.getElementById(\'getstartedbtn\');
var favDialog = document.getElementById(\'getstartedDialog\');
var cancelButton = document.getElementById(\'cancelDialogGS\');
// Update buttons opens a modal dialog
Item.addEventListener(\'click\', function() {
favDialog.showModal();
});
// Form cancel button closes the dialog box
cancelButton.addEventListener(\'click\', function() {
favDialog.close();
});
})();
</script>
</footer>
</section>
</div>
</div>';
# Display the main content
echo '<div id="main-wrapper">';
echo '<div class="container">';
echo '<div class="row">
<div class="12u">
<!-- Recent Items -->
<section>
<header class="major">
<h2>Recent Items</h2>
</header>
</div>
</div>';
# Keep track of the iterations, so that it can be determined when a new line is required (after 3 items in a row)
$count = 0;
echo '<div class="row">';
while ($row = mysqli_fetch_array($results, MYSQLI_ASSOC)) {
# If three items are already in a row, add new items to next row
if ($count % 3 == 0 && $count != 0) {
echo '</div>';
echo '<div class="row">';
}
# If there is no image url provided for the item use a default image
if (empty($row['image_url'])) {
$image_url = 'images/pic01.jpg';
} else {
$image_url = $row['image_url'];
}
# Quick links to the item, clicking on the picture should also have the same result
$imglink = '<a href="ql.php?id=' . $row['id'] . '&p=' . $p . '" class="image scaled"><img src="' . $image_url . '" alt="" /></a>';
$alink = '<A HREF=ql.php?id=' . $row['id'] . '&p=' . $p . '>' . $row['description'] . '</A>';
echo '<div class="4u 12u(mobile)">
<section class="box">
<p>' . $imglink . '</p>
<header>
<h3>' . $alink . '</h3>
</header>
<p>Date: ' . $row['create_date'] . '</p>
<p>Status: ' . $row['status'] . '</p>
<p>Location: ' . $row['name'] . '</p>
</section>
</div>';
$count++;
}
# Close the row, container and main-wrapper
echo '</div>
</section>
</div></div>';
}
break;
# See comments for /admins.php for details, same applies here
# See comments for /admins.php for details, same applies here
case '/found.php':
$p = 1;
$query = 'SELECT stuff.id, stuff.create_date, stuff.description, stuff.status, locations.name, stuff.image_url
FROM stuff, locations
WHERE stuff.location_id = locations.id
AND status = \'lost\'';
$results = mysqli_query($dbc, $query);
check_results($results);
# Show results
if ($results) {
# But...wait until we know the query succeed before
# rendering the table start.
echo '</div></div>';
echo '<div id="main-wrapper">';
echo '<div class="container">';
echo '<div class="row">';
echo '<div class="4u 12u(mobile)">';
echo '<section class="box">';
echo '<H2>Found Something?</H2>';
echo '<p>If you found something, you\'re in luck! This is the place to report it. Search for the item below:</p>';
# Show search box
show_form($dbc, 'found_search');
echo '</section>';
echo '</div>';
$count = 0;
while ($row = mysqli_fetch_array($results, MYSQLI_ASSOC)) {
if ($count % 2 == 0 && $count != 0) {
echo '</div>';
echo '<div class="row">';
}
if (empty($row['image_url'])) {
$image_url = 'images/pic01.jpg';
} else {
$image_url = $row['image_url'];
}
$imglink = '<a href="ql.php?id=' . $row['id'] . '&p=' . $p . '" class="image scaled"><img src="' . $image_url . '" alt="" /></a>';
$alink = '<A HREF=ql.php?id=' . $row['id'] . '&p=' . $p . '>' . $row['description'] . '</A>';
echo '<div class="4u 12u(mobile)">
<section class="box">
<p>' . $imglink . '</p>
<header>
<h3>' . $alink . '</h3>
</header>
<p>Date: ' . $row['create_date'] . '</p>
<p>Status: ' . $row['status'] . '</p>
<p>Location: ' . $row['name'] . '</p>
</section>
</div>';
$count++;
}
echo '</div>';
echo '</div></div>';
echo '</div>';
}
break;
case '/found-1.php':
report($dbc, $cur_page);
return;
case '/lost.php':
$p = 2;
$query = 'SELECT stuff.id, stuff.create_date, stuff.description, stuff.status, locations.name, stuff.image_url
FROM stuff, locations
WHERE stuff.location_id = locations.id
AND status = \'found\'';
#AND ' . strtotime('stuff.update_date') . ' > ' . strtotime($date . ' -14 days' 3);
$results = mysqli_query($dbc, $query);
check_results($results);
# Show results
if ($results) {
echo '</div></div>';
echo '<div id="main-wrapper">';
echo '<div class="container">';
echo '<div class="row">';
echo '<div class="4u 12u(mobile)">';
echo '<section class="box">';
echo '<H2>Lost Something?</H2>';
echo '<p>If you lost something, you\'re in luck! This is the place to report it. Search for your item below:</p>';
show_form($dbc, 'lost_search');
echo '</section>';
echo '</div>';
$count = 0;
while ($row = mysqli_fetch_array($results, MYSQLI_ASSOC)) {
# If three items are already in a row, add new items to next row
if ($count % 2 == 0 && $count != 0) {
echo '</div>';
echo '<div class="row">';
}
if (empty($row['image_url'])) {
$image_url = 'images/pic01.jpg';
} else {
$image_url = $row['image_url'];
}
$imglink = '<a href="ql.php?id=' . $row['id'] . '&p=' . $p . '" class="image scaled"><img src="' . $image_url . '" alt="" /></a>';
$alink = '<A HREF=ql.php?id=' . $row['id'] . '&p=' . $p . '>' . $row['description'] . '</A>';
echo '<div class="4u 12u(mobile)">
<section class="box">
<p>' . $imglink . '</p>
<header>
<h3>' . $alink . '</h3>
</header>
<p>Date: ' . $row['create_date'] . '</p>
<p>Status: ' . $row['status'] . '</p>
<p>Location: ' . $row['name'] . '</p>
</section>
</div>';
$count++;
}
#show_records($results, $p);
echo '</div>';
echo '</div></div>';
echo '</div>';
}
break;
# Lost item reporting page
# Lost item reporting page
case '/lost-1.php':
report($dbc, $cur_page);
return;
case '/ql.php':
echo '<TITLE>Limbo - Quick Link</TITLE>';
echo '</div></div>';
echo '<div id="main-wrapper">';
echo '<div class="container">';
echo '<section>';
return;
# Users quick link for admins
# Users quick link for admins
case '/ql_users.php':
echo '<TITLE>Limbo - Users</TITLE>';
echo '</div></div>';
echo '<div id="main-wrapper">';
echo '<div class="container">';
echo '<section>';
return;
case '/admins.php':
$p = 3;
$query = 'SELECT stuff.id, stuff.create_date, stuff.description, stuff.status, locations.name, stuff.image_url
FROM stuff, locations
WHERE stuff.location_id = locations.id';
$results = mysqli_query($dbc, $query);
check_results($results);
echo '<TITLE>Limbo - Admins</TITLE>';
echo '</div></div>';
echo '<div id="main-wrapper">';
echo '<div class="container">';
echo '<div class="12u">';
echo '<section>';
echo '<p>Click on an Item or User to View/Edit details</p>';
echo '<header class="major">
<h2>Items</h2>
</header>
</section>';
if ($results) {
show_records($results, $p);
}
$query = 'SELECT id, user_id, first_name, last_name, email, pass, reg_date
FROM users';
$results = mysqli_query($dbc, $query);
check_results($results);
echo '<section>';
echo '<header class="major">
<h2>Users</h2>
</header>
</section>';
if ($results) {
show_user_records($results);
}
echo '</div></div>';
echo '</div></div>';
break;
case '/faq.php':
echo '<section id="banner">
<header>
<h2>FAQ</h2>
<p>Welcome to the FAQ section!</p>
</header>
</section>';
echo '</div></div>';
echo '<div id="main-wrapper">';
echo '<div class="container">';
echo '<div class="12u">
<!-- Recent Items -->
<section>
<header class="major">
<h2>Frequently Asked Questions</h2>
</header>
</div>
<div class="row">
<div class="6u 12u(mobile)">
<section class="box">
<header>
<h2>How do I report a lost or found item?</h2>
</header>
<p>At the home page, you will see a get started button. This will guide you through a series of steps to either report a lost item or claim a found item.</p>
</section>
</div>
<div class="6u 12u(mobile)">
<section class="box">
<header>
<h2>How will I know when someone has found my item?</h2>
</header>
<p>When an item has been found, you will receive an e-mail with instructions on claiming your item.</p>
</div>
</div>
</div></div>';
return;
case '/search.php':
echo '</div>
<div class="main-wrapper">
<div class="container">
<div class="12u">
';
return;
}
# Free up the results in memory
mysqli_free_result($results);
}
$v = ' CHECKED ';
}
echo " <TD align='center'>\n <input name='beta' type='checkbox' {$v}></TD>\n ";
$v = '';
if ($app->fraction_done_exact) {
$v = ' CHECKED ';
}
echo " <TD align='center'>\n <input name='fraction_done_exact' type='checkbox' {$v}></TD>\n ";
echo "<td><input class=\"btn btn-default\" type=submit name=submit value=Update>";
echo "</tr></form>";
}
end_table();
// Entry form to create a new application
//
echo "<P>\n <h2>Add an application</h2>\n To add an application enter the short name and description\n ('user friendly name') below. You can then edit the\n application when it appears in the table above.\n <p>\n <form action=manage_apps.php method=POST>\n ";
start_table("align='center' ");
table_header("Name", "Description", " ");
echo "<TR>\n <TD> <input type='text' size='12' name='add_name' value=''></TD>\n <TD> <input type='text' size='35' name='add_user_friendly_name' value=''></TD>\n <TD align='center' >\n <input type='submit' name='add_app' value='Add Application'></TD>\n </TR>\n";
end_table();
echo "</form><p>\n";
}
admin_page_head("Manage applications");
if (post_str('add_app', true)) {
add_app();
} else {
if (post_str('submit', true)) {
do_updates();
}
}
show_form(false);
admin_page_tail();
$password2 = $_POST['password2'];
}
if ($password != "" && validate_password($password, $error_msg)) {
if ($password == $password2) {
$show_form = False;
} else {
$error_msg = "Password entries don't match.";
}
}
if ($show_form) {
// Display the form and exit
$GENI_TITLE = "Download certificate and key";
$load_user = TRUE;
show_header('GENI Portal: Profile', $load_user);
include "tool-breadcrumbs.php";
show_form($error_msg);
include "footer.php";
exit;
}
/* Generate a keypair and a certificate. */
$uuid = $user->account_id;
$email = $user->email();
$urn = $user->urn();
$signer_cert_file = '/usr/share/geni-ch/ma/ma-cert.pem';
$signer_key_file = '/usr/share/geni-ch/ma/ma-key.pem';
if (!make_cert_and_key($uuid, $email, $urn, $signer_cert_file, $signer_key_file, $cert, $key)) {
print "An error occurred generating a key and certificate.\n";
exit;
}
/* Cert and key were successfully generated. Store them in the database. */
db_add_outside_key_cert($user->account_id, $cert, $key);
private function sanityCheck(&$confirmed)
{
global $randomkey_name;
global $team_id1;
global $team_id2;
global $team1_caps;
global $team2_caps;
global $timestamp;
global $match_id;
global $similarMatchFound;
global $db;
// sanitise match id
if (isset($_GET['edit'])) {
$match_id = intval($_GET['edit']);
}
if (isset($_GET['delete'])) {
$match_id = intval($_GET['delete']);
}
// sanitise team variables
if (isset($_POST['match_team_id1'])) {
$team_id1 = intval($_POST['match_team_id1']);
} elseif (isset($_POST['team_id1'])) {
$team_id1 = intval($_POST['team_id1']);
} else {
$team_id1 = 0;
}
if ($team_id1 < 1) {
$team_id1 = 0;
}
if (isset($_POST['match_team_id2'])) {
$team_id2 = intval($_POST['match_team_id2']);
} elseif (isset($_POST['team_id2'])) {
$team_id2 = intval($_POST['team_id2']);
} else {
$team_id2 = 0;
}
if ($team_id2 < 1) {
$team_id2 = 0;
}
// do the teams exist?
// teams specified?
if (!isset($_GET['delete']) && ($team_id1 > 0 && $team_id2 > 0)) {
$team_exists = 0;
$query = $db->prepare('SELECT COUNT(`id`) as `team_exists` FROM `teams` WHERE `id`=? LIMIT 1');
if (!($result = $db->execute($query, $team_id1))) {
$db->logError('Could not find out name of team #' . $team_id1 . '.');
}
while ($row = $db->fetchRow($query)) {
$team_exits = intval($row['team_exists']);
}
$db->free($query);
if ($team_exits === 0) {
echo '<p>Error: The specified team #1 does not exist</p>';
$confirmed = 'checkTeam1';
return;
}
// reset variable for team 2
$team_exits = 0;
$query = $db->prepare('SELECT COUNT(`id`) as `team_exists` FROM `teams` WHERE `id`=? LIMIT 1');
if (!($result = $db->execute($query, $team_id2))) {
$db->logError('Could not find out name of team #' . sqlSafeString($team_id2) . '.');
}
while ($row = $db->fetchRow($query)) {
$team_exits = intval($row['team_exists']);
}
$db->free($query);
if ($team_exits === 0) {
echo '<p>Error: The specified team #2 does not exist</p>';
$confirmed = 'checkTeam2';
return;
}
// teams are the same (and chosen by user)
if ($team_id1 > 0 && $team_id2 > 0 && $team_id1 === $team_id2) {
echo '<p>In order to be an official match, teams would have to be different!</p>';
$confirmed = 'checkDifferentTeams';
return;
}
}
// sanitise score variables
if (isset($_POST['team1_points'])) {
$team1_caps = intval($_POST['team1_points']);
} else {
$team1_caps = 0;
}
if (isset($_POST['team2_points'])) {
$team2_caps = intval($_POST['team2_points']);
} else {
$team2_caps = 0;
}
// sanitise day and time variables
if (isset($_POST['match_day'])) {
$match_day = $_POST['match_day'];
} else {
$match_day = date('Y-m-d');
}
if (isset($_POST['match_time'])) {
$match_time = $_POST['match_time'];
} else {
$match_time = date('H:i:s');
}
if (isset($_POST['match_day']) && isset($_POST['match_time'])) {
$timestamp = $_POST['match_day'] . ' ' . $_POST['match_time'];
}
// user wants to edit match data again
if (isset($_POST['match_cancel'])) {
$confirmed = 'edit';
return;
}
if (isset($_POST['$match_id'])) {
$match_id = intval($_POST['$match_id']);
}
// does the match exit?
if (isset($match_id)) {
$query = $db->prepare('SELECT `id` FROM `matches` WHERE `id`=?');
if (!($result = $db->execute($query, $match_id))) {
$db->logError('Could not find out id for team 1 given match id ' . $match_id . ' due to a sql problem!');
}
if (intval($db->rowCount($query)) < 1) {
// match did not exist!
$confirmed = 'checkMatch';
}
}
// sanitise date and time specified
// sanity checks regarding day format
// sample day: 2009-12-15
if (!preg_match('/(2)(0|1|2|3|4|5|6|7|8|9){3,}-(0|1)(0|1|2|3|4|5|6|7|8|9)-(0|1|2|3)(0|1|2|3|4|5|6|7|8|9)/', $match_day)) {
echo '<p>Please make sure your specified date is in correct format. Do not forget leading zeros.</p>' . "\n";
$confirmed = 'no';
return;
}
// sanity checks regarding time format
// sample time: 15:21:35
if (!preg_match('/(0|1|2)([0-9]):([0-5])([0-9]):([0-5])([0-9])/', $match_time)) {
echo '<p>Please make sure your specified time is in correct format. Do not forget leading zeros.</p>' . "\n";
$confirmed = 'no';
return;
}
// get the unix timestamp from the date and time
if (!($specifiedTime = strtotime($match_day . ' ' . $match_time))) {
echo '<p>Please make sure your specified date and time is valid!</p>' . "\n";
$confirmed = 'no';
return;
}
// look up if the day does exist in Gregorian calendar
// checkdate expects order to be month, day, year
if (!checkdate(date('m', $specifiedTime), date('d', $specifiedTime), date('Y', $specifiedTime))) {
echo '<p>Please make sure your specified date and time is a valid Gregorian date.</p>' . "\n";
$confirmed = 'no';
return;
}
// is match in the future?
if (isset($timestamp)) {
$curTime = (int) strtotime('now');
if ((int) $specifiedTime - $curTime >= 0) {
echo '<p>You tried to enter, edit or delete a match that would have been played in the future.';
echo ' Only matches in the past can be entered, edited or deleted.</p>' . "\n";
$confirmed = 'no';
return;
}
}
// is match older than 2 months?
$eightWeeksAgo = (int) strtotime('now -8 weeks');
if ((int) $specifiedTime <= $eightWeeksAgo) {
echo '<p>You tried to enter, edit or delete a match that is older than 8 weeks.' . 'Only matches played in the last 8 weeks can be entered, edited or deleted.</p>' . "\n";
$confirmed = 'no';
return;
}
// check if there is already a match entered at that time
// scores depend on the order, two matches done at the same time lead to undefined behaviour
$query = $db->prepare('SELECT `timestamp` FROM `matches` WHERE `timestamp`=?');
if (!($result = $db->execute($query, $timestamp))) {
unlock_tables();
$db->logError('Unfortunately there seems to be a database problem' . ' and thus comparing timestamps (using equal operator) of matches failed.');
}
$rows = (int) $db->rowCount($query);
$db->free($query);
if ($rows > 0 && !isset($_GET['edit']) && !isset($_GET['delete'])) {
// go back to the first step of entering a match
echo '<p>There is already a match entered at that exact time.';
echo ' There can be only one finished at the same time because the scores depend on the order of the played matches.</p>' . "\n";
// just warn them and let them enter it all again by hand
echo 'Please enter the match with a different time.</p>' . "\n";
echo '<form enctype="application/x-www-form-urlencoded" method="post" action="?enter">' . "\n";
echo '<div>';
$site->write_self_closing_tag('input type="hidden" name="confirmed" value="0"');
echo '</div>' . "\n";
// pass the match values to the next page so the previously entered data can be set default for the new form
show_form($team_id1, $team_id2, $team1_caps, $team2_caps, $readonly = false);
echo '<div>';
$site->write_self_closing_tag('input type="submit" name="match_cancel" value="Cancel and change match data" id="send"');
echo '</div>' . "\n";
echo '</form>' . "\n";
$site->dieAndEndPage();
}
// random key validity check
if ($confirmed === 'action') {
$new_randomkey_name = '';
if (isset($_POST['key_name'])) {
$new_randomkey_name = html_entity_decode($_POST['key_name']);
}
$randomkeysmatch = $site->compare_keys($randomkey_name, $new_randomkey_name);
if (!$randomkeysmatch) {
echo '<p>The magic key did not match. It looks like you came from somewhere else. Going back to compositing mode.</p>';
// reset the confirmed value
$confirmed = 'no';
}
}
// check for similar match in database and warn user if at least one was found
// skip warning if already warned (no infinite warning loop)
if ($confirmed === 'action' && !isset($_POST['similar_match'])) {
// find out if there are similar matches
$similarMatchFound = false;
$similarMatchFound = similarMatchEntered(true);
if (!$similarMatchFound) {
// look for a possible last show stopper
$similarMatchFound = similarMatchEntered(false);
} else {
// add space between last similar match and the one probably following
$site->write_self_closing_tag('br');
// only call the function for user information, ignore result
similarMatchEntered(false);
}
if ($similarMatchFound) {
// ask for confirmation again and do not go ahead automatically
$confirmed = 'no';
}
}
// no double confirmation about deletion - user saw confirmation step with $confirmed = 0 already
if ($confirmed === 'action' && isset($_GET['delete'])) {
$confirmed = 'action';
}
}
<?php
require 'formhelpers.php';
if ($_POST['_submit_check']) {
if ($form_errors = validate_form()) {
show_form($form_errors);
} else {
process_form();
}
} else {
show_form();
}
function show_form($errors = '')
{
if ($errors) {
print 'You need to correct the following errors: <ul><li>';
print implode('</li><li>', $errors);
print '</li></ul>';
}
// the beginning of the form
print '<form method="POST" action="' . $_SERVER['PHP_SELF'] . '">';
print '<table>';
// the search term
print '<tr><td>Search Term:</td><td>';
input_text('term', $_POST);
print '</td></tr>';
// form end
print '<tr><td colspan="2"><input type="submit" value="Search News Feed"></td></tr>';
print '</table>';
print '<input type="hidden" name="_submit_check" value="1"/>';
print '</form>';
label:before {
content:"\\a";
white-space: pre;
}
</style>
EOT;
require_once 'lib/common.php';
$db = new EPMADD\DbAccess();
$data = array();
foreach ($_REQUEST as $name => $value) {
if (strpos($name, 'action_') === 0) {
$data = $name($db);
break;
}
}
show_form($data);
function action_find($db)
{
$last = empty($_REQUEST['last']) ? '' : $_REQUEST['last'];
$stmt = $db->query('select member_id, last, first from
member where last like :pat', array('pat' => "{$last}%"));
if ($row = $stmt->fetch()) {
return $row;
}
echo "<p>Not found";
return array();
}
function action_new($db)
{
return array();
}
//mb_internal_encoding('UTF-8');
$required = array('kanji', 'pronunciation', 'english_translation');
if (!empty($_POST)) {
$missing = false;
foreach ($_POST as $key => $value) {
if (empty($value) && $key != 'link') {
$missing = true;
}
}
if (!$missing) {
$kanji = new Kanji($_POST);
$kanji->insert();
header('Location: manage.php');
}
}
show_form($required);
function show_form($required)
{
?>
<!doctype html>
<html>
<head>
<title>Add Kanji</title>
<meta charset="UTF-8" />
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<h1>Add Kanji</h1>
<form action='add.php' method='post'>
<table>
<tr>
condor_q
<input type=text name=value value="<?php
echo $value;
?>
">
<input type=submit>
</form>
<?php
}
// close function
$value = $_REQUEST['value'];
// grab user input
if (!isset($value)) {
show_form();
} else {
show_form($value);
if (empty($value)) {
$output = `condor_q 2>&1`;
} else {
$output = `condor_q {$value} 2>&1`;
}
$output = htmlentities($output);
print "<pre>{$output}</pre>";
print "<hr><p>Last update on ";
print date(DATE_RFC822);
print "</p>";
}
?>
<?php
do_refresh_button();
