/**
* Implementation of module_content()
*/
function static_content()
{
global $ssc_database;
// We'll never accept params, so is gonna be a 404
if (!empty($_GET['param'])) {
ssc_not_found();
}
// Find content
$result = $ssc_database->query("SELECT title, created, modified, body FROM #__static WHERE id = %d LIMIT 1", $_GET['path-id']);
if ($result && ($data = $ssc_database->fetch_assoc($result))) {
if (!ssc_load_library('sscText')) {
ssc_not_found();
// Strictly speaking, the library /wasn't/ found...
}
ssc_set_title($data['title']);
return sscText::convert($data['body']);
}
ssc_not_found();
}
/**
* Resize an image to the specified size. Takes an approximate guess at best compression based on file size
* Either $width or $height may be -1 to indicate no maximum width/height but not both
* @param string Location to store the resized file
* @param int Maximum width of the image
* @param int Maximum height of the image
* @return boolean Whether or not the resize was successful
*/
function resize($target, $width = -1, $height = -1)
{
global $ssc_site_path;
// Perform checks before passing off to the individual implementation
// Can't have both don't-care width AND height
if ($width < 1 && $height < 1) {
return false;
}
// Check target location writability
$dir = dirname($target);
if (!is_dir($dir) || (fileperms($dir) & 0200) == 0) {
return false;
}
// Preliminary checks ok - pass to library implementation
$lib = 'sscImage' . ssc_var_get('image_library', 'GD2');
if (!ssc_load_library($lib)) {
return false;
}
if ($imgLib = new $lib($this->file)) {
return $imgLib->_resize($target, $width, $height);
} else {
return false;
}
}
<?php
/**
* Dynamic page module.
*
* Generate an RSS feed for each of the dynamic pages.
* @package SSC
* @subpackage Module
* @copyright Copyright (c) Scott Thomas
*/
defined('_VALID_SSC') or die('Restricted access');
global $ssc_database, $ssc_site_url, $ssc_site_path;
if (!ssc_load_library('sscText')) {
echo "Unable to load library";
return;
}
// Get a list of available "blogs"
$result = $ssc_database->query("SELECT id, name, description FROM #__blog");
if (!$result) {
return;
}
// Loop through each
while ($data = $ssc_database->fetch_assoc($result)) {
$res_posts = $ssc_database->query("SELECT p.id, p.created, p.modified, urltext, title, body, displayname FROM #__blog_post p LEFT JOIN #__user u ON u.id = author_id WHERE blog_id = %d AND p.is_draft = 0 ORDER BY created DESC LIMIT 0,5", $data['id']);
// Ignore empty blogs
if (!$res_posts || $ssc_database->number_rows() == 0) {
return;
}
// Open file handles
$bID = $data['id'];
$fp = fopen($ssc_site_path . "/modules/blog/rss-{$bID}.xml", 'w');
/**
* Implementation of module_content()
*
* Results content. At this stage, no arguments so present results for entire regatta. Bracket refers to mouse-over
*
* - /
* No parameters. Should show abbr'd |sail|class|name|skip (crew)|place(corr. time)[|place(corr. time)...]
*
* - /heat/<num> or /heat-<num
* Show detailed version for a heat perhaps? Probably not feasable.
*/
function sailing_content()
{
global $ssc_database;
ssc_add_js('/modules/sailing/sailing.js');
// See if results exist
$result = $ssc_database->query("SELECT name, description, updated, flags, heats FROM #__sailing_series WHERE id = %d LIMIT 1", $_GET['path-id']);
if (!($result && ($data = $ssc_database->fetch_assoc($result)))) {
ssc_not_found();
return;
}
// Set up some flags
$flags = $data['flags'];
$prefix = $flags & SSC_SAILING_PREFIX ? "Division " : "";
$show_class = ($flags & SSC_SAILING_CLASS) > 0;
$show_club = ($flags & SSC_SAILING_CLUB) > 0;
// Heat numbers
$heats = explode(",", $data['heats']);
// Description / title
ssc_set_title($data['name']);
$out = "";
if (strlen($data['description']) > 0) {
if (!ssc_load_library('sscText')) {
$out .= check_plain($data['description']);
} else {
$out .= sscText::convert($data['description']);
}
}
// Prepare for table
$result = $ssc_database->query("SELECT r.results, r.times, r.points, r.division, e.number, e.skipper, e.crew, e.name AS boatname, e.class, e.club FROM #__sailing_results r LEFT JOIN #__sailing_entries e ON e.id = r.uid WHERE r.series_id = %d ORDER BY r.division ASC, r.points ASC", $_GET['path-id']);
if (!$result || $ssc_database->number_rows() < 1) {
// Empty or sql failure
$out .= "There are no race results available for this series yet";
return $out;
} else {
// Start outputting
$out .= '<table class="sail-table" summary="Race results">';
$col_header = _ssc_sailing_table_header($flags, $heats, $col_count);
// Loop through results
$div = '-1';
while ($data = $ssc_database->fetch_assoc($result)) {
// Re-echo headers for each division
if ($div != $data['division']) {
if ($div == '-1') {
$out .= "<thead><tr><th class=\"div-heading\" colspan=\"{$col_count['total']}\">{$prefix}{$data['division']}</th></tr>";
$out .= "{$col_header}</thead><tbody>";
} else {
$out .= '<tr><th class="div-heading" colspan="' . $col_count['total'] . '">' . $prefix . $data['division'] . '</th></tr>';
$out .= $col_header;
}
$div = $data['division'];
}
// Row contents
$out .= "<tr><td>{$data['number']}</td>" . ($show_class ? "<td>{$data['class']}</td>" : '') . "<td>{$data['boatname']}</td>";
if ($data['crew'] != '') {
$out .= "<td><span title=\"{$data['crew']}\">{$data['skipper']}</span></td>";
} else {
$out .= "<td>{$data['skipper']}</td>";
}
if ($show_club) {
$out .= "<td>{$data['club']}</td>";
}
// Parse results
$heats = explode(",", $data['results']);
$times = explode(",", $data['times']);
for ($i = 0; $i < $col_count['heats']; $i++) {
if ($times[$i] != '') {
if ((double) $times[$i] > 0) {
$out .= '<td><span title="' . sprintf("%1.1f", (double) $times[$i]) . " min\">{$heats[$i]}</span></td>";
} else {
$out .= "<td><span title=\"{$times[$i]}\">{$heats[$i]}</span></td>";
}
} else {
$out .= "<td>{$heats[$i]}</td>";
}
}
$out .= '</tr>';
}
// Tidy up
$out .= '</tbody></table>';
}
return $out;
}
/**
* Forgotten password recovery submission
*/
function login_fogotten_submit()
{
global $ssc_site_url, $ssc_database;
if (!ssc_load_library('sscMail')) {
ssc_add_message(SSC_MSG_CRIT, t("An error resetting your account password has occurred"));
return false;
}
// Retrieve email for user
$result = $ssc_database->query("SELECT id, username, email FROM #__user WHERE username = '******' LIMIT 1", $_POST['name']);
if (!($data = $ssc_database->fetch_object($result))) {
ssc_add_message(SSC_MSG_CRIT, t('The username specified does not exist'));
return false;
}
// Set new password
$pass = substr(base64_encode(md5($_POST['name'] . mt_rand() . $_SERVER['SERVER_NAME'])), 0, 16);
$hash = new PasswordHash(8, true);
$mail = new sscMail($_POST['email'], t("#server password reset", array('#server' => $_SERVER['SERVER_NAME'])));
if (!$mail) {
ssc_add_message(SSC_MSG_CRIT, t("An error resetting your account password has occurred"));
return false;
}
$message = t("#user,\n\nA password reset was placed at #server for your username,\nand as such, your password has been reset to the following details:\n\n" . " Username: #user\n" . " Password: #pass\n\n" . "You can use these details to log in and then change your password\n" . "from your profile page.\n\n" . "If you did not authorize this, you are still requird to use the password\n" . "above to login.", array("#user" => $_POST['user'], "#server" => $ssc_site_url, "#url" => $ssc_site_url . "user/login", "#pass" => $pass));
$pass = $hash->HashPassword($pass);
$result = $ssc_database->query("UPDATE #__user SET password = '******' WHERE id = %d", $pass, $data->id);
if ($result) {
$sent = $mail->send($message);
if ($sent) {
ssc_add_message(SSC_MSG_INFO, t("Success. An email has been sent to your nominated address with further details."));
} else {
ssc_add_message(SSC_MSG_CRIT, t("An error occurred sending the email. Please contact an administrator."));
}
} else {
ssc_add_message(SSC_MSG_CRIT, t("An error resetting your account password has occurred"));
}
}
/**
* Comment moderation submission
*/
function blog_spam_ham_submit()
{
global $ssc_database, $ssc_site_url;
if ($_POST['action'] == 'enable_comments' || $_POST['action'] == 'disable_comments') {
if ($_POST['action'] == 'enable_comments') {
$ssc_database->query("UPDATE #__blog_post SET commentsdisabled = 0 WHERE id = %d", $_POST['i']);
} elseif ($_POST['action'] == 'disable_comments') {
$ssc_database->query("UPDATE #__blog_post SET commentsdisabled = 1 WHERE id = %d", $_POST['i']);
}
} else {
$result = $ssc_database->query("SELECT author, email, site, body, status, ip FROM #__blog_comment WHERE id = %d LIMIT 1", $_POST['i']);
// Bad sql or comment doesn't exist
if (!$result || !($data = $ssc_database->fetch_object($result))) {
return;
}
if ($_POST['action'] == 'spam' && ($data->status & SSC_BLOG_COMMENT_CAN_SPAM) > 0) {
// Marking as spam + Akismet submit
if (ssc_load_library('sscAkismet')) {
$spam = new sscAkismet($ssc_site_url, ssc_var_get('wordpress_api', ''));
if ($spam) {
$spam->setContent($data->body, 'comment');
$spam->setAuthor($data->author, $data->email, $data->site);
$spam->setRemote($data->ip, null);
$spam->markIncorrect('markSpam');
}
}
} elseif ($_POST['action'] == 'ham' && ($data->status & SSC_BLOG_COMMENT_CAN_SPAM) > 0) {
// Mark not spam + Akismet submit
if (ssc_load_library('sscAkismet')) {
$spam = new sscAkismet($ssc_site_url, ssc_var_get('wordpress_api', ''));
if ($spam) {
$spam->setContent($_POST['c'], 'comment');
$spam->setAuthor($_POST['n'], $_POST['e'], $_POST['s']);
$spam->setRemote($data->ip, null);
$spam->markIncorrect('markHam');
}
}
}
$data->status = $data->status & ~SSC_BLOG_COMMENT_CAN_SPAM;
switch ($_POST['action']) {
case 'spam':
case 'hide':
$data->status = $data->status | SSC_BLOG_COMMENT_SPAM;
$ssc_database->query("UPDATE #__blog_comment SET status = %d WHERE id = %d", $data->status, $_POST['i']);
break;
case 'show':
case 'ham':
$data->status = $data->status & ~SSC_BLOG_COMMENT_SPAM;
$ssc_database->query("UPDATE #__blog_comment SET status = %d WHERE id = %d", $data->status, $_POST['i']);
break;
}
}
}
