/**
* Submit form contents for an event edit to the DB
*/
function events_edit_submit()
{
global $ssc_database;
$id = (int) $_POST['id'];
if ($id == 0) {
$result = $ssc_database->query("INSERT INTO #__events (title, description, uri, flags, date) VALUES ('%s', '%s', '%s', %d, '%s')", $_POST['name'], $_POST['desc'], $_POST['uri'], isset($_POST['link']) && $_POST['link'] == '1' ? 1 : 0, date("Y-m-d", strtotime(ssc_parse_date($_POST['date']))));
$id = $ssc_database->last_id();
} else {
$result = $ssc_database->query("UPDATE #__events SET title = '%s', description = '%s', uri = '%s', flags = %d, date = '%s' WHERE id = %d LIMIT 1", $_POST['name'], $_POST['desc'], $_POST['uri'], isset($_POST['link']) && $_POST['link'] == '1' ? 1 : 0, date("Y-m-d", strtotime(ssc_parse_date($_POST['date']))), $id);
}
if ($result) {
ssc_add_message(SSC_MSG_INFO, t('Event saved successfully'));
} else {
ssc_add_message(SSC_MSG_CRIT, t('Event was unable to be saved - ' . $ssc_database->error()));
return;
}
if ((int) $_POST['id'] == 0) {
ssc_redirect('/admin/events/edit/' . $id);
}
}
function sailing_series_submit()
{
global $ssc_database;
// Get id number
$id = (int) $_POST['id'];
// Bitflags
$flags = 0;
if (isset($_POST['class']) && (int) $_POST['class'] == 1) {
$flags |= SSC_SAILING_CLASS;
}
if (isset($_POST['club']) && (int) $_POST['club'] == 1) {
$flags |= SSC_SAILING_CLUB;
}
if (isset($_POST['div']) && (int) $_POST['div'] == 1) {
$flags |= SSC_SAILING_PREFIX;
}
if ($id == 0) {
// Inserting fresh
$result = $ssc_database->query("INSERT INTO #__handler (path, handler) VALUES ('%s', %d)", $_POST['url'], module_id('sailing'));
if (!$result) {
ssc_add_message(SSC_MSG_CRIT, 'Error inserting into db');
return false;
}
$id = $ssc_database->last_id();
$result = $ssc_database->query("INSERT INTO #__sailing_series (id, name, description, updated, flags, heats) VALUES (%d, '%s', '%s', 0, %d, '')", $id, $_POST['name'], $_POST['desc'], $flags);
if (!$result) {
ssc_add_message(SSC_MSG_CRIT, 'Error inserting into db');
return false;
}
} else {
// Update existing
$ssc_database->query("UPDATE #__handler SET path = '%s' WHERE id = %d LIMIT 1", $_POST['url'], $id);
$ssc_database->query("UPDATE #__sailing_series SET name = '%s', description = '%s', flags = %d WHERE id = %d LIMIT 1", $_POST['name'], $_POST['desc'], $flags, $id);
}
if (isset($_FILES['update']['name'])) {
switch ($_FILES['update']['error']) {
case UPLOAD_ERR_OK:
if (!_ssc_sailing_parse_csv($id)) {
ssc_add_message(SSC_MSG_CRIT, t('Unable to update race results'));
} else {
ssc_add_message(SSC_MSG_INFO, t('Regatta details and heats updated successfully'));
}
unlink($_FILES['update']['tmp_name']);
break;
case UPLOAD_ERR_NO_FILE:
// No file, but other details should be saved
ssc_add_message(SSC_MSG_INFO, t("Regatta details updated successfully"));
break;
default:
ssc_add_message(SSC_MSG_ERROR, t('Unknown file upload error: !num', array('!num' => $_FILES['update']['error'])));
break;
}
}
if ((int) $_POST['id'] == 0) {
ssc_redirect('/admin/sailing/edit/' . $id);
}
}
/**
* Profile edit saving
*/
function login_profile_submit()
{
global $ssc_database, $ssc_user;
$admin = $_GET['path'] == '/admin' && login_check_auth("login");
if (!empty($_POST['n2'])) {
$hash = new PasswordHash(8, true);
$pass = $hash->HashPassword($_POST['n2']);
} else {
$pass = null;
}
// Ready to submit
if ($_POST['uid'] <= 0 && $admin) {
// New user
$result = $ssc_database->query("INSERT INTO #__user SET\n\t\tusername = '******', fullname = '%s', displayname = '%s', email = '%s',\n\t\tgid = %d, password = '******', created = %d", $_POST['user'], $_POST['full'], $_POST['disp'], $_POST['email'], $_POST['grp'], $pass, time());
if (!$result) {
ssc_add_message(SSC_MSG_CRIT, t('There was an error submitting this form'));
return;
}
$id = $ssc_database->last_id();
ssc_add_message(SSC_MSG_INFO, t('User details saved'));
ssc_redirect("/admin/login/edit/{$id}");
} else {
// Update existing
if ($admin) {
if ($pass) {
$result = $ssc_database->query("UPDATE #__user SET\n\t\t\t\tusername = '******', fullname = '%s', displayname = '%s', email = '%s',\n\t\t\t\tgid = %d, password = '******' WHERE id = %d", $_POST['user'], $_POST['full'], $_POST['disp'], $_POST['email'], $_POST['grp'], $pass, $_POST['uid']);
if ($result) {
ssc_add_message(SSC_MSG_INFO, t('User details saved'));
} else {
ssc_add_message(SSC_MSG_CRIT, t('There was an error submitting this form'));
}
} else {
$result = $ssc_database->query("UPDATE #__user SET\n\t\t\t\tusername = '******', fullname = '%s', displayname = '%s', email = '%s',\n\t\t\t\tgid = %d WHERE id = %d", $_POST['user'], $_POST['full'], $_POST['disp'], $_POST['email'], $_POST['grp'], $_POST['uid']);
if ($result) {
ssc_add_message(SSC_MSG_INFO, t('User details saved'));
} else {
ssc_add_message(SSC_MSG_CRIT, t('There was an error submitting this form'));
}
}
} else {
if ($pass) {
$result = $ssc_database->query("UPDATE #__user SET\n\t\t\t\tusername = '******', fullname = '%s', displayname = '%s', email = '%s',\n\t\t\t\tpassword = '******' WHERE id = %d", $_POST['user'], $_POST['full'], $_POST['disp'], $_POST['email'], $pass, $ssc_user->id);
if ($result) {
ssc_add_message(SSC_MSG_INFO, t('User details saved'));
} else {
ssc_add_message(SSC_MSG_CRIT, t('There was an error submitting this form'));
}
} else {
$result = $ssc_database->query("UPDATE #__user SET\n\t\t\t\tusername = '******', fullname = '%s', displayname = '%s', email = '%s'\n\t\t\t\tWHERE id = %d", $_POST['user'], $_POST['full'], $_POST['disp'], $_POST['email'], $ssc_user->id);
if ($result) {
ssc_add_message(SSC_MSG_INFO, t('User details saved'));
} else {
ssc_add_message(SSC_MSG_CRIT, t('There was an error submitting this form'));
}
}
}
}
}
/**
* Gallery edit submission
*/
function gallery_form_submit()
{
global $ssc_database, $ssc_site_path;
if ($_POST['gid'] == 0) {
// Insert new
$result = $ssc_database->query("INSERT INTO #__handler (status, handler, path) \n\t\t\t\tVALUES (0, %d, '%s')", module_id('gallery'), $_POST['url']);
if (!$result) {
ssc_add_message(SSC_MSG_CRIT, 'Error inserting into DB');
return;
}
$id = $ssc_database->last_id();
$result = $ssc_database->query("INSERT INTO #__gallery (id, title, description, visible) \n\t\t\t\tVALUES (%d, '%s', '%s', %d)", $id, $_POST['name'], $_POST['desc'], $_POST['vis']);
if (!$result) {
$ssc_database->query("DELETE FROM #__handler WHERE id = %d LIMIT 1", $id);
ssc_add_message(SSC_MSG_CRIT, 'Error inserting into DB');
return;
}
mkdir($ssc_site_path . '/images/gallery/' . $id);
ssc_add_message(SSC_MSG_INFO, t('Gallery saved'));
ssc_redirect('/admin/gallery/edit/' . $id);
} else {
$result = $ssc_database->query("UPDATE #__gallery g, #__handler h SET title = '%s', description = '%s', \n\t\t\t\tvisible = %d, path = '%s' WHERE g.id = %d AND g.id = h.id ", $_POST['name'], $_POST['desc'], $_POST['vis'], $_POST['url'], $_POST['gid']);
if (!$result) {
ssc_add_message(SSC_MSG_CRIT, 'Gallery details were not saved');
} else {
ssc_add_message(SSC_MSG_INFO, 'Gallery details updated');
}
}
if (isset($_FILES['single'])) {
// Uploading single file
$ext = pathinfo($_FILES['single']['name']);
$ext = "." . $ext['extension'];
$file = $ssc_site_path . '/tmp/' . time() . "{$ext}";
if (!move_uploaded_file($_FILES['single']['tmp_name'], $file)) {
return;
}
$image = new sscImage($file);
// Possibly messy, but insert before resizing
$result = $ssc_database->query("INSERT INTO #__gallery_content (gallery_id, caption, mid) VALUES (%d, '', 0)", $_POST['gid']);
if (!$result) {
ssc_add_message(SSC_MSG_CRIT, 'Unable to insert new image');
return;
}
$id = $ssc_database->last_id();
$path = $ssc_site_path . '/images/gallery/' . $_POST['gid'] . '/';
if (!$image->resize($path . $id . $ext, 1024, -1)) {
$ssc_database->query("DELETE FROM #__gallery_content WHERE id = %d LIMIT 1", $id);
unlink($file);
ssc_add_message(SSC_MSG_CRIT, 'Unable to insert new image');
return;
}
if (!$image->resize($path . $id . "_m{$ext}", 350, -1)) {
$ssc_database->query("DELETE FROM #__gallery_content WHERE id = %d LIMIT 1", $id);
unlink($file);
unlink($path . $id . $ext);
ssc_add_message(SSC_MSG_CRIT, 'Unable to insert new image');
return;
}
if (!$image->resize($path . $id . "_t{$ext}", 150, -1)) {
$ssc_database->query("DELETE FROM #__gallery_content WHERE id = %d LIMIT 1", $id);
unlink($file);
unlink($path . $id . $ext);
unlink($path . $id . "_m.{$ext}");
ssc_add_message(SSC_MSG_CRIT, 'Unable to insert new image');
return;
}
ssc_add_message(SSC_MSG_INFO, t('Image uploaded'));
unlink($file);
}
}
/**
* Post submission
*/
function blog_post_submit()
{
global $ssc_user, $ssc_database;
$blog = (int) $_POST['bid'];
$id = (int) $_POST['id'];
// Someone trying to circumvent things
if ($blog == 0) {
return;
}
if (isset($_POST['prev'])) {
ssc_add_message(SSC_MSG_INFO, "Below is a preview of your post. Nothing has been saved yet.");
return;
}
$require_redir = false;
if ($id == 0) {
// Insert
$result = $ssc_database->query("INSERT INTO #__blog_post (blog_id, title, created, modified, body, urltext, author_id, is_draft, publish_time) VALUES (%d, '%s', %d, %d, '%s', '%s', %d, %d, 0)", $blog, $_POST['title'], time(), time(), $_POST['body'], $_POST['url'], $ssc_user->id, $_POST['is_draft'] + ($_POST['is_draft'] ? $_POST['repub'] << 1 : 0));
$_POST['id'] = $id = $ssc_database->last_id();
if (!$result) {
ssc_add_message(SSC_MSG_CRIT, 'Error inserting into DB');
return;
}
$require_redir = true;
if ($_POST['is_draft'] == 0) {
module_hook('mod_blog_post_publish', null, array($blog, $id, t($_POST['title'])));
}
} else {
// Update
// Determine changes....
$result = $ssc_database->query("SELECT body FROM #__blog_post p WHERE id = %d AND blog_id = %d", $id, $blog);
if ($result && ($data = $ssc_database->fetch_assoc($result))) {
$dirty = $data['body'] != $_POST['body'];
if (!$dirty) {
if ($_POST['repub']) {
$ssc_database->query("UPDATE #__blog_post b SET title = '%s', urltext = '%s', is_draft = %d, created = %d, modified = %d WHERE id = %d AND blog_id = %d", $_POST['title'], $_POST['url'], $_POST['is_draft'] + ($_POST['is_draft'] ? $_POST['repub'] << 1 : 0), time(), time(), $id, $blog);
} else {
$ssc_database->query("UPDATE #__blog_post b SET title = '%s', urltext = '%s', is_draft = %d WHERE id = %d AND blog_id = %d", $_POST['title'], $_POST['url'], $_POST['is_draft'] + ($_POST['is_draft'] ? $_POST['repub'] << 1 : 0), $id, $blog);
}
} else {
if ($_POST['repub']) {
$ssc_database->query("UPDATE #__blog_post b SET title = '%s', body = '%s', urltext = '%s', is_draft = %d, created = %d, modified = %d WHERE id = %d AND blog_id = %d", $_POST['title'], $_POST['body'], $_POST['url'], $_POST['is_draft'] + ($_POST['is_draft'] ? $_POST['repub'] << 1 : 0), time(), time(), $id, $blog);
} else {
$ssc_database->query("UPDATE #__blog_post b SET title = '%s', body = '%s', urltext = '%s', is_draft = %d WHERE id = %d AND blog_id = %d", $_POST['title'], $_POST['body'], $_POST['url'], $_POST['is_draft'] + ($_POST['is_draft'] ? $_POST['repub'] << 1 : 0), $id, $blog);
}
}
if ($_POST['is_draft'] == 0) {
if ($_POST['repub']) {
module_hook('mod_blog_post_publish', null, array($blog, $id, t($_POST['title'])));
} else {
if ($dirty) {
module_hook('mod_blog_post_update', null, array($blog, $id, t($_POST['title'])));
}
}
}
}
}
// Tags
$result = $ssc_database->query("SELECT tag_id FROM #__blog_relation WHERE post_id = %d", $id);
$exist = array();
// Retrieve existing list of tags
while ($data = $ssc_database->fetch_assoc($result)) {
$exist[] = $data['tag_id'];
}
$exist = ',' . implode(',', $exist) . ',';
if (isset($_POST['tid'])) {
$tID = $_POST['tid'];
// Loop through each tag id
foreach ($tID as $key => $value) {
$key = (int) $key;
if ($key > 0 && strpos($exist, ',' . $key . ',') === false) {
// If not present already, add to the relation table
$ssc_database->query("INSERT INTO #__blog_relation (post_id, tag_id) VALUES (%d, %d)", $id, $key);
} else {
// Else, it's already there so don't need to add.
// Remove from todelete list
$exist = str_replace(',' . $key, '', $exist);
}
}
}
$exist = explode(',', $exist);
$total = count($exist);
for ($i = 0; $i < $total; $i++) {
if ($tID = intval($exist[$i])) {
$ssc_database->query("DELETE FROM #__blog_relation WHERE post_id = %d AND tag_id = %d LIMIT 1", $id, $tID);
}
}
ssc_add_message(SSC_MSG_INFO, t('Post saved'));
if ($require_redir) {
ssc_redirect("/admin/blog/edit/{$blog}/post/{$id}");
}
}
/**
* Page submission
*/
function static_form_submit()
{
global $ssc_database;
$id = intval($_POST['id']);
if ($id == 0) {
// Insert
$result = $ssc_database->query("INSERT INTO #__handler (path, handler) VALUES ('%s', %d)", $_POST['url'], module_id('static'));
if (!$result) {
ssc_add_message(SSC_MSG_CRIT, 'Error inserting into DB');
return;
}
$id = $ssc_database->last_id();
$result = $ssc_database->query("INSERT INTO #__static (id, title, created, modified, body) VALUES (%d, '%s', %d, %d, '%s')", $id, $_POST['title'], time(), time(), $_POST['body']);
if (!$result) {
ssc_add_message(SSC_MSG_CRIT, 'Error inserting into DB');
return;
}
ssc_add_message(SSC_MSG_INFO, t('Page saved'));
ssc_redirect('/admin/static/edit/' . $id);
} else {
// Update
$ssc_database->query("UPDATE #__static s, #__handler h SET s.title = '%s', s.body = '%s', h.path = '%s', s.modified = %d WHERE s.id = h.id AND s.id = %d", $_POST['title'], $_POST['body'], $_POST['url'], time(), $id);
}
ssc_add_message(SSC_MSG_INFO, t('Page saved'));
}
