<?php namespace bmtmgr; require_once dirname(__DIR__) . '/src/common.php'; utils\csrf_protect(); $u = user\check_current(); $u->require_perm('admin'); utils\require_get_params(['club_id', 'season_id']); utils\require_post_params(['firstname', 'lastname', 'gender']); $season = Season::by_id($_GET['season_id']); $club = User::by_id($_GET['club_id']); $name = \sprintf('%s, %s', $_POST['lastname'], $_POST['firstname']); $textid = \str_replace(' ', '_', $club->name . '-' . $_POST['firstname'] . ' ' . $_POST['lastname']); try { $player = Player::create($season->id, $club->id, $textid, $name, $_POST['gender']); $player->save(); } catch (utils\DuplicateEntryException $e) { render_ajax_error(sprintf('Ein Spieler mit der Id "%s" existiert bereits', $textid)); exit; } render_ajax('season/' . $season->id . '/club/' . $club->id . '/', ['player' => $player]);
<?php namespace bmtmgr; require_once dirname(__DIR__) . '/src/common.php'; utils\csrf_protect(); $u = user\check_current(); $u->require_perm('admin'); utils\require_post_params(['name']); $textid = \preg_replace('/[^a-z]+/', '', strtolower($_POST['name'])); assert(\preg_match('/^[a-z]+$/', $textid)); try { $club = User::create($textid, $_POST['name'], null); $club->save(); } catch (utils\DuplicateEntryException $e) { render_ajax_error('Der Verein "' . $_POST['name'] . '" existiert bereits'); exit; } render_ajax('club/' . $club->id . '/', ['club' => $club]);
<?php namespace bmtmgr; require_once dirname(__DIR__) . '/src/common.php'; require_once dirname(__DIR__) . '/src/sftp.php'; utils\csrf_protect(); $u = user\check_current(); $u->require_perm('admin'); utils\require_get_params(['tournament_id']); utils\require_post_params(['type']); $publication_type = $_POST['type']; $tournament = Tournament::by_id($_GET['tournament_id']); $season = $tournament->get_season(); switch ($publication_type) { case 'sftp': utils\require_post_params(['server', 'port', 'username', 'path']); $publication = sftp\SFTPPublication::sftp_create($tournament, $_POST['server'], \intval($_POST['port']), $_POST['path'], $_POST['username']); $publication->save(); render_ajax('publication/' . $publication->id . '/', ['publication' => $publication]); break; default: throw new \Exception('Invalid publication type'); }
<?php namespace bmtmgr; require_once dirname(__DIR__) . '/src/common.php'; utils\csrf_protect(); $u = user\check_current(); $u->require_perm('admin'); utils\require_get_params(['player_id']); $player = Player::by_id($_GET['player_id']); utils\require_post_params(['email']); $player->email = $_POST['email']; $player->save(); render_ajax('player/' . $player->id . '/', ['player' => $player]);
<?php namespace bmtmgr; require_once dirname(__DIR__) . '/src/common.php'; utils\csrf_protect(); $u = user\check_current(); $u->require_perm('admin'); utils\require_post_params(['name', 'season_id']); $season = Season::by_id($_POST['season_id']); try { $tournament = Tournament::create($season, $_POST['name']); $tournament->save(); } catch (utils\DuplicateEntryException $e) { render_ajax_error('Ein Turnier mit dem Namen "' . $_POST['name'] . '" existiert bereits'); exit; } render_ajax('t/' . $tournament->id . '/', ['season' => $season, 'tournament' => $tournament]);
<?php namespace bmtmgr; require_once dirname(__DIR__) . '/src/common.php'; require_once dirname(__DIR__) . '/src/import.php'; utils\csrf_protect(); $u = user\check_current(); $u->require_perm('admin'); utils\require_get_params(['tournament_id']); utils\require_post_params(['text']); $tournament = Tournament::by_id($_GET['tournament_id']); $season = $tournament->get_season(); $text = \trim($_POST['text']); $autocreate = \array_key_exists('autocreate', $_POST); Model::beginTransaction(); list($new_entries, $unmatched_lines) = \bmtmgr\import\import_text($tournament, $text, $autocreate); Model::commit(); render('entry_import_result', ['user' => $u, 'breadcrumbs' => [['name' => 'Ligen', 'path' => 'season/'], ['name' => $season->name, 'path' => 'season/' . $season->id . '/'], ['name' => $tournament->name, 'path' => 't/' . $tournament->id . '/'], ['name' => 'Importieren', 'path' => 't/' . $tournament->id . '/dialog_import']], 'season' => $season, 'tournament' => $tournament, 'new_entries' => $new_entries, 'unmatched_lines' => $unmatched_lines, 'autocreate' => $autocreate]);
<?php namespace bmtmgr; require_once dirname(__DIR__) . '/src/common.php'; $u = user\check_current(); $u->require_perm('admin'); utils\csrf_protect(); utils\require_post_params(['tournament_url']); if (!\preg_match('#^(https?://.*?/)[a-z]+(\\.aspx.*)$#', $_POST['tournament_url'], $m)) { render_ajax_error('Entschuldigung, die turnier-URL "' . $_POST['tournament_url'] . '" kann leider nicht bearbeitet werden.'); exit; } $base_url = $m[1]; $clubs_url = $base_url . 'clubs' . $m[2]; $clubs_content = \file_get_contents($clubs_url); if (!preg_match('#<div id="divTournamentHeader" class="header">\\s*<div class="title"><h3>(.*)</h3>#', $clubs_content, $m)) { throw new \Exception('Cannot find season name'); } $name = \html_entity_decode($m[1], ENT_QUOTES | ENT_HTML5, 'utf-8'); Model::beginTransaction(); $season = Season::fetch_optional('WHERE name=?', [$name]); if (!$season) { $season = Season::create($name, false, $_POST['tournament_url']); $season->save(); } $players = []; if (!\preg_match_all('#<td><a href="club\\.aspx(?P<club_path>\\?id=[^"]+)&club=(?P<club_num>[0-9]+)">(?P<name>[^<]+)</a></td><td class="right">(?P<id>[0-9-]+)</td>#', $clubs_content, $matches, PREG_SET_ORDER)) { throw new \Exception('Cannot find any club entries!'); } foreach ($matches as $m) {
<?php namespace bmtmgr; require_once dirname(__DIR__) . '/src/common.php'; utils\csrf_protect(); $u = user\check_current(); $u->require_perm('admin'); utils\require_get_params(['discipline_id']); utils\require_post_params(['note', 'capacity']); $discipline = Discipline::by_id($_GET['discipline_id']); $discipline->capacity = $_POST['capacity'] !== '' ? \intval($_POST['capacity']) : null; $discipline->note = $_POST['note']; $discipline->save(); render_ajax('d/' . $discipline->id . '/', ['discipline' => $discipline]);
<?php namespace bmtmgr; require_once dirname(__DIR__) . '/src/common.php'; require_once dirname(__DIR__) . '/src/utils.php'; require_once dirname(__DIR__) . '/src/email.php'; utils\csrf_protect(); utils\require_post_params(array('user')); $u = User::find_by_input($_POST['user']); if (!$u) { header('HTTP/1.1 404 Not Found'); render('error', array('title' => 'Benutzer nicht gefunden', 'msg' => 'Benutzer "' . $_POST['user'] . '" konnte nicht gefunden werden.')); exit; } $s = $GLOBALS['db']->prepare(' INSERT INTO login_email_token (token, user_id, request_time, expiry_time, metadata_json) VALUES(?, ?, ?, ?, ?)'); $ip = $_SERVER['REMOTE_ADDR']; $metadata = array('ip' => $ip, 'ua' => $_SERVER['HTTP_USER_AGENT']); $token = utils\gen_token(); $request_time = time(); $expire_time = $request_time + config\get('email_token_timeout', 24 * 60 * 60); $s->execute(array($token, $u->id, $request_time, $expire_time, json_encode($metadata))); $login_url = \bmtmgr\utils\absolute_url() . 'login?t=' . $token; $m = \bmtmgr\email\send($u->email, 'mails/token_request', array('name' => $u->name, 'email' => $u->email, 'token' => $token, 'until' => $request_time, 'login_url' => $login_url, 'ip' => $ip)); render('token_requested', array('sent_emails' => array($m), 'name' => $u->name, 'email' => $u->email, 'until' => $request_time, 'token_length' => strlen($token), 'ip' => $ip));