/**
Returns the UserId for the current session or dies.
It is strongly advised to check if the session is valid first.
*/
function session_getUid()
{
if (!isset($_SESSION['UserId'])) {
Config::error('UserId is not set in validate.php:session_getUid()');
}
return Config::getConnection()->escape_string($_SESSION['UserId']);
}
/**
@param $lambda function($column)
@return $lambda() || Exception
Executes given $lambda with $column if possible,
and returns an Exception otherwise.
*/
private function withColumn($lambda)
{
//Check if projection is on single column:
if (count($this->descriptions) !== 1) {
return new Exception('Projection on other than a single table in TranslationTableProjection.update()');
}
foreach ($this->descriptions as $tableName => $desc) {
if (count($desc['columns']) !== 1) {
return new Exception('Projection on other than a single column in TranslationTableProjection.update()');
}
foreach ($desc['columns'] as $column) {
return $lambda($column);
}
}
//Die because something is wrong:
Config::error('Unreachable code?!', true, true);
}
Translation::createTranslation($_GET['TranslationName'], $_GET['BrowserMatch'], $_GET['ImagePath'], $_GET['RfcLanguage'], $_GET['Active']);
header('Location: ' . $_SERVER['HTTP_REFERER'], 302);
break;
/**
@param TranslationId
@returns 'OK'|'FAIL'
*/
/**
@param TranslationId
@returns 'OK'|'FAIL'
*/
case 'deleteTranslation':
if (Translation::deleteTranslation($_GET['TranslationId'])) {
header('Location: ' . $_SERVER['HTTP_REFERER'], 302);
} else {
Config::error('FAIL: Cannot delete Translation 1.', false, true);
}
break;
/**
@param $_GET['Providers'] JSON array of strings
@param $_GET['Study'] String of the study to use
@param $_GET['TranslationId'] The TranslationId to use
Delivers a JSON object that maps names of providers to their offsets.
*/
/**
@param $_GET['Providers'] JSON array of strings
@param $_GET['Study'] String of the study to use
@param $_GET['TranslationId'] The TranslationId to use
Delivers a JSON object that maps names of providers to their offsets.
*/
case 'offsets':
/**
A helper function to execute multiple queries,
and return all their results in a single array.
*/
public function runQueries($qs)
{
if (is_string($qs)) {
$qs = array($qs);
}
$rows = array();
foreach ($qs as $q) {
$set = $this->dbConnection->query($q);
if ($set === false) {
Config::error("Problems with query: {$q}", true);
continue;
}
$rows = array_merge($rows, $this->fetchRows($set));
}
return $rows;
}
public static function getLastImport()
{
$q = 'SELECT UNIX_TIMESTAMP(Time) FROM Edit_Imports ORDER BY TIME DESC LIMIT 1';
$t = static::fetchAll($q);
if (count($t) > 0) {
return current(current($t));
}
Config::error('Query failed in DataProvider::getLastImport()');
return 0;
}
/**
@param $category String
@return $description array('Req' => String, 'Description' => String) || array()
Given a $category this method fetches the description text that belongs to it.
*/
public static function categoryToDescription($category)
{
//Checking projections:
$regex = '/^' . preg_quote($category, '/') . '$/';
$projections = TranslationColumnProjection::filterCategoryRegex(self::$projections, $regex);
if (count($projections) !== 0) {
$desc = current($projections)->getDescription();
if ($desc instanceof Exception) {
Config::error('' . $desc);
return array();
}
return $desc;
}
//Checking provider edge case:
if (array_key_exists($category, self::$providers)) {
if ($category === 'StudyTitleTranslationProvider') {
return TranslationProvider::getDescription('dt_studyTitle_trans');
} else {
Config::error("Unexpected case in Translation::categoryToDescription for {$category}");
}
}
return array();
}
@return 'FAIL' | String html - new option for LanguageFamilies.
*/
/**
@param studyix String - Interpretation as int
@param familyix String - Interpretation as int
@param subfamilyix String - Interpretation as int
@param name String
@return 'FAIL' | String html - new option for LanguageFamilies.
*/
case 'createLanguageFamily':
//Fetching expected parameters:
$studyix = $dbConnection->escape_string($_GET['studyix']);
$familyix = $dbConnection->escape_string($_GET['familyix']);
$subfamilyix = $dbConnection->escape_string($_GET['familyix']);
$name = $dbConnection->escape_string($_GET['name']);
/*
Depending tables have to be created first,
because the procedure 'createTablesAndRecreateViews' aborts
if the study already exists, to avoid recreating the views without need.
*/
$dbConnection->query("CALL createTables('{$name}')");
//Inserting the new Study:
$q = "INSERT INTO Studies(StudyIx, FamilyIx, SubFamilyIx, Name) " . "VALUES ({$studyix}, {$familyix}, {$subfamilyix}, '{$name}')";
$dbConnection->query($q);
if ($dbConnection->affected_rows != 1) {
Config::error('FAIL');
}
//Done:
echo "<option data-dbid='{$studyix}{$familyix}{$subfamilyix}' data-studyix='{$studyix}'" . " data-familyix='{$familyix}' data-subfamilyix='{$subfamilyix}'>{$name}</option>";
break;
}
<?php
/**
This script creates a dump of all translations in the database as a JSON object.
Having a JSON object rather than a SQL script allows us, to merge translations
in a clever fashion instead of simply replacing all of them.
The dynamic translations, for example, have a timestamp attached,
so that we can keep the latest of them even when they differ between machines.
*/
/* Setup and session verification */
chdir('..');
require_once 'common.php';
//We only check for the session, if not on cli:
if (php_sapi_name() !== 'cli') {
session_validate() or Config::error('403 Forbidden');
session_mayTranslate() or Config::error('403 Forbidden');
}
//Our information object:
$info = array('dynamicTranslation' => array(), 'staticDescription' => array(), 'staticTranslation' => array(), 'translations' => array());
//Fetching translations:
$q = 'SELECT TranslationId, TranslationName, BrowserMatch, ImagePath, Active, RfcLanguage, ' . 'UNIX_TIMESTAMP(lastChangeStatic) AS \'lastChangeStatic\', ' . 'UNIX_TIMESTAMP(lastChangeDynamic) AS \'lastChangeDynamic\' ' . 'FROM Page_Translations';
$set = $dbConnection->query($q);
while ($r = $set->fetch_assoc()) {
$tId = $r['TranslationId'];
unset($r['TranslationId']);
$info['translations'][$tId] = $r;
}
//Cast to object to aid json_encode:
$info['translations'] = (object) $info['translations'];
//Fetching static descriptions:
$q = 'SELECT Req, Description FROM Page_StaticDescription';
} else {
$allowed = session_validate() && session_mayEdit();
if (!$allowed) {
//Special case for action=export:
if (array_key_exists('ch1', $_GET) && array_key_exists('ch2', $_GET)) {
$db = Config::getConnection();
$login = $dbConnection->escape_string($_GET['ch1']);
$hash = $dbConnection->escape_string($_GET['ch2']);
$q = "SELECT AccessEdit FROM Edit_Users" . " WHERE Login = '******' AND Hash = '{$hash}'";
if ($r = $db->query($q)->fetch_row()) {
$allowed = $r[0] == 1;
}
unset($db, $login, $hash, $q, $r);
}
if (!$allowed) {
Config::error('403 Forbidden');
die('403 Forbidden');
}
}
if (array_key_exists('action', $_GET)) {
$action = $_GET['action'];
switch ($action) {
case 'import':
if (array_key_exists('import', $_FILES)) {
$file = file_get_contents($_FILES['import']['tmp_name']);
error_log('Got some data:');
error_log($file);
} else {
die('import file missing.');
}
break;
<?php
require_once 'categorySelection.php';
require_once 'query/translationTableProjection.php';
if (array_key_exists('tId', $_GET)) {
$tId = intval($_GET['tId']);
} else {
$tId = 1;
}
if (array_key_exists('tables', $_GET)) {
$tables = explode(',', $_GET['tables']);
$projection = TranslationTableProjection::projectTables($tables);
} else {
$projection = TranslationTableProjection::projectAll();
}
if ($projection instanceof Exception) {
Config::error($projection->getMessage(), true, true);
} else {
$changed = $projection->translationNotOriginal($tId);
require_once 'showTable.php';
showTable(array('projection' => $changed));
}
?>
<script type="application/javascript">
<?php
require_once 'js/translation.js';
?>
</script>
array_push($export, $row);
}
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Content-Type: application/json; charset=utf-8");
header("Content-Disposition: attachment;filename=\"users.json\"");
header("Content-Transfer-Encoding: binary");
die(Config::toJSON($export));
break;
case 'import':
if (count($_FILES) === 1) {
$file = file_get_contents($_FILES['import']['tmp_name']);
$data = json_decode($file);
foreach ($data as $user) {
$UserId = $dbConnection->escape_string($user->UserId);
$Login = $dbConnection->escape_string($user->Login);
$Hash = $dbConnection->escape_string($user->Hash);
$AccessEdit = $dbConnection->escape_string($user->AccessEdit);
$AccessTranslate = $dbConnection->escape_string($user->AccessTranslate);
$q = "INSERT INTO Edit_Users(UserId, Login, Hash, AccessEdit, AccessTranslate) " . "VALUES ({$UserId}, '{$Login}', '{$Hash}', {$AccessEdit}, {$AccessTranslate}) " . "ON DUPLICATE KEY UPDATE Login='******', Hash='{$Hash}'" . ", AccessEdit={$AccessEdit}, AccessTranslate={$AccessTranslate}";
$dbConnection->query($q);
}
header('LOCATION: ../index.php');
} else {
die('Sorry, you need to supply a file.');
}
break;
default:
Config::error('Call to unsupported action.');
}
<body>
<?php
/* Setup and session verification */
require_once 'dbimport/Importer.php';
chdir('..');
require_once 'common.php';
require_once '../query/cacheProvider.php';
session_validate() or Config::error('403 Forbidden');
session_mayEdit() or Config::error('403 Forbidden');
//Parsing client data, and using Importer:
$uId = $dbConnection->escape_string(session_getUid());
$merge = false;
$fs = array();
$uploads = $_FILES['upload'];
if (count($uploads['name']) === 1 && $uploads['name'][0] === '') {
Config::error('No file given.');
echo '<h1>You need to select a file first.</h1>';
} else {
while (count($uploads['name']) > 0) {
array_push($fs, array('name' => array_pop($uploads['name']), 'path' => array_pop($uploads['tmp_name'])));
}
CacheProvider::cleanCache('../');
$log = Importer::processFiles($fs, $uId, $merge);
echo '<ul><li>' . implode($log, '</li><li>') . '</li></ul>';
$tables = implode(',', Importer::findTables($fs));
$href = "../translate.php?tId=1&action=compareOriginal&tables={$tables}";
echo '<a target="_parent" href="' . $href . '" class="btn btn-primary">Review translations</a>';
}
?>
</body>
</html>
$confirm = $_POST['confirm'];
if ($newP !== $confirm) {
Config::error("New password doesn't match confirmation.");
}
$hash = password_hash($_POST['new'], PASSWORD_BCRYPT);
if (!$hash) {
//Fallback to md5
$hash = md5($_POST['new']);
}
$uid = session_getUid();
$q = "UPDATE Edit_Users SET Hash = '{$hash}' WHERE UserId = {$uid}";
$dbConnection->query($q);
session_destroy();
header('LOCATION: index.php');
} else {
Config::error('Invalid session!');
}
break;
case 'meanings':
require_once 'meanings.php';
break;
default:
if (session_validate()) {
if (session_mayEdit()) {
header('LOCATION: userAccount.php');
} else {
header('LOCATION: translate.php');
}
} else {
?>
<!DOCTYPE HTML>
