/**
* upload
*
* Grabs info from upload page and begins upload
*
* @return boolean
*/
public function upload()
{
$allowedExts = $this->config->getByType('allowed_file_type');
$maxFileSize = $this->config->getByType('max_file_size');
if (isset($_FILES)) {
$extension = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION);
if ($_FILES["file"]["error"] > 0 && $_FILES["file"]["size"] < $maxFileSize && in_array($extension, $allowedExts) && strpos($_FILES['file']['type'], 'video/')) {
if (!file_exists("uploads/" . $_FILES["file"]["name"])) {
move_uploaded_file($_FILES["file"]["tmp_name"], "uploads/" . $_FILES["file"]["name"]);
$user = new user();
$user->getCurrentUser();
$this->create($user->id, $_FILES["file"]["name"], $_POST['filename'], series::getSeriesId($_POST['file_series']), $_POST['file_description']);
return true;
}
}
}
return false;
}
public function __construct($teamid)
{
global $tmpl;
// no anon team editing allowed
if (!\user::getCurrentUserLoggedIn()) {
$tmpl->setTemplate('NoPerm');
return;
}
$this->setTemplate();
$tmpl->assign('title', 'Edit team');
$this->team = new team($teamid);
$tmpl->assign('teamid', $teamid);
$tmpl->assign('teamName', $this->team->getName());
$editPermission = \user::getCurrentUser()->getPermission('allow_edit_any_team_profile') || $this->team->getPermission('edit', user::getCurrentUserId());
$tmpl->assign('canEditTeam', $editPermission);
// user has no permission to edit team
// do not proceed with request
if (!$editPermission) {
$tmpl->setTemplate('NoPerm');
return;
}
$tmpl->assign('leaderId', $this->team->getLeaderId());
$userids = $this->team->getUserIds();
$members = array();
foreach ($userids as $userid) {
$members[] = array('id' => $userid, 'name' => (new user($userid))->getName());
}
$tmpl->assign('members', $members);
if (!isset($_POST['confirmed']) || (string) $_POST['confirmed'] === '0') {
$this->showForm();
} elseif (isset($_POST['confirmed']) && (string) $_POST['confirmed'] === '1') {
// try to update team
// show editing form on error
if (($validation = $this->sanityCheck()) !== true || ($validation = $this->updateTeam()) !== true) {
if ($validation !== true) {
$tmpl->assign('form_error', $validation);
}
$this->showForm();
} else {
$tmpl->assign('teamEditSuccessful', true);
}
}
}
/**
* renderPage
*
* renders a page from the html page adding in variables
*
* @param string $page
* @return string
*/
public function renderPage($page)
{
$config = new config();
$underConstruction = $config->getByType('under_construction');
$underConstruction = $underConstruction[0];
$user = new user();
$user->getCurrentUser();
$admin = null;
if ($user->userType == 'admin') {
$admin = new admin($user);
}
if ($page !== 'index.html' && $page !== 'index_2.html' && !$admin && $underConstruction) {
return "UNDER CONSTRUCTION";
}
$templateVariables = ['<!--addFriendButton-->' => isset($_GET['userId']) ? $this->getFriendButton($_GET['userId'], $user->id) : '', '<!--lastSeen-->' => date("r", $user->lastSeen), '<!--username-->' => $user->username, '<!--userId-->' => $user->id, '<!--GETUsername-->' => isset($_GET['userId']) ? $user->getUsernameById($_GET['userId']) : false, '<!--GETUserEmail-->' => isset($_GET['userId']) ? $user->getEmailById($_GET['userId']) : false, '<!--adminUnderConstruction-->' => $user->userType == 'admin' ? $admin->getUnderConstructionSwitch() : 'Not an Admin.', '<!--adminUserList-->' => $user->userType == 'admin' ? $admin->getUserList() : false, '<!--adminPanel-->' => $user->userType == 'admin' ? $admin->getAdminButton() : false, '<!--adminUserPermissions-->' => $user->userType == 'admin' ? $admin->getUserPermissions() : false];
$pageContents = file_get_contents($page);
foreach ($templateVariables as $key => $value) {
while (strpos($pageContents, $key)) {
$pageContents = substr($pageContents, 0, strpos($pageContents, $key)) . $value . substr($pageContents, strpos($pageContents, $key) + strlen($key));
}
}
return $pageContents;
}
public function __construct($teamid)
{
global $tmpl;
$tmpl->setTemplate('teamSystemJoin');
// check if team exists
$this->team = new team($teamid);
if (!$this->team->exists()) {
$tmpl->assign('canJoinTeam', false);
return;
}
$tmpl->assign('teamid', $this->team->getID());
// team exists, pass team name to template
$tmpl->assign('teamName', $this->team->getName());
// check if user has permission
$this->user = user::getCurrentUser();
if (!$this->user->getAllowedToJoinTeam($this->team->getID())) {
$tmpl->assign('canJoinTeam', false);
return;
}
// check if user is already in a team
// technically a user might be member of several teams, depending on the user class
// but this add-on allows a user to be only member of one team
if (!$this->user->getIsTeamless()) {
$tmpl->assign('canJoinTeam', false);
return;
}
$tmpl->assign('canJoinTeam', true);
// step 0: display confirmation question
// step 1: join team
$confirmed = !isset($_POST['confirmed']) ? 0 : (int) $_POST['confirmed'];
if ($confirmed === 0) {
$this->showForm();
} elseif ($confirmed === 1) {
$this->joinTeam($this->user);
}
}
<?php
/*
* -------------------------------------------------------
* ALL RIGHTS RESERVED!
* -------------------------------------------------------
*/
include_once 'PHP/user.php';
include_once 'PHP/friend.php';
include_once 'PHP/templateEngine.php';
session_start();
$pages = ['index.html', 'index_2.html', 'register.html', 'stream.html', 'user.html', 'animelist.html', 'admin.html'];
$user = new user();
$user->getCurrentUser();
$templateEngine = new templateEngine();
if (isset($user->userType) && $user->userType !== null && $user->userType && $user->userType !== 'anon') {
$page = 'index_2.html';
} else {
$page = 'index.html';
}
if (isset($_GET['page']) && in_array($_GET['page'], $pages) && $user->hasPrivilege($_GET['page'])) {
$page = $_GET['page'];
}
print_r($templateEngine->renderPage($page));
<?php
/*
* -------------------------------------------------------
* ALL RIGHTS RESERVED!
* -------------------------------------------------------
*/
require_once 'friend.php';
require_once 'user.php';
session_start();
$user = new user();
$friend = new friend();
if ($user->getCurrentUser() && isset($_GET['userId'])) {
$friend->add($_GET['userId'], $user->id);
header('Location: ../index.php?page=user.html&userId=' . $_GET['userId']);
} else {
header('Location: ../index.php');
}
public function showTeam($teamid)
{
global $tmpl;
global $db;
$team = new team($teamid);
if (!$team->exists()) {
$tmpl->setTemplate('NoPerm');
return;
}
if (!$tmpl->setTemplate('teamSystemProfile')) {
$tmpl->noTemplateFound();
die;
}
// FIXME: implement something to avoid hardcoded paths
$tmpl->assign('pmLink', '../PM/?add&teamid=' . $teamid);
$tmpl->assign('status', $team->getStatus());
$tmpl->assign('title', 'Team ' . htmlent($team->getName()));
// the team's leader
$teamLeader = $team->getLeaderId();
$teamData = array();
$teamData['profileLink'] = './?profile=' . $team->getID();
$teamData['name'] = $team->getName();
$teamData['score'] = $team->getScore();
$teamData['scoreClass'] = $this->rankScore($teamData['score']);
$teamData['matchSearchLink'] = '../Matches/?search_string=' . $teamData['name'] . '&search_type=team+name' . '&search_result_amount=200' . '&search=Search';
$teamData['matchCount'] = $team->getMatchCount();
$teamData['memberCount'] = $team->getMemberCount();
$teamData['leaderLink'] = '../Players/?profile=' . $team->getLeaderId();
$teamData['leaderName'] = (new \user($team->getLeaderId()))->getName();
$teamData['activityNew'] = $team->getActivityNew();
$teamData['activityOld'] = $team->getActivityOld();
$teamData['created'] = $team->getCreationTimestampStr();
$teamData['wins'] = $team->getMatchCount('won');
$teamData['draws'] = $team->getMatchCount('draw');
$teamData['losses'] = $team->getMatchCount('lost');
$teamData['logo'] = $team->getAvatarURI();
$tmpl->assign('teamDescription', $team->getDescription());
$tmpl->assign('team', $teamData);
$tmpl->assign('teamid', $teamid);
$tmpl->assign('canPMTeam', \user::getCurrentUserLoggedIn() && \user::getCurrentUserId() > 0 ? true : false);
// tell template if user can edit this team
$tmpl->assign('canEditTeam', \user::getCurrentUserLoggedIn() && \user::getCurrentUserId() === $teamLeader || \user::getCurrentUser()->getPermission('allow_edit_any_team_profile'));
// tell template if user can delete this team
// either user has deletion permission for team
// or user is leader of team and there are one or less members in team
$tmpl->assign('canDeleteTeam', $team->getStatus() !== 'deleted' && (\user::getCurrentUser()->getPermission('team.allowDelete ' . $team->getID()) || \user::getCurrentUser()->getPermission('allow_delete_any_team') || \user::getCurrentUserId() === $team->getLeaderId()));
$showMemberActionOptions = false;
if (\user::getCurrentUserId() === $teamLeader || \user::getCurrentUser()->getPermission('allow_kick_any_team_members')) {
$showMemberActionOptions = true;
}
$members = array();
$memberids = $team->getUserIds();
foreach ($memberids as $memberid) {
$user = new \user($memberid);
$member = array();
// rename db result fields and assemble some additional informations
// use a temporary array for better readable (but slower) code
if (!$showMemberActionOptions && \user::getCurrentUserId() === $memberid) {
$showMemberActionOptions = true;
}
$member['profileLink'] = '../Players/?profile=' . $user->getID();
$member['userName'] = $user->getName();
$member['permissions'] = $teamLeader === $memberid ? 'Leader' : 'Standard';
if ($country = $user->getCountry()) {
$member['countryName'] = $country->getName();
if (strlen($country->getFlag()) > 0) {
$member['countryFlag'] = $country->getFlag();
}
}
$member['joined'] = $user->getJoinTimestampStr();
$member['last_login'] = $user->getLastLoginTimestampStr();
// show leave/kick links if permission is given
// a team leader can neither leave or be kicked
// a leader must first give someone else leadership to leave
if ((\user::getCurrentUserId() === $teamLeader || \user::getCurrentUser()->getPermission('allow_kick_any_team_members') || \user::getCurrentUserId() === $user->getID()) && $user->getID() !== $teamLeader) {
$member['removeLink'] = './?remove=' . $user->getID() . '&team=' . $teamid;
if (\user::getCurrentUserId() === $user->getID()) {
$member['removeDescription'] = 'Leave team';
} else {
$member['removeDescription'] = 'Kick member from team';
}
}
// append current member data
$members[] = $member;
unset($user);
}
$tmpl->assign('members', $members);
$tmpl->assign('showMemberActionOptions', $showMemberActionOptions);
// show last entered matches
$matches = array();
// show available options if any available
$allowEdit = \user::getCurrentUser()->getPermission('allow_edit_match');
$allowDelete = \user::getCurrentUser()->getPermission('allow_delete_match');
$tmpl->assign('showMatchActionOptions', $allowEdit || $allowDelete);
$tmpl->assign('allowEdit', $allowEdit);
$tmpl->assign('allowDelete', $allowDelete);
// get match data
// sort the data by id to find out if abusers entered a match at a long time in the past
$query = $db->prepare('SELECT `timestamp`,`team1_id`,`team2_id`,' . '(SELECT `name` FROM `teams` WHERE `id`=`team1_id`) AS `team1_name`' . ',(SELECT `name` FROM `teams` WHERE `id`=`team2_id`) AS `team2_name`' . ',`team1_points`,`team2_points`,`userid`' . ',(SELECT `users`.`name` FROM `users`' . ' WHERE `users`.`id`=`matches`.`userid`)' . ' AS `username`' . ',`matches`.`id`' . ' FROM `matches` WHERE `matches`.`team1_id`=?' . ' OR `matches`.`team2_id`=?' . ' ORDER BY `id` DESC LIMIT 0,10');
$db->execute($query, array($teamid, $teamid));
while ($row = $db->fetchRow($query)) {
// rename db result fields and assemble some additional informations
// use a temporary array for better readable (but slower) code
$prepared = array();
$prepared['time'] = $row['timestamp'];
$prepared['team1Link'] = '../Teams/?profile=' . $row['team1_id'];
$prepared['team2Link'] = '../Teams/?profile=' . $row['team2_id'];
$prepared['team1Name'] = $row['team1_name'];
$prepared['team2Name'] = $row['team2_name'];
$prepared['score1'] = $row['team1_points'];
$prepared['score2'] = $row['team2_points'];
$prepared['lastModById'] = $row['userid'];
$prepared['lastModByName'] = $row['username'];
$prepared['lastModByLink'] = '../Players/?profile=' . $prepared['lastModById'];
if ($allowEdit) {
$prepared['editLink'] = '../Matches/?edit=' . $row['id'];
}
if ($allowDelete) {
$prepared['deleteLink'] = '../Matches/?delete=' . $row['id'];
}
$matches[] = $prepared;
}
$tmpl->assign('matches', $matches);
// invitation data visible
// for team members
// for users who can issue any invitation
if (\user::getCurrentUser()->getMemberOfTeam($teamid) || \user::getCurrentUser()->getPermission('allow_invite_in_any_team')) {
$invitationData = array();
$invitations = invitation::getInvitationsForTeam($teamid);
foreach ($invitations as $invitation) {
$invitationUser = $invitation->getUsers()[0];
$invitationData[] = array('userName' => $invitationUser->getName(), 'profileLink' => '../Players/?profile=' . $invitationUser->getID(), 'expiration' => $invitation->getExpiration());
}
$tmpl->assign('invitations', $invitationData);
}
}
protected function reactivateTeam()
{
global $tmpl;
// perform sanity checks
if (($result = $this->sanityCheck()) !== true) {
$tmpl->assign('error', $result === false ? 'An unknown error occurred while checking your request' : $result);
return;
}
$tmpl->assign('teamName', $this->team->getName());
$tmpl->assign('teamid', $this->team->getID());
$tmpl->assign('userName', $this->user->getName());
$tmpl->assign('userid', $this->user->getID());
// reactivate team with chosen leader
// issue an invitation for team leader so he can join
$invitation = new invitation();
$invitation->forUserId($this->user->getID());
$invitation->toTeam($this->team->getID());
$invitation->insert(false);
// now change team status to reactivate and add the user to team then make the user leader
if (!$this->team->setStatus('reactivated') || !$this->team->update() || !$this->user->addTeamMembership($this->team->getID()) || !$this->user->update() || !$this->team->setLeaderId($this->user->getID()) || !$this->team->update()) {
/* var_dump($this->user->addTeamMembership($this->team->getID())); */
$tmpl->assign('error', 'An unknown error occurred while reactivating the team.');
} else {
// notify team members using a private message
$pm = new pm();
$pm->setSubject(\user::getCurrentUser()->getName() . ' reactivated team ' . $this->team->getName());
$pm->setContent('Congratulations: Player ' . \user::getCurrentUser()->getName() . ' reactivated team ' . $this->team->getName() . ' with you as its leader.');
$pm->setTimestamp(date('Y-m-d H:i:s'));
$pm->addUserID($this->user->getID());
// send it
$pm->send();
// tell user that team reactivation was successful
$tmpl->assign('teamReactivationSuccessful', true);
}
}
protected function leaveTeam()
{
global $tmpl;
// perform sanity checks
if (($result = $this->sanityCheck()) !== true) {
$tmpl->assign('error', $result === false ? 'An unknown error occurred while checking your request' : $result);
}
// remove user from team
if (!$this->user->removeTeamMembership($this->team->getID()) || !$this->user->update()) {
$tmpl->assign('error', 'An unknown error occurred while leaving the team.');
} else {
// notify team members using a private message
$pm = new pm();
if (\user::getCurrentUserId() === $this->user->getID()) {
// notify team members about left member
$pm->setSubject($this->user->getName() . ' left your team');
$pm->setContent('Player ' . $this->user->getName() . ' just left your team.');
$pm->setTimestamp(date('Y-m-d H:i:s'));
$pm->addTeamID($this->team->getID());
// send it
$pm->send();
} else {
// notify team members of kicked member
$pm->setSubject($this->user->getName() . ' got kicked from your team');
$pm->setContent('Player ' . $this->user->getName() . ' got kicked from your team by ' . \user::getCurrentUser()->getName() . '.');
$pm->setTimestamp(date('Y-m-d H:i:s'));
$pm->addTeamID($this->team->getID());
// send it
$pm->send();
// notify kicked member of the kick
$pm = new pm();
$pm->setSubject('You got kicked from your team by ' . \user::getCurrentUser()->getName());
$pm->setContent('Player ' . \user::getCurrentUser()->getName() . ' just kicked you from your team.');
$pm->setTimestamp(date('Y-m-d H:i:s'));
$pm->addUserID($this->user->getID());
// send it
$pm->send();
}
// tell joined user that join was successful
$tmpl->assign('teamLeaveSuccessful', true);
}
}
protected function deleteTeam()
{
global $site;
global $tmpl;
// perform sanity checks
if (($result = $this->sanityCheck()) !== true) {
$tmpl->assign('error', $result === false ? 'An unknown error occurred while checking your request' : $result);
return;
}
// notify team members using a private message first because later we won't have the membership info
$pm = new pm();
$pm->setSubject(\user::getCurrentUser()->getName() . ' deleted ' . $this->team->getName());
$pm->setContent('Player ' . \user::getCurrentUser()->getName() . ' just deleted the team ' . $this->team->getName() . ' you were member of.');
$pm->setTimestamp(date('Y-m-d H:i:s'));
$pm->addTeamID($this->team->getID());
// send it
$pm->send();
// remove the members from team
$members = $this->team->getUsers();
foreach ($members as $member) {
$member->removeTeamMembership($this->team->getID());
$member->update();
}
unset($members);
unset($member);
// if team never matched deleted it from database, otherwise just mark it as deleted
require_once $site->installationPath() . '/CMS/classes/match.php';
$matchCount = \match::getMatchCountForTeamId($this->team->getID());
if ($matchCount > 0 || $matchCount === false) {
// set the teams status to deleted
$this->team->setStatus('deleted');
$deletionTask = $this->team->update();
} else {
// actually delete team
$deletionTask = $this->team->delete();
}
if (!$deletionTask) {
$tmpl->assign('error', 'An unknown error occurred while deleting the team.');
} else {
// tell joined user that deletion was successful
$tmpl->assign('teamDeleteSuccessful', true);
}
}
protected function createTeam()
{
// create team using submitted data
$result = $this->team->create();
// add user to team
$user = \user::getCurrentUser();
if (!$user->addTeamMembership($this->team->getID())) {
return 'Could not add current user to team.';
}
if (!$user->update()) {
return 'Could not save changes of current user.';
}
if ($result !== true) {
return $result;
}
// set current user to leader
if (!$this->team->setLeaderId(\user::getCurrentUserId())) {
return 'Could not set user to new team leader.';
}
if (!$this->team->update()) {
return 'Could not save user as team leader.';
}
return true;
}
public function insert($sendPM = true)
{
global $db;
if (count($this->teamids) > 0) {
foreach ($this->teamids as $teamid) {
if (count($this->userids) > 0) {
$query = $db->prepare('INSERT INTO `invitations` (`userid`, `teamid`, `expiration`) VALUES (:userid, :teamid, :expiration)');
foreach ($this->userids as $userid) {
if (!$db->execute($query, array(':userid' => array((int) $userid, PDO::PARAM_INT), ':teamid' => array((int) $teamid, PDO::PARAM_INT), ':expiration' => array(strftime('%Y-%m-%d %H:%M:%S', $this->expiration), PDO::PARAM_STR)))) {
return false;
}
if ($sendPM) {
$pm = new pm();
$pm->setSubject(\user::getCurrentUser()->getName() . ' invited you to ' . (new team($teamid))->getName());
$pm->setContent('Congratulations: ' . \user::getCurrentUser()->getName() . ' invited you to ' . (new team($teamid))->getName() . '. The invitation is valid until ' . strftime('%Y-%m-%d %H:%M:%S', $this->expiration) . '.');
$pm->setTimestamp(date('Y-m-d H:i:s'));
$pm->addUserID($userid);
// send it
$pm->send();
}
}
}
}
}
return true;
}
