chmod("eventimages/{$id}.{$imageext}", 0644); } } if ($_COOKIE['havemore'] == 'bikefun') { print "<p>You have <strong>successfully {$action}</strong> the " . htmlspecialchars(stripslashes($tinytitle)) . " event.\n"; } else { print "<p>Your event has been <strong>successfully {$action}</strong>.\n"; } if ($action != 'deleted') { if ($details != "") { $htmldetails = htmlspecialchars($details); $htmldetails = str_replace(' * ', '<li>', $htmldetails); $htmldetails = str_replace(' ', '<br>', $htmldetails); print "<ul>{$htmldetails}</ul>"; } $ob = obscure($id); print "If you wish to edit this event, go to here:\n"; print "<a href=\"calform.php?edit={$ob}\">Shift Cal " . htmlspecialchars(stripslashes($tinytitle)) . "</a>.\n"; print "You should probably bookmark that link\n"; print "(add it to your favorites) by right-clicking on it.\n"; if ($_REQUEST['minorchange'] != 'on') { print "I'm sending you email with that link in it,\n"; print "but if your email address is wrong then that won't\n"; print "help much, so bookmark that link!\n"; } else { print "I am *NOT* sending you email with that link.\n"; } if ($exceptions != "") { print "<p>In addition, you have the following exceptions.\n"; print "You can edit these now by clicking on them. You\n"; print "can also edit them later by going to your generic\n";
if ($dollars != "" && $review != "Exclude") { if (strstr($record["printdescr"], "\$") == FALSE) { print "\t <br><span style=\"font-size: xx-large; font-weight: bold; color: red;\">{$dollars}</span>\n"; } else { print "\t <br><span style=\"font-size: xx-large; font-weight: bold;\">{$dollars}</span>\n"; } } print " </td>\n"; print " <td class=\"event\">\n"; print " <div id=\"title_{$id}\" class=\"title{$review}\" title=\"Click to edit\" onClick=\"qeshow({$id})\">" . $record["tinytitle"] . "</div>\n"; print " <div id=\"address_{$id}\" class=\"address{$review}\">" . $record["address"] . ($record["locname"] == "" ? "" : ", " . $record["locname"]) . ($record["locdetails"] == "" ? "" : " (" . $record["locdetails"] . ")") . "</div>\n"; print " <div id=\"time_{$id}\" class=\"time{$review}\">" . hmmpm($record["eventtime"]) . ($record["timedetails"] == "" ? "" : " (" . $record["timedetails"] . ")") . "{$audience}</div>\n"; print " <div id=\"desc_{$id}\" class=\"desc{$review}\" title=\"Click to edit\" onClick=\"qeshow({$id})\">" . $record["printdescr"] . "</div>\n"; print " <div id=\"contact_{$id}\" class=\"contact{$review}\">{$contact}</div>\n"; print " <span id=\"email_{$id}\" style=\"display: none; visibility: hidden;\">" . $record["email"] . "</span>"; print " <span id=\"editurl_{$id}\" style=\"display: none; visibility: hidden;\">" . CALURL . "calform.php?edit=" . obscure($record["id"]) . "</span>"; print " </td>\n"; print " </tr>\n"; } else { # Output a row that backreferences the original event print " <tr name=\"tr_{$id}\" class=\"{$review}\">\n"; print " <td onMouseOver=\"bigtipdelayed({$id}, '" . $record["eventdate"] . "');\" onMouseOut=\"bigtipclear();\"></td>\n"; print " <td>\n"; print " <div name=\"title_{$id}\" class=\"title{$review}\">" . $record["tinytitle"] . "</div>\n"; print " <div name=\"time_{$id}\">See <a href=\"#a_{$id}\">" . $firstinstance["date"] . "</a> for full details</div>\n"; print " </td>\n"; print " </tr>\n"; } } } ?>
function fullentry($record) { global $conn; global $imageover; # 24 hours ago. We compare timestamps to this in order to # detect recently changed entries. $yesterday = date("Y-m-d H:i:s", strtotime("yesterday")); # extract info from the record $id = $record["id"]; $title = htmlspecialchars(strtoupper($record["title"])); if ($record["eventstatus"] == "C") { $eventtime = "CANCELED"; $eventduration = 0; } else { $eventtime = hmmpm($record["eventtime"]); $eventduration = $record["eventduration"]; } $dayofmonth = substr($record["eventdate"], -2); $timedetails = $record["timedetails"]; if ($record["audience"] == "F" && $record["area"] == "P") { $badge = "ff.gif"; $badgealt = "FF"; $badgehint = "Family Friendly"; } if ($record["audience"] == "G" && $record["area"] == "P") { $badge = ""; $badgealt = ""; $badgehint = ""; } if ($record["audience"] == "A" && $record["area"] == "P") { $badge = "beer.gif"; $badgealt = "21+"; $badgehint = "Adult Only (21+)"; } if ($record["audience"] == "F" && $record["area"] == "V") { $badge = "ffwa.gif"; $badgealt = "FF,WA"; $badgehint = "Family Friendly, Meet in/around Vancouver"; } if ($record["audience"] == "G" && $record["area"] == "V") { $badge = "washington.gif"; $badgealt = "WA"; $badgehint = "Meet in/around Vancouver"; } if ($record["audience"] == "A" && $record["area"] == "V") { $badge = "beerwa.gif"; $badgealt = "21+,WA"; $badgehint = "Adult Only (21+), Meet in/around Vancouver"; } $address = htmlspecialchars($record["address"]); if ($record["locname"]) { $address = htmlspecialchars($record["locname"]) . ", {$address}"; } $locdetails = htmlspecialchars($record["locdetails"]); $descr = htmldescription($record["descr"]); $newsflash = htmlspecialchars($record["newsflash"]); $name = htmlspecialchars(ucwords($record["name"])); $email = $record["hideemail"] ? "" : htmlspecialchars($record["email"]); $email = mangleemail($email); $phone = $record["hidephone"] ? "" : htmlspecialchars($record["phone"]); $contact = $record["hidecontact"] ? "" : htmlspecialchars($record["contact"]); $weburl = $record["weburl"]; $webname = $record["webname"]; if ($webname == "" || array_key_exists('p', $_REQUEST)) { $webname = $weburl; } $webname = htmlspecialchars($webname); $forum = mysql_query("SELECT modified FROM calforum WHERE id={$id} ORDER BY modified DESC", $conn) or die(mysql_error()); $forumimg = "images/forum.gif"; $forumqty = mysql_num_rows($forum); $forumtitle = "{$forumqty} message" . ($forumqty == 1 ? "" : "s"); if ($forumqty > 0) { $msg = mysql_fetch_array($forum); $msgmod = $msg["modified"]; # Format the timestamp -- varies with SQL ver. if (strlen($msgmod) == 14) { # older MySQL uses YYYYMMDDhhmmss format $msgmod = substr($msgmod, 0, 4) . "-" . substr($msgmod, 4, 2) . "-" . substr($msgmod, 6, 2) . " " . substr($msgmod, 8, 2) . ":" . substr($msgmod, 10, 2) . ":" . substr($msgmod, 12, 2); } $forumtitle = "{$forumtitle}, newest " . substr($msgmod, 0, 10); if (strcmp($msgmod, $yesterday) > 0) { $forumimg = "images/forumflash.gif"; } } # get the image info $image = ""; if ($record["image"] && !isset($_REQUEST["i"])) { $t = pathinfo($record["image"]); $t = $t["extension"]; $image = "eventimages/{$id}.{$t}"; $imageheight = $record["imageheight"]; $imagewidth = $record["imagewidth"]; # Defend against obnoxiously wide banners or zero-height images. if ($imagewidth > 300) { $imageheight = $imageheight * 300 / $imagewidth; $imagewidth = 300; } if ($imageheight < 1) { $imagehight = 1; } } if ($eventtime == "CANCELED") { $style = "text-decoration: line-through;"; } else { $style = ""; } print "<dt style=\"{$style}\">"; if ($image && $imageover <= 0 && $imageheight > RIGHTHEIGHT / 2) { if ($imageheight > RIGHTHEIGHT) { $imagewidth = $imagewidth * RIGHTHEIGHT / $imageheight; $imageheight = RIGHTHEIGHT; } print "\n<img src=\"{$image}\" height={$imageheight} width={$imagewidth} align=\"right\" alt=\"\">\n"; } print "<a name=\"{$dayofmonth}-{$id}\" style=\"{$style}\">{$title}</a>\n"; print "<a href=\"#{$dayofmonth}-{$id}\"><img border=0 src=\"images/chain.gif\" alt=\"Link\" title=\"Link to this event\"></a>\n"; if (isset($_COOKIE['havemore']) && $_COOKIE['havemore'] == 'bikefun') { print "<a href=\"calform.php?edit=" . obscure($id) . "\"><img src=\"images/edit.gif\" alt=\"[edit]\" border=0></a>\n"; } if ($badge != "") { print "<img align=left src=\"" . IMAGES . "/{$badge}\" alt=\"{$badgealt}\" title=\"{$badgehint}\">\n"; } if ($image && ($imageover > 0 || $imageheight <= RIGHTHEIGHT / 2)) { if ($imageheight > LEFTHEIGHT) { $imagewidth = $imagewidth * LEFTHEIGHT / $imageheight; $imageheight = LEFTHEIGHT; } print "</dt><dd><img src=\"{$image}\" height={$imageheight} width={$imagewidth} align=\"left\" alt=\"\">\n"; } else { print "</dt><dd>"; } print "<div style=\"{$style}\">"; if (TRUE || $record["addressverified"] == "Y") { #print '<a href="http://tripplanner.bycycle.org/?region=portlandor&q='.urlencode($record["address"]).'" target="_BLANK">'.$address.'</a>'; print '<a href="http://maps.google.com/?bounds=45.389771,-122.829208|45.659647,-122.404175&q=' . urlencode($record["address"]) . '" target="_BLANK">' . $address . '</a>'; } else { print $address; } if (!isset($_REQUEST['p']) || $_REQUEST['p'] == '') { print " <a href=\"" . trimeturl($record["eventdate"], $record["eventtime"], $record["address"]) . "\" target=\"_BLANK\" title=\"TriMet trip planner\"><img alt=\"Take Trimet\" src=\"images/trimetrose.gif\" border=0></a>"; } if ($locdetails != "") { print " ({$locdetails})"; } print "</div>\n"; print "{$eventtime}"; if ($eventtime == "CANCELED" && $newsflash != "") { print " <font color=magenta>{$newsflash}</font>"; } if ($eventtime != "CANCELED") { if ($eventduration != 0) { print " - " . endtime($eventtime, $eventduration); } if ($timedetails != "") { print ", {$timedetails}"; } if ($record["datestype"] == "C" || $record["datestype"] == "S") { print ", {$record[dates]}"; } } print "<div style=\"{$style}\">\n"; print "<em>{$descr}</em>\n"; if ($newsflash != "" && $eventtime != "CANCELED") { print "<font color=magenta>{$newsflash}</font>"; } print '<br>'; if (strstr($name, '@')) { print mangleemail($name); } else { print $name; } if ($email != "") { print ", {$email}"; } if ($weburl != "") { print ", <a href=\"{$weburl}\">{$webname}</a>"; } if ($contact != "") { print ", " . mangleemail($contact); } if ($phone != "") { print ", {$phone}"; } if (!isset($_REQUEST['p'])) { print " <a href=\"calforum.php?id={$id}\" title=\"{$forumtitle}\"><img border=0 src=\"{$forumimg}\" alt=\"[forum]\"></a>\n"; } print "</div></dd>\n"; # if this event has no image, then the next event's # image can be left-aligned. if ($image == "" || $imageover > 0 || $imageheight <= RIGHTHEIGHT / 2) { $imageover = 0; } else { $imageover = $imageheight - RIGHTHEIGHT / 2; } }
$record["tinytitle"] = $tinytitle; } if ($printdescr) { $record["printdescr"] = $printdescr; } # If "SentEmail" then really send it if ($review == "S") { # Construct a URL. This is complicated by the fact that we have to know # the server's name. $url = "http://"; if ($_SERVER[HTTP_HOST]) { $url .= $_SERVER[HTTP_HOST]; } else { $url .= $_SERVER[SERVER_NAME]; } $url .= dirname($_SERVER[REQUEST_URI]) . "/calform.php?edit=" . obscure($id); # Construct the message body. IF YOU CHANGE IT HERE, THEN YOU SHOULD # CHANGE IT IN ADMREVIEW.PHP TOO $body = "Please edit the PRINT DESCRIPTION of your " . $record["tinytitle"] . "\n" . "event as soon as possible. Right now the calendar crew\n" . "doesn't feel it is \"print ready\" and the print deadline\n" . "is May 10. The current PRINT DESCRIPTION is:\n" . "\n" . wordwrap($record["printdescr"], 60) . "\n" . "\n" . "You can edit your event here:\n" . "{$url}\n"; $subject = "[Shift Cal] " . stripslashes($record["tinytitle"]); $to = stripslashes($record["email"]); $headers = "From: " . SHIFTEMAIL . "\r\n" . "List-Help: <{$url}>"; mail($to, $subject, $body, $headers); } # Return a terse result print "<h3>Success!</h3>\n"; print "review changed to {$review}<br>\n"; if ($tinytitle) { print "tinytitle changed to {$tinytitle}<br>\n"; } if ($printdescr) {
} } print "<vfydates>\n"; # If an id was passed, include it in the response if ($_REQUEST["id"]) { print " <id>{$_REQUEST[id]}</id>\n"; } # Output a canonical version of the date print " <canonical>{$canonical}</canonical>\n"; # Classify the date type print " <datestype>{$datestype}</datestype>\n"; # Output the list of dates print " <datelist>\n"; for ($i = 1; $newdates[$i]; $i++) { print " <date>\n"; print " <timestamp>" . $newdates[$i]["timestamp"] . "</timestamp>\n"; print " <hrdate>" . date("D M j", $newdates[$i]["timestamp"]) . "</hrdate>\n"; print " <suffix>" . $newdates[$i]["suffix"] . "</suffix>\n"; print " <status>" . $newdates[$i]["status"] . "</status>\n"; print " <exception>" . obscure($newdates[$i]["exceptionid"]) . "</exception>\n"; print " <newsflash>" . htmlspecialchars($newdates[$i]["newsflash"]) . "</newsflash>\n"; print " <change>" . $newdates[$i]["changed"] . "</change>\n"; print " <newdate>" . $newdates[$i]["newdate"] . "</newdate>\n"; print " <olddate>" . $newdates[$i]["olddate"] . "</olddate>\n"; print " </date>\n"; } print " </datelist>\n"; print "</vfydates>\n"; } } #ex:set shiftwidth=4:
# we need to tweak the hour. $hh = substr($record["modified"], 11, 2); if ($hh >= TZTWEAK) { $hh -= TZTWEAK; } $modified = substr($record["modified"], 0, 11) . $hh . substr($record["modified"], 13); } print "<div class=hr></div>\n"; if ($record["organizer"]) { print "<div class=organizer>\n<dt class=organizer>"; } else { print "<div class=msg>\n<dt>"; } print "<font size=\"-2\">" . htmlspecialchars($record["name"]) . " ({$modified}) " . htmlspecialchars($record["title"]) . "</font><br>\n"; print htmlspecialchars($record["subject"]) . "\n"; print "<a onClick=\"return confirm('Do you really want to delete this message?');\" href=\"admforum.php?edit=" . obscure($record["id"]) . "&delmsg=" . $record["msgid"] . "\">\n"; print " <img border=0 src=\"images/forumdel.gif\" alt=\"Delete\" title=\"Delete this message\">\n"; print "</a>\n"; print "</dt>\n"; if ($record["organizer"]) { print "<dd class=organizer>"; } else { print "<dd>"; } print htmldescription($record["msg"]) . "</dd>\n"; print "</div>\n"; } print "</dl></div>\n"; print "<center>Newer messages at top, older messages at bottom</center>\n"; } print "</center>\n";
if (!$loggedin) { print "<h1>No Permission</h1>\n"; print "You must log in as the administrator before you're allowed\n"; print "to do that. You can log in <a href=\"admin.php\">here</a>.\n"; } else { print "<h1>Events with no dates</h1>\n"; print "<table><tr><td>\n"; print "This table lists any events that have no actual date records.\n"; print "This should never happen! If the list isn't empty then\n"; print "something's wrong.\n"; print "The most likely cause is that somebody's robot is\n"; print "submitting random data into a calsubmit.php request.\n"; print "</td><td>\n"; print "<button onclick=\"location.replace('admin.php')\">Administration Menu</button>\n"; print "</td></tr></table>\n"; print "<p>\n"; print "<table border=1 bgcolor=\"#ffe880\">\n"; print " <tr background=\"" . IMAGES . "/owall.gif\"><th>Title</th><th>Intended dates</th><th>email address</th><th>X</th><th>When Added</th></tr>\n"; # Fetch a list of all events $events = mysql_query("SELECT modified, id, title, dates, email FROM calevent ORDER BY id", $conn) or die("Fetching events: " . mysql_error()); # Check whether each one has any date records while ($record = mysql_fetch_array($events)) { $days = mysql_query("SELECT * FROM caldaily WHERE id={$record[id]}", $conn); if (mysql_num_rows($days) == 0) { print " <tr><td><a href=\"" . CALURL . "calform.php?edit=" . obscure($record["id"]) . "\">{$record[title]}</a></td><td>{$record[dates]}</td><td>{$record[email]}</td><td><img border=0 src=\"" . IMAGES . "/forumdel.gif\" alt=\"X\" onClick=\"delevent({$record[id]}, '{$record[title]}')\" title=\"Delete this event without sending email\"></td><td>{$record[modified]}</td></tr>\n"; } } print "</table>\n"; } include INCLUDES . "/footer.html"; #ex:set sw=4:
<td align=center><strong>- or -</strong></td> </tr> <tr> <td>Obscured $edit string:</td> <td><input type=text name=edit value="<?php print $_REQUEST["edit"]; ?> " onchange="document.forms.obscurer.id.value = '';"></td> <td><input type=submit></td> </tr> </table> </form> <?php if ($_REQUEST["id"]) { print "<h3>Results for \$id='{$_REQUEST['id']}'</h3>\n"; print "\$edit = " . obscure($_REQUEST["id"]) . "\n"; } if ($_REQUEST["edit"]) { print "<h3>Results for \$edit='{$_REQUEST['edit']}'</h3>\n"; print "\$id = " . unobscure($_REQUEST["edit"]) . "\n"; } ?> <hr> <h2>Venue Address Finder</h2> If an event's location is a park or business, then you can enter its name and the form will try to look up its address. <form id=cal> <input type=hidden name=addressverified value="X"> <table> <tr><td>Venue:</td><td><input type=text size=30 name=locname onChange="verifyvenue(this.value);"></td></tr> <tr><td>Address:</td><td><input type=text size=30 name=address onChange="verifyaddress(this.value);"><span id="verifiedstatus"></span></td></tr>
print htmldescription($record["msg"]) . "</dd>\n"; print "</div>\n"; } print "</dl></div>\n"; print "<center>Older messages at top, newer messages at bottom</center>\n"; } ?> <hr> <center> To post a message, fill in the following then click the "Send Message" button. <br>Messages that are off-topic, rude, or otherwise inappropriate may be deleted. <br><font color=red>*</font> All fields are required. <form id="post" action="calforum.php" method="POST" onSubmit="return checkpost(this);"> <?php if ($organizer) { print " <input type=hidden name=edit value=\"" . obscure($id) . "\">\n"; } else { print " <input type=hidden name=id value=\"{$id}\">\n"; } print " <table cellpadding=1 border=1 background=\"" . IMAGES . "/owall.gif\">\n"; ?> <tr> <td class=lbl><font color=red>*</font>Name:</td> <td class=in> <?php if ($admin) { print " <input type=text name=name size=20 value=\"" . htmlspecialchars($name) . "\" disabled> (You came here via the <a href=\"admin.php\">admin</a> page)</td>\n"; } else { if ($organizer) { print " <input type=text name=name size=20 value=\"" . htmlspecialchars($name) . "\" disabled> (You are the event organizer)</td>\n"; } else {