<?php session_start(); require_once 'inc/data.inc'; require_once 'inc/authorize.inc'; require_once 'inc/photo-config.inc'; require_once 'inc/locked.inc'; require_once 'inc/default-file-path.inc'; require_permission(SET_UP_PERMISSION); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <title>Pinewood Derby Race Settings</title> <?php require 'inc/stylesheet.inc'; ?> <link rel="stylesheet" type="text/css" href="css/jquery.mobile-1.4.2.css"/> <link rel="stylesheet" type="text/css" href="css/chooser.css"/> <link rel="stylesheet" type="text/css" href="css/settings.css"/> <script type="text/javascript" src="js/jquery.js"></script> <script type="text/javascript" src="js/mobile-init.js"></script> <script type="text/javascript" src="js/jquery.mobile-1.4.2.min.js"></script> <script type="text/javascript" src="js/modal.js"></script> <script type="text/javascript" src="js/dashboard-ajax.js"></script> <script type="text/javascript" src="js/chooser.js"></script> <script type="text/javascript" src="js/settings.js"></script> <script type="text/javascript"> function photo_directory_base() { <?php
<?php require_permission('manager feeds'); $html = new HTML(); $html->renderOut('site/html_header', array('title' => '公众号 :: ' . $settings['sitename'], 'body_class' => 'accounts')); $html->renderOut('site/header/blank'); $html->renderOut('site/nav/main'); $html->renderOut('site/accounts', array('accounts' => UserWechatAccount::findAll())); $html->renderOut('site/footer'); $html->renderOut('site/html_footer');
<?php // When presented as a kiosk page, i.e., when this php file is included from // kiosks/ondeck.kiosk, the session_start() function will already have been // called. The @ is necessary to suppress the error notice that may arise in // this case. @session_start(); require_once 'inc/data.inc'; require_once 'inc/authorize.inc'; require_once 'inc/schema_version.inc'; require_once 'inc/running_round_header.inc'; require_permission(VIEW_RACE_RESULTS_PERMISSION); $nlanes = get_lane_count_from_results(); $now_running = get_running_round(); $use_master_sched = use_master_sched(); $high_water_rounds = high_water_rounds(); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <script type="text/javascript" src="js/jquery.js"></script> <?php if (isset($as_kiosk)) { require_once 'inc/kiosk-poller.inc'; } require_once 'inc/ajax-failure.inc'; ?> <script type="text/javascript"> var g_update_status = { last_update_time: "", // First refresh is for everything
<?php @session_start(); // EXPERIMENTAL // Lists common non-specific awards (e.g., "Most Aerodynamic"), along // with a drop-down selection element of potential recipients for // each. // TODO: Assigning an award presently has no effect!! // TODO: Drag-and-drop, a la photo-thumbs // TODO: Write-in field for true ad hoc awards require_once 'inc/data.inc'; require_once 'inc/authorize.inc'; require_permission(JUDGING_PERMISSION); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <title>Award Judging</title> <?php require 'inc/stylesheet.inc'; ?> <meta http-equiv="refresh" content="300"/> <script type="text/javascript" src="js/jquery.js"></script> <script type="text/javascript" src="js/dashboard-ajax.js"></script> <script type="text/javascript" src="js/checkin.js"></script> </head> <body> <?php $banner_title = 'Judging'; require 'inc/banner.inc';
<?php session_start(); require_once 'inc/data.inc'; require_once 'inc/authorize.inc'; require_permission(ASSIGN_RACER_IMAGE_PERMISSION); require_once 'inc/photo-config.inc'; $photo_repository = photo_repository(isset($_GET['repo']) ? $_GET['repo'] : 'head'); function scan_directory($directory, $pattern) { $files = array(); $dh = @opendir($directory); if ($dh !== false) { while (($filename = readdir($dh)) !== false) { if (preg_match($pattern, $filename) && is_file($directory . DIRECTORY_SEPARATOR . $filename)) { $files[] = $filename; } } closedir($dh); } return $files; } $allfiles = scan_directory($photo_repository->directory(), "/(jpg|jpeg|png|gif|bmp)/i"); // Returns a javascript expression, suitable for onclick, to perform cropping of a particular photo. function photo_crop_expression($basename) { global $photo_repository; return htmlspecialchars('showPhotoCropModal(this, "' . $photo_repository->name() . '", "' . $basename . '", ' . time() . ')', ENT_QUOTES, 'UTF-8'); } // TODO: line-height? "End of photos" text aligns with thumbnail image bottom. // *** Both div's are overhanging the bottom by the amount taken up by the banner and refresh button!
<?php @session_start(); // Add, edit, reorder, and assign awards require_once 'inc/data.inc'; require_once 'inc/authorize.inc'; require_once 'inc/schema_version.inc'; require_once 'inc/photo-config.inc'; require_permission(EDIT_AWARDS_PERMISSION); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <title>Awards Presentation Dashboard</title><?php require 'inc/stylesheet.inc'; ?> <script type="text/javascript" src="js/jquery.js"></script> <script type="text/javascript" src="js/jquery-ui-1.10.4.min.js"></script> <script type="text/javascript" src="js/dashboard-ajax.js"></script> <script type="text/javascript" src="js/mobile-init.js"></script> <script type="text/javascript" src="js/jquery.mobile-1.4.2.min.js"></script> <script type="text/javascript" src="js/modal.js"></script> <script type="text/javascript" src="js/awards-editor.js"></script> <link rel="stylesheet" type="text/css" href="css/jquery.mobile-1.4.2.css"/> <link rel="stylesheet" type="text/css" href="css/awards-editor.css"/> </head> <body> <?php $banner_title = 'Awards Editor'; require 'inc/banner.inc';
<?php /** access control **/ require_login(); require_permission('管理本公司用户'); /** prepare vars **/ $myuser = MySiteUser::getCurrentUser(); $uid = isset($vars[1]) ? $vars[1] : null; $user_to_edit = MySiteUser::findById($uid); if (!$user_to_edit) { dispatch('site/404'); exit; } /** handle submission **/ if (isset($_POST['submit'])) { // we uncomment the following fields coz we don't want user to change $no_change = array('company_id'); foreach ($no_change as $field) { if (isset($_POST[$field])) { unset($_POST[$field]); } } // then we call the general process $uid = $uid; require_once MODULESROOT . '/siteuser/controllers/backend/user/add_edit_submission.php'; } /** presentation **/ $html = new HTML(); $html->renderOut('site/components/html_header', array('title' => '编辑用户信息', 'body_class' => 'siteuser_edit')); $html->renderOut('site/components/mainnav', array('user' => $myuser)); $html->output('<div id="page-wrapper" class="gray-bg">');
<?php /** access control **/ require_login(); require_permission('管理自己的客户'); /** get vars **/ $cid = isset($vars[1]) ? strip_tags($vars[1]) : null; /** delete client **/ $response = new stdClass(); $client = Client::findById($cid); // permisison check if you want to delete client that is not yours if ($client->getUserId() != MySiteUser::getCurrentUser()->getId()) { if (!has_permission('管理所有客户')) { $response->status = 'error'; $response->message = '你没有权限进行此操作'; header('Content-Type: application/json'); echo json_encode($response); exit; } } if (!$client) { $response->status = 'error'; $response->message = '此客户不存在'; } else { if ($client->delete()) { $response->status = 'success'; } else { $response->status = 'error'; $response->message = '删除用户失败'; } }
<?php /** access control **/ require_login(); require_permission('管理用户权限'); /** prepare vars **/ $myuser = MySiteUser::getCurrentUser(); /** handle submission **/ if (isset($_POST['submit'])) { SitePermissionRole::truncate(); foreach ($_POST as $key => $val) { if (strstr($key, 'role_')) { $tokens = explode('_', $key); $role_id = (int) $tokens[1]; foreach ($val as $permission_id => $v) { $spr = new SitePermissionRole(); $spr->setRoleId($role_id); $spr->setPermissionId($permission_id); $spr->save(); } } } Message::register(new Message(Message::SUCCESS, '用户权限更新成功!')); HTML::forwardBackToReferer(); } /** presentation **/ $html = new HTML(); $html->renderOut('site/components/html_header', array('title' => '管理用户权限', 'body_class' => 'permission')); $html->renderOut('site/components/mainnav', array('user' => $myuser)); $html->output('<div id="page-wrapper" class="gray-bg">'); $html->renderOut('site/components/topnav', array('user' => $myuser));
<?php session_start(); require_once 'inc/data.inc'; require_once 'inc/authorize.inc'; require_permission(PRESENT_AWARDS_PERMISSION); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <title>Kiosk Dashboard</title> <?php require 'inc/stylesheet.inc'; ?> <link rel="stylesheet" type="text/css" href="css/jquery.mobile-1.4.2.css"/> <script type="text/javascript" src="js/jquery.js"></script> <script type="text/javascript" src="js/jquery-ui-1.10.4.min.js"></script> <link rel="stylesheet" type="text/css" href="css/kiosk-dashboard.css"/> <script type="text/javascript" src="js/mobile-init.js"></script> <script type="text/javascript" src="js/jquery.mobile-1.4.2.min.js"></script> <script type="text/javascript" src="js/dashboard-ajax.js"></script> <script type="text/javascript" src="js/modal.js"></script> <script type="text/javascript" src="js/kiosk-dashboard.js"></script> </head> <body> <?php $banner_title = 'Kiosk Dashboard'; require 'inc/banner.inc'; require_once 'inc/ajax-failure.inc'; ?>
<?php /** access control **/ require_login(); require_permission('更新自己的信息'); /** prepare vars **/ $myuser = MySiteUser::getCurrentUser(); /** submission handle **/ if (isset($_POST['submit'])) { // we uncomment the following fields coz we don't want user to change $no_change = array('company_id', 'roles', 'active'); foreach ($no_change as $field) { if (isset($_POST[$field])) { unset($_POST[$field]); } } // then we call the general process $uid = $myuser->getId(); require_once MODULESROOT . '/siteuser/controllers/backend/user/add_edit_submission.php'; } /** presentation **/ $html = new HTML(); $html->renderOut('site/components/html_header', array('title' => '更新个人信息', 'body_class' => 'profile')); $html->renderOut('site/components/mainnav', array('user' => $myuser)); $html->output('<div id="page-wrapper" class="gray-bg">'); $html->renderOut('site/components/topnav', array('user' => $myuser)); $html->renderOut('site/components/page_header', array('title' => '修改个人信息', 'breadcrumb' => array('首页' => uri(''), '个人信息' => '#', '修改个人信息' => '#'))); $html->renderOut('site/profile', array('user' => $myuser)); $html->output('</div>'); $html->renderOut('site/components/html_footer');
<?php @session_start(); require_once 'inc/data.inc'; require_once 'inc/authorize.inc'; require_once 'inc/schema_version.inc'; require_permission(CHECK_IN_RACERS_PERMISSION); // This is the racer check-in page. It appears as a table of all the // registered racers, with a checkbox (actually, a "flipswitch", // thanks to transformations peformed by jquery mobile) for each // racer. Clicking on the check-in button invokes some javascript // that sends an ajax POST request to check-in (or un-check-in) that // racer. See checkin.js. // In addition to the actual check-in, it's possible to change a // racer's car number from this form, or mark the racer for our // "exclusively by scout" award. // Here on the server side, a GET request sends HTML for the whole // page. POST requests to make changes to the database are sent to // action.php, and produce just a small XML document. // TODO- subgroups explanation // $use_subgroups, from GPRM settings, tells whether we're using // "subgroups" within each racing group. $use_subgroups = read_raceinfo_boolean('use-subgroups'); // Our pack provides an "exclusively by scout" award, based on a // signed statement from the parent. Collecting the statement is part // of the check-in process, so there's provision for a checkbox on the // check-in form. For groups that don't do this, $xbs will be false // (and $xbs_award_name will be blank), and the checkboxes won't be // shown. $xbs = read_raceinfo_boolean('xbs-award'); $xbs_award_name = read_raceinfo('xbs-award');