/**
* Submit form contents for an event edit to the DB
*/
function events_edit_submit()
{
global $ssc_database;
$id = (int) $_POST['id'];
if ($id == 0) {
$result = $ssc_database->query("INSERT INTO #__events (title, description, uri, flags, date) VALUES ('%s', '%s', '%s', %d, '%s')", $_POST['name'], $_POST['desc'], $_POST['uri'], isset($_POST['link']) && $_POST['link'] == '1' ? 1 : 0, date("Y-m-d", strtotime(ssc_parse_date($_POST['date']))));
$id = $ssc_database->last_id();
} else {
$result = $ssc_database->query("UPDATE #__events SET title = '%s', description = '%s', uri = '%s', flags = %d, date = '%s' WHERE id = %d LIMIT 1", $_POST['name'], $_POST['desc'], $_POST['uri'], isset($_POST['link']) && $_POST['link'] == '1' ? 1 : 0, date("Y-m-d", strtotime(ssc_parse_date($_POST['date']))), $id);
}
if ($result) {
ssc_add_message(SSC_MSG_INFO, t('Event saved successfully'));
} else {
ssc_add_message(SSC_MSG_CRIT, t('Event was unable to be saved - ' . $ssc_database->error()));
return;
}
if ((int) $_POST['id'] == 0) {
ssc_redirect('/admin/events/edit/' . $id);
}
}
/**
* Read the data from the tables to recreate a CSV file for download
* @param int $id ID number of the sailing series/regatta in the DB
* @return string CSV collection when successful, NULL otherwise
*/
function _ssc_sailing_get_csv($id)
{
global $ssc_database;
// Find heat numbers
$result = $ssc_database->query("SELECT heats FROM #__sailing_series WHERE id = %d", $id);
if (!$result || $ssc_database->number_rows() != 1) {
ssc_add_message(SSC_MSG_CRIT, t('Unable to find specified series within database'));
return NULL;
}
$data = $ssc_database->fetch_assoc($result);
if (!$data) {
ssc_add_message(SSC_MSG_CRIT, t('Unable to find specified series database details'));
return NULL;
}
// Heat numbers!
$heats = explode(',', $data['heats']);
// Organise results
$result = $ssc_database->query("SELECT r.uid, number, skipper, crew, class, name, club, r.results, r.times, points, division FROM #__sailing_results r LEFT JOIN #__sailing_entries e ON e.id = r.uid WHERE series_id = %d ORDER BY division ASC, number ASC", $id);
$csv = 'Sail No., Division, Skipper, Crew, Class, Boat Name, Club, ' . $data['heats'] . ", Position\r\n";
while ($data = $ssc_database->fetch_assoc($result)) {
if (count($heats) < strlen($data['times'])) {
// Interleave times and results
$res = '';
$pos = explode(',', $data['results']);
$times = explode(',', $data['times']);
for ($i = 0; $i < count($pos); $i++) {
if ($times[$i] == '') {
$res .= "{$pos[$i]},";
} else {
$res .= "{$times[$i]},";
}
}
$res = substr($res, 0, -1);
} else {
// Final result only
$res = $data['results'];
}
$csv .= "{$data['number']}, {$data['division']}, {$data['skipper']}, {$data['crew']}, {$data['class']}, {$data['name']}, {$data['club']}, {$res}, {$data['points']}\r\n";
}
return $csv;
}
/**
* Edit link submission
*/
function nav_add_link_submit()
{
global $ssc_database;
$result = $ssc_database->query("SELECT r FROM #__navigation WHERE bid = %d ORDER BY r DESC LIMIT 1", $_POST['wid']);
if (!($data = $ssc_database->fetch_assoc($result))) {
return;
}
$result = $ssc_database->query("INSERT INTO #__navigation SET url = '%s', title = '%s', description = '%s', l = %d, r = %d, bid = %d", $_POST['url'], $_POST['title'], $_POST['desc'], $data['r'] + 1, $data['r'] + 2, $_POST['wid']);
if ($result) {
ssc_add_message(SSC_MSG_INFO, t('Link was added'));
} else {
ssc_add_message(SSC_MSG_CRIT, t('Link unable to be added'));
}
}
/**
* Profile edit saving
*/
function login_profile_submit()
{
global $ssc_database, $ssc_user;
$admin = $_GET['path'] == '/admin' && login_check_auth("login");
if (!empty($_POST['n2'])) {
$hash = new PasswordHash(8, true);
$pass = $hash->HashPassword($_POST['n2']);
} else {
$pass = null;
}
// Ready to submit
if ($_POST['uid'] <= 0 && $admin) {
// New user
$result = $ssc_database->query("INSERT INTO #__user SET\n\t\tusername = '******', fullname = '%s', displayname = '%s', email = '%s',\n\t\tgid = %d, password = '******', created = %d", $_POST['user'], $_POST['full'], $_POST['disp'], $_POST['email'], $_POST['grp'], $pass, time());
if (!$result) {
ssc_add_message(SSC_MSG_CRIT, t('There was an error submitting this form'));
return;
}
$id = $ssc_database->last_id();
ssc_add_message(SSC_MSG_INFO, t('User details saved'));
ssc_redirect("/admin/login/edit/{$id}");
} else {
// Update existing
if ($admin) {
if ($pass) {
$result = $ssc_database->query("UPDATE #__user SET\n\t\t\t\tusername = '******', fullname = '%s', displayname = '%s', email = '%s',\n\t\t\t\tgid = %d, password = '******' WHERE id = %d", $_POST['user'], $_POST['full'], $_POST['disp'], $_POST['email'], $_POST['grp'], $pass, $_POST['uid']);
if ($result) {
ssc_add_message(SSC_MSG_INFO, t('User details saved'));
} else {
ssc_add_message(SSC_MSG_CRIT, t('There was an error submitting this form'));
}
} else {
$result = $ssc_database->query("UPDATE #__user SET\n\t\t\t\tusername = '******', fullname = '%s', displayname = '%s', email = '%s',\n\t\t\t\tgid = %d WHERE id = %d", $_POST['user'], $_POST['full'], $_POST['disp'], $_POST['email'], $_POST['grp'], $_POST['uid']);
if ($result) {
ssc_add_message(SSC_MSG_INFO, t('User details saved'));
} else {
ssc_add_message(SSC_MSG_CRIT, t('There was an error submitting this form'));
}
}
} else {
if ($pass) {
$result = $ssc_database->query("UPDATE #__user SET\n\t\t\t\tusername = '******', fullname = '%s', displayname = '%s', email = '%s',\n\t\t\t\tpassword = '******' WHERE id = %d", $_POST['user'], $_POST['full'], $_POST['disp'], $_POST['email'], $pass, $ssc_user->id);
if ($result) {
ssc_add_message(SSC_MSG_INFO, t('User details saved'));
} else {
ssc_add_message(SSC_MSG_CRIT, t('There was an error submitting this form'));
}
} else {
$result = $ssc_database->query("UPDATE #__user SET\n\t\t\t\tusername = '******', fullname = '%s', displayname = '%s', email = '%s'\n\t\t\t\tWHERE id = %d", $_POST['user'], $_POST['full'], $_POST['disp'], $_POST['email'], $ssc_user->id);
if ($result) {
ssc_add_message(SSC_MSG_INFO, t('User details saved'));
} else {
ssc_add_message(SSC_MSG_CRIT, t('There was an error submitting this form'));
}
}
}
}
}
/**
* Gallery edit submission
*/
function gallery_form_submit()
{
global $ssc_database, $ssc_site_path;
if ($_POST['gid'] == 0) {
// Insert new
$result = $ssc_database->query("INSERT INTO #__handler (status, handler, path) \n\t\t\t\tVALUES (0, %d, '%s')", module_id('gallery'), $_POST['url']);
if (!$result) {
ssc_add_message(SSC_MSG_CRIT, 'Error inserting into DB');
return;
}
$id = $ssc_database->last_id();
$result = $ssc_database->query("INSERT INTO #__gallery (id, title, description, visible) \n\t\t\t\tVALUES (%d, '%s', '%s', %d)", $id, $_POST['name'], $_POST['desc'], $_POST['vis']);
if (!$result) {
$ssc_database->query("DELETE FROM #__handler WHERE id = %d LIMIT 1", $id);
ssc_add_message(SSC_MSG_CRIT, 'Error inserting into DB');
return;
}
mkdir($ssc_site_path . '/images/gallery/' . $id);
ssc_add_message(SSC_MSG_INFO, t('Gallery saved'));
ssc_redirect('/admin/gallery/edit/' . $id);
} else {
$result = $ssc_database->query("UPDATE #__gallery g, #__handler h SET title = '%s', description = '%s', \n\t\t\t\tvisible = %d, path = '%s' WHERE g.id = %d AND g.id = h.id ", $_POST['name'], $_POST['desc'], $_POST['vis'], $_POST['url'], $_POST['gid']);
if (!$result) {
ssc_add_message(SSC_MSG_CRIT, 'Gallery details were not saved');
} else {
ssc_add_message(SSC_MSG_INFO, 'Gallery details updated');
}
}
if (isset($_FILES['single'])) {
// Uploading single file
$ext = pathinfo($_FILES['single']['name']);
$ext = "." . $ext['extension'];
$file = $ssc_site_path . '/tmp/' . time() . "{$ext}";
if (!move_uploaded_file($_FILES['single']['tmp_name'], $file)) {
return;
}
$image = new sscImage($file);
// Possibly messy, but insert before resizing
$result = $ssc_database->query("INSERT INTO #__gallery_content (gallery_id, caption, mid) VALUES (%d, '', 0)", $_POST['gid']);
if (!$result) {
ssc_add_message(SSC_MSG_CRIT, 'Unable to insert new image');
return;
}
$id = $ssc_database->last_id();
$path = $ssc_site_path . '/images/gallery/' . $_POST['gid'] . '/';
if (!$image->resize($path . $id . $ext, 1024, -1)) {
$ssc_database->query("DELETE FROM #__gallery_content WHERE id = %d LIMIT 1", $id);
unlink($file);
ssc_add_message(SSC_MSG_CRIT, 'Unable to insert new image');
return;
}
if (!$image->resize($path . $id . "_m{$ext}", 350, -1)) {
$ssc_database->query("DELETE FROM #__gallery_content WHERE id = %d LIMIT 1", $id);
unlink($file);
unlink($path . $id . $ext);
ssc_add_message(SSC_MSG_CRIT, 'Unable to insert new image');
return;
}
if (!$image->resize($path . $id . "_t{$ext}", 150, -1)) {
$ssc_database->query("DELETE FROM #__gallery_content WHERE id = %d LIMIT 1", $id);
unlink($file);
unlink($path . $id . $ext);
unlink($path . $id . "_m.{$ext}");
ssc_add_message(SSC_MSG_CRIT, 'Unable to insert new image');
return;
}
ssc_add_message(SSC_MSG_INFO, t('Image uploaded'));
unlink($file);
}
}
/**
* Comment submission
*/
function blog_guest_comment_submit()
{
global $ssc_database, $ssc_site_url;
$details['n'] = $_POST['n'];
$details['s'] = $_POST['s'];
$details['e'] = $_POST['e'];
ssc_cookie('comment_details', serialize($details), 15552000);
// Load antispam
if (ssc_load_library('sscAkismet')) {
$spam = new sscAkismet($ssc_site_url, ssc_var_get('wordpress_api', ''));
if (!$spam) {
// No API key - submit but mark for moderation
$is_spam = SSC_BLOG_COMMENT_SPAM;
} else {
$spam->setContent($_POST['c'], 'comment');
$spam->setAuthor($_POST['n'], $_POST['e'], $_POST['s']);
$spam->setRemote($_SERVER['REMOTE_ADDR'], $_SERVER['HTTP_USER_AGENT']);
$spam->setBlog($_POST['perma']);
$is_spam = $spam->isSpam() ? SSC_BLOG_COMMENT_SPAM | SSC_BLOG_COMMENT_CAN_SPAM : SSC_BLOG_COMMENT_CAN_SPAM;
// Increment caught count
if ($is_spam & SSC_BLOG_COMMENT_SPAM) {
ssc_var_set('akismet_count', (int) ssc_var_get('akismet_count', 1) + 1);
}
}
} else {
// No Akismet library - submit but mark for moderation
$is_spam = SSC_BLOG_COMMENT_SPAM;
}
if ($is_spam & SSC_BLOG_COMMENT_SPAM && ssc_var_get('blog.discard_spam', false)) {
ssc_add_message(SSC_MSG_WARN, t('Your post was marked as spam and permanently discarded - please try to reduce it\'s "spammyness" and try again'));
$_POST['spammed'] = true;
} else {
$_POST['spammed'] = false;
$result = $ssc_database->query("INSERT INTO #__blog_comment (post_id, author, email, site, created, status, body, ip)\n\t\t\tVALUES (%d, '%s', '%s', '%s', %d, %d, '%s', '%s')", $_POST['i'], $_POST['n'], $_POST['e'], $_POST['s'], time(), $is_spam, $_POST['c'], $_SERVER['REMOTE_ADDR']);
// Result tree
if ($result) {
// Submission successful
if ($is_spam & SSC_BLOG_COMMENT_SPAM) {
// Comment was marked as spam
if ($is_spam & SSC_BLOG_COMMENT_CAN_SPAM) {
// ... by Akismet
ssc_add_message(SSC_MSG_WARN, t('Your comment has been submitted but marked as spam and queued for moderation. Do not resubmit your comment.'));
} else {
// Akisment unavailable - manual moderation
ssc_add_message(SSC_MSG_INFO, t('Your comment has been submitted and queued for moderation. Do not resubmit as it should be checked soon.'));
}
} else {
ssc_add_message(SSC_MSG_INFO, t('Your comment was successfully added'));
}
} else {
ssc_add_message(SSC_MSG_CRIT, t('There was a server error encountered while submitting your comment'));
}
}
}
/**
* Page submission
*/
function static_form_submit()
{
global $ssc_database;
$id = intval($_POST['id']);
if ($id == 0) {
// Insert
$result = $ssc_database->query("INSERT INTO #__handler (path, handler) VALUES ('%s', %d)", $_POST['url'], module_id('static'));
if (!$result) {
ssc_add_message(SSC_MSG_CRIT, 'Error inserting into DB');
return;
}
$id = $ssc_database->last_id();
$result = $ssc_database->query("INSERT INTO #__static (id, title, created, modified, body) VALUES (%d, '%s', %d, %d, '%s')", $id, $_POST['title'], time(), time(), $_POST['body']);
if (!$result) {
ssc_add_message(SSC_MSG_CRIT, 'Error inserting into DB');
return;
}
ssc_add_message(SSC_MSG_INFO, t('Page saved'));
ssc_redirect('/admin/static/edit/' . $id);
} else {
// Update
$ssc_database->query("UPDATE #__static s, #__handler h SET s.title = '%s', s.body = '%s', h.path = '%s', s.modified = %d WHERE s.id = h.id AND s.id = %d", $_POST['title'], $_POST['body'], $_POST['url'], time(), $id);
}
ssc_add_message(SSC_MSG_INFO, t('Page saved'));
}
function fbapp_mod_blog_post_publish($blog_id, $id, $title)
{
global $ssc_site_url, $ssc_database, $ssc_site_path;
require_once 'facebook.php';
$api_key = "9c476aaa4b1654c09ede303a7d140a36";
$secret_key = ssc_var_get('fbapp_blog_secret', '');
if ($secret_key == '') {
ssc_add_message(SSC_MSG_CRIT, "Facebook user secret key has not been set up yet!");
return;
}
$session_key = ssc_var_get('fbapp_blog_session', '');
if ($session_key == '') {
ssc_add_message(SSC_MSG_CRIT, "Facebook user session key has not been set yet!");
return;
}
$client = new FacebookRestClient($api_key, $secret_key, $session_key);
if (!$client->users_getLoggedInUser()) {
ssc_add_message(SSC_MSG_CRIT, "Unable to get userid");
return;
}
$dbres = $ssc_database->query("SELECT body FROM #__blog_post WHERE id = %d LIMIT 1", $id);
if (!$dbres) {
ssc_add_message(SSC_MSG_CRIT, "Unable to retrieve posted item from database?!");
return;
}
if (!($data = $ssc_database->fetch_assoc($dbres))) {
ssc_add_message(SSC_MSG_CRIT, "Unable to retrieve posted item from database?!");
return;
}
$img = null;
// Extract the first image
$i = strpos($data['body'], '[[img');
if ($i !== false) {
// Some basic error checking for a valid tag
$j = strpos($data['body'], ']]', $i);
$k = strpos($data['body'], '[[', $i + 3);
if ($j !== false && ($j < $k || $k === FALSE)) {
$path = explode("|", substr($data['body'], $i, $j - $i));
if (count($path) > 1) {
$path = $path[1];
// Now match it up to the right path
if (strpos($path, "://") === false) {
if ($path[0] == "/") {
$path = substr($path, 1);
}
// Relative path
if (file_exists($ssc_site_path . "/images/{$path}.jpg") || file_exists($ssc_site_path . "/images/{$path}.png") || file_exists($ssc_site_path . "/images/{$path}")) {
// Default to image directory base-dir
$img = $ssc_site_url . "/images/{$path}";
} elseif (file_exists($ssc_site_path . "/{$path}") || file_exists($ssc_site_path . "/{$path}.jpg") || file_exists($ssc_site_path . "/{$path}.png")) {
// Relative to site root instead
$img = $ssc_site_url . '/' . $path;
}
}
}
}
}
// Hackish - TODO later for multiple blog paths, non-root based
$uri = $ssc_site_url . "/id/{$id}";
//$result = $client->feed_publishUserAction(30881549425, array("title"=>$title, "uri"=>$uri), '', '', 2);
$attachment = array('name' => $title, 'href' => $uri, 'caption' => 'A blog post has just been made');
if ($img != null) {
$attachment['media'] = array(array('type' => 'image', 'src' => $img, 'href' => $uri));
}
$action_links = array(array('text' => 'Read this post', 'href' => $uri));
$target_id = null;
//array();
$uid = null;
$result = $client->stream_publish(" has been blogging", $attachment, $action_links, $target_id, $uid);
if ($result) {
ssc_var_set('fbapp_blog_lastid', $id);
} else {
ssc_add_message("Unable to post to FB");
}
}
