if (is_array($_POST['penalty'])) {
foreach ($_POST['penalty'] as $doot) {
$author = $songs[intval($doot) - 1]['author'];
print "--=> " . $author . " <=- Did not vote\n";
}
}
print "\n\n";
print "-----<O>-----\n";
print "This results were generated with LazyVote. (c) 2010 coda and Saga Musix. http://wiki.s3m.us";
$text = ob_get_clean();
$outFileName = UPLOAD_DIR . $compo . '.txt';
file_put_contents($outFileName, $text);
@chmod($outFileName, 0755);
$arc = new ArchiveFile(UPLOAD_DIR . $compo);
$resultsTxt = UPLOAD_DIR . 'results.txt';
$arc->PrepareReplace($resultsTxt);
if (copy($outFileName, $resultsTxt)) {
$arc->Add($resultsTxt);
}
@unlink($resultsTxt);
$arc->Close();
redirect(BASEDIR . "results/{$compo}.txt");
}
?>
<script src="https://code.jquery.com/jquery-1.12.4.min.js" integrity="sha384-nvAa0+6Qg9clwYCGGPpDQLVpLNn0fRaROjHqs13t4Ggj3Ez50XnGQqc/r8MhnRDZ" crossorigin="anonymous"></script>
<script src="https://code.jquery.com/ui/1.12.1/jquery-ui.min.js" integrity="sha384-Dziy8F2VlJQLMShA6FHWNul/veM9bCkRUaLqr199K94ntO5QUrLJBEbYegdSkkqX" crossorigin="anonymous"></script>
<script type="text/javascript">var BASEDIR = "{{BASE}}";</script>
<script src="{{BASE}}js/lazyvote.js" type="text/javascript"></script>
<h2>Entries</h2>
<?php
if ($isActive) {
function processUpload()
{
global $mysqli;
$compo = intval($_POST["compo"]);
if (isset($_POST["token"]) && $_POST["token"] > 0) {
// Remove upload token
$stmt = $mysqli->prepare('DELETE FROM `uploading` WHERE
`idupload` = ? AND
`author` = ? AND
`idcompo` = ?
') or die('query failed');
$stmt->bind_param('isi', intval($_POST["token"]), $_POST["author"], $compo);
$stmt->execute() or die('query failed');
}
$result = $mysqli->query("SELECT * FROM `compos` WHERE (`idcompo` = {$compo}) AND (`active` != 0)") or die('query failed');
$isClosed = $result->num_rows == 0;
$result->free();
if ($isClosed) {
uploadError("Sorry, but uploading for this compo is closed.");
return;
}
if ($_POST["author"] == "") {
uploadError("You forgot to enter your name!");
return;
} else {
if ($_FILES['userfile']['size'] > MAX_UPLOAD_SIZE || $_FILES['userfile']['error'] === UPLOAD_ERR_INI_SIZE) {
uploadError("Your <s>penis</s> file is too big!");
return;
} else {
if ($_FILES['userfile']['size'] < 100) {
uploadError("Your <s>penis</s> file is too small!");
return;
}
}
}
setcookie("author", $_POST["author"], time() + 60 * 60 * 24 * 365, "/");
$arc = new ArchiveFile(UPLOAD_DIR . $compo);
if ($arc->Open() === FALSE) {
echo "<p>Can't update the pack, please contact the technical support!</p>";
return;
}
$safeName = safeFilename($_FILES['userfile']['name']);
$lastDot = strrpos($safeName, '.');
if (strlen($safeName) <= MAX_FILENAME_LENGTH || $lastDot === FALSE) {
$db_filename = substr($safeName, 0, MAX_FILENAME_LENGTH);
} else {
// Need to trim filename
$extension = substr($safeName, $lastDot);
$db_filename = substr($safeName, 0, MAX_FILENAME_LENGTH - strlen($extension)) . $extension;
}
// Get mod title
$modTitle = getModTitle($_FILES['userfile']['tmp_name'], $db_filename);
$insert = TRUE;
// duplicate filename?
$stmt = $mysqli->prepare('SELECT * FROM `entries` WHERE (`idcompo` = ?) AND (`filename` = ?)') or die('query failed');
$stmt->bind_param('is', $compo, $db_filename);
$stmt->execute() or die('query failed');
$result = $stmt->get_result();
if ($result->num_rows > 0) {
$row = $result->fetch_assoc();
//if(isset($_SESSION["upload-" . $row["identry"]]) && $_SESSION["upload-" . $row["identry"]] == $_POST["author"])
if ($row["author"] == $_POST["author"]) {
// replace file
$entryID = $row["identry"];
$stmtRep = $mysqli->prepare('UPDATE `entries` SET
`title` = ?,
`altered` = 1,
`date` = CURRENT_TIMESTAMP
WHERE `identry` = ?') or die('query failed');
$stmtRep->bind_param('si', $modTitle, $entryID);
$stmtRep->execute() or die('query failed');
$stmtRep->close();
@unlink(UPLOAD_DIR . $entryID);
$arc->PrepareReplace($db_filename);
$insert = FALSE;
} else {
// this is not ours, invent new filename
$db_filename = substr(dechex(mt_rand(0, 255)) . '-' . $db_filename, 0, MAX_FILENAME_LENGTH);
}
}
$result->free();
$stmt->close();
if ($insert) {
$stmt = $mysqli->prepare('INSERT INTO `entries` (`author`, `filename`, `title`, `idcompo`, `altered`) VALUES (?, ?, ?, ?, 0)') or die('query failed');
$stmt->bind_param('sssi', $_POST["author"], $db_filename, $modTitle, $compo);
$stmt->execute() or die('query failed');
$entryID = $stmt->insert_id;
$stmt->close();
}
$_SESSION["upload-{$entryID}"] = $_POST["author"];
$_SESSION["compo-{$compo}"] = TRUE;
if (move_uploaded_file($_FILES['userfile']['tmp_name'], UPLOAD_DIR . $db_filename)) {
$arc->Add(UPLOAD_DIR . $db_filename);
$arc->Close();
@unlink(UPLOAD_DIR . $db_filename);
echo '<h2>...go!</h2>';
if ($insert) {
echo '<p>OK, ', htmlspecialchars($_POST["author"]), ', all done. Good luck!</p>';
} else {
echo '<p>OK, ', htmlspecialchars($_POST["author"]), ', your file has been <strong>updated</strong>. Good luck!</p>';
}
echo '<p>If you need to replace your file, upload it using exactly the same file name (', htmlspecialchars($db_filename), ') and handle (', htmlspecialchars($_POST["author"]), ') as this one.</p>';
} else {
$arc->Close();
uploadError("Captain, the machinery failed! Please contact the technical support!");
return;
}
}
