<?php
session_start();
require_once 'inc/data.inc';
require_once 'inc/authorize.inc';
require_once 'inc/photo-config.inc';
require_once 'inc/locked.inc';
require_once 'inc/default-file-path.inc';
require_permission(SET_UP_PERMISSION);
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<title>Pinewood Derby Race Settings</title>
<?php
require 'inc/stylesheet.inc';
?>
<link rel="stylesheet" type="text/css" href="css/jquery.mobile-1.4.2.css"/>
<link rel="stylesheet" type="text/css" href="css/chooser.css"/>
<link rel="stylesheet" type="text/css" href="css/settings.css"/>
<script type="text/javascript" src="js/jquery.js"></script>
<script type="text/javascript" src="js/mobile-init.js"></script>
<script type="text/javascript" src="js/jquery.mobile-1.4.2.min.js"></script>
<script type="text/javascript" src="js/modal.js"></script>
<script type="text/javascript" src="js/dashboard-ajax.js"></script>
<script type="text/javascript" src="js/chooser.js"></script>
<script type="text/javascript" src="js/settings.js"></script>
<script type="text/javascript">
function photo_directory_base() {
<?php
<?php
require_permission('manager feeds');
$html = new HTML();
$html->renderOut('site/html_header', array('title' => '公众号 :: ' . $settings['sitename'], 'body_class' => 'accounts'));
$html->renderOut('site/header/blank');
$html->renderOut('site/nav/main');
$html->renderOut('site/accounts', array('accounts' => UserWechatAccount::findAll()));
$html->renderOut('site/footer');
$html->renderOut('site/html_footer');
<?php
// When presented as a kiosk page, i.e., when this php file is included from
// kiosks/ondeck.kiosk, the session_start() function will already have been
// called. The @ is necessary to suppress the error notice that may arise in
// this case.
@session_start();
require_once 'inc/data.inc';
require_once 'inc/authorize.inc';
require_once 'inc/schema_version.inc';
require_once 'inc/running_round_header.inc';
require_permission(VIEW_RACE_RESULTS_PERMISSION);
$nlanes = get_lane_count_from_results();
$now_running = get_running_round();
$use_master_sched = use_master_sched();
$high_water_rounds = high_water_rounds();
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<script type="text/javascript" src="js/jquery.js"></script>
<?php
if (isset($as_kiosk)) {
require_once 'inc/kiosk-poller.inc';
}
require_once 'inc/ajax-failure.inc';
?>
<script type="text/javascript">
var g_update_status = {
last_update_time: "", // First refresh is for everything
<?php @session_start(); // EXPERIMENTAL // Lists common non-specific awards (e.g., "Most Aerodynamic"), along // with a drop-down selection element of potential recipients for // each. // TODO: Assigning an award presently has no effect!! // TODO: Drag-and-drop, a la photo-thumbs // TODO: Write-in field for true ad hoc awards require_once 'inc/data.inc'; require_once 'inc/authorize.inc'; require_permission(JUDGING_PERMISSION); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <title>Award Judging</title> <?php require 'inc/stylesheet.inc'; ?> <meta http-equiv="refresh" content="300"/> <script type="text/javascript" src="js/jquery.js"></script> <script type="text/javascript" src="js/dashboard-ajax.js"></script> <script type="text/javascript" src="js/checkin.js"></script> </head> <body> <?php $banner_title = 'Judging'; require 'inc/banner.inc';
<?php
session_start();
require_once 'inc/data.inc';
require_once 'inc/authorize.inc';
require_permission(ASSIGN_RACER_IMAGE_PERMISSION);
require_once 'inc/photo-config.inc';
$photo_repository = photo_repository(isset($_GET['repo']) ? $_GET['repo'] : 'head');
function scan_directory($directory, $pattern)
{
$files = array();
$dh = @opendir($directory);
if ($dh !== false) {
while (($filename = readdir($dh)) !== false) {
if (preg_match($pattern, $filename) && is_file($directory . DIRECTORY_SEPARATOR . $filename)) {
$files[] = $filename;
}
}
closedir($dh);
}
return $files;
}
$allfiles = scan_directory($photo_repository->directory(), "/(jpg|jpeg|png|gif|bmp)/i");
// Returns a javascript expression, suitable for onclick, to perform cropping of a particular photo.
function photo_crop_expression($basename)
{
global $photo_repository;
return htmlspecialchars('showPhotoCropModal(this, "' . $photo_repository->name() . '", "' . $basename . '", ' . time() . ')', ENT_QUOTES, 'UTF-8');
}
// TODO: line-height? "End of photos" text aligns with thumbnail image bottom.
// *** Both div's are overhanging the bottom by the amount taken up by the banner and refresh button!
<?php @session_start(); // Add, edit, reorder, and assign awards require_once 'inc/data.inc'; require_once 'inc/authorize.inc'; require_once 'inc/schema_version.inc'; require_once 'inc/photo-config.inc'; require_permission(EDIT_AWARDS_PERMISSION); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <title>Awards Presentation Dashboard</title><?php require 'inc/stylesheet.inc'; ?> <script type="text/javascript" src="js/jquery.js"></script> <script type="text/javascript" src="js/jquery-ui-1.10.4.min.js"></script> <script type="text/javascript" src="js/dashboard-ajax.js"></script> <script type="text/javascript" src="js/mobile-init.js"></script> <script type="text/javascript" src="js/jquery.mobile-1.4.2.min.js"></script> <script type="text/javascript" src="js/modal.js"></script> <script type="text/javascript" src="js/awards-editor.js"></script> <link rel="stylesheet" type="text/css" href="css/jquery.mobile-1.4.2.css"/> <link rel="stylesheet" type="text/css" href="css/awards-editor.css"/> </head> <body> <?php $banner_title = 'Awards Editor'; require 'inc/banner.inc';
<?php
/** access control **/
require_login();
require_permission('管理本公司用户');
/** prepare vars **/
$myuser = MySiteUser::getCurrentUser();
$uid = isset($vars[1]) ? $vars[1] : null;
$user_to_edit = MySiteUser::findById($uid);
if (!$user_to_edit) {
dispatch('site/404');
exit;
}
/** handle submission **/
if (isset($_POST['submit'])) {
// we uncomment the following fields coz we don't want user to change
$no_change = array('company_id');
foreach ($no_change as $field) {
if (isset($_POST[$field])) {
unset($_POST[$field]);
}
}
// then we call the general process
$uid = $uid;
require_once MODULESROOT . '/siteuser/controllers/backend/user/add_edit_submission.php';
}
/** presentation **/
$html = new HTML();
$html->renderOut('site/components/html_header', array('title' => '编辑用户信息', 'body_class' => 'siteuser_edit'));
$html->renderOut('site/components/mainnav', array('user' => $myuser));
$html->output('<div id="page-wrapper" class="gray-bg">');
<?php
/** access control **/
require_login();
require_permission('管理自己的客户');
/** get vars **/
$cid = isset($vars[1]) ? strip_tags($vars[1]) : null;
/** delete client **/
$response = new stdClass();
$client = Client::findById($cid);
// permisison check if you want to delete client that is not yours
if ($client->getUserId() != MySiteUser::getCurrentUser()->getId()) {
if (!has_permission('管理所有客户')) {
$response->status = 'error';
$response->message = '你没有权限进行此操作';
header('Content-Type: application/json');
echo json_encode($response);
exit;
}
}
if (!$client) {
$response->status = 'error';
$response->message = '此客户不存在';
} else {
if ($client->delete()) {
$response->status = 'success';
} else {
$response->status = 'error';
$response->message = '删除用户失败';
}
}
<?php
/** access control **/
require_login();
require_permission('管理用户权限');
/** prepare vars **/
$myuser = MySiteUser::getCurrentUser();
/** handle submission **/
if (isset($_POST['submit'])) {
SitePermissionRole::truncate();
foreach ($_POST as $key => $val) {
if (strstr($key, 'role_')) {
$tokens = explode('_', $key);
$role_id = (int) $tokens[1];
foreach ($val as $permission_id => $v) {
$spr = new SitePermissionRole();
$spr->setRoleId($role_id);
$spr->setPermissionId($permission_id);
$spr->save();
}
}
}
Message::register(new Message(Message::SUCCESS, '用户权限更新成功!'));
HTML::forwardBackToReferer();
}
/** presentation **/
$html = new HTML();
$html->renderOut('site/components/html_header', array('title' => '管理用户权限', 'body_class' => 'permission'));
$html->renderOut('site/components/mainnav', array('user' => $myuser));
$html->output('<div id="page-wrapper" class="gray-bg">');
$html->renderOut('site/components/topnav', array('user' => $myuser));
<?php session_start(); require_once 'inc/data.inc'; require_once 'inc/authorize.inc'; require_permission(PRESENT_AWARDS_PERMISSION); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <title>Kiosk Dashboard</title> <?php require 'inc/stylesheet.inc'; ?> <link rel="stylesheet" type="text/css" href="css/jquery.mobile-1.4.2.css"/> <script type="text/javascript" src="js/jquery.js"></script> <script type="text/javascript" src="js/jquery-ui-1.10.4.min.js"></script> <link rel="stylesheet" type="text/css" href="css/kiosk-dashboard.css"/> <script type="text/javascript" src="js/mobile-init.js"></script> <script type="text/javascript" src="js/jquery.mobile-1.4.2.min.js"></script> <script type="text/javascript" src="js/dashboard-ajax.js"></script> <script type="text/javascript" src="js/modal.js"></script> <script type="text/javascript" src="js/kiosk-dashboard.js"></script> </head> <body> <?php $banner_title = 'Kiosk Dashboard'; require 'inc/banner.inc'; require_once 'inc/ajax-failure.inc'; ?>
<?php
/** access control **/
require_login();
require_permission('更新自己的信息');
/** prepare vars **/
$myuser = MySiteUser::getCurrentUser();
/** submission handle **/
if (isset($_POST['submit'])) {
// we uncomment the following fields coz we don't want user to change
$no_change = array('company_id', 'roles', 'active');
foreach ($no_change as $field) {
if (isset($_POST[$field])) {
unset($_POST[$field]);
}
}
// then we call the general process
$uid = $myuser->getId();
require_once MODULESROOT . '/siteuser/controllers/backend/user/add_edit_submission.php';
}
/** presentation **/
$html = new HTML();
$html->renderOut('site/components/html_header', array('title' => '更新个人信息', 'body_class' => 'profile'));
$html->renderOut('site/components/mainnav', array('user' => $myuser));
$html->output('<div id="page-wrapper" class="gray-bg">');
$html->renderOut('site/components/topnav', array('user' => $myuser));
$html->renderOut('site/components/page_header', array('title' => '修改个人信息', 'breadcrumb' => array('首页' => uri(''), '个人信息' => '#', '修改个人信息' => '#')));
$html->renderOut('site/profile', array('user' => $myuser));
$html->output('</div>');
$html->renderOut('site/components/html_footer');
<?php
@session_start();
require_once 'inc/data.inc';
require_once 'inc/authorize.inc';
require_once 'inc/schema_version.inc';
require_permission(CHECK_IN_RACERS_PERMISSION);
// This is the racer check-in page. It appears as a table of all the
// registered racers, with a checkbox (actually, a "flipswitch",
// thanks to transformations peformed by jquery mobile) for each
// racer. Clicking on the check-in button invokes some javascript
// that sends an ajax POST request to check-in (or un-check-in) that
// racer. See checkin.js.
// In addition to the actual check-in, it's possible to change a
// racer's car number from this form, or mark the racer for our
// "exclusively by scout" award.
// Here on the server side, a GET request sends HTML for the whole
// page. POST requests to make changes to the database are sent to
// action.php, and produce just a small XML document.
// TODO- subgroups explanation
// $use_subgroups, from GPRM settings, tells whether we're using
// "subgroups" within each racing group.
$use_subgroups = read_raceinfo_boolean('use-subgroups');
// Our pack provides an "exclusively by scout" award, based on a
// signed statement from the parent. Collecting the statement is part
// of the check-in process, so there's provision for a checkbox on the
// check-in form. For groups that don't do this, $xbs will be false
// (and $xbs_award_name will be blank), and the checkboxes won't be
// shown.
$xbs = read_raceinfo_boolean('xbs-award');
$xbs_award_name = read_raceinfo('xbs-award');
