public function delete()
{
$options = WebApp::post('options') === NULL ? array() : strgetcsv(WebApp::post('options'));
if (count($options) == 0) {
return new ActionResult($this, '/admin/core/option_view', 0, 'No option(s) were selected!', B_T_FAIL);
}
foreach ($options as $option) {
$validated = GUMP::is_valid(array('opt' => $option), array('opt' => 'integer'));
if ($validated !== true) {
return new ActionResult($this, '/admin/core/option_view', 0, 'No option(s) were selected!', B_T_FAIL);
}
}
$delete = $this->mySQL_w->prepare("DELETE FROM `core_options` WHERE `id`=?");
$affected_rows = 0;
foreach ($options as $id) {
$delete->bind_param('i', $id);
$delete->execute();
$delete->store_result();
$affected_rows += $delete->affected_rows;
}
if ($affected_rows == count($options)) {
$this->parent->parent->logEvent($this::name_space, 'Deleted options: ' . csvgetstr($options));
return new ActionResult($this, '/admin/core/option_view', 1, 'Successfully deleted selected option(s)!', B_T_SUCCESS);
} else {
$this->parent->parent->logEvent($this::name_space, 'Deleted some options: ' . csvgetstr($options));
return new ActionResult($this, '/admin/core/option_view', 1, 'Successfully deleted ' . $affected_rows . '/' . count($options) . ' selected option(s)!<br /><small>Possible cause: <code>Unknown</code></small>', B_T_WARNING);
}
}
<?php
$page->createTitle();
print $page->getHeader();
print "<div class=\"row pane\">\n";
print " <div class=\"col-xs-12\">\n";
$MIDs = strgetcsv($page->getData());
if ($MIDs !== false) {
include_once "lib/modules/meet.php";
include_once "lib/plugins/accordion.php";
$meet = new Meet($mySQL, $page->getPageNumber());
$accordion = new Accordion();
foreach ($MIDs as $meetID) {
$meet->setID($meetID);
$meet->createMeet();
$sessions = $meet->getMeet();
for ($s = 1; $s <= $meet->getNumberSessions(); $s++) {
$content = "Warm Up: " . $meet->getTimes($s, "warm") . "<br />\n";
$content .= "Sign In Closes: " . $meet->getTimes($s, "sign") . "<br />\n";
$content .= "Start: " . $meet->getTimes($s, "start") . "<br />\n";
if ($meet->getDispEvts() === true) {
$content .= "<ul>\n";
foreach ($sessions["S{$s}"]["E"] as $event) {
if ($event['n'] != 0) {
$content .= "<li>" . $meet->eventTitleGED($event) . "</li>\n";
} else {
$content .= "<li>" . $meet->eventTitle($event) . "</li>\n";
}
}
$content .= "</ul>\n";
}
function setpassword()
{
$n_pwd = WebApp::post('n_pwd') === NULL ? '' : WebApp::post('n_pwd');
$n_pwd_c = WebApp::post('c_pwd') === NULL ? '' : WebApp::post('c_pwd');
$users = WebApp::post('users') === NULL ? array() : strgetcsv(WebApp::post('users'));
if (count($users) == 0) {
return new ActionResult($this, '/admin/user/user_view', 0, 'Failed to set passwords.<br />Error: <code>No users were selected</code>', B_T_FAIL);
}
if ($n_pwd == '') {
return new ActionResult($this, '/admin/user/user_view', 0, 'Failed to set passwords.<br />Error: <code>Password cannot be blank</code>', B_T_FAIL);
}
if ($n_pwd != $n_pwd_c) {
return new ActionResult($this, '/admin/user/user_view', 0, 'Failed to set passwords.<br />Error: <code>New passwords must match</code>', B_T_FAIL);
}
$userCtrl = $this->parent->parent->user;
$check_query = $this->mySQL_w->prepare("SELECT `p_group` FROM `core_users` WHERE `id`=?");
if ($check_query === false) {
return new ActionResult($this, '/admin/user/user_view', 0, 'Failed to set passwords!<br />Error: <code>Check query failed</code>', B_T_FAIL);
}
foreach ($users as $UID) {
$check_query->bind_param('i', $UID);
$check_query->execute();
$check_query->bind_result($p_group);
$check_query->fetch();
if ($p_group == 1 && !$this->parent->parent->user->inGroup(1)) {
$this->parent->parent->logEvent($this::name_space, 'Tried to set password on a Super Admin');
return new ActionResult($this, '/admin/user/group_view', 0, 'Failed to set password for user!<br />Error: <code>You cannot set the password for a Super Administrator</code>', B_T_FAIL);
}
}
$check_query->free_result();
$update_query = $this->mySQL_w->prepare("UPDATE `core_users` SET `pass`=?, `chgPwd`=1, `pwd_reset`=`pwd_reset`+1 WHERE `id`=?");
if ($update_query === false) {
return new ActionResult($this, '/admin/user/user_view', 0, 'Failed to set passwords!<br />Error: <code>Update query failed</code>', B_T_FAIL);
}
$affected_rows = 0;
foreach ($users as $UID) {
$hash = $userCtrl->ranHash();
$new_pwd = $userCtrl->pwd_hash($n_pwd, $hash) . ':' . $hash;
$update_query->bind_param('si', $new_pwd, $UID);
$update_query->execute();
$update_query->store_result();
$affected_rows += $update_query->affected_rows;
}
if ($affected_rows == count($users)) {
$this->parent->parent->logEvent($this::name_space, 'Set new password for users ' . csvgetstr($users));
return new ActionResult($this, '/admin/user/user_view', 1, 'Successfully set password for selected user(s)!', B_T_SUCCESS);
} else {
$this->parent->parent->logEvent($this::name_space, 'Set new password for some users ' . csvgetstr($users));
return new ActionResult($this, '/admin/user/user_view', 1, 'Successfully set password for ' . $affected_rows . '/' . count($users) . ' selected user(s)!<br /><small>Possible cause: <code>Unknown</code></small>', B_T_WARNING);
}
}
public function backup()
{
if (!$this->accessAdminPage(3)) {
return new ActionResult($this, '/admin/modules/', 1, 'You are not allowed to do that', B_T_FAIL);
}
$backups = WebApp::post('backups') === NULL ? array() : strgetcsv(WebApp::post('backups'));
if (count($backups) == 0) {
$backups = WebApp::get('m') === NULL ? array() : array(WebApp::get('m'));
}
if (count($backups) == 0) {
return new ActionResult($this, '/admin/modules/backup', 0, 'No module(s) were selected!', B_T_FAIL);
}
foreach ($backups as $backup) {
$validated = GUMP::is_valid(array('bk' => $backup), array('bk' => 'integer'));
if ($validated !== true) {
return new ActionResult($this, '/admin/modules/backup', 0, 'No module(s) were selected!', B_T_FAIL);
}
}
$location = __BACKUP__ . DIRECTORY_SEPARATOR . date(DATET_BKUP) . DIRECTORY_SEPARATOR;
require_once dirname(__FILE__) . DIRECTORY_SEPARATOR . 'resources' . DIRECTORY_SEPARATOR . 'backup.php';
$result = array();
foreach ($backups as $module) {
$backup = new Backup($this->parent);
if (!$backup->setLocation($location)) {
return new CronResult($this, false, 'Failed to create backup dir: ' . DIRECTORY_SEPARATOR . 'backup' . str_replace(__BACKUP__, '', $location . $module));
}
if (!$backup->setID($module)) {
return new CronResult($this, false, 'Failed to setID for ' . $module);
}
$results[$module] = $backup->backup();
unset($backup);
}
$msg = '';
$status = true;
foreach ($results as $ns => $data) {
$msg .= '"' . $ns . '": ' . $data['msg'] . PHP_EOL;
if (!$data['s']) {
$status = false;
}
}
if ($status) {
$msg = 'Backup was completed for selected module(s)!';
$type = B_T_SUCCESS;
} else {
$msg = 'Backup was completed but failed for some/all module(s). Details as follows:' . PHP_EOL . $msg;
$type = B_T_WARNING;
}
$this->parent->parent->logEvent($this::name_space, 'Back up modules: ' . csvgetstr($backups));
return new ActionResult($this, '/admin/modules/backup', 1, $msg, $type);
}
/**
* Installer::_registerGroups()
*
* @param mixed $xml
* @return
*/
public function _registerGroups($xml = null)
{
$this->parent->parent->debug($this::name_space . ': Registering groups...');
// Allows us to pump alternative xml into the function
if ($xml === null) {
$groups = $this->module->getElementsByTagName('group');
} else {
$groups = $xml->getElementsByTagName('group');
}
// Get the module ID so we can workout the group numbers
$fetch_query = $this->mySQL_r->prepare("SELECT `module_id` FROM `core_modules` WHERE `namespace`=?");
if ($fetch_query === false) {
$this->parent->parent->debug($this::name_space . ': Fetch query failed!');
return new ActionResult($this, '/admin/modules/install/', 0, 'Failed to register groups!', B_T_FAIL, array('status' => 0, 'msg' => 'Failed to register groups!'));
}
// Create the register query
$register_query = $this->mySQL_w->prepare("INSERT INTO `core_groups`\n\t\t\t(`GID`,\t`name`,\t`en`,\t`type`, `desc`) VALUES\n\t\t\t(?,\t\t?,\t\t1,\t\t's',\t?)\n\t\t");
$gpage_query = $this->mySQL_w->prepare("INSERT INTO `core_gpage` (`GID`,`PID`) VALUES(?,?)");
if ($register_query === false) {
$this->parent->parent->debug($this::name_space . ': Group register query failed!');
return new ActionResult($this, '/admin/modules/install/', 0, 'Failed to register groups!', B_T_FAIL, array('status' => 0, 'msg' => 'Failed to register groups!'));
}
// Get the module ID
$fetch_query->bind_param('s', $this->namespace);
$fetch_query->bind_result($MOD_ID);
$fetch_query->execute();
$fetch_query->store_result();
if ($fetch_query->num_rows != 1) {
$this->parent->parent->debug($this::name_space . ': Module isnt\'t registered!');
return new ActionResult($this, '/admin/modules/install/', 0, 'Failed to register groups!', B_T_FAIL, array('status' => 0, 'msg' => 'Failed to register groups!'));
}
while ($fetch_query->fetch()) {
$results = array();
// Check we have some groups to register
if ($groups->length > 0) {
$results[] = true;
}
// Loop throught the groups and register them
foreach ($groups as $group) {
// Get the group details
$id = $MOD_ID * 1000 + XMLCut::fetchTagValue($group, 'id');
$name = XMLCut::fetchTagValue($group, 'name');
$desc = XMLCut::fetchTagValue($group, 'desc');
$pages = array();
// Loop throught the relative page IDs to create the absolute IDs
$pgs = strgetcsv(XMLCut::fetchTagValue($group, 'pages'));
foreach ($pgs as $page) {
$pages[] = $MOD_ID * 1000 + $page;
}
$admin = strgetcsv(XMLCut::fetchTagValue($group, 'admin'));
foreach ($admin as $page) {
$pages[] = 1000000 + $MOD_ID * 1000 + $page;
}
// Bind the params
$register_query->bind_param('iss', $id, $name, $desc);
// Execute the query
$register_query->execute();
$register_query->store_result();
foreach ($pages as $PID) {
$this->parent->parent->debug($this::name_space . ': Registered PID "' . $PID . '" for "' . $id . '"!');
$gpage_query->bind_param('ii', $id, $PID);
$gpage_query->execute();
}
// Dump the result into an array
if ($register_query->affected_rows == 1) {
$this->parent->parent->debug($this::name_space . ': Registered group ID "' . $id . '"!');
$results[] = true;
} else {
$this->parent->parent->debug($this::name_space . ': Registered group ID "' . $id . '"!');
$results[] = false;
}
}
// Now we should have no false values if everything went well
if (array_search(false, $results) !== true) {
return new ActionResult($this, '/admin/modules/install/', 0, 'Processing module installer...', B_T_FAIL, array('status' => 1, 'msg' => 'Registering cron jobs...'));
} else {
$this->parent->parent->debug($this::name_space . ': Failed to register groups!');
}
}
// while($fetch_query->fetch())
}
private function _checkExtendedPage($cat1, $cat2, $cat3, $cat4)
{
// Using null safe <=> as $cat1, $cat2, $cat3 return null if they are not present
for ($c = 4; $c >= 1; $c--) {
if (${'cat' . $c} !== NULL) {
${'cat' . $c} = '*';
break;
}
}
$page_query = $this->mySQL_r->prepare("SELECT `ID`,`title`,`https`,`desc`,`introText`,`data`,`css`,`js` from `core_pages` WHERE `cat1`<=>? AND `cat2`<=>? AND `cat3`<=>?");
$page_query->bind_param('sss', $cat1, $cat2, $cat3);
$page_query->execute();
$page_query->store_result();
if ($page_query->num_rows !== 1) {
$this->parent->debug($this::name_space . ': Found ' . $page_query->num_rows . ' entries for page!');
return false;
}
$page_query->bind_result($ID, $title, $https, $desc, $intro, $data, $css, $js);
$page_query->fetch();
$page['title'] = $title;
$page['num'] = $ID;
$page['desc'] = $desc;
$page['intro'] = $intro;
$page['data'] = unserialize($data);
foreach (strgetcsv($js) as $script) {
$this->addJS($script);
}
foreach (strgetcsv($css) as $sheet) {
$this->addCSS($sheet);
}
$page_query->free_result();
return $page;
}
function fetchCompetition($id)
{
$this->ID = $id;
$this->loadOptions();
$meet_q = $this->parent->mySQL_r->prepare("SELECT\n\t\t\t\t\t\t\t\t\t`title`,\n\t\t\t\t\t\t\t\t\t`location`,\n\t\t\t\t\t\t\t\t\t`course`,\n\t\t\t\t\t\t\t\t\t`display_notes`,\t`display_schedule`,\n\t\t\t\t\t\t\t\t\t`disp_f`,\t\t\t`disp_u`,\n\t\t\t\t\t\t\t\t\t`date_c`,\t\t\t`date_s`,\t\t`date_f`,\t\t`date_e`,\t\t`date_a`,\n\t\t\t\t\t\t\t\t\t`licence`,\n\t\t\t\t\t\t\t\t\t`notes_e`,\t\t\t`notes_c`,\t\t`notes_s`,\t\t`notes_p`,\n\t\t\t\t\t\t\t\t\t`docs`,\n\t\t\t\t\t\t\t\t\t`enable`\n\t\t\t\t\t\t\tFROM `comp_meet`\n\t\t\t\t\t\t\tWHERE `ID`=?");
if (!$meet_q) {
$this->parent->parent->debug($this::name_space . ': MySQL Statement error in competition fetch!');
return false;
}
$meet_q->bind_param('s', $id);
$meet_q->execute();
$meet_q->store_result();
$res_q = $this->parent->mySQL_r->prepare("SELECT\n\t\t\t\t\t\t\t\t\t`enable`,\n\t\t\t\t\t\t\t\t\t`text`,\n\t\t\t\t\t\t\t\t\t`download`,\n\t\t\t\t\t\t\t\t\t`meet`,\t\t\t\t`series`,\n\t\t\t\t\t\t\t\t\t`services`,\n\t\t\t\t\t\t\t\t\t`nextSession`,\n\t\t\t\t\t\t\t\t\t`indSession`\n\t\t\t\t\t\t\tFROM `comp_res`\n\t\t\t\t\t\t\tWHERE `MID`=?");
if (!$res_q) {
$this->parent->parent->debug($this::name_space . ': MySQL Statement error in results fetch!');
return false;
}
$res_q->bind_param('s', $id);
$res_q->execute();
$res_q->store_result();
$session_q = $this->parent->mySQL_r->prepare("SELECT\n\t\t\t\t\t\t\t\t\t`SID`,\n\t\t\t\t\t\t\t\t\t`number`,\n\t\t\t\t\t\t\t\t\t`num`,\n\t\t\t\t\t\t\t\t\t`date`,\n\t\t\t\t\t\t\t\t\t`t_warm`,\t\t\t`t_sign`,\t\t`t_start`\n\t\t\t\t\t\t\tFROM `comp_session`\n\t\t\t\t\t\t\tWHERE `MID`=?\n\t\t\t\t\t\t\tORDER BY `number` ASC");
if (!$session_q) {
$this->parent->parent->debug($this::name_space . ': MySQL Statement error in session fetch!');
return false;
}
$event_q = $this->parent->mySQL_r->prepare("SELECT\n\t\t\t\t\t\t\t\t\t`EID`,\n\t\t\t\t\t\t\t\t\t`number`,\n\t\t\t\t\t\t\t\t\t`num`,\n\t\t\t\t\t\t\t\t\t`prefix`,\n\t\t\t\t\t\t\t\t\t`cost`,\n\t\t\t\t\t\t\t\t\t`e_g`,\t\t\t\t`e_d`,\t\t\t`e_s`,\t\t\t`e_r`,\n\t\t\t\t\t\t\t\t\t`e_al`,\t\t\t\t`e_au`\n\t\t\t\t\t\t\tFROM `comp_event`\n\t\t\t\t\t\t\tWHERE `MID`=? AND `SID`=?\n\t\t\t\t\t\t\tORDER BY `number` ASC");
if (!$event_q) {
$this->parent->parent->debug($this::name_space . ': MySQL Statement error in event fetch!');
return false;
}
if ($meet_q->num_rows == 1) {
$this->parent->parent->debug($this::name_space . ': Fetching competition "' . $id . '"');
$meet_q->bind_result($title, $location, $course, $show['notes'], $show['schedule'], $disp['from'], $disp['until'], $date['created'], $date['start'], $date['finish'], $date['entry'], $date['ageat'], $licence, $notes['entries'], $notes['coaches'], $notes['swimmers'], $notes['parents'], $docs, $enable);
$this->parent->parent->debug($this::name_space . ': Fetching results service config for "' . $id . '"');
$res_q->bind_result($res['enable'], $res['text'], $res['download'], $res['meet'], $res['series'], $res['services'], $res['nextSession'], $res['indSession']);
$session_q->bind_param('s', $id);
$session_q->bind_result($s_SID, $s_number, $s_num, $s_date, $s_t_warm, $s_t_sign, $s_t_start);
$event_q->bind_result($e_EID, $e_number, $e_num, $e_prefix, $e_cost, $e_g, $e_d, $e_s, $e_r, $e_al, $e_au);
$this->parent->parent->debug($this::name_space . ': Fetching sessions for "' . $id . '"');
while ($meet_q->fetch()) {
$this->parent->parent->debug($this::name_space . ': Fetched meet "' . $id . '"!');
$locRes = $this->parent->getResource('location');
if ($locRes !== false) {
$this->location = $locRes->parseLocation($location);
} else {
$this->location = false;
}
if ($date['start'] == $date['finish']) {
$date['long'] = date("l jS F Y", strtotime($date['start']));
} else {
$date['long'] = date("l jS F Y", strtotime($date['start'])) . ' to ' . date(DATE_LONG, strtotime($date['finish']));
}
if ($date['entry'] == '0000-00-00') {
$date['entry'] = 'TBA';
} else {
$date['entry'] = date(DATE_SHORT, strtotime($date['entry']));
}
$this->title = $title;
$this->course = $course;
$this->display = $disp;
$this->date = $date;
$this->licence = $licence;
$this->notes = $notes;
$this->docs = strgetcsv($docs);
$this->enable = $enable;
$this->show = $show;
while ($res_q->fetch()) {
$this->parent->parent->debug($this::name_space . ': Fetched results config for meet "' . $id . '"!');
$res['services'] = unserialize($res['services']);
$this->res = $res;
}
$res_q->free_result();
$res_q->close();
$session_q->execute();
$session_q->store_result();
$data = array();
$data['sessions'] = 0;
$data['events'] = 0;
while ($session_q->fetch()) {
$data['sessions']++;
$s['SID'] = $s_SID;
$s['number'] = $s_number;
$s['num'] = $s_num;
$s['date'] = date("l jS F Y", strtotime($s_date));
$s['t']['warm'] = $s_t_warm == '00:00:00' ? 'TBC' : date('H:i', strtotime($s_t_warm));
$s['t']['sign'] = $s_t_sign == '00:00:00' ? 'TBC' : date('H:i', strtotime($s_t_sign));
$s['t']['start'] = $s_t_start == '00:00:00' ? 'TBC' : date('H:i', strtotime($s_t_start));
$this->parent->parent->debug($this::name_space . ': Fetched session "' . $s['SID'] . '" (' . $s['number'] . ') for meet "' . $id . '"!');
$event_q->bind_param('ss', $id, $s['SID']);
$event_q->execute();
$event_q->store_result();
while ($event_q->fetch()) {
$data['events']++;
$e['EID'] = $e_EID;
$e['number'] = $e_number;
$e['num'] = $e_num;
$e['prefix'] = $e_prefix;
$e['cost'] = $e_cost;
$e['g'] = $e_g;
$e['d'] = $e_d;
$e['s'] = $e_s;
$e['r'] = $e_r;
$e['al'] = $e_al;
$e['au'] = $e_au;
$s['E'][$e['number']] = $e;
$this->parent->parent->debug($this::name_space . ': Fetched event "' . $e['EID'] . '" (' . $e['number'] . ') for session "' . $s['SID'] . '" for meet "' . $id . '"!');
}
$data['S'][$s['number']] = $s;
unset($s);
}
$event_q->free_result();
$session_q->free_result();
$this->data = $data;
}
return $this;
} else {
return false;
}
}
function disable()
{
$groups = WebApp::post('groups') === NULL ? array() : strgetcsv(WebApp::post('groups'));
if (count($groups) == 0) {
$groups = WebApp::get('g') === NULL ? array() : strgetcsv(WebApp::get('g'));
}
if (count($groups) == 0) {
return new ActionResult($this, '/admin/user/group_view', 0, 'No group(s) were selected!', B_T_FAIL);
}
$update_query = $this->mySQL_w->prepare("UPDATE `core_groups` SET `en`=0 WHERE `GID`=?");
foreach ($groups as $GID) {
if ($this->inGroup($GID, false, false)) {
$this->parent->parent->logEvent($this::name_space, 'Tried to disable own group');
return new ActionResult($this, '/admin/user/group_view', 0, 'Failed to disable group!<br />Error: <code>Cannot disable a group that you are a member of</code>', B_T_FAIL);
}
if ($GID < 1000 && !$this->inGroup(1)) {
$this->parent->parent->logEvent($this::name_space, 'Tried to disable core group');
return new ActionResult($this, '/admin/user/group_view', 0, 'Failed to disable group!<br />Error: <code>Cannot disable a core group</code>', B_T_FAIL);
}
}
$affected_rows = 0;
foreach ($groups as $GID) {
$update_query->bind_param('i', $GID);
$update_query->execute();
$update_query->store_result();
$affected_rows += $update_query->affected_rows;
}
if ($affected_rows == count($groups)) {
$this->parent->parent->logEvent($this::name_space, 'Disabled groups ' . csvgetstr($groups));
return new ActionResult($this, '/admin/user/group_view', 1, 'Successfully disabled selected group(s)!', B_T_SUCCESS);
} else {
$this->parent->parent->logEvent($this::name_space, 'Disabled some of groups ' . csvgetstr($groups));
return new ActionResult($this, '/admin/user/group_view', 1, 'Successfully disabled ' . $affected_rows . '/' . count($groups) . ' selected group(s)!<br /><small>Possible cause: <code>Group was already disabled</code></small>', B_T_WARNING);
}
}
public function session_lock()
{
if (!$this->accessAdminPage(20)) {
return new ActionResult($this, '/admin/user/user_view', 0, 'You are not allowed to do that', B_T_FAIL);
}
if (WebApp::get('m') === 'm') {
$sessID = WebApp::post('sessions') === NULL ? array() : strgetcsv(WebApp::post('sessions'));
if (count($sessID) === 0) {
return new ActionResult($this, '/admin/user/user_view', 0, 'Session IDs cannot be blank!', B_T_FAIL);
}
} else {
$sessID = WebApp::get('cat4');
if ($sessID === NULL || $sessID == '') {
return new ActionResult($this, '/admin/user/user_view', 0, 'Session\'s ID cannot be blank!', B_T_FAIL);
}
$sessID = array($sessID);
}
$destroy_query = $this->mySQL_w->prepare("UPDATE `core_sessions` SET `auth`=1 WHERE `id`=?");
$affected_rows = 0;
foreach ($sessID as $ID) {
$destroy_query->bind_param('i', $ID);
$destroy_query->execute();
$destroy_query->store_result();
$affected_rows = +$destroy_query->affected_rows;
}
if ($affected_rows == count($sessID)) {
$this->parent->parent->logEvent($this::name_space, 'Locked session(s)');
return new ActionResult($this, Server::get('HTTP_Referer'), 1, 'Session(s) were locked!', B_T_SUCCESS);
} elseif ($affected_rows == 0) {
$this->parent->parent->logEvent($this::name_space, 'Failed to lock session(s)');
return new ActionResult($this, '/admin/user/user_view', 0, 'Failed to lock any sessions!', B_T_FAIL);
} else {
$this->parent->parent->logEvent($this::name_space, 'Locked some sessions, but failed to lock the rest!');
return new ActionResult($this, Server::get('HTTP_Referer'), 1, 'Some sessions were locked!', B_T_WARNING);
}
}
function delete()
{
$locations = WebApp::post('locations') === NULL ? array() : strgetcsv(WebApp::post('locations'));
if (count($locations) == 0) {
return new ActionResult($this, '/admin/location', 0, 'No locations(s) were selected!', B_T_FAIL, array('form' => array('pwd' => '')));
}
$check_query = $this->mySQL_w->prepare("SELECT `ID` FROM `location` WHERE `ID`=?");
if ($check_query === false) {
return new ActionResult($this, '/admin/location', 0, 'Failed to delete location(s)!<br />Error: <code>Check query failed</code>', B_T_FAIL);
}
foreach ($locations as $ID) {
$check_query->bind_param('i', $ID);
$check_query->execute();
$check_query->store_result();
if ($check_query->num_rows != 1) {
return new ActionResult($this, '/admin/location', 1, 'Failed to delete location(s)!<br />Error: <code>Location doesn\'t exist</code>', B_T_INFO);
}
}
$check_query->free_result();
$delete_query = $this->mySQL_w->prepare("DELETE FROM `location` WHERE `id`=?");
if ($delete_query === false) {
return new ActionResult($this, '/admin/location', 0, 'Failed delete location(s)!<br />Error: <code>Update query failed</code>', B_T_FAIL);
}
$affected_rows = 0;
foreach ($locations as $ID) {
$delete_query->bind_param('i', $ID);
$delete_query->execute();
$delete_query->store_result();
$affected_rows += $delete_query->affected_rows;
}
if ($affected_rows == count($locations)) {
$this->parent->parent->logEvent($this::name_space, 'Deleted ' . csvgetstr($locations));
return new ActionResult($this, '/admin/location', 1, 'Successfully deleted selected location(s)!', B_T_SUCCESS);
} else {
$this->parent->parent->logEvent($this::name_space, 'Deleted some of ' . csvgetstr($locations));
return new ActionResult($this, '/admin/location', 1, 'Successfully deleted ' . $affected_rows . '/' . count($locations) . ' selected location(s)!<br /><small>Possible cause: <code>Location with that ID may not exist</code></small>', B_T_WARNING);
}
}
function createMeet()
{
// Get data from Main Comp DB
$meet_query = $this->mySQL['r']->prepare("SELECT\n\t\t\t`title`,\n\t\t\t`date_f`,\n\t\t\t`date_s`,\n\t\t\t`sessions`,\n\t\t\t`events`,\n\t\t\t`notes_e`,\n\t\t\t`notes_c`,\n\t\t\t`notes_s`,\n\t\t\t`notes_p`,\n\t\t\t`docs`,\n\t\t\t`licence`,\n\t\t\t`enable`,\n\t\t\t`location`,\n\t\t\t`wizStat`\n\t\tFROM `comp_meet` WHERE `ID`=?");
$meet_query->bind_param('s', $this->id);
$meet_query->execute();
$meet_query->store_result();
$res_query = $this->mySQL['r']->prepare("SELECT\n\t\t\t`enable`,\n\t\t\t`text`,\n\t\t\t`download`,\n\t\t\t`meet`,\n\t\t\t`series`,\n\t\t\t`services`,\n\t\t\t`nextSession`,\n\t\t\t`indSession`\n\t\tFROM `comp_res` WHERE `MID`=?");
$res_query->bind_param('s', $this->id);
$res_query->execute();
$res_query->store_result();
if ($meet_query->num_rows != 0) {
$res_query->bind_result($res['enable'], $res['text'], $res['download'], $res['meet'], $res['series'], $res['services'], $res['nextSession'], $res['indivSession']);
$meet_query->bind_result($title, $date_f, $date_s, $sessions, $events, $notes['e'], $notes['c'], $notes['s'], $notes['p'], $docs, $licence, $enable, $location, $wizStat);
while ($meet_query->fetch()) {
$this->title = $title;
$this->date_s = $date_s;
$this->date_f = $date_f;
$this->enable = $enable;
while ($res_query->fetch()) {
$this->resServ = $res;
}
$this->licence = $licence;
$this->resServ['services'] = unserialize($this->resServ['services']);
if ($date_f != "" && $date_f != $date_s) {
$this->date = date("l jS F Y", strtotime($date_s)) . " - " . date("l jS F Y", strtotime($date_f));
if ($date_s <= date('Y-m-d', strtotime('yesterday')) && $date_f == date('Y-m-d', strtotime('today'))) {
$this->date_wordy = 'Today';
} elseif ($date_s <= date('Y-m-d', strtotime('yesterday')) && $date_f == date('Y-m-d', strtotime('tomorrow'))) {
$this->date_wordy = 'Today until Tomorrow';
} elseif ($date_s == date('Y-m-d', strtotime('yesterday')) && $date_f == date('Y-m-d', strtotime('tomorrow'))) {
$this->date_wordy = 'Today until Tomorrow';
} elseif ($date_s == date('Y-m-d', strtotime('today')) && $date_f == date('Y-m-d', strtotime('tomorrow'))) {
$this->date_wordy = 'Today until Tomorrow';
} elseif ($date_s == date('Y-m-d', strtotime('today')) && $date_f > date('Y-m-d', strtotime('tomorrow'))) {
$this->date_wordy = 'Today until ' . date("l jS F Y", strtotime($date_f));
} elseif ($date_s == date('Y-m-d', strtotime('tomorrow')) && $date_f > date('Y-m-d', strtotime('tomorrow'))) {
$this->date_wordy = 'Tomorrow until ' . date("l jS F Y", strtotime($date_f));
} elseif ($date_s == date('Y-m-d', strtotime('tommorrow'))) {
$this->date_wordy .= 'Tomorrow';
} else {
$this->date_wordy = date("l jS F Y", strtotime($date_s)) . ' to ' . date("l jS F Y", strtotime($date_f));
}
} else {
$this->date = date("l jS F Y", strtotime($date_s));
if ($date_s == date('Y-m-d', strtotime('tomorrow'))) {
$this->date_wordy = 'Tomorrow';
} elseif ($date_s == date('Y-m-d', strtotime('today'))) {
$this->date_wordy = 'Today';
} else {
$this->date_wordy = date("l jS F Y", strtotime($date_s));
}
}
$this->numberEvents = $events;
$this->numberSessions = $sessions;
//$this->wizard = $wizard;
/*if($resServ['text']==''&&$resServ['enable']==1){
$this->resServ['text'] = "<p>Find the results <a href=\"http://".RESULTS_SERVER."/?m=".$resServ['meet']."&series=".$resServ['series']."\">here</a></p>\n";
}*/
$this->notes['e'] = $notes['e'];
$this->notes['c'] = $notes['c'];
$this->notes['p'] = $notes['p'];
$this->notes['s'] = $notes['s'];
if (substr($location, 0, 1) == '%' && substr($location, -1) == '%') {
$loc = new Location($this->mySQL);
$loc->getLocation(substr($location, 1, -1));
$this->location = $loc->getData();
} else {
$this->location['name'] = $location;
}
$this->link = "/competitions/meet?m=" . $this->id;
$this->docs = strgetcsv($docs);
if ($sessions > 0) {
$session_query = $this->mySQL['r']->prepare("\n\t\t\t\t\tSELECT\n\t\t\t\t\t\t`SID`,\n\t\t\t\t\t\t`num`,\n\t\t\t\t\t\t`number`,\n\t\t\t\t\t\t`date`,\n\t\t\t\t\t\t`t_warm`,\n\t\t\t\t\t\t`t_sign`,\n\t\t\t\t\t\t`t_start`,\n\t\t\t\t\t\t`events`\t\t\t\t\t\n\t\t\t\t\tFROM `comp_session`\n\t\t\t\t\tWHERE\n\t\t\t\t\t\t`MID`=?\n\t\t\t\t\tORDER BY\n\t\t\t\t\t\t`num` ASC\n\t\t\t\t\t");
$session_query->bind_param('s', $this->id);
$session_query->execute();
$session_query->store_result();
if ($session_query->num_rows != 0) {
$session_query->bind_result($SID, $num, $number, $date, $t['warm'], $t['sign'], $t['start'], $events);
while ($session_query->fetch()) {
$this->meet['S'][$number]['SID'] = $SID;
$this->meet['S'][$number]['num'] = $num;
$this->meet['S'][$number]['date'] = date("d/m/Y", strtotime($date));
$this->meet['S'][$number]['t']['warm'] = date("H:i", strtotime($t['warm']));
$this->meet['S'][$number]['t']['sign'] = date("H:i", strtotime($t['sign']));
$this->meet['S'][$number]['t']['start'] = date("H:i", strtotime($t['start']));
if ($events > 0) {
$event_query = $this->mySQL['r']->prepare("\n\t\t\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\t\t\t`num`,\n\t\t\t\t\t\t\t\t\t`number`,\n\t\t\t\t\t\t\t\t\t`prefix`,\n\t\t\t\t\t\t\t\t\t`e_g`,\n\t\t\t\t\t\t\t\t\t`e_d`,\n\t\t\t\t\t\t\t\t\t`e_s`,\n\t\t\t\t\t\t\t\t\t`e_r`,\n\t\t\t\t\t\t\t\t\t`e_al`,\n\t\t\t\t\t\t\t\t\t`e_au`\n\t\t\t\t\t\t\t\tFROM `comp_event`\n\t\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t\t`MID`=? AND\n\t\t\t\t\t\t\t\t\t`SID`=?\n\t\t\t\t\t\t\t\tORDER BY\n\t\t\t\t\t\t\t\t\t`number` ASC\n\t\t\t\t\t\t\t\t");
$event_query->bind_param('ss', $this->id, $SID);
$event_query->execute();
$event_query->store_result();
if ($event_query->num_rows != 0) {
$event_query->bind_result($e_num, $e_number, $prefix, $e['g'], $e['d'], $e['s'], $e['r'], $e['a']['l'], $e['a']['u']);
while ($event_query->fetch()) {
if ($prefix == true) {
$this->meet['S'][$number]['E'][$e_number]['num'] = $number . str_pad($e_num, 2, '0', STR_PAD_LEFT);
} else {
$this->meet['S'][$number]['E'][$e_number]['num'] = $e_num;
}
$this->meet['S'][$number]['E'][$e_number]['g'] = $e['g'];
$this->meet['S'][$number]['E'][$e_number]['d'] = $e['d'];
$this->meet['S'][$number]['E'][$e_number]['s'] = $e['s'];
$this->meet['S'][$number]['E'][$e_number]['r'] = $e['r'];
$this->meet['S'][$number]['E'][$e_number]['al'] = $e['a']['l'];
$this->meet['S'][$number]['E'][$e_number]['au'] = $e['a']['u'];
}
}
}
}
}
} else {
$this->dispEvts = false;
}
return true;
}
} else {
return false;
}
}
/**
* WebApp::files()
*
* @param mixed $key
* @return
*/
public function files($key)
{
$max_file_size = $this->config->getOption('file_size_max');
$mime_whitelist = strgetcsv($this->config->getOption('file_mime_white'));
$mime_blacklist = strgetcsv($this->config->getOption('file_mime_black'));
$file_ext_white = strgetcsv($this->config->getOption('file_ext_white'));
if (!isset($_FILES[$key]['error']) || is_array($_FILES[$key]['error'])) {
$this->debug($this::name_space . ': File from upload failed!');
return _ACTION_FAIL_1;
}
switch ($_FILES[$key]['error']) {
case UPLOAD_ERR_OK:
break;
case UPLOAD_ERR_NO_FILE:
return _ACTION_FAIL_2;
break;
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
return _ACTION_FAIL_3;
default:
return _ACTION_UNSPEC;
}
if ($_FILES[$key]['size'] > $max_file_size) {
return _ACTION_FAIL_3;
}
$fileinfo = new finfo(FILEINFO_MIME_TYPE);
$finfo = $fileinfo->file($_FILES[$key]['tmp_name']);
$pathinfo = pathinfo($_FILES[$key]['name']);
if (array_search($finfo, $mime_whitelist, true) === false && array_search($pathinfo['extension'], $file_ext_white, true) === false && array_search($_FILES[$key]['type'], $mime_whitelist, true) === false || array_search($finfo, $mime_blacklist, true) !== false && array_search($_FILES[$key]['type'], $mime_blacklist, true) !== false) {
return _ACTION_FAIL_4;
}
$tempFile = __EXECDIR__ . '/temp/' . ranString(32);
while (file_exists($tempFile)) {
$tempFile = __EXECDIR__ . '/temp/' . ranString(32);
}
if (!move_uploaded_file($_FILES[$key]['tmp_name'], $tempFile)) {
return _ACTION_FAIL_5;
}
return $tempFile;
}
public function send()
{
if (!$this->accessAdminPage(0)) {
return new ActionResult($this, '/admin/email', 0, 'You are not allowed to send emails!', B_T_FAIL);
}
$check = $this->checknames();
if ($check->status == 0) {
return $check;
} else {
Session::del('status_msg', $check->id);
}
$to = WebApp::post('to');
$subject = WebApp::post('subject');
$message = WebApp::post('message');
$mail = new Emailer();
$mail->setFrom($this->parent->parent->user->getUsername() . '@biggleswadesc.org', $this->parent->parent->user->getFullName());
$mail->Subject = $subject;
$mail->msgHTML($message);
$mail->AltBody = 'To view the message, please use an HTML compatible email viewer!';
$to = strgetcsv(WebApp::post('to'));
// Fetches emails from usernames
$user_query = $this->mySQL_r->prepare("SELECT CONCAT(`f_name`, ' ', `s_name`), `email` FROM `core_users` WHERE `username`=?");
// Fetches names and emails from p_group names
$p_group_query = $this->mySQL_r->prepare("SELECT CONCAT(`f_name`, ' ', `s_name`),`email` FROM `core_users`\nINNER JOIN `core_groups` ON `p_group`=`GID` AND `core_groups`.`name`=? AND `type`='p'");
// Fetches names and emails from s_group names through link table (core_sgroup)
$s_group_query = $this->mySQL_r->prepare("SELECT CONCAT(`f_name`, ' ', `s_name`),`email` FROM `core_users`\nINNER JOIN `core_groups` ON `core_groups`.`name`=? AND `type`='s'\nINNER JOIN `core_sgroup` ON `core_sgroup`.`user`=`core_users`.`id` AND `core_groups`.`GID`=`core_sgroup`.`group`");
$email_addresses = array();
foreach ($to as $name) {
$name = trim($name);
if (filter_var($name, FILTER_VALIDATE_EMAIL)) {
$email_addresses[$name] = $name;
} else {
// Check if name is user
$user_query->bind_param('s', $name);
$user_query->bind_result($fullName, $email);
$user_query->execute();
$user_query->store_result();
if ($user_query->num_rows == 1) {
$this->parent->parent->debug($this::name_space . ': Address is for user');
// deal with user
$user_query->fetch();
$email_addresses[$email] = $fullName;
$user_query->free_result();
$user_query->reset();
} else {
// Check if name is pgroup
$user_query->free_result();
$p_group_query->bind_param('s', $name);
$p_group_query->bind_result($fullName, $email);
$p_group_query->execute();
$p_group_query->store_result();
if ($p_group_query->num_rows != 0) {
while ($p_group_query->fetch()) {
$email_addresses[$email] = $fullName;
}
$p_group_query->free_result();
$p_group_query->reset();
} else {
$p_group_query->free_result();
$p_group_query->reset();
// Check sgroup
$s_group_query->bind_param('s', $name);
$s_group_query->bind_result($fullName, $email);
$s_group_query->execute();
$s_group_query->store_result();
if ($s_group_query->num_rows != 0) {
// Deal with sgroup
while ($s_group_query->fetch()) {
$email_addresses[$email] = $fullName;
}
}
$s_group_query->free_result();
$s_group_query->reset();
}
}
}
}
$failed = array();
foreach ($email_addresses as $email => $name) {
$mail->addAddress($email, $name);
if (!$mail->send()) {
$failed[] = $email;
$this->parent->parent->debug($this::name_space . ': Did not send mail to ' . $email);
$this->parent->parent->debug('Reason: ' . $mail->ErrorInfo);
} else {
$this->parent->parent->debug($this::name_space . ': Sent mail to ' . $email);
}
$mail->clearAddresses();
}
if (count($failed) == 0) {
return new ActionResult($this, '/admin/email', 1, 'Email was successfully sent!', B_T_SUCCESS);
} else {
return new ActionResult($this, '/admin/email', 0, 'Email was sent to except:<code>' . implode(', ', $failed) . '</code>', B_T_WARNING);
}
}