tpl_redirect('viewcache.php?cacheid=' . urlencode($cache_id)); exit; } if (isset($_POST['save'])) { $cnote = $_POST['note_content']; $cn = strlen($cnote); if (mysql_num_rows($notes_rs) != 0) { $n_record = sql_fetch_array($notes_rs); $note_id = $n_record['note_id']; sql("UPDATE `cache_notes` SET `date`=NOW(),`desc`='&1', `desc_html`='&2' WHERE `note_id`='&3'", $cnote, '0', $note_id); } if (mysql_num_rows($notes_rs) == 0 && $cn != 0) { sql("INSERT INTO `cache_notes` (\n `note_id`,\n `cache_id`,\n `user_id`,\n `date`,\n `desc_html`,\n `desc`\n ) VALUES (\n '', '&1', '&2',NOW(),'&3', '&4')", $cache_id, $usr['userid'], '0', $cnote); } //display cache-page tpl_redirect('viewcache.php?cacheid=' . urlencode($cache_id) . '#cache_note2'); exit; } if (mysql_num_rows($notes_rs) != 0 && (!isset($_POST['edit']) || !isset($_REQUEST['edit']))) { tpl_set_var('CacheNoteE', ''); tpl_set_var('CacheNoteS', ''); tpl_set_var('EditCacheNoteE', '-->'); tpl_set_var('EditCacheNoteS', '<!--'); $notes_record = sql_fetch_array($notes_rs); $note_desc = $notes_record['desc']; if ($notes_record['desc_html'] == '0') { $note_desc = htmlspecialchars($note_desc, ENT_COMPAT, 'UTF-8'); } else { require_once $rootpath . 'lib/class.inputfilter.php'; $myFilter = new InputFilter($allowedtags, $allowedattr, 0, 0, 1); $note_desc = $myFilter->process($note_desc);
<?php use Utils\Database\XDb; //prepare the templates and include all neccessary require_once './lib/common.inc.php'; //Preprocessing if ($error == false) { $cache_id = isset($_REQUEST['cacheid']) ? $_REQUEST['cacheid'] : ''; $target = isset($_REQUEST['target']) ? $_REQUEST['target'] : 'myignores.php'; if ($usr !== false) { //add to caches $rs = XDb::xQuery('SELECT ignorer_count FROM caches WHERE cache_id=\'' . XDb::xEscape($cache_id) . '\''); if ($record = Xdb::xFetchArray($rs)) { XDb::xSql('UPDATE caches SET ignorer_count=\'' . ($record['ignorer_count'] + 1) . '\' WHERE cache_id=\'' . XDb::xEscape($cache_id) . '\''); //add watch XDb::xSql('INSERT INTO `cache_ignore` (`cache_id`, `user_id`) VALUES (\'' . XDb::xEscape($cache_id) . '\', \'' . XDb::xEscape($usr['userid']) . '\')'); //add to user $rs = XDb::xSql('SELECT cache_ignores FROM user WHERE user_id=\'' . XDb::xEscape($usr['userid']) . '\''); $record = XDb::xFetchArray($rs); XDb::xSql('UPDATE user SET cache_ignores=\'' . ($record['cache_ignores'] + 1) . '\' WHERE user_id=\'' . XDb::xEscape($usr['userid']) . '\''); tpl_redirect($target); } } } tpl_BuildTemplate();
<?php //prepare the templates and include all neccessary require_once './lib/common.inc.php'; global $stat_menu; //Preprocessing if ($error == false) { //user logged in? if ($usr == false) { $target = urlencode(tpl_get_current_page()); tpl_redirect('login.php?target=' . $target); } else { // check for old-style parameters if (isset($_REQUEST['userid'])) { $user_id = $_REQUEST['userid']; } if ($user_id != $usr['userid']) { // do not highlight My stats menu item if browsing other users stats $mnu_siteid = 'start'; } $tplname = 'ustat'; $stat_menu = array('title' => 'Statystyka', 'menustring' => 'Statystyka', 'siteid' => 'statlisting', 'navicolor' => '#E8DDE4', 'visible' => false, 'filename' => 'viewprofile.php?userid=' . $user_id, 'submenu' => array(array('title' => tr('generla_stat'), 'menustring' => tr('general_stat'), 'visible' => true, 'filename' => 'viewprofile.php?userid=' . $user_id, 'newwindow' => false, 'siteid' => 'general_stat', 'icon' => 'images/actions/stat'), array('title' => tr('graph_find'), 'menustring' => tr('graph_find'), 'visible' => true, 'filename' => 'ustatsg2.php?userid=' . $user_id, 'newwindow' => false, 'siteid' => 'findstat', 'icon' => 'images/actions/stat'))); $content = ""; $rsGeneralStat = sql("SELECT hidden_count, founds_count, log_notes_count, notfounds_count, username FROM `user` WHERE user_id=&1 ", $user_id); $user_record = sql_fetch_array($rsGeneralStat); tpl_set_var('username', $user_record['username']); if ($user_record['hidden_count'] == 0) { $content .= '<p> </p><p> </p><div class="content2-container bg-blue02"><p class="content-title-noshade-size1"> <img src="tpl/stdstyle/images/blue/cache.png" class="icon32" alt="Caches created" title="Caches created" /> ' . tr("graph_created") . '</p></div><br /><br /><p> <b>' . tr("there_is_no_caches_registered") . '</b></p>'; } else { // calculate diif days between date of register on OC to current date $rdd = sql("select TO_DAYS(NOW()) - TO_DAYS(`date_created`) `diff` from `user` WHERE user_id=&1 ", $user_id);
mysql_free_result($rs); tpl_set_var('desclangs', $languages); if ($show_all_langs == false) { $show_all_langs_submit = ' <input type="submit" name="show_all_langs" value="' . tr('edDescShowAll') . '" />'; tpl_set_var('show_all_langs_submit', $show_all_langs_submit); } else { tpl_set_var('show_all_langs_submit', ''); } tpl_set_var('show_all_langs_value', $show_all_langs == false ? 0 : 1); tpl_set_var('short_desc', htmlspecialchars($short_desc, ENT_COMPAT, 'UTF-8')); tpl_set_var('hints', $hints); tpl_set_var('descid', $descid); tpl_set_var('cacheid', htmlspecialchars($desc_record['cache_id'], ENT_COMPAT, 'UTF-8')); tpl_set_var('desclang', htmlspecialchars($desc_lang, ENT_COMPAT, 'UTF-8')); tpl_set_var('desclang_name', htmlspecialchars(db_LanguageFromShort($desc_lang), ENT_COMPAT, 'UTF-8')); tpl_set_var('cachename', htmlspecialchars($desc_record['name'], ENT_COMPAT, 'UTF-8')); // TinyMCE $headers = tpl_get_var('htmlheaders') . "\n"; //$headers .= '<script language="javascript" type="text/javascript" src="lib/phpfuncs.js"></script>' . "\n"; tpl_set_var('htmlheaders', $headers); } else { tpl_redirect(''); } } else { tpl_errorMsg('editdesc', $error_desc_not_found); } } } //make the template and send it out tpl_set_var('language4js', $lang); tpl_BuildTemplate();
$options['username'] = ''; } if ($options['username'] != '') { $query = "SELECT user_id, username, date_created FROM user WHERE username LIKE :username ORDER BY username ASC"; $params = array("username" => array("value" => '%' . XDb::xEscape($options['username']) . '%', "data_type" => "string")); $dbc = OcDb::instance(); $s = $dbc->paramQuery($query, $params); $bgcolor1 = '#eeeeee'; $bgcolor2 = '#ffffff'; $line = '<tr bgcolor={bgcolor}><td><a href=viewprofile.php?userid={user_id}>{username}</a></td><td> </td><td nowrap style="text-align:center;">{date_created}</td><td nowrap style="text-align:center;"></td></tr>'; $lines = ""; $ilosc = $dbc->rowCount($s); if ($ilosc != 0) { if ($ilosc == 1) { $record = $dbc->dbResultFetch($s); tpl_redirect("viewprofile.php?userid=" . $record['user_id']); } else { $i = 0; while ($record = $dbc->dbResultFetch($s)) { $tmp_line = $line; $tmp_line = mb_ereg_replace('{bgcolor}', $i % 2 == 0 ? $bgcolor1 : $bgcolor2, $tmp_line); $tmp_line = mb_ereg_replace('{username}', htmlspecialchars($record['username'], ENT_COMPAT, 'UTF-8'), $tmp_line); $tmp_line = mb_ereg_replace('{user_id}', htmlspecialchars($record['user_id'], ENT_COMPAT, 'UTF-8'), $tmp_line); $tmp_line = mb_ereg_replace('{date_created}', htmlspecialchars(fixPlMonth(strftime($dateformat, strtotime($record['date_created']))), ENT_COMPAT, 'UTF-8'), $tmp_line); $lines .= $tmp_line . "\n"; $i++; } tpl_set_var('lines', $lines); tpl_set_var('username', ''); tpl_set_var('not_found', ''); }
function handleUserLogged() { // check if user logged in - $usr is set in common.inc.php global $usr; if ($usr == false) { // user not logged - redirect to login page... $target = urlencode(tpl_get_current_page()); tpl_redirect('login.php?target=' . $target); exit; } }
$desc = iconv("ISO-8859-1", "UTF-8", $desc); } } if (isset($_POST['submitform'])) { // prüfen, ob sprache nicht schon vorhanden $rs = sql("SELECT COUNT(*) `count` FROM `cache_desc` WHERE `cache_id`='&1' AND `id` != '&2' AND `language`='&3'", $desc_record['cache_id'], $descid, $desclang); $r = sql_fetch_array($rs); if ($r['count'] > 0) { tpl_errorMsg('editdesc', $error_desc_exists); } mysql_free_result($rs); sql("UPDATE `cache_desc` SET \r\n \t\t\t\t\t `desc_html`='&1',\r\n \t\t\t\t\t `desc_htmledit`='&2',\r\n\t\t\t\t\t\t\t `desc`='&3', \r\n\t\t\t\t\t\t\t `short_desc`='&4', \r\n\t\t\t\t\t\t\t `hint`='&5',\r\n\t\t\t\t\t\t\t `language`='&6'\r\n\t\t\t\t\t\t\t WHERE `id`='&7'", $desc_html == 1 ? '1' : '0', $desc_htmledit == 1 ? '1' : '0', $desc_html == 1 ? $desc : nl2br($desc), $short_desc, nl2br($hint), $desclang, $descid); // do not use slave server for the next time ... db_slave_exclude(); // redirect to cachepage tpl_redirect('editcache.php?cacheid=' . urlencode($desc_record['cache_id'])); exit; } else { if (isset($_POST['show_all_langs'])) { $show_all_langs = true; } } } else { //here we read all used information from the DB $short_desc = strip_tags($desc_record['short_desc']); $hint = strip_tags($desc_record['hint']); $desc_htmledit = $desc_record['desc_htmledit']; $desc_html = $desc_record['desc_html']; $desc_lang = $desc_record['language']; if ($desc_html == 1) { $desc = $desc_record['desc'];
<?php use Utils\Database\XDb; require_once './lib/common.inc.php'; $no_tpl_build = false; if ($usr == false || !isset($_FILES['userfile']) && !isset($_SESSION['log_cache_multi_data'])) { tpl_redirect('log_cache_multi_send.php'); } else { require_once $rootpath . 'lib/caches.inc.php'; require $stylepath . '/log_cache.inc.php'; ?> <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <link rel="stylesheet" type="text/css" media="screen,projection" href="tpl/stdstyle/css/style_screen.css" /> <link rel="stylesheet" type="text/css" media="print" href="tpl/stdstyle/css/style_print.css" /> <link rel="stylesheet" type="text/css" media="screen,projection" href="tpl/stdstyle/css/style_autumn.css" /> </head> <body> <style> a:link { color:inherit; text-decoration: none; } a:visited { color:inherit; text-decoration: none; } a:hover { color:inherit; font-weight: bold;
$query .= ' WHERE `caches`.`cache_id` IN (' . $queryFilter . ')'; /* ,AVG(`caches`.`longitude`) AS avglongitude, AVG(`caches`.`latitude`) AS avglatitude */ $sortby = $options['sort']; if (isset($lat_rad) && isset($lon_rad) && $sortby == 'bydistance') { $query .= ' ORDER BY distance ASC'; } else { if ($sortby == 'bycreated') { $query .= ' ORDER BY date_created DESC'; } else { $query .= ' ORDER BY name ASC'; } } $rs = $dbcSearch->simpleQuery('SELECT MAX(`caches`.`longitude`) AS maxlongitude, MAX(`caches`.`latitude`) AS maxlatitude, MIN(`caches`.`longitude`) AS minlongitude, MIN(`caches`.`latitude`) AS minlatitude FROM `caches` WHERE `caches`.`cache_id` IN (' . $queryFilter . ')'); $r = $dbcSearch->dbResultFetchOneRowOnly($rs); $minlat = $r['minlatitude']; $minlon = $r['minlongitude']; $maxlat = $r['maxlatitude']; $maxlon = $r['maxlongitude']; $stmt = $dbcSearch->simpleQuery($query); $cnt = 0; $hash = uniqid(); $f = fopen($dynbasepath . "searchdata/" . $hash, "w"); while ($r = $dbcSearch->dbResultFetch($stmt)) { ++$cnt; fprintf($f, "%s\n", $r['cache_id']); } fclose($f); tpl_redirect("cachemap3.php?searchdata=" . $hash . "&fromlat=" . $minlat . "&fromlon=" . $minlon . "&tolat=" . $maxlat . "&tolon=" . $maxlon);
//load datas from form $statpic_text = isset($_POST['statpic_text']) ? mb_substr($_POST['statpic_text'], 0, 30) : 'Opencaching'; $statpic_logo = isset($_POST['statpic_logo']) ? $_POST['statpic_logo'] + 0 : 0; tpl_set_var('statpic_text', $statpic_text); tpl_set_var('statpic_logo', $statpic_logo); //validate data $statpic_text_not_ok = mb_ereg_match(regex_statpic_text, $statpic_text) ? false : true; //try to save if (!$statpic_text_not_ok) { //in DB updaten sql("UPDATE `user` SET `statpic_text`='&1', `statpic_logo`='&2' WHERE `user_id`='&3'", $statpic_text, $statpic_logo, $usr['userid']); //call eventhandler require_once $rootpath . 'lib/eventhandler.inc.php'; event_change_statpic($usr['userid'] + 0); //wieder normal anzeigen tpl_redirect('myprofile.php'); } else { tpl_set_var('statpic_text_message', $error_statpic_text); } } else { //load from database $statpic_text = $record['statpic_text']; $stmp = ''; $rs2 = sql('SELECT `id`, `previewpath`, `description` FROM `statpics`'); while ($record2 = sql_fetch_array($rs2)) { $logo_temp = '<tr><td class="content-title-noshade">{statpic_desc}</td><td><input type="radio" name="statpic_logo" class="radio" value={statpic_id}{statpic_selected}/><img src="{statpic_preview}" align=middle /></td></tr><tr><td class="spacer" colspan="2"></td></tr>'; $logo_temp = mb_ereg_replace('{statpic_id}', $record2['id'], $logo_temp); if ($record2['id'] == $using_logo) { $logo_temp = mb_ereg_replace('{statpic_selected}', ' checked="checked"', $logo_temp); } else { $logo_temp = mb_ereg_replace('{statpic_selected}', '', $logo_temp);
// to the last edited record. While this may not always be what the user // expects, it makes sense for two reasons: // 1. It is a safeguard for the case that the log date and rating_date // have gotten out of sync for some reason (which has happend in the // past, probably due to a log-deletion related bug). // 2. It can be used as a tweak to control which log's date is relevant // for the rating, e.g. when logging a second found on a recycled or // renewed cache [listing]. } else { sql("DELETE FROM `cache_rating` WHERE `user_id`='&1' AND `cache_id`='&2'", $usr['userid'], $log_record['cache_id']); } } // do not use slave server for the next time ... db_slave_exclude(); //display cache page tpl_redirect('viewcache.php?cacheid=' . urlencode($log_record['cache_id']) . '&log=A#log' . urlencode($log_id)); exit; } // build logtype options $disable_statuschange = $log_record['cache_user_id'] == $login->userid && !is_latest_log($log_record['cache_id'], $log_record['log_id']); $logtype_names = get_logtype_names(); $allowed_logtypes = get_cache_log_types($log_record['cache_id'], $log_record['logtype'], !$disable_statuschange); $logtypeoptions = ''; foreach ($allowed_logtypes as $logtype) { $selected = $log_record['logtype'] == $logtype ? ' selected="selected"' : ''; $logtypeoptions .= '<option value="' . $logtype . '"' . $selected . '>'; $logtypeoptions .= htmlspecialchars($logtype_names[$logtype], ENT_COMPAT, 'UTF-8'); $logtypeoptions .= '</option>' . "\n"; } $disable_typechange = $disable_statuschange && $log_record['is_status_log']; tpl_set_var('type_edit_disabled', $disable_typechange ? $type_edit_disabled : '');
} } /* */ sql("INSERT INTO pictures (`uuid`,\n `url`,\n `last_modified`,\n `title`,\n `description`,\n `desc_html`,\n `date_created`,\n `last_url_check`,\n `object_id`,\n `object_type`,\n `user_id`,\n `local`,\n `spoiler`,\n `display`,\n `node`\n ) VALUES ('&1', '&2', NOW(), '&3', '', 0, NOW(), NOW(),'&4', '&5', '&6', 1, '&7', '&8', '&9')", $uuid, $picurl . '/' . $uuid . '.' . $extension, $title, $objectid, $type, $usr['userid'], $bSpoiler == 1 ? '1' : '0', $bNoDisplay == 1 ? '0' : '1', $oc_nodeid); switch ($type) { // log case 1: sql("UPDATE `cache_logs` SET `picturescount`=`picturescount`+1 WHERE `id`='&1'", $objectid); tpl_redirect('viewcache.php?cacheid=' . urlencode($cacheid)); break; // cache // cache case 2: sql("UPDATE `caches` SET `picturescount`=`picturescount`+1 WHERE `cache_id`='&1'", $objectid); tpl_redirect('editcache.php?cacheid=' . urlencode($objectid)); break; } tpl_redirect_absolute($picurl . '/' . $uuid . '.' . $extension); exit; } } tpl_set_var('notdisplaychecked', $bNoDisplay == 1 ? ' checked="checked"' : ''); tpl_set_var('spoilerchecked', $bSpoiler == 1 ? ' checked="checked"' : ''); tpl_set_var('type', htmlspecialchars($type, ENT_COMPAT, 'UTF-8')); tpl_set_var('objectid', htmlspecialchars($objectid, ENT_COMPAT, 'UTF-8')); tpl_set_var('title', htmlspecialchars($title, ENT_COMPAT, 'UTF-8')); tpl_set_var('maxpicsize', $maxpicsize); tpl_set_var('submit', $submit); tpl_set_var('errnotitledesc', ''); tpl_set_var('errnopicgivendesc', '');
unset($record); } else { if ($count == 0) { $tplname = 'searchplugin'; tpl_set_var('error_msg', mb_ereg_replace('{wp}', $searchfor, $errmsg_no_cache_found)); tpl_BuildTemplate(); exit; } else { if ($count > 1) { $tplname = 'searchplugin'; tpl_set_var('error_msg', mb_ereg_replace('{wp}', $searchfor, $errmsg_many_caches_found)); tpl_BuildTemplate(); exit; } } } XDb::xFreeResults($rs); unset($count); } else { // wrong waypoint format $tplname = 'searchplugin'; tpl_set_var('error_msg', $errmsg_unknown_format); tpl_BuildTemplate(); exit; } break; } } } tpl_redirect($targeturl);
//login ok session_start(); $_SESSION['print_list'] = array(); $usr['userid'] = $retval; $usr['username'] = auth_UsernameFromID($usr['userid']); tpl_redirect('login.php?action=cookieverify&target=' . urlencode($target)); //echo 't='.$target; exit; } } else { if (isset($_REQUEST['target'])) { //$message = $emptyform; } } } else { tpl_redirect('login.php?action=cookieverify&target=' . urlencode($target)); //logout before login /* $tplname = 'message'; tpl_set_var('messagetitle', $message_logout_before_login_title); $message = $message_logout_before_login; */ } } if ($message != '') { tpl_set_var('message_start', $message_start); tpl_set_var('message_end', $message_end); tpl_set_var('message', $message); } else { tpl_set_var('message_start', ''); tpl_set_var('message_end', ''); tpl_set_var('message', ''); }
//we get the point data in to an array called $points: if (!$error) { for ($i = 0; $i < count($coords) - 1; $i = $i + 2) { $points[] = array("lon" => $coords[$i], "lat" => $coords[$i + 1]); if ($coords[$i] + 0 == 0 or $coords[$i + 1] + 0 == 0) { $error .= "Invalid Co-ords found in import file.<br>\n"; break; } } } // add it to the route_points database: $point_num = 0; foreach ($points as $point) { $point_num++; $result = XDb::xSql('INSERT into route_points (route_id, point_nr, lat, lon) VALUES ( ?, ?, ?, ?)', $route_id, $route_id, $point['lat'], $point['lon']); } } //end update points tpl_redirect('myroutes.php'); exit; } //end submit tpl_set_var('name', htmlspecialchars($record['name'], ENT_COMPAT, 'UTF-8')); tpl_set_var('desc', htmlspecialchars($record['description'], ENT_COMPAT, 'UTF-8')); tpl_set_var('radius', $record['radius']); tpl_set_var('routeid', $route_id); } } //make the template and send it out tpl_BuildTemplate();
function outputXmlFile($sessionid, $filenr, $bXmlDecl, $bOcXmlTag, $bDocType, $ziptype) { global $zip_basedir, $zip_wwwdir, $sDateformat, $sDateshort, $t1, $t2, $t3, $safemode_zip, $safemode_zip, $sCharset, $bAttrlist; global $absolute_server_URI, $bLicense, $sLanguage; global $ocxmlversion; // alle records aus tmpxml_* übertragen if (!mb_ereg_match('^[0-9]{1,11}', $sessionid)) { die('sessionid invalid'); } if (!mb_ereg_match('^[0-9]{1,11}', $filenr)) { die('filenr invalid'); } /* begin now a few dynamically loaded constants */ $logtypes = array(); $rs = sql('SELECT `id`, `de` FROM log_types'); for ($i = 0; $i < mysql_num_rows($rs); $i++) { $r = sql_fetch_array($rs); $logtypes[$r['id']] = $r['de']; } mysql_free_result($rs); $cachetypes = array(); $rs = sql('SELECT `id`, `short`, `de` FROM cache_type'); for ($i = 0; $i < mysql_num_rows($rs); $i++) { $r = sql_fetch_array($rs); $cachetypes[$r['id']]['de'] = $r['de']; $cachetypes[$r['id']]['short'] = $r['short']; } mysql_free_result($rs); $cachestatus = array(); $rs = sql('SELECT `id`, `de` FROM cache_status'); for ($i = 0; $i < mysql_num_rows($rs); $i++) { $r = sql_fetch_array($rs); $cachestatus[$r['id']]['de'] = $r['de']; } mysql_free_result($rs); $counties = array(); $rs = sql('SELECT `short`, `de` FROM countries'); for ($i = 0; $i < mysql_num_rows($rs); $i++) { $r = sql_fetch_array($rs); $counties[$r['short']]['de'] = $r['de']; } mysql_free_result($rs); $cachesizes = array(); $rs = sql('SELECT `id`, `de` FROM cache_size'); for ($i = 0; $i < mysql_num_rows($rs); $i++) { $r = sql_fetch_array($rs); $cachesizes[$r['id']]['de'] = $r['de']; } mysql_free_result($rs); $languages = array(); $rs = sql('SELECT `short`, `de` FROM languages'); for ($i = 0; $i < mysql_num_rows($rs); $i++) { $r = sql_fetch_array($rs); $languages[$r['short']]['de'] = $r['de']; } mysql_free_result($rs); $objecttypes['4'] = 'user'; $objecttypes['2'] = 'cache'; $objecttypes['3'] = 'cachedesc'; $objecttypes['1'] = 'cachelog'; $objecttypes['6'] = 'picture'; $objecttypes['8'] = 'cachelist'; // not implemented yet /* end now a few dynamically loaded constants */ // temporäre Datei erstellen if (!is_dir($zip_basedir . 'ocxml11/' . $sessionid)) { mkdir($zip_basedir . 'ocxml11/' . $sessionid); } $fileid = 1; while (file_exists($zip_basedir . 'ocxml11/' . $sessionid . '/' . $sessionid . '-' . $filenr . '-' . $fileid . '.xml')) { $fileid++; } $xmlfilename = $zip_basedir . 'ocxml11/' . $sessionid . '/' . $sessionid . '-' . $filenr . '-' . $fileid . '.xml'; $f = fopen($xmlfilename, 'w'); if ($bXmlDecl == '1') { if ($sCharset == 'iso-8859-1') { fwrite($f, '<?xml version="1.0" encoding="iso-8859-1" standalone="no" ?>' . "\n"); } else { if ($sCharset == 'utf-8') { fwrite($f, '<?xml version="1.0" encoding="UTF-8" standalone="no" ?>' . "\n"); } } } if ($bDocType == '1') { fwrite($f, '<!DOCTYPE oc11xml PUBLIC "-//Opencaching Network//DTD OCXml V 1.' . $ocxmlversion % 10 . '//EN" "http://www.opencaching.de/xml/ocxml' . $ocxmlversion . '.dtd">' . "\n"); } if ($bOcXmlTag == '1') { $rs = sql('SELECT `date_created`, `modified_since` FROM `xmlsession` WHERE `id`=&1', $sessionid); $r = sql_fetch_array($rs); fwrite($f, '<oc11xml version="1.' . $ocxmlversion % 10 . '" date="' . date($sDateformat, strtotime($r['date_created'])) . '" since="' . date($sDateformat, strtotime($r['modified_since'])) . '">' . "\n"); mysql_free_result($rs); } if ($bAttrlist == '1') { $rs = sql("SELECT SQL_BUFFER_RESULT `id`, `name`, `icon_large`, `icon_no`, `icon_undef` FROM `cache_attrib`"); fwrite($f, $t1 . '<attrlist>' . "\n"); while ($r = sql_fetch_assoc($rs)) { fwrite($f, $t2 . '<attr id="' . $r['id'] . '" icon_large="' . xmlentities($absolute_server_URI . $r['icon_large']) . '" icon_no="' . xmlentities($absolute_server_URI . $r['icon_no']) . '" icon_undef="' . xmlentities($absolute_server_URI . $r['icon_undef']) . '">' . xmlcdata($r['name']) . '</attr>' . "\n"); } fwrite($f, $t1 . '</attrlist>' . "\n"); sql_free_result($rs); } $rs = sql('SELECT SQL_BUFFER_RESULT `user`.`user_id` `id`, `user`.`node` `node`, `user`.`uuid` `uuid`, `user`.`username` `username`, `user`.`pmr_flag` `pmr_flag`, `user`.`date_created` `date_created`, `user`.`last_modified` `last_modified` FROM `tmpxml_users`, `user` WHERE `tmpxml_users`.`id`=`user`.`user_id`'); while ($r = sql_fetch_array($rs)) { fwrite($f, $t1 . '<user>' . "\n"); fwrite($f, $t2 . '<id id="' . $r['id'] . '" node="' . $r['node'] . '">' . $r['uuid'] . '</id>' . "\n"); fwrite($f, $t2 . '<username>' . xmlcdata($r['username']) . '</username>' . "\n"); fwrite($f, $t2 . '<pmr>' . ($r['pmr_flag'] == 0 ? '0' : '1') . '</pmr>' . "\n"); fwrite($f, $t2 . '<datecreated>' . date($sDateformat, strtotime($r['date_created'])) . '</datecreated>' . "\n"); fwrite($f, $t2 . '<lastmodified>' . date($sDateformat, strtotime($r['last_modified'])) . '</lastmodified>' . "\n"); fwrite($f, $t1 . '</user>' . "\n"); } mysql_free_result($rs); $rs = sql('SELECT SQL_BUFFER_RESULT `caches`.`cache_id` `id`, `caches`.`uuid` `uuid`, `caches`.`user_id` `user_id`, `user`.`uuid` `useruuid`, `user`.`username` `username`, `caches`.`name` `name`, `caches`.`longitude` `longitude`, `caches`.`latitude` `latitude`, `caches`.`type` `type`, `caches`.`country` `country`, `caches`.`size` `size`, `caches`.`desc_languages` `desclanguages`, `caches`.`difficulty` `difficulty`, `caches`.`terrain` `terrain`, `caches`.`way_length` `way_length`, `caches`.`search_time` `search_time`, `caches`.`wp_gc` `wp_gc`, `caches`.`wp_nc` `wp_nc`, /* we deliberatly do not use gc_wp_maintained here */ `caches`.`wp_oc` `wp_oc`, `caches`.`date_hidden` `date_hidden`, `caches`.`date_created` `date_created`, `caches`.`is_publishdate` `is_publishdate`, `caches`.`last_modified` `last_modified`, `caches`.`status` `status`, `caches`.`node` `node`, `caches`.`listing_last_modified` `listing_last_modified`, `cache_status`.`allow_user_view` FROM `tmpxml_caches` INNER JOIN `caches` ON `tmpxml_caches`.`id`=`caches`.`cache_id` INNER JOIN `user` ON `caches`.`user_id`=`user`.`user_id` INNER JOIN `cache_status` ON `caches`.`status`=`cache_status`.`id`'); while ($r = sql_fetch_array($rs)) { $bAllowView = $r['allow_user_view'] == 1; if ($r['size'] == 8 && $ocxmlversion < 12) { $r['size'] = 2; } // return as micro in old interface version fwrite($f, $t1 . '<cache>' . "\n"); fwrite($f, $t2 . '<id id="' . $r['id'] . '" node="' . $r['node'] . '">' . $r['uuid'] . '</id>' . "\n"); fwrite($f, $t2 . '<userid id="' . $r['user_id'] . '" uuid="' . $r['useruuid'] . '">' . xmlcdata($r['username']) . '</userid>' . "\n"); fwrite($f, $t2 . '<name>' . xmlcdata($bAllowView ? $r['name'] : '') . '</name>' . "\n"); fwrite($f, $t2 . '<longitude>' . sprintf('%01.5f', $bAllowView ? $r['longitude'] : 0) . '</longitude>' . "\n"); fwrite($f, $t2 . '<latitude>' . sprintf('%01.5f', $bAllowView ? $r['latitude'] : 0) . '</latitude>' . "\n"); fwrite($f, $t2 . '<type id="' . $r['type'] . '" short="' . xmlentities($cachetypes[$r['type']]['short']) . '">' . xmlcdata($cachetypes[$r['type']]['de']) . '</type>' . "\n"); fwrite($f, $t2 . '<status id="' . $r['status'] . '">' . xmlcdata($cachestatus[$r['status']]['de']) . '</status>' . "\n"); fwrite($f, $t2 . '<country id="' . $r['country'] . '">' . xmlcdata($counties[$r['country']]['de']) . '</country>' . "\n"); fwrite($f, $t2 . '<size id="' . $r['size'] . '">' . xmlcdata($cachesizes[$r['size']]['de']) . '</size>' . "\n"); fwrite($f, $t2 . '<desclanguages>' . $r['desclanguages'] . '</desclanguages>' . "\n"); fwrite($f, $t2 . '<difficulty>' . sprintf('%01.1f', $r['difficulty'] / 2) . '</difficulty>' . "\n"); fwrite($f, $t2 . '<terrain>' . sprintf('%01.1f', $r['terrain'] / 2) . '</terrain>' . "\n"); fwrite($f, $t2 . '<rating waylength="' . $r['way_length'] . '" needtime="' . $r['search_time'] . '" />' . "\n"); fwrite($f, $t2 . '<waypoints gccom="' . xmlentities($r['wp_gc']) . '" nccom="' . xmlentities($r['wp_nc']) . '" oc="' . xmlentities($r['wp_oc']) . '" />' . "\n"); fwrite($f, $t2 . '<datehidden>' . date($sDateformat, strtotime($r['date_hidden'])) . '</datehidden>' . "\n"); if ($ocxmlversion >= 12) { $pd = ' ispublishdate="' . $r['is_publishdate'] . '"'; } else { $pd = ""; } fwrite($f, $t2 . '<datecreated' . $pd . '>' . date($sDateformat, strtotime($r['date_created'])) . '</datecreated>' . "\n"); fwrite($f, $t2 . '<lastmodified>' . date($sDateformat, strtotime($r['last_modified'])) . '</lastmodified>' . "\n"); if ($ocxmlversion >= 14) { fwrite($f, $t2 . '<listing_lastmodified>' . date($sDateformat, strtotime($r['listing_last_modified'])) . '</listing_lastmodified>' . "\n"); } $rsAttributes = sql("SELECT `cache_attrib`.`id`, `cache_attrib`.`name`\n\t\t FROM `caches_attributes`\n\t\t INNER JOIN `cache_attrib` ON `caches_attributes`.`attrib_id`=`cache_attrib`.`id`\n\t\t WHERE `caches_attributes`.`cache_id`='&1'", $r['id']); fwrite($f, $t2 . '<attributes>' . "\n"); while ($rAttribute = sql_fetch_assoc($rsAttributes)) { fwrite($f, $t3 . '<attribute id="' . ($rAttribute['id'] + 0) . '">' . xmlcdata($rAttribute['name']) . '</attribute>' . "\n"); } fwrite($f, $t2 . '</attributes>' . "\n"); sql_free_result($rsAttributes); if ($ocxmlversion >= 13) { $rsWaypoints = sql("SELECT `coordinates`.`id`, `coordinates`.`subtype` AS `type`,\n\t\t\t `coordinates`.`latitude`, `coordinates`.`longitude`,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t `coordinates`.`description`,\n\t\t\t `coordinates_type`.`name` AS `type_name`\n\t\t\t FROM `coordinates`\n\t\t\t INNER JOIN `coordinates_type` ON `coordinates_type`.`id`=`coordinates`.`subtype`\n\t\t\t WHERE `cache_id`='&1' AND `type`=1\n\t\t\t ORDER BY `coordinates`.`id` ASC", $r['id']); fwrite($f, $t2 . '<wpts>' . "\n"); while ($rWaypoint = sql_fetch_assoc($rsWaypoints)) { fwrite($f, $t3 . '<wpt id="' . ($rWaypoint['id'] + 0) . '" type="' . ($rWaypoint['type'] + 0) . '" typename="' . xmlentities($rWaypoint['type_name']) . '" longitude="' . sprintf('%01.5f', $rWaypoint['longitude']) . '" latitude="' . sprintf('%01.5f', $rWaypoint['latitude']) . '">' . xmlcdata($rWaypoint['description']) . '</wpt>' . "\n"); } fwrite($f, $t2 . '</wpts>' . "\n"); sql_free_result($rsAttributes); } fwrite($f, $t1 . '</cache>' . "\n"); } mysql_free_result($rs); $rs = sql('SELECT SQL_BUFFER_RESULT `cache_desc`.`id` `id`, `cache_desc`.`uuid` `uuid`, `cache_desc`.`cache_id` `cache_id`, `cache_desc`.`language` `language`, `cache_desc`.`short_desc` `short_desc`, `cache_desc`.`desc` `desc`, `cache_desc`.`desc_html` `desc_html`, `cache_desc`.`hint` `hint`, `cache_desc`.`last_modified` `last_modified`, `caches`.`uuid` `cacheuuid`, `cache_desc`.`node` `node`, `cache_status`.`allow_user_view`, `caches`.`user_id`, `user`.`username`, `user`.`data_license` FROM `tmpxml_cachedescs` INNER JOIN `cache_desc` ON `tmpxml_cachedescs`.`id`=`cache_desc`.`id` INNER JOIN `caches` ON `caches`.`cache_id`=`cache_desc`.`cache_id` INNER JOIN `cache_status` ON `caches`.`status`=`cache_status`.`id` INNER JOIN `user` ON `user`.`user_id`=`caches`.`user_id`'); while ($r = sql_fetch_array($rs)) { $bAllowView = $r['allow_user_view'] == 1; fwrite($f, $t1 . '<cachedesc>' . "\n"); fwrite($f, $t2 . '<id id="' . $r['id'] . '" node="' . $r['node'] . '">' . $r['uuid'] . '</id>' . "\n"); fwrite($f, $t2 . '<cacheid id="' . $r['cache_id'] . '">' . $r['cacheuuid'] . '</cacheid>' . "\n"); fwrite($f, $t2 . '<language id="' . $r['language'] . '">' . xmlcdata($languages[$r['language']]['de']) . '</language>' . "\n"); fwrite($f, $t2 . '<shortdesc>' . xmlcdata($bAllowView ? $r['short_desc'] : '') . '</shortdesc>' . "\n"); $desc = $r['desc']; if ($r['desc_html'] == 0) { $desc = mb_ereg_replace('<br />', '', $desc); $desc = html_entity_decode($desc, ENT_COMPAT, 'UTF-8'); } $lang = $sLanguage != "" ? $sLanguage : $r['language']; $disclaimer = getLicenseDisclaimer($r['user_id'], $r['username'], $r['data_license'], $r['cache_id'], $lang, true, true); if ($bLicense) { fwrite($f, $t2 . '<license>' . xmlcdata($disclaimer) . '</license>' . "\n"); } else { if ($disclaimer != "") { $desc .= "<p><em>" . $disclaimer . "</em></p>"; } } $desc .= get_desc_npas($r['cache_id']); fwrite($f, $t2 . '<desc html="' . ($r['desc_html'] == 1 ? '1' : '0') . '">' . xmlcdata($bAllowView ? $desc : '') . '</desc>' . "\n"); $r['hint'] = mb_ereg_replace('<br />', '', $r['hint']); $r['hint'] = html_entity_decode($r['hint'], ENT_COMPAT, 'UTF-8'); fwrite($f, $t2 . '<hint>' . xmlcdata($bAllowView ? $r['hint'] : '') . '</hint>' . "\n"); fwrite($f, $t2 . '<lastmodified>' . date($sDateformat, strtotime($r['last_modified'])) . '</lastmodified>' . "\n"); fwrite($f, $t1 . '</cachedesc>' . "\n"); } mysql_free_result($rs); if ($ocxmlversion >= 14) { $rating_condition = "AND `cache_logs`.`date`=`cache_rating`.`rating_date`"; } else { $rating_condition = ""; } $rs = sql('SELECT SQL_BUFFER_RESULT `cache_logs`.`id` `id`, `cache_logs`.`cache_id` `cache_id`, `cache_logs`.`user_id` `user_id`, `cache_logs`.`type` `type`, `cache_logs`.`date` `date`, `cache_logs`.`text` `text`, `cache_logs`.`text_html` `text_html`, `cache_logs`.`oc_team_comment`, `cache_logs`.`date_created` `date_created`, `cache_logs`.`last_modified` `last_modified`, `cache_logs`.`log_last_modified` `log_last_modified`, `cache_logs`.`uuid` `uuid`, `user`.`username` `username`, `caches`.`uuid` `cacheuuid`, `user`.`uuid` `useruuid`, `cache_logs`.`node` `node`, IF(NOT ISNULL(`cache_rating`.`cache_id`) AND `cache_logs`.`type` IN (1,7), 1, 0) AS `recommended`, `cache_status`.`allow_user_view`, `user`.`data_license`, `caches`.`country` AS `language` /* hack */ FROM `cache_logs` INNER JOIN `tmpxml_cachelogs` ON `cache_logs`.`id`=`tmpxml_cachelogs`.`id` INNER JOIN `user` ON `cache_logs`.`user_id`=`user`.`user_id` INNER JOIN `caches` ON `caches`.`cache_id`=`cache_logs`.`cache_id` INNER JOIN `cache_status` ON `caches`.`status`=`cache_status`.`id` LEFT JOIN `cache_rating` ON `cache_logs`.`cache_id`=`cache_rating`.`cache_id` AND `cache_logs`.`user_id`=`cache_rating`.`user_id` ' . $rating_condition); while ($r = sql_fetch_array($rs)) { $bAllowView = $r['allow_user_view'] == 1; $r['text'] = mb_ereg_replace('<br />', '', $r['text']); $r['text'] = html_entity_decode($r['text'], ENT_COMPAT, 'UTF-8'); // locked/invisible should never be returned here - these logs are deleted before // reactivating the cache. Just for the case ... it is safe to return them as 'locked'. if ($r['type'] == 14) { $r['type'] = 13; } if ($ocxmlversion >= 13) { $teamcomment = ' teamcomment="' . $r['oc_team_comment'] . '"'; } else { $teamcomment = ''; if ($r['type'] > 8) { $r['type'] = 3; } } fwrite($f, $t1 . '<cachelog>' . "\n"); fwrite($f, $t2 . '<id id="' . $r['id'] . '" node="' . $r['node'] . '">' . $r['uuid'] . '</id>' . "\n"); fwrite($f, $t2 . '<cacheid id="' . $r['cache_id'] . '">' . $r['cacheuuid'] . '</cacheid>' . "\n"); fwrite($f, $t2 . '<userid id="' . $r['user_id'] . '" uuid="' . $r['useruuid'] . '">' . xmlcdata($r['username']) . '</userid>' . "\n"); fwrite($f, $t2 . '<logtype id="' . $r['type'] . '" recommended="' . $r['recommended'] . '"' . $teamcomment . '>' . xmlcdata($logtypes[$r['type']]) . '</logtype>' . "\n"); fwrite($f, $t2 . '<date>' . date($ocxmlversion >= 13 ? $sDateformat : $sDateshort, strtotime($r['date'])) . '</date>' . "\n"); fwrite($f, $t2 . '<text html="' . $r['text_html'] . '">' . xmlcdata($bAllowView ? $r['text'] : '') . '</text>' . "\n"); fwrite($f, $t2 . '<datecreated>' . date($sDateformat, strtotime($r['date_created'])) . '</datecreated>' . "\n"); fwrite($f, $t2 . '<lastmodified>' . date($sDateformat, strtotime($r['last_modified'])) . '</lastmodified>' . "\n"); if ($ocxmlversion >= 14) { fwrite($f, $t2 . '<log_lastmodified>' . date($sDateformat, strtotime($r['log_last_modified'])) . '</log_lastmodified>' . "\n"); } if ($bLicense) { $lang = $sLanguage != "" ? $sLanguage : $r['language']; $disclaimer = getLicenseDisclaimer($r['user_id'], $r['username'], $r['data_license'], $r['cache_id'], $lang, false, true); fwrite($f, $t2 . '<license>' . xmlcdata($disclaimer) . '</license>' . "\n"); } fwrite($f, $t1 . '</cachelog>' . "\n"); } mysql_free_result($rs); $rs = sql('SELECT SQL_BUFFER_RESULT `pictures`.`id` `id`, `pictures`.`url` `url`, `pictures`.`title` `title`, `pictures`.`object_id` `object_id`, `pictures`.`object_type` `object_type`, `pictures`.`date_created` `date_created`, `pictures`.`uuid` `uuid`, `pictures`.`last_modified` `last_modified`, `pictures`.`display` `display`, `pictures`.`spoiler` `spoiler`, `pictures`.`node` `node`, `pictures`.`mappreview`, IFNULL(`c1`.`cache_id`,`c2`.`cache_id`) AS `cache_id`, IFNULL(`c1`.`country`,`c2`.`country`) AS `language`, /* hack */ IFNULL(`cs1`.`allow_user_view`, `cs2`.`allow_user_view`) AS `auv`, IFNULL(`u1`.`user_id`,`u2`.`user_id`) AS `user_id`, IFNULL(`u1`.`username`,`u2`.`username`) AS `username`, IFNULL(`u1`.`data_license`,`u2`.`data_license`) AS `data_license` FROM `tmpxml_pictures` INNER JOIN `pictures` ON `tmpxml_pictures`.`id`=`pictures`.`id` LEFT JOIN `caches` AS `c1` ON `pictures`.`object_type`=2 AND `pictures`.`object_id`=`c1`.`cache_id` LEFT JOIN `cache_logs` ON `pictures`.`object_type`=1 AND `pictures`.`object_id`=`cache_logs`.`id` LEFT JOIN `caches` AS `c2` ON `cache_logs`.`cache_id`=`c2`.`cache_id` LEFT JOIN `cache_status` AS `cs1` ON `c1`.`status`=`cs1`.`id` LEFT JOIN `cache_status` AS `cs2` ON `c2`.`status`=`cs2`.`id` LEFT JOIN `user` `u1` ON `u1`.`user_id`=`cache_logs`.`user_id` LEFT JOIN `user` `u2` ON `u2`.`user_id`=`c1`.`user_id`'); while ($r = sql_fetch_array($rs)) { $bAllowView = $r['auv'] == 1; fwrite($f, $t1 . '<picture>' . "\n"); fwrite($f, $t2 . '<id id="' . $r['id'] . '" node="' . $r['node'] . '">' . $r['uuid'] . '</id>' . "\n"); fwrite($f, $t2 . '<url>' . xmlcdata($bAllowView ? $r['url'] : '') . '</url>' . "\n"); fwrite($f, $t2 . '<title>' . xmlcdata($bAllowView ? $r['title'] : '') . '</title>' . "\n"); fwrite($f, $t2 . '<object id="' . $r['object_id'] . '" type="' . $r['object_type'] . '" typename="' . xmlentities($objecttypes[$r['object_type']]) . '">' . object_id2uuid($r['object_id'], $r['object_type']) . '</object>' . "\n"); if ($ocxmlversion >= 13) { fwrite($f, $t2 . '<picattr spoiler="' . $r['spoiler'] . '" display="' . $r['display'] . '" preview="' . $r['mappreview'] . '" />' . "\n"); } else { fwrite($f, $t2 . '<attributes spoiler="' . $r['spoiler'] . '" display="' . $r['display'] . '" />' . "\n"); } fwrite($f, $t2 . '<datecreated>' . date($sDateformat, strtotime($r['date_created'])) . '</datecreated>' . "\n"); fwrite($f, $t2 . '<lastmodified>' . date($sDateformat, strtotime($r['last_modified'])) . '</lastmodified>' . "\n"); if ($bLicense) { $lang = $sLanguage != "" ? $sLanguage : $r['language']; $disclaimer = getLicenseDisclaimer($r['user_id'], $r['username'], $r['data_license'], $r['cache_id'], $lang, false, true); fwrite($f, $t2 . '<license>' . xmlcdata($disclaimer) . '</license>' . "\n"); } fwrite($f, $t1 . '</picture>' . "\n"); } mysql_free_result($rs); $rs = sql('SELECT SQL_BUFFER_RESULT `removed_objects`.`id` `id`, `removed_objects`.`localid` `localid`, `removed_objects`.`uuid` `uuid`, `removed_objects`.`type` `type`, `removed_objects`.`removed_date` `removed_date`, `removed_objects`.`node` `node` FROM `tmpxml_removedobjects`, `removed_objects` WHERE `removed_objects`.`id`=`tmpxml_removedobjects`.`id`'); while ($r = sql_fetch_array($rs)) { fwrite($f, $t1 . '<removedobject>' . "\n"); fwrite($f, $t2 . '<id id="' . $r['id'] . '" node="' . $r['node'] . '" />' . "\n"); fwrite($f, $t2 . '<object id="' . $r['localid'] . '" type="' . $r['type'] . '" typename="' . xmlentities($objecttypes[$r['type']]) . '">' . $r['uuid'] . '</object>' . "\n"); fwrite($f, $t2 . '<removeddate>' . date($sDateformat, strtotime($r['removed_date'])) . '</removeddate>' . "\n"); fwrite($f, $t1 . '</removedobject>' . "\n"); } mysql_free_result($rs); if ($bOcXmlTag == '1') { fwrite($f, '</oc11xml>' . "\n"); } fclose($f); $rel_xmlfile = 'ocxml11/' . $sessionid . '/' . $sessionid . '-' . $filenr . '-' . $fileid . '.xml'; $rel_zipfile = 'ocxml11/' . $sessionid . '/' . $sessionid . '-' . $filenr . '-' . $fileid; // zippen und url-redirect if ($ziptype == '0') { tpl_redirect($zip_wwwdir . $rel_xmlfile); exit; } else { if ($ziptype == 'zip') { $rel_zipfile .= '.zip'; } else { if ($ziptype == 'bzip2') { $rel_zipfile .= '.bz2'; } else { if ($ziptype == 'gzip') { $rel_zipfile .= '.gz'; } else { die('unknown zip type'); } } } } $call = $safemode_zip . ' --type=' . escapeshellcmd($ziptype) . ' --src=' . escapeshellcmd($rel_xmlfile) . ' --dst=' . escapeshellcmd($rel_zipfile); system($call); // datei vorhanden? if (!file_exists($zip_basedir . $rel_zipfile)) { die('all ok, but zip failed - internal server error'); } tpl_redirect($zip_wwwdir . $rel_zipfile); exit; }
function savequery($queryid, $queryname, $saveas, $submit, $saveas_queryid) { global $usr, $tplname; global $error_empty_name, $nosaveastext, $saveastext, $error_queryname_exists; $displayform = $submit == false; $error_no_name = false; $error_duplicate_name = false; // ok ... checken, ob die query uns gehört und dann speichern $rs = sql("SELECT `user_id` FROM `queries` WHERE `id`='&1' AND (`user_id`=0 OR `user_id`='&2')", $queryid, $usr['userid']); if (mysql_num_rows($rs) == 0) { echo 'fatal error: query not found or permission denied'; exit; } mysql_free_result($rs); if ($saveas == false) { if ($displayform == false && $queryname == '') { $displayform = true; $error_no_name = true; } else { // prüfen ob name bereits vorhanden $rs = sql("SELECT COUNT(*) `c` FROM `queries` WHERE `user_id`='&1' AND `name`='&2'", $usr['userid'], $queryname); $r = sql_fetch_array($rs); mysql_free_result($rs); if ($r['c'] > 0) { $displayform = true; $error_duplicate_name = true; } } } else { if ($saveas_queryid == 0) { $displayform = true; } else { // prüfen ob saveas_queryid existiert und uns gehört $rs = sql("SELECT `user_id` FROM `queries` WHERE `id`='&1' AND (`user_id`=0 OR `user_id`='&2')", $saveas_queryid, $usr['userid']); if (mysql_num_rows($rs) == 0) { echo 'fatal error: saveas_query not found or permission denied'; exit; } mysql_free_result($rs); } } if ($displayform == true) { // abfrageform für name $tplname = 'savequery'; if ($error_no_name == true) { tpl_set_var('nameerror', $error_empty_name); } else { if ($error_duplicate_name == true) { tpl_set_var('nameerror', $error_queryname_exists); } else { tpl_set_var('nameerror', ''); } } tpl_set_var('queryname', htmlspecialchars($queryname, ENT_COMPAT, 'UTF-8')); tpl_set_var('queryid', htmlspecialchars($queryid, ENT_COMPAT, 'UTF-8')); // oldqueries auslesen $options = ''; $rs = sql("SELECT `id`, `name` FROM `queries` WHERE `user_id`='&1' ORDER BY `name` ASC", $usr['userid']); if (mysql_num_rows($rs) == 0) { tpl_set_var('selecttext', $nosaveastext); tpl_set_var('oldqueries', ''); } else { tpl_set_var('selecttext', $saveastext); while ($r = sql_fetch_array($rs)) { if ($r['id'] == $queryid) { $options .= '<option value="' . $r['id'] . '" selected="selected">' . htmlspecialchars($r['name'], ENT_COMPAT, 'UTF-8') . '</option>' . "\n"; } else { $options .= '<option value="' . $r['id'] . '">' . htmlspecialchars($r['name'], ENT_COMPAT, 'UTF-8') . '</option>' . "\n"; } } mysql_free_result($rs); tpl_set_var('oldqueries', $options); } tpl_BuildTemplate(); exit; } $rs = sql("SELECT `options` FROM `queries` WHERE `id`='&1'", $queryid); $r = sql_fetch_array($rs); mysql_free_result($rs); // ok, speichern if ($saveas == true) { sql("UPDATE `queries` SET `options`='&1', `last_queried`=NOW() WHERE `id`='&2'", $r['options'], $saveas_queryid); } else { sql("INSERT INTO `queries` (`user_id`, `last_queried`, `name`, `uuid`, `options`) VALUES ( '&1', NOW(), '&2', '&3', '&4')", $usr['userid'], $queryname, create_uuid(), $r['options']); } tpl_redirect('query.php?action=view'); }
$log_id = intval($_REQUEST['logid']); } //user logged in? if ($usr == false) { tpl_redirect('login.php'); } else { if (!isset($_REQUEST["logid"]) or !isset($_REQUEST["target"]) or !isset($_REQUEST["cacheid"]) or !isset($_REQUEST["posY"])) { tpl_redirect("index.php"); } else { $nLogId = $_REQUEST["logid"]; $sTarget = $_REQUEST["target"]; $sCacheId = $_REQUEST["cacheid"]; $nPosY = $_REQUEST["posY"]; $query = "SELECT 1 FROM log_rating WHERE log_id =:1 and user_id=:2"; $dbc = new dataBase(); $dbc->multiVariableQuery($query, $nLogId, $usr["userid"]); if ($dbc->rowCount() == 0) { //add $cDT = new DateTime(); $currDate = $cDT->format('Y-m-d H:m:s'); $query = "INSERT INTO log_rating (log_id, user_id, date) VALUES( :1, :2, :3 )"; $dbc->multiVariableQuery($query, $nLogId, $usr["userid"], $currDate); } else { $query = "DELETE FROM log_rating WHERE log_id =:1 and user_id=:2"; $dbc->multiVariableQuery($query, $nLogId, $usr["userid"]); } } } $sTarget .= "?cacheid=" . $sCacheId . "&posY=" . $nPosY; tpl_redirect($sTarget); }
} if ($text <= "") { $message_errnotext = $errnotext; $allOk = false; } if ($allOk) { $subject = mb_ereg_replace('{subject}', $subject, $mailsubject); $subject = mb_ereg_replace('{from_username}', $from_username, $subject); $text = mb_ereg_replace('{{text}}', $text, $send_emailaddress == 1 ? $mailtext_email : $mailtext_anonymous); $text = mb_ereg_replace('{from_userid}', $usr["userid"], $text); $text = mb_ereg_replace('{from_email}', $from_email, $text); $text = mb_ereg_replace('{from_username}', $from_username, $text); $text = mb_ereg_replace('{to_email}', $to_email, $text); $text = mb_ereg_replace('{to_username}', $to_username, $text); XDb::xSql("INSERT INTO `email_user`\n SET `ipaddress`=? , `date_generated`=NOW(), `date_sent`='0',\n `from_user_id`= ? , `from_email`=?, `to_user_id`=?,\n `to_email`=?, `mail_subject`=?, `mail_text`=?, `send_emailaddress`=?", $_SERVER["REMOTE_ADDR"], $usr['userid'], $from_email, $userid, $to_email, $subject, $text, $send_emailaddress); tpl_redirect('mailto.php?userid=' . urlencode($userid) . '&message=' . urlencode($message_sent)); } } } // display tpl_set_var('userid', htmlspecialchars($userid, ENT_COMPAT, 'UTF-8')); tpl_set_var('to_username', htmlspecialchars($to_username, ENT_COMPAT, 'UTF-8')); if ($message) { tpl_set_var('message_start', ''); tpl_set_var('message_end', ''); tpl_set_var('message', strip_tags($message)); tpl_set_var('formular_start', '<!--'); tpl_set_var('formular_end', '-->'); } else { tpl_set_var('message_start', '<!--'); tpl_set_var('message_end', '-->');
function outputXmlFile($sessionid, $filenr, $bXmlDecl, $bOcXmlTag, $bDocType, $ziptype) { global $zip_basedir, $zip_wwwdir, $sDateformat, $sDateshort, $t1, $t2, $safemode_zip, $safemode_zip, $sCharset; // alle records aus tmpxml_* übertragen if (!mb_ereg_match('^[0-9]{1,11}', $sessionid)) { die('sessionid invalid'); } if (!mb_ereg_match('^[0-9]{1,11}', $filenr)) { die('filenr invalid'); } /* begin now a few dynamically loaded constants */ $logtypes = array(); $rs = sql('SELECT `id`, `pl` FROM log_types'); for ($i = 0; $i < mysql_num_rows($rs); $i++) { $r = sql_fetch_array($rs); $logtypes[$r['id']] = $r['pl']; } mysql_free_result($rs); $cachetypes = array(); $rs = sql('SELECT `id`, `short`, `pl` FROM cache_type'); for ($i = 0; $i < mysql_num_rows($rs); $i++) { $r = sql_fetch_array($rs); $cachetypes[$r['id']]['pl'] = $r['pl']; $cachetypes[$r['id']]['short'] = $r['short']; } mysql_free_result($rs); $cachestatus = array(); $rs = sql('SELECT `id`, `pl` FROM cache_status'); for ($i = 0; $i < mysql_num_rows($rs); $i++) { $r = sql_fetch_array($rs); $cachestatus[$r['id']]['pl'] = $r['pl']; } mysql_free_result($rs); $counties = array(); $rs = sql('SELECT `short`, `pl` FROM countries'); for ($i = 0; $i < mysql_num_rows($rs); $i++) { $r = sql_fetch_array($rs); $counties[$r['short']]['pl'] = $r['pl']; } mysql_free_result($rs); $cachesizes = array(); $rs = sql('SELECT `id`, `pl` FROM cache_size'); for ($i = 0; $i < mysql_num_rows($rs); $i++) { $r = sql_fetch_array($rs); $cachesizes[$r['id']]['pl'] = $r['pl']; } mysql_free_result($rs); $languages = array(); $rs = sql('SELECT `short`, `pl` FROM languages'); for ($i = 0; $i < mysql_num_rows($rs); $i++) { $r = sql_fetch_array($rs); $languages[$r['short']]['pl'] = $r['pl']; } mysql_free_result($rs); $objecttypes['4'] = 'user'; $objecttypes['2'] = 'cache'; $objecttypes['3'] = 'cachedesc'; $objecttypes['1'] = 'cachelog'; $objecttypes['6'] = 'picture'; /* end now a few dynamically loaded constants */ // temporäre Datei erstellen if (!is_dir($zip_basedir . 'ocxml11/' . $sessionid)) { mkdir($zip_basedir . 'ocxml11/' . $sessionid); } $fileid = 1; while (file_exists($zip_basedir . 'ocxml11/' . $sessionid . '/' . $sessionid . '-' . $filenr . '-' . $fileid . '.xml')) { $fileid++; } $xmlfilename = $zip_basedir . 'ocxml11/' . $sessionid . '/' . $sessionid . '-' . $filenr . '-' . $fileid . '.xml'; $f = fopen($xmlfilename, 'w'); if ($bXmlDecl == '1') { if ($sCharset == 'iso-8859-2') { fwrite($f, '<?xml version="1.0" encoding="iso-8859-2" standalone="no" ?>' . "\n"); } else { if ($sCharset == 'utf-8') { fwrite($f, '<?xml version="1.0" encoding="UTF-8" standalone="no" ?>' . "\n"); } } } if ($bDocType == '1') { fwrite($f, '<!DOCTYPE oc11xml PUBLIC "-//Opencaching Network//DTD OCXml V 1.1//EN" "http://www.opencaching.pl/xml/ocxml11.dtd">' . "\n"); } if ($bOcXmlTag == '1') { $rs = sql('SELECT `date_created`, `modified_since` FROM `xmlsession` WHERE `id`=&1', $sessionid); $r = sql_fetch_array($rs); fwrite($f, '<oc11xml version="1.1" date="' . date($sDateformat, strtotime($r['date_created'])) . '" since="' . date($sDateformat, strtotime($r['modified_since'])) . '">' . "\n"); mysql_free_result($rs); } $rs = sql('SELECT `user`.`user_id` `id`, `user`.`node` `node`, `user`.`uuid` `uuid`, `user`.`username` `username`, `user`.`pmr_flag` `pmr_flag`, `user`.`date_created` `date_created`, `user`.`last_modified` `last_modified` FROM `tmpxml_users`, `user` WHERE `tmpxml_users`.`id`=`user`.`user_id`'); while ($r = sql_fetch_array($rs)) { fwrite($f, $t1 . '<user>' . "\n"); fwrite($f, $t2 . '<id id="' . $r['id'] . '" node="' . $r['node'] . '">' . $r['uuid'] . '</id>' . "\n"); fwrite($f, $t2 . '<username>' . xmlcdata($r['username']) . '</username>' . "\n"); fwrite($f, $t2 . '<pmr>' . ($r['pmr_flag'] == 0 ? '0' : '1') . '</pmr>' . "\n"); fwrite($f, $t2 . '<datecreated>' . date($sDateformat, strtotime($r['date_created'])) . '</datecreated>' . "\n"); fwrite($f, $t2 . '<lastmodified>' . date($sDateformat, strtotime($r['last_modified'])) . '</lastmodified>' . "\n"); fwrite($f, $t1 . '</user>' . "\n"); } mysql_free_result($rs); $rs = sql('SELECT `caches`.`cache_id` `id`, `caches`.`uuid` `uuid`, `caches`.`user_id` `user_id`, `user`.`uuid` `useruuid`, `user`.`username` `username`, `caches`.`name` `name`, `caches`.`longitude` `longitude`, `caches`.`latitude` `latitude`, `caches`.`type` `type`, `caches`.`country` `country`, `caches`.`size` `size`, `caches`.`desc_languages` `desclanguages`, `caches`.`difficulty` `difficulty`, `caches`.`terrain` `terrain`, `caches`.`way_length` `way_length`, `caches`.`search_time` `search_time`, `caches`.`wp_gc` `wp_gc`, `caches`.`wp_nc` `wp_nc`, `caches`.`wp_oc` `wp_oc`, `caches`.`date_hidden` `date_hidden`, `caches`.`date_created` `date_created`, `caches`.`last_modified` `last_modified`, `caches`.`status` `status`, `caches`.`node` `node` FROM `tmpxml_caches`, `caches`, `user` WHERE `tmpxml_caches`.`id`=`caches`.`cache_id` AND `caches`.`user_id`=`user`.`user_id`'); while ($r = sql_fetch_array($rs)) { fwrite($f, $t1 . '<cache>' . "\n"); fwrite($f, $t2 . '<id id="' . $r['id'] . '" node="' . $r['node'] . '">' . $r['uuid'] . '</id>' . "\n"); fwrite($f, $t2 . '<userid id="' . $r['user_id'] . '" uuid="' . $r['useruuid'] . '">' . xmlcdata($r['username']) . '</userid>' . "\n"); fwrite($f, $t2 . '<name>' . xmlcdata($r['name']) . '</name>' . "\n"); fwrite($f, $t2 . '<longitude>' . sprintf('%01.5f', $r['longitude']) . '</longitude>' . "\n"); fwrite($f, $t2 . '<latitude>' . sprintf('%01.5f', $r['latitude']) . '</latitude>' . "\n"); fwrite($f, $t2 . '<type id="' . $r['type'] . '" short="' . xmlentities($cachetypes[$r['type']]['short']) . '">' . xmlcdata($cachetypes[$r['type']]['pl']) . '</type>' . "\n"); fwrite($f, $t2 . '<status id="' . $r['status'] . '">' . xmlcdata($cachestatus[$r['status']]['pl']) . '</status>' . "\n"); fwrite($f, $t2 . '<country id="' . $r['country'] . '">' . xmlcdata($counties[$r['country']]['pl']) . '</country>' . "\n"); fwrite($f, $t2 . '<size id="' . $r['size'] . '">' . xmlcdata($cachesizes[$r['size']]['pl']) . '</size>' . "\n"); fwrite($f, $t2 . '<desclanguages>' . $r['desclanguages'] . '</desclanguages>' . "\n"); fwrite($f, $t2 . '<difficulty>' . sprintf('%01.1f', $r['difficulty'] / 2) . '</difficulty>' . "\n"); fwrite($f, $t2 . '<terrain>' . sprintf('%01.1f', $r['terrain'] / 2) . '</terrain>' . "\n"); fwrite($f, $t2 . '<rating waylength="' . $r['way_length'] . '" needtime="' . $r['search_time'] . '" />' . "\n"); fwrite($f, $t2 . '<waypoints gccom="' . xmlentities($r['wp_gc']) . '" gpsgames="' . xmlentities($r['wp_nc']) . '" oc="' . xmlentities($r['wp_oc']) . '" />' . "\n"); fwrite($f, $t2 . '<datehidden>' . date($sDateformat, strtotime($r['date_hidden'])) . '</datehidden>' . "\n"); fwrite($f, $t2 . '<datecreated>' . date($sDateformat, strtotime($r['date_created'])) . '</datecreated>' . "\n"); fwrite($f, $t2 . '<lastmodified>' . date($sDateformat, strtotime($r['last_modified'])) . '</lastmodified>' . "\n"); fwrite($f, $t1 . '</cache>' . "\n"); } mysql_free_result($rs); $rs = sql('SELECT `cache_desc`.`id` `id`, `cache_desc`.`uuid` `uuid`, `cache_desc`.`cache_id` `cache_id`, `cache_desc`.`language` `language`, `cache_desc`.`short_desc` `short_desc`, `cache_desc`.`desc` `desc`, `cache_desc`.`desc_html` `desc_html`, `cache_desc`.`hint` `hint`, `cache_desc`.`last_modified` `last_modified`, `caches`.`uuid` `cacheuuid`, `cache_desc`.`node` `node` FROM `tmpxml_cachedescs`, `cache_desc`, `caches` WHERE `tmpxml_cachedescs`.`id`=`cache_desc`.`id` AND `caches`.`cache_id`=`cache_desc`.`cache_id`'); while ($r = sql_fetch_array($rs)) { fwrite($f, $t1 . '<cachedesc>' . "\n"); fwrite($f, $t2 . '<id id="' . $r['id'] . '" node="' . $r['node'] . '">' . $r['uuid'] . '</id>' . "\n"); fwrite($f, $t2 . '<cacheid id="' . $r['cache_id'] . '">' . $r['cacheuuid'] . '</cacheid>' . "\n"); fwrite($f, $t2 . '<language id="' . $r['language'] . '">' . xmlcdata($languages[$r['language']]['pl']) . '</language>' . "\n"); fwrite($f, $t2 . '<shortdesc>' . xmlcdata($r['short_desc']) . '</shortdesc>' . "\n"); if ($r['desc_html'] == 0) { $r['desc'] = mb_ereg_replace('<br />', '', $r['desc']); $r['desc'] = html_entity_decode($r['desc'], ENT_COMPAT, 'UTF-8'); } fwrite($f, $t2 . '<desc html="' . ($r['desc_html'] == 1 ? '1' : '0') . '">' . xmlcdata($r['desc']) . '</desc>' . "\n"); $r['hint'] = mb_ereg_replace('<br />', '', $r['hint']); $r['hint'] = html_entity_decode($r['hint'], ENT_COMPAT, 'UTF-8'); fwrite($f, $t2 . '<hint>' . xmlcdata($r['hint']) . '</hint>' . "\n"); fwrite($f, $t2 . '<lastmodified>' . date($sDateformat, strtotime($r['last_modified'])) . '</lastmodified>' . "\n"); fwrite($f, $t1 . '</cachedesc>' . "\n"); } mysql_free_result($rs); $rs = sql('SELECT `cache_logs`.`id` `id`, `cache_logs`.`cache_id` `cache_id`, `cache_logs`.`user_id` `user_id`, `cache_logs`.`type` `type`, `cache_logs`.`date` `date`, `cache_logs`.`text` `text`, `cache_logs`.`date_created` `date_created`, `cache_logs`.`last_modified` `last_modified`, `cache_logs`.`uuid` `uuid`, `user`.`username` `username`, `caches`.`uuid` `cacheuuid`, `user`.`uuid` `useruuid`, `cache_logs`.`node` `node`, IF(NOT ISNULL(`cache_rating`.`cache_id`) AND `cache_logs`.`type`=1, 1, 0) AS `recommended` FROM `cache_logs` INNER JOIN `tmpxml_cachelogs` ON `cache_logs`.`id`=`tmpxml_cachelogs`.`id` INNER JOIN `user` ON `cache_logs`.`user_id`=`user`.`user_id` INNER JOIN `caches` ON `caches`.`cache_id`=`cache_logs`.`cache_id` LEFT JOIN `cache_rating` ON `cache_logs`.`cache_id`=`cache_rating`.`cache_id` AND `cache_logs`.`user_id`=`cache_rating`.`user_id` AND `cache_logs`.`deleted`=0 '); while ($r = sql_fetch_array($rs)) { $r['text'] = mb_ereg_replace('<br />', '', $r['text']); $r['text'] = html_entity_decode($r['text'], ENT_COMPAT, 'UTF-8'); fwrite($f, $t1 . '<cachelog>' . "\n"); fwrite($f, $t2 . '<id id="' . $r['id'] . '" node="' . $r['node'] . '">' . $r['uuid'] . '</id>' . "\n"); fwrite($f, $t2 . '<cacheid id="' . $r['cache_id'] . '">' . $r['cacheuuid'] . '</cacheid>' . "\n"); fwrite($f, $t2 . '<userid id="' . $r['user_id'] . '" uuid="' . $r['useruuid'] . '">' . xmlcdata($r['username']) . '</userid>' . "\n"); fwrite($f, $t2 . '<logtype id="' . $r['type'] . '" recommended="' . $r['recommended'] . '">' . xmlcdata($logtypes[$r['type']]) . '</logtype>' . "\n"); fwrite($f, $t2 . '<date>' . date($sDateshort, strtotime($r['date'])) . '</date>' . "\n"); fwrite($f, $t2 . '<text>' . xmlcdata($r['text']) . '</text>' . "\n"); fwrite($f, $t2 . '<datecreated>' . date($sDateformat, strtotime($r['date_created'])) . '</datecreated>' . "\n"); fwrite($f, $t2 . '<lastmodified>' . date($sDateformat, strtotime($r['last_modified'])) . '</lastmodified>' . "\n"); fwrite($f, $t1 . '</cachelog>' . "\n"); } mysql_free_result($rs); $rs = sql('SELECT `pictures`.`id` `id`, `pictures`.`url` `url`, `pictures`.`title` `title`, `pictures`.`object_id` `object_id`, `pictures`.`object_type` `object_type`, `pictures`.`date_created` `date_created`, `pictures`.`uuid` `uuid`, `pictures`.`last_modified` `last_modified`, `pictures`.`display` `display`, `pictures`.`spoiler` `spoiler`, `pictures`.`node` `node` FROM `tmpxml_pictures`, `pictures` WHERE `tmpxml_pictures`.`id`=`pictures`.id'); while ($r = sql_fetch_array($rs)) { fwrite($f, $t1 . '<picture>' . "\n"); fwrite($f, $t2 . '<id id="' . $r['id'] . '" node="' . $r['node'] . '">' . $r['uuid'] . '</id>' . "\n"); fwrite($f, $t2 . '<url>' . xmlcdata($r['url']) . '</url>' . "\n"); fwrite($f, $t2 . '<title>' . xmlcdata($r['title']) . '</title>' . "\n"); fwrite($f, $t2 . '<object id="' . $r['object_id'] . '" type="' . $r['object_type'] . '" typename="' . xmlentities($objecttypes[$r['object_type']]) . '">' . object_id2uuid($r['object_id'], $r['object_type']) . '</object>' . "\n"); fwrite($f, $t2 . '<attributes spoiler="' . $r['spoiler'] . '" display="' . $r['display'] . '" />' . "\n"); fwrite($f, $t2 . '<datecreated>' . date($sDateformat, strtotime($r['date_created'])) . '</datecreated>' . "\n"); fwrite($f, $t2 . '<lastmodified>' . date($sDateformat, strtotime($r['last_modified'])) . '</lastmodified>' . "\n"); fwrite($f, $t1 . '</picture>' . "\n"); } mysql_free_result($rs); $rs = sql('SELECT `removed_objects`.`id` `id`, `removed_objects`.`localid` `localid`, `removed_objects`.`uuid` `uuid`, `removed_objects`.`type` `type`, `removed_objects`.`removed_date` `removed_date`, `removed_objects`.`node` `node` FROM `tmpxml_removedobjects`, `removed_objects` WHERE `removed_objects`.`id`=`tmpxml_removedobjects`.`id`'); while ($r = sql_fetch_array($rs)) { fwrite($f, $t1 . '<removedobject>' . "\n"); fwrite($f, $t2 . '<id id="' . $r['id'] . '" node="' . $r['node'] . '" />' . "\n"); fwrite($f, $t2 . '<object id="' . $r['localid'] . '" type="' . $r['type'] . '" typename="' . xmlentities($objecttypes[$r['type']]) . '">' . $r['uuid'] . '</object>' . "\n"); fwrite($f, $t2 . '<removeddate>' . date($sDateformat, strtotime($r['removed_date'])) . '</removeddate>' . "\n"); fwrite($f, $t1 . '</removedobject>' . "\n"); } mysql_free_result($rs); if ($bOcXmlTag == '1') { fwrite($f, '</oc11xml>' . "\n"); } fclose($f); $rel_xmlfile = 'ocxml11/' . $sessionid . '/' . $sessionid . '-' . $filenr . '-' . $fileid . '.xml'; $rel_zipfile = 'ocxml11/' . $sessionid . '/' . $sessionid . '-' . $filenr . '-' . $fileid; // zippen und url-redirect if ($ziptype == '0') { tpl_redirect($zip_wwwdir . 'ocxml11/' . $sessionid . '/' . $sessionid . '-' . $filenr . '-' . $fileid . '.xml'); exit; } else { if ($ziptype == 'zip') { $rel_zipfile .= '.zip'; } else { if ($ziptype == 'bzip2') { $rel_zipfile .= '.bz2'; } else { if ($ziptype == 'gzip') { $rel_zipfile .= '.gz'; } else { die('unknown zip type'); } } } } $call = $safemode_zip . ' --type=' . escapeshellcmd($ziptype) . ' --src=' . escapeshellcmd($rel_xmlfile) . ' --dst=' . escapeshellcmd($rel_zipfile); system($call); // datei vorhanden? if (!file_exists($zip_basedir . $rel_zipfile)) { die('all ok, but zip failed - internal server error'); } tpl_redirect($zip_wwwdir . $rel_zipfile); exit; }
sql("DELETE FROM `cache_rating` WHERE `user_id`='&1' AND `cache_id`='&2'", $usr['userid'], $cache_id); } } // Notify OKAPI's replicate module of the change. // Details: https://github.com/opencaching/okapi/issues/265 require_once $rootpath . 'okapi/facade.php'; \okapi\Facade::schedule_user_entries_check($cache_id, $usr['userid']); \okapi\Facade::disable_error_handling(); //call eventhandler require_once $rootpath . 'lib/eventhandler.inc.php'; event_new_log($cache_id, $usr['userid'] + 0); } //redirect to viewcache $no_tpl_build = true; //include('viewcache.php'); tpl_redirect('viewcache.php?cacheid=' . $cache_id); } else { $sql = "SELECT count(*) as founds FROM `cache_logs` WHERE `deleted`=0 AND user_id='" . sql_escape($usr['userid']) . "' AND cache_id='" . sql_escape($cache_id) . "' AND type = '1'"; $res = mysql_fetch_array(mysql_query($sql)); $sql = "SELECT status, type FROM `caches` WHERE cache_id='" . sql_escape($cache_id) . "'"; $res2 = mysql_fetch_array(mysql_query($sql)); $db = new dataBase(); $queryEventAttended = "SELECT count(*) as eventAttended FROM `cache_logs` WHERE `deleted`=0 AND user_id=:1 AND cache_id=:2 AND type = '7'"; $db->multiVariableQuery($queryEventAttended, $usr['userid'], $cache_id); $eventAttended = $db->dbResultFetch(); // debug('$res', $res); // debug('$res2', $res2); // debug('$log_types', $log_types); /* * ************** * build logtypeoptions *
// evtl. discard cache recommendation discard_recommendation($log_id); // move to archive, even if own log (uuids are used for OKAPI replication) sql("INSERT IGNORE INTO `cache_logs_archived` SELECT *, '0' AS `deletion_date`, '&2' AS `deleted_by`, 0 AS `restored_by` FROM `cache_logs` WHERE `cache_logs`.`id`='&1' LIMIT 1", $log_id, $usr['userid']); // remove log entry sql("DELETE FROM `cache_logs` WHERE `cache_logs`.`id`='&1' LIMIT 1", $log_id); // now tell OKAPI about the deletion; // this will trigger an okapi_syncbase update, if OKAPI is installed: sql("UPDATE `cache_logs_archived` SET `deletion_date`=NOW() WHERE `id`='&1'", $log_id); // do not use slave server for the next time ... db_slave_exclude(); //call eventhandler require_once $opt['rootpath'] . 'lib/eventhandler.inc.php'; event_remove_log($log_record['cache_id'], $log_record['log_user_id']); //cache anzeigen tpl_redirect('viewcache.php?cacheid=' . urlencode($log_record['cache_id'])); exit; } // quickfix: this is coded in res_logentry_logitem.tpl (after smarty migration) switch ($log_record['log_type']) { case 1: $sLogTypeText = t("%1 found the Geocache", $log_record['log_username']); break; case 2: $sLogTypeText = t("%1 didn't find the Geoacache", $log_record['log_username']); break; case 3: $sLogTypeText = t("%1 wrote a note", $log_record['log_username']); break; case 7: $sLogTypeText = t("%1 has visited the event", $log_record['log_username']);
<?php //prepare the templates and include all neccessary require_once './lib/common.inc.php'; //redirekt to index.php with german as language tpl_redirect('index.php?lang=en');
$row['display'] = isset($_REQUEST['notdisplay']) ? $_REQUEST['notdisplay'] : 0; if ($row['display'] == 0) { $row['display'] = 1; } else { $row['display'] = 0; } // reverse $row['title'] = isset($_REQUEST['title']) ? stripslashes($_REQUEST['title']) : ''; if ($row['title'] == "") { tpl_set_var('errnotitledesc', $errnotitledesc); } else { if (!($resp = sql("UPDATE `mp3`\n SET `title`='&1',\n `display`='&2',\n `last_modified`=NOW()\n WHERE `uuid`='&3'", $row['title'], $row['display'] == 1 ? '1' : '0', $uuid))) { $message = $message_title_internal; } if (!$message) { tpl_redirect('editcache.php?cacheid=' . urlencode($row['object_id'])); } } } } if (!$message) { // display $tplname = 'editmp3'; $tpl_subtitle = htmlspecialchars($row['name'], ENT_COMPAT, 'UTF-8') . ' - '; tpl_set_var('cacheid', htmlspecialchars($row['cache_id'], ENT_COMPAT, 'UTF-8')); tpl_set_var('cachename', htmlspecialchars($row['name'], ENT_COMPAT, 'UTF-8')); tpl_set_var('title', htmlspecialchars($row['title'], ENT_COMPAT, 'UTF-8')); if ($row['title'] <= "") { tpl_set_var('errnotitledesc', $errnotitledesc); } else { tpl_set_var('errnotitledesc', "");
$email_content = mb_ereg_replace('{cachename}', $name, $email_content); $email_content = mb_ereg_replace('{cacheid}', $cache_id, $email_content); $email_content = mb_ereg_replace('{octeamEmailsSignature}', $octeamEmailsSignature, $email_content); $email_headers = "Content-Type: text/plain; charset=utf-8\r\n"; $email_headers .= "From: {$site_name} <{$octeam_email}>\r\n"; $email_headers .= "Reply-To: {$octeam_email}\r\n"; $octeam_email = $octeam_email; //send email to octeam mb_send_mail($octeam_email, tr('rrActivateCache_07') . ": " . $name, $email_content, $email_headers); sql("UPDATE sysconfig SET value = value + 1 WHERE name = 'hidden_for_approval'"); } /* add cache altitude altitude */ $geoCache = new \lib\Objects\GeoCache\GeoCache(array('cacheId' => $cache_id)); $geoCache->getAltitude()->pickAndStoreAltitude($altitude); // redirection tpl_redirect('mycaches.php?status=' . urlencode($sel_status)); } else { tpl_set_var('general_message', $error_general); } } } } tpl_set_var('is_disabled_size', ''); tpl_set_var('language4js', $lang); if ($no_tpl_build == false) { //make the template and send it out tpl_BuildTemplate(); } function getDefaultCountry($usr, $lang) { if ($usr['country'] != '') {
$text = $username; $textsize = imagettfbbox($fontsize, 0, $fontfile, $text); ImageTTFText($im, $fontsize, 0, imagesx($im) - ($textsize[2] - $textsize[0]) - 5 > $maxtextwidth ? imagesx($im) - ($textsize[2] - $textsize[0]) - 5 : $maxtextwidth, 15, $clrBlack, $fontfile, $text); $fontsize = 7.5; $textsize = imagettfbbox($fontsize, 0, $fontfile, $logotext); ImageTTFText($im, $fontsize, 0, imagesx($im) - ($textsize[2] - $textsize[0]) - 5 > $maxtextwidth ? imagesx($im) - ($textsize[2] - $textsize[0]) - 5 : $maxtextwidth, 32, $clrBlack, $fontfile, $logotext); break; case 1: default: // write text $fontsize = 10; $text = $username; $textsize = imagettfbbox($fontsize, 0, $fontfile, $text); ImageTTFText($im, $fontsize, 0, imagesx($im) - ($textsize[2] - $textsize[0]) - 5 > $maxtextwidth ? imagesx($im) - ($textsize[2] - $textsize[0]) - 5 : $maxtextwidth, 15, $clrBlack, $fontfile, $text); $fontsize = 8; $text = tr('statpic_found') . $found . ' / ' . tr('statpic_hidden') . $hidden; $textsize = imagettfbbox($fontsize, 0, $fontfile, $text); ImageTTFText($im, $fontsize, 0, imagesx($im) - ($textsize[2] - $textsize[0]) - 8 > $maxtextwidth ? imagesx($im) - ($textsize[2] - $textsize[0]) - 8 : $maxtextwidth, 29, $clrBlack, $fontfile, $text); $fontsize = 8; $textsize = imagettfbbox($fontsize, 0, $fontfile, $logotext); ImageTTFText($im, $fontsize, 0, imagesx($im) - ($textsize[2] - $textsize[0]) - 5 > $maxtextwidth ? imagesx($im) - ($textsize[2] - $textsize[0]) - 5 : $maxtextwidth, 45, $clrBlack, $fontfile, $logotext); } // draw border ImageRectangle($im, 0, 0, imagesx($im) - 1, imagesy($im) - 1, $clrBorder); // write output Imagejpeg($im, $dynbasepath . 'images/statpics/statpic' . $userid . '.jpg', $jpeg_qualitaet); ImageDestroy($im); } // Redirect auf das gespeicherte Bild tpl_redirect('images/statpics/statpic' . $userid . '.jpg');
// do not use slave server for the next time ... db_slave_exclude(); //add record to cache_desc table sql("INSERT INTO `cache_desc` (\n\t\t\t\t\t\t\t\t\t\t\t\t`id`,\n\t\t\t\t\t\t\t\t\t\t\t\t`cache_id`,\n\t\t\t\t\t\t\t\t\t\t\t\t`language`,\n\t\t\t\t\t\t\t\t\t\t\t\t`desc`,\n\t\t\t\t\t\t\t\t\t\t\t\t`desc_html`,\n\t\t\t\t\t\t\t\t\t\t\t\t`hint`,\n\t\t\t\t\t\t\t\t\t\t\t\t`short_desc`,\n\t\t\t\t\t\t\t\t\t\t\t\t`last_modified`,\n\t\t\t\t\t\t\t\t\t\t\t\t`desc_htmledit`,\n\t\t\t\t\t\t\t\t\t\t\t\t`node`\n\t\t\t\t\t\t\t\t\t\t\t) VALUES ('', '&1', '&2', '&3', '&4', '&5', '&6', NOW(), '&7', '&8')", $cache_id, $sel_lang, $desc, $descMode != 1 ? 1 : 0, nl2br(htmlspecialchars($hints, ENT_COMPAT, 'UTF-8')), $short_desc, $descMode == 3 ? 1 : 0, $oc_nodeid); // insert cache-attributes for ($i = 0; $i < count($cache_attribs); $i++) { if ($cache_attribs[$i] + 0 > 0) { sql("INSERT INTO `caches_attributes` (`cache_id`, `attrib_id`) VALUES ('&1', '&2')", $cache_id, $cache_attribs[$i] + 0); } } // only if cache is published NOW or activate_date is in the past if ($publish == 'now2' || $publish == 'later' && mktime($activate_hour, 0, 0, $activate_month, $activate_day, $activate_year) <= $today) { //do event handling include_once $opt['rootpath'] . '/lib/eventhandler.inc.php'; event_notify_new_cache($cache_id + 0); event_new_cache($usr['userid'] + 0); } // redirection tpl_redirect('viewcache.php?cacheid=' . urlencode($cache_id)); } else { tpl_set_var('general_message', $error_general); } } } } if ($no_tpl_build == false) { tpl_set_var('scrollposx', isset($_REQUEST['scrollposx']) ? $_REQUEST['scrollposx'] + 0 : 0); tpl_set_var('scrollposy', isset($_REQUEST['scrollposy']) ? $_REQUEST['scrollposy'] + 0 : 0); // make the template and send it out tpl_BuildTemplate(); }
<?php //prepare the templates and include all neccessary require_once './lib/common.inc.php'; //redirekt to index.php with german as language tpl_redirect('index.php?lang=pl');
sql("DELETE FROM `mp3` WHERE `uuid`='&1'", $uuid); sql("INSERT INTO `removed_objects` (`localID`, `uuid`, `type`, `removed_date`, `node`) VALUES ('&1', '&2', 6, NOW(), '&3')", $localid, $uuid, $oc_nodeid); switch ($type) { // log case 1: sql("UPDATE `cache_logs` SET `mp3count`=`mp3count`-1 WHERE `id`='&1'", $objectid); $rs = sql("SELECT `cache_id` FROM `cache_logs` WHERE `deleted`=0 AND `id`='&1'", $objectid); $r = sql_fetch_array($rs); mysql_free_result($rs); tpl_redirect('viewlogs.php?cacheid=' . urlencode($r['cache_id'])); break; // cache // cache case 2: sql("UPDATE `caches` SET `mp3count`=`mp3count`-1 WHERE `cache_id`='&1'", $objectid); tpl_redirect('editcache.php?cacheid=' . urlencode($objectid)); break; } tpl_redirect('index.php'); exit; } else { $tplname = 'message'; tpl_set_var('messagetitle', $message_title_internal); tpl_set_var('message_start', ''); tpl_set_var('message_end', ''); tpl_set_var('message', $message_internal); } } } //make the template and send it out tpl_BuildTemplate();
<?php //prepare the templates and include all neccessary require_once './lib/common.inc.php'; if ($usr['admin']) { $tplname = 'admin_searchuser'; $options['username'] = isset($_POST['username']) ? $_POST['username'] : ''; if (!isset($options['username'])) { $options['username'] = ''; } if ($options['username'] != '') { $query = "SELECT user_id FROM user WHERE username = '******'username']) . "'"; $rs = sql($query); if (mysql_num_rows($rs) != 0) { // Przekierowanie do profilu użytkownika $record = sql_fetch_array($rs); tpl_set_var('username', ''); tpl_set_var('not_found', ''); tpl_redirect('admin_users.php?userid=' . htmlspecialchars($record['user_id'], ENT_COMPAT, 'UTF-8')); } else { // Nie znaleziono użytkownika tpl_set_var('username', $options['username']); tpl_set_var('not_found', '<b>' . tr("message_user_not_found") . ': ' . $options['username'] . '</b><br/><br/>'); } mysql_free_result($rs); } else { tpl_set_var('username', ''); tpl_set_var('not_found', ''); } tpl_BuildTemplate(); }